Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-41633

UX: non-obvious that API tokens need to be stored as UsernamePassword to work as scan credentials

    XMLWordPrintable

Details

    Description

      The drop down dialog to select github org scan credentials only lists `UsernamePasswordCredentialsImpl` credentials. While the `github` plugin also supports `StringCredentialsImpl` credentials – I found this rather confusing as I only use github API tokens. I have a preference for using API tokens with robots as it is somewhat easier to revoke access.

      Attachments

        Issue Links

          is related to

          Improvement - An improvement or enhancement to an existing feature or task. JENKINS-33228 GitHub server configuration undocumented / duplicated

          • Major - Major loss of function.
          • Open

          Activity

            stephenconnolly Stephen Connolly added a comment -

            Currently you use API tokens in org folders by creating them as a `UsernamePasswordCredentialsImpl` with the username that they belong to as the username.

            The way that the `github` plugin stores credentials is actually incorrect and there will be some fix-up of that as part of JENKINS-33228 at which point there will be a dedicated `GitHubApiTokenCredentials` implementation that will be easier to use and (hopefully) allow for easier creation (in the ideal form you would click a button and that would redirect to github and return the created token... but remains to be seen if that UX can be provided for)

            stephenconnolly Stephen Connolly added a comment - Currently you use API tokens in org folders by creating them as a `UsernamePasswordCredentialsImpl` with the username that they belong to as the username. The way that the `github` plugin stores credentials is actually incorrect and there will be some fix-up of that as part of JENKINS-33228 at which point there will be a dedicated `GitHubApiTokenCredentials` implementation that will be easier to use and (hopefully) allow for easier creation (in the ideal form you would click a button and that would redirect to github and return the created token... but remains to be seen if that UX can be provided for)

            People

              kohsuke Kohsuke Kawaguchi
              jhoblitt Joshua Hoblitt
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated: