[JENKINS-41633] UX: non-obvious that API tokens need to be stored as UsernamePassword to work as scan credentials

Type: Bug
Resolution: Unresolved
Priority: Major
Component/s: github-organization-folder-plugin
Labels:
None
Environment:
jenkins 2.19.4
github-organization-folder 1.5

Similar Issues:
Powered by SuggestiMate

Show

The drop down dialog to select github org scan credentials only lists `UsernamePasswordCredentialsImpl` credentials. While the `github` plugin also supports `StringCredentialsImpl` credentials – I found this rather confusing as I only use github API tokens. I have a preference for using API tokens with robots as it is somewhat easier to revoke access.

is related to

JENKINS-33228 GitHub server configuration undocumented / duplicated

Open

Joshua Hoblitt created issue - 2017-02-01 17:48

Joshua Hoblitt made changes - 2017-02-01 17:48

Summary

Original: API tokens not supported as scan credential

New: API tokens not supported as scan credentials

Stephen Connolly made changes - 2017-02-24 16:13

Link

New: This issue is related to JENKINS-33228 [ JENKINS-33228 ]

Stephen Connolly added a comment - 2017-03-16 16:26

Currently you use API tokens in org folders by creating them as a `UsernamePasswordCredentialsImpl` with the username that they belong to as the username.

The way that the `github` plugin stores credentials is actually incorrect and there will be some fix-up of that as part of JENKINS-33228 at which point there will be a dedicated `GitHubApiTokenCredentials` implementation that will be easier to use and (hopefully) allow for easier creation (in the ideal form you would click a button and that would redirect to github and return the created token... but remains to be seen if that UX can be provided for)

Stephen Connolly added a comment - 2017-03-16 16:26 Currently you use API tokens in org folders by creating them as a `UsernamePasswordCredentialsImpl` with the username that they belong to as the username. The way that the `github` plugin stores credentials is actually incorrect and there will be some fix-up of that as part of JENKINS-33228 at which point there will be a dedicated `GitHubApiTokenCredentials` implementation that will be easier to use and (hopefully) allow for easier creation (in the ideal form you would click a button and that would redirect to github and return the created token... but remains to be seen if that UX can be provided for)

Stephen Connolly made changes - 2017-03-16 16:27

Summary

Original: API tokens not supported as scan credentials

New: UX: non-obvious that API tokens need to be stored as UsernamePassword to work as scan credentials

Assignee:: Kohsuke Kawaguchi

Reporter:: Joshua Hoblitt

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2017-02-01 17:48

Updated:: 2017-03-16 16:27

Jenkins

Details

Description

Attachments

Issue Links

Activity

Collapse comment: Stephen Connolly added a comment - 2017-03-16 16:26

Expand comment: Stephen Connolly added a comment - 2017-03-16 16:26

People

Dates