Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-47358

Copy Artifact plugin requires anonymous read access

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      A top-level Jenkins job "A" is triggered by a user Bob. This job calls another job "B" which copies artifacts from a job "C", also triggered by "A". The user Bob has read access to all 3 jobs. Unless I give Anonymous Read access to Jenkins the build fails with:

      ERROR: Unable to find project for artifact copy: C
      This may be due to incorrect project name or permission settings; see help for project name in job configuration.
      

      This seems like a major security flaw. I am required to have the Jenkins system locked down for security reasons. The plugin documentation is a little ambiguous as to whether this is absolutely required (the English is a little off). Is it possible to disable anonymous read access and still have this plugin working, preferably without messy hacks?

        Attachments

          Activity

          boon Joe Harte created issue -
          boon Joe Harte made changes -
          Field Original Value New Value
          Description A top-level Jenkins job "A" is triggered by a user Bob. This job calls another job "B" which copies artifacts from a job "C", also triggered by "A". Unless I give Anonymous Read access to Jenkins the build fails with:

          {code}
          ERROR: Unable to find project for artifact copy: C
          This may be due to incorrect project name or permission settings; see help for project name in job configuration.
          {code}

          This seems like a major security flaw. I am required to have the Jenkins system locked down for security reasons. The plugin documentation is a little ambiguous as to whether this is absolutely required (the English is a little off). Is it possible to disable anonymous read access and still have this plugin working, preferably with messy hacks?
          A top-level Jenkins job "A" is triggered by a user Bob. This job calls another job "B" which copies artifacts from a job "C", also triggered by "A". The user Bob has read access to all 3 jobs. Unless I give Anonymous Read access to Jenkins the build fails with:

          {code}
          ERROR: Unable to find project for artifact copy: C
          This may be due to incorrect project name or permission settings; see help for project name in job configuration.
          {code}

          This seems like a major security flaw. I am required to have the Jenkins system locked down for security reasons. The plugin documentation is a little ambiguous as to whether this is absolutely required (the English is a little off). Is it possible to disable anonymous read access and still have this plugin working, preferably with messy hacks?
          boon Joe Harte made changes -
          Description A top-level Jenkins job "A" is triggered by a user Bob. This job calls another job "B" which copies artifacts from a job "C", also triggered by "A". The user Bob has read access to all 3 jobs. Unless I give Anonymous Read access to Jenkins the build fails with:

          {code}
          ERROR: Unable to find project for artifact copy: C
          This may be due to incorrect project name or permission settings; see help for project name in job configuration.
          {code}

          This seems like a major security flaw. I am required to have the Jenkins system locked down for security reasons. The plugin documentation is a little ambiguous as to whether this is absolutely required (the English is a little off). Is it possible to disable anonymous read access and still have this plugin working, preferably with messy hacks?
          A top-level Jenkins job "A" is triggered by a user Bob. This job calls another job "B" which copies artifacts from a job "C", also triggered by "A". The user Bob has read access to all 3 jobs. Unless I give Anonymous Read access to Jenkins the build fails with:

          {code}
          ERROR: Unable to find project for artifact copy: C
          This may be due to incorrect project name or permission settings; see help for project name in job configuration.
          {code}

          This seems like a major security flaw. I am required to have the Jenkins system locked down for security reasons. The plugin documentation is a little ambiguous as to whether this is absolutely required (the English is a little off). Is it possible to disable anonymous read access and still have this plugin working, preferably without messy hacks?
          ikedam ikedam made changes -
          Assignee Joe Harte [ boon ]
          Resolution Not A Defect [ 7 ]
          Status Open [ 1 ] Resolved [ 5 ]
          ikedam ikedam made changes -
          Status Resolved [ 5 ] Closed [ 6 ]

            People

            Assignee:
            boon Joe Harte
            Reporter:
            boon Joe Harte
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: