We deploy a p4 trust file on all our servers, including Jenkins slaves, and we export the variable P4TRUST to point to it.
We would like p4-plugin in Jenkins to use this set up (the P4TRUST and the file) when we try to configure an SSL connection.
However, this doesn't work - we get a fingerprint error. The only way to make p4-plugin establish an SSL connection, which is not really usable at scale, is to unset the P4TRUST variable and enter the fingerprint manually in the configuration. This approach based on manual input does not scale for us as we have more than 20 Jenkins master servers to maintain and would require an undesirable exception in our deployment process. The risk is that if the fingerprint changes a manual procedure does not guarantee that all of the Masters will be updated, causing connection failures.
We are therefore at this stage unable to use SSL connections effectively from p4-plugin, which runs contrary to our companies internal Security policies.
This is a major issue in our adoption of Jenkins / Perforce CI pipeline.
We deploy a p4 trust file on all our servers, including Jenkins slaves, and we export the variable P4TRUST to point to it.
We would like p4-plugin in Jenkins to use this set up (the P4TRUST and the file) when we try to configure an SSL connection.
However, this doesn't work - we get a fingerprint error. The only way to make p4-plugin establish an SSL connection, which is not really usable at scale, is to unset the P4TRUST variable and enter the fingerprint manually in the configuration. This approach based on manual input does not scale for us as we have more than 20 Jenkins master servers to maintain and would require an undesirable exception in our deployment process. The risk is that if the fingerprint changes a manual procedure does not guarantee that all of the Masters will be updated, causing connection failures.
We are therefore at this stage unable to use SSL connections effectively from p4-plugin, which runs contrary to our companies internal Security policies.
This is a major issue in our adoption of Jenkins / Perforce CI pipeline.