-
Bug
-
Resolution: Duplicate
-
Major
-
None
-
Jenkins 2.121.2
GitHub Branch Source Plugin 2.3.6
GitHub API Plugin 1.92
Git plugin 3.9.1
Pipeline 2.5
Pipeline Declarative 1.3.1
Pipeline GitHub 2.0
Pipeline Multibranch 2.20
PR from a repository in a GitHub organization gets built automatically, even though it was submitted by a non-collaborator (no admin/write permissions and not even part of the organization).
The GitHub org in Jenkins is set to discover PRs from origin and PRs from forks. The latter has trust configured to "From users with Admin or Write permission".
Here are the logs at the time the event was received from GitHub:
Jul 23, 2018 3:43:15 PM org.jenkinsci.plugins.github_branch_source.PullRequestGHEventSubscriber onEvent INFO: Received PULL_REQUEST for https://github.com/gtirloni-gpii/universal from 192.30.252.37 ⇒ http://hostname:8080/github-webhook/ Jul 23, 2018 3:43:15 PM org.jenkinsci.plugins.github_branch_source.PullRequestGHEventSubscriber onEvent INFO: Received PULL_REQUEST for https://github.com/gtirloni-gpii/universal from 192.30.252.39 ⇒ http://hostname:8080/github-webhook/ Jul 23, 2018 3:43:36 PM io.jenkins.blueocean.autofavorite.FavoritingScmListener onCheckout INFO: Automatically favorited gtirloni-gpii/universal/PR-6 for crash.test.dummy.github
Using Declarative Pipeline.
- duplicates
-
JENKINS-48848 Discover permissions check doesn't work
-
- Open
-