Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-57351

Support for making Jenkins a "GitHub App"


      To my understanding currently the github-branch-source plugins always requires GitHub user credentials / tokens to authenticate.

      I'd suggest to add authenticating Jenkins to GitHub as a GitHub App too.

      Why is this better than the current way:

      • GitHub Apps can be granted very fine grained permissions
      • GitHub Apps can be added either to a whole org, or just to selected repos
      • The app uses a key pair to then get temporary credentials, so leaked creds to user are only valid for a short period of time
      • Higher API limits! (probably the most important one for bigger orgs)

      This is specifically NOT about authenticating users against GitHub, but for Authenticating Jenkins itself against GitHub

      References: https://developer.github.com/apps/differences-between-apps/

            timja Tim Jacomb
            webrat Andreas Sieferlinger
            13 Vote for this issue
            24 Start watching this issue