[JENKINS-62375] /gitlab-webhook/post token auth - Jenkins Jira

XML

Word

Printable

Details

Type: New Feature
Status: In Progress (View Workflow)
Priority: Minor
Resolution: Unresolved
Component/s: gitlab-branch-source-plugin
Labels:
None
Environment:
Ubuntu 18.08.3, jenkins 2.222.3, gitlab branch source 1.5.1

Similar Issues:

Show

Description

Hello! Thank you very much for this great plugin!

So, I have a question. I really need token auth for jenkins/gitlab-webhook/post requests from gitlab (after push branches, tags, mrs, etc.), otherwise anyone can send webhook to this uri without authentication, I feel this is a security problem.

I know about token authorization feature on uri /project/.* (from gitlab plugin), but this feature is not available on gitlab-branch-source-plugin .

Excuse for troubling.

Attachments

Activity

Parichay Barpanda added a comment - 2020-05-21 01:17

https://github.com/jenkinsci/gitlab-branch-source-plugin/pull/91

Parichay Barpanda added a comment - 2020-05-21 01:17 https://github.com/jenkinsci/gitlab-branch-source-plugin/pull/91

People

Assignee:: Parichay Barpanda

Reporter:: Paul Strong

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2020-05-20 21:15

Updated:: 2020-05-21 13:10