Status: Open (View Workflow)
folders plugin 6.14
kubernetes plugin 1.27.2
matrix authorization strategy plugin 2.6.3
- we are allowing our users to configure folders.
- we set each kubernetes cluster we add to the server as "restrict pipeline support to authorized folder".
while starting to use the kubernetes plugin, we found out that once we add a kubernetes cluster to the clouds defined in the jenkins server, each user with configure permission on a folder is capable of adding the cluster to that folder, and using it.
my request is - set a different permission for that capability, since on the one hand - we want user to be able to configure their own folders, but on the other hand, this allows them to "take control" over kubernetes clusters defined on the server, which is a MAJOR security breach.