Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-74810

Fix non FIPS compliant TLS usage in artifact-manager-s3

      We must imeplement a validation in !https://github.com/fluidicon.png!artifact-manager-s3-plugin/src/main/java/io/jenkins/plugins/artifact_manager_jclouds/s3/S3BlobStoreConfig.java at master · jenkinsci/artifact-manager-s3-plugin to make sure HTTPS is mandatory when in FIPS mode.

      Validation should raise an error in the form when setting the useHttp flag to true and fail when trying to save it.

      Keep in mind this value will be used in the !https://github.com/fluidicon.png!artifact-manager-s3-plugin/src/main/java/io/jenkins/plugins/artifact_manager_jclouds/s3/S3BlobStoreConfig.java at master · jenkinsci/artifact-manager-s3-plugin , so we must make sure error (IllegalArgumentException | FormException) is launched only when saving, validate button should simply not perform the validation and return a message stating the reason why validation could not be done.

       

      Steps to Reproduce

       
      Enable use http in the configuration and save it.
       

      Expected Result

       
      The use http cannot be saved
       

      Actual Result

       
      You can configure the plugin to use http instead of https in FIPS mode

          [JENKINS-74810] Fix non FIPS compliant TLS usage in artifact-manager-s3

          Tejas added a comment -   Link for PR → !https://github.githubassets.com/favicon.ico!artifact-manager-s3-plugin: Added validation for useHttp flag to fix the non FIPS compliant TLS usage.open

          Tejas added a comment -

          Tejas added a comment - Link to PR for bom fix --> https://github.com/jenkinsci/artifact-manager-s3-plugin/pull/561

            tejas_drolia Tejas
            tejas_drolia Tejas
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: