- Separate the authorization configuration from the project configuration. This allows Jenkins to decide the authorization of builds during configuring projects.
- When a plugin lists up credentials,
- Even if the authorization is changed after the project configuration is saved, it doesn't cause a security issue as the access to the credential is blocked at build time.
- How to control permissions to configure jobs
- You don't want to allow other users configure jobs when you use "Run as Specific User".
- Should the configuration file be separated from config.xml?