Hi All,
This is finally finished up. We had a long quiet period while a few jobs finished up and it looks like everything got queued up for re-execution once we restarted.
We'll be checking in with the JJB folks and others using the Jenkins REST API to see how they're affected by the new CSRF settings.
Cheers! --Brian
On Apr 19 10:03, Brian Stinson wrote:
The first part of this maintenance has been done. We will need to schedule a full restart for tonight (00h UTC). We'll be monitoring running jobs throughout the day.
Cheers --Brian
On Apr 19 08:54, Brian Stinson wrote:
Hi Folks,
In response to news of directed attacks against public Jenkins instances[0], we are enabling some of the CSRF protections in ci.centos.org
To do this we will issue a SafeRestart at 14:30 UTC Today! Running jobs will be given a chance to clear and new jobs should be queued up and will execute as soon as the restart finishes.
Potential Impact:
If you are using the Jenkins REST interface you may need to modify your scripts to send the appropriate headers[1]
Jenkins Job Builder is tracking an issue to enable CSRF support[2]. Some basic tests were performed on our side, and simple jobs were configured correctly, but you may notice strange behavior if you are using JJB.
If you have any questions or comments, let us know here or find one of us in #centos-devel on Freenode.
Cheers!
Brian Stinson CentOS CI Infrastructure Team _______________________________________________ Ci-users mailing list Ci-users@centos.org https://lists.centos.org/mailman/listinfo/ci-users
Ci-users mailing list Ci-users@centos.org https://lists.centos.org/mailman/listinfo/ci-users