On 22/10/15 13:09, Ari LiVigni wrote:
Why can't you use credentials on your Jenkins Master as a possible option? I assume not all have admin access so this could be hidden? It can also be stored as a global password and masked in output.
that might be one option, we dont usually run any code on the master ( or the slave ) - the jenkins hosted code is typically just used to provision baremetal machines, and the test suites all run from there.
Its not a 100% cover statement, but thats the general model we drive towards, would be good if we can find a solution in there. IF not, then we can fall back to hosting the koji certs + configs in the jenkins instances ( and look at some fine tuned koji acl where the certs cant be abused for much other than they are intended for ).
- KB