[CentOS-devel] cbs credentials on ci infra

Thu Oct 22 15:16:30 UTC 2015
Karanbir Singh <mail-lists at karan.org>

On 22/10/15 13:09, Ari LiVigni wrote:
> Why can't you use credentials on your Jenkins Master as a possible
> option?   I assume not all have admin access so this could be hidden? 
> It can also be stored as a global password and masked in output.

that might be one option, we dont usually run any code on the master (
or the slave ) - the jenkins hosted code is typically just used to
provision baremetal machines, and the test suites all run from there.

Its not a 100% cover statement, but thats the general model we drive
towards, would be good if we can find a solution in there. IF not, then
we can fall back to hosting the koji certs + configs in the jenkins
instances ( and look at some fine tuned koji acl where the certs cant be
abused for much other than they are intended for ).

- KB


-- 
Karanbir Singh
+44-207-0999389 | http://www.karan.org/ | twitter.com/kbsingh
GnuPG Key : http://www.karan.org/publickey.asc