[Ci-users] Jenkins SafeRestart to add extra CSRF Protection 19-Apr-2016 14h30 UTC (09h30 EDT)
bstinson at redhat.com
Tue Apr 19 13:54:26 UTC 2016
In response to news of directed attacks against public Jenkins
instances, we are enabling some of the CSRF protections in ci.centos.org
To do this we will issue a SafeRestart at 14:30 UTC Today! Running jobs
will be given a chance to clear and new jobs should be queued up and
will execute as soon as the restart finishes.
- If you are using the Jenkins REST interface you may need to modify
your scripts to send the appropriate headers
- Jenkins Job Builder is tracking an issue to enable CSRF support.
Some basic tests were performed on our side, and simple jobs were
configured correctly, but you may notice strange behavior if you are
If you have any questions or comments, let us know here or find one of
us in #centos-devel on Freenode.
CentOS CI Infrastructure Team
More information about the Ci-users