Hi All, This is finally finished up. We had a long quiet period while a few jobs finished up and it looks like everything got queued up for re-execution once we restarted. We'll be checking in with the JJB folks and others using the Jenkins REST API to see how they're affected by the new CSRF settings. Cheers! --Brian On Apr 19 10:03, Brian Stinson wrote: > The first part of this maintenance has been done. We will need to > schedule a full restart for tonight (00h UTC). We'll be monitoring > running jobs throughout the day. > > Cheers > --Brian > > On Apr 19 08:54, Brian Stinson wrote: > > Hi Folks, > > > > In response to news of directed attacks against public Jenkins > > instances[0], we are enabling some of the CSRF protections in ci.centos.org > > > > To do this we will issue a SafeRestart at 14:30 UTC Today! Running jobs > > will be given a chance to clear and new jobs should be queued up and > > will execute as soon as the restart finishes. > > > > Potential Impact: > > - If you are using the Jenkins REST interface you may need to modify > > your scripts to send the appropriate headers[1] > > > > - Jenkins Job Builder is tracking an issue to enable CSRF support[2]. > > Some basic tests were performed on our side, and simple jobs were > > configured correctly, but you may notice strange behavior if you are > > using JJB. > > > > > > [0]: https://groups.google.com/d/topic/jenkinsci-advisories/lJfvDs5s6bk > > [1]: https://wiki.jenkins-ci.org/display/JENKINS/Remote+access+API#RemoteaccessAPI-CSRFProtection > > [2]: https://storyboard.openstack.org/#!/story/2000556 > > > > If you have any questions or comments, let us know here or find one of > > us in #centos-devel on Freenode. > > > > Cheers! > > -- > > Brian Stinson > > CentOS CI Infrastructure Team > > _______________________________________________ > > Ci-users mailing list > > Ci-users at centos.org > > https://lists.centos.org/mailman/listinfo/ci-users > _______________________________________________ > Ci-users mailing list > Ci-users at centos.org > https://lists.centos.org/mailman/listinfo/ci-users