Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Modified to encrypt the keychain password. #102

Merged
merged 7 commits into from May 27, 2019

Conversation

@kazuhidet
Copy link

kazuhidet commented May 10, 2019

  • Modified to save the keychain password encrypted in 'Configure system' and 'Job configuration'.
  • The steps to unlock the macOS keychain were separated so that they could be used alone.
…' and 'Job configuration'.

The steps to unlock the macOS keychain were separated so that they could be used alone.
@kazuhidet

This comment has been minimized.

Copy link
Author

kazuhidet commented May 10, 2019

I think that this PR should be merged early, as I think it should be fixed as soon as possible the problem that the keychain password was saved in plain text, how about it ?

It could not adversely affect anything else, at least as long as I check it myself.

private Boolean inSearchPath;

public Keychain() {
}

@DataBoundConstructor
public Keychain(String keychainName, String keychainPath, String keychainPassword, Boolean inSearchPath) {
public Keychain(String keychainName, String keychainPath, Secret keychainPassword, Boolean inSearchPath) {

This comment has been minimized.

Copy link
@mat1e

mat1e May 10, 2019

Is it not better to add an other default constructor like "public Keychain()" to use @DataBoundSetter? Like this you can deprecate this one and modify the setting of keychainPassword adding Secret.fromString().

@mat1e
mat1e approved these changes May 13, 2019
@kazuhidet

This comment has been minimized.

Copy link
Author

kazuhidet commented May 13, 2019

Jenkins official document "Writing Pipeline-Compatible Plugins" say "Instead you should integrate with the Credentials plugin."
https://jenkins.io/doc/developer/plugin-development/pipeline-integration/

I think this mean Information about authentication had better do it handled through "credential plugin" rather than stored by plugin itself.

What do you think, guys?

@kazuhidet kazuhidet mentioned this pull request May 13, 2019
@kazuhidet kazuhidet force-pushed the kazuhidet:separate_keychain_unlock branch from 1fc1ea6 to fc2bd6f May 13, 2019
@kazuhidet kazuhidet merged commit e2298a5 into jenkinsci:master May 27, 2019
1 check passed
1 check passed
continuous-integration/jenkins/pr-merge This commit looks good
Details
kazuhidet added a commit to kazuhidet/xcode-plugin that referenced this pull request Jun 4, 2019
Fix confricts with PR jenkinsci#102, PR jenkinsci#103
Add Credential related help files and translations.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.