[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Jenkins with OpenShift login enabled, how to enable webhooks?





If you're referring to using a GitHub webhook, we ended up having to create a simple application that would receive GitHub webhook events, verify the request against the webhook secret, and trigger the desired OpenShift build or Jenkins job.  This is primarily because GitHub webhooks don't really support authentication mechanisms other than the webhook secret.



Thanks Andy, we went a somewhat different (but similar) route. We created a reverse proxy that only accepts requests to the build url and injects the oauth2 service account token in the call to our jenkins.  I like the idea of verifying the token first but don't think its necessary.  It could cut down if there was a vulnerability found in jenkins but i can also cut that down in other ways too (i might clear all content from the request).

Thanks
Marc
 

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]