[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Jenkins with OpenShift login enabled, how to enable webhooks?


Since this was done before my recent tenure, I need to revisit BuildConfig GitHub Trigger versus what we've done.  Have you looked at this?


On Mon, Nov 26, 2018 at 9:39 AM Marc Boorshtein <mboorshtein gmail com> wrote:

If you're referring to using a GitHub webhook, we ended up having to create a simple application that would receive GitHub webhook events, verify the request against the webhook secret, and trigger the desired OpenShift build or Jenkins job.  This is primarily because GitHub webhooks don't really support authentication mechanisms other than the webhook secret.

Thanks Andy, we went a somewhat different (but similar) route. We created a reverse proxy that only accepts requests to the build url and injects the oauth2 service account token in the call to our jenkins.  I like the idea of verifying the token first but don't think its necessary.  It could cut down if there was a vulnerability found in jenkins but i can also cut that down in other ways too (i might clear all content from the request).




Andy Feller    Sr DevOps Engineer

900 Main Campus Drive, Suite 500, Raleigh, NC 27606

e: afeller bandwidth com

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]