gitlab-branch-source-plugin icon indicating copy to clipboard operation
gitlab-branch-source-plugin copied to clipboard

Published 20 hours ago verified publisher icon jenkinsci

Credential GitLab Personnal Access Token should be System and not Global

Open usinelogicielle opened this issue 4 years ago • 3 comments

Hello,

We have a security issue with the scope of the credential used in the plugin Wen we configure the GitLab Server, we have to specify a GitLab Personnal Access Token. This credential have to be in global scope for the plugin to work. This causes security ploblems because the credential can be used by everyone and everywhere. Indeed it would be a great improvement if the credential can be specified only in System scope (visible only by admins).

Thanks for your help :)

usinelogicielle avatar Oct 08 '21 12:10 usinelogicielle

We found this issue which should be more efficient than our problem https://issues.jenkins.io/browse/JENKINS-65059

usinelogicielle avatar Dec 13 '21 16:12 usinelogicielle

Duplicate of #221

Turiok avatar Aug 26 '22 06:08 Turiok

@usinelogicielle You can close this issue

Turiok avatar Mar 01 '23 06:03 Turiok