Hey Gavin,
Thanks for sharing your thoughts.
*Easier than the existing system notice box? What does dynamic mean in this
case*
- I felt the existing system notice box content gets unnoticed and my way
of showing the header at the top has more visibility.
- By dynamic I mean we can have the environment variables in the content
and it gets parsed and shown appropriately.
For example, "Current jenkins home is at ${System.getenv("JENKINS_HOME")}"
gets translated with the appropriate Jenkins home value. We can have
if-else checks as well. We are leveraging GStringTemplateEngine to achieve
this.
*I recommend against explicitly supporting HTML, your plugin will get
flagged by security allowing XSS and other exploit types. Recommend you use
the jenkins sanitization system, which supports allowing raw html, but also
(by default) supports safe html only, or markdown (like my above screenshot
says).*
- Thanks for this suggestion. Will leverage jenkins sanitization system for
this.
*I personally don't see me using the plugin as my jenkins install is just
mine, so take my comments as you will*
- It is extremely useful when you are maintaining a number of Jenkins
instances which in our case is ~5000. I agree that if you are alone using
your Jenkins, it is of no use.
*Hope is the best thing!*
PCS Anil Kumar Chukkala,
8130922822
On Sat, Jul 2, 2022 at 4:33 AM 'Gavin Mogan' via Jenkins Developers <
[email protected]> wrote:
>
> - Header content will be dynamic and easy to update for administrators.
>
> Easier than the existing system notice box? What does dynamic mean in this
> case
> [image: image.png]
>
> - Header content will have an expiry date and post expiry it would not
> be shown.
>
> I could potentially see that useful
>
> - Header content will support HTML elements.
>
> I recommend against explicitly supporting HTML, your plugin will get
> flagged by security allowing XSS and other exploit types. Recommend you use
> the jenkins sanitization system, which supports allowing raw html, but also
> (by default) supports safe html only, or markdown (like my above screenshot
> says).
>
> I personally don't see me using the plugin as my jenkins install is just
> mine, so take my comments as you will
>
> On Thu, Jun 30, 2022 at 10:16 PM Anil Kumar <[email protected]> wrote:
>
>> Attaching the screenshots for better visibility...
>>
>> On Friday, July 1, 2022 at 10:43:31 AM UTC+5:30 Anil Kumar wrote:
>>
>>> Hello everyone,
>>>
>>> We recently updated our Jenkins to display a common header across
>>> Jenkins that helps in communicating with the users.
>>>
>>> It serves in notifying users for a variety of use cases like sharing
>>> updates about ongoing system outages or maintenance windows, sharing
>>> product updates and announcements, and collecting user feedback as well.
>>>
>>> We could not find any plugin which does this and would like to create a
>>> plugin and open source it.
>>>
>>> Let us know your thoughts.
>>>
>>> *Plugin brief*
>>>
>>> - Include a common header across Jenkins.
>>> - Header content will be dynamic and easy to update for
>>> administrators.
>>> - Header content will have an expiry date and post expiry it would
>>> not be shown.
>>> - Header content will support HTML elements.
>>>
>>> *Sample screenshots[image: Screenshot 2022-07-01 at 10.41.47 AM.png]*
>>>
>>> *[image: Screenshot 2022-07-01 at 10.39.03 AM.png][image: Screenshot
>>> 2022-07-01 at 10.40.31 AM.png]*
>>>
>>> Thanks,
>>> Anil Kumar
>>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Jenkins Developers" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected].
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/jenkinsci-dev/1b4a6508-7a51-45df-b9d0-10daf37fc195n%40googlegroups.com
>> <https://groups.google.com/d/msgid/jenkinsci-dev/1b4a6508-7a51-45df-b9d0-10daf37fc195n%40googlegroups.com?utm_medium=email&utm_source=footer>
>> .
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Jenkins Developers" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/jenkinsci-dev/CAG%3D_DuvBEkCrsaQbOLRiEnEtR3tvxfwcTboa%3DnTM2QSK4AVtEg%40mail.gmail.com
> <https://groups.google.com/d/msgid/jenkinsci-dev/CAG%3D_DuvBEkCrsaQbOLRiEnEtR3tvxfwcTboa%3DnTM2QSK4AVtEg%40mail.gmail.com?utm_medium=email&utm_source=footer>
> .
>
--
You received this message because you are subscribed to the Google Groups
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-dev/CAJ-eeaGCj-3Q%3DDg-bhw_aN5pSMH36MwWYLWTe_LomTcrAbA1mA%40mail.gmail.com.
