[JIRA] (JENKINS-18342) jnlpCredentials exposed on slave.jar command-line
Title: Message Title smekkley smekkley commented on JENKINS-18342 Re: jnlpCredentials exposed on slave.jar command-line It works. Thank you. You actually see from jenkins ui that you have to run it in a full command line. It's probably better that the example command there gets replaced. People would just run it blindly following the example. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.149649.1371156652000.22265.1557421920167%40Atlassian.JIRA. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-18342) jnlpCredentials exposed on slave.jar command-line
Title: Message Title
Jeff Thompson edited a comment on JENKINS-18342
Re: jnlpCredentials exposed on slave.jar command-line
The capability is already there, it's just not well documented.It's built into the command-line processing library the Remoting agent library uses.If a command-line argument begins with a '@' ( ampersand at symbol ), then the rest of that argument is interpreted as the path to a file. Each line in the file is inserted as a command-line argument.Using the `-secret` parameter, you would create a file with a single line containing the secret key. Then reference it in the command-line something like this: "java -jar agent.jar -jnlpUrl -secret @".You could also create a four line file something like this: {quote} -jnlpUrl[http://somewhere/xx.jnlp]-secret {quote} and then invoke it like this: "java -jar agent.jar @"It would be nice to assemble some better documentation on this if someone gets a chance. I've got a note to do it if I can get the time.
Add Comment
This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d)
--
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.149649.1371156652000.22256.155742228%40Atlassian.JIRA.
For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-18342) jnlpCredentials exposed on slave.jar command-line
Title: Message Title Jeff Thompson commented on JENKINS-18342 Re: jnlpCredentials exposed on slave.jar command-line The capability is already there, it's just not well documented. It's built into the command-line processing library the Remoting agent library uses. If a command-line argument begins with a '@' (ampersand), then the rest of that argument is interpreted as the path to a file. Each line in the file is inserted as a command-line argument. Using the `-secret` parameter, you would create a file with a single line containing the secret key. Then reference it in the command-line something like this: "java -jar agent.jar -jnlpUrl -secret @". You could also create a four line file something like this: -jnlpUrl http://somewhere/xx.jnlp -secret and then invoke it like this: "java -jar agent.jar @" It would be nice to assemble some better documentation on this if someone gets a chance. I've got a note to do it if I can get the time. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.149649.1371156652000.21335.1557354600155%40Atlassian.JIRA. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-18342) jnlpCredentials exposed on slave.jar command-line
Title: Message Title smekkley smekkley commented on JENKINS-18342 Re: jnlpCredentials exposed on slave.jar command-line Can we at least try to support environment variables for these parameters? It's ridiculous that you can see secrets from the process name. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.149649.1371156652000.21206.1557352080141%40Atlassian.JIRA. For more options, visit https://groups.google.com/d/optout.
