Hi all,
If you experience issues with login, please bring them up issues in the
Jenkins Infrastructure mailing list:
https://groups.google.com/forum/#!forum/jenkins-infra
Thanks for understanding,
Oleg
On Wednesday, June 24, 2020 at 10:01:51 PM UTC+2, nigel.a...@braincorp.com
wrote:
>
> I am
I am unable to reset my password or login. This seems to be expected give
that not all users were reset.
What is the plan for users whose accounts were not reset? Should I create a
new account?
-Nigel
--
You received this message because you are subscribed to the Google Groups
"Jenkins
Hello,
I have successfully reset my password on accounts.jenkins.io, and I can
login. However, I am now unable to login to Jira. Is anyone else having
this problem? My user name is restjohn.
Thanks.
Robert
On Tuesday, June 9, 2020 at 9:00:25 AM UTC-6, Oleg Nenashev wrote:
>
> Dear all,
>
Hi Radek,
Thanks for your feedback
> PS. I am unable to reset my password on *Jira/accounts.jenkins.io* ATM - no
> password reset email is coming to me.
If you send me your username and email address, I could have a look to it.
> I don't know what (tools/process) Linux Foundation is using
They
On Thu, Jun 18, 2020 at 10:41 AM 'Olblak' via Jenkins Developers <
jenkinsci-dev@googlegroups.com> wrote:
> Hi Everybody,
>
> Some updates regarding this topics, while almost everything is back to
> normal, we decided to not pursue with the "every user password reset" as we
> announced initially
Hi Everybody,
Some updates regarding this topics, while almost everything is back to
normal, we decided to not pursue with the "every user password reset" as we
announced initially but instead we focused on maintainers and
administrators access.
The reason for that is because we don't have
Duly noted about the Documentation.
I will migrate https://wiki.jenkins.io/display/JENKINS/Hosting+Plugins to
jenkins.io and extend it to cover the use-case tonight
On Wed, Jun 17, 2020 at 4:53 PM wrote:
> Hm, that does not work. I am using the Gradle JPI plugin. It does not seem
> to pick up
Hm, that does not work. I am using the Gradle JPI plugin. It does not seem
to pick up ~/.m2/settings.xml nor ~/.jenkins-ci.org.
On June 17, 2020 at 15:52:17, Tim Jacomb (timjaco...@gmail.com) wrote:
it's just the same as a password to maven, so use the api key instead of a
password.
On Wed, 17
it's just the same as a password to maven, so use the api key instead of a
password.
On Wed, 17 Jun 2020 at 14:39, wrote:
> Hi,
>
> thanks for the advice. Hm, my ~/.m2/settings.xml had my encrypted
> password. The docs (
>
Hi,
thanks for the advice. Hm, my ~/.m2/settings.xml had my encrypted password.
The docs (
https://wiki.jenkins.io/display/JENKINS/Hosting+Plugins#HostingPlugins-Releasingtojenkins-ci.org)
don’t mention the API key. How can I configure Maven to use the API key
instead?
Many thanks.
Karsten.
On
Apparently I use an artifactory API key to release, so I had to go into my
artifactory settings (https://repo.jenkins-ci.org/webapp/#/home)
and generate a new API key
Tim
On Wed, 17 Jun 2020 at 13:53, Mark Waite wrote:
>
>
> On Wed, Jun 17, 2020 at 6:44 AM Karsten Jeschkies
> wrote:
>
>> Hi,
On Wed, Jun 17, 2020 at 6:44 AM Karsten Jeschkies
wrote:
> Hi,
>
> thanks for you hard work. I reset my password successfully but cannot
> upload a release for the Mesos plugin. Are releases still blocked?
>
>
Releases are not blocked but a password reset will also reset your password
to the
Hi,
thanks for you hard work. I reset my password successfully but cannot
upload a release for the Mesos plugin. Are releases still blocked?
Best.
Karsten.
On Tuesday, June 9, 2020 at 5:00:25 PM UTC+2, Oleg Nenashev wrote:
>
> Dear all,
>
> As you may have noticed, the release artifact uploads
Awesome.
Thanks a lot for the hard work!
On Mon, 15 Jun 2020 at 23:10, Oleg Nenashev wrote:
> Dear all,
>
> We have reset all plugin maintainer accounts, and we have reenabled plugin
> uploads in the Repository Permission Updater. By now all upload permissions
> should be restored, except a few
No complaints about the lack of a DNSSEC record or other ways to avoid
an initial MitM attack when connecting to jenkins.io for the first
time. Or numerous other theoretical points of failure. It might be
better to offer constructive advice rather than declaring everything
broken.
On Mon, Jun 15,
Security best practices should not be opt-in. I receive the manifest
(daily) emails and did not see this topic. Many others likely did not
either.
Jenkins is viewed by many as Critical Cyber Infrastructure and plays an
important role in the global software supply chain. That supply chain was
Hi Steve,
Duly noted. Note that we offered an alternate way for maintainers to get
their password delivered if they are not fine with the current delivery
method. In my message from Jub 12:* If anyone has concerns about such a
method and wants to use alternate channels for encrypted password
"Technical debt" is not an excuse to reset plugin maintainers accounts and
include a clear-text email containing their username AND password. That's
insane. As a security professional I will not stand for that. I will no
longer be maintaining Jenkins plugins and will attempt to find new
Ack. I will make sure we have a workaround applied on Monday if the user update
is not finished
--
You received this message because you are subscribed to the Google Groups
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
I have two releases that I consider high-priority: github-branch-source and
github-api .
Users have been able to rollback to the previous release to unblock
themselves, but people who cannot rollback (new installations) remain
blocked.
On Friday, June 12, 2020 at 10:05:33 AM UTC-7, Oleg
Dear all,
June 12 update:
- We continue to work on the accounts migration and will share the next
update on Monday
- Jenkins releases are still blocked. If there are any emergency
releases you need to perform, please reply in this thread.
Best regards,
Oleg Nenashev
On Friday,
Hi Dave,
This is an email from the *Step 2. We’ll reset every user password from the
LDAP database*. This one includes a temporary password, and we expect users
to change it after they login into the system.
For those who wonder: Yes, the temporary password is sent in plain text as
mentioned
June 12th update:
- We are still working on the account migration
- Step 1 is completed, all users have been restored in the database
based on the data from Jenkins Jira and repository permissions updater.
- Step 2 is in progress. Tens of thousands users have already
Dear all,
We are ready to proceed with restoration of the Jenkins account database.
Today we are going to restore user LDAP accounts that were created since
the First of February 2020 based on the data from Jenkins Jira and the
repository Permission Manager metadata data. We will also reset
Thank you, Oleg and the Security Team!
Dmitry
On Tuesday, June 9, 2020 at 8:00:25 AM UTC-7, Oleg Nenashev wrote:
>
> Dear all,
>
> As you may have noticed, the release artifact uploads are currently
> blocked in the Jenkins Artifactory instances (https://repo.jenkins-ci.org/).
> We are doing a
Dear all,
As you may have noticed, the release artifact uploads are currently blocked
in the Jenkins Artifactory instances (https://repo.jenkins-ci.org/). We are
doing a security investigation due to a partial user database loss on June
02. Today we blocked releases to the Jenkins artifactory,
26 matches
Mail list logo