Re: Security best practice for Cloudbees Docker Workflow?

On Tuesday, January 12, 2016 at 10:51:11 AM UTC+1, Stephen Connolly wrote: > > > > On 12 January 2016 at 06:14, Thomas Goeppel > wrote: > >> Stephen, >> >> thanks for the suggestions. I'm sure that with the two methods you >> described it's p

Re: Security best practice for Cloudbees Docker Workflow?

e. >> >> /Thomas >> >> >> On Monday, January 11, 2016 at 3:08:41 PM UTC+1, Stephen Connolly wrote: >>> >>> FYI you do not run *Jenkins* as root... rather you run a build slave as >>> the trusted account and then you lock down access to t

Re: Security best practice for Cloudbees Docker Workflow?

of bastion host whereby it is off-line until you want to deploy into > production. > > On 10 January 2016 at 11:17, Thomas Goeppel > wrote: > >> >> >> On Sunday, January 10, 2016 at 1:05:07 AM UTC+1, Christopher Orr wrote: >>> >>> > One option

Re: Security best practice for Cloudbees Docker Workflow?

On Sunday, January 10, 2016 at 1:05:07 AM UTC+1, Christopher Orr wrote: > > > One option would be to write a shim for the docker command, that only > > allows a subset of commands, and sanitizes the options and parameters. > > Even if you do that, the jenkins user, as part of the docker group,

Security best practice for Cloudbees Docker Workflow?

Hello community, I've been experimenting with the Cloudbees Docker Workflow plugin, and I really like the ease of use of this DSL. Now I'd like to get security right. Problem: the plugin assumes that the docker binary is in the path

Re: Approaches for sharing workspace in a pipeline

Oh sorry, wrong addressee %s/John/Martin/ :-) On Wednesday, December 30, 2015 at 11:24:26 AM UTC+1, Thomas Goeppel wrote: > > Hi John, > -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group

Re: Approaches for sharing workspace in a pipeline

Hi John, your approach sounds interesting. Could you please share some Workflow code that shows how you compute the Workspace location, use ws(), and pass workspace locations to subsequent jobs? When accessing workspaces in Workflow you're also facing the problem of concurrent runs. How do yo

Re: Any plugin to parse XML?

> Have not tried it, but it is probably doable. Use readFile to download the > file contents from the slave. Then use standard Groovy APIs to parse; you > might need to wrap the details in a function marked @NonCps. > Thanks Jesse, this works. -- You received this message because you are sub

Script-SCM - example scripts?

Hi, it would be very nice if anybody could share an example Groovy script with matching Ant configuration for the Script-SCM plugin. Thanks! -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving

Re: [workflow-plugin] Use external script for running the flow

7;ve just could not figure out how to correctly specify additional actions > like "Cleanup workdir after checkout". > If you know how to do that please let me know. > > Thanks, > Timur > > воскресенье, 1 февраля 2015 г., 0:59:20 UTC+3 пользователь Thomas Goeppel > на

Re: [workflow-plugin] Use external script for running the flow

Hi Timur, good news, loading the CPS script from SCM (i.e. Git or SVN) is one of the new features in workflow plugin 1.2. Just add your script to your SCM, select "Groovy CPS DSL from SCM" instead of ""Groovy CPS DSL", enter your repository, and the name of your Groovy CPS script. I did a qui

Re: Groovy collection.find() returning boolean in Workflow scripts?!

Kenneth, CPS doesn't always behave like a Groovy programmer would expect. Obviously, there is a price to pay for the double nature of CPS as a job description, and scripting language (*README.md refers to this as "continuation passing style* transformation of the script"). However, List.find s