Re: [SECURITY] How to protect pipeline jobs using GitHub branch/PR auto-discovery from doing harm

Not sure about docker in docker, but you can have a throw away VM slave to build the docker image - there are a number plugins to do this. > > Mmmm, OK, but we need to create docker images to run the jobs based on > what is in the repository we are fetching. Is it possible to run a > docker

Re: [SECURITY] How to protect pipeline jobs using GitHub branch/PR auto-discovery from doing harm

On Sat, 10 Sep 2016 09:57:33 -0700 (PDT) jpd4nt wrote: > Use slaves, not the master to run jobs. > > If you want chroot workspaces you could use docker slaves, run a > container per job etc. Mmmm, OK, but we need to create docker images to run the jobs based on

[SECURITY] How to protect pipeline jobs using GitHub branch/PR auto-discovery from doing harm

Use slaves, not the master to run jobs. If you want chroot workspaces you could use docker slaves, run a container per job etc. -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it,

[SECURITY] How to protect pipeline jobs using GitHub branch/PR auto-discovery from doing harm

This is particularly important for FLOSS projects wanting to use jenkins and test GitHub PR with it. This was triggered by some problem with one PR, that for some reason ends up with a workspace without a git repo in it, combined with the fact that we use git itself to version Jenkins