git.apps.os.sepia.ceph.com Git - ceph-build.git/commit

]> git.apps.os.sepia.ceph.com Git - ceph-build.git/commit

author	David Galloway <dgallowa@redhat.com>
	Tue, 15 Sep 2020 14:30:23 +0000 (10:30 -0400)
committer	David Galloway <dgallowa@redhat.com>
	Tue, 15 Sep 2020 14:30:23 +0000 (10:30 -0400)
commit	4df162dab356b4dfe6e47d6876ff9ea4684b9006
tree	7045869a02f178edf91e939cffcaaf3f01c98bf1	tree \| snapshot
parent	74e0dcff83628aa9a3fe9fcbbcc3bb540674ee35	commit \| diff

ansible: Pass API key to slave.jar as file

vstart_runner.py runs 'ps ww' for the jenkins-build user. This exposes the API key by showing the java.jar process in Jenkins logs. If we pass the credentials as a file, there's less of a chance of it getting exposed.

Signed-off-by: David Galloway <dgallowa@redhat.com>

ansible/examples/slave.yml		diff \| blob \| history
ansible/templates/systemd/jenkins.secret.j2	[new file with mode: 0644]	blob
ansible/templates/systemd/jenkins.service.j2		diff \| blob \| history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom