Jenkins configuration and security issues

git github jenkins github-api
12,012

Solution 1

1) Go to Configure global Security and uncheck "Allow users to sign up" to prevent creation of new accounts.

pic1

2&3) Go to Configure System/Github Plugin Configuration section and uncheck "Manage hook" if you don't have admin access or don't want to manage hooks from Jenkins.

pic2

Solution 2

I'll add a second answer for other like me who stumbled here but couldn't fix it with the steps above:

1) Make sure to remove the trailling .git from your task SCM config enter image description here

2) Make sure that you have set an ip/domain in Jenkins that can be reached by Github, since this is what will be used to create the hooks in your repos. This might be set to loopback by default if you are running in a VM for example enter image description here

Results in this bad config in Github enter image description here

3) Restart Jenkins with http://your-jenkins-address:port/restart

Share:
12,012
LP13
Author by

LP13

Updated on July 20, 2022

Comments

  • LP13
    LP13 almost 2 years

    This is the first time I am using Jenkins and I have gone through several online articles but couldn’t find satisfactory answers. We have .Net project, and we are using private GitHub repository. Now I am trying to build CI server with Jenkins. Idea is to whenever developer push the code to GitHub we want to build the project on CI server. I have already installed Jenkins (v 1.646) and GitHub,Git and MSBuild Plugin on CI server. After working with Jenkins for last several hours i have now have several questions.

    1> By default Jenkins runs on port 8080. But for continuous integration to work Jenkins must receive notification from GitHub. The port 8080 is by default blocked from the outside world, on CI server port 80 is open. I updated httpport in Jenkins.xml file so Jenkins is running on port 80.
    I can access Jenkins from public internet and the web hook url is now http://ipaddress/github-webhook but this opens a big security hole because now anyone can access Jenskins. To solve this issue I have configured global security -> Project-based Matrix Authorization Strategy. So now only I can login and manage the projects. However any person can still type the IP address, land on Jenkins page and Create new user account. Ofcource that user cannot access anything but still it creates a new user in Jenkins’s database So is there a way to run Jenkins management on port 8080 as usual, but receive notification on port 80

    2> On Jenkins’s System Configuration page I only see “Git” and “GitHub Plugin Configuration”. I do not see “GitHub Web Hook” option, and also I don’t see “Let Jenkins auto-manage hook URLs” has this changed in version 1.646

    3> Since we are using private repository, our project URL is https://github.com/MyCompanyName/reponame and repository URL is https://github.com/MyCompanyName/reponame.git note that the url has company name not the username. But I see error Jenkins log

    Failed to remove hook from GitHubRepositoryName[host=github.com,username=MyCompanyName,repository=reponame] java.lang.NullPointerException: There is no credentials with admin access to manage hooks on GitHubRepositoryName[host=github.com,username=MyCompanyName,repository=reponame] at com.google.common.base.Preconditions.checkNotNull(Preconditions.java:231)

    Why its trying to use companyname as username? I have setup proper user credentials and it was able to PULL the code.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Jenkins unable to fetch repo - code 255 permission denied
How to clone a directory from a remote repo in a Jenkins pipeline script?
Maven release / Github OAuth token / Jenkins: could not read Username for 'https://github.com': No such device or address
How to trigger a Jenkins build when a push is made to a private github repository
not been able to make Jenkins trigger a build when changes are pushed to Github
Jenkins Pipeline job isn't triggered on GitHub push
How to check out a Pull-Request with Jenkins Pipeline?
fatal: unable to access 'https://github.com/gabelerner/canvg.git/': Peer reports incompatible or unsupported protocol version
I need help setting up a github webhook with a localhost jenkins
Grab files changed by commit from GitHub API