Issue
Legacy API tokens do not get removed in the Client controllers or Managed controllers.
Environment
- CloudBees CI (CloudBees Core)
- CloudBees CI (CloudBees Core) on modern cloud platforms - Managed controller
- CloudBees CI (CloudBees Core) on modern cloud platforms - Operations Center
- CloudBees CI (CloudBees Core) on traditional platforms - Client controller
- CloudBees CI (CloudBees Core) on traditional platforms - Operations Center
- CloudBees Jenkins Enterprise
- CloudBees Jenkins Enterprise - Managed controller
- CloudBees Jenkins Enterprise - Operations Center
- CloudBees Jenkins Platform - Client controller
- CloudBees Jenkins Platform - Operations Center
Resolution
After upgrading Operations Center (OC), Managed controllers (MC) or Client controllers (CC) to 2.129+ and removing all the previous API tokens in either MCs and/or CCs following Security Hardening: New API token system in Jenkins 2.129+, the legacy API tokens appears again.
The Legacy API token clean up must be performed firstly in Operations Center as there is an users synchronization between OC and CCs/MCs which will overwrite what was performed at CC/MC level. After the Legacy API token clean up at OC level, you might want not to wait for the synchronization to happen and perform the clean up at CC at MC as well.
0 Comments