Issue
I have some Jenkins runtime options with sensitive data like httpsKeyStorePassword
and I want to avoid their exposure in the system process, for example, using ps -ef | grep java
.
Environment
- CloudBees CI (CloudBees Core)
- CloudBees CI (CloudBees Core) on modern cloud platforms - Managed Master
- CloudBees CI (CloudBees Core) on modern cloud platforms - Operations Center
- CloudBees CI (CloudBees Core) on traditional platforms - Client Master
- CloudBees CI (CloudBees Core) on traditional platforms - Operations Center
- CloudBees Jenkins Platform - Client Master
- CloudBees Jenkins Platform - Operations Center
- CloudBees Jenkins Distribution
- Jenkins LTS
Resolution
It’s possible to add the --config
flag as a Jenkins option when launching the client and indicate a file where you can set the Jenkins options you need.
For example:
YOUR CONFIGURATION LIKE JENKINS_JAVA_OPTIONS=[...] ... --config=PATH_TO_YOUR_FILE_WHERE_FLAGS_ARE_SET
An example of the content of PATH_TO_YOUR_FILE_WHERE_FLAGS_ARE_SET:
httpsPort=SOME_PORT
httpsKeyStore=CERTIFICATE_PATH
httpsKeyStorePassword=SOME_PASSWORD
References
How to add Jenkins command line options to CloudBees CI (CloudBees Core)?
0 Comments