Add support for GroupAccessToken credentials, fix credential integration #479
Conversation
|
Review highly appreciated! |
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| */ | ||
| @Restricted(NoExternalUse.class) // stapler | ||
| @SuppressWarnings("unused") | ||
| public FormValidation doCheckToken(@QueryParameter String value) { |
Check warning
Code scanning / Jenkins Security Scan
Stapler: Missing permission check Warning
| */ | ||
| @Restricted(NoExternalUse.class) // stapler | ||
| @SuppressWarnings("unused") | ||
| public FormValidation doCheckToken(@QueryParameter String value) { |
Check warning
Code scanning / Jenkins Security Scan
Stapler: Missing POST/RequirePOST annotation Warning
mzellho
changed the title
|
hey, @jetersen , any chance you could do a review here? thank you! |
|
...or may I kindly ask you, @mifitous ? |
|
...or maybe you, @rsandell? |
|
...or maybe you, @basil? |
|
Hi @mzellho, unfortunately we don't have any developers actively reviewing incoming pull requests for this plugin. We don't want your pull request to be in limbo forever; you can step forward to become a maintainer of this plugin following the instructions here: https://www.jenkins.io/doc/developer/plugin-governance/adopt-a-plugin/ |
|
Please let us know if we can assist you with becoming a maintainer. |
|
@gounthar: thank you kindly for the offer - I am sorry, I cannot do that. I feel that my knowledge on how Jenkins works internally is not good enough to make a good maintainer. In our organization, we decided to keep on deploying or self-built hpi until a new release is out (that will hopefully feature this PR), just as we did since this PR was created (until now, we didn't see anything break, btw). Again, thanks for the offer and sorry to not take over here. |
|
@mzellho : thank you for your message and for the work you've already done on the PR—it's a significant contribution! Remember, just by submitting a working PR, you're already making great strides in understanding the Jenkins codebase. This shows your capability and potential as a maintainer. 🌟 Being a maintainer isn't about having all the answers or implementing new features all the time. It's about keeping the project afloat by reviewing incoming PRs, whether they're from bots or fellow contributors. When the time comes, you can simply let it go without repercussions. There’s no need to commit for longer than you’re comfortable with. I understand your hesitation, but I believe you have what it takes to step into a maintainer role, even if it’s just until the next release of the plugin. It could be a valuable experience for you, and the community is here to support you every step of the way. |
As a follow-up to #478, this PR adds another type of credentials for
GroupAccessToken(which are not really any different toPersonalAccessTokenor even project access tokens - it might be worth refactoring it towards a genericAccessToken) and fixesPersonalAccessTokenandGroupAccessTokento beStandardUsernameCredentials, so they can also be used for the checkout.