Package jenkins.branch

Class UntrustedBranchProperty

  • All Implemented Interfaces:
    ExtensionPoint, Describable<BranchProperty>
    public class UntrustedBranchProperty
extends BranchProperty
    Indicates that the branch contains code changes from authors who do not otherwise have the write access to the repository.

    Such code can contain malicious changes, so this flag serves as a signal to allow other Jenkins to set up the build isolation to protect the build infrastructure.

    Some examples of where the trusted vs non-trusted distinction becomes important:

    • Github pull requests should be non-trusted as they can be created by any user
    • A Subversion branching structure such as trunk, branches, tags, sandbox would probably have trunk, branches, tags as trusted and sandbox as untrusted where the Subversion permissions give any authenticated user write access to sandbox but allow the project team to commit to all four locations
    Author:
    Stephen Connolly, Kohsuke Kawaguchi

    • Constructor Detail

      • UntrustedBranchProperty

        @DataBoundConstructor
public UntrustedBranchProperty​(String[] publisherWhitelist)

    • Method Detail

      • getPublisherWhitelist

        public Set<String> getPublisherWhitelist()

      • jobDecorator

        public <P extends Job<P,​B>,​B extends Run<P,​B>> JobDecorator<P,​B> jobDecorator​(Class<P> jobType)
        Description copied from class: BranchProperty
        Returns a JobDecorator for the specific job type.
        Overrides:
        jobDecorator in class BranchProperty
        Type Parameters:
        P - the type of job.
        B - the type of run of the job.
        Parameters:
        jobType - the job class.
        Returns:
        a JobDecorator or null if none appropriate to this type of job.