This sounds like it might relate well to a reproducible builds project
of some sort. Ideally we'd be able to do that in
ci.jenkins.io, though
credentials management is a little less fine-grained there, so doing
so that way would likely required a trusted CI/CD environment.
Whether it's in Jenkins, GitHub Actions, or elsewhere, what I've
always done is create dedicated CD credentials while limiting said
credentials' access scopes as much as possible.
> --
> You received this message because you are subscribed to the Google Groups "Jenkins Developers" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to
jenkinsci-de...@googlegroups.com.
> To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-dev/a799d799-6015-4252-8eb6-8d7f06a76609%40googlegroups.com.
--
Matt Sicker
Senior Software Engineer, CloudBees