New plugin for showing dynamic header across Jenkins
89 views
Skip to first unread message
Anil Kumar
Jul 1, 2022, 1:13:31 AM7/1/22
to Jenkins Developers
Hello everyone,
We recently updated our Jenkins to display a common header across Jenkins that helps in communicating with the users.
It serves in notifying users for a variety of use cases like sharing updates about ongoing system outages or maintenance windows, sharing product updates and announcements, and collecting user feedback as well.
We could not find any plugin which does this and would like to create a plugin and open source it.
Let us know your thoughts.
Plugin brief
- Include a common header across Jenkins.
- Header content will be dynamic and easy to update for administrators.
- Header content will have an expiry date and post expiry it would not be shown.
- Header content will support HTML elements.
Sample screenshots
Thanks,
Anil Kumar
Gavin Mogan
Jul 1, 2022, 7:03:28 PM7/1/22
to Jenkins Developers
- Header content will be dynamic and easy to update for administrators.
Easier than the existing system notice box? What does dynamic mean in this case
- Header content will have an expiry date and post expiry it would not be shown.
I could potentially see that useful
- Header content will support HTML elements.
I recommend against explicitly supporting HTML, your plugin will get flagged by security allowing XSS and other exploit types. Recommend you use the jenkins sanitization system, which supports allowing raw html, but also (by default) supports safe html only, or markdown (like my above screenshot says).
I personally don't see me using the plugin as my jenkins install is just mine, so take my comments as you will
--
You received this message because you are subscribed to the Google Groups "Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-de...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/1b4a6508-7a51-45df-b9d0-10daf37fc195n%40googlegroups.com.
Anil Kumar
Jul 4, 2022, 1:30:13 AM7/4/22
to jenkin...@googlegroups.com
Hey Gavin,
Thanks for sharing your thoughts.
Easier than the existing system notice box? What does dynamic mean in this case
- I felt the existing system notice box content gets unnoticed and my way of showing the header at the top has more visibility.
- By dynamic I mean we can have the environment variables in the content and it gets parsed and shown appropriately.
For example, "Current jenkins home is at ${System.getenv("JENKINS_HOME")}" gets translated with the appropriate Jenkins home value. We can have if-else checks as well. We are leveraging GStringTemplateEngine to achieve this.
I recommend against explicitly supporting HTML, your plugin will get flagged by security allowing XSS and other exploit types. Recommend you use the jenkins sanitization system, which supports allowing raw html, but also (by default) supports safe html only, or markdown (like my above screenshot says).
- Thanks for this suggestion. Will leverage jenkins sanitization system for this.
I personally don't see me using the plugin as my jenkins install is just mine, so take my comments as you will
- It is extremely useful when you are maintaining a number of Jenkins instances which in our case is ~5000. I agree that if you are alone using your Jenkins, it is of no use.
Hope is the best thing!
PCS Anil Kumar Chukkala,
8130922822
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/CAG%3D_DuvBEkCrsaQbOLRiEnEtR3tvxfwcTboa%3DnTM2QSK4AVtEg%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages