Hello. I'm having an issue creating a Github Organization (GO from now on) and also not quite understanding how credentials (the plugin) fit into all this. I think I understand that credentials via the plugin can be siloed into different groups or folders for access control purposes. I have a few credentials in jenkins/global (ie at the URL /credentials), and another scoped to "Jenkins", of which some of the global ones should have sufficient permissions for the GO plugin, but after creating my new GO they're not listed (the list only shows "-none-") and I'm shown a "
Credentials are recommended" message.
Saving my newly created GO kicks off the folder computation process which does nothing because its trying to use anonymous access, and revisiting its settings page still doesn't show any credentials global or otherwise. Ok, understandable.
From my GO/settings page I have the option of adding credentials with two options: folder credentials provider (by the name of my new GO) and Jenkins credentials provider (by the name of Jenkins). From here I chose to add credentials using the GO provider by generating a new personal access token in github with these permissions:
repo Full control of private repositories
repo:status Access commit status
repo_deployment Access deployment status
public_repo
admin:repo_hook Full control of repository hooks
write:repo_hook Write repository hooks
read:repo_hook Read repository hooks
admin:org_hook Full control of organization hooks
Those may be too wide, but whatever, I think they're enough? I select those creds, apply the changes, and start folder computation, and now it sees everything. Awesome. As a test I have just one branch in one repo with a Jenkinsfile and this is it:
node {
stage('Test (verify)') {
withMaven(
maven: 'maven3',
mavenLocalRepo: '.repository') {
sh "mvn clean install"
}
}
}
Namely, to clone the repo it does:
But then later I see:
1. it seems like its doing the same thing more than once
2. rather than default to the credentials I gave it it's defaulting to asking for a password
I've read online that from here I can go into individual repositories that were found and tweak the Github plugin settings (under advanced) and change the checkout credentials to be different from the scan credentials, which I can see and change, but cannot actually save?
All suggestions welcome!