Hi everyone,
I talked about plans to add more security-related documentation to the Jenkins user handbook (
jenkins.io/doc/book) with Mark earlier.
We decided it would be good to largely split the security documentation from other chapters (Managing Jenkins, System Administration) and make everything related to it its own top-level chapter.
Some benefits:
- It'll be easier for admins to review security recommendations in one place than distributed across docs
- Content duplication between the above two chapters is a bit weird, and that'll make it easier to fix that over time
- Review requirements (code owners) and reviewers can more easily be different from other user documentation
Other parts of the doc would still explain some basics (For example security related UI) but most of the security information would be located elsewhere and just be referenced from other documentation. At least that's the idea, let's see how well this works.
I hope to have a first draft of that up in a week or two. If you have other suggestions I could incorporate in this work, or reasons why it's a terrible idea, please let me know!
Daniel