When configuring nodes/slaves, the ssh-slave plugin uses the credentials plugin for credentials management. However for large Jenkins deployments or those with a lot of history, there can be many credentials that are difficult to manage.
The folders plugin includes a credentials store specific to the folder: when you configure a job, you can see the credentials of the folder store as well as the Jenkins store, but not those of other folders. This segmenting of the stores simplifies ownership since it can only be used within a folder, maintenance, since it only has life with the folder, and usability since users do not have to scroll through the entire historical global list of credentials wondering which are appropriate. It scales much better.
We should be able to manage a node or ssh-agent credentials store, to segment credentials, similar to what the folders plugin already does. When configuring an ssh save, we would see credentials from the node store and the global store, but NOT the folder level stores.
Originally reported by wgc123, imported from: Nodes should have its own credentials store
- assignee:
kohsuke
- status: Open
- priority: Minor
- component(s): ssh-slaves-plugin
- resolution: Unresolved
- votes: 0
- watchers: 2
- imported: 20251212-090250
Raw content of original issue
When configuring nodes/slaves, the ssh-slave plugin uses the credentials plugin for credentials management. However for large Jenkins deployments or those with a lot of history, there can be many credentials that are difficult to manage.
The folders plugin includes a credentials store specific to the folder: when you configure a job, you can see the credentials of the folder store as well as the Jenkins store, but not those of other folders. This segmenting of the stores simplifies ownership since it can only be used within a folder, maintenance, since it only has life with the folder, and usability since users do not have to scroll through the entire historical global list of credentials wondering which are appropriate. It scales much better.
We should be able to manage a node or ssh-agent credentials store, to segment credentials, similar to what the folders plugin already does. When configuring an ssh save, we would see credentials from the node store and the global store, but NOT the folder level stores.
When configuring nodes/slaves, the ssh-slave plugin uses the credentials plugin for credentials management. However for large Jenkins deployments or those with a lot of history, there can be many credentials that are difficult to manage.
The folders plugin includes a credentials store specific to the folder: when you configure a job, you can see the credentials of the folder store as well as the Jenkins store, but not those of other folders. This segmenting of the stores simplifies ownership since it can only be used within a folder, maintenance, since it only has life with the folder, and usability since users do not have to scroll through the entire historical global list of credentials wondering which are appropriate. It scales much better.
We should be able to manage a node or ssh-agent credentials store, to segment credentials, similar to what the folders plugin already does. When configuring an ssh save, we would see credentials from the node store and the global store, but NOT the folder level stores.
Originally reported by wgc123, imported from: Nodes should have its own credentials store
Raw content of original issue