[openstack-dev] [all] Removal of in progress console log access

Monty Taylor mordred at inaugust.com
Fri Apr 15 23:23:24 UTC 2016


tl;dr Effective immediately we've put firewalls in front of the Jenkins 
servers removing in-progress console log streaming access

Longer version


Recently some potential security issues have come to our attention with 
Jenkins [1] and the way we run it that are non-trivial to fix. As a 
precaution, we have put firewalls in front of the Jenkins web interfaces 
to give us time to react in a reasoned manner. Zuul will still operate 
as usual, and we'll still get log information as usual when the jobs are 
done. However, it does mean that in-progress console log streaming will 
go away for the time being.

We have some plans as to how to address the situation, but they will 
take a few weeks to finalize and implement. Although we regret the 
inconvenience and temporary loss of functionality, it seems the most 
prudent step to take at the moment. As soon as we have an ETA on 
resumption of console log streaming, we'll be sure to let everyone know.

Thanks,
OpenStack Infra team

[1] 
https://groups.google.com/forum/#!msg/jenkinsci-advisories/lJfvDs5s6bk/4dRqSc4pHgAJ



More information about the OpenStack-dev mailing list