We are currently using a service account for our Windows server in Jenkins to build pipelines. Many application pipelines share this common service account.
To enhance security, we are looking for alternative methods to manage this service account in Jenkins.
Specifically, we seek more secure ways to handle the service account credentials and permissions.
We would appreciate any guidance on best practices or tools that can help us achieve this.
Are you talking about a user in Jenkins and you trigger the builds via this user?
I assume you’re not the Jenkins internal user database but some external one like Active Directory, ldap or SAML.
Then you should create tokens for that user in Jenkins and whenever you want to trigger a job use the token instead of the password. You can have as many tokens as you like and revoke them at any time.