Jenkins project Confluence instance attacked

Earlier this week the Jenkins infrastructure team identified a successful attack against our deprecated Confluence service. We responded immediately by taking the affected server offline while we investigated the potential impact. At this time we have no reason to believe that any Jenkins releases, plugins, or source code have been affected.


This is a companion discussion topic for the original entry at https://www.jenkins.io/blog/2021/09/04/wiki-attacked/
1 Like

@MarkEWaite,

Could you please elaborate on “Jenkins infrastructure team has permanently disabled the Confluence service,” ?

I presume this includes all of wiki.jenkins.io (and wiki.jenkins-ci.org). Unfortunately, there’s a lot of stuff “out there”, including links in existing plugins which point to wiki.jenkins.io. Is there any way yo get a redirect in place to point to 'somewhere useful"?

Perhaps a link to the blog entry, or the “Document” page, appropriately updated to indicate the wiki is permanently down. Clicking on a plugin’s help link on a plugin and getting " Hmmm… can’t reach this page" is not the best user experience.

I imagine if the site is never coming back up, then the “Migrating from Wiki to GitHub” doc also needs updating?

Thanks,
Ian

I can speak to this one, as the “owner” of the plugin site, I’m working on exporting all remaining wiki documentation and importing it outside each individual plugin repo. I hope to have something in place this weekend.

We intend to capture the content from wiki.jenkns.io as well so that we don’t lose any of the existing content. The Wiki to GitHub transition project has been in progress for an extended period and will continue. We’ll certainly share details of plans as they evolve.

Thank you Mark and Gavin for your efforts. What prompted my inquiry was the Extended Choice Parameter plugin.

The plugin help actually points to:
http://wiki.jenkins-ci.org/display/JENKINS/Extended+Choice+Parameter+plugin
Which would actually redirect to:
https://wiki.jenkins.io/display/JENKINS/Extended+Choice+Parameter+plugin

Looking at the plugin in the Plugins Center, it points to:

Documentation for this plugin is here: https://wiki.jenkins.io/display/JENKINS/Extended+Choice+Parameter+plugin

And there’s no usage documentation on the GitHub README, which leaves the user with nowhere to reference.

I’m sure there are also other plugins whose documentation is lost in the ether.

I totally get it’s up to the community supporting the plugin to maintain, document and keep it up to date with the Jenkins infrastructure and standards. But at the same time, the average user will just click on the help, get a “page not found” and be stumped.

Some sort of redirect from wiki.jenkins-ci.org and wiki.jenkins.io to would be of tremendous help I think.

As the source content is no longer accessible to the average user (or the plugin maintainers ?) , users are also unable to contribute to the Wiki to GitHub migration.

The content is currently at:

An improved solution is being worked on

1 Like

Plugin pages that were on the wiki before are working now