Rebuilder Plugin -

I have what may be an obscure question, but we are run Jenkins and managing user permissions via the role-based strategy option (not sure if that will be relevant or not). We use the rebuilder plug-in, and have the option to remember passwords enabled.

We have noticed that unless the user has configure permissions on the job, when they go to do a rebuild, the passwords are not accessible. Without configure permissions, the passwords get passed in as a string of asterisks. With configure permissions, the passwords get passed in as they should.

Does anyone know if users should need to have configure permissions to be able to take advantage of this feature? They didn’t need to have it on our old Jenkins 1.x server.

If they shouldn’t need it, any ideas what might be going on?

We are running version 2.289.3.

Hello @fodderoh and welcome to this community :wave:

I would suggest upgrading to the latest LTS version along with upgrading the plugins, as it will provide a better user experience. Your current version is two years old and upgrading to the latest version may very well address your current issue but also provide additional features and improvements.

It sounds like the behavior you’re experiencing might be related to security changes introduced these last years. In order to access sensitive information like passwords, users typically need to have the necessary permissions configured in their roles.

In order to troubleshoot this issue, you could try the following:

  1. Double-check the configuration of the Role-Based Strategy plugin to ensure that the appropriate permissions are assigned to the relevant roles.
  2. Check the logs for any error messages related to password access or permissions.
  3. Check the plugin documentation and release notes for any changes related to password access or permissions in newer versions of Jenkins or the Rebuilder plugin.

If it turns out that users do need configure permissions to access passwords, you may need to update your role-based permissions accordingly. It’s possible that the behavior you experienced in your old Jenkins server was due to different security settings or plugin versions.