Info |
---|
The links on this page no longer work, we've moved to Azure and are going to add a reverse proxy server to avoid having to expose ports on the hosts. |
...
java-demo
...
3306 database internal
...
GMC Connect Mocks
...
sebp/elk
...
5601 external Kibana UI,
9200 external Elastic Search,
5044 internal Log stash
...
hee-filebeat
...
9090 internal
9092 internal (docker container)
...
Table of Contents |
---|
Security tweak required for BDD error report image display on Jenkins 2.7.2
Ref: https://content-security-policy.com/ and https://wiki.jenkins-ci.org/display/JENKINS/Configuring+Content+Security+PolicyFollow one of the URL's below, logging in to Jenkins with user that has admin rights:-
Jenkins URL (AWS EC2) : http://ec2-52-17-13-23.eu-west-1.compute.amazonaws.com:9090/script
Jenkins URL (Azure VM) : https://build-hee.transformcloud.net/jenkins/script
Code Block |
---|
System.setProperty(hudson.model.DirectoryBrowserSupport.class.getName() + ".CSP", "script-src 'unsafe-inline' 'self';") |
...
System.setProperty("jenkins.model.DirectoryBrowserSupport.CSP", "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline';") |
To persist the security changes the following command can be executed from the command line :
Code Block |
---|
$ java -Dhudson.model.DirectoryBrowserSupport.CSP="sandbox allow-scripts; default-src 'self'; script-src * 'unsafe-eval'; img-src *; style-src * 'unsafe-inline'; font-src *" -jar jenkins.war |
NOTE : The web browser refresh does not always reload the page with the new relaxed rules due to caching. To be sure ensure this doesn't happen it's advised to restart your browser.
If this needs to be reset to default (more secure) the run the following command :
Code Block |
---|
System.clearProperty("hudson.model.DirectoryBrowserSupport.CSP") |