Details
-
Suggestion
-
Resolution: Unresolved
-
None
-
None
-
2
-
Description
Hi,
In the scope of this Jenkins recent change and the consequences on usability of Jenkins with Bitbucket DataCenter https://github.com/jenkinsci/bitbucket-branch-source-plugin/issues/842 I would like to propose a new field in the REST API describing a pull requests. The idea would be that Bitbucket would tell the CI mechanism if the CI can trust this pull request and then typically in the case of Jenkins, trust any change to the Jenkinsfile made in this pull request (otherwise Jenkins has a way to fetch the Jenkinsfile from the last branch commit instead of the pull request).
What is a "trusted pull request" ? A first quick definition could be a pull request submitted by a user who has REPO_WRITE in the targetted repository. Jenkins itself usually use a user who has only REPO_READ, and thus Jenkins cannot use the existing REST API to check which user is "trusted" or not via the permissions they are granted. Also, it would not make sense to require the Jenkins user to have REPO_ADMIN rights to find out these information.
If this proposal is accepted, I guess eventually some users will raise new feature requests to better refine what is "trusted pull request", and maybe grant some extra confidence to users without REPO_WRITE access, so may ask for more rights management feature, but that's longer term.
Cheers,
Romain