Add Jenkins Security configuration docs

author Thanh Ha <thanh.ha@linuxfoundation.org>

Sat, 9 Jun 2018 17:46:12 +0000 (13:46 -0400)

committer Thanh Ha <thanh.ha@linuxfoundation.org>

Mon, 11 Jun 2018 20:28:03 +0000 (16:28 -0400)
author Thanh Ha <thanh.ha@linuxfoundation.org>
Sat, 9 Jun 2018 17:46:12 +0000 (13:46 -0400)
committer Thanh Ha <thanh.ha@linuxfoundation.org>
Mon, 11 Jun 2018 20:28:03 +0000 (16:28 -0400)
diff --git a/docs/infra/jenkins.rst b/docs/infra/jenkins.rst

index ee48f48..0bed30a 100644 (file)
--- a/docs/infra/jenkins.rst
+++ b/docs/infra/jenkins.rst
@@ -65,3 +65,21 @@ Jenkins requires admin level configuration to work with GitHub.
        GitHub client cache size (MB): 20
  
  #. Click ``Re-register hooks for all jobs``
+
+.. _jenkins-security:
+
+Security Configuration
+======================
+
+Security recommendations for Jenkins.
+
+#. Install the `OWASP Markup Formater Plugin
+   <http://wiki.jenkins-ci.org/display/JENKINS/OWASP+Markup+Formatter+Plugin>`_
+#. Navigate to `https://jenkins.example.org/configureSecurity/`
+#. Configure the following:
+
+   * Enable ``CSRF Protection`` with ``Default Crumb Issuer``
+   * Enable ``Agent -> Master Access Control``
+   * Disable ``JNLP Protocol 1 - 3``
+   * Enable ``JNLP Protocol 4``
+   * Set ``Markup Formatter`` to ``Safe HTML``
author	Thanh Ha <thanh.ha@linuxfoundation.org>
	Sat, 9 Jun 2018 17:46:12 +0000 (13:46 -0400)
committer	Thanh Ha <thanh.ha@linuxfoundation.org>
	Mon, 11 Jun 2018 20:28:03 +0000 (16:28 -0400)