Optimize Jenkins builds and integrate deployments as steps instead of separate Jenkins jobs.
This will result in a cleaner emfcloud Jenkins instance, which will then hold the eclipse-emfcloud parent instance (that tracks all repository builds), the website job and the release jobs.
Regarding security concerns:
We use trust level From users with Admin or Write permission:
Pull requests forks will be treated as trusted if and only if the fork owner has either Admin or Write permissions on the origin repository. This is the recommended policy.
That means, changes on Jenkinsfiles are only used for the Jenkins build if a committer adds changes, for (new) collaborators the master Jenkinsfile is used to prevent any security issues.
Optimize Jenkins builds and integrate deployments as steps instead of separate Jenkins jobs.
This will result in a cleaner emfcloud Jenkins instance, which will then hold the
eclipse-emfcloudparent instance (that tracks all repository builds), the website job and the release jobs.Regarding security concerns:
We use trust level
From users with Admin or Write permission:That means, changes on Jenkinsfiles are only used for the Jenkins build if a committer adds changes, for (new) collaborators the master Jenkinsfile is used to prevent any security issues.