[Jenkins-infra] secured jenkins mirrors

R. Tyler Croy tyler at monkeypox.org
Tue Jun 13 22:14:04 UTC 2017

(replies inline)

On Mon, 12 Jun 2017, Greg Swift wrote:

> Hey all.
> I work at Rackspace and as we are building out our newest environments
> we've started blocking port 80 explicitly.  The Jenkins systems in that
> environment are failing on downloading plugins due to a 302 redirect
> from https to http.  I'd rather avoid having to open an exception for
> downloading updates and plugins from the Jenkins mirrors. 
> So the url:
> https://updates.jenkins-ci.org/download/plugins/htmlpublisher/latest/ht
> mlpublisher.hpi
> redirects to http://mirrors.jenkins-ci.org/plugins/htmlpublisher/latest
> /htmlpublisher.hpi
> which may redirect out to any number of non-ssl'd mirrors.
> If i add https:// to the mirrors.jenkins-ci I get a cert mismatch with
> pkgs.jenkins.io which seems to only do platform specific package repos.
> So I guess my question is, is it possible for the secured
> pkgs.jenkins.io to also have the plugins and update center packages? Or
> can we go about mirroring the content to Rackspace's internal mirrors?
> Rackspace runs a set of mirrors both internally and for our
> customers[1]. Our preference for running a mirror is to use rsync, but
> looking through your documentation i did not see any rsync links, so I
> wanted to reach out and discuss this with y'all.  

We do have an rsync option, for secondary mirrors, but that's not over SSL
either :P

We're in the process of moving distribution into Azure storage, which would
then be end-to-end SSL (core releases from https://pkg.jenkins.io currently get
redirected through Azure).

- R. Tyler Croy

     Code: <https://github.com/rtyler>
  Chatter: <https://twitter.com/agentdero>
     xmpp: rtyler at jabber.org

  % gpg --keyserver keys.gnupg.net --recv-key 1426C7DC3F51E16F
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://lists.jenkins-ci.org/pipermail/jenkins-infra/attachments/20170613/945840f4/attachment.asc>

More information about the Jenkins-infra mailing list