Migrate plugin documentation from Wiki to GitHub

jenkinsci · Apr 3, 2020 · 4752cc4 · 4752cc4
1 parent 3440b0a
commit 4752cc4
Show file tree

Hide file tree

Showing 12 changed files with 321 additions and 22 deletions.
diff --git a/README.md b/README.md
@@ -1,21 +1,62 @@
-Mask Passwords plugin
-=====================
-Copyright &copy; 2010-2011, Manufacture Francaise des Pneumatiques Michelin, Romain Seguy. Licensed under [MIT License][0].
-
-About this plugin
------------------
-The Mask Passwords plugin is meant to be used from [Jenkins][1] to mask passwords or regular expressions which may appear from builds' console. Please take a look at [Jenkins' wiki][2] to get detailed information.
-
-Installation
-------------
-The Mask Passwords plugin can be installed from any Hudson or Jenkins installation connected to the Internet using the **Plugin Manager** screen.
-
-Source code
------------
-The primary location for the source code of this plugin is on [Jenkins' SVN repository][3]. It is also mirrored on [GitHub][4] for conveniency.
-
-[0]: https://github.com/jenkinsci/mask-passwords-plugin/raw/master/LICENSE.txt
-[1]: https://jenkins.io/
-[2]: https://wiki.jenkins.io/display/JENKINS/Mask+Passwords+Plugin
-[3]: https://svn.jenkins-ci.org/trunk/hudson/plugins/mask-passwords/
-[4]: https://github.com/jenkinsci/mask-passwords-plugin
+# Mask Passwords plugin for Jenkins
+
+This plugin allows masking passwords that may appear in the console.
+
+## About this plugin
+
+This plugin allows masking passwords that may appear in the console,
+including the ones defined as build parameters.
+This often happens, for example, when you use build steps which *can't* handle passwords properly.
+Take a look at the following example.
+
+### Before
+
+Consider you're using an **Invoke Ant** build step to run an Ant target.
+This target requires a password to achieve its goal.
+You would end up having a job configuration like this:
+
+![](docs/images/config-before.png)
+
+Of course, you could have created a variable to store the password and use this variable in the build step configuration so that it doesn't appear as plain text.
+But you would still end with a console output like this:
+
+![](docs/images/console-before.png)
+
+### After
+
+When activating the **Mask passwords** option in a job, the builds' **Password Parameters**
+(or any other type of build parameters selected for masking in **Manage Jenkins** \> **Configure System**) are automatically masked from the console.
+Furthermore, you can also safely define a list of static passwords to be masked
+(you can also define a list of static password shared by all jobs in Jenkins' main configuration screen).
+As such, the passwords don't appear anymore as plain text in the job configuration
+(plus it is ciphered in the job configuration file):
+
+![](docs/images/config-after.png)
+
+Once done, new builds will have the passwords masked from the console output:
+
+![](docs/images/console-after.png)
+
+## User guide
+
+First, go to Jenkins' main configuration screen (**Manage Jenkins** \> **Configure System**) and select,
+in the **Mask Passwords - Configuration** section, which kind of build parameters have to be automatically masked from the console output:
+
+![](docs/images/global-settings.png)
+
+Notice that, as of version 2.7, you can also define global passwords (defined as pairs of name/password) that can be accessed across all jobs.
+
+Then, for a specific job, activate the **Mask passwords** option in the **Build Environment** section to mask passwords from the console:
+
+1.  All the password parameters defined for the job will be automatically hidden.
+2.  For each other kind of password (that is, static ones) that may appear in the console output,
+    add an entry (by clicking on the **Add** button) and set the **Password** field.  
+    You may additionally set the **Name** field.
+    If you do so, the password will then be available as a standard variable.
+    It is then possible to refer to this password using this variable rather than keying it in a field which is not ciphered.
+    Take a look at the screenshots above for an example.
+
+## Release Notes
+
+* See [GitHub Releases](https://github.com/jenkinsci/mask-passwords-plugin/releases) for recent releases
+* See the [Changelog archive](./docs/CHANGELOG.old.md) for 2.12.0 and before
diff --git a/docs/CHANGELOG.old.md b/docs/CHANGELOG.old.md
@@ -0,0 +1,175 @@
+# Version history (archive)
+
+## New releases
+
+See [GitHub Releases](https://github.com/jenkinsci/mask-passwords-plugin/releases)
+
+## Version 2.12.0 
+
+Release Date: (Jun 01, 2018)
+
+-   [![(plus)](images/add.svg) PR
+    \#18](https://github.com/jenkinsci/mask-passwords-plugin/pull/18) -
+    Mask Passwords Console Log filter can be now applied to all Run
+    types  
+    -   It should allow filtering Pipeline jobs
+        once [JENKINS-45693](http://issues.jenkins-ci.org/browse/JENKINS-45693)
+        is implemented
+-   ![(info)](images/information.svg) Update
+    minimal core requirement to 1.625.3
+
+## Version 2.11.0
+
+Release Date: (Mar 13, 2018)
+
+-   ![(info)](images/information.svg) Update
+    minimal core requirement to 1.625.3
+-   ![(info)](images/information.svg) Developer:
+    Update Plugin POm to the latest version
+
+## Version 2.10.1
+
+Release Date: (Apr 11, 2017)
+
+-   ![(error)](images/error.svg) Prevent
+    NullPointerException when loading configurations from the disk
+    ([JENKINS-43504](https://issues.jenkins-ci.org/browse/JENKINS-43504))
+
+## Version 2.10
+
+Release Date: (Apr 08, 2017)
+
+-   ![(plus)](images/add.svg) Rework
+    the Parameter Definition processing engine, improve the reliability
+    of Sensitive parameter discovery
+-   ![(error)](images/error.svg) Fix
+    a number of issues with parameter masking reported to the plugin.
+    Full list will be published later
+
+## Version 2.9
+
+Release Date: (30/11/2016)
+
+-   ![(plus)](images/add.svg)
+    Add option to mask output strings by a regular expression, also with
+    a global setting ([PR
+    \#6](https://github.com/jenkinsci/mask-passwords-plugin/pull/6))
+-   ![(error)](images/error.svg)
+    Properly invoke flush/close operations for the logger in
+    MaskPasswordOutputStream ([PR
+    \#8](https://github.com/jenkinsci/mask-passwords-plugin/pull/8))
+-   ![(error)](images/error.svg)
+    Fix issues reported by FindBugs
+-   ![(info)](images/information.svg)
+    Update to the new Parent POM
+
+## Version 2.8
+
+Release Date: (18/10/2015)
+
+-   ![(plus)](images/add.svg)
+    Implement SimpleBuildWrapper in order to support Workflow project
+    type
+    ([JENKINS-27392](https://issues.jenkins-ci.org/browse/JENKINS-27392))
+
+## Version 2.7.4
+
+Release Date: (29/07/2015)
+
+-   ![(error)](images/error.svg)
+    Password parameters were insensitive
+-   ![(error)](images/error.svg)
+    "Mask passwords" build wrapper was generating insensitive
+    environment variables
+
+Fixed issues (to be investigated and updated):
+
+-   Masking of global password parameters in EnvInject
+    ([JENKINS-25821](https://issues.jenkins-ci.org/browse/JENKINS-25821))
+-   Masked Passwords are shown as input parameters in Build pipeline
+    plugin
+    ([JENKINS-16516](https://issues.jenkins-ci.org/browse/JENKINS-16516))
+
+## Version 2.7.3
+
+Release Date: (29/04/2015)
+
+-   Fixed
+    [JENKINS-12161](https://issues.jenkins-ci.org/browse/JENKINS-12161):
+    EnvInject vars could have been not masked because of plugins loading order
+-   Fixed
+    [JENKINS-14687](https://issues.jenkins-ci.org/browse/JENKINS-14687):
+    password exposed unencrypted in HTML source
+
+## Version 2.7.2
+
+Release Date: (12/07/2011)
+
+-   Fixed
+    [JENKINS-11934](https://issues.jenkins-ci.org/browse/JENKINS-11934):
+    Once a job config was submitted, new/updated global passwords were
+    not masked
+-   Implemented
+    [JENKINS-11924](https://issues.jenkins-ci.org/browse/JENKINS-11924):
+    Improved global passwords-related labels
+
+## Version 2.7.1
+
+Release Date: (10/27/2011)
+
+-   Fixed
+    [JENKINS-11514](https://issues.jenkins-ci.org/browse/JENKINS-11514):
+    When migrating from an older version of the plugin,
+    `NullPointerException`s were preventing the jobs using Mask
+    Passwords to load
+-   Fixed
+    [JENKINS-11515](https://issues.jenkins-ci.org/browse/JENKINS-11515):
+    Mask Passwords global config was not actually saved when no global
+    passwords were defined
+
+## Version 2.7
+
+Release Date: (10/20/2011)
+
+-   Implemented
+    [JENKINS-11399](https://issues.jenkins-ci.org/browse/JENKINS-11399):
+    It is now possible to define name/password pairs in Jenkins' main
+    configuration screen (**Manage Hudson** \> **Configure System**)
+
+## Version 2.6.1
+
+Release Date: (05/26/2011)
+
+-   Fixed a bug which was emptying the console output if there was no
+    password to actually mask
+
+## Version 2.6
+
+Release Date: (04/29/2011)
+
+-   Added a new type of build parameter: **Non-Stored Password
+    Parameter**
+-   Blank passwords are no more masked, avoiding overcrowding the
+    console with stars
+
+## Version 2.5
+
+Release Date: (03/11/2011)
+
+-   New configuration screen (in **Manage Hudson** \> **Configure
+    System**) allowing to select which build parameters have to be
+    masked (**Password Parameter** are selected by default)
+-   Fixed a bug which was preventing to mask passwords containing
+    regular expressions' meta-characters or escape sequences
+
+## Version 2.0
+
+Release Date: (02/23/2011)
+
+-   Builds' **Password Parameter**s are now automatically masked.
+
+## Version 1.0
+
+Release Date: (09/01/2010)
+
+-   Initial release
diff --git a/docs/README.md b/docs/README.md
@@ -0,0 +1,80 @@
+This plugin allows masking passwords that may appear in the console
+
+The current version of this plugin may not be safe to use. Please review
+the following warnings before use:
+
+-   [Plain text passwords shown in global configuration form
+    fields](https://jenkins.io/security/advisory/2019-08-07/#SECURITY-157)
+
+**This plugin is up for adoption.** Want to help improve this plugin?
+[Click here to learn
+more](https://wiki.jenkins.io/display/JENKINS/Adopt+a+Plugin "Adopt a Plugin")!
+
+# About this plugin
+
+This plugin allows masking passwords that may appear in the console,
+including the ones defined as build parameters. This often happens, for
+example, when you use build steps which *can't* handle passwords
+properly. Take a look at the following example.
+
+## Before
+
+Consider you're using an **Invoke Ant** build step to run an Ant target.
+This target requires a password to achieve its goal. You would end up
+having a job configuration like this:
+
+![](docs/images/config-before.png)
+
+Of course, you could have created a variable to store the password and
+use this variable in the build step configuration so that it doesn't
+appear as plain text. But you would still end with a console output like
+this:
+
+![](docs/images/console-before.png)
+
+## After
+
+When activating the **Mask passwords** option in a job, the builds'
+**Password Parameters** (or any other type of build parameters selected
+for masking in **Manage Hudson** \> **Configure System**) are
+automatically masked from the console. Furthermore, you can also safely
+define a list of static passwords to be masked (you can also define a
+list of static password shared by all jobs in Jenkins' main
+configuration screen). As such, the passwords don't appear anymore as
+plain text in the job configuration (plus it is ciphered in the job
+configuration file):
+
+![](docs/images/config-after.png)
+
+Once done, new builds will have the passwords masked from the console
+output:
+
+![](docs/images/console-after.png)
+
+# User guide
+
+First, go to Jenkins' main configuration screen (**Manage Hudson** \>
+**Configure System**) and select, in the **Mask Passwords -
+Configuration** section, which kind of build parameters have to be
+automatically masked from the console output:
+
+![](docs/images/global-settings.png)
+
+Notice that, as of version 2.7, you can also define global passwords
+(defined as pairs of name/password) that can be accessed across all
+jobs.
+
+Then, for a specific job, activate the **Mask passwords** option in the
+**Build Environment** section to mask passwords from the console:
+
+1.  All the password parameters defined for the job will be
+    automatically hidden.
+2.  For each other kind of password (that is, static ones) that may
+    appear in the console output, add an entry (by clicking on the
+    **Add** button) and set the **Password** field.  
+    You may additionally set the **Name** field. If you do so, the
+    password will then be available as a standard variable. It is then
+    possible to refer to this password using this variable rather than
+    keying it in a field which is not ciphered. Take a look at the
+    screenshots above for an example.
+
diff --git a/docs/images/add.svg b/docs/images/add.svg
diff --git a/docs/images/config-after.png b/docs/images/config-after.png
diff --git a/docs/images/config-before.png b/docs/images/config-before.png
diff --git a/docs/images/console-after.png b/docs/images/console-after.png
diff --git a/docs/images/console-before.png b/docs/images/console-before.png
diff --git a/docs/images/error.svg b/docs/images/error.svg
diff --git a/docs/images/global-settings.png b/docs/images/global-settings.png
diff --git a/docs/images/information.svg b/docs/images/information.svg
diff --git a/pom.xml b/pom.xml
@@ -11,7 +11,7 @@
   <packaging>hpi</packaging>
   <name>Mask Passwords Plugin</name>
   <description>Masks passwords that may appear in the console</description>
-  <url>https://wiki.jenkins.io/display/JENKINS/Mask+Passwords+Plugin</url>
+  <url>https://github.com/jenkinsci/mask-passwords-plugin</url>
   <version>2.12.1-SNAPSHOT</version>
 
   <properties>