You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardexpand all lines: README.adoc
+13-2
Original file line number
Diff line number
Diff line change
@@ -127,6 +127,11 @@ The same auto-injection behavior is available for the https://github.com/gradle/
127
127
128
128
The auto-injection is split into several levels to have fine-grained control over the enablement of this feature.
129
129
130
+
[IMPORTANT]
131
+
=====
132
+
Develocity `2024.1` or above is required starting from version `2.12` and above. See <<_short_lived_access_tokens>> for more infos.
133
+
=====
134
+
130
135
==== Global
131
136
132
137
To globally enable the auto-injection, click the `Enable auto-injection` checkbox in the `Develocity integration` section of the global options in the `Manage Jenkins/Configure System` section.
@@ -231,8 +236,14 @@ Whether to allow publishing to a server with a self-signed certificate.
231
236
232
237
`Develocity access key` +
233
238
The access key for authenticating with the Develocity server.
234
-
The access key is stored encrypted within the Jenkins instance. During the job execution, the access key is decrypted and set as `GRADLE_ENTERPRISE_ACCESS_KEY` environment variable.
235
-
Refer to the https://docs.gradle.com/enterprise/gradle-plugin/#via_environment_variable[Develocity Gradle plugin manual] and the https://docs.gradle.com/enterprise/maven-extension/#via_environment_variable[Develocity Maven Extension manual] for more details about this configuration.
239
+
The access key is stored encrypted within the Jenkins instance. During the job execution, the access key is decrypted and used to get a short-lived token from the Develocity server.
240
+
241
+
[#_short_lived_access_tokens]
242
+
==== Short-lived access tokens
243
+
Develocity access keys are long-lived, creating risks if they are leaked. To avoid this, users can use short-lived access tokens to authenticate with Develocity. Access tokens can be used wherever an access key would be used. Access tokens are only valid for the Develocity instance that created them.
244
+
If a short-lived token fails to be retrieved (for example, if the Develocity server version is lower than `2024.1`), no access key will be set.
245
+
In that case, Develocity authenticated operations like build cache read/write and build scan publication will fail without failing the build.
246
+
For more information on short-lived tokens, see https://docs.gradle.com/develocity/api-manual/#short_lived_access_tokens[Develocity API documentation].
0 commit comments