Shared/Multi-tenant Bamboo environment and Bamboo Specs encryption

James Miller September 3, 2019

Hello,

First off, my apologies if I don't explain this very well.  We have a loosely coupled multi-tenant, single instance, Bamboo 6.7.2 environment and would like to use some other mechanism than the System-wide encryption provided where the AES key is stored in $BAMBOO-HOME/xml-data/configuration/cipher. 

https://confluence.atlassian.com/bamboo0607/system-wide-encryption-966045950.htm

 

For example, we have a Bamboo java spec file with an SshTask()

SshTask().authenticateWithPassword("BAMSCRT@0@0@xxxxxndbnxxxxxTaDsxxxx==")

That value is encrypted using the shared cipher under $BAMBOO-HOME, it is conceivable that another group could decrypt that encrypted value. 

We would like a way to somehow use our own cipher/key or ideally, a key per project.

 

There is no other option and our hands are tied, we must work in this 'shared/multi-tenant' Bamboo environment.

Any thoughts, ideas, suggestions with this would be greatly appreciated.

 

Thank you

 

 

0 answers

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events