Configuring Content Security Policy for Jenkins in Helm Charts

Question

A while ago, Jenkins introduced CSP header which is very restrictive in terms of protecting user from malicious HTML/JS files. It's possible to relax this rules by temporarily changing "hudson.model.DirectoryBrowserSupport.CSP" property in Jenkins' Script Console, shown for instance here: Jenkins Content Security Policy

However, I would like to have it set permanently. Unfortunately, I'm yet to find how it should be done properly if someone's using Helm Charts to define Jenkins. Does anyone have working solution?

Any help appreciated.

score 0 · Answer 1 · answered May 31 '22 at 10:39

0

You can do this using the javaOpts property of the controller.

controller:
  javaOpts: -Dhudson.model.DirectoryBrowserSupport.CSP="..."

https://github.com/jenkinsci/helm-charts/blob/jenkins-4.1.3/charts/jenkins/values.yaml#L88

answered May 31 '22 at 10:39

Ozmodiar

136
1
3

score 0 · Answer 2 · answered Nov 15 '22 at 16:45

0

I thinks you can use this parameter

controller:
  jenkinsOpts: -Dhudson.model.DirectoryBrowserSupport.CSP="..."

answered Nov 15 '22 at 16:45

fajarhide

423
5
7

Configuring Content Security Policy for Jenkins in Helm Charts

2 Answers2