Enhanced security for the Spot-Jenkins plugin

Many of Spot by NetApp customers run Jenkins as a core part of their CI/CD processes and use it together with Spot’s Elastigroup to deploy jobs running on spot instances. This integration has helped our customers realize up to 90% savings on cloud computing, and seamlessly fits into their existing DevOps workflows. The Spot plugin enables interactions between Elastigroup and Jenkins services using the Spot token, which until recently, was kept as a plain text field in the Jenkins application settings. 

In order to enhance security, we’ve added an option to store the Spot token in an encrypted form on the controller Jenkins instance. From now on, users can store the Spot token as secret text inside the Jenkins credentials store, which minimizes the chances of exposing the token. 

Getting Started

  1. Log into the Jenkins console and install the Spot Plugin from the available plugins list.
  2. Create a Spot API token
  3. Navigate to Spot settings located in the “Configure System” page
  4. Choose “Credentials Store Personal Access Token”
  5. Add a new credential to the credential store (you can also create the credentials via the “Manage Credentials” page)
  6. In the “Kind” field, select “Spot Personal Access Token”

  7. Write the Spot token to the “Personal Access Token” field, select a name to this token in the “Credentials ID” field and click “Add”

  8. Choose the credential you have just created, validate the token and click “Save”

To learn more about our integration with Jenkins, visit our documentation.