In Jenkins, credentials can be scoped either globally or to a specific folder. Which statement best describes the difference between global and folder-scoped credentials?
Think about who can use the credentials depending on where they are stored.
Global credentials are available to all jobs and folders in Jenkins. Folder-scoped credentials are limited to the folder they are created in and any subfolders, restricting access for better security.
You have a Jenkins folder named ProjectA with a folder-scoped credential named deploy-key. A pipeline inside ProjectA tries to access deploy-key. What will be the result?
Consider the scope of the credential relative to the pipeline location.
Since the credential is scoped to the folder ProjectA and the pipeline is inside that folder, it can access the credential without issues.
A Jenkins pipeline inside folder DevOps tries to use a credential named api-token but fails with 'Credential not found'. The credential exists globally. What is the most likely cause?
Check how the credential is referenced in the pipeline code.
Even if the credential exists globally, if the pipeline script does not correctly reference it (e.g., wrong ID), Jenkins will report 'Credential not found'.
Which workflow correctly ensures that a Jenkins folder-scoped credential is used securely by pipelines inside that folder?
Think about security and ease of management within Jenkins.
Creating credentials scoped to the folder and referencing them by ID in pipelines keeps credentials secure and limits their exposure to only relevant jobs.
What is the best practice to minimize credential exposure when multiple teams share a Jenkins instance but require isolated access to their own credentials?
Consider how Jenkins scopes credentials and permissions.
Using folder-scoped credentials combined with folder permission restrictions ensures teams only access their own credentials, minimizing risk and simplifying management.