What's behavior of `public: true`?


According to the doc:

public : boolean

Optional. Default false . If set to true , the build log of this job will be viewable by unauthenticated users. Unauthenticated users will always be able to see the inputs, outputs, and build status history of a job. This is useful if you would like to expose your pipeline publicly without showing sensitive information in the build log.

My understanding was that, if a job set public: true, then everybody should be able to view its build logs. But I found that doesn’t work as my expectation. A job even has public: true, other teams’ users are not able to view build logs of the job.

It seems that public: true has to work together with exposing pipeline. If a pipeline is exposed, then if public: true, then everyone can view its build logs.

As a shared Concourse cluster, we don’t want to ask every team to expose pipelines, otherwise the default dashboard will be messy. But we still want un-logged-in user to be able to view build logs.