According to the doc:
public : boolean
false . If set to
true , the build log of this job will be viewable by unauthenticated users. Unauthenticated users will always be able to see the inputs, outputs, and build status history of a job. This is useful if you would like to expose your pipeline publicly without showing sensitive information in the build log.
My understanding was that, if a job set
public: true, then everybody should be able to view its build logs. But I found that doesn’t work as my expectation. A job even has
public: true, other teams’ users are not able to view build logs of the job.
It seems that
public: true has to work together with exposing pipeline. If a pipeline is exposed, then if
public: true, then everyone can view its build logs.
As a shared Concourse cluster, we don’t want to ask every team to expose pipelines, otherwise the default dashboard will be messy. But we still want un-logged-in user to be able to view build logs.