Best IT Recipes

Jenkins restricts viewing tasks to the user

Is there a way to limit the user to viewing only certain tasks in Jenkins.

Jenkins allows the user to be limited in a single project through the “Project-Based Matrix Authorization Strategy”. The problem is that the user cannot access anything without the “General” “Read” setting. This allows them to view all tasks.

Is there another plugin that would limit the work?

+62
jenkins jobs
Nov 30 '11 at 8:41
source share
7 answers

Think this is what you are looking for: Allow access to specific projects for users

Short description without screenshots:
Use Jenkins "Project Matrix Authorization Strategy" in the "Manage Jenkins" => "Configure System" section. On the configuration page of each project, you now have "Enable project-based security." Now add each user you want to authorize.

+55
Mar 29 '12 at 12:29
source share

Only one plugin will help me: role-playing strategy :

wiki.jenkins-ci.org/display/JENKINS/Role+Strategy+Plugin

But the official documentation (wiki.jenkins-ci.org/display/JENKINS/Role+Strategy+Plugin) is not enough.

The following configurations helped me:

http://kblearningacademy.com/configure-role-strategy-plugin-in-jenkins

Basically, you just need to create roles and map them to job names using regular expressions.

+12
Jul 21 '16 at 23:58
source share

You can use the project-based Matrix Auth Strategy and enable the Read Full permission, but disable the Read Job at the system level. After that, you must enable Read Job for each specific project that you want to make visible to the current user. See this resolved issue for more information. Some information from there:

I use READ permission at the job level. When this is done, a user who does not have READ permission for a specific job will not: see this task in any view, be able to directly access the task page, see any link to the task (for example, in the dependencies upstream or downstream)

In addition, I recommend that you go ahead and check out the Role Strategy Plugin . It can simplify user / role management, you can use the above to provide access to specific tasks.

+7
Nov 21
source share

I use a combination of several plugins - for the main role assignment and resolution I use the Role Strategy Plugin .

When I need to divide some role depending on the parameters (for example, everyone who has a worker can run tasks, but the UUU user user allows to run a deployment task for deployment on machine MMM), I use Python Plugin and define a python script as the first step of the assembly and complete with sys.exit (-1), when the task is forbidden to work with a given combination of parameters.

Creating a plugin for custom Vars provides me with information about the user performing the task as environment variables.

eg:

import os import sys print os.environ["BUILD_USER"], "deploying to", os.environ["target_host"] # only some users are allowed to deploy to servers "MMM" mmm_users = ["UUU"] if os.environ["target_host"] != "MMM" or os.environ["BUILD_USER"] in mmm_users: print "access granted" else: print "access denied" sys.exit(-1)
+2
Apr 28 '15 at 18:27
source share

As mentioned above by Vadim Jenkins, "Project-Based Matrix Authorization Strategy" in the "Managing Jenkins" => "Configure System" section. Do not forget to add your administrator there and give all permissions. Now add the limited user there and share it with read access. Then go to the configuration page of each project, now you have the option "Enable project-based security". Now add each user you want to authorize.

+2
Jan 16 '18 at 9:14
source share

Try switching to "Jenkins Management" → "User Management", go to a specific user, edit his / her configuration in the "My Views" section by default.

0
Dec 01 '11 at
source share

You can install the extended read permission plugin. Then, in the Global Settings or in a separate task configuration, you can grant the user Advanced Read permission.

0
Aug 28 '14 at 12:01
source share


More articles:


All Articles