问题
I am using multibranch pipelines in projects with two branches: develop and master. This creates two subprojects, one for each branch:
App_Pipeline
|---master
|---develop
I have set up the Role Strategy plugin to control the authorization (visibility) of the jobs/pipelines depending on the assigned role.
Project Roles:
- manager: Uses a regexp
App_.* - developer: Uses a regexp
App_.*
With my current roles, both types of users see the superproject (App_Pipeline), and can execute both subprojects.
The point is that I want some users (developers) to be able to see and run the develop subproject and some others (managers) to view and run both subprojects, master and develop.
I haven't found a way of configuring this yet, any idea how it can be achieved?
UPDATE: This is the whole context of the problem.
I'm using multibranch pipeline to scan a whole Bitbucket Project giving me:
ORGANIZATION
Repo1
|---master
|---develop
Repo2
|---master
|---develop
Poc-repo1
|---master
|---develop
Poc-repo2
|---master
|---develop
I need to support these cases:
- Some users can read and build ONLY projects with the Poc- prefix. The shouldn't see any other project.
- Other users can read all projects but only build develop branches
- Finally others can read and build all projects
回答1:
It's supported with two-level security structure, example:
rol1 ".\*holaArtifactoryMultibranch.\*" --> read
rol2 ".\*holaArtifactoryMultibranch/master.\*" --> build
Now, you can associate a user/group to rol1 and rol2
UPDATE:
I see your point, if you have an intermediate folder:
rol1 "^FOLDER$" --> read
rol2 "^FOLDER/holaArtifactoryMultibranch.\*$"--> read
You'll see the holaArtifactoryMultibranch folder, but not others.
来源:https://stackoverflow.com/questions/43666659/jenkins-2-multibranch-pipelines-how-can-i-limit-the-visibility-execution-of-br