问题
In Jenkins I have two different projects and two users I want to authorize:
User1 can only view, build, deploy Project1.
User2 can only view, build, deploy Project2.
I have installed role based plugin, but am unable to get it working. Please help.
回答1:
I agree Project Based could solve your problem but it would create headache on administrator if going forward you have 100 users. Then For each user you have to give permissions,which will be a lot of effort and for those who are facing issues with Role based plugin. Here is the solution:-
Step 1:- click on Global configuration under Manage Jenkins.
Step 2:- click on radio button "Role-Based Strategy" and save.
Step 3:- Go to Manage and Assign Roles under Manage Jenkins.
Step 4:- select Manage Roles.
Step 5:- You will see somewhat similar image as
Step 6:- Now add a global role part from admin under "role to add" option and grant Read Permission only.Shown in Blue color
For eg:- Employee in this case
Step 7:- For the above question and below example some assumptions
Test = Project1
check = Project2
Under Project roles:-
Role to add:-developer
Pattern:-Test
This means developer will be able to view only Project "Test".
Pattern is basically your project name.You can use regular expressions also here. For eg:- Pattern:- Tes* then all projects beginning with Tes will have role as developer.
Similarly Add role as tester and Pattern as check,shown under black box,Tester will be able to view only Project "check"
Step 8:- Give the respective permissions view,build etc by check boxes and click on save.
Step 9:- Now go back to Manage Roles and select assign role and you will find something similar to this.
Step 10:- Under Global role add user1 and user2 and check box on to Employee as their role as shown in in the image above in black box.
[NOTE]Every New User/Group has to be added here and given the role of employee or admin.
Step 11:- Under Project Role,
Add user1 and user2 and assign them tester and developer role. As shown in green color.
Click on save.
[NOTE]
Developer will be able to view only Project "Test"
tester will be able to view only Project "check"
回答2:
Matrix Authorization Strategy Plugin is the best option for your case. Very flexible configuration - both global and per project. You'll want to check in the 'Enable project-based security' option in project configuration ( the check box is close to the top of the job's config page ) and then add users/groups for which you want to configure the access permissions. After that use check boxes to set/remove permissions.
回答3:
Finally I solved it, Go to Configure Global Security In Security Realm : select Jenkins’ own user database and Allow users to sign up. then select Project-based Matrix Authorization Strategy . add users with authorization: Overall Read and Job Read. Now save.
Now Create project and in Configuration select Enable project-based security. and add that user to whom you want to provide authorization. For details you can refer: http://www.tothenew.com/blog/jenkins-implementing-project-based-matrix-authorization-strategy/
来源:https://stackoverflow.com/questions/32111825/jenkins-how-to-set-authorization-on-project-basis