In Jenkins, what if you want the jobs created by different groups to be visible only to members within the reorganization? Normally, every user who logs on to Jenkins can see all the jobs, so what if the group management job?
We can use the Role-based Authorization Strategy plug-in to achieve this requirement.
1. Install role-based Authorization Strategy plug-in
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/80/8A/wKioL1dD7Kywqns3AALxTUSK9to668.png "title=" 1.png " alt= "Wkiol1dd7kywqns3aalxtusk9to668.png"/>
2. Configure Authorization policies
System Management ==>configure Global security==> access Control ==> authorization policy ==> Select "role-based strategy"
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/80/8C/wKiom1dD7MKDwsdJAAHwRcUJrC8447.png "title=" 2.png " alt= "Wkiom1dd7mkdwsdjaahwrcujrc8447.png"/>
3. Create user
I have created 4 users here, Teamamanager, Teamamember, Teambmanager, Teambmember.
Teamamanager is team A's project manager,Teamamember is Team A's developer
Teambmanager, Teambmember are project managers and developers for Team B, respectively.
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/80/8C/wKiom1dD72XgKefwAAGoLN4JLjY840.png "title=" 3.png " alt= "Wkiom1dd72xgkefwaagoln4jljy840.png"/>
3. Configure Roles and authorization
System Management >>manage and Assign roles>>manage Roles
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/80/8B/wKioL1dD8PfjJrGIAABl69DnrNE103.png "style=" float: none; "title=" 4.png "alt=" Wkiol1dd8pfjjrgiaabl69dnrne103.png "/>
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/80/8D/wKiom1dD8AaCEmx7AAEKomWkmdA530.png "style=" float: none; "title=" 5.png "alt=" Wkiom1dd8aacemx7aaekomwkmda530.png "/>
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/80/8C/wKioL1dD9DLhVXl0AAgfcOTYPB8162.png "title=" 6.png " alt= "Wkiol1dd9dlhvxl0aagfcotypb8162.png"/>
Go back to the previous page and go to assign roles for configuration
650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M02/80/8C/wKioL1dD9I6RvyfVAAD5A1lQA6Q179.png "title=" 7.png " alt= "Wkiol1dd9i6rvyfvaad5a1lqa6q179.png"/>
650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M02/80/8C/wKioL1dD9bHikeKNAAPtQkJoAks763.png "title=" 8.png " alt= "Wkiol1dd9bhikeknaaptqkjoaks763.png"/>
4, create the project, login verification
Log in to Jenkins with the admin administrator and create a few projects where the project created for Team a teamaapiservice,team B is teambuserservice.
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/80/8D/wKiom1dD9WvjutK_AAHFMR7ws50620.png "title=" 9.png " alt= "Wkiom1dd9wvjutk_aahfmr7ws50620.png"/>
Login Teamamanager account, only see Teamaapiservice This job, which indicates that the regular expression filter is in effect
Login to Teamamember account, you can only see this job, and do not delete the permissions of project
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/80/8E/wKiom1dD9k_DyvtrAAFU-LP8S4Y163.png "style=" float: none; "title=" 10.png "alt=" Wkiom1dd9k_dyvtraafu-lp8s4y163.png "/>
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/80/8C/wKioL1dD90OyX4wfAAGr2ogB0v4029.png "style=" float: none; "title=" 11.png "alt=" Wkiol1dd90oyx4wfaagr2ogb0v4029.png "/>
The same thing with Team B. No more demonstrations. Above is the authority of the entire process and ideas, the company has more than one group to set up the rules of multiple groups. In the future, it is convenient for members to join or remove, add or remove them directly in assign roles.
This article from "Zengestudy" blog, declined reprint!
6. Jenkins uses role-based Authorization strategy plugin to manage project permissions