6. Jenkins uses role-based Authorization strategy plugin to manage project permissions

In Jenkins, what if you want the jobs created by different groups to be visible only to members within the reorganization? Normally, every user who logs on to Jenkins can see all the jobs, so what if the group management job?

We can use the Role-based Authorization Strategy plug-in to achieve this requirement.

1. Install role-based Authorization Strategy plug-in

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/80/8A/wKioL1dD7Kywqns3AALxTUSK9to668.png "title=" 1.png " alt= "Wkiol1dd7kywqns3aalxtusk9to668.png"/>

2. Configure Authorization policies

System Management ==>configure Global security==> access Control ==> authorization policy ==> Select "role-based strategy"

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/80/8C/wKiom1dD7MKDwsdJAAHwRcUJrC8447.png "title=" 2.png " alt= "Wkiom1dd7mkdwsdjaahwrcujrc8447.png"/>

3. Create user

I have created 4 users here, Teamamanager, Teamamember, Teambmanager, Teambmember.

Teamamanager is team A's project manager,Teamamember is Team A's developer

Teambmanager, Teambmember are project managers and developers for Team B, respectively.

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/80/8C/wKiom1dD72XgKefwAAGoLN4JLjY840.png "title=" 3.png " alt= "Wkiom1dd72xgkefwaagoln4jljy840.png"/>

3. Configure Roles and authorization

System Management >>manage and Assign roles>>manage Roles

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/80/8B/wKioL1dD8PfjJrGIAABl69DnrNE103.png "style=" float: none; "title=" 4.png "alt=" Wkiol1dd8pfjjrgiaabl69dnrne103.png "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/80/8D/wKiom1dD8AaCEmx7AAEKomWkmdA530.png "style=" float: none; "title=" 5.png "alt=" Wkiom1dd8aacemx7aaekomwkmda530.png "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/80/8C/wKioL1dD9DLhVXl0AAgfcOTYPB8162.png "title=" 6.png " alt= "Wkiol1dd9dlhvxl0aagfcotypb8162.png"/>

Go back to the previous page and go to assign roles for configuration

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M02/80/8C/wKioL1dD9I6RvyfVAAD5A1lQA6Q179.png "title=" 7.png " alt= "Wkiol1dd9i6rvyfvaad5a1lqa6q179.png"/>

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M02/80/8C/wKioL1dD9bHikeKNAAPtQkJoAks763.png "title=" 8.png " alt= "Wkiol1dd9bhikeknaaptqkjoaks763.png"/>

4, create the project, login verification

Log in to Jenkins with the admin administrator and create a few projects where the project created for Team a teamaapiservice,team B is teambuserservice.

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/80/8D/wKiom1dD9WvjutK_AAHFMR7ws50620.png "title=" 9.png " alt= "Wkiom1dd9wvjutk_aahfmr7ws50620.png"/>

Login Teamamanager account, only see Teamaapiservice This job, which indicates that the regular expression filter is in effect

Login to Teamamember account, you can only see this job, and do not delete the permissions of project

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/80/8E/wKiom1dD9k_DyvtrAAFU-LP8S4Y163.png "style=" float: none; "title=" 10.png "alt=" Wkiom1dd9k_dyvtraafu-lp8s4y163.png "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/80/8C/wKioL1dD90OyX4wfAAGr2ogB0v4029.png "style=" float: none; "title=" 11.png "alt=" Wkiol1dd90oyx4wfaagr2ogb0v4029.png "/>

The same thing with Team B. No more demonstrations. Above is the authority of the entire process and ideas, the company has more than one group to set up the rules of multiple groups. In the future, it is convenient for members to join or remove, add or remove them directly in assign roles.

This article from "Zengestudy" blog, declined reprint!

6. Jenkins uses role-based Authorization strategy plugin to manage project permissions