Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
Indra Gunawan
@indrgun
@oleg-nenashev Thank you
Oleg Nenashev
@oleg-nenashev
@indrgun Do not get the previous sentence
Indra Gunawan
@indrgun
@oleg-nenashev : on this Cloudbees Enterprise instance I just checked that CloudBees RBAC and RBAC plugins both are installed. Role-based matrix authorization strategy is set which means the CouldBees RBAC is used. Since RBAC is a Closed Source plugin, hence Ownership plugin cannot offer any integrations itself. Thank you It is clear now
Oleg Nenashev
@oleg-nenashev
@indrgun Yes, but integration of Ownership plugin with other components works correctly. Hence you can assign ownership in the web UI, use variables in jobs, manage Job Restrictions, etc.
@indrgun But yes, no integration with permission checks. Actually Ownership plugin provides the required extension points, hence RBAC can be easily integrated (e.g. if you setup primary and secondary owners there)
Jordan Coll
@jordancoll
@oleg-nenashev hey, submitted that PR we were talking about, think you can take a look at it?
Oleg Nenashev
@oleg-nenashev
@jordancoll Yeah, it is in my TODO list
Jordan Coll
@jordancoll
:thumbsup:
Jordan Coll
@jordancoll
@oleg-nenashev hey, did you catch my comment on #63
Oleg Nenashev
@oleg-nenashev
@jordancoll Sorry, I have missed this action item. Looking
Oleg Nenashev
@oleg-nenashev
@jordancoll just do not hesitate to ping me. Too much ToDos on the plate, I always miss something
Jordan Coll
@jordancoll
@oleg-nenashev sure, thanks.
btw, is there a way to reuse mock classes from dependent modules? my code depends on branch-api, and to test it, i'd need a mock implementation
which they already have written
Oleg Nenashev
@oleg-nenashev
@jordancoll If it is withnin src/test, then there is no trivial way. You could convince the plugin maintainers to add the test JAR to the release, but it requires some time. Maybe just copy-paste with TODO
@jordancoll Or you could write real test, e.g. with Jenkins pipeline and GitHub repository from @LocalData
Jordan Coll
@jordancoll
:ok_hand:
dassay75
@dassay75
Hello @oleg-nenashev
I used your plugin , I want to create this scenario:
Note: I am the admin of Jenkins
I Create a project in jenkins (done)
I assign this project to a collegue (owner) (done)
He has the visibility only on this project (done with the restriction access plugin)
He is able to assign other collegues to his project ( I want to do this with the ownership plugin, but I can not )
=> The only way that I find until now is to add the other collegues on the matrix table. I don't want to do this, because the matrix table will become very complicated and heavy.
I just want to put the owner of the project in the table and the owner can add and choose the rights to give to the futur user of the project.
Thanks for your answer
Dan
Oleg Nenashev
@oleg-nenashev
@dassay75 You could grant the ManageOwnership permission to job primary owners using https://github.com/jenkinsci/ownership-plugin/blob/master/doc/OwnershipBasedSecurity.md
dassay75
@dassay75
Thanks @oleg-nenashev
its working perfectly :smile:
Oleg Nenashev
@oleg-nenashev
@dassay75 yw
Serhii Shepel
@sshepel
Hi folks, can someone help me with job dsl and ownership plugin
Oleg Nenashev
@oleg-nenashev
@sshepel what's the problem with it?
dassay75
@dassay75
Hello @oleg-nenashev , I am actually using the ownership plugin to manage my jobs .I have an issue related with the case sensitive . In fact I am using the LDAP , Some users can not read the job because their ID are in lower case. I want to know if there is a solution to disable the case sensitive ? Thanks
Oleg Nenashev
@oleg-nenashev
@dassay75 do you use Role Strategy as a security engine? If yes, it does not support case insensitivity right now
dassay75
@dassay75
Yes I do :worried: . Do you know , when a solution to this issue will be proposed ?
@oleg-nenashev Yes I do :worried: . Do you know , when a solution to this issue will be proposed ?
Oleg Nenashev
@oleg-nenashev
@dassay75 when somebody proposes it :) there is old pull request from me, but it needs to be finalized
dassay75
@dassay75
@oleg-nenashev Thanks Oleg for your answer
Oleg Nenashev
@oleg-nenashev
Yw. Feel free to pick this pull request and to try it
dassay75
@dassay75
@oleg-nenashev Can you send me the url of the PR please?
Oleg Nenashev
@oleg-nenashev
@dassay75 jenkinsci/role-strategy-plugin#5
Serhii Shepel
@sshepel

So, there is no any job dsl api call right now to set ownership for Folder, which means that there could be two possible solutions for that:

  1. Use configure block of job DSL plugin, to inject FolderOwnershipProperty to the list of folder properties

<org.jenkinsci.plugins.ownership.model.folders.FolderOwnershipProperty plugin="ownership@0.10.0"> <ownership> <ownershipEnabled>true</ownershipEnabled> <primaryOwnerId>admin</primaryOwnerId> <coownersIds class="sorted-set"> <string>daspilker</string> </coownersIds> </ownership> </org.jenkinsci.plugins.ownership.model.folders.FolderOwnershipProperty>

This solution could work for most of the cases, but when you run following job dsl script

folder('MyTestFolder') { configure { folder -> folder / 'properties' / 'org.jenkinsci.plugins.ownership.model.folders.FolderOwnershipProperty' / 'ownership' { primaryOwnerId('admin') ownershipEnabled('true') coownersIds(class:"sorted-set") } } }

Only
<org.jenkinsci.plugins.ownership.model.folders.FolderOwnershipProperty plugin="ownership@0.10.0">
part will be created in config.xml

As a workaround you can call folder('MyTestFolder') before above script
dassay75
@dassay75
Hello @oleg-nenashev , I used the ownership plugin , i have an issue when I am configuring the specific access right in the Job (global authorization matrix). this is my scenario , I have a secondary Owner , who do not have the right to configure the Job , but now I want to give to him the right to configure the Job , for that I used the matrix in Job, but It is not working . I don't understand why :(
Oleg Nenashev
@oleg-nenashev
@dassay75 have you configured a role macro in Role Strategy for it?
dassay75
@dassay75
Yes absolutely , I follow the tutorial to configure th ownership plugin:https://github.com/jenkinsci/ownership-plugin/blob/master/doc/OwnershipBasedSecurity.md . The point it is that I just want to give the "creations and configure rights" to a specific project not to all . This is why i used the matrix rights on a spécific job.
@oleg-nenashev Yes absolutely , I follow the tutorial to configure th ownership plugin:https://github.com/jenkinsci/ownership-plugin/blob/master/doc/OwnershipBasedSecurity.md . The point it is that I just want to give the "creations and configure rights" to a specific project not to all . This is why i used the matrix rights on a spécific job.
dassay75
@dassay75
Hello @oleg-nenashev , I want to use API related to the ownership plugin to add a user to a folder. It is possible ??
Oleg Nenashev
@oleg-nenashev
@dassay75 WDYM under "add user to a folder"? Add him as a secondary owner or what?
dassay75
@dassay75
Hello @oleg-nenashev , I have a question about the checkout scm used in the pipeline. I want to checkout my git project , only on my slave , but the checkout is made also on the master . Now, on the master , I have a workpsace folder with a big size. Do you have a solution for this issue ? Thanks a lot for your help
Oleg Nenashev
@oleg-nenashev
@dassay75 If you use 'git' step, checkout will happen on the agent only. Maybe you use Git branch source , then it will have to checkout on the master to read Jenkinsfile. Use more advanced impls like GitHub Branch source
dassay75
@dassay75
@oleg-nenashev Thanks for your answer , as you said , I am using the git parameter , because I have multiple branches .
@oleg-nenashev I have this kind of error :hudson.plugins.git.GitException: Command "git fetch --tags --progress origin +refs/heads/$BUILD_SOURCE:refs/remotes/origin/$BUILD_SOURCE --prune" returned status code 128:
stdout:
stderr: fatal: Couldn't find remote ref refs/heads/$BUILD_SOURCE
I also activate the Lightweight checkout , but not working also :(
Gabriele C.
@sgdc3
Hello! I'm trying to use the ownership plugin together with the github-authentication one. The github-authentication plugin has a feature that allows me to assign permissions to organizations instead of single users, sadly the ownership plugin doesn't allow me to set organizations as project owners. Would be possible to add an integration between the two plugins?
Gabriele C.
@sgdc3
Oleg Nenashev
@oleg-nenashev
@sgdc3 yes, it might be possible to implement
Generally we should revamp the primary owner UI/UX