@oleg-nenashev : on this Cloudbees Enterprise instance I just checked that CloudBees RBAC and RBAC plugins both are installed. Role-based matrix authorization strategy is set which means the CouldBees RBAC is used. Since RBAC is a Closed Source plugin, hence Ownership plugin cannot offer any integrations itself. Thank you It is clear now
@indrgun But yes, no integration with permission checks. Actually Ownership plugin provides the required extension points, hence RBAC can be easily integrated (e.g. if you setup primary and secondary owners there)
btw, is there a way to reuse mock classes from dependent modules? my code depends on
branch-api, and to test it, i'd need a mock implementation
which they already have written
@jordancoll Or you could write real test, e.g. with Jenkins pipeline and GitHub repository from
@LocalData
Hello @oleg-nenashev
I used your plugin , I want to create this scenario:
Note: I am the admin of Jenkins
I used your plugin , I want to create this scenario:
Note: I am the admin of Jenkins
I Create a project in jenkins (done)
I assign this project to a collegue (owner) (done)
He has the visibility only on this project (done with the restriction access plugin)
He is able to assign other collegues to his project ( I want to do this with the ownership plugin, but I can not )
=> The only way that I find until now is to add the other collegues on the matrix table. I don't want to do this, because the matrix table will become very complicated and heavy.
I just want to put the owner of the project in the table and the owner can add and choose the rights to give to the futur user of the project.
Thanks for your answer
Dan
@dassay75 You could grant the ManageOwnership permission to job primary owners using https://github.com/jenkinsci/ownership-plugin/blob/master/doc/OwnershipBasedSecurity.md
its working perfectly :smile:
Hello @oleg-nenashev , I am actually using the ownership plugin to manage my jobs .I have an issue related with the case sensitive . In fact I am using the LDAP , Some users can not read the job because their ID are in lower case. I want to know if there is a solution to disable the case sensitive ? Thanks
@oleg-nenashev Yes I do :worried: . Do you know , when a solution to this issue will be proposed ?
So, there is no any job dsl api call right now to set ownership for Folder, which means that there could be two possible solutions for that:
- Use configure block of job DSL plugin, to inject FolderOwnershipProperty to the list of folder properties
<org.jenkinsci.plugins.ownership.model.folders.FolderOwnershipProperty plugin="ownership@0.10.0">
<ownership>
<ownershipEnabled>true</ownershipEnabled>
<primaryOwnerId>admin</primaryOwnerId>
<coownersIds class="sorted-set">
<string>daspilker</string>
</coownersIds>
</ownership>
</org.jenkinsci.plugins.ownership.model.folders.FolderOwnershipProperty>
This solution could work for most of the cases, but when you run following job dsl script
folder('MyTestFolder') {
configure { folder ->
folder / 'properties' / 'org.jenkinsci.plugins.ownership.model.folders.FolderOwnershipProperty' / 'ownership' {
primaryOwnerId('admin')
ownershipEnabled('true')
coownersIds(class:"sorted-set")
}
}
}
Only<org.jenkinsci.plugins.ownership.model.folders.FolderOwnershipProperty plugin="ownership@0.10.0">
part will be created in config.xml
As a workaround you can call
folder('MyTestFolder') before above script
Hello @oleg-nenashev , I used the ownership plugin , i have an issue when I am configuring the specific access right in the Job (global authorization matrix). this is my scenario , I have a secondary Owner , who do not have the right to configure the Job , but now I want to give to him the right to configure the Job , for that I used the matrix in Job, but It is not working . I don't understand why :(
Yes absolutely , I follow the tutorial to configure th ownership plugin:https://github.com/jenkinsci/ownership-plugin/blob/master/doc/OwnershipBasedSecurity.md . The point it is that I just want to give the "creations and configure rights" to a specific project not to all . This is why i used the matrix rights on a spécific job.
@oleg-nenashev Yes absolutely , I follow the tutorial to configure th ownership plugin:https://github.com/jenkinsci/ownership-plugin/blob/master/doc/OwnershipBasedSecurity.md . The point it is that I just want to give the "creations and configure rights" to a specific project not to all . This is why i used the matrix rights on a spécific job.
Hello @oleg-nenashev , I have a question about the checkout scm used in the pipeline. I want to checkout my git project , only on my slave , but the checkout is made also on the master . Now, on the master , I have a workpsace folder with a big size. Do you have a solution for this issue ? Thanks a lot for your help
@oleg-nenashev I have this kind of error :hudson.plugins.git.GitException: Command "git fetch --tags --progress origin +refs/heads/$BUILD_SOURCE:refs/remotes/origin/$BUILD_SOURCE --prune" returned status code 128:
stdout:
stderr: fatal: Couldn't find remote ref refs/heads/$BUILD_SOURCE
stdout:
stderr: fatal: Couldn't find remote ref refs/heads/$BUILD_SOURCE
I also activate the Lightweight checkout , but not working also :(
Hello! I'm trying to use the ownership plugin together with the github-authentication one. The github-authentication plugin has a feature that allows me to assign permissions to organizations instead of single users, sadly the ownership plugin doesn't allow me to set organizations as project owners. Would be possible to add an integration between the two plugins?
Generally we should revamp the primary owner UI/UX
5 replies
cc @oleg-nenashev