By default, in Jenkins also has authorization mood that you can only defined to job, view, credential directly..etc. It is not specific to the project that you want to add permission to. To enabled you to set up access right to your pipeline project you need to use this plugin name “Role-based Strategy”. This plugin allow you to set a global role and items role to your project and user.
As my practice I want to create 4 roles as below
- Team leader : they view and build task A, B, C, D
- Web developer : they can view and build only task A,B
- Mobile developer : can use only task F, G
- Word-press developer : can use task H, I
These are my requirements to set up the access right to my pipeline. Why do I need to set up like this ?
Ans: some job you will not allow developer to see and build. It is like job that related to production or any serious problems to your organization.
Now let’s come to the way that I used this plugin to control user and my project.
How to Set Up
Please follow the step below for doing this configuration
Step 1: Make sure that already installed plugins “Role-based Strategy”
Step 2: Enable Role Based Strategy in “Config Global Security”
Step 3: Set up “Global Role”
go to “Manage Jenkins” → “Manage and Assign Role” → “Manage Roles” → Add role to global role
Add role that you want to Global Roles
Step 4: Set up “Item Roles”
Item roles is place where you can defined right for user to access or view the project(job or pipeline) you’ve created. It is accept only Regular Expression.
Example:
- (deployment|task).* : it mean that you will take all project that prefix start from deployment or task
- wr.* : take all project that prefixed wr
After you already added it, you need to check the permission for that role to access project.
*** Noted : if you check the thing like you defined in global role, it will override from global role to your item role.
Step 5: Assume that you already create user
Step 6: Assign user to global role
Step 7: Add user to Item Roles
Step 8: Login to any role that your have create to test the result.
This is just a first article for me in medium, because I faced this problem and I want to share this to everyone that face this problem the same as me.
Cheer !!!… Thank you.
