Menu
I have a situation where I would like to alter the contents of a choice parameter in a Jenkins parametrised build.
In my case I would like one project for deploying the application 'Deploy My App'. When building this project the user is presented with a choice parameter. I would like to alter the contents of this list depending on a user role. i.e. someone with the 'dev_deploy' role will be able to see the dev environments, someone with the 'test_deploy' role will be able to see the test environments etc.
I am currently using the Extensible Choice Parameter plugin and the Role-based Authorization Strategy plugin.
I know that I can write some groovey script to generate the list items for the choice.
def result = ["-------"]
def roles=??????
if(roles.get('dev_deploy') {
//Add dev environments
result.add('dev1')
....
}
if(roles.get('test_deploy') {
//Add test environments
result.add('test1')
....
}
return result
I just can't figure out who to get hold of the users roles?
Anyone know how I might do this, or have different solution to the problem?
Many thanks
701
To install this plugin, you simply need to go to your jenkins instance and navigate to “/pluginManager/available”, and then search for “Extended Choice Parameter Plug-in” in the search box. Be careful! There is another plugin called “Extensible Choice Parameter Plug-in”.
The Role-Based Access Control authorization strategy is enabled from the global security configuration screen (Manage Jenkins → Configure Global Security) by selecting the Role-based matrix authorization strategy from the Authorization selections (that are displayed when the Enable Security checkbox is enabled) and ...
OK, after a few more searches I came across the source (https://github.com/jenkinsci/role-strategy-plugin/tree/master/src/main/java/com/michelin/cio/hudson/plugins/rolestrategy)
After further reading and a bit of playing around I came up with this...
import com.michelin.cio.hudson.plugins.rolestrategy.*
def result = ["-- Please Select --"]
def authStrategy = jenkins.model.Jenkins.instance.getAuthorizationStrategy()
if(authStrategy instanceof RoleBasedAuthorizationStrategy){
def currentUser = jenkins.model.Jenkins.instance.getAuthentication().getName();
def roleMap= authStrategy.roleMaps.get("globalRoles")
def sids= roleMap.getSidsForRole("Manage_Dev")
if(sids != null && sids.contains(currentUser)) {
result.add("dev1")
...
}
sids= roleMap.getSidsForRole("Manage_Test")
if(sids != null && sids.contains(currentUser)) {
result.add("tst1")
...
}
...
}
return result
Which works for me. Easy when you know how!
80
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With