对我来说,下面的groovy代码正在编程配置Jenkins'全局安全部分中的Authorize Project Plugin。我将脚本放在Jenkins的init.groovy.d/目录中,以便在每次启动时触发它。
import jenkins.*
import jenkins.model.*
import hudson.model.*
import jenkins.model.Jenkins
import org.jenkinsci.plugins.authorizeproject.*
import org.jenkinsci.plugins.authorizeproject.strategy.*
import jenkins.security.QueueItemAuthenticatorConfiguration
def instance = Jenkins.getInstance()
// Define which strategies you want to allow to be set per project
def strategyMap = [
(instance.getDescriptor(AnonymousAuthorizationStrategy.class).getId()): true,
(instance.getDescriptor(TriggeringUsersAuthorizationStrategy.class).getId()): true,
(instance.getDescriptor(SpecificUsersAuthorizationStrategy.class).getId()): true,
(instance.getDescriptor(SystemAuthorizationStrategy.class).getId()): false
]
def authenticators = QueueItemAuthenticatorConfiguration.get().getAuthenticators()
def configureProjectAuthenticator = true
for(authenticator in authenticators) {
if(authenticator instanceof ProjectQueueItemAuthenticator) {
// only add if it does not already exist
configureProjectAuthenticator = false
}
}
if(configureProjectAuthenticator) {
authenticators.add(new ProjectQueueItemAuthenticator(strategyMap))
}
instance.save()
他们的插件javadoc有助于了解这些类。此外,我看看他们在github上的测试,找出如何在Jenkins中配置这些对象。
从现在开始,我可以通过JobDSL插件这样的设置作业的授权规则:
job("SEED/SeedMainJobs") {
properties {
authorizeProjectProperty {
strategy {
triggeringUsersAuthorizationStrategy()
}
}
}
...
}
检查生成的XML,如果JobDSL插件没有提供此一步骤(还没有找到任何),然后使用['configure'](https://jenkinsci.github.io/job-dsl-plugin/#path/multibranchPipelineJob-configure)步骤手动制作XML。 – StephenKing
谢谢。这应该够了吧。我现在有一个完全自动化的Jenkins设置。现在生活很好! – Gerb
请将结果代码发布为答案。我也会对结果感兴趣! – StephenKing