Feature #5380
closed
projects should be created with minimal secutrity/authentication enabled
Added by Brétel Foudil over 11 years ago.
Updated about 11 years ago.
Assigned To:
Brétel Foudil
- Tracker changed from Bug to Feature
- Subject changed from projects should be created with minimal secutrity enabled to projects should be created with minimal secutrity/authenticcation enabled
- Subject changed from projects should be created with minimal secutrity/authenticcation enabled to projects should be created with minimal secutrity/authentication enabled
- Status changed from New to Assigned
Ok, so here is a sketch of what we want, and how we can achieve it:
Goals:
- security enabled (most probably default to Jenkins’s own user database with Matrix-based security)
- a user account for the corresponding instance admin user
- a regular check that security is enabled
- a cimaster user with
Administer rights (this is needed for administrative tasks such as safe-restart, and statistics)
We will use the
config.xml,
init.groovy script, and
cron. At project creation:
- security is enabled in
config.xml
- an
init.groovy script is created which, on firstRun:
- creates an admin user with an uuid-generated password (to be changed afterwards by the corresponding admin)
- creates a cimaster user with a generic password, and the project's SSH key
/etc/cron.d/jenkinsfarm is edited to add a line for periodically running a groovy script through the groovy jenkins-cli command. This script will check that the security is enabled.
- % Done changed from 0 to 60
- Status changed from Assigned to Closed
- % Done changed from 60 to 100
Issue fixed.
Existing projects will be corrected upon deployment by creating a cimaster user and checking security is enabled.
- % Done changed from 100 to 70
Missing the periodical check part. Update %Done to reflect that.
- % Done changed from 70 to 100
cron for checking security in place.
Also available in: Atom
PDF
Updated by Brétel Foudil