LDAP integration for jenkins
Change-Id: I23a63088e58fab72cb31f85d849a23b682a6c3c3
diff --git a/jenkins/client/init.yml b/jenkins/client/init.yml
index 41e639d..e7c56ec 100644
--- a/jenkins/client/init.yml
+++ b/jenkins/client/init.yml
@@ -28,6 +28,7 @@
gerrit-trigger: {}
git: {}
heavy-job: {}
+ ldap: {}
matrix-auth: {}
monitoring: {}
pipeline-utility-steps: {}
diff --git a/jenkins/client/security/ldap.yml b/jenkins/client/security/ldap.yml
index 8b7b97b..76126ed 100644
--- a/jenkins/client/security/ldap.yml
+++ b/jenkins/client/security/ldap.yml
@@ -1,7 +1,14 @@
parameters:
+ _param:
+ jenkins_security_ldap_manager_dn: ''
+ jenkins_security_ldap_manager_password: ''
+ jenkins_security_ldap_user_search_filter: '(|(uid={0})(cn={0}))'
jenkins:
client:
security:
ldap:
server: ${_param:jenkins_security_ldap_server}
- root_dn: ${_param:jenkins_security_root_dn}
+ root_dn: ${_param:jenkins_security_ldap_root_dn}
+ manager_dn: ${_param:jenkins_security_ldap_manager_dn}
+ manager_password: ${_param:jenkins_security_ldap_manager_password}
+ user_search: ${_param:jenkins_security_ldap_user_search_filter}
diff --git a/jenkins/client/security/matrix.yml b/jenkins/client/security/matrix.yml
new file mode 100644
index 0000000..4c3c8a9
--- /dev/null
+++ b/jenkins/client/security/matrix.yml
@@ -0,0 +1,48 @@
+parameters:
+ _param:
+ # Full admin access
+ jenkins_security_matrix_admins:
+ - ${_param:jenkins_client_user}
+ # Read only access
+ jenkins_security_matrix_read: []
+ # Read + permissions to build jobs
+ jenkins_security_matrix_build: []
+ # Build permissions + create/delete, whatever.
+ jenkins_security_matrix_write:
+ - ${_param:jenkins_client_user}
+
+ jenkins:
+ client:
+ security:
+ matrix:
+ permissions:
+ Jenkins:
+ ADMINISTER: ${_param:jenkins_security_matrix_admins}
+ READ: ${_param:jenkins_security_matrix_read}
+ hudson:
+ model:
+ Item:
+ BUILD: ${_param:jenkins_security_matrix_build}
+ CANCEL: ${_param:jenkins_security_matrix_build}
+ CONFIGURE: ${_param:jenkins_security_matrix_write}
+ CREATE: ${_param:jenkins_security_matrix_write}
+ DELETE: ${_param:jenkins_security_matrix_write}
+ DISCOVER: ${_param:jenkins_security_matrix_build}
+ EXTENDED_READ: ${_param:jenkins_security_matrix_build}
+ WIPEOUT: ${_param:jenkins_security_matrix_write}
+ WORKSPACE: ${_param:jenkins_security_matrix_write}
+ READ: ${_param:jenkins_security_matrix_read}
+ Run:
+ DELETE: ${_param:jenkins_security_matrix_write}
+ ARTIFACTS: ${_param:jenkins_security_matrix_write}
+ UPDATE: ${_param:jenkins_security_matrix_write}
+ View:
+ READ: ${_param:jenkins_security_matrix_read}
+ com:
+ sonyericsson:
+ hudson:
+ plugins:
+ gerrit:
+ trigger:
+ PluginImpl:
+ RETRIGGER: ${_param:jenkins_security_matrix_build}