|
说到系统软件, 不可少得话题就是权限管理. 这个在jenkins中也不例外......我们就来说说jenkins权限管理这块.....
以下操作均在unix系统上进行, 暂不分享windows上的操作
1: jenkins下载和安装
#wget https://pkg.jenkins.io/redhat/jenkins-2.189-1.1.noarch.rpm
#rpm -ivh jenkins-2.150.2-1.1.noarch.rpm
1:配置
# vi /etc/sysconfig/jenkins
找到修改端口号:
JENKINS_PORT="8080" 此端口不冲突可以不修改
JENKINS_HOME="/home/wqh/tool/jenkins"
# vi /etc/init.d/jenkins
JENKINS_WAR="/home/wqh/war/jenkins/jenkins.war"
2:Jenkins相关启动
# service jenkins start/stop/restart
3:查看初始化登陆密码
# vi /home/wqh/tool/jenkins/secrets/initialAdminPassword
4:jenkins卸载
service jenkins stop
yum clean all
yum -y remove jenkins
rm -rf /var/cache/jenkins
rm -rf /var/lib/jenkins/
5:jenkins 启动时报错:
1:Starting Jenkins bash: /usr/bin/java: No such file or directory
# vim /etc/init.d/jenkins
# 在对应处增加一行:
candidates="
/usr/local/jdk1.8.0_181/bin/java #此处为加入的java路径
/etc/alternatives/java
/usr/lib/jvm/java-1.8.0/bin/java
/usr/lib/jvm/jre-1.8.0/bin/java
/usr/lib/jvm/java-1.7.0/bin/java
/usr/lib/jvm/jre-1.7.0/bin/java
/usr/bin/java
"
# service jenkins start
2:jenkins启动 java.io.IOException: 权限不够
# vi /etc/sysconfig/jenkins
JENKINS_USER="root"
6:jenkins发布报错
1:jenkins Failed to create parent directories for tracking file
# cd /usr/local/apache-maven-3.5.4/
# chmod 777 repository
7:jenkins升级
1: ps aux|grep jenkins 找到jenkins.war安装包位置
2: service jenkins stop
3: rm jenkins.war
4: 升级包: wget http://mirrors.jenkins.io/war-stable/latest/jenkins.war 替换原来的war包
8:jenkins初始化密码修改
# cd /home/wqh/tool/jenkins
# vi config.xml
# <passwordHash>#jbcrypt:$2a$10$LxMm9HqAI/R4z7gL57qTouW/Mrz8uSaBpCGKvKc7K6dK.g/0yk/uq</passwordHash>
# 重启jenkins
9:jenkins权限配置admin账户无Overall/Read权限
# vi config.xml
#
<authorizationStrategy class="hudson.security.ProjectMatrixAuthorizationStrategy">
<permission>hudson.model.Hudson.Administer:anonymous</permission>
<permission>hudson.model.Hudson.ConfigureUpdateCenter:anonymous</permission>
<permission>hudson.model.Hudson.Read:anonymous</permission>
<permission>hudson.model.Hudson.RunScripts:anonymous</permission>
<permission>hudson.model.Hudson.UploadPlugins:anonymous</permission>
</authorizationStrategy>
# 重启jenkins服务
一般文章都会过掉上述安装..理由是很简单, 安装虽简单,但是有时候出现问题,却很难找,本文记载下,以供有些同学需求,没碰到的请略过🙂...进入正题
2:jenkins权限配置
1:jenkins插件"Role-based Authorization Strategy"
jenkins ---> Manage Jenkins ---> Manage Plugins ---> 可选插件
2:插件启用
jenkins ---> Manage Jenkins ---> Configure Global Security
3:权限配置
启用策略后,在jenkins ---> Manage Jenkins下会出现"Manage and Assign Roles",进去后是这样的
这里先来说说我们jenkins-item,如下图,测试环境
看到test-*-*的格式没有?这里很重要,下面要用到
1: 管理角色
格列选项的意思,..就按字面意思来,基本也算准确...有特殊要求的,可以单独问我.或者自行百度,都是可以的
上面截图的意思,可以理解为有dev/prd/test角色, 他们都有查看权限
dev角色管理dev开头的项目, prd管理prd开头的的项目, test管理test开头的项目
2:分配角色
如上图,我们有个scott用户,把它分配到test角色和test项目权限上面,点击保存.
用scott登陆,看到的结果
| 
转播
