2

I have a little problem. I currently have the Microsoft AD plugin on my Jenkins with which all users can log in.

Additionally, I installed the plugin RoleBasedStrategy to set permissions for the users. Now I've come across the following problem:

I would like that all users have access to all projects but not to the credentials of the users e.g. for Github or Bitbucket. Is it possible to create "Private" credentials for each individual user? I do not want user A to be able to use credentials of user B for his project.

At the same time I also encountered the problem that every user can select all credentials they added to Jenkins. How can I solve the problem without granting or not granting access to each user for each project?

  • Voted to migrated to Stack Overflow because this question is not specific to Unix or Linux - it could equally be applied to a Jenkins instance running on Windows. – jayhendren Jun 29 '18 at 17:24
  • Why [SO]?  This is a user question, and has nothing to do with programming.  If it’s not specific to Unix&Linux, it belongs on [SU]. – G-Man Says 'Reinstate Monica' Jun 30 '18 at 00:25
  • @G-Man because Stack Overflow has a far, far more active Jenkins community than any other SE network site (I follow the tags on all of them). Even if the question is not strictly about programming, Jenkins is a programming and software development tool. Like other programming tools such as Git, Stack Overflow has lots of existing questions, answers, and knowledgable users in the domain of Jenkins. – jayhendren Jun 30 '18 at 05:26

1 Answers1

0

You can certainly do private credentials per-user. Each user has their own credentials store which can be accessed by navigating to the user's profile via their username in the top-right, then the left-hand sidebar will have a link for "credentials" which can be used to manage a users' credentials.

There is another helpful answer over on a similar question on Stack Overflow detailing how to use user credentials from within a job. To copy-paste the useful part of the answer:

In short: You need to

  • install and activate the Authorize Projects Plugin,
  • enable "run as specific user" strategy in global security settings,
  • enable this for the project in question.
jayhendren
  • 510