Is there a hudson plugin to add multi-user functionality ?
Users can create new account and run their own remote tasks.
Users can stop, delete, kill their tasks.
Also, is there a way to control what the user sees ?
Multi-user functionality is included in Hudson by default. See the following article for details: http://wiki.hudson-ci.org/display/HUDSON/Standard+Security+Setup
Related
I have a Jenkins job which uses HTML publisher plugin and executes selenium automation cases and generates a HTML test result report link on Jenkins job details page. i want to pass this HTML report link to stakeholder who can view the report without logging in to Jenkins server but the problem is all the stakeholders may not have Jenkins account/login setup so is there a way to bypass the authentication part and directly access the html report link(make the report public) which is on Jenkins.
any help highly appreciated..
you can configure this from global security setting in Jenkins. if you are Admin you will have access to this, if not you need to ask your Jenkins Admin for it.
http://<JenkinsHost>/configureSecurity/
Give read-only permission to Anonymous Users for Job should fix the issue. I haven't tested it but it should work I guess.
Caveat: if Jenkins is deployed on public domain or cloud anyone having access to Jenkins URL will be able to see your job and all the important information mentioned in Job Config. So I would not suggest to do it. if it's on private domain, I don't see much risk.
I have a Linux based Web Server running Fedora. I have created and hosted couple of HTML pages on that.
I have info providing CLI tools that run on this server but must be accessible to all users from their browsers
I haven't started and these are my requirements
How do I provide that servers shell (BASH) via HTML page? What are the softwares that make it possible?
Can I provide auto-login enabled shell?
I just want to avoid multiple users having to open SSH sessions to the server. Also I can provide instructions and terminal access hand in hand using HTML pages.
ShellInABox appears to provide a colored terminal interface to browsers via Ajax. (homepage) Since it runs as a separate webserver, you may need to link your users to a different port on your site. There are surely more alternatives (other projects like this) out there.
The following advice applies regardless whether you use ShellInABox or continue to provide ssh access.
If you don't fully know and trust all your users, then assume at least one of them is a whizzkid cracker, determined to crash or break into your system. The first thing he may try to do is log in and run a forkbomb.
You should therefore do your best to sandbox users, so they cannot harm the system or each other. Restrict their access privileges (file/folder/network access) to only what is needed to achieve the tasks you allow. SELinux and AppArmor have facilities for this. You can find some more sandboxing techniques here and here. Docker is a new system that may be worth investigating.
It would be very wise to host your login server on a separate or virtual machine, distinct from your main webserver, so that any user who does manage to break out of the sandbox will not be on the same machine as your other services. (But note he will still be inside your LAN!) User-mode-linux is a less secure alternative and chroot is worse still, but better than nothing!
If users should be able to save files, then I would recommend giving each user a separate account, especially if their files should persist between sessions. Of course, as a workaround for auto-login you could provide a guest account with password guest555 for all users, but then a malicious user could bother others by deleting files or putting nasty stuff in the shell startup scripts. (I certainly don't recommend guest/guest because crackers regularly scan the net for ssh servers hosting that account!)
I want to do authentication for my SVN server through Apache Web Server by mod_dav_svn. Authentication users I want to use MySql since later I want to extend other functions later on.
I've follow this instruction and it's working out correctly and perfect for me
SVN Authentication using MySQL
But what happen since I want to define group of user with read-only and other groups read-write permission.
I'm out of ideas so please help me :) .
PS: AuthzSVNAccessFile dynamic editing would take too much of effort :'(
From what I have read if you are going to use the open source subversion server, your options are limited to modifying the access file as you were hesitant to do.
The issue is mentioned here, although in regards to LDAP auth: https://serverfault.com/questions/188023/webinterface-for-configuring-svn-access-in-mod-dav-svn
My advice is to set up a cron job to automatically generate the auth file on a regular interval.
i have a question. I use VSS (SourceSafe) Plugin in Hudson. But I don't have rights for a file. If I start my job, I have the following error: "Access to file ... denied" and Hudson stops the build. How can I ignore this error and continue the build ? Thank You in advance.
Without knowing the specifics, you will have to tell Visual SourceSafe to ignore that file for the specific user being used so that the file isn't retrieved when the job is started. Otherwise, you will have to get the necessary permissions to retrieve the file. I doubt there is anything you can do in Hudson to prevent the build from failing.
The plug-in configuration allows you to specify the user that accesses the SourceSafe repository. Normally what you should do is create a CI/build user and use that information to get access to any files involved in the build.
You can verify the user has access by attempting to open the 'srcsafe.ini' file over the network using that same information. If it works, you should be able to retrieve files from VSS via Hudson. If it doesn't, then you'll have to poke around more in your environment.
Basically, just make sure you can get things running manually first using the same account information before you try and integrate your build into Hudson.
I have bit of experience in running a simple build upon every SVN commit (it is a piece of cake)
Regarding deployment of the war to a remote production server via
Hudson, there seem to be some alternatives:
use the 'deploy' target in the app's build.xml
use the deploy-plugin of Hudson
which I fail to get working :(
What is the simplest way to do a remote deployment to Tomcat?
Are there any examples available?
And what about release management? How do we tag our releases in
your SCM?
I use Maven for builds.
Since I am working with WAS I use the WAS Builder Plugin for deployment. However, I could also just fire up a batch/shell script for deployment. My current approach is to use slaves that run on the target machine where I want to deploy and assign my deployment jobs to them.
For tagging you can use whatever you prefer. The are 3 basic options:
Let maven do it
run a command line command
use a Hudson plugin
We use subversion, so the Subversion Tagging Plugin would be a natural match. However, we don't use Hudson for tagging right now. However, there are several plugins out there for different SCMs. I usually prefer a plugin over a command line, one reason is that company policy forbids to store passwords unencrypted and it is usually fairly easy to configure.
Our strategy has been to combine the promoted builds plugin and the deploy plugin in hudson. Then, when something is "promoted," send an email and do the deployment. The deployment plugin is cargo based and works with a variety of web and app servers.
Maybe post a little info about why the deploy plugin isn't working for you?