Jenkins restrict what nodes a Job can run on

[Matt Wilson]

Is there a way to restrict or lockout the "restrict where this project can be run" selection box for users with config access?

I've got certain users where it would be nice to give them some configuration control of their job, but I really need to keep them off certain slaves.  i.e. I would create the job initially, define a slave/label it can use, then allow a user with config access to make changes to the job (but obviously not make changes to the to the defined node/label).

appreciate any thoughts anyone has on this.

Cheers

[Victor Martinez]

https://wiki.jenkins.io/display/JENKINS/Ownership+Plugin might help you to define who owns those nodes/jobs and so on. 

[Oleg Nenashev]

There are few more simple ways if you just need this feature:

• Use Authorize Project plugin to assign authentication to your builds. Then Just set Computer/Build permissions for you nodes (Can be done in Role Strategy plugin for example)
• Use Job Restrictions Plugin to restrict access to node via Node properties

You can find some pointers to plugins and sample configurations in this slidedeck: https://speakerdeck.com/onenashev/belarus-jenkins-meetup-managing-security-in-jenkins-with-config-as-code-and-roles

BR, Oleg

вторник, 15 августа 2017 г., 15:35:22 UTC+2 пользователь Victor Martinez написал:

[Matt Wilson]

Thanks guys,

I'll take a look at the ownership/Job restrictions plugins.  That might be something that could work.

I'll have to shy away from the Authorize plugin for now as it doesn't play nice with some other plugins and breaks some major credential pugins functionality (or at least it did, maybe its been fixed)

Cheers

Matt