Manual Promotion and Upstream Promotion Criteria along with Role Strategy plugin
296 views
Skip to first unread message
deevant07
Aug 22, 2013, 8:41:45 AM8/22/13
to jenkins...@googlegroups.com
Hi,
I have the following scenario.
A build job is created. On successful build i want the build to be promoted
by a particular role( "DEV Approvers" - Using Role Strategy Plugin ) to
environment say DEV. On successful completion of DEV promotion i want that
build to be enabled for promotion to next level(say UAT) only to particular
role say "UAT-Aproovers". Subsequently the next levels...
I have used Promoted builds plugin along with Role Strategy plugin. Although
this works to some extent but it does not provide me the exact behavior as
explained above.
1. Job is given access to role "build" with build permission. It allows
users with build role to execute the build.
2. Job is given access to role "DEV Approvers" with promote permission. It
does not give users of "DEV Approvers" the option "Approve Button" but
rather it gives "Force Promotion" Option.
3. Similarly, Job is given access to role "UAT Approvers" with promote
permission. It does not give users of "UAT Approvers" the option "Approve
Button" but rather it gives "force promotion"
Now if the step 2 is not executed then i dont want to allow the step 3 to be
executed but in my case step 3 is executing even though i have given the
criteria "When the following upstream promotions are promoted" with step 2
promotion label.
Can someone help with a solution or any workaround?
Thanks,
Deevan
--
View this message in context: http://jenkins-ci.361315.n4.nabble.com/Manual-Promotion-and-Upstream-Promotion-Criteria-along-with-Role-Strategy-plugin-tp4676887.html
Sent from the Jenkins users mailing list archive at Nabble.com.
I have the following scenario.
A build job is created. On successful build i want the build to be promoted
by a particular role( "DEV Approvers" - Using Role Strategy Plugin ) to
environment say DEV. On successful completion of DEV promotion i want that
build to be enabled for promotion to next level(say UAT) only to particular
role say "UAT-Aproovers". Subsequently the next levels...
I have used Promoted builds plugin along with Role Strategy plugin. Although
this works to some extent but it does not provide me the exact behavior as
explained above.
1. Job is given access to role "build" with build permission. It allows
users with build role to execute the build.
2. Job is given access to role "DEV Approvers" with promote permission. It
does not give users of "DEV Approvers" the option "Approve Button" but
rather it gives "Force Promotion" Option.
3. Similarly, Job is given access to role "UAT Approvers" with promote
permission. It does not give users of "UAT Approvers" the option "Approve
Button" but rather it gives "force promotion"
Now if the step 2 is not executed then i dont want to allow the step 3 to be
executed but in my case step 3 is executing even though i have given the
criteria "When the following upstream promotions are promoted" with step 2
promotion label.
Can someone help with a solution or any workaround?
Thanks,
Deevan
--
View this message in context: http://jenkins-ci.361315.n4.nabble.com/Manual-Promotion-and-Upstream-Promotion-Criteria-along-with-Role-Strategy-plugin-tp4676887.html
Sent from the Jenkins users mailing list archive at Nabble.com.
John Vacz
Aug 29, 2013, 3:41:15 AM8/29/13
to jenkins...@googlegroups.com
Am 22.08.2013 14:41, schrieb deevant07:
> Hi,
>
> I have the following scenario.
>
> A build job is created. On successful build i want the build to be promoted
> by a particular role( "DEV Approvers" - Using Role Strategy Plugin ) to
> environment say DEV. On successful completion of DEV promotion i want that
> build to be enabled for promotion to next level(say UAT) only to particular
> role say "UAT-Aproovers". Subsequently the next levels...
We have a similar setting, it is probably less fine grained as yours,
> Hi,
>
> I have the following scenario.
>
> A build job is created. On successful build i want the build to be promoted
> by a particular role( "DEV Approvers" - Using Role Strategy Plugin ) to
> environment say DEV. On successful completion of DEV promotion i want that
> build to be enabled for promotion to next level(say UAT) only to particular
> role say "UAT-Aproovers". Subsequently the next levels...
but it basically works as expectd.
>
> I have used Promoted builds plugin along with Role Strategy plugin. Although
> this works to some extent but it does not provide me the exact behavior as
> explained above.
>
> 1. Job is given access to role "build" with build permission. It allows
> users with build role to execute the build.
> 2. Job is given access to role "DEV Approvers" with promote permission. It
> does not give users of "DEV Approvers" the option "Approve Button" but
> rather it gives "Force Promotion" Option.
> 3. Similarly, Job is given access to role "UAT Approvers" with promote
> permission. It does not give users of "UAT Approvers" the option "Approve
> Button" but rather it gives "force promotion"
In the promotion configuration on job configure screen, we check "only
> I have used Promoted builds plugin along with Role Strategy plugin. Although
> this works to some extent but it does not provide me the exact behavior as
> explained above.
>
> 1. Job is given access to role "build" with build permission. It allows
> users with build role to execute the build.
> 2. Job is given access to role "DEV Approvers" with promote permission. It
> does not give users of "DEV Approvers" the option "Approve Button" but
> rather it gives "Force Promotion" Option.
> 3. Similarly, Job is given access to role "UAT Approvers" with promote
> permission. It does not give users of "UAT Approvers" the option "Approve
> Button" but rather it gives "force promotion"
when manually approved"
with approvers username provided in the "Approvers" input field. The
approvers then
have a approve button (IIUC the approver still need the promote
permission, that means,
the also have the "force promotion" button at the same time). This might
not be perfect,
but we are not aming at restict role controll, but rather conienience
for the users.
>
> Now if the step 2 is not executed then i dont want to allow the step 3 to be
> executed but in my case step 3 is executing even though i have given the
> criteria "When the following upstream promotions are promoted" with step 2
> promotion label.
controll the promotion
dependencies. My experience so far is: if step 2 is not yet promted, the
user can still do
the step 3 promotion, but it is blocked by step2. If step 2 is promoted,
then step 3
will be performed immediately thereafter (this is only my observation, I
didnt test it deliberately,
so I may well be wrong).
deevant07
Aug 29, 2013, 4:52:14 AM8/29/13
to jenkins...@googlegroups.com
Thanks for the reply... I agree it works fine with manual approver as
username, but i am trying to use role which is defined using RoleStrategy
plugin. By mentioning the role as manual approver it does not provide
"Approve Button" but only "Force promotion"
Regards,
Deevan
--
View this message in context: http://jenkins-ci.361315.n4.nabble.com/Manual-Promotion-and-Upstream-Promotion-Criteria-along-with-Role-Strategy-plugin-tp4676887p4677146.html
username, but i am trying to use role which is defined using RoleStrategy
plugin. By mentioning the role as manual approver it does not provide
"Approve Button" but only "Force promotion"
Regards,
Deevan
--
View this message in context: http://jenkins-ci.361315.n4.nabble.com/Manual-Promotion-and-Upstream-Promotion-Criteria-along-with-Role-Strategy-plugin-tp4676887p4677146.html
sc...@colestock.net
Mar 26, 2014, 8:13:29 PM3/26/14
to jenkins...@googlegroups.com
The "Force Promotion" button seems to appear when you are not an "official" approver for a manual approval step - but you have the "Promotion" permission associated with your Jenkins role (which appears to act as an override, and is *not* needed - unless you want a specific role to have that override behavior.)
In addition, for at least some roles providers (like Cloudbees RBAC), the promotion plugin doesn't appear to recognize group names. I've had to put in the full email address of the approvers - then they get the actual "approve" button.
Reply all
Reply to author
Forward
0 new messages