问题描述
每次Jenkins中的非管理员用户在Jenkins中进行一些更改时,脚本更改都必须得到Jenkins管理员的批准.我正在寻找一种禁用此功能的方法,并且找到了此插件- https ://wiki.jenkins.io/display/JENKINS/Permissive+Script+Security+Plugin
Everytime a non-admin user in Jenkins makes some changes in Jenkins, the script changes has to be approved by a Jenkins admin. I am looking for a way to disable this and i found this plugin- https://wiki.jenkins.io/display/JENKINS/Permissive+Script+Security+Plugin
我已按照页面中的说明安装并启用了此插件,并且插件状态也显示为已启用<jenkins-url>/systemInfo,jenkins进程ps -efH | grep Jenkins也显示了插件状态,但我的脚本已更改(以非管理员用户身份)仍然要求管理员批准.
i have installed and enabled this plugin as mentioned in the page, and the plugin status shows enabled as well here <jenkins-url>/systemInfoand also jenkins process ps -efH | grep Jenkins shows the plugin status but my script changes(as non-admin user) still asks for admin approval.
这里有没有人使用过此插件,可以帮助我使用该插件?
Is there anyone here who has used this plugin and can help me out with how to use this?
推荐答案
允许的脚本安全性"插件仅适用于将沙箱中的代码列入白名单,而不适用于授权完整的脚本.启用Groovy沙箱以使脚本自动批准,然后它应该可以工作.在错误报告.
The Permissive Script Security plugin only works with Whitelisting code in a sandbox, not with authorizing complete scripts. Enable the Groovy sandbox for the scripts to automatically approve, then it should work. This was made clear in a comment in a bug report.
如果您的脚本是 Job DSL 脚本,则应当启用Groovy沙箱,并以特定用户的身份运行作业.为此,可以使用授权Project插件.只需添加一个默认的构建授权,该授权不是匿名"用户,也不是特定项目的设置. Job DSL插件仅在以特定用户身份运行作业时才支持沙盒.
If your script is a Job DSL script, then the Groovy sandbox should be enabled and job run as a specific user. For this the Authorize Project plugin can be used. Just add a default build authorization which is not the "anonymous" user, or a setting for the specific projects. The Job DSL plugin only supports sandboxing when the job is run as a specific user.
这篇关于允许的脚本安全插件在jenkins中不起作用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!