ci:jenkins:groovy_hook

차이

문서의 선택한 두 판 사이의 차이를 보여줍니다.

차이 보기로 링크

--- ci:jenkins:groovy_hook [2021/03/30 17:36]
kwon37xi [Jenkins Groovy Hook]
+++ ci:jenkins:groovy_hook [2021/06/07 14:25] (현재)
kwon37xi [자동 admin 생성]
@@ 줄 7: / 줄 7: @@
 ===== 자동 admin 생성 =====
-  * [[https://www.popularowl.com/jenkins/automating-jenkins-install-docker-terraform/|Automating Jenkins install and configuration with Docker and Terraform - Popularowl]]
+  * [[https://www.popularowl.com/jenkins/automating-jenkins-install-docker-terraform/|Automating Jenkins install and configuration with Docker and Terraform - Popularowl]] - groovy 스크립트는 너무 오래돼서 안 맞음.
+  * [[https://gist.github.com/hayderimran7/50cb1244cc1e856873a4|Jenkins Groovy enable security and create a user in groovy script]]
 <code groovy>
-// 환경변수에 JENKINS_USER, JENKINS_PASS가 있을 때
 import jenkins.model.*
 import hudson.security.*
-// 이미 사용자가 존재할 때의 처리 필요.
+def instance = Jenkins.getInstance()
+// System.getenv("JENKINS_HOME") - 존재안함
-def env = System.getenv()
+File adminCreatedMarker = new File("/var/lib/jenkins", ".adminCreatedmark")
+println "mark file path : $adminCreatedMarker"
-def jenkins = Jenkins.getInstance()
-if(!(jenkins.getSecurityRealm() instanceof HudsonPrivateSecurityRealm))
-    jenkins.setSecurityRealm(new HudsonPrivateSecurityRealm(false))
-if(!(jenkins.getAuthorizationStrategy() instanceof GlobalMatrixAuthorizationStrategy))
+if (adminCreatedMarker.exists()) {
-    jenkins.setAuthorizationStrategy(new GlobalMatrixAuthorizationStrategy())
+    println "admin user already exists. skip creating user."
+} else {
+    def hudsonRealm = new HudsonPrivateSecurityRealm(false)
+    println "admin does not exists. creating admin...."
+    hudsonRealm.createAccount("admin","admin") // username, password
+    instance.setSecurityRealm(hudsonRealm)
-def user = jenkins.getSecurityRealm().createAccount(env.JENKINS_USER, env.JENKINS_PASS)
+    def strategy = new hudson.security.FullControlOnceLoggedInAuthorizationStrategy()
-user.save()
+    strategy.setAllowAnonymousRead(false)
-jenkins.getAuthorizationStrategy().add(Jenkins.ADMINISTER, env.JENKINS_USER)
+    instance.setAuthorizationStrategy(strategy)
-jenkins.save()
+    instance.save()
+    adminCreatedMarker.createNewFile()
+    println "$adminCreatedMarker file created."
+}
 </code>

ci/jenkins/groovy_hook.1617093409.txt.gz · 마지막으로 수정됨: 2021/03/30 17:36 저자 kwon37xi