Dive into Jenkins Roles

Reading Time: 4 minutes

Concept of Roles in Jenkins

A role in Jenkins basically refers to a user that can has access to Jenkins. A user can be an administrator or any non-admin privileged entity.

A role can be assigned to a user to indicate the set of privileges assigned to that particular user. These privileges can be admin privileges or an admin user can then create many roles and add users to our Jenkins and allot a role specific to a particular user’s tasks.

Jenkins – A small introduction

Jenkins is an open source automation server which can be used to automate all sorts of tasks related to building, testing, and delivering or even deploying software. Few of the features of Jenkins that make it the first-choice for a user are :

  • Easy installation
  • Variety of plugins
  • Easy configuration
  • Extensible
  • Distributed

To use the concept of roles in Jenkins, we need to install a plugin known as Role-based authorization strategy.

Description of this plugin : Enables user authorization using a Role-Based strategy. Roles can be defined globally or for particular jobs or nodes selected by regular expressions.

Let’s move ahead and start with how to create roles.

Step 1.

Go to the Jenkins Dashboard -> Click on Manage Jenkins -> Click on Manage Users.

jenkins-roles-manage-jenkins

Step 2.

On the left panel, you would see a Create User option. Enter user credentials.

jenkins-roles-manage-&-assign-roles

Now, since you have installed the Role-based authorization plugin, you would see a new option for “Manage and Assign Roles” in the Manage Jenkins section.

jenkins-roles-manage-and-assign-roles

Step 3.

Click on Manage Roles. Here you will options like Global roles, Item roles and Node roles.

jenkins-roles-create-and-assign-roles

Step 4.

Inside the “Global roles” option, in the “Role to add” textbox, add the username that you just created and assign it the permissions as desired.

jenkins-roles-global-roles

Step 5.

Moving on to the next option, “Item Roles”, select the role to add. A role can be anything, like a developer, a tester, etc. Assign a name to the role as per requirements. You can also specify the pattern, for example like, “dev.*” , this would allow the user to access all those jobs/projects, that follow this pattern, i.e, starts with “dev” followed by any character sequence. Similarly, you can assign roles to your nodes.

Step 6.

Click Apply and save the settings.

Step 7.

Now, we navigate to the “Assign Roles” section. Here again, you would see the options like Global, Item and Node Roles. In the Global Roles, inside the textbox for Roles to add, add the role that you want to assign to the users you just created. And allot the permissions to specific users as desired by checking the tick-boxes.

jenkins-roles-item-roles

Step 8.

Now, in Item Roles section, add the users or groups you just created to assign them project roles. In the matrix-type table formed upon adding the users, assign roles to users according to the project needs.

Similarly, apply the same for nodes too.

Step 9.

Apply and save the settings.

Yay!! Your work is done. We have now successfully added users, created roles and assigned roles to the users.

Now, for example,

  • a developer would only be able to access the jobs that starts with “dev-“, and would only be allowed to handle only those jobs assigned to him.
developer-access
  • a tester would now be only access the jobs that starts with “test-” .
tester-access

Thus, with the help of roles, we can distribute permissions among the users, assign a user only those set of privileges that the project requires.

References

https://plugins.jenkins.io/role-strategy/
https://www.jenkins.io/doc/