Permalink
Switch branches/tags
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
46 lines (39 sloc) 1.54 KB
#!/usr/bin/env groovy
/*
* Set up the basic GitHub OAuth permissions for this instance
*/
if (System.env.get('SUPER_DANGEROUS_LOCAL_ONLY_DISABLE_AUTH')) {
return
}
import jenkins.model.*
import hudson.security.*
import hudson.model.Item
import org.jenkinsci.plugins.workflow.cps.replay.ReplayAction
import org.jenkinsci.plugins.GithubAuthorizationStrategy
import org.jenkinsci.plugins.GithubSecurityRealm
def authorization = new GlobalMatrixAuthorizationStrategy()
authorization.add(Jenkins.READ, 'Anonymous')
authorization.add(Item.READ, 'Anonymous')
authorization.add(Jenkins.ADMINISTER, 'rtyler')
[
Jenkins.READ,
Item.BUILD,
Item.CANCEL,
Item.CONFIGURE,
Item.CREATE,
Item.DELETE,
Item.DISCOVER,
Item.READ,
ReplayAction.REPLAY,
].each { permission ->
authorization.add(permission, System.env.get('GITHUB_USER') ?: 'rtyler')
}
def realm = new GithubSecurityRealm('https://github.com', /* GitHub web URI */
'https://api.github.com', /* GitHub API URI */
System.env.get('CLIENT_ID') ?: '4e76a9546e5633505ebe', /* OAuth Client ID */
System.env.get('CLIENT_SECRET') ?: '3231316e75b5dace3e8e41d8e5367256959c846a',/* OAuth Client Secret */
'read:public_repo,user:email' /* OAuth permission scopes */
)
Jenkins.instance.authorizationStrategy = authorization
Jenkins.instance.securityRealm = realm
Jenkins.instance.save()