Version 3.2.2

🎁 Improvements

• Adapt to jenkinsci/jenkins#8979 coming in Jenkins 2.449, ensuring continued correct tracking of ambiguous permissions through agent configuration changes (#158)

Version 3.2.1

🐛 Bugfixes

• JENKINS-72012: Fix CasC export with non-English locales (#155)

🔧 Internal Changes

• Remove MatrixAuthorizationStrategyConfigurator#getLegacyPermissions (#153)

Version 3.2

💥 Major Changes 💥

This release changes the syntax for configuring permissions with Configuration as Code, Job DSL, and Pipeline plugins (#145, #144)

Warning

This is a breaking change for anyone currently configuring matrix authorization using these plugins.

In all three cases, the permissions list has been replaced with the entries list and a more elaborate element syntax decoupled from the serialized XML configuration format. See examples below for the new syntax.

Configuration as Code

authorizationStrategy:
  projectMatrix:
    entries:
      - user:
          name: "admin"
          permissions:
            - "Overall/Administer"
      - group:
          name: "authenticated"
          permissions:
            - "Overall/Read"

Job DSL

properties {
  authorizationMatrix {
    inheritanceStrategy {
        nonInheriting()
    }
    entries {
      group {
        name('authenticated')
        permissions([
          'Job/Read'
        ])
      }
    }
  }
}

Pipeline

properties([
  authorizationMatrix([
    group(name: 'authenticated', permissions: ['Job/Read']),
    user(name: 'alice', permissions: [
      'Job/Configure',
      'hudson.scm.SCM.Tag'
    ])
  ])
])

For a more comprehensive example of the new configuration syntax for Configuration as Code and Job DSL, see this file. Use the Pipeline Snippet Generator to see the new format for arguments to the authorizationMatrix(…) property.

Note

This change only affects Job DSL configuring jobs using properties/authorizationMatrix (provided by Matrix Authorization Plugin), not authorization (provided by Job DSL Plugin). See JENKINS-67411 for known problems with the latter.

Internal Changes 🔧

• Use newer parent POM to allow building on Java 21, also updating the Configuration as Code Plugin dependency from 1647.ve39ca_b_829b_42 to 1670.v564dc8b_982d0 (#147)
• Remove obsolete code (#149)
• Address test flakiness in Security2180Test (#150)

Version 3.1.10

• Update look of permissions table to more nicely integrate with recent Jenkins UI improvements (#147)
  • Update require Jenkins version to 2.387.3 and add dependency on ionicons-api
• Fix sidepanel links shown on the page listing ambiguous permissions assignments (#148)

Version 3.1.9

• JENKINS-71368: Return the full list of groups from AuthorizationStrategy#getGroups even if the caller has low permissions, as can be the case with Active Directory Plugin (#141)
• Internal: Update parent POM from 4.61 to 4.66 to upgrade HTMLUnit from 2.x to 3.x (#143)

Version 3.1.8

• JENKINS-70906: Compatibility with Prototype removal (#140)

Version 3.1.7

• JENKINS-67368: Refer to user ID instead of name where appropriate (#137)
• Various internal fixes and improvements
  • Suppress Jenkins Security Scan warnings (#134)
  • Switch JCasC test to RealJenkinsRule (#136)
  • Upgrade Job DSL dependency to 1.82 (#135)
  • Bump parent pom (#138)

Version 3.1.6

• JENKINS-70231: Fix tooltips on Jenkins 2.379+ (#130)
• Modernize plugin, require 2.361.4 or newer (#129)
• JENKINS-68581: Improve Javadoc (#128)
• Internal: Use HTTPS SCM URL (#131)

Version 3.1.5

• Fix a regression in 3.1.4 that prevented use of the buttons Add user… and Add group…. (#126)

Version 3.1.4

• Restore tooltips on icons migrating ambiguous permissions when running recent Jenkins releases (#122)
• Internal: Update parent pom to 4.41 (#123)