I wrote a DSL Script to create a folder in Jenkins but now I need a script to create a group for that folder and add users into the same group and assign a role to a group.
import com.cloudbees.hudson.plugins.folder.*
import com.cloudbees.hudson.plugins.foldersplus.*
import jenkins.model.Jenkins;
import nectar.plugins.rbac.strategy.*;
import hudson.security.*;
import nectar.plugins.rbac.groups.*;
import nectar.plugins.rbac.roles.*;
String folderName = 'Project-B'
folderItem = Jenkins.instance.getAllItems(Folder.class).find{it.name.equals(folderName)}
String groupName = "membersOfProject-B"
GroupContainer container = GroupContainerLocator.locate(Jenkins.getInstance())
Group group = new Group(container, groupName)
group.doAddMember('mike')
group.doGrantRole('develop', 0, Boolean.TRUE)
container.addGroup(group)
import nectar.plugins.rbac.groups.*
import java.util.*
import com.cloudbees.opscenter.server.model.*
import com.cloudbees.opscenter.server.clusterops.steps.*
import com.cloudbees.hudson.plugins.folder.*
import com.cloudbees.hudson.plugins.foldersplus.*
import jenkins.model.Jenkins;
import nectar.plugins.rbac.strategy.*;
import hudson.security.*;
import nectar.plugins.rbac.groups.*;
import nectar.plugins.rbac.roles.*;
import hudson.model.*;
// Assign request values
def appName = "TestApp";
def devs = ['userid1','userid2','userid3'];
// Begin Script
def instance = Jenkins.getInstance()
// Folder Path ( root dir is 'Jenkins/')
def targetDirectory = 'Jenkins/FolderName_Level_1 ยป ' + appName;
println("target Directory= ${targetDirectory}");
// Folder's Group Name (which you want to create or update)
def groupName = 'developers';
// Group's Role list that you want to assign e.g['admin','developer']
def groupRole = ['developer'] ;
// Group's Member list which you want to add (by ADID) e.g['xyz','abc']
def addUsers = devs;
//Booleans to detect if function found group or not
Boolean foundGrp = false;
// Container used to handle connected Client masters
class ExploredObject {
GroupContainer groupContainer
Boolean isMaster
Item instance
}
Map containers = new TreeMap();
// Add the root container
def root = new ExploredObject()
root.groupContainer = GroupContainerLocator.locate(Jenkins.instance)
root.isMaster = false
containers.put(Jenkins.instance.displayName, root)
// Add all the items that are be containers
for (i in Jenkins.instance.allItems) {
if (GroupContainerLocator.isGroupContainer(i.getClass())) {
GroupContainer g = GroupContainerLocator.locate(i)
if (g != null) {
def exploredObject = new ExploredObject()
exploredObject.groupContainer = g
exploredObject.instance = i
containers.put("${Jenkins.instance.displayName}/${i.fullDisplayName}", exploredObject)
}
}
}
// Parse throuch all folder in root
for (cont in containers) {
def c = cont.value.groupContainer
// println(cont.key)
if (cont.key == targetDirectory) {
//println(cont.key)
//println("Target Directory found")
if (c.groups.size()){
// Parse through the groups of the folder
for (g in c.groups) {
//If the group exist the add members
if (g.name == groupName){
foundGrp = true;
println(" + ${g.name}")
def currentMembers = g.members
println(" * Current Members : ${currentMembers}")
println(" * Current Roles: ${g.roles.collect {it + (g.doesPropagateToChildren(it) ?' (propagates)':'(pinned)')}}")
if(addUsers.size() > 0){
println(" -- Starting Add(+) / Delete(-) users to ${g.name}")
// adds user to group
for (eachUser in addUsers){
g.doAddMember(eachUser)
println(" + ${eachUser} Added")
}
println(" -- Completed Add / Delete users to ${g.name}")
for (role in groupRole){
g.doGrantRole(role, 0, Boolean.TRUE)
println(" * Role assigned : role")
}
}
}
} //end of for loop g in c.groups
}// end of if loop c.groups.size()
//if the group doesn't exist then Create a group,Add member and assign role
else{ // else of if loop c.groups.size()
if(foundGrp == false){
println("Group '${groupName}' does not exist")
Group group = new Group(c, groupName)
println(" + Start Adding user to ${groupName}")
for (eachUser in addUsers){
group.doAddMember(eachUser)
println(" + ${eachUser} Added")
}
for (role in groupRole){
group.doGrantRole(role, 0, Boolean.TRUE)
println(" * Role assigned : ${role}")
}
c.addGroup(group)
println("Group '${groupName}' is Created Succefully")
}
}
}
else{
}
}
instance.save()
Related
Let us assume a typical software project in Jira that uses Issues, Subtasks and Epics, with a custom field called "Customer" that can be set on any issue or the Epic. I want to have this field synchronized, so that its value for any tickets get automatically set to the highest parent of the hierarchy, up to the epics. How to achieve that with ScriptRunner for Jira?
This can be done with the following listener:
import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.event.type.EventDispatchOption
import com.atlassian.jira.issue.Issue
import com.atlassian.jira.issue.MutableIssue
import com.atlassian.jira.issue.link.IssueLink
def issue = event.issue as MutableIssue
def customFieldManager = ComponentAccessor.customFieldManager
def issueManager = ComponentAccessor.issueManager
def issueLinkManager = ComponentAccessor.issueLinkManager
def customField = customFieldManager.getCustomFieldObjectsByName('Customer').first()
def epicLink = customFieldManager.getCustomFieldObjectsByName('Epic Link').first()
def EPIC_STORY_LINK = "Epic-Story Link"
def issuesToUpdate = [] as ArrayList<Issue>
def valueFromTop = null
if (issue.issueType.name == 'Epic') {
// The issue is an epic. Propagate the custom field value down
valueFromTop = issue.getCustomFieldValue(customField)
issueLinkManager.getOutwardLinks(issue.id).find {
it.issueLinkType.name == EPIC_STORY_LINK
}.each { IssueLink it1 ->
issuesToUpdate.addAll(it1.destinationObject)
it1.destinationObject.subTaskObjects.findAll { it2 ->
issuesToUpdate.addAll(it2)
}
}
}
else {
// Normal issue. Look up to find the reference issue to get the value from.
def issueIterator = issue
while ( true ) {
def value = issueIterator.getCustomFieldValue(customField)
if ( value ) {
valueFromTop = value
}
issuesToUpdate.addAll(issueIterator)
if ( issueIterator.parentObject ) {
issueIterator = issueIterator.parentObject
}
else {
break
}
}
// Check if the parent issue is an Epic.
issueLinkManager.getInwardLinks(issueIterator.id).find {
it.issueLinkType.name == EPIC_STORY_LINK
}.each { IssueLink epicIssueLink ->
// Get the value from the Epic
valueFromTop = epicIssueLink.sourceObject.getCustomFieldValue(customField)
}
// Add child issues to list
issue.subTaskObjects.findAll {
issuesToUpdate.addAll(it)
}
}
def loggedInUser = ComponentAccessor.jiraAuthenticationContext.loggedInUser
issuesToUpdate.each {
def mutableTicket = it as MutableIssue
mutableTicket.setCustomFieldValue(customField, valueFromTop)
ComponentAccessor.issueManager.updateIssue(loggedInUser, mutableTicket, EventDispatchOption.DO_NOT_DISPATCH, false)
}
Does anyone have an updated version of ceilfors answer that works for both AbstractProject and WorkflowJob?
This is the solution I came up with. It was tested on Jenkins 2.355
The test was run from the script console.
For testing purposes, I limited the test to one Freestyle (AbstractProject) and one Pipeline (WorkflowJob) job each. You would need to modify the code below.
I hope others find this useful
import org.jenkinsci.plugins.workflow.job.WorkflowJob;
import hudson.plugins.git.*
import jenkins.*
import jenkins.model.*
def modifyGitUrl(url) {
def updatedUrl = url.toString().replace("git#gitlab", "git#github")
// println "updatedUrl = ${updatedUrl}"
return updatedUrl
}
Jenkins.instance.getAllItems(Job.class).each {
project = it.getFullName()
if(project.toString().equals("PL_Quick_Testing") || project.toString().equals("A_Freestyle_Job")) {
try {
if (it instanceof AbstractProject){
def oldScm = it.scm
def newUserRemoteConfigs = oldScm.userRemoteConfigs.collect {
new UserRemoteConfig(modifyGitUrl(it.url), it.name, it.refspec, it.credentialsId)
}
def newScm = new GitSCM(newUserRemoteConfigs, oldScm.branches, oldScm.doGenerateSubmoduleConfigurations,
oldScm.submoduleCfg, oldScm.browser, oldScm.gitTool, oldScm.extensions)
it.scm = newScm
it.save()
println "Done"
} else if (it instanceof WorkflowJob) {
def oldScm = it.getTypicalSCM()
def definition = it.getDefinition()
String scriptPath = it.getDefinition().getScriptPath()
def newUserRemoteConfigs = oldScm.userRemoteConfigs.collect {
new UserRemoteConfig(modifyGitUrl(oldScm.userRemoteConfigs.url[0]), it.name, it.refspec, it.credentialsId)
}
def newScm = new GitSCM(newUserRemoteConfigs, oldScm.branches, oldScm.doGenerateSubmoduleConfigurations,
oldScm.submoduleCfg, oldScm.browser, oldScm.gitTool, oldScm.extensions)
def newDefinition = new org.jenkinsci.plugins.workflow.cps.CpsScmFlowDefinition(newScm, scriptPath)
it.definition = newDefinition
it.save()
println "Done"
} else {
println("${project} has no SCM")
}
} catch (Exception e) {
// e.printStackTrace()
}
}
}
I want to schedule a job to be at the top of the build queue in Jenkins via a Groovy Postbuild.
For example, for Build X
If previously the build queue looks like this:
Generic Build 1
Generic Build 2
Generic build 3
Now it should look like:
Build X
Generic Build 1
Generic Build 2
Generic Build 3
So far I've been able to schedule the job using
def waitingItem = Jenkins.get().getQueue().schedule(job, 0)
if (waitingItem == null) {
manager.listener.logger.println "Error scheduling ${job}!"
} else {
manager.listener.logger.println "${job.name} was scheduled!"
}
but now I also want waitingItem to be at the top of the queue.
Any help is much appreciated.
Ok so after countless hours of browsing the web I've been able to come up with a Groovy Postbuild script that does the following: once it finishes the build, it triggers another build (let's call it buildToBeTriggered) and buildToBeTriggered automatically gets pushed at the front of the queue.
The code is below:
import hudson.model.AbstractProject
import hudson.model.Queue
import hudson.model.queue.QueueSorter
import jenkins.model.Jenkins
def job = (AbstractProject)Jenkins.get().getItem('gcimpoies-toTrigger')
def isSuccess = manager.getResult() == 'SUCCESS'
def isRelease = manager.getEnvVariable('RELEASE') == 'true'
def secondsToWait = 20
if (isSuccess) {
def waitingItem = Jenkins.get().getQueue().schedule(job, 0)
if (waitingItem == null) {
manager.listener.logger.println "Error scheduling ${job}!"
} else {
manager.listener.logger.println "${job.name} was scheduled!"
}
Thread.sleep(secondsToWait * 1000)
//replace the original queue sorter with one that will place our project build first in the queue
QueueSorter originalQueueSorter = Jenkins.get().getQueue().getSorter()
AcceleratedBuildNowSorter acceleratedBuildNowSorter = new AcceleratedBuildNowSorter(job, originalQueueSorter)
Jenkins.get().getQueue().setSorter(acceleratedBuildNowSorter);
// we sort the queue so that our project is next to be built on the list
Jenkins.get().getQueue().getSorter().sortBuildableItems(Jenkins.getInstance().getQueue().getBuildableItems())
}
class AcceleratedBuildNowSorter extends QueueSorter {
private final AbstractProject project
private final QueueSorter originalQueueSorter
private final AcceleratedBuildNowComparator comparator
AcceleratedBuildNowSorter(AbstractProject project, QueueSorter originalQueueSorter) {
this.project = project
this.originalQueueSorter = originalQueueSorter
comparator = new AcceleratedBuildNowComparator(this.project)
}
#Override
void sortBuildableItems(List<Queue.BuildableItem> buildables) {
if (this.originalQueueSorter != null) {
this.originalQueueSorter.sortBuildableItems(buildables)
}
Collections.sort(buildables, comparator)
}
}
class AcceleratedBuildNowComparator implements Comparator<Queue.BuildableItem> {
private final AbstractProject mostPriorityProject;
AcceleratedBuildNowComparator(AbstractProject mostPriorityProject) {
this.mostPriorityProject = mostPriorityProject;
}
int compare(Queue.BuildableItem buildableItem0, Queue.BuildableItem buildableItem1) {
AbstractProject<?, ?> project0 = (AbstractProject<?, ?>) buildableItem0.task
AbstractProject<?, ?> project1 = (AbstractProject<?, ?>) buildableItem1.task
if (project0.equals(mostPriorityProject)) {
return -1
}
if (project1.equals(mostPriorityProject)) {
return 1
}
return 0
}
}
I am trying to find a groovy script to add an existing user to a Role using RoleBasedAuthorizationStrategy. Any help would be greatly appreciated.
I ran into the same need. After doing some web searching and looking at the plugin's code from GitHub, I found one link that provided some insight: https://issues.jenkins-ci.org/browse/JENKINS-23709. Based on that I hacked together a quick Groovy script that assigns a specific user to a specific role. Been awhile since I've done Groovy, so pardon the dust. Feel free to use this as an example for your own needs.
import jenkins.model.*
import hudson.security.*
import java.util.*
import com.michelin.cio.hudson.plugins.rolestrategy.*
import java.lang.reflect.*
def roleName = "guest"
def userName = "bot-release"
def findGuestRoleEntry(grantedRoles, roleName)
{
for (def entry : grantedRoles)
{
Role role = entry.getKey()
if (role.getName().equals(roleName))
{
return entry
}
}
return null
}
def authStrategy = Jenkins.instance.getAuthorizationStrategy()
if(authStrategy instanceof RoleBasedAuthorizationStrategy){
RoleBasedAuthorizationStrategy roleAuthStrategy = (RoleBasedAuthorizationStrategy) authStrategy
// Make constructors available
Constructor[] constrs = Role.class.getConstructors();
for (Constructor<?> c : constrs) {
c.setAccessible(true);
}
// Make the method assignRole accessible
Method assignRoleMethod = RoleBasedAuthorizationStrategy.class.getDeclaredMethod("assignRole", String.class, Role.class, String.class);
assignRoleMethod.setAccessible(true);
def grantedRoles = authStrategy.getGrantedRoles(RoleBasedAuthorizationStrategy.GLOBAL);
if (grantedRoles != null)
{
// println "Got grantedRoles for " + RoleBasedAuthorizationStrategy.GLOBAL
def roleEntry = findGuestRoleEntry(grantedRoles, roleName);
if (roleEntry != null)
{
// println "Found role " + roleName
def sidList = roleEntry.getValue()
if (sidList.contains(userName))
{
println "User " + userName + " already assigned to role " + roleName
} else {
println "Adding user " + userName + " to role " + roleName
roleAuthStrategy.assignRole(RoleBasedAuthorizationStrategy.GLOBAL, roleEntry.getKey(), userName);
println "OK"
}
Jenkins.instance.save()
} else {
println "Unable to find role " + roleName
}
} else {
println "Unable to find grantedRoles for " + RoleBasedAuthorizationStrategy.GLOBAL
}
} else {
println "Role Strategy Plugin not found!"
}
Is there a way to check out any Subversion project using Jenkins-Cli by executing a groovy script on the master? I can get to the point of creating SVN client manager[org.tmatesoft.svn.core.wc.SVNClientManager], but can't really understand how to employ that in checking out an SVN project from the URL.
After a lot of hit and trials I have come up with this, might be useful for someone else:
import jenkins.*;
import jenkins.model.*;
import hudson.*;
import hudson.model.*;
import hudson.slaves.SlaveComputer;
import hudson.scm.SubversionSCM;
import hudson.remoting.Channel;
import hudson.FilePath;
import org.tmatesoft.svn.core.SVNURL;
import org.tmatesoft.svn.core.io.SVNRepository;
import org.tmatesoft.svn.core.io.SVNRepositoryFactory;
import org.tmatesoft.svn.core.SVNException;
import org.tmatesoft.svn.core.wc.SVNClientManager;
import org.tmatesoft.svn.core.auth.ISVNAuthenticationProvider;
import org.tmatesoft.svn.core.wc.SVNLogClient;
import org.tmatesoft.svn.core.SVNDirEntry;
import org.tmatesoft.svn.core.wc.SVNRevision;
import org.tmatesoft.svn.core.SVNDepth;
import org.tmatesoft.svn.core.SVNDirEntry;
import org.tmatesoft.svn.core.ISVNDirEntryHandler;
import org.tmatesoft.svn.core.wc.SVNUpdateClient;
import java.lang.*;
import java.util.ArrayList;
import java.util.List;
private boolean checkNodeExist(String node_Name){
if (Jenkins.getInstance().slaves.find({it.name == node_Name}) == null)
return false;
else
return true;
}
private ISVNAuthenticationProvider createAuthenticationProvider(AbstractProject context) {
return Jenkins.getInstance().getDescriptorByType(SubversionSCM.DescriptorImpl.class)
.createAuthenticationProvider(context);
}
public class SimpleSVNDirEntryHandler implements ISVNDirEntryHandler {
private final List<SVNDirEntry> dirs = new ArrayList<SVNDirEntry>();
public List<String> getDirs() {
List<String> sortedDirs = new ArrayList<String>();
for (SVNDirEntry dirEntry : dirs) {
sortedDirs.add(dirEntry.getName());
}
return sortedDirs;
}
public void handleDirEntry(SVNDirEntry dirEntry) throws SVNException {
dirs.add(dirEntry);
}
}
public void PerfromSVNListOperationOnMaster(SVNURL svnUrl){
try{
SVNRepository repo = SVNRepositoryFactory.create(svnUrl);
SVNClientManager clientManager = SubversionSCM.createSvnClientManager(createAuthenticationProvider())
SVNLogClient logClient = clientManager.getLogClient();
SimpleSVNDirEntryHandler dirEntryHandler = new SimpleSVNDirEntryHandler();
List<String> dirs = new ArrayList<String>();
logClient.doList(repo.getLocation(),SVNRevision.HEAD, SVNRevision.HEAD,false,SVNDepth.INFINITY,SVNDirEntry.DIRENT_KIND,dirEntryHandler)
dirs = dirEntryHandler.getDirs();
println (dirs)
}
catch(SVNException svnEx){
println "#Error: " + svnEx;
throw svnEx
}
}
public void PerfromSVNCheckOutOperation(SVNURL svnUrl,boolean isMaster,String appender,SlaveComputer computer = null){
try{
SVNRepository repo = SVNRepositoryFactory.create(svnUrl);
SVNClientManager clientManager = SubversionSCM.createSvnClientManager(createAuthenticationProvider());
SVNUpdateClient updateClient = clientManager.getUpdateClient();
updateClient.setIgnoreExternals(false);
String destDir = svnUrl.getPath().substring(svnUrl.getPath().lastIndexOf('/')+1);
if (isMaster == true){
updateClient.doCheckout(repo.getLocation(),new java.io.File(System.getProperty("java.io.tmpdir"),destDir + '_' + appender),SVNRevision.HEAD,SVNRevision.HEAD,SVNDepth.INFINITY,false);
}else{
if (computer == null){
throw new IllegalArgumentException("#Error: Argument:computer can't be null when we need to checkout in slave");
}else{
updateClient.doCheckout(repo.getLocation(),new java.io.File(System.getProperty("java.io.tmpdir"),destDir + '_' + appender),SVNRevision.HEAD,SVNRevision.HEAD,SVNDepth.INFINITY,false);
Channel slaveChannel = computer.getChannel();
FilePath fpSrc = new hudson.FilePath(new java.io.File(System.getProperty("java.io.tmpdir"),destDir + '_' + appender));
//println new java.io.File((slave.getWorkspaceRoot().toString()),destDir).toString().replace('\\','/')
FilePath fpDestination = new hudson.FilePath(slaveChannel,new java.io.File((slave.getWorkspaceRoot().toString()),destDir + '_' + appender).toString().replace('\\','/'));
println "Copying files recursively from Temp directory in master to slave";
int files_copied = fpSrc.copyRecursiveTo(fpDestination);
println files_copied
fpSrc.deleteRecursive();
}
}
}
catch (Exception ex){
throw new Exception("#Error:",ex);
}
}
if (args.length == 4){
String url = new String(args[0]);
SVNURL svn_url = null;
try{
svn_url = SVNURL.parseURIDecoded(url);
}
catch(SVNException svnEX){
println "#Error: Check SVN repository Location.";
throw svnEX;
}
String nodeName = new String(args[1]);
String operation = new String(args[2]);
String checkoutAppendString = new String(args[3]);
println args
if (nodeName.equalsIgnoreCase("master")){
println "Executing script on master"
if (operation.equalsIgnoreCase("list")){
PerfromSVNListOperationOnMaster(svn_url);
}else{
PerfromSVNCheckOutOperation(svn_url,true,checkoutAppendString);
}
}else{
if (checkNodeExist(nodeName)){
slave = Jenkins.getInstance().slaves.find({it.name == nodeName});
SlaveComputer computer = slave.getComputer();
if (computer.isOffline()){
println "#Error: $slave is offline."
return
}else{
if (operation.equalsIgnoreCase("list")){
PerfromSVNListOperationOnMaster(svn_url)
}else{
PerfromSVNCheckOutOperation(svn_url,false,checkoutAppendString,computer);
}
}
}else{
println "#Error: $nodeName not found."
return
}
}
}else{
println "Invalid Usage, expecting 3 arguments : 1.RepositoryURL 2.NodeName 3.OperationType"
return
}