Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » Hudson » LDAP roles as parameters to scripts
LDAP roles as parameters to scripts [message #902805] Mon, 20 August 2012 14:15 Go to next message
Harald van Kesteren is currently offline Harald van KesterenFriend
Messages: 2
Registered: July 2009
Location: Netherlands
Junior Member
I'm using hudson v2.2.0 as a tool for build and deploy. Currently the authentication/authorisation is controlled by hudson's internal user-database. This has to change : LDAP has to be used for this in the future.

Some procedures (shell-scripts) use the HUDSON_USER environment variable to control parts of the flow (a bit wacky, I know). The fastest way to 'transform' the processes is to use the LDAP-roles for the same purpose (or is it?).

Question: how do I get the scripts to identify which role (or roles) the user has?
The LDAP authentication can control hudson, can information resulting from that be passed on to shell-scripts that are run by the hudson-jobs?






That's All Folks,
Harald.
Re: LDAP roles as parameters to scripts [message #904222 is a reply to message #902805] Tue, 28 August 2012 03:04 Go to previous messageGo to next message
Winston Prakash is currently offline Winston PrakashFriend
Messages: 449
Registered: August 2011
Location: Fremont, CA USA
Senior Member
If you go to the <hudson-url>/systemInfo you will see HUDSOn_USER is listed as part of Environment Variables. Only these variables are passed. If you need to pass your own, then you have to parametrized the job (wiki.hudson-ci.org/display/HUDSON/Parameterized+Build).

Unless you have written your BuildWrapper (through your own plugin) which passes specific environment variable, by default, I don't think Hudson would pass environment variable such as LDAP roles to job builds


Winston Prakash
Eclipse Hudson team
Re: LDAP roles as parameters to scripts [message #905323 is a reply to message #904222] Thu, 30 August 2012 07:06 Go to previous message
Harald van Kesteren is currently offline Harald van KesterenFriend
Messages: 2
Registered: July 2009
Location: Netherlands
Junior Member
Winston,

Thanks for your answer. The 'standard environment variables' I already was aware of. What you sketch (building my own hudson plugin) might be an option for the future, but is way to advanced for this moment Wink.

We have implemented a kind of workaround (or maybe it is just the right way to do it!) by having a set of hudson-jobs for each LDAP authorisation group. These are tuned to the use for that group. That way there is no need for passing on the LDAB-group name to the underlying scripts.



That's All Folks,
Harald.
Previous Topic:hudson and .svn
Next Topic:"java.lang.OutOfMemoryError: Java heap space" while launching slave over ssh
Goto Forum:
  


Current Time: Sat Dec 20 13:10:54 GMT 2014

Powered by FUDForum. Page generated in 0.04340 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software