Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/jenkinsci/job-restrictions-plugin

Provides additional options to restrict job execution in Jenkins
https://github.com/jenkinsci/job-restrictions-plugin

adopt-this-plugin jenkins-plugin jenkins-security

Last synced: 23 days ago
JSON representation

Provides additional options to restrict job execution in Jenkins

Host: GitHub
URL: https://github.com/jenkinsci/job-restrictions-plugin
Owner: jenkinsci
License: mit
Created: 2013-08-26T06:04:32.000Z (over 11 years ago)
Default Branch: master
Last Pushed: 2024-11-23T12:41:37.000Z (29 days ago)
Last Synced: 2024-11-23T13:27:27.785Z (29 days ago)
Topics: adopt-this-plugin, jenkins-plugin, jenkins-security
Language: Java
Homepage: https://plugins.jenkins.io/job-restrictions/
Size: 238 KB
Stars: 9
Watchers: 4
Forks: 27
Open Issues: 2
Metadata Files:
- Readme: README.md
- License: LICENSE
- Codeowners: .github/CODEOWNERS

Awesome Lists containing this project

README

Job Restrictions Plugin for Jenkins
=======================

The plugin allows restricting job executions in order to change their
behavior or to harden the security. With this plugin it is possible to
configure nodes to accept only particular jobs. It is also possible to
prevent job triggering by users and other jobs using various conditions.

## Features

- Execution restrictions on the node level
- Example 1: Take jobs according to the specified name pattern
(e.g. allow running only "QA\_.\*" jobs on a node)
- Example 2: Prevent execution of user jobs on the Jenkins controller
node
- Restrictions of jobs triggering by external causes
- Example 1: Prohibit manual builds
- Example 2: Allow triggering only by a job with the
specified [owner](http://plugins.jenkins.io/ownership).
- Several built-in restrictions + JobRestriction extension point

## Usage

### Job restrictions for nodes

These restrictions can be configured in node's configuration page.

- Node won't accept jobs, which violate the specified restrictions
- Other requirements (executors, labels, etc.) will be checked as well

![](docs/images/Jenkins_JobRestrictions_NodeRestriction.png)

### Job restrictions for projects

This type of restrictions allows to prevent execution of jobs by the
launch cause.
If the cause does not satisfy requirements, job fails before running of
SCM (the job cannot be aborted due to
[JENKINS-19497](https://issues.jenkins-ci.org/browse/JENKINS-19497)).

The current version supports the following checks:

- **Apply Job restrictions to upstream build** - prohibits the
invocation from specific builds, which do not satisfy the specified
requirements
- Prohibit manual launch of the job (since 0.2)

## Extension points

Plugin provides a `JobRestriction` extension point which allows implementing new restrictions.

Built-in extensions:

- Logic operations (and, or, not)
- Started by user/group restrictions
- Restrictions support upstream projects (UpstreamCause)
- [Rebuild Plugin](http://plugins.jenkins.io/ownership)
and other specific causes are not supported
- Regex restriction - check the jobs name by a regular expression

The following plugins produce additional job restrictions:

- [Ownership Plugin](http://plugins.jenkins.io/ownership)
- [Priority Sorter Plugin](https://plugins.jenkins.io/PrioritySorter/)
— This plugin allows Jobs to be prioritised based on *Queue
Strategies* and *Priority Strategies*.
- [More implementations...](https://www.jenkins.io/doc/developer/extensions/job-restrictions/)

## Reporting Issues

If you have any proposals/bug reports, please create an issue on [Jenkins JIRA](https://issues.jenkins-ci.org/secure/Dashboard.jspa).

## Acknowledgements

Initial plugin version has been sponsored by [Synopsys, Inc.](http://www.synopsys.com/)