Allow users with Overall/Manage permission to reload existing configuration
See original GitHub issueYour checklist for this issue
- Link to any upstream changes that might be required (for example Jenkins Core pull request)
Feature Request
Allow users with Overall/Manage permission to reload the existing configuration.
Alternate solution if the permission above can be used in an insecure way would be to define a plugin-specific permission for this if it’s possible.
Currently, this is only possible when the permission Overall/Administer
is granted but I have a use-case worth considering for lowering this for some users.
- We have a Jenkins with a configuration committed to a properly-secured repository (branches are protected, reviews required).
- Some modifications (like updating a secret on Vault) are not picked up by our tool that reloads the configuration when we merge commits to
master
- This means that developers that don’t have the administer permissions (for good reasons!) should still be allowed to reload the configuration so the secret changes are applied
- If only the action of reloading the configuration is allowed, since no-one can update the configuration without a code review, it should not introduce security issues. This seems to fit in the description of
Overall/Manage
What do you think?
Jenkins 2.289.3, JCasc 1.51
Issue Analytics
- State:
- Created 2 years ago
- Comments:7 (7 by maintainers)
Top Results From Across the Web
Updating a controller CasC bundle - CloudBees Documentation
This option is available to users with the Overall/Manage permission and it lets users ... Reload Configuration: Applies the new bundle without a...
Read more >jep/README.adoc at master · jenkinsci/jep - GitHub
MANAGE does not allow installation of plugins available in Update Center ... a user with "Overall/Manage" permission can access via the Manage Jenkins...
Read more >Jenkins Overall/Read permission - Stack Overflow
In this case, the user was able to login, but the role was not associated correctly and therefore the overall/read permission was not...
Read more >Configuring RBAC and Folders with CloudBees CI CasC
The Overall/Manage permission will still allow your user to reload updated configuration bundles but the actual configuration changes must be committed to ...
Read more >how to use reload-configuration when some jobs are working
1) change the config.xml of job1 to enable clean and force sync · 2) reload-configuration a. java -jar C:/BitNamiApacheTomcatStack/apache-tomcat/ webapps/jenkins ...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
just released whenever, normally the issue gets closed when it’s merged.
I was hoping to get the merge strategy PR in as well but it’s not quite ready so let’s ship
I see this was merged, that’s nice 😃 🙇♂️
How does the release cycle go? Should I close the issue or is it closed at delivery?