diff --git a/bootstrap/Workspace_Management/Generate_Workspace.groovy b/bootstrap/Workspace_Management/Generate_Workspace.groovy index 0619065..636dee6 100644 --- a/bootstrap/Workspace_Management/Generate_Workspace.groovy +++ b/bootstrap/Workspace_Management/Generate_Workspace.groovy @@ -8,11 +8,14 @@ def workspaceManagementFolder = folder(workspaceManagementFolderName) { displayN def generateWorkspaceJob = freeStyleJob(workspaceManagementFolderName + "/Generate_Workspace") def adopLdapEnabled = ''; +def ldapIsModifiable = ''; try{ adopLdapEnabled = "${ADOP_LDAP_ENABLED}".toBoolean(); + ldapIsModifiable = "${LDAP_IS_MODIFIABLE}".toBoolean(); }catch(MissingPropertyException ex){ adopLdapEnabled = true; + ldapIsModifiable = true; } // Setup generateWorkspaceJob @@ -71,16 +74,19 @@ exit 0 } } if(adopLdapEnabled == true) { - shell(''' -# LDAP -${WORKSPACE}/common/ldap/generate_role.sh -r "admin" -n "${WORKSPACE_NAME}" -d "${DC}" -g "${OU_GROUPS}" -p "${OU_PEOPLE}" -u "${ADMIN_USERS}" -f "${OUTPUT_FILE}" -w "${WORKSPACE}" -${WORKSPACE}/common/ldap/generate_role.sh -r "developer" -n "${WORKSPACE_NAME}" -d "${DC}" -g "${OU_GROUPS}" -p "${OU_PEOPLE}" -u "${DEVELOPER_USERS}" -f "${OUTPUT_FILE}" -w "${WORKSPACE}" -${WORKSPACE}/common/ldap/generate_role.sh -r "viewer" -n "${WORKSPACE_NAME}" -d "${DC}" -g "${OU_GROUPS}" -p "${OU_PEOPLE}" -u "${VIEWER_USERS}" -f "${OUTPUT_FILE}" -w "${WORKSPACE}" - -set +e -${WORKSPACE}/common/ldap/load_ldif.sh -h ldap -u "${LDAP_ADMIN_USER}" -p "${LDAP_ADMIN_PASSWORD}" -b "${DC}" -f "${OUTPUT_FILE}" -set -e + if ( ldapIsModifiable == true) { + shell(''' + # LDAP + ${WORKSPACE}/common/ldap/generate_role.sh -r "admin" -n "${WORKSPACE_NAME}" -d "${DC}" -g "${OU_GROUPS}" -p "${OU_PEOPLE}" -u "${ADMIN_USERS}" -f "${OUTPUT_FILE}" -w "${WORKSPACE}" + ${WORKSPACE}/common/ldap/generate_role.sh -r "developer" -n "${WORKSPACE_NAME}" -d "${DC}" -g "${OU_GROUPS}" -p "${OU_PEOPLE}" -u "${DEVELOPER_USERS}" -f "${OUTPUT_FILE}" -w "${WORKSPACE}" + ${WORKSPACE}/common/ldap/generate_role.sh -r "viewer" -n "${WORKSPACE_NAME}" -d "${DC}" -g "${OU_GROUPS}" -p "${OU_PEOPLE}" -u "${VIEWER_USERS}" -f "${OUTPUT_FILE}" -w "${WORKSPACE}" + set +e + ${WORKSPACE}/common/ldap/load_ldif.sh -h ldap -u "${LDAP_ADMIN_USER}" -p "${LDAP_ADMIN_PASSWORD}" -b "${DC}" -f "${OUTPUT_FILE}" + set -e + ''') + } + shell(''' ADMIN_USERS=$(echo ${ADMIN_USERS} | tr ',' ' ') DEVELOPER_USERS=$(echo ${DEVELOPER_USERS} | tr ',' ' ') VIEWER_USERS=$(echo ${VIEWER_USERS} | tr ',' ' ') @@ -104,7 +110,7 @@ done url("${platformToolsGitURL}") credentials("adop-jenkins-master") } - branch("*/master") + branch("feature/ldap-is-modifiable") } } } diff --git a/workspaces/jobs/jobs.groovy b/workspaces/jobs/jobs.groovy index 12fafb4..1da382d 100644 --- a/workspaces/jobs/jobs.groovy +++ b/workspaces/jobs/jobs.groovy @@ -12,11 +12,14 @@ def projectManagementFolder = folder(projectManagementFolderName) { displayName( def generateProjectJob = freeStyleJob(projectManagementFolderName + "/Generate_Project") def adopLdapEnabled = ''; +def ldapIsModifiable = ''; try{ adopLdapEnabled = "${ADOP_LDAP_ENABLED}".toBoolean(); + ldapIsModifiable = "${LDAP_IS_MODIFIABLE}".toBoolean(); }catch(MissingPropertyException ex){ adopLdapEnabled = true; + ldapIsModifiable = true; } // Setup Generate_Project @@ -39,7 +42,7 @@ generateProjectJob.with{ { environmentVariables { - env('DC', "${LDAP_ROOTDN}") + env('DC', "${DC}") env('OU_GROUPS','ou=groups') env('OU_PEOPLE','ou=people') env('OUTPUT_FILE','output.ldif') @@ -80,32 +83,34 @@ exit 0 } } if(adopLdapEnabled == true){ - shell(''' - # LDAP - ${WORKSPACE}/common/ldap/generate_role.sh -r "admin" -n "${WORKSPACE_NAME}" -d "${DC}" -g "${OU_GROUPS}" -p "${OU_PEOPLE}" -u "${ADMIN_USERS}" -f "${OUTPUT_FILE}" -w "${WORKSPACE}" - ${WORKSPACE}/common/ldap/generate_role.sh -r "developer" -n "${WORKSPACE_NAME}" -d "${DC}" -g "${OU_GROUPS}" -p "${OU_PEOPLE}" -u "${DEVELOPER_USERS}" -f "${OUTPUT_FILE}" -w "${WORKSPACE}" - ${WORKSPACE}/common/ldap/generate_role.sh -r "viewer" -n "${WORKSPACE_NAME}" -d "${DC}" -g "${OU_GROUPS}" -p "${OU_PEOPLE}" -u "${VIEWER_USERS}" -f "${OUTPUT_FILE}" -w "${WORKSPACE}" - - set +e - ${WORKSPACE}/common/ldap/load_ldif.sh -h ldap -u "${LDAP_ADMIN_USER}" -p "${LDAP_ADMIN_PASSWORD}" -b "${DC}" -f "${OUTPUT_FILE}" - set -e - - ADMIN_USERS=$(echo ${ADMIN_USERS} | tr ',' ' ') - DEVELOPER_USERS=$(echo ${DEVELOPER_USERS} | tr ',' ' ') - VIEWER_USERS=$(echo ${VIEWER_USERS} | tr ',' ' ') + if ( ldapIsModifiable == true ) { + shell(''' + # LDAP + ${WORKSPACE}/common/ldap/generate_role.sh -r "admin" -n "${WORKSPACE_NAME}" -d "${DC}" -g "${OU_GROUPS}" -p "${OU_PEOPLE}" -u "${ADMIN_USERS}" -f "${OUTPUT_FILE}" -w "${WORKSPACE}" + ${WORKSPACE}/common/ldap/generate_role.sh -r "developer" -n "${WORKSPACE_NAME}" -d "${DC}" -g "${OU_GROUPS}" -p "${OU_PEOPLE}" -u "${DEVELOPER_USERS}" -f "${OUTPUT_FILE}" -w "${WORKSPACE}" + ${WORKSPACE}/common/ldap/generate_role.sh -r "viewer" -n "${WORKSPACE_NAME}" -d "${DC}" -g "${OU_GROUPS}" -p "${OU_PEOPLE}" -u "${VIEWER_USERS}" -f "${OUTPUT_FILE}" -w "${WORKSPACE}" - # Gerrit - for user in $ADMIN_USERS $DEVELOPER_USERS $VIEWER_USERS - do - username=$(echo ${user} | cut -d'@' -f1) - ${WORKSPACE}/common/gerrit/create_user.sh -g http://gerrit:8080/gerrit -u "${username}" -p "${username}" - done + set +e + ${WORKSPACE}/common/ldap/load_ldif.sh -h ldap -u "${LDAP_ADMIN_USER}" -p "${LDAP_ADMIN_PASSWORD}" -b "${DC}" -f "${OUTPUT_FILE}" + set -e + ''') + } + shell(''' + ADMIN_USERS=$(echo ${ADMIN_USERS} | tr ',' ' ') + DEVELOPER_USERS=$(echo ${DEVELOPER_USERS} | tr ',' ' ') + VIEWER_USERS=$(echo ${VIEWER_USERS} | tr ',' ' ') + # Gerrit + for user in $ADMIN_USERS $DEVELOPER_USERS $VIEWER_USERS + do + username=$(echo ${user} | cut -d'@' -f1) + ${WORKSPACE}/common/gerrit/create_user.sh -g http://gerrit:8080/gerrit -u "${username}" -p "${username}" + done - # Gerrit - source ${WORKSPACE}/projects/gerrit/configure.sh - # Generate second permission repo with enabled code-review - source ${WORKSPACE}/projects/gerrit/configure.sh -r permissions-with-review - ''') + # Gerrit + source ${WORKSPACE}/projects/gerrit/configure.sh + # Generate second permission repo with enabled code-review + source ${WORKSPACE}/projects/gerrit/configure.sh -r permissions-with-review + ''') } dsl { external("projects/jobs/**/*.groovy") @@ -118,7 +123,7 @@ exit 0 url("${platformToolsGitURL}") credentials("adop-jenkins-master") } - branch("*/master") + branch("feature/ldap-is-modifiable") } } }