Ansible/roles/geerlingguy.jenkins/templates/basic-security.groovy.j2

29 lines
973 B
Plaintext
Raw Normal View History

#!groovy
import hudson.security.*
import jenkins.model.*
def instance = Jenkins.getInstance()
def hudsonRealm = new HudsonPrivateSecurityRealm(false)
def users = hudsonRealm.getAllUsers()
users_s = users.collect { it.toString() }
// Create the admin user account if it doesn't already exist.
if ("{{ jenkins_admin_username }}" in users_s) {
println "Admin user already exists - updating password"
def user = hudson.model.User.get('{{ jenkins_admin_username }}');
def password = hudson.security.HudsonPrivateSecurityRealm.Details.fromPlainPassword('{{ jenkins_admin_password }}')
user.addProperty(password)
user.save()
}
else {
println "--> creating local admin user"
hudsonRealm.createAccount('{{ jenkins_admin_username }}', '{{ jenkins_admin_password }}')
instance.setSecurityRealm(hudsonRealm)
def strategy = new FullControlOnceLoggedInAuthorizationStrategy()
instance.setAuthorizationStrategy(strategy)
instance.save()
}