Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Jenkins Replay Option Disabling #529

Open
Vishnu-Priya05 opened this issue Jan 3, 2024 · 6 comments
Open

Jenkins Replay Option Disabling #529

Vishnu-Priya05 opened this issue Jan 3, 2024 · 6 comments
Labels
bug

Comments

@Vishnu-Priya05
Copy link

Jenkins and plugins versions report

Jenkins: Chart Version: jenkins-4.5.0 App Version: 2.401.3

Steps taken:

  JCasC:
    configScripts:
      azure-ad-settings: |
        jenkins:
          securityRealm:
            azure:
              cacheDuration: 0
              clientId: ${appId}
              clientSecret: ${password}
              tenant: ${tenant}
          authorizationStrategy:
            azureAdMatrix:
              permissions:

In the above controller config, removed the Run/ Replay option permission.

Even after removing the permission, I'm able to use the replay option.

What Operating System are you using (both controller, and any agents involved in the problem)?

N/A

Reproduction steps

N/A

Expected Results

Replay option should be disabled.

Actual Results

Even after removing the in the code, the replay option is still available.

Anything else?

No response

Are you interested in contributing a fix?

No response
@Vishnu-Priya05
Copy link
Author

Hi,

Do we have any update? Can someone look into it?

@timja
Copy link
Member

timja commented Jan 5, 2024

I would suggest reconfiguring in the UI and exporting the permissions you want then store them in your helm chart configuration.

@Vishnu-Priya05
Copy link
Author

@timja What do you exactly mean by reconfiguring in the UI?

@timja
Copy link
Member

timja commented Jan 8, 2024

On the security page setup the configuration you want and then go to the Configuration as Code page and export the configuration, copying out what you need, I expect the configuration you are using isn't quite right and you can export the correct configuration.

@Vishnu-Priya05
Copy link
Author

As mentioned above, I have made the configurations properly. I have removed the Job/ Build, Job/ Configure and Run/Replay configurations from the respective group. Attaching the screenshot for your reference.

Even after removing the permissions from that group, I'm still able to use the Replay option.

image

Is there anything we need to check with the Azure AD team?

@timja
Copy link
Member

timja commented Jan 9, 2024

Untick Administer it's a special permission that will grant everything else, even if you've somehow managed to untick it, it won't do anything.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@timja @Vishnu-Priya05