Automating Jenkins User and Role Management with Python Scripts
This guide demonstrates how to create Jenkins roles, authorize plugin APIs, and automate user creation and role assignment using Python scripts and HTTP POST requests, including sample code for creating accounts, granting roles, and managing a list of users via a parameterized Jenkins job.
This article explains how to set up role creation and plugin API authorization in Jenkins, and provides a Python script to automate user creation and role assignment.
Create User
method:POST
url: http://demo.com:8080/securityRealm/createAccountByAdmin
data: {"username": userName, "password1": '123456', "password2": '123456', "fullname" : userName,"email" : userName + '@jenkins.com'}User Authorization Plugin
method:POST
url:http://demo.com:8080/role-strategy/strategy/assignRole
roletype: globalRoles projectRoles
data : {'type': 'globalRoles','roleName': roleName,'sid': userName}Python Script
#coding:utf8
#用户授权脚本
import requests
import sys
class auth(object):
def __init__(self):
self.Jenkins = {"url":"http://deme.com:8080/role-strategy/strategy/assignRole",
"passwd":"xxxxxxxxxxxx"}
#创建用户
def Create(self,userName):
uurl="http://demo.com:8080/securityRealm/createAccountByAdmin"
refdata = {"username": userName,
"password1": '123456',
"password2": '123456',
"fullname" : userName,
"email" : userName + '@jenkins.com'}
response = requests.post(uurl,data=refdata,auth=('admin',self.Jenkins["passwd"]))
#print(response.status_code,response.text)
#授权
def Grant(self,roleType,roleName,userName):
self.Create(userName)
if roleType == "global" :
data = {'type': 'globalRoles','roleName': roleName,'sid': userName}
elif roleType == "project" :
data = {'type': 'projectRoles','roleName': roleName,'sid': userName}
response = requests.post(self.Jenkins["url"],
data=data,
auth=('admin', self.Jenkins["passwd"]))
print(response.status_code,response.text)
return int(response.status_code)
if __name__ == '__main__':
if sys.argv[1] == "help":
print("1. 添加用户到users.txt中,每行一个.")
print("2. python role.py global globalName")
print("3. python role.py project projectName")
else:
server = auth()
roleType = sys.argv[1]
roleName = sys.argv[2]
#get users
f = open("users.txt","r")
users = f.readlines()
f.close()
#do grant
for user in users :
result = server.Grant(roleType,roleName,user)
if result <=400 :
print("--->{0}-->{1}-->{2} --->Success!".format(user,roleType,roleName))
else:
raise Exception("--->{0}-->{1}-->{2} --->Error!".format(user,roleType,roleName))Example users.txt file contains usernames, one per line, e.g., zhangsan<br/>lisi<br/>wangwu Finally, you can create a parameterized Jenkins job to run this script and manage user authorizations automatically.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
DevOps Cloud Academy
Exploring industry DevOps practices and technical expertise.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.