diff options
| author | Igor Pashev <pashev.igor@gmail.com> | 2018-08-16 19:40:52 +0300 |
|---|---|---|
| committer | Igor Pashev <pashev.igor@gmail.com> | 2018-08-16 19:40:52 +0300 |
| commit | dfbd782783f643159a67452a313cf13fa7259134 (patch) | |
| tree | 4d85964f048eeb5e3275d04ad4ef940e046a5bee | |
| parent | 6346fed88fac0d9652df7385b206d29b0219faee (diff) | |
| download | nixsap-dfbd782783f643159a67452a313cf13fa7259134.tar.gz | |
Add new Jenkins option `master-access-control`
True by default, i. e. enable slave to master access control
See https://wiki.jenkins.io/display/JENKINS/Slave+To+Master+Access+Control
| -rw-r--r-- | modules/apps/jenkins/default.nix | 3 | ||||
| -rw-r--r-- | modules/apps/jenkins/instance.nix | 13 |
2 files changed, 15 insertions, 1 deletions
diff --git a/modules/apps/jenkins/default.nix b/modules/apps/jenkins/default.nix index bd69477..42ae197 100644 --- a/modules/apps/jenkins/default.nix +++ b/modules/apps/jenkins/default.nix @@ -87,6 +87,9 @@ let '') (jobFiles name cfg) )} + mkdir -p secrets + echo ${if cfg.master-access-control then "false" else "true"} > secrets/slave-to-master-security-kill-switch + if [ -f ${path} ]; then old=$(cat ${path}) else diff --git a/modules/apps/jenkins/instance.nix b/modules/apps/jenkins/instance.nix index 2c01391..6cca8a4 100644 --- a/modules/apps/jenkins/instance.nix +++ b/modules/apps/jenkins/instance.nix @@ -9,7 +9,9 @@ let concatStrings filterAttrs hasSuffix mapAttrsToList mkOption ; inherit (lib.types) - addCheck attrsOf either enum int listOf nullOr package path str submodule ; + addCheck attrsOf bool either enum int listOf nullOr package path str + submodule + ; default = d: t: mkOption { type = t; default = d; }; optional = t: mkOption { type = nullOr t; default = null; }; @@ -51,6 +53,15 @@ in { default = "/jenkins/${name}"; }; + master-access-control = mkOption { + description = '' + Enable Agent -> Master Access Control. + See https://wiki.jenkins.io/display/JENKINS/Slave+To+Master+Access+Control + ''; + type = bool; + default = true; + }; + jobs = mkOption { description = '' Jenkins jobs. Each value is either inline XML text or an XML file. |