From dfbd782783f643159a67452a313cf13fa7259134 Mon Sep 17 00:00:00 2001 From: Igor Pashev Date: Thu, 16 Aug 2018 19:40:52 +0300 Subject: Add new Jenkins option `master-access-control` True by default, i. e. enable slave to master access control See https://wiki.jenkins.io/display/JENKINS/Slave+To+Master+Access+Control --- modules/apps/jenkins/default.nix | 3 +++ modules/apps/jenkins/instance.nix | 13 ++++++++++++- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/modules/apps/jenkins/default.nix b/modules/apps/jenkins/default.nix index bd69477..42ae197 100644 --- a/modules/apps/jenkins/default.nix +++ b/modules/apps/jenkins/default.nix @@ -87,6 +87,9 @@ let '') (jobFiles name cfg) )} + mkdir -p secrets + echo ${if cfg.master-access-control then "false" else "true"} > secrets/slave-to-master-security-kill-switch + if [ -f ${path} ]; then old=$(cat ${path}) else diff --git a/modules/apps/jenkins/instance.nix b/modules/apps/jenkins/instance.nix index 2c01391..6cca8a4 100644 --- a/modules/apps/jenkins/instance.nix +++ b/modules/apps/jenkins/instance.nix @@ -9,7 +9,9 @@ let concatStrings filterAttrs hasSuffix mapAttrsToList mkOption ; inherit (lib.types) - addCheck attrsOf either enum int listOf nullOr package path str submodule ; + addCheck attrsOf bool either enum int listOf nullOr package path str + submodule + ; default = d: t: mkOption { type = t; default = d; }; optional = t: mkOption { type = nullOr t; default = null; }; @@ -51,6 +53,15 @@ in { default = "/jenkins/${name}"; }; + master-access-control = mkOption { + description = '' + Enable Agent -> Master Access Control. + See https://wiki.jenkins.io/display/JENKINS/Slave+To+Master+Access+Control + ''; + type = bool; + default = true; + }; + jobs = mkOption { description = '' Jenkins jobs. Each value is either inline XML text or an XML file. -- cgit v1.2.3