puppet-jenkins
puppet-jenkins copied to clipboard
voxpupuli
Native Support for LDAP
I can't figure out a good way to get LDAP supported with this module. If I enable it myself then the CLI tool stops working.
@tedivm what do you mean "LDAP support"? What functionality would that enable for you?
I'm not using Jenkins with LDAP and while I'm aware of how that works inside of the Jenkins context, I'm not sure I understand what you're asking for here
LDAP authentication. I want to define a set of LDAP attributes in my puppet config, so when a jenkins host rolls up the only people who can access it are those in my directory and with the attributes I defined.
The other issue I have is that once I setup LDAP the CLI tool stops working. Resolving this is a matter of adding a user into ldap for CLI and the running the --login option to save those parameters. It would be nice if it was possible to specify credentials for the user via puppet (just for the command line, I'm not expecting this module to modify ldap).
See: https://issues.jenkins-ci.org/browse/JENKINS-15063 TL;DR when using the ldap plugin, the jenkins admin ssh private key credentials must be in ldap.
I extended the puppet_helper.groovy to support ldap configuration. This is my first groovy code ever, so i need to beautify the code a lot. But it works executing the 'actions' the same way as the jenkins::cli::exec.
I'm looking for some comments/advice cmcerning my code. One can the ldap piece here : https://gist.github.com/witjoh/c01a7c24fc9e100c6c1bc5a65d79f649
Since the ldap is now a jenkins plugin, I'm looking for a way to put the code specific for a plugin in its own groovy file, that in a way extends the main puppet_helper classes.
When i get may code cleaner, I can crfeate a pull request. but now I will try to use the ldap groovy code in some puppet code. And maybe when i'm in a crazy mood add some new type/providers for it.
In the meantime waiting for some feedback/guidance
Thx
