|
Ben,
Thanks for the feedback on here. At the moment, we probably won't be able to squeeze in the fine grained permissioning for the 1.0 release. I suspect that when we do attack this, it'll be based on something along the lines of project roles in JIRA Cheers, Mark C Mark,
Indeed, JIRA's project roles system would fit nicely. As long as I can manage users / groups / project roles members via an RPC interface (I can live with creating the permission scheme by hand). Thanks, Ben We've just set up bamboo for our site, where we also run JIRA, Confluence, and Crowd. We are a software services company as well; the permission system in JIRA works VERY well for our needs. We'd like to see pretty much exactly the same thing for Bamboo. I'd even go so far as to say it should be exactly the same (BAM-489 would help/cover this) and the integration should pick up the permissions for a project that exists in both places automatically. Probably should comment that on BAM-489...
Liking the product so far, though. Kenneth,
Thanks for the comments. Project / Plan level permissions are definitely things fairly high on our priority list for new features, so please stay tuned. Regards, One of the risks with CI is that typically all projects build as the same user; any credentials required for upload of artifacts etc are thus able to be compromised by other project's build scripts.
One cunning plan I had was that the bamboo user would be able to sudo to a variety of project level build accounts. I'm not suggesting that bamboo be given root permissions. There are a variety of ways of doing this with varying degrees of convenience and security. I think you should group the projects and the permission the project groups.
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 |
|
New Feature
Resolved
Major
Permissions for User and Groups
We are just going to have to restrict it to our internal staff only. It would be nice to give clients access without having to separate instances.
As always we love having an API (that works) for configuring the whole thing. Generally our requirements are found at http://docs.codehaus.org/display/DESPOTS/When+Codehaus+Attacks%21
(Please don't take this as a demand, or ultimatum. I see Bamboo as being a usable CI tool and I'd like to see it evolve in a way that is compatible with Codehaus. Further, I don't see our 'requirements' as being that far from larger commercial installations.)