[Fuego] Node based access restriction in Fuego

[Tim.Bird at sony.com]

> -----Original Message-----
> From: Dhinakar Kalyanasundaram 
> 
> Dear Fuego Users,
> 
> Anyone has any clue about how to get this working in Fuego? or
> 
> if anyone tried using 'ownership' Jenkins plugin
> (https://github.com/jenkinsci/ownership-
> plugin/blob/master/doc/OwnershipBasedSecurity.md) in Fuego please let
> me know.


I don't know if this will solve your problem or not, but it may be possible
to use an 'OwnershipBasedSecurity' plugin module for Jenkins, if you
can find a version that worked with Fuego's version of Jenkins.

I don't know how old the OwnershipBasedSecurity plugin is (that is, when
it came into existence).  However, when we had problems running new plugins
with the Jenkins 2.32.1 version (the one currently used by Fuego version 1.3 (and above),
I had to hardcode the plugin version numbers in the Dockerfile, and use a custom
plugin install script.

See the Dockerfile in the Fuego repository where it has these lines:

RUN /usr/local/bin/install-plugins.sh ant:1.7 \
    bouncycastle-api:2.16.2 \
    description-setter:1.10 \
    display-url-api:2.1.0 \
    external-monitor-job:1.7 \
    greenballs:1.15 \
    icon-shim:2.0.3 \
    javadoc:1.4 \
    junit:1.21 \
    ldap:1.17 \
    mailer:1.20 \
    matrix-auth:1.7 \
    matrix-project:1.12 \
    antisamy-markup-formatter:1.5 \
    pam-auth:1.3 \
    pegdown-formatter:1.3 \
    script-security:1.35 \
    structs:1.10 \
    windows-slaves:1.3.1

If you can find a version of the OwnershipBasedSecurity module that works
with Jenkins 2.32.1, then you could add it to this list.

You might be able to test this, prior to adding an entry for it to the Dockerfile,
by running the install_plugins.sh script in your current Fuego container.  The script
is located in /usr/local/bin inside the container.

I don't know if this will work or not, but it's worth a try.
Good luck!

Regards,
 -- Tim