Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.
Bug 346167 - Consider allowing committers to create Hudson jobs directly
Summary: Consider allowing committers to create Hudson jobs directly
Status: RESOLVED FIXED
Alias: None
Product: Community
Classification: Eclipse Foundation
Component: CI-Jenkins (show other bugs)
Version: unspecified   Edit
Hardware: All All
: P3 enhancement (vote)
Target Milestone: ---   Edit
Assignee: Eclipse Webmaster CLA
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-05-17 17:41 EDT by Konstantin Komissarchik CLA
Modified: 2011-05-18 13:27 EDT (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Konstantin Komissarchik CLA 2011-05-17 17:41:16 EDT 
The current process for getting a new Hudson job is to open a bug. This process is unnecessarily cumbersome. If committers can be trusted to edit job, they could be trusted to create jobs as well. 

If there is concern over number of jobs, policy compliance, etc., that can be handled by a verification script rather than having a gatekeeper at job creation.
Comment 1 Eclipse Webmaster CLA 2011-05-18 09:35:06 EDT 
I'm sorry you find opening a bug(~5minutes) and getting your job within ~2 hours is 'cumbersome' or even 'onerous'.

This request would have been better phrased as:

Committers think hudson is awesome, and would love the chance to offload the task of job creation from Webmaster.


Since you asked so nicely I've enabled job create,job configure and job delete for all committers in hudson.  

-M.
Comment 2 Konstantin Komissarchik CLA 2011-05-18 11:40:50 EDT 
Thanks for doing this. My interest is in improving process efficiency. It was not my intention to offend. I apologize for my wording choice.

Regarding the configuration change, I am not sure that ability to edit or delete any job should be open to all comitters. That could lead to tragic accidents or misunderstandings. I think it would be sufficient to just open up create. Once a committer creates a job, they can configure that job's permissions as necessary to give access to others.
Comment 3 Eclipse Webmaster CLA 2011-05-18 11:48:18 EDT 
I can remove the configure and delete, but I suspect that without the 'configure' option, you won't be able to grant access to the job(since you will lack the configure option after it's created).  We can give it a try if you like.

-M.
Comment 4 Konstantin Komissarchik CLA 2011-05-18 11:56:52 EDT 
I am willing to test. I suspect the creator may get local configure access to the created job.
Comment 5 Eclipse Webmaster CLA 2011-05-18 11:59:51 EDT 
OK, I've removed the configure permissions.

-M.
Comment 6 Konstantin Komissarchik CLA 2011-05-18 12:08:52 EDT 
Ok.. Without global configure permission, I was not able to configure a _blank_ test job that I created, but I was able to create a job by copying an existing job that I had permission on. Those permissions were preserved.

How do you think we should proceed?
Comment 7 Eclipse Webmaster CLA 2011-05-18 13:20:41 EDT 
I think the solution is to trust that our community is unlikely to willfully hurt each other and re-instate the configure permission(done).  While you have outlined a work around, if someone forgets(or doesn't have a job to copy) it still results in a bug or message to webmaster.

But just to limit the potential harm(should an account be comprised) I've removed the global delete permission.

-M.
Comment 8 Konstantin Komissarchik CLA 2011-05-18 13:27:20 EDT 
Sounds good to me. Thanks.