Ticket #482 (accepted enhancement)
LDAP authentication of build requests
|Reported by:||ipv6guru||Owned by:||jollyroger|
Description (last modified by dustin) (diff)
Here's a patch against buildbot 0.7.2 that allows you to specify a build authenticator when creating a waterfall display. 2wire uses this because our production builds are expensive - it takes lots of time to run the performance regression suite and lots of storage to keep build products around indefinitely.
The build authenticator I've included is an LDAP one that requires the ldaptor 0.0.43 module from http://www.inoi.fi/open/trac/ldaptor/.
In hindsight, I probably should have done it as an attribute to each builder rather than to the waterfall display. Our unittest builds aren't that expensive, but for now people will just have to wait for the p4poller to notice changes.
It's lightly tested by hand. Not sure how to unit test this.
Example usage for an ActiveDirectory? server:
from ldaptor import pureldap from buildbot import ldapauth build_authenticator=ldapauth.LDAPAuthenticationSource( base_dn='cn=Users,dc=corp,dc=2wire,dc=com', attr='sAMAccountName', bind_dn='cn=ldap_queries,cn=Users,dc=corp,dc=2wire,dc=com', bind_pw='<censored>', filter=pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription('memberOf'), assertionValue=pureldap.LDAPAssertionValue( 'CN=Build Engineering,CN=Users,DC=corp,DC=2wire,DC=com') ) ) c['status'].append(html.Waterfall(http_port=8010, build_authenticator=build_authenticator))
- Type changed from defect to enhancement
- Description modified (diff)
- Owner set to jollyroger
- Status changed from new to accepted