As you can see in the picture I have project administrator permission and I added some projects to Project Administrators group.
Today I created 2 new projects. And VSTS groups stuck to Custom group.
I don't know why I have a new group which is called Custom even I don't have it in Security/Groups.
I can't change Custom to Project Administrators and for other users to Contributor.
After all, I created a Test project and I didn't get any issues.
How can I fix the problem? Thanks
Custom simply means you're a member of one or more groups that are not in the list of:
Project Administrators
Project Contributors
Project Readers
The project's Default Team
For example, you're a member of a Team (Teams are represented as a security group). Or you're a member of any custom created group within the project. These custom groups are not shown in the Manage projects dialogue.
I do not see the behaviour of not being able to change the values, the only reason I can think of is that your user doesn't have permissions to manage permissions in those projects. Have you tried changing the security directly through the project's own Security tab?
Related
So, I have owner privileges on some group in Gitlab (not privately hosted instance), and there is a registered runner that I want to assign to a new project in order to use it for CD (It is in use on other projects I am an owner at). However, I don't see it in CI/CD runners settings even though it is not locked for one project. I was also trying this https://docs.gitlab.com/ee/api/runners.html#enable-a-runner-in-project solution (API call) Gitlab provides but it seems like the runner does not exist (generic error, it says the page does not exist or I have no permission).
I thought it might be a permissions problem but it doesn't make sense (or does it?) because I have owner privileges. In docs they say:
"If you are Master on a project where a specific Runner is assigned to, and the Runner is not locked only to that project, you can enable the Runner also on any other project where you have Master permissions.
To enable/disable a Runner in your project:
Visit your project's Settings > CI/CD
Find the Runner you wish to enable/disable
Click Enable for this project or Disable for this project"
and well, I can't find it. Does it sound like a bug/mistake on docs or my lack of knowledge? And if it is my lack of knowledge, do you have any ideas for possible solutions?
TL;DR:
It seems like some kind of group permissions bug.
A possible workaround is to create another user and invite him to a project that uses that specific runner, as master (not owner), and then invite him to the project you want to assign that specific runner to. then, you will have that runner available under specific runners.
Ok, it seems to be a problem with gitlab/gitlab-runner permissions, or just a rather strange behavior. This is what someone wrote in the issues section of the project ( https://gitlab.com/gitlab-org/gitlab-runner/issues/1322 ):
"Consider the following setup:
user_A is owner of project_1, runner_R is registered with project_1's token
user_A is owner of project_2
--> runner_R is NOT visible to user_A from project_2
user_A is promoted master of project_1
--> runner_R is now visible to user_A from project_2
hence my conclusions:
i don't need to be master of a project to select a runner from a project i own, being an owner works too
being a project owner is not sufficient for a project's runner to be visible to me from another project, i need to be master of the project where the runner was registered"
I hope it might be helpful to someone facing the same problem as me.
I have just installed SonarQube 6.7 and I am creating users for my colleagues, who would like to create a project from their source code hosted on GitHub repositories.
So far I did not find a way to let users create a project, without setting them as system administrator. Apparently a project is created indeed from the Create Project button on the Administration > Projects > Management page as reported in the official documentation.
Unfortunately in this way, most users should be set as admin if they want to create projects: therefore they will be able to manage the users and the whole system. As you can imagine it is not ideal situation, when a lot of administrators on a system.
How can users be able to create a project without having admin privileges over the whole system (configuration, security, users, etc.)?
I thank you in advance for your help!
Your users need the Create Projects global permission. You can grant this individually or by putting them in a group and giving the group the permission.
They'll need the Execute Analysis global permission as well (another argument for using a group). Once these permissions are granted, they'll be able to analyze projects. Any project that doesn't already exist will be created in SonarQube on the first analysis.
Vittorio C. I have the same issue as you in the SonarQube 6.7.
Issue: few options will not show up for example "create projects under global permissions"
Resolution: Just search the "create user"s in the search window( shown in the screenshot) and it will start appearing.
Also if you think any option is not appearing but which ideally should, you can apply the same trick.
for example with maven, mvn package sonar:sonar will create project if no exist in sonarqube. If you want to create it before first use you can use web api, for example have a look at https://next.sonarqube.com/sonarqube/web_api/api/projects/create If i'm not wrong the create API is open to everyone.
Our office uses VSS as source control. Just come to know that VSTS is free for five users and our team is very small with 5 devs.
I have never use VSTS. so i have few questions. please answer pointwise and with detail along with images if possible.
how to create an account for VSTS?
how to upload our local project exist on my pc to VSTS
how could I send an invitation to other 4 developers in our team, as a result, they can clone our uploaded project on their own pc and start working?
I got one link which is showing how to Add Local Project to GIT in VSTS but I need to know how to add a project to TFVC in VSTS.
Create an account
Go to VisualStudio.com, log in using MSA, pick an available account name and register. If you have an Azure subscription and an Azure Active Directory, you can also create the account from the Azure portal, that way you can use your company-account to log on.
Upload local project
When you create your first project you get to choose whether you want TFVC or Git. Once the project is created, getting your sources in differs depending on your choice.
If you pick TFVC you must create a local workspace on your machine, copy the sources into that directory, then check them in.
Invite other users
To add other users to VSTS they need to have an MSA account or to be part of your AAD (depending on how you setup your account). Then go to the Users hub in the VSTS admin panel and add them to your account. The first 5 basic users are free. If users have an MSDN account (pro or higher) they do not count towards the free user limit as VSTS access is included in the subscription.
I am currently setting up a VSTS project for our team, and want to follow the MS approved 'One project with multiple areas' approach. I'd would like to silo the git repos on a per team basis (similar to how the work items work), however the teams all have the same members. Is this possible? Here's an example...
I create a project in VSTS, let's call it MainProject. I also have a team of 4 developers, and they are all members of a group in VSTS called MyDevGroup.
Under MainProject, I set up two teams, and two areas, let's call them Main Project / Team1 and MainProject / Team2. I add the group MyDevGroup separately to the security for those two teams. At this stage, if one of the team access this through VS, they can see those two teams, and if they were to add a new Work Item, depending on which team they had currently selected, it would assign it to the correct area. This is great.
I also create two git repos, let's call them MainProject / Repo1 and MainProject / Repo2, and assign Team1 at a contributor level to Repo1, and Team2 to Repo2. However, in VS, if the user is currently looking at MainProject / Project1 team, they can still clone either repo - they see both.
This is problematic, as you can imagine a scenario where a user might have the Team1 team selected in VS, but accidentally check out Repo2 and work on it.
So, is there a way to restrict a repo to a team?
EDIT: Further to this, I realise that once you open the solution in a particular repo, close VS then re-open it, it will refer to the correct repo. However it doesn't keep the reference to the correct team. It keeps the last team opened rather than the team I'd selected for the solution. Is there a way to have VS keep the team I had selected when I closed the solution?
EDIT 2: Duplicate of this - VSTS/TFS GUI: Auto-switch repository per team view?
As per this link, this is not possible with the current functionality of VSTS. Hopefully this will be possible in the future.
My company has a particular way of working, with an existing CI system, and I'd like to find a way of moving to TeamCity. I've run into a problem with permissions though.
In our current system, a group of developers might be assigned to project A. They can add/modify/remove continuous integration tasks that are related to (are children of) project A, but they can't delete project A itself.
I've got a test install of TeamCity 10, set up with per-project permissions. Project A is a top-level project. There's a projA group, which assigns a dev guy role with scope limited to Project A. user A is a member of the projA group.
Whatever permissions I choose for the dev guy role, it seems to have one of two outcomes, neither of which is useful:
user A can't delete Project A, but can't create or modify build configurations.
user A can create and modify build configurations, but can also delete Project A.
It looks like Edit project is the relevant permission, but it's not granular enough -- it includes some abilities I don't want along with the ones I do.
Is there a way around this?