I have one TeamCity project Dac.Test that contains 3 configurations: DEV, QA, PROD.
Also I have some users associated with their Roles. Is this possible to hide / show certains configurations for selected users or groups?
For example: Users associated with group: Testers can see QA configuration, but not PROD and DEV.
There is no way of managing user permissions per-build, this is available on a project level only. You could create a sub-project in the Dac.Test project to cater for this
If you're looking for a way of stopping people from mistakenly running this build, the following approach will work.
This method uses a prompt box that will pop up after you click the run button, it also needs input from the user confirming that they mean to run the build.
No one can run this build by accident
Go to your build configuration in the TeamCity UI
From here, go to Edit Configuration Settings --> Parameters --> Add new parameter
Enter something like 'Confirmation' as the parameter name
Then beside 'Spec:', click the 'Edit...' button
Set up the parameter as shown in the following screenshot:
You will now be prompted and asked for confirmation when you click the run button. The user will have to enter 'YES' in the prompt box that appears, any other value will stop the user from building:
This is best accomplished by using TeamCity's built-in role management. Roles allow you to set fine-grained permissions for users and groups. One potential issue, however, is that roles are scoped to projects (not build configurations). You'll need to create a separate Dac.Test QA project+configuration and provide your Testers the necessary privileges there. You'll also need to make sure that they are stripped of all privileges for the Dac.Test project.
Related
We're working with IBM BPM 8.6.
In many workflows, we do the typical team assignment. The users can claim the task, and work with it. But there is a problem, they cannot assign the task back to the group within the Process Portal.
All we get is a tooltip with the "This action is not permitted" when we try to reassign back to the group.
Reassign back to group disabled image
The same happens if we try to reassign it to an specific user:
Reassign to user disabled image
We know that we could add the following instruction to the workflows:
tw.system.currentTask.reassignBackToRole()
to reassign it back,
but this would affect all the projects, and it would require time and resources to do so.
Any help or hints will be appreciated.
You need to check the "action policies" for the Portal (https://www.ibm.com/support/knowledgecenter/SS8JB4_19.x/com.ibm.wbpm.imuc.doc/topics/restricting_access_to_portal_functions.html). I searched for "process portal action policies" to find the linked page (IBMs URLs can be pretty transient).
The one you're interested in is "ACTION_REASSIGN_TASK". This should be available to all users by default so perhaps it has been changed. You can use was_admin to change or check the values e.g.
wsadmin>AdminConfig.modify(getBPMPolicyAction("ACTION_REASSIGN_TASK"), [["roles", "newrole"]])
wsadmin>AdminConfig.save()
Can I copy/clone the whole instance from one to different?
How can I do that? Is there any widget?
If anyone can help me, that would be great.
Yes you can, with a few caveats:
Only users with an Admin role can request a clone
by default the clone target instance must be non-prod (this can be changed in the system properties though)
personal developer instances cannot be a target instance
Instructions:
As an Admin (user with admin role), in the navigation menu of the
source instance, go to "clone targets" and click "new". It will ask
for the target URl, user name and password.
Now you have a clone target, in the navigation menu of the source
instance, go to "request clone". You need to select the newly
created target instance, a scheduled time for the clone (usually has
to be a few hours in the future), and fillout your email address so
you get updates on progress.
Once the clone is completed, you can log into the target instance which will be freshly cloned.
I am new to sonarqube and was able diable/deactivate default rules that comes with sonar. However I would like to know if there is a way to delete/remove default rules from sonar ?
yes of course you can disable some rules and change the level (major, minor etc) in the admin console of your sonarqube and you can use a custom quality profile with a selected rules to analyse you project
http://docs.sonarqube.org/plugins/servlet/mobile#content/view/6964603
Log in as Admin.
Through Quality profile we will be able to activate and deactivate the default rules.
3.Ability to create a new profile with specific rules and scan the project with this new profile.
The following worked for me:
Log in as admin
Set another profile as default, i.e. not the one you want to remove.
Now the non-default profile will be deletable.
I was following this tutorial so I could add Diagnostics to my worker role. I followed all the steps but when I get up to Step 1 of the "Azure Diagnostics" section, I can see the "Send Diagnostics data to Application Insights" checkbox there, but I am unable to select it.
When I click on it, it doesn't toggle, stays unchecked.
What may cause this to occur? Are there any steps specific to Worker Roles to get this working that Web Roles didn't need?
If you don't see the "Send diagnostics data to Application Insights" dialog when you click the Checkbox (which sounds like a bug, I'm wondering if this is happening to all of your worker role projects even with newly created ones), you can still manually edit the configuration files to achieve the same thing.
First go to the Settings tab in the role properties page and add a new setting item named "APPINSIGHTS_INSTRUMENTATIONKEY". The "Type" of the setting should be "String". The "Value" of the setting should be the instrumentation key of your target Application Insights resource. You can find it on the Azure portal by selecting the resource and then go to its Settings -> Properties blade.
Then open the "diagnostics.wadcfgx" file under your worker role in Solution Explorer. From there add an attribute "sinks" with value "applicationInsights.errors" to the "DiagnosticsMonitorConfiguration" element. The element should then looks like this:
<DiagnosticMonitorConfiguration overallQuotaInMB="4096" sinks="applicationInsights.errors">
In the same file, add the following section under the WadCfg element:
<SinksConfig>
<Sink name="applicationInsights">
<ApplicationInsights />
<Channels>
<Channel logLevel="Error" name="errors" />
</Channels>
</Sink>
</SinksConfig>
So, it turns out that I needed to put the instrumentation key in both the Cloud and Local service configurations. I had only had it on cloud as I thought I would only be using the diagnostics on cloud deployments.
We have a TeamCity instance with a variety of projects and build configurations on it, with no security set up at present. Although it's OK for most of the projects to be publicly visible, we'd like to set up a couple of projects that are only visible to certain users.
Because there are many public projects already set up on the server, across a variety of teams, we'd like to avoid setting up restrictions on everything - that is, we'd rather use "deny access to project Z" than "allow access to project A, allow access to project B, ..., allow access to project Y".
How can I restrict access to these projects without affecting the public projects?
In case anyone still needs an answer, this can be done by TeamCity itself.
Go to Administration -> Groups -> 'Create new group'. For example, public
Assign roles to this group. You can choose 'Grant role in selected projects' radio button and choose those public projects and click Assign button.
I wanted to Create 'Testers' group and give them permission to trigger deployments for 'Test Build Configuration' only. Here is what I did. (BTW, this is TC 9.1 )
Go and 'Enable Per Project Permissions'
Created a role 'Project Tester' under 'Roles' and assign permissions 'run build' to the role
Created a group 'Test Team' and assigned the role 'Project Tester' to it.
And obviously, add the users to the group. Hope that helps someone.