Buildbot no longer supports Python 2.7 on the Buildbot master.


This page documents the latest, unreleased version of Buildbot. For documentation for released versions, see

3.3.13. Authorization

Buildbot authorization is designed to address the following requirements:

  • Most of the configuration is only data: We avoid to require from the user to write callbacks for most of the use cases. This is to allow to load the config from yaml or json, and eventually do a UI for authorization config.

  • Separation of concerns:

    • Mapping users to roles

    • Mapping roles to REST endpoints

  • Configuration should not need hardcoding endpoint paths

  • Easy to extend Use cases

  • Members of admin group should have access to all resources and actions

  • Developers can run the “try” builders

  • Integrators can run the “merge” builders

  • Release team can run the “release” builders

  • There are separate teams for different branches or projects, but the roles are identical

  • Owners of builds can stop builds or buildrequests

  • Secret branch’s builds are hidden from people except explicitly authorized