Caution

Buildbot is deprecating Python 2.7. This is one of the last releases supporting it on the buildmaster. More info.

3.2.14. Authorization

Buildbot authorization is designed to address the following requirements

• Most of the configuration is only data: We avoid to require user to write callbacks for most of the use cases. This to allow to load the config from yaml or json and eventually do a UI for authorization config.

• Separation of concerns:

  • Mapping users to roles
  • Mapping roles to REST endpoints.

• Configuration should not need hardcoding endpoint paths.

• Easy to extend

3.2.14.1. Use cases

• Members of admin group should have access to all resources and actions
• developers can run the “try” builders
• Integrators can run the “merge” builders
• Release team can run the “release” builders
• There are separate teams for different branches or projects, but the roles are identical
• Owners of builds can stop builds or buildrequests
• Secret branch’s builds are hidden from people except explicitly authorized