Skip to main content
DevOps icon showing cogs

This post is from the XebiaLabs blog and has not been updated since the original publish date.

Last Updated Oct 09, 2016 — DevOps Expert

Repository Backups: No Permissions Left Behind

DevOps

We're excited to announce the beginning of our blog series, "DevOptimus Prime's Tool Tips!" This series will explore DevOps and Continuous Delivery tools, best practices, how-to's, and new features. Transform your release pipeline with DevOptimus Prime's Tool Tips. 


XL Deploy includes fine-grained access control that ensures the security of your middleware and deployments. The security mechanism is based on the concepts of principals, roles, and permissions.

 

Principles, Roles, and Permissions

Principles

A security principal is an entity that can be authenticated in XL Deploy. Out of the box, XL Deploy supports only users as principals; users are authenticated by means of a user name, and password. When using an LDAP repository, users and groups in LDAP are also treated as principals. For more information about LDAP, refer to How to connect to your LDAP or Active Directory.

Roles

Roles are groups of principals that have certain permissions in XL Deploy. Roles are usually identified by a name that indicates the role the principals have within the organization, for example, deployers. In XL Deploy, permissions can only be granted to or revoked from a role. When permissions are granted, all principals that have the role are allowed to perform some action or access repository entities. You can also revoke granted rights to prevent the action in the future.

Permissions

Permissions are rights in XL Deploy. Permissions control what actions a user can execute in XL Deploy, as well as which parts of the repository the user can see and change. XL Deploy supports global and local permissions.

Global permissions

Global permissions apply to XL Deploy and its repository. The following table shows the global permissions that XL Deploy supports.
PermissionDescription
adminGrants all rights within XL Deploy.
discoveryThe right to perform discovery of middleware.
loginThe right to log into the XL Deploy application. This permission does not automatically allow the user access to nodes in the repository.
security#editThe right to administer security permissions.
task#assignThe right to reassign any task to someone else.
task#takeoverThe right to assign any task to yourself.
task#preview_stepThe right to inspect scripts that will be executed with steps in the deployment plan.
report#viewThe right to see all the reports. When granted, the UI will show the Reports tab. To be able to view the full details of an archived task, a user needs read permissions on both the environment and application.
controltask#executeThe right to execute control tasks on configuration items.

Local permissions

In XL Deploy, you can set local security permissions on repository nodes (such as Applications or Environments) and on directories in the repository. Continue learning about roles and permissions in XL Deploy.

 

Command-line Interface Import/Export

When managing XL Deploy, you need to maintain regular backups of your repository so you can restore in case of failure. You can simply back up the whole repository or use the CLI based method for import/export. This method allows you to export the XL Deploy repository tree to a ZIP file that can be imported into the same or another XL Deploy server. The ZIP file contains all configuration item (CI) properties, including artifact files. For example, you can use this feature to create CIs in a sandbox or test instance of XL Deploy and then import them into a production XL Deploy instance. Export and import of all the permissions and roles that are applied either globally or on individual hierarchies is not supported. However, you can use the custom cli script, Export/Import roles and permissions, which can help you with both import and export of all roles/permissions in a JSON file. Here's how you can use it:
  • Download the raw file and save it as a python script.
  • Go to XL Deploy CLI client.
  • Copy the script under CLI_HOME/ext folder.
  • Start the CLI and connect to the target XL Deploy Server.
  • To Export, use the following command : exportSecToFile(absoluteDirectorypath)e.g., exportSecToFile("/user/myuser/home/") This will write security.json in that folder.
  • To Import in a fresh instance, use the following command : importSecFromFile(absoluteDirectorypath)e.g., importSecFromFile("/user/myuser/home/security.json")
 NOTE: Make sure you've imported the infrastructure, environment, and other hierachies first before using this script, otherwise you'll receive an error if it can't find a hierachy to apply permissions to. 
Continue mastering XL Deploy with our XL Deploy how-to page. It shows users all the tips and tricks they need to optimize their pipeline and start releasing software faster.

More from the Blog

View more
Sep 13, 2021

The Expedited Journey of Digital Transformation

DevOps
Alan Brown, Digital Transformation Advisor at Digital.ai conducts a se ...
Read More
Aug 23, 2021

Is Data Analytics Missing From Your Digital Transformation?

DevOps
Nearly every major enterprise is already in the process of digital tra ...
Read More
Aug 19, 2021

Creative Ways to Automate Developer Workflows

DevOps
When an organization begins an Agile or DevOps journey, the process ca ...
Read More
Aug 12, 2021

How Automation Enhances Efficiency and Delivery Speed In a DevOps Environment

DevOps
When organizations make the decision to move to a DevOps environment, ...
Read More
Contact Us