#!groovy
import javaposse.jobdsl.plugin.GlobalJobDslSecurityConfiguration
import jenkins.*
import jenkins.model.*
import jenkins.security.s2m.AdminWhitelistRule
import hudson.markup.RawHtmlMarkupFormatter
import hudson.security.csrf.DefaultCrumbIssuer
def env = System.getenv()
def jenkins = Jenkins.getInstance()
println "--> disabling scripts security for job dsl scripts"
GlobalConfiguration.all().get(GlobalJobDslSecurityConfiguration.class).useScriptSecurity=false
println "--> disabling the Jenkins CLI"
CLI.get().setEnabled(false)
if(jenkins.getCrumbIssuer() == null) {
println "--> enabling CSRF Protection"
jenkins.setCrumbIssuer(new DefaultCrumbIssuer(true))
jenkins.save()
}
println "--> enabling slave master access control"
jenkins.injector.getInstance(AdminWhitelistRule.class).setMasterKillSwitch(false);
jenkins.save()
println "--> setting num executors to 1"
jenkins.setNumExecutors(1)
jenkins.save()
println "--> setting url and email"
def jenkinsLocationConfiguration = JenkinsLocationConfiguration.get()
jenkinsLocationConfiguration.setUrl("http://localhost:${env.HTTP_PORT}")
jenkinsLocationConfiguration.setAdminAddress("Devops Jenkins <devops+jenkins@anatwine.com>")
jenkinsLocationConfiguration.save()
println "--> setting raw HTML formatter setting to false"
jenkins.setMarkupFormatter(new RawHtmlMarkupFormatter(false))
jenkins.save()