Authorization

On Wercker everything you create, whether in builds or applications, is private by default. The exception to this rule is your profile. The information shared on the profile by default is little more than the username and a link to your GitHub, Bitbucket, or GitLab profile.

Although an application is private by default, it can be made public. You can do this after adding the application to Wercker: Go to the settings tab and tick the public app checkbox. On a public application users who are logged in (as well as anonymous users) can see builds, build steps list and build step detail (i.e., the log). Deploy targets and deploy information are not accessible. Keep in mind that even though a build step and the test log may be public, the actual code is not visible on Wercker, with the exception of stack traces and/or other information displayed by the test tools.

In other words, a user’s ability to access builds, build steps, view deploy logs or an application is defined at the application level.

Roles and Permissions

There are three roles defined at this moment:

  • build
  • build+deploy
  • admin

build

A user with build permissions can see builds, build steps together with its details, view deploy logs and can follow/unfollow applications. A note about deploy logs: some sensitive information may be visible in the deploy logs, but Wercker allows some output to be hidden from the view.

build+deploy

A user with build+deploy permissions can do all of the things that a user with build permissions can, but can also trigger deploys and create new deploy targets.

admin

Like the owner of a project, users with admin permissions can do the same as those with build+deploy permissions. In addition, an admin user can:

  • change settings on the project (set the application to public/private)
  • change permissions for collaborators
  • change the ownership of a project.

For more information, see Roles and Permissions.