Implemented jenkins scripts approving from client size
Change-Id: Ieb3d5d6b8c315487e304c05f05e507417acd88b3
diff --git a/_states/jenkins_approval.py b/_states/jenkins_approval.py
new file mode 100644
index 0000000..63df775
--- /dev/null
+++ b/_states/jenkins_approval.py
@@ -0,0 +1,126 @@
+import logging
+logger = logging.getLogger(__name__)
+
+approve_signature_groovy = """\
+import org.jenkinsci.plugins.scriptsecurity.scripts.ScriptApproval
+import org.jenkinsci.plugins.scriptsecurity.scripts.languages.GroovyLanguage
+import org.jenkinsci.plugins.scriptsecurity.scripts.ApprovalContext
+def signature = "{signature}"
+def scriptApproval = ScriptApproval.get()
+def approvedSignatures = Arrays.asList(scriptApproval.approvedSignatures)
+if(approvedSignatures.contains(signature)){{
+ println("EXISTS")
+}}else{{
+ try{{
+ scriptApproval.pendingSignatures.add(new ScriptApproval.PendingSignature(signature, false, ApprovalContext.create()))
+ scriptApproval.approveSignature(signature)
+ if(approvedSignatures.contains(signature)){{
+ print("SUCCESS")
+ }}else{{
+ print("FAILED")
+ }}
+ }}catch(e){{
+ print(e)
+ }}
+}}
+""" # noqa
+
+deny_signature_groovy = """\
+import org.jenkinsci.plugins.scriptsecurity.scripts.ScriptApproval
+import org.jenkinsci.plugins.scriptsecurity.scripts.languages.GroovyLanguage
+import org.jenkinsci.plugins.scriptsecurity.scripts.ApprovalContext
+def signature = "{signature}"
+def scriptApproval = ScriptApproval.get()
+def approvedSignatures = Arrays.asList(scriptApproval.approvedSignatures)
+if(approvedSignatures.contains(signature)){{
+ try{{
+ scriptApproval.denySignature(signature)
+ if(!scriptApproval.approvedSignatures.contains(signature)){{
+ print("SUCCESS")
+ }}else{{
+ print("FAILED")
+ }}
+ }}catch(e){{
+ print(e)
+ }}
+}}else{{
+ print("NOT PRESENT")
+}}
+
+
+"""
+
+def approved(name):
+ """
+ Jenkins Script approval approve state method
+
+ :param name: signature to approve
+ :returns: salt-specified state dict
+ """
+ test = __opts__['test'] # noqa
+ ret = {
+ 'name': name,
+ 'changes': {},
+ 'result': False,
+ 'comment': '',
+ }
+ result = False
+ if test:
+ status = "SUCCESS"
+ ret['changes'][name] = status
+ ret['comment'] = 'Jenkins script approval config %s %s' % (name, status.lower())
+ else:
+ call_result = __salt__['jenkins_common.call_groovy_script'](
+ approve_signature_groovy, {"signature":name})
+ if call_result["code"] == 200 and call_result["msg"] in ["SUCCESS", "EXISTS"]:
+ status = call_result["msg"]
+ if status == "SUCCESS":
+ ret['changes'][name] = status
+ ret['comment'] = 'Jenkins script approval config %s %s' % (name, status.lower())
+ result = True
+ else:
+ status = 'FAILED'
+ logger.error(
+ "Jenkins script approval API call failure: %s", call_result["msg"])
+ ret['comment'] = 'Jenkins script approval API call failure: %s' % (call_result[
+ "msg"])
+ ret['result'] = None if test else result
+ return ret
+
+
+def denied(name):
+ """
+ Jenkins Script approval deny state method
+
+ :param name: signature to deny
+ :returns: salt-specified state dict
+ """
+ test = __opts__['test'] # noqa
+ ret = {
+ 'name': name,
+ 'changes': {},
+ 'result': False,
+ 'comment': '',
+ }
+ result = False
+ if test:
+ status = "SUCCESS"
+ ret['changes'][name] = status
+ ret['comment'] = 'Jenkins script approval config %s %s' % (name, status.lower())
+ else:
+ call_result = __salt__['jenkins_common.call_groovy_script'](
+ deny_signature_groovy, {"signature":name})
+ if call_result["code"] == 200 and call_result["msg"] in ["SUCCESS", "NOT PRESENT"]:
+ status = call_result["msg"]
+ if status == "SUCCESS":
+ ret['changes'][name] = status
+ ret['comment'] = 'Jenkins script approval config %s %s' % (name, status.lower())
+ result = True
+ else:
+ status = 'FAILED'
+ logger.error(
+ "Jenkins script approval API call failure: %s", call_result["msg"])
+ ret['comment'] = 'Jenkins script approval lib API call failure: %s' % (call_result[
+ "msg"])
+ ret['result'] = None if test else result
+ return ret