Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / jenkins / 3d8bffe2d80ebdfb69bd89b434e763aa1847f978 / . / _states / jenkins_user.py
blob: c2f2d9b2e480ad55bb9307147d4c83de843a375d [file] [log] [blame]
Jakub Josef3de91af2016-12-08 17:03:33 +0100[diff] [blame]1import logging
2logger = logging.getLogger(__name__)
3
4create_admin_groovy = u"""\
5import jenkins.model.*
6import hudson.security.*
7def instance = Jenkins.getInstance()
Jakub Josef26956a62017-03-22 16:32:28 +0100[diff] [blame]8if(hudson.model.User.getAll().find{{u->u.fullName.equals("{username}")}}){{
9 print("EXISTS")
10}}else{{
11 def hudsonRealm = new HudsonPrivateSecurityRealm(false)
12 def result=hudsonRealm.createAccount("{username}","{password}")
13 instance.setSecurityRealm(hudsonRealm)
14 def strategy = new hudson.security.FullControlOnceLoggedInAuthorizationStrategy()
15 strategy.setAllowAnonymousRead(false)
16 instance.setAuthorizationStrategy(strategy)
17 instance.save()
18 if(result.toString().equals("{username}")){{
19 print("SUCCESS")
20 }}else{{
21 print("FAILED")
22 }}
23}}
Jakub Josef7ae6b242016-12-14 14:41:44 +0100[diff] [blame]24""" # noqa
Jakub Josef3de91af2016-12-08 17:03:33 +0100[diff] [blame]25
26
27create_user_groovy = u"""\
Jakub Josef26956a62017-03-22 16:32:28 +0100[diff] [blame]28if(hudson.model.User.getAll().find{{u->u.fullName.equals("{username}")}}){{
29 print("EXISTS")
30}}else{{
31 def result=jenkins.model.Jenkins.instance.securityRealm.createAccount("{username}", "{password}")
32 if(result.toString().equals("{username}")){{
33 print("SUCCESS")
34 }}else{{
35 print("FAILED")
36 }}
37}}
Jakub Josef3de91af2016-12-08 17:03:33 +0100[diff] [blame]38""" # noqa
39
Jakub Josefe3807982016-12-15 11:54:51 +0100[diff] [blame]40
Ilya Kharin3d8bffe2017-06-22 17:40:31 +0400[diff] [blame^]41def __virtual__():
42 '''
43 Only load if jenkins_common module exist.
44 '''
45 if 'jenkins_common.call_groovy_script' not in __salt__:
46 return (
47 False,
48 'The jenkins_user state module cannot be loaded: '
49 'jenkins_common not found')
50 return True
51
52
Jakub Josef3de91af2016-12-08 17:03:33 +0100[diff] [blame]53def present(name, username, password, admin=False):
54 """
55 Main jenkins users state method
56
57 :param username: user name
58 :param password: user password
59 :param admin: is admin user flag (username will be always admin)
60 :returns: salt-specified state dict
61 """
62 test = __opts__['test'] # noqa
63 ret = {
64 'name': username,
65 'changes': {},
66 'result': False,
67 'comment': '',
68 }
69
70 result = False
71 if test:
72 status = 'CREATED'
73 ret['changes'][username] = status
74 ret['comment'] = 'User %s %s' % (username, status.lower())
75 else:
Jakub Josef26956a62017-03-22 16:32:28 +0100[diff] [blame]76 call_result = __salt__['jenkins_common.call_groovy_script'](
77 create_admin_groovy if admin else create_user_groovy, {"username": username, "password": password})
78 if call_result["code"] == 200 and call_result["msg"] in ["SUCCESS", "EXISTS"]:
79 if call_result["msg"] == "SUCCESS":
Jakub Josef7ae6b242016-12-14 14:41:44 +0100[diff] [blame]80 status = "CREATED" if not admin else "ADMIN CREATED"
81 ret['changes'][username] = status
Jakub Josef7ae6b242016-12-14 14:41:44 +0100[diff] [blame]82 else:
Jakub Josef26956a62017-03-22 16:32:28 +0100[diff] [blame]83 status = "EXISTS"
Jakub Josef3de91af2016-12-08 17:03:33 +0100[diff] [blame]84 ret['comment'] = 'User %s %s' % (username, status.lower())
85 result = True
Jakub Josef26956a62017-03-22 16:32:28 +0100[diff] [blame]86 else:
87 status = 'FAILED'
88 logger.error("Jenkins user API call failure: %s",
89 call_result["msg"])
90 ret['comment'] = 'Jenkins user API call failure: %s' % (call_result[
91 "msg"])
Jakub Josef3de91af2016-12-08 17:03:33 +0100[diff] [blame]92 ret['result'] = None if test else result
93 return ret