Blame - _states/jenkins_approval.py - salt-formulas/jenkins

blob: e4b21b42169c26d7b4252c92e7dc69c836bbcdc0 [file] [log] [blame]

Jakub Josef	bf0b73e	2017-03-22 14:32:45 +0100	[diff] [blame]	1	import logging
				2	logger = logging.getLogger(__name__)
				3
				4	approve_signature_groovy = """\
				5	import org.jenkinsci.plugins.scriptsecurity.scripts.ScriptApproval
				6	import org.jenkinsci.plugins.scriptsecurity.scripts.languages.GroovyLanguage
				7	import org.jenkinsci.plugins.scriptsecurity.scripts.ApprovalContext
Jakub Josef	0a03c2c	2017-03-22 17:35:40 +0100	[diff] [blame]	8	def signature = '{signature}'
Jakub Josef	bf0b73e	2017-03-22 14:32:45 +0100	[diff] [blame]	9	def scriptApproval = ScriptApproval.get()
				10	def approvedSignatures = Arrays.asList(scriptApproval.approvedSignatures)
				11	if(approvedSignatures.contains(signature)){{
Jakub Josef	0a03c2c	2017-03-22 17:35:40 +0100	[diff] [blame]	12	print("EXISTS")
Jakub Josef	bf0b73e	2017-03-22 14:32:45 +0100	[diff] [blame]	13	}}else{{
				14	try{{
				15	scriptApproval.pendingSignatures.add(new ScriptApproval.PendingSignature(signature, false, ApprovalContext.create()))
				16	scriptApproval.approveSignature(signature)
Jakub Josef	0a03c2c	2017-03-22 17:35:40 +0100	[diff] [blame]	17	if(Arrays.asList(scriptApproval.approvedSignatures).contains(signature)){{
Jakub Josef	bf0b73e	2017-03-22 14:32:45 +0100	[diff] [blame]	18	print("SUCCESS")
				19	}}else{{
				20	print("FAILED")
				21	}}
				22	}}catch(e){{
				23	print(e)
				24	}}
				25	}}
				26	""" # noqa
				27
				28	deny_signature_groovy = """\
				29	import org.jenkinsci.plugins.scriptsecurity.scripts.ScriptApproval
				30	import org.jenkinsci.plugins.scriptsecurity.scripts.languages.GroovyLanguage
				31	import org.jenkinsci.plugins.scriptsecurity.scripts.ApprovalContext
Jakub Josef	0a03c2c	2017-03-22 17:35:40 +0100	[diff] [blame]	32	def signature = '{signature}'
Jakub Josef	bf0b73e	2017-03-22 14:32:45 +0100	[diff] [blame]	33	def scriptApproval = ScriptApproval.get()
				34	def approvedSignatures = Arrays.asList(scriptApproval.approvedSignatures)
				35	if(approvedSignatures.contains(signature)){{
				36	try{{
				37	scriptApproval.denySignature(signature)
				38	if(!scriptApproval.approvedSignatures.contains(signature)){{
				39	print("SUCCESS")
				40	}}else{{
				41	print("FAILED")
				42	}}
				43	}}catch(e){{
				44	print(e)
				45	}}
				46	}}else{{
				47	print("NOT PRESENT")
				48	}}
				49
				50
				51	"""
				52
Ilya Kharin	3d8bffe	2017-06-22 17:40:31 +0400	[diff] [blame]	53
				54	def __virtual__():
				55	'''
				56	Only load if jenkins_common module exist.
				57	'''
				58	if 'jenkins_common.call_groovy_script' not in __salt__:
				59	return (
				60	False,
				61	'The jenkins_approval state module cannot be loaded: '
				62	'jenkins_common not found')
				63	return True
				64
				65
Jakub Josef	bf0b73e	2017-03-22 14:32:45 +0100	[diff] [blame]	66	def approved(name):
				67	"""
				68	Jenkins Script approval approve state method
				69
				70	:param name: signature to approve
				71	:returns: salt-specified state dict
				72	"""
				73	test = __opts__['test'] # noqa
				74	ret = {
				75	'name': name,
				76	'changes': {},
				77	'result': False,
				78	'comment': '',
				79	}
				80	result = False
				81	if test:
				82	status = "SUCCESS"
				83	ret['changes'][name] = status
				84	ret['comment'] = 'Jenkins script approval config %s %s' % (name, status.lower())
				85	else:
				86	call_result = __salt__['jenkins_common.call_groovy_script'](
				87	approve_signature_groovy, {"signature":name})
				88	if call_result["code"] == 200 and call_result["msg"] in ["SUCCESS", "EXISTS"]:
				89	status = call_result["msg"]
				90	if status == "SUCCESS":
				91	ret['changes'][name] = status
				92	ret['comment'] = 'Jenkins script approval config %s %s' % (name, status.lower())
				93	result = True
				94	else:
				95	status = 'FAILED'
				96	logger.error(
				97	"Jenkins script approval API call failure: %s", call_result["msg"])
				98	ret['comment'] = 'Jenkins script approval API call failure: %s' % (call_result[
				99	"msg"])
				100	ret['result'] = None if test else result
				101	return ret
				102
				103
				104	def denied(name):
				105	"""
				106	Jenkins Script approval deny state method
				107
				108	:param name: signature to deny
				109	:returns: salt-specified state dict
				110	"""
				111	test = __opts__['test'] # noqa
				112	ret = {
				113	'name': name,
				114	'changes': {},
				115	'result': False,
				116	'comment': '',
				117	}
				118	result = False
				119	if test:
				120	status = "SUCCESS"
				121	ret['changes'][name] = status
				122	ret['comment'] = 'Jenkins script approval config %s %s' % (name, status.lower())
				123	else:
				124	call_result = __salt__['jenkins_common.call_groovy_script'](
				125	deny_signature_groovy, {"signature":name})
				126	if call_result["code"] == 200 and call_result["msg"] in ["SUCCESS", "NOT PRESENT"]:
				127	status = call_result["msg"]
				128	if status == "SUCCESS":
				129	ret['changes'][name] = status
				130	ret['comment'] = 'Jenkins script approval config %s %s' % (name, status.lower())
				131	result = True
				132	else:
				133	status = 'FAILED'
				134	logger.error(
				135	"Jenkins script approval API call failure: %s", call_result["msg"])
				136	ret['comment'] = 'Jenkins script approval lib API call failure: %s' % (call_result[
				137	"msg"])
				138	ret['result'] = None if test else result
				139	return ret