Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / jenkins / b0196f580060eb417404f4c4ebcde64fd15c2b84 / . / _states / jenkins_credential.py
blob: b2470fc5a8f106dc209f5ffa66a20bcca463bc8d [file] [log] [blame]
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]1import logging
2logger = logging.getLogger(__name__)
3
4create_credential_groovy = u"""\
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]5import com.cloudbees.plugins.credentials.domains.Domain;
6import com.cloudbees.plugins.credentials.CredentialsScope;
7
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]8def creds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
9 com.cloudbees.plugins.credentials.common.StandardUsernameCredentials.class,
10 Jenkins.instance
11 )
Jakub Josefff348132016-12-21 17:11:37 +0100[diff] [blame]12def key = \"\"\"{key}
13\"\"\"
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]14
Jakub Josefff348132016-12-21 17:11:37 +0100[diff] [blame]15def result = creds.find{{
Jakub Josef35553052017-03-16 17:30:30 +0100[diff] [blame]16 (it instanceof com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl &&
17 it.username == "{username}" &&
Jakub Josefff348132016-12-21 17:11:37 +0100[diff] [blame]18 it.id == "{name}" &&
19 it.description == "{desc}" &&
20 it.password.toString() == "{password}") ||
Jakub Josef35553052017-03-16 17:30:30 +0100[diff] [blame]21 (it instanceof com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey &&
Jakub Josefff348132016-12-21 17:11:37 +0100[diff] [blame]22 it.username == "{username}" &&
23 it.id == "{name}" &&
Jakub Josef1aa64a52017-03-20 16:37:11 +0100[diff] [blame]24 ("{password}" == "" || it.passphrase.toString() == "{password}") &&
Jakub Josefff348132016-12-21 17:11:37 +0100[diff] [blame]25 it.description == "{desc}" &&
26 it.privateKeySource.privateKey.equals(key.trim()))
27}}
28
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]29if(result){{
30 print("EXISTS")
31}}else{{
32 domain = Domain.global()
33 store = Jenkins.instance.getExtensionList(
34 'com.cloudbees.plugins.credentials.SystemCredentialsProvider'
35 )[0].getStore()
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]36
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]37 credentials_new = new {clazz}(
38 {params}
39 )
Jakub Josef35553052017-03-16 17:30:30 +0100[diff] [blame]40 // remove credentails with same if before created new one, if exists
41 def existingCreds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
42 com.cloudbees.plugins.credentials.common.StandardUsernameCredentials.class,
Jakub Joseffacfadd2017-03-17 11:13:41 +0100[diff] [blame]43 Jenkins.instance).find{{it -> it.id.equals("{name}")}}
Jakub Josef35553052017-03-16 17:30:30 +0100[diff] [blame]44 if(existingCreds){{
45 store.removeCredentials(domain, existingCreds)
46 }}
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]47 ret = store.addCredentials(domain, credentials_new)
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]48 if (ret) {{
49 print("CREATED");
50 }} else {{
51 print("FAILED");
52 }}
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]53}}
54""" # noqa
55
Jakub Josefb6c60bc2016-12-21 13:53:33 +0100[diff] [blame]56
Ilya Kharin3d8bffe2017-06-22 17:40:31 +0400[diff] [blame]57def __virtual__():
58 '''
59 Only load if jenkins_common module exist.
60 '''
61 if 'jenkins_common.call_groovy_script' not in __salt__:
62 return (
63 False,
64 'The jenkins_credentials state module cannot be loaded: '
65 'jenkins_common not found')
66 return True
67
68
Jakub Josefff348132016-12-21 17:11:37 +0100[diff] [blame]69def present(name, scope, username, password="", desc="", key=None):
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]70 """
71 Main jenkins credentials state method
72
73 :param name: credential name
74 :param scope: credential scope
75 :param username: username
76 :param password: password (optional)
77 :param desc: credential description (optional)
78 :param key: credential key (optional)
79 :returns: salt-specified state dict
80 """
81 test = __opts__['test'] # noqa
82 ret = {
83 'name': name,
84 'changes': {},
85 'result': False,
86 'comment': '',
87 }
88 result = False
89 if test:
90 status = 'CREATED'
91 ret['changes'][name] = status
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]92 ret['comment'] = 'Credentials %s %s' % (name, status.lower())
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]93 else:
94 clazz = ""
95 if key:
96 clazz = "com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey"
Jakub Josefff348132016-12-21 17:11:37 +0100[diff] [blame]97 params = 'CredentialsScope.{}, "{}", "{}", new com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey.DirectEntryPrivateKeySource(key.trim()), "{}", "{}"'.format(
98 scope, name, username, password if password else "", desc if desc else "")
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]99 else:
100 clazz = "com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl"
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]101 params = 'CredentialsScope.{}, "{}", "{}", "{}", "{}"'.format(
Jakub Josefb395d8e2017-01-02 16:31:56 +0100[diff] [blame]102 scope, name, desc if desc else "", username, password)
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]103
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]104 call_result = __salt__['jenkins_common.call_groovy_script'](
Jakub Josefff348132016-12-21 17:11:37 +0100[diff] [blame]105 create_credential_groovy, {"name": name, "username": username, "password": password if password else "", "clazz": clazz, "params": params, "key": key if key else "", "desc": desc if desc else ""})
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]106 if call_result["code"] == 200 and call_result["msg"] in ["CREATED", "EXISTS"]:
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]107 status = call_result["msg"]
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]108 if call_result["msg"] == "CREATED":
109 ret['changes'][name] = status
110 ret['comment'] = 'Credentials %s %s' % (name, status.lower())
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]111 result = True
112 else:
113 status = 'FAILED'
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]114 logger.error(
115 "Jenkins credentials API call failure: %s", call_result["msg"])
Jakub Josefb6c60bc2016-12-21 13:53:33 +0100[diff] [blame]116 ret['comment'] = 'Jenkins credentials API call failure: %s' % (call_result[
117 "msg"])
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]118 ret['result'] = None if test else result
119 return ret