Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / jenkins / b395d8e9dd35bf5aed8e627d9a8a8125621e0781 / . / _states / jenkins_credential.py
blob: df1da8367551066196c6ad6fd8750b4718518589 [file] [log] [blame]
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]1import logging
2logger = logging.getLogger(__name__)
3
4create_credential_groovy = u"""\
5import jenkins.*;
6import jenkins.model.*;
7import hudson.*;
8import hudson.model.*;
9
10import com.cloudbees.plugins.credentials.domains.Domain;
11import com.cloudbees.plugins.credentials.CredentialsScope;
12
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]13def creds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
14 com.cloudbees.plugins.credentials.common.StandardUsernameCredentials.class,
15 Jenkins.instance
16 )
Jakub Josefff348132016-12-21 17:11:37 +0100[diff] [blame]17def key = \"\"\"{key}
18\"\"\"
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]19
Jakub Josefff348132016-12-21 17:11:37 +0100[diff] [blame]20def result = creds.find{{
21 (it instanceof com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl &&
22 it.username == "{username}" &&
23 it.id == "{name}" &&
24 it.description == "{desc}" &&
25 it.password.toString() == "{password}") ||
26 (it instanceof com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey &&
27 it.username == "{username}" &&
28 it.id == "{name}" &&
29 it.passphrase.toString() == "{password}" &&
30 it.description == "{desc}" &&
31 it.privateKeySource.privateKey.equals(key.trim()))
32}}
33
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]34if(result){{
35 print("EXISTS")
36}}else{{
37 domain = Domain.global()
38 store = Jenkins.instance.getExtensionList(
39 'com.cloudbees.plugins.credentials.SystemCredentialsProvider'
40 )[0].getStore()
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]41
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]42 credentials_new = new {clazz}(
43 {params}
44 )
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]45
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]46 ret = store.addCredentials(domain, credentials_new)
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]47 if (ret) {{
48 print("CREATED");
49 }} else {{
50 print("FAILED");
51 }}
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]52}}
53""" # noqa
54
Jakub Josefb6c60bc2016-12-21 13:53:33 +0100[diff] [blame]55
Jakub Josefff348132016-12-21 17:11:37 +0100[diff] [blame]56def present(name, scope, username, password="", desc="", key=None):
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]57 """
58 Main jenkins credentials state method
59
60 :param name: credential name
61 :param scope: credential scope
62 :param username: username
63 :param password: password (optional)
64 :param desc: credential description (optional)
65 :param key: credential key (optional)
66 :returns: salt-specified state dict
67 """
68 test = __opts__['test'] # noqa
69 ret = {
70 'name': name,
71 'changes': {},
72 'result': False,
73 'comment': '',
74 }
75 result = False
76 if test:
77 status = 'CREATED'
78 ret['changes'][name] = status
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]79 ret['comment'] = 'Credentials %s %s' % (name, status.lower())
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]80 else:
81 clazz = ""
82 if key:
83 clazz = "com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey"
Jakub Josefff348132016-12-21 17:11:37 +0100[diff] [blame]84 params = 'CredentialsScope.{}, "{}", "{}", new com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey.DirectEntryPrivateKeySource(key.trim()), "{}", "{}"'.format(
85 scope, name, username, password if password else "", desc if desc else "")
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]86 else:
87 clazz = "com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl"
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]88 params = 'CredentialsScope.{}, "{}", "{}", "{}", "{}"'.format(
Jakub Josefb395d8e2017-01-02 16:31:56 +0100[diff] [blame^]89 scope, name, desc if desc else "", username, password)
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]90
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]91 call_result = __salt__['jenkins_common.call_groovy_script'](
Jakub Josefff348132016-12-21 17:11:37 +0100[diff] [blame]92 create_credential_groovy, {"name": name, "username": username, "password": password if password else "", "clazz": clazz, "params": params, "key": key if key else "", "desc": desc if desc else ""})
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]93 if call_result["code"] == 200 and call_result["msg"] in ["CREATED", "EXISTS"]:
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]94 status = call_result["msg"]
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]95 if call_result["msg"] == "CREATED":
96 ret['changes'][name] = status
97 ret['comment'] = 'Credentials %s %s' % (name, status.lower())
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]98 result = True
99 else:
100 status = 'FAILED'
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]101 logger.error(
102 "Jenkins credentials API call failure: %s", call_result["msg"])
Jakub Josefb6c60bc2016-12-21 13:53:33 +0100[diff] [blame]103 ret['comment'] = 'Jenkins credentials API call failure: %s' % (call_result[
104 "msg"])
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]105 ret['result'] = None if test else result
106 return ret