Blame - _states/jenkins_approval.py - salt-formulas/jenkins

blob: f5263fbe1f93617b968544ec227b738e6ff8e769 [file] [log] [blame]

Jakub Josef	bf0b73e	2017-03-22 14:32:45 +0100	[diff] [blame]	1	import logging
				2	logger = logging.getLogger(__name__)
				3
				4	approve_signature_groovy = """\
				5	import org.jenkinsci.plugins.scriptsecurity.scripts.ScriptApproval
				6	import org.jenkinsci.plugins.scriptsecurity.scripts.languages.GroovyLanguage
				7	import org.jenkinsci.plugins.scriptsecurity.scripts.ApprovalContext
Jakub Josef	0a03c2c	2017-03-22 17:35:40 +0100	[diff] [blame]	8	def signature = '{signature}'
Jakub Josef	bf0b73e	2017-03-22 14:32:45 +0100	[diff] [blame]	9	def scriptApproval = ScriptApproval.get()
				10	def approvedSignatures = Arrays.asList(scriptApproval.approvedSignatures)
				11	if(approvedSignatures.contains(signature)){{
Jakub Josef	0a03c2c	2017-03-22 17:35:40 +0100	[diff] [blame]	12	print("EXISTS")
Jakub Josef	bf0b73e	2017-03-22 14:32:45 +0100	[diff] [blame]	13	}}else{{
				14	try{{
				15	scriptApproval.pendingSignatures.add(new ScriptApproval.PendingSignature(signature, false, ApprovalContext.create()))
				16	scriptApproval.approveSignature(signature)
Jakub Josef	0a03c2c	2017-03-22 17:35:40 +0100	[diff] [blame]	17	if(Arrays.asList(scriptApproval.approvedSignatures).contains(signature)){{
Jakub Josef	bf0b73e	2017-03-22 14:32:45 +0100	[diff] [blame]	18	print("SUCCESS")
				19	}}else{{
				20	print("FAILED")
				21	}}
				22	}}catch(e){{
				23	print(e)
				24	}}
				25	}}
				26	""" # noqa
				27
				28	deny_signature_groovy = """\
				29	import org.jenkinsci.plugins.scriptsecurity.scripts.ScriptApproval
				30	import org.jenkinsci.plugins.scriptsecurity.scripts.languages.GroovyLanguage
				31	import org.jenkinsci.plugins.scriptsecurity.scripts.ApprovalContext
Jakub Josef	0a03c2c	2017-03-22 17:35:40 +0100	[diff] [blame]	32	def signature = '{signature}'
Jakub Josef	bf0b73e	2017-03-22 14:32:45 +0100	[diff] [blame]	33	def scriptApproval = ScriptApproval.get()
				34	def approvedSignatures = Arrays.asList(scriptApproval.approvedSignatures)
				35	if(approvedSignatures.contains(signature)){{
				36	try{{
				37	scriptApproval.denySignature(signature)
				38	if(!scriptApproval.approvedSignatures.contains(signature)){{
				39	print("SUCCESS")
				40	}}else{{
				41	print("FAILED")
				42	}}
				43	}}catch(e){{
				44	print(e)
				45	}}
				46	}}else{{
				47	print("NOT PRESENT")
				48	}}
				49
				50
				51	"""
				52
				53	def approved(name):
				54	"""
				55	Jenkins Script approval approve state method
				56
				57	:param name: signature to approve
				58	:returns: salt-specified state dict
				59	"""
				60	test = __opts__['test'] # noqa
				61	ret = {
				62	'name': name,
				63	'changes': {},
				64	'result': False,
				65	'comment': '',
				66	}
				67	result = False
				68	if test:
				69	status = "SUCCESS"
				70	ret['changes'][name] = status
				71	ret['comment'] = 'Jenkins script approval config %s %s' % (name, status.lower())
				72	else:
				73	call_result = __salt__['jenkins_common.call_groovy_script'](
				74	approve_signature_groovy, {"signature":name})
				75	if call_result["code"] == 200 and call_result["msg"] in ["SUCCESS", "EXISTS"]:
				76	status = call_result["msg"]
				77	if status == "SUCCESS":
				78	ret['changes'][name] = status
				79	ret['comment'] = 'Jenkins script approval config %s %s' % (name, status.lower())
				80	result = True
				81	else:
				82	status = 'FAILED'
				83	logger.error(
				84	"Jenkins script approval API call failure: %s", call_result["msg"])
				85	ret['comment'] = 'Jenkins script approval API call failure: %s' % (call_result[
				86	"msg"])
				87	ret['result'] = None if test else result
				88	return ret
				89
				90
				91	def denied(name):
				92	"""
				93	Jenkins Script approval deny state method
				94
				95	:param name: signature to deny
				96	:returns: salt-specified state dict
				97	"""
				98	test = __opts__['test'] # noqa
				99	ret = {
				100	'name': name,
				101	'changes': {},
				102	'result': False,
				103	'comment': '',
				104	}
				105	result = False
				106	if test:
				107	status = "SUCCESS"
				108	ret['changes'][name] = status
				109	ret['comment'] = 'Jenkins script approval config %s %s' % (name, status.lower())
				110	else:
				111	call_result = __salt__['jenkins_common.call_groovy_script'](
				112	deny_signature_groovy, {"signature":name})
				113	if call_result["code"] == 200 and call_result["msg"] in ["SUCCESS", "NOT PRESENT"]:
				114	status = call_result["msg"]
				115	if status == "SUCCESS":
				116	ret['changes'][name] = status
				117	ret['comment'] = 'Jenkins script approval config %s %s' % (name, status.lower())
				118	result = True
				119	else:
				120	status = 'FAILED'
				121	logger.error(
				122	"Jenkins script approval API call failure: %s", call_result["msg"])
				123	ret['comment'] = 'Jenkins script approval lib API call failure: %s' % (call_result[
				124	"msg"])
				125	ret['result'] = None if test else result
				126	return ret