Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / jenkins / c614fff46199b7cbc2c3f8e4fd87e3ae708d809d / . / _states / jenkins_credential.py
blob: 5df3278719939ba95737e60b3133515fb3f6c0f7 [file] [log] [blame]
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]1import logging
2logger = logging.getLogger(__name__)
3
4create_credential_groovy = u"""\
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]5import com.cloudbees.plugins.credentials.domains.Domain;
6import com.cloudbees.plugins.credentials.CredentialsScope;
7
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]8def creds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
9 com.cloudbees.plugins.credentials.common.StandardUsernameCredentials.class,
10 Jenkins.instance
11 )
Jakub Josefff348132016-12-21 17:11:37 +0100[diff] [blame]12def key = \"\"\"{key}
13\"\"\"
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]14
Jakub Josefff348132016-12-21 17:11:37 +0100[diff] [blame]15def result = creds.find{{
Jakub Josef35553052017-03-16 17:30:30 +0100[diff] [blame]16 (it instanceof com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl &&
17 it.username == "{username}" &&
Jakub Josefff348132016-12-21 17:11:37 +0100[diff] [blame]18 it.id == "{name}" &&
19 it.description == "{desc}" &&
20 it.password.toString() == "{password}") ||
Jakub Josef35553052017-03-16 17:30:30 +0100[diff] [blame]21 (it instanceof com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey &&
Jakub Josefff348132016-12-21 17:11:37 +0100[diff] [blame]22 it.username == "{username}" &&
23 it.id == "{name}" &&
Jakub Josef1aa64a52017-03-20 16:37:11 +0100[diff] [blame]24 ("{password}" == "" || it.passphrase.toString() == "{password}") &&
Jakub Josefff348132016-12-21 17:11:37 +0100[diff] [blame]25 it.description == "{desc}" &&
26 it.privateKeySource.privateKey.equals(key.trim()))
27}}
28
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]29if(result){{
30 print("EXISTS")
31}}else{{
32 domain = Domain.global()
33 store = Jenkins.instance.getExtensionList(
34 'com.cloudbees.plugins.credentials.SystemCredentialsProvider'
35 )[0].getStore()
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]36
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]37 credentials_new = new {clazz}(
38 {params}
39 )
Jakub Josef35553052017-03-16 17:30:30 +0100[diff] [blame]40 // remove credentails with same if before created new one, if exists
41 def existingCreds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
42 com.cloudbees.plugins.credentials.common.StandardUsernameCredentials.class,
Jakub Joseffacfadd2017-03-17 11:13:41 +0100[diff] [blame]43 Jenkins.instance).find{{it -> it.id.equals("{name}")}}
Jakub Josef35553052017-03-16 17:30:30 +0100[diff] [blame]44 if(existingCreds){{
45 store.removeCredentials(domain, existingCreds)
46 }}
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]47 ret = store.addCredentials(domain, credentials_new)
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]48 if (ret) {{
49 print("CREATED");
50 }} else {{
51 print("FAILED");
52 }}
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]53}}
54""" # noqa
55
Jakub Josefb6c60bc2016-12-21 13:53:33 +0100[diff] [blame]56
Jakub Josefff348132016-12-21 17:11:37 +0100[diff] [blame]57def present(name, scope, username, password="", desc="", key=None):
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]58 """
59 Main jenkins credentials state method
60
61 :param name: credential name
62 :param scope: credential scope
63 :param username: username
64 :param password: password (optional)
65 :param desc: credential description (optional)
66 :param key: credential key (optional)
67 :returns: salt-specified state dict
68 """
69 test = __opts__['test'] # noqa
70 ret = {
71 'name': name,
72 'changes': {},
73 'result': False,
74 'comment': '',
75 }
76 result = False
77 if test:
78 status = 'CREATED'
79 ret['changes'][name] = status
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]80 ret['comment'] = 'Credentials %s %s' % (name, status.lower())
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]81 else:
82 clazz = ""
83 if key:
84 clazz = "com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey"
Jakub Josefff348132016-12-21 17:11:37 +0100[diff] [blame]85 params = 'CredentialsScope.{}, "{}", "{}", new com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey.DirectEntryPrivateKeySource(key.trim()), "{}", "{}"'.format(
86 scope, name, username, password if password else "", desc if desc else "")
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]87 else:
88 clazz = "com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl"
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]89 params = 'CredentialsScope.{}, "{}", "{}", "{}", "{}"'.format(
Jakub Josefb395d8e2017-01-02 16:31:56 +0100[diff] [blame]90 scope, name, desc if desc else "", username, password)
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]91
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]92 call_result = __salt__['jenkins_common.call_groovy_script'](
Jakub Josefff348132016-12-21 17:11:37 +0100[diff] [blame]93 create_credential_groovy, {"name": name, "username": username, "password": password if password else "", "clazz": clazz, "params": params, "key": key if key else "", "desc": desc if desc else ""})
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]94 if call_result["code"] == 200 and call_result["msg"] in ["CREATED", "EXISTS"]:
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]95 status = call_result["msg"]
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]96 if call_result["msg"] == "CREATED":
97 ret['changes'][name] = status
98 ret['comment'] = 'Credentials %s %s' % (name, status.lower())
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]99 result = True
100 else:
101 status = 'FAILED'
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]102 logger.error(
103 "Jenkins credentials API call failure: %s", call_result["msg"])
Jakub Josefb6c60bc2016-12-21 13:53:33 +0100[diff] [blame]104 ret['comment'] = 'Jenkins credentials API call failure: %s' % (call_result[
105 "msg"])
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]106 ret['result'] = None if test else result
107 return ret