Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / jenkins / ea9c33475f7f25ec64bd52b75b53dca39dad2f54 / . / _states / jenkins_credential.py
blob: 30096737734f29cf52a0eda3b29b0c9fbc65a187 [file] [log] [blame]
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]1import logging
Adam Tengler70763e02017-08-21 16:50:32 +0000[diff] [blame]2
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]3logger = logging.getLogger(__name__)
4
5create_credential_groovy = u"""\
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]6import com.cloudbees.plugins.credentials.domains.Domain;
7import com.cloudbees.plugins.credentials.CredentialsScope;
8
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]9def creds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
10 com.cloudbees.plugins.credentials.common.StandardUsernameCredentials.class,
11 Jenkins.instance
12 )
Adam Tengler70763e02017-08-21 16:50:32 +0000[diff] [blame]13def key = \"\"\"${key}
Jakub Josefff348132016-12-21 17:11:37 +0100[diff] [blame]14\"\"\"
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]15
Adam Tengler70763e02017-08-21 16:50:32 +0000[diff] [blame]16def result = creds.find{
Jakub Josef35553052017-03-16 17:30:30 +0100[diff] [blame]17 (it instanceof com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl &&
Adam Tengler70763e02017-08-21 16:50:32 +0000[diff] [blame]18 it.username == "${username}" &&
19 it.id == "${name}" &&
20 it.description == "${desc}" &&
21 it.password.toString() == "${password}") ||
Jakub Josef35553052017-03-16 17:30:30 +0100[diff] [blame]22 (it instanceof com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey &&
Adam Tengler70763e02017-08-21 16:50:32 +0000[diff] [blame]23 it.username == "${username}" &&
24 it.id == "${name}" &&
25 ("${password}" == "" || it.passphrase.toString() == "${password}") &&
26 it.description == "${desc}" &&
Jakub Josefff348132016-12-21 17:11:37 +0100[diff] [blame]27 it.privateKeySource.privateKey.equals(key.trim()))
Adam Tengler70763e02017-08-21 16:50:32 +0000[diff] [blame]28}
Jakub Josefff348132016-12-21 17:11:37 +0100[diff] [blame]29
Adam Tengler70763e02017-08-21 16:50:32 +0000[diff] [blame]30if(result){
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]31 print("EXISTS")
Adam Tengler70763e02017-08-21 16:50:32 +0000[diff] [blame]32}else{
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]33 domain = Domain.global()
34 store = Jenkins.instance.getExtensionList(
35 'com.cloudbees.plugins.credentials.SystemCredentialsProvider'
36 )[0].getStore()
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]37
Adam Tengler70763e02017-08-21 16:50:32 +0000[diff] [blame]38 credentials_new = new ${clazz}(
Jakub Josef34fcf282017-09-13 14:19:00 +0200[diff] [blame]39 ${params}
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]40 )
Jakub Josef35553052017-03-16 17:30:30 +0100[diff] [blame]41 // remove credentails with same if before created new one, if exists
42 def existingCreds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
43 com.cloudbees.plugins.credentials.common.StandardUsernameCredentials.class,
Adam Tengler70763e02017-08-21 16:50:32 +0000[diff] [blame]44 Jenkins.instance).find{it -> it.id.equals("${name}")}
45 if(existingCreds){
Jakub Josef35553052017-03-16 17:30:30 +0100[diff] [blame]46 store.removeCredentials(domain, existingCreds)
Adam Tengler70763e02017-08-21 16:50:32 +0000[diff] [blame]47 }
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]48 ret = store.addCredentials(domain, credentials_new)
Adam Tengler70763e02017-08-21 16:50:32 +0000[diff] [blame]49 if (ret) {
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]50 print("CREATED");
Adam Tengler70763e02017-08-21 16:50:32 +0000[diff] [blame]51 } else {
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]52 print("FAILED");
Adam Tengler70763e02017-08-21 16:50:32 +0000[diff] [blame]53 }
54}
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]55""" # noqa
56
Jakub Josefb6c60bc2016-12-21 13:53:33 +0100[diff] [blame]57
Ilya Kharin3d8bffe2017-06-22 17:40:31 +0400[diff] [blame]58def __virtual__():
59 '''
60 Only load if jenkins_common module exist.
61 '''
62 if 'jenkins_common.call_groovy_script' not in __salt__:
63 return (
64 False,
65 'The jenkins_credentials state module cannot be loaded: '
66 'jenkins_common not found')
67 return True
68
69
Jakub Josefff348132016-12-21 17:11:37 +0100[diff] [blame]70def present(name, scope, username, password="", desc="", key=None):
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]71 """
72 Main jenkins credentials state method
73
74 :param name: credential name
75 :param scope: credential scope
76 :param username: username
77 :param password: password (optional)
78 :param desc: credential description (optional)
79 :param key: credential key (optional)
80 :returns: salt-specified state dict
81 """
82 test = __opts__['test'] # noqa
83 ret = {
84 'name': name,
85 'changes': {},
86 'result': False,
87 'comment': '',
88 }
89 result = False
90 if test:
91 status = 'CREATED'
92 ret['changes'][name] = status
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]93 ret['comment'] = 'Credentials %s %s' % (name, status.lower())
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]94 else:
95 clazz = ""
96 if key:
97 clazz = "com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey"
Jakub Josefff348132016-12-21 17:11:37 +0100[diff] [blame]98 params = 'CredentialsScope.{}, "{}", "{}", new com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey.DirectEntryPrivateKeySource(key.trim()), "{}", "{}"'.format(
99 scope, name, username, password if password else "", desc if desc else "")
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]100 else:
101 clazz = "com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl"
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]102 params = 'CredentialsScope.{}, "{}", "{}", "{}", "{}"'.format(
Jakub Josefb395d8e2017-01-02 16:31:56 +0100[diff] [blame]103 scope, name, desc if desc else "", username, password)
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]104
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]105 call_result = __salt__['jenkins_common.call_groovy_script'](
Jakub Josefff348132016-12-21 17:11:37 +0100[diff] [blame]106 create_credential_groovy, {"name": name, "username": username, "password": password if password else "", "clazz": clazz, "params": params, "key": key if key else "", "desc": desc if desc else ""})
Adam Tengler70763e02017-08-21 16:50:32 +0000[diff] [blame]107 if call_result["code"] == 200 and call_result["msg"] in [
108 "CREATED", "EXISTS"]:
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]109 status = call_result["msg"]
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]110 if call_result["msg"] == "CREATED":
111 ret['changes'][name] = status
112 ret['comment'] = 'Credentials %s %s' % (name, status.lower())
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]113 result = True
114 else:
115 status = 'FAILED'
Jakub Josef98123ab2016-12-14 14:05:01 +0100[diff] [blame]116 logger.error(
117 "Jenkins credentials API call failure: %s", call_result["msg"])
Jakub Josefb6c60bc2016-12-21 13:53:33 +0100[diff] [blame]118 ret['comment'] = 'Jenkins credentials API call failure: %s' % (call_result[
119 "msg"])
Jakub Josef8e7385e2016-12-07 21:20:34 +0100[diff] [blame]120 ret['result'] = None if test else result
121 return ret