/** * Makes the key materials available locally and returns {@link KeyMaterialFactory} that gives you the parameters * needed to access it. */ public KeyMaterialFactory newKeyMaterialFactory(@Nonnull Item context, @Nonnull VirtualChannel target) throws IOException, InterruptedException { // as a build step, your access to credentials are constrained by what the build // can access, hence Jenkins.getAuthentication() DockerServerCredentials creds=null; if (credentialsId!=null) { List<DomainRequirement> domainRequirements = URIRequirementBuilder.fromUri(getUri()).build(); domainRequirements.add(new DockerServerDomainRequirement()); creds = CredentialsMatchers.firstOrNull( CredentialsProvider.lookupCredentials( DockerServerCredentials.class, context, Jenkins.getAuthentication(), domainRequirements), CredentialsMatchers.withId(credentialsId) ); } // the directory needs to be outside workspace to avoid prying eyes FilePath dotDocker = dotDocker(target); dotDocker.mkdirs(); // ServerKeyMaterialFactory.materialize creates a random subdir if one is needed: return newKeyMaterialFactory(dotDocker, creds); }
/** * Makes the key materials available locally and returns {@link KeyMaterialFactory} that gives you the parameters * needed to access it. */ public KeyMaterialFactory newKeyMaterialFactory(@Nonnull Item context, @Nonnull VirtualChannel target) throws IOException, InterruptedException { // as a build step, your access to credentials are constrained by what the build // can access, hence Jenkins.getAuthentication() DockerServerCredentials creds=null; if (credentialsId!=null) { List<DomainRequirement> domainRequirements = URIRequirementBuilder.fromUri(getUri()).build(); domainRequirements.add(new DockerServerDomainRequirement()); creds = CredentialsMatchers.firstOrNull( CredentialsProvider.lookupCredentials( DockerServerCredentials.class, context, Jenkins.getAuthentication(), domainRequirements), CredentialsMatchers.withId(credentialsId) ); } // the directory needs to be outside workspace to avoid prying eyes FilePath dotDocker = dotDocker(target); dotDocker.mkdirs(); // ServerKeyMaterialFactory.materialize creates a random subdir if one is needed: return newKeyMaterialFactory(dotDocker, creds); }
public ListBoxModel doFillCredentialsIdItems(@AncestorInPath Item item, @QueryParameter String uri) { if (item == null && !Jenkins.getActiveInstance().hasPermission(Jenkins.ADMINISTER) || item != null && !item.hasPermission(Item.EXTENDED_READ)) { return new StandardListBoxModel(); } List<DomainRequirement> domainRequirements = URIRequirementBuilder.fromUri(uri).build(); domainRequirements.add(new DockerServerDomainRequirement()); return new StandardListBoxModel() .withEmptySelection() .withMatching( AuthenticationTokens.matcher(KeyMaterialFactory.class), CredentialsProvider .lookupCredentials(BASE_CREDENTIAL_TYPE, item, null, domainRequirements) ); }
public ListBoxModel doFillCredentialsIdItems(@AncestorInPath Item item, @QueryParameter String uri) { if (item == null && !Jenkins.getActiveInstance().hasPermission(Jenkins.ADMINISTER) || item != null && !item.hasPermission(Item.EXTENDED_READ)) { return new StandardListBoxModel(); } List<DomainRequirement> domainRequirements = URIRequirementBuilder.fromUri(uri).build(); domainRequirements.add(new DockerServerDomainRequirement()); return new StandardListBoxModel() .withEmptySelection() .withMatching( AuthenticationTokens.matcher(KeyMaterialFactory.class), CredentialsProvider .lookupCredentials(BASE_CREDENTIAL_TYPE, item, null, domainRequirements) ); }