@Initializer(after = InitMilestone.PLUGINS_STARTED) public static void migrate() throws IOException { GitLabConnectionConfig descriptor = (GitLabConnectionConfig) Jenkins.getInstance().getDescriptor(GitLabConnectionConfig.class); for (GitLabConnection connection : descriptor.getConnections()) { if (connection.apiTokenId == null && connection.apiToken != null) { for (CredentialsStore credentialsStore : CredentialsProvider.lookupStores(Jenkins.getInstance())) { if (credentialsStore instanceof SystemCredentialsProvider.StoreImpl) { List<Domain> domains = credentialsStore.getDomains(); connection.apiTokenId = UUID.randomUUID().toString(); credentialsStore.addCredentials(domains.get(0), new GitLabApiTokenImpl(CredentialsScope.SYSTEM, connection.apiTokenId, "GitLab API Token", Secret.fromString(connection.apiToken))); } } } } descriptor.save(); } }
/** * Exposes the {@link CredentialsStore} instances available to the {@link #getContext()}. * * @return the {@link CredentialsStore} instances available to the {@link #getContext()}. */ @NonNull public List<CredentialsStore> getLocalStores() { List<CredentialsStore> result = new ArrayList<CredentialsStore>(); for (CredentialsStore s : CredentialsProvider.lookupStores(getContext())) { if (context == s.getContext() && s.hasPermission(CredentialsProvider.VIEW)) { result.add(s); } } return result; }
/** * Exposes the {@link CredentialsStore} instances available to the {@link #getContext()}. * * @return the {@link CredentialsStore} instances available to the {@link #getContext()}. */ @NonNull public List<CredentialsStore> getParentStores() { List<CredentialsStore> result = new ArrayList<CredentialsStore>(); for (CredentialsStore s : CredentialsProvider.lookupStores(getContext())) { if (context != s.getContext() && s.hasPermission(CredentialsProvider.VIEW)) { result.add(s); } } return result; }
/** * Exposes the {@link CredentialsStore} instances available to the {@link #getContext()}. * * @return the {@link CredentialsStore} instances available to the {@link #getContext()}. */ @NonNull public List<CredentialsStore> getParentStores() { List<CredentialsStore> result = new ArrayList<CredentialsStore>(); for (CredentialsStore s : CredentialsProvider.lookupStores(getContext())) { if (context != s.getContext() && s.hasPermission(CredentialsProvider.VIEW)) { result.add(s); } } return result; }
/** * Exposes the {@link CredentialsStore} instances available to the {@link #getContext()}. * * @return the {@link CredentialsStore} instances available to the {@link #getContext()}. */ @NonNull public List<CredentialsStore> getLocalStores() { List<CredentialsStore> result = new ArrayList<CredentialsStore>(); for (CredentialsStore s : CredentialsProvider.lookupStores(getContext())) { if (context == s.getContext() && s.hasPermission(CredentialsProvider.VIEW)) { result.add(s); } } return result; }
private String createCredentials(String username, String password) { String credentialId = name + "_" + username; try{ StandardCredentials credential = retrieveCredential(credentialId); if (credential != null) { return StringUtils.EMPTY; } UsernamePasswordCredentialsImpl migrateCredential = new UsernamePasswordCredentialsImpl( CredentialsScope.GLOBAL, name + "_" + username, "Migrated Coverity Credential", username, password); CredentialsStore store = CredentialsProvider.lookupStores(Jenkins.getInstance()).iterator().next(); store.addCredentials(Domain.global(), migrateCredential); } catch (IOException ioe) { logger.warning("Migrating username and password into credentials encountered IOException" + "\nPlease try to resolve this issue by adding credentials manually"); return StringUtils.EMPTY; } return credentialId; }
/** * Stores a new credentials record (Used only during migration). * @param u The new credentials to store; * @return The Id of the new record or {@code null} on failure. * @throws IOException on error. */ public static String storeCredentials(final StandardUsernameCredentials u) throws IOException { if (null != u) { try (final ACLContext ctx = ACL.as(ACL.SYSTEM)) { final CredentialsStore s = CredentialsProvider.lookupStores(Jenkins.getInstance()).iterator().next(); s.addCredentials(Domain.global(), u); return u.getId(); } } return null; }
/** * Exposes the {@link #getLocalStores()} {@link CredentialsStore#getStoreAction()}. * * @return the {@link #getLocalStores()} {@link CredentialsStore#getStoreAction()}. */ @NonNull @SuppressWarnings("unused") // Jelly EL public List<CredentialsStoreAction> getStoreActions() { List<CredentialsStoreAction> result = new ArrayList<CredentialsStoreAction>(); for (final CredentialsStore s : CredentialsProvider.lookupStores(getContext())) { if (context == s.getContext() && s.hasPermission(CredentialsProvider.VIEW)) { CredentialsStoreAction action = s.getStoreAction(); if (action != null) { result.add(action); } } } return result; }
/** * Exposes the {@link #getLocalStores()} {@link CredentialsStore#getStoreAction()}. * * @return the {@link #getLocalStores()} {@link CredentialsStore#getStoreAction()}. */ @NonNull @SuppressWarnings("unused") // Jelly EL public List<CredentialsStoreAction> getStoreActions() { List<CredentialsStoreAction> result = new ArrayList<CredentialsStoreAction>(); for (final CredentialsStore s : CredentialsProvider.lookupStores(getContext())) { if (context == s.getContext() && s.hasPermission(CredentialsProvider.VIEW)) { CredentialsStoreAction action = s.getStoreAction(); if (action != null) { result.add(action); } } } return result; }
@BeforeClass public static void setup() throws Exception { CredentialsStore store = CredentialsProvider.lookupStores(j.jenkins).iterator().next(); store.addCredentials(Domain.global(), globalCred); }
private CredentialsStore getFolderStore(Folder f) { Iterable<CredentialsStore> stores = CredentialsProvider.lookupStores(f); CredentialsStore folderStore = null; for (CredentialsStore s : stores) { if (s.getProvider() instanceof FolderCredentialsProvider && s.getContext() == f) { folderStore = s; break; } } return folderStore; }
private CredentialsStore getFolderStore(Folder f) { Iterable<CredentialsStore> stores = CredentialsProvider.lookupStores(f); CredentialsStore folderStore = null; for (CredentialsStore s : stores) { if (s.getProvider() instanceof FolderCredentialsProvider && s.getContext() == f) { folderStore = s; break; } } return folderStore; }
/** * Exposes the {@link #getStoreActions()} by {@link CredentialsStoreAction#getUrlName()} for Stapler. * * @param name the {@link CredentialsStoreAction#getUrlName()} to match. * @return the {@link CredentialsStoreAction} or {@code null} */ @CheckForNull @SuppressWarnings("unused") // Stapler binding public CredentialsStoreAction getStore(String name) { for (final CredentialsStore s : CredentialsProvider.lookupStores(getContext())) { if (context == s.getContext()) { // local stores only CredentialsStoreAction action = s.getStoreAction(); if (action != null && name.equals(action.getUrlName())) { return s.hasPermission(CredentialsProvider.VIEW) ? action : null; } } } return null; }
/** * Exposes the {@link #getStoreActions()} by {@link CredentialsStoreAction#getUrlName()} for Stapler. * * @param name the {@link CredentialsStoreAction#getUrlName()} to match. * @return the {@link CredentialsStoreAction} or {@code null} */ @CheckForNull @SuppressWarnings("unused") // Stapler binding public CredentialsStoreAction getStore(String name) { for (final CredentialsStore s : CredentialsProvider.lookupStores(getContext())) { if (context == s.getContext()) { // local stores only CredentialsStoreAction action = s.getStoreAction(); if (action != null && name.equals(action.getUrlName())) { return s.hasPermission(CredentialsProvider.VIEW) ? action : null; } } } return null; }
@Issue("JENKINS-48380") @Test public void withCredentialsWrapper() throws Exception { final String credentialsId = "creds"; final String username = "bob"; final String passphrase = "s3cr3t"; final String keyContent = "the-key"; SSHUserPrivateKey c = new DummyPrivateKey(credentialsId, username, passphrase, keyContent); CredentialsProvider.lookupStores(j.jenkins).iterator().next().addCredentials(Domain.global(), c); expect("withCredentialsWrapper") .archives("userPass.txt", username + ":" + passphrase) .archives("key.txt", keyContent) .go(); }
@Issue("JENKINS-48380") @Test public void withCredentialsStageWrapper() throws Exception { final String credentialsId = "creds"; final String username = "bob"; final String passphrase = "s3cr3t"; final String keyContent = "the-key"; SSHUserPrivateKey c = new DummyPrivateKey(credentialsId, username, passphrase, keyContent); CredentialsProvider.lookupStores(j.jenkins).iterator().next().addCredentials(Domain.global(), c); expect("withCredentialsStageWrapper") .logContains("THEUSER is null") .archives("userPass.txt", username + ":" + passphrase) .archives("key.txt", keyContent) .go(); }
@Test public void doFillCredentialsIdItemsWithoutJobWhenAdmin() throws Exception { r.jenkins.setSecurityRealm(r.createDummySecurityRealm()); ProjectMatrixAuthorizationStrategy as = new ProjectMatrixAuthorizationStrategy(); as.add(Jenkins.ADMINISTER, "alice"); r.jenkins.setAuthorizationStrategy(as); final UsernamePasswordCredentialsImpl c = new UsernamePasswordCredentialsImpl(CredentialsScope.GLOBAL, null, "test", "bob", "s3cr3t"); CredentialsProvider.lookupStores(r.jenkins).iterator().next().addCredentials(Domain.global(), c); ACL.impersonate(User.get("alice").impersonate(), new Runnable() { @Override public void run() { ListBoxModel options = r.jenkins.getDescriptorByType(MercurialSCM.DescriptorImpl.class).doFillCredentialsIdItems(null, "http://nowhere.net/"); assertEquals(CredentialsNameProvider.name(c), options.get(1).name); } }); }
@Issue("SECURITY-158") @Test public void doFillCredentialsIdItems() throws Exception { r.jenkins.setSecurityRealm(r.createDummySecurityRealm()); ProjectMatrixAuthorizationStrategy as = new ProjectMatrixAuthorizationStrategy(); as.add(Jenkins.READ, "alice"); as.add(Jenkins.READ, "bob"); r.jenkins.setAuthorizationStrategy(as); FreeStyleProject p1 = r.createFreeStyleProject("p1"); FreeStyleProject p2 = r.createFreeStyleProject("p2"); p2.addProperty(new AuthorizationMatrixProperty(Collections.singletonMap(Item.CONFIGURE, Collections.singleton("bob")))); UsernamePasswordCredentialsImpl c = new UsernamePasswordCredentialsImpl(CredentialsScope.GLOBAL, null, "test", "bob", "s3cr3t"); CredentialsProvider.lookupStores(r.jenkins).iterator().next().addCredentials(Domain.global(), c); assertCredentials("alice", null); assertCredentials("alice", p1); assertCredentials("alice", p2); assertCredentials("bob", null); assertCredentials("bob", p1); assertCredentials("bob", p2, c); } private void assertCredentials(String user, final Job<?,?> owner, Credentials... expected) {
@BeforeClass public static void setUpAgent() throws Exception { s = j.createOnlineSlave(); s.setLabelString("some-label docker"); s.getNodeProperties().add(new EnvironmentVariablesNodeProperty(new EnvironmentVariablesNodeProperty.Entry("ONAGENT", "true"), new EnvironmentVariablesNodeProperty.Entry("WHICH_AGENT", "first"))); s.setNumExecutors(2); s2 = j.createOnlineSlave(); s2.setLabelString("other-docker"); s2.getNodeProperties().add(new EnvironmentVariablesNodeProperty(new EnvironmentVariablesNodeProperty.Entry("ONAGENT", "true"), new EnvironmentVariablesNodeProperty.Entry("WHICH_AGENT", "second"))); //setup credentials for docker registry CredentialsStore store = CredentialsProvider.lookupStores(j.jenkins).iterator().next(); password = System.getProperty("docker.password"); if(password != null) { UsernamePasswordCredentialsImpl globalCred = new UsernamePasswordCredentialsImpl(CredentialsScope.GLOBAL, "dockerhub", "real", "jtaboada", password); store.addCredentials(Domain.global(), globalCred); } }
@BeforeClass public static void setUpAgentAndCreds() throws Exception { s = j.createOnlineSlave(); s.setLabelString("some-label docker here"); s.getNodeProperties().add(new EnvironmentVariablesNodeProperty(new EnvironmentVariablesNodeProperty.Entry("ONAGENT", "true"), new EnvironmentVariablesNodeProperty.Entry("WHICH_AGENT", "first"))); s.setNumExecutors(2); s2 = j.createOnlineSlave(); s2.setLabelString("other-docker"); s2.getNodeProperties().add(new EnvironmentVariablesNodeProperty(new EnvironmentVariablesNodeProperty.Entry("ONAGENT", "true"), new EnvironmentVariablesNodeProperty.Entry("WHICH_AGENT", "second"))); CredentialsStore store = CredentialsProvider.lookupStores(j.jenkins).iterator().next(); String usernamePasswordCredentialsId = "FOOcredentials"; UsernamePasswordCredentialsImpl usernamePassword = new UsernamePasswordCredentialsImpl(CredentialsScope.GLOBAL, usernamePasswordCredentialsId, "sample", usernamePasswordUsername, usernamePasswordPassword); store.addCredentials(Domain.global(), usernamePassword); }