Skip to content

Commit 29a7f9b

Browse files
jonesbusyjonesbusy
authored
Merge pull request #166 from jonesbusy/feature/expand-credentials-id
Fix #138 by expanding credentials ID
2 parents e6759d5 + 8247eaf commit 29a7f9b

File tree

4 files changed

+99
-5
lines changed

4 files changed

+99
-5
lines changed

src/main/java/org/jenkinsci/plugins/ansible/AnsiblePlaybookBuilder.java

+7-2
Original file line numberDiff line numberDiff line change
@@ -274,12 +274,17 @@ public void perform(
274274
invocation.setCredentials(
275275
StringUtils.isNotBlank(credentialsId)
276276
? CredentialsProvider.findCredentialById(
277-
credentialsId, StandardUsernameCredentials.class, run)
277+
run.getEnvironment(listener).expand(credentialsId),
278+
StandardUsernameCredentials.class,
279+
run)
278280
: null,
279281
copyCredentialsInWorkspace);
280282
invocation.setVaultCredentials(
281283
StringUtils.isNotBlank(vaultCredentialsId)
282-
? CredentialsProvider.findCredentialById(vaultCredentialsId, StandardCredentials.class, run)
284+
? CredentialsProvider.findCredentialById(
285+
run.getEnvironment(listener).expand(vaultCredentialsId),
286+
StandardCredentials.class,
287+
run)
283288
: null);
284289
invocation.setVaultTmpPath(
285290
StringUtils.isNotBlank(vaultTmpPath) ? new FilePath(new File(vaultTmpPath)) : null);

src/main/java/org/jenkinsci/plugins/ansible/AnsibleVaultBuilder.java

+7-2
Original file line numberDiff line numberDiff line change
@@ -131,12 +131,17 @@ public void perform(
131131
invocation.setAction(action);
132132
invocation.setVaultCredentials(
133133
StringUtils.isNotBlank(vaultCredentialsId)
134-
? CredentialsProvider.findCredentialById(vaultCredentialsId, StandardCredentials.class, run)
134+
? CredentialsProvider.findCredentialById(
135+
run.getEnvironment(listener).expand(vaultCredentialsId),
136+
StandardCredentials.class,
137+
run)
135138
: null);
136139
invocation.setNewVaultCredentials(
137140
StringUtils.isNotBlank(newVaultCredentialsId)
138141
? CredentialsProvider.findCredentialById(
139-
newVaultCredentialsId, StandardCredentials.class, run)
142+
run.getEnvironment(listener).expand(newVaultCredentialsId),
143+
StandardCredentials.class,
144+
run)
140145
: null);
141146
invocation.setVaultTmpPath(
142147
StringUtils.isNotBlank(vaultTmpPath) ? new FilePath(new File(vaultTmpPath)) : null);

src/test/java/org/jenkinsci/plugins/ansible/jobdsl/JobDslIntegrationTest.java

+62-1
Original file line numberDiff line numberDiff line change
@@ -1,16 +1,34 @@
11
package org.jenkinsci.plugins.ansible.jobdsl;
22

33
import static org.hamcrest.MatcherAssert.assertThat;
4+
import static org.hamcrest.Matchers.allOf;
5+
import static org.hamcrest.Matchers.containsString;
46
import static org.hamcrest.Matchers.is;
57
import static org.hamcrest.Matchers.isA;
68
import static org.hamcrest.Matchers.notNullValue;
7-
9+
import static org.junit.Assume.assumeFalse;
10+
11+
import com.cloudbees.plugins.credentials.CredentialsProvider;
12+
import com.cloudbees.plugins.credentials.CredentialsScope;
13+
import com.cloudbees.plugins.credentials.CredentialsStore;
14+
import com.cloudbees.plugins.credentials.domains.Domain;
15+
import hudson.model.FreeStyleBuild;
16+
import hudson.model.FreeStyleProject;
17+
import hudson.model.ParameterValue;
18+
import hudson.model.ParametersAction;
19+
import hudson.model.StringParameterValue;
20+
import hudson.util.Secret;
21+
import java.util.ArrayList;
22+
import java.util.List;
23+
import org.apache.commons.lang3.SystemUtils;
824
import org.hamcrest.Matcher;
925
import org.jenkinsci.plugins.ansible.AnsibleAdHocCommandBuilder;
1026
import org.jenkinsci.plugins.ansible.AnsiblePlaybookBuilder;
1127
import org.jenkinsci.plugins.ansible.AnsibleVaultBuilder;
1228
import org.jenkinsci.plugins.ansible.InventoryContent;
1329
import org.jenkinsci.plugins.ansible.InventoryPath;
30+
import org.jenkinsci.plugins.plaincredentials.StringCredentials;
31+
import org.jenkinsci.plugins.plaincredentials.impl.StringCredentialsImpl;
1432
import org.junit.Rule;
1533
import org.junit.Test;
1634
import org.junit.rules.RuleChain;
@@ -21,6 +39,7 @@
2139
*/
2240
public class JobDslIntegrationTest {
2341
public static final String ANSIBLE_DSL_GROOVY_PLAYBOOK = "jobdsl/playbook.groovy";
42+
public static final String ANSIBLE_DSL_GROOVY_EXPANDER = "jobdsl/expander.groovy";
2443
public static final String ANSIBLE_DSL_GROOVY_SECURITY_630 = "jobdsl/security630.groovy";
2544
public static final String ANSIBLE_DSL_GROOVY_PLAYBOOK_LEGACY = "jobdsl/legacyPlaybook.groovy";
2645
public static final String ANSIBLE_DSL_GROOVY_ADHOC = "jobdsl/adhoc.groovy";
@@ -69,6 +88,48 @@ public void shouldCreateJobWithPlaybookDsl() throws Exception {
6988
assertThat("extraVar.hidden", step.extraVars.get(0).isHidden(), is(true));
7089
}
7190

91+
@Test
92+
@DslJobRule.WithJobDsl(ANSIBLE_DSL_GROOVY_EXPANDER)
93+
public void shouldCreateJobWithVarExpander() throws Exception {
94+
95+
assumeFalse(SystemUtils.IS_OS_WINDOWS);
96+
97+
// Add credentials
98+
StringCredentials vaultCredentials = new StringCredentialsImpl(
99+
CredentialsScope.GLOBAL,
100+
"vaultCredentialsString",
101+
"test username password",
102+
Secret.fromString("test-secret"));
103+
StringCredentials credentials = new StringCredentialsImpl(
104+
CredentialsScope.GLOBAL, "credentialsString", "test credentials", Secret.fromString("test"));
105+
CredentialsStore store =
106+
CredentialsProvider.lookupStores(jenkins.jenkins).iterator().next();
107+
store.addCredentials(Domain.global(), vaultCredentials);
108+
store.addCredentials(Domain.global(), credentials);
109+
110+
// Create job via jobdsl with var expander
111+
AnsiblePlaybookBuilder step = dsl.getGeneratedJob().getBuildersList().get(AnsiblePlaybookBuilder.class);
112+
assertThat("Should add playbook builder", step, notNullValue());
113+
assertThat("playbook", step.playbook, is("playbook.yml"));
114+
assertThat("inventory", step.inventory, (Matcher) isA(InventoryPath.class));
115+
assertThat("vaultCredentialsId", step.vaultCredentialsId, is("${vault_credentials_id}"));
116+
assertThat("credentialsId", step.credentialsId, is("${credentials_id}"));
117+
118+
List<ParameterValue> parameters = new ArrayList<>();
119+
parameters.add(new StringParameterValue("inventory_repository", "inventory"));
120+
parameters.add(new StringParameterValue("vault_credentials_id", "vaultCredentialsString"));
121+
parameters.add(new StringParameterValue("credentials_id", "credentialsString"));
122+
ParametersAction parametersAction = new ParametersAction(parameters);
123+
124+
FreeStyleProject freeStyleProject = jenkins.getInstance().getItemByFullName("ansible", FreeStyleProject.class);
125+
FreeStyleBuild build =
126+
freeStyleProject.scheduleBuild2(0, parametersAction).get();
127+
assertThat(
128+
build.getLog(),
129+
allOf(containsString(
130+
"ansible-playbook playbook.yml -i inventory/inventory.yml -f 5 --vault-password-file ")));
131+
}
132+
72133
@Test
73134
@DslJobRule.WithJobDsl(ANSIBLE_DSL_GROOVY_PLAYBOOK_LEGACY)
74135
public void shouldCreateJobWithLegacyPlaybookDsl() throws Exception {

src/test/resources/jobdsl/expander.groovy

+23
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,23 @@
1+
job('ansible') {
2+
steps {
3+
shell('''cat > playbook.yml << EOL
4+
- hosts: localhost
5+
connection: local
6+
gather_facts: no
7+
tasks:
8+
- debug: msg=test
9+
EOL
10+
''')
11+
shell('mkdir -p inventory')
12+
ansiblePlaybook('playbook.yml') {
13+
inventoryPath('${inventory_repository}/inventory.yml')
14+
vaultCredentialsId('${vault_credentials_id}')
15+
credentialsId('${credentials_id}')
16+
}
17+
}
18+
parameters {
19+
stringParam('inventory_repository')
20+
stringParam('vault_credentials_id')
21+
stringParam('credentials_id')
22+
}
23+
}

0 commit comments

Comments
 (0)