aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPaul Sokolovsky <pfalcon@users.sourceforge.net>2015-04-14 16:20:46 +0300
committerPaul Sokolovsky <paul.sokolovsky@linaro.org>2015-04-24 17:18:38 +0300
commit11f165401e4b4a942abe85c9053c673f8cacdeb5 (patch)
tree03bfe4805efdc26e1e2b9b6c9554702e6c255147
parentfa1912fa32757806947790ab5eee36572ec93294 (diff)
downloadjenkins-plugin-linaro-pubapi-11f165401e4b4a942abe85c9053c673f8cacdeb5.tar.gz
Allow to select target publishing server - via Jenkins Credentials subsys.
To make this work, a new "Credential Domain" should be configured, with filter by adhoc "pubapi" URL schema. Within domain, using "Username with password" credential type. "Username" should be a publishing server though, and password - master publishing key. Additionally, for JJB usage, in "Advanced" section, a credential ID should be defined to have a form pubapi-<server_host>, e.g. pubapi-snapshots.linaro.org. Set PUBLISH_SERVER envvar based on publishing server selected by plugin. This value can be directly passed to --server param of linaro-cp tool, thus avoiding duplicating server name in 2 places, and confusion if they don't match. Also, other minor usability/diagnosing tweaks: - Log the fact that token was requested to build log. - If credential id for a job isn't set, use "pubapi-snapshots.linaro.org". (For compatibility with jobs configured for older plugin version.) Change-Id: I02d6a8fa48485c1f4ed2cb4e3b33d6c1170155ec
-rw-r--r--pom.xml28
-rw-r--r--src/main/java/linaro/pubapi/LinaroPubAPIKey.java87
-rw-r--r--src/main/resources/linaro/pubapi/LinaroPubAPIKey/config.jelly5
-rw-r--r--src/main/resources/linaro/pubapi/LinaroPubAPIKey/global.jelly6
4 files changed, 97 insertions, 29 deletions
diff --git a/pom.xml b/pom.xml
index 9c33e86..6f87b89 100644
--- a/pom.xml
+++ b/pom.xml
@@ -10,9 +10,35 @@
<artifactId>linaro-pubapi</artifactId>
<packaging>hpi</packaging>
<name>Linaro Publishing API Token Plugin</name>
- <version>1.1</version>
+ <version>1.2</version>
<url>https://wiki.jenkins-ci.org/display/JENKINS/Plugins</url>
+ <repositories>
+ <repository>
+ <id>repo.jenkins-ci.org</id>
+ <url>http://repo.jenkins-ci.org/public/</url>
+ </repository>
+ </repositories>
+ <pluginRepositories>
+ <pluginRepository>
+ <id>repo.jenkins-ci.org</id>
+ <url>http://repo.jenkins-ci.org/public/</url>
+ </pluginRepository>
+ </pluginRepositories>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.jenkins-ci.plugins</groupId>
+ <artifactId>credentials</artifactId>
+ <version>1.9.4</version>
+ </dependency>
+ <dependency>
+ <groupId>org.jenkins-ci.plugins</groupId>
+ <artifactId>ssh-credentials</artifactId>
+ <version>1.6.1</version>
+ </dependency>
+ </dependencies>
+
<build>
<plugins>
<plugin>
diff --git a/src/main/java/linaro/pubapi/LinaroPubAPIKey.java b/src/main/java/linaro/pubapi/LinaroPubAPIKey.java
index 4c80ec9..d77525d 100644
--- a/src/main/java/linaro/pubapi/LinaroPubAPIKey.java
+++ b/src/main/java/linaro/pubapi/LinaroPubAPIKey.java
@@ -1,6 +1,8 @@
package linaro.pubapi;
import java.io.IOException;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
import hudson.AbortException;
import hudson.Extension;
@@ -9,27 +11,54 @@ import hudson.model.AbstractBuild;
import hudson.model.AbstractProject;
import hudson.model.BuildListener;
import hudson.model.FreeStyleProject;
+import hudson.model.Item;
import hudson.model.ParametersAction;
import hudson.model.StringParameterValue;
+import hudson.security.ACL;
import hudson.tasks.BuildStepDescriptor;
import hudson.tasks.Builder;
+import hudson.util.ListBoxModel;
+import jenkins.model.Jenkins;
+
+import org.kohsuke.stapler.AncestorInPath;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.StaplerRequest;
+import com.cloudbees.jenkins.plugins.sshcredentials.SSHAuthenticator;
+
+import com.cloudbees.plugins.credentials.common.StandardCredentials;
+import com.cloudbees.plugins.credentials.common.StandardListBoxModel;
+import com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials;
+import com.cloudbees.plugins.credentials.domains.SchemeRequirement;
+import com.cloudbees.plugins.credentials.CredentialsMatcher;
+import com.cloudbees.plugins.credentials.CredentialsMatchers;
+import com.cloudbees.plugins.credentials.CredentialsProvider;
+
import net.sf.json.JSONObject;
import org.apache.commons.httpclient.*;
import org.apache.commons.httpclient.methods.*;
import org.apache.commons.httpclient.params.HttpMethodParams;
+// Solely to filter by "SSH connection" credentials type
+import com.trilead.ssh2.Connection;
+
/**
* @author Paul Sokolovsky
*/
public class LinaroPubAPIKey extends Builder {
+ private static final SchemeRequirement SCHEME = new SchemeRequirement("pubapi");
+ private static final CredentialsMatcher CREDENTIALS_MATCHER = CredentialsMatchers.anyOf(
+ CredentialsMatchers.instanceOf(StandardUsernamePasswordCredentials.class)
+ );
+
+ public String credentialsId;
+
@DataBoundConstructor
- public LinaroPubAPIKey() {
+ public LinaroPubAPIKey(String credentialsId) {
+ this.credentialsId = credentialsId;
}
@@ -41,8 +70,6 @@ public class LinaroPubAPIKey extends Builder {
@Extension
public static class Descriptor extends BuildStepDescriptor<Builder> {
- private String secretKey;
- private String apiURL;
// Using public members alleviates us from creating getters/setters
public String defaultNotBefore;
public String defaultNotAfter;
@@ -51,22 +78,6 @@ public class LinaroPubAPIKey extends Builder {
load();
}
- public String getPubAPIURL() {
- return apiURL;
- }
-
- public void setPubAPIURL(String apiURL) {
- this.apiURL = apiURL;
- }
-
- public String getPubAPISecretKey() {
- return secretKey;
- }
-
- public void setPubAPISecretKey(String secretKey) {
- this.secretKey = secretKey;
- }
-
@Override
public boolean configure(StaplerRequest req, JSONObject json) throws FormException {
req.bindJSON(this, json.getJSONObject("linaropubapi"));
@@ -86,15 +97,42 @@ public class LinaroPubAPIKey extends Builder {
return "Linaro Publishing API Token";
}
+ public ListBoxModel doFillCredentialsIdItems(@AncestorInPath Item project) {
+ return new StandardListBoxModel().withMatching(SSHAuthenticator.matcher(Connection.class),
+ CredentialsProvider.lookupCredentials(StandardCredentials.class, project,
+ ACL.SYSTEM, SCHEME));
+ }
+
+ }
+
+ private static StandardUsernamePasswordCredentials lookupSystemCredentials(String credentialsId) {
+ return CredentialsMatchers.firstOrNull(
+ CredentialsProvider
+ .lookupCredentials(StandardUsernamePasswordCredentials.class, Jenkins.getInstance(), ACL.SYSTEM,
+ SCHEME),
+ CredentialsMatchers.withId(credentialsId)
+ );
}
@Override
public boolean perform(AbstractBuild<?,?> build, Launcher launcher, BuildListener listener)
throws InterruptedException, IOException {
HttpClient client = new HttpClient();
- String url = getDescriptor().getPubAPIURL();
+
+ if (credentialsId == null) {
+ credentialsId = "pubapi-snapshots.linaro.org";
+ }
+
+ StandardUsernamePasswordCredentials cred = lookupSystemCredentials(credentialsId);
+ if (cred == null) {
+ throw new AbortException("Unable to get publishing credentials with ID: '" + credentialsId + "'");
+ }
+
+ String url = cred.getUsername();
+ listener.getLogger().format("Requesting publishing token for %s%n", url);
+
PostMethod method = new PostMethod(url);
- method.setRequestHeader("AuthToken", getDescriptor().getPubAPISecretKey());
+ method.setRequestHeader("AuthToken", cred.getPassword().getPlainText());
method.addParameter("not_valid_til", Integer.toString(Integer.parseInt(getDescriptor().defaultNotBefore) * 60));
method.addParameter("expires", Integer.toString(Integer.parseInt(getDescriptor().defaultNotAfter) * 60));
@@ -133,6 +171,13 @@ public class LinaroPubAPIKey extends Builder {
}
build.addAction(new ParametersAction(new StringParameterValue("PUBLISH_TOKEN", token)));
+
+ Matcher m = Pattern.compile("(.+://.+?/)").matcher(url);
+ if (m.find()) {
+ String serverUrl = m.group(1);
+ build.addAction(new ParametersAction(new StringParameterValue("PUBLISH_SERVER", serverUrl)));
+ }
+
return true;
}
}
diff --git a/src/main/resources/linaro/pubapi/LinaroPubAPIKey/config.jelly b/src/main/resources/linaro/pubapi/LinaroPubAPIKey/config.jelly
index d439808..541e1c7 100644
--- a/src/main/resources/linaro/pubapi/LinaroPubAPIKey/config.jelly
+++ b/src/main/resources/linaro/pubapi/LinaroPubAPIKey/config.jelly
@@ -1,2 +1,5 @@
-<j:jelly xmlns:j="jelly:core" xmlns:f="/lib/form">
+<j:jelly xmlns:j="jelly:core" xmlns:f="/lib/form" xmlns:c="/lib/credentials">
+ <f:entry title="${%Credentials}" field="credentialsId">
+ <c:select/>
+ </f:entry>
</j:jelly>
diff --git a/src/main/resources/linaro/pubapi/LinaroPubAPIKey/global.jelly b/src/main/resources/linaro/pubapi/LinaroPubAPIKey/global.jelly
index 137872f..4b222fe 100644
--- a/src/main/resources/linaro/pubapi/LinaroPubAPIKey/global.jelly
+++ b/src/main/resources/linaro/pubapi/LinaroPubAPIKey/global.jelly
@@ -1,12 +1,6 @@
<j:jelly xmlns:j="jelly:core" xmlns:f="/lib/form">
<f:section title="${%Linaro Publishing API}" name="linaropubapi">
- <f:entry title="${%API URL}" field="pubAPIURL">
- <f:textbox default="https://snapshots.linaro.org/api/v2/token/" />
- </f:entry>
- <f:entry title="${%Secret key}" field="pubAPISecretKey">
- <f:textbox/>
- </f:entry>
<f:entry title="${%Default token 'not valid before' (mins)}" field="defaultNotBefore">
<f:textbox default="5" />
</f:entry>