Re: Create UserPrivateKeySource Credential via Groovy?
I have tried and it doesnt work..
call it a bug or whatever, but i just confirmed from the source code of
this plugin ,
where one commit in the unit test folder says:
ReadFileOnMaster etc. did not actually work.
Simpler and better to writeReplace a DirectEntryPrivateKeySource.
Source
:
https://github.com/jenkinsci/ssh-credentials-plugin/commit/1a17d759c5c559ae050681364703dd5f02b5e0f0
sad ://
I will prefer giving a path to my ssh private key instead of entering it
from a groovy script ..
On Tuesday, January 27, 2015 at 5:32:39 AM UTC-8, Kenneth Baltrinic wrote:
Its me again--still trying to configure Jenkins via Chef. In this case I
have extracted from the opscode Jenkins cookbook their script for creating
ssh credentials and have attempted to modify it to create a credential from
a UserPrivateKeySource instead of the DirectEntryPrivateKeySource that the
opscode script creates. Perhaps I don't understand the
UserPrivateKeySource class or its purpose correctly but I am not getting
the results I want.
Essentially what I am trying to do is this: The cookbook has already
installed an SSH key pair in the Master Jenkins users' .ssh directory. Now
I want to programmatically create a credential in Jenkins to use that pair.
The script should be the automated equivalent of choosing the From the
Jenkins master ~/.ssh option in the Manage Credentials UI. It seems to me
that the UserPrivateKeySource class is what I want, but when I use it, what
I get in the UI is the Enter Directly option checked, with the private
key from the .ssh folder loaded into the UI!. :-( So its using the right
key, but its making it visible in the UI which is a no-no for us.
Moreover, if I go in an manual choose the right option later, the update
part of the script switches it back to Entire Directly on the next chef
run.
Below is the recipe snippet containing the groovy script hat I am using to
create the credentials. Any advice on what I am doing wrong would be
greatly appreciated.
*jenkins_script 'create ~/.ssh credentials' do*
*command -EOH.gsub(/ ^{8}/, '')*
*import jenkins.model.**
*import com.cloudbees.plugins.credentials.**
*import com.cloudbees.plugins.credentials.common.**
*import com.cloudbees.plugins.credentials.domains.**
*import com.cloudbees.jenkins.plugins.sshcredentials.impl.**
*import hudson.plugins.sshslaves.*;*
*global_domain = Domain.global()*
*credentials_store =*
* Jenkins.instance.getExtensionList(*
*'com.cloudbees.plugins.credentials.SystemCredentialsProvider'*
* )[0].getStore()*
*credentials = new BasicSSHUserPrivateKey(*
* CredentialsScope.GLOBAL,*
* #{node['cvent-jenkins']['ssh-user-id']},*
* #{node['cvent-jenkins']['ssh-user']},*
* new BasicSSHUserPrivateKey.UsersPrivateKeySource(),*
* ,*
* Credential ID: #{node['cvent-jenkins']['ssh-user-id']}*
*)*
*// Create or update the credentials in the Jenkins instance*
*username_matcher =
CredentialsMatchers.withUsername(#{node['cvent-jenkins']['ssh-user']})*
*available_credentials =*
* CredentialsProvider.lookupCredentials(*
*StandardUsernameCredentials.class,*
*Jenkins.getInstance(),*
*hudson.security.ACL.SYSTEM,*
*new SchemeRequirement(ssh)*
* )*
*existing_credentials =*
* CredentialsMatchers.firstOrNull(*
*available_credentials,*
*username_matcher*
* )*
*if(existing_credentials != null) {*
* // !!This will take an existing UserPrivateKeySource credential
and *
* // turn it into a DirectEntryPrivateKeySource credentials. :(*
* credentials_store.updateCredentials(*
*global_domain,*
*existing_credentials,*
*credentials*
* )*
*} else {*
* credentials_store.addCredentials(global_domain, credentials)*
*}*
*EOH*
*end*
--
You received this message because you are subscribed to the Google Groups
Jenkins Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-users/50846d22-ce41-4e2c-848b-66cee6590a46%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Re: Create UserPrivateKeySource Credential via Groovy?
OK I FINALLY GOT IT WORKING:))
thanks to your code.
your code works perfectly fine for me ...i just skimmed it down to use
UsersPrivateSource method ..
i ran it against a live jenkins instance and worked right away:)
/
import jenkins.model.*
import com.cloudbees.plugins.credentials.*
import com.cloudbees.plugins.credentials.common.*
import com.cloudbees.plugins.credentials.domains.*
import com.cloudbees.jenkins.plugins.sshcredentials.impl.*
import hudson.plugins.sshslaves.*;
global_domain = Domain.global()
credentials_store =
Jenkins.instance.getExtensionList(
'com.cloudbees.plugins.credentials.SystemCredentialsProvider'
)[0].getStore()
credentials = new BasicSSHUserPrivateKey(
CredentialsScope.GLOBAL,
null,
root,
new BasicSSHUserPrivateKey.UsersPrivateKeySource(),
,
)
credentials_store.addCredentials(global_domain, credentials)
/
On Tuesday, January 27, 2015 at 5:32:39 AM UTC-8, Kenneth Baltrinic wrote:
Its me again--still trying to configure Jenkins via Chef. In this case I
have extracted from the opscode Jenkins cookbook their script for creating
ssh credentials and have attempted to modify it to create a credential from
a UserPrivateKeySource instead of the DirectEntryPrivateKeySource that the
opscode script creates. Perhaps I don't understand the
UserPrivateKeySource class or its purpose correctly but I am not getting
the results I want.
Essentially what I am trying to do is this: The cookbook has already
installed an SSH key pair in the Master Jenkins users' .ssh directory. Now
I want to programmatically create a credential in Jenkins to use that pair.
The script should be the automated equivalent of choosing the From the
Jenkins master ~/.ssh option in the Manage Credentials UI. It seems to me
that the UserPrivateKeySource class is what I want, but when I use it, what
I get in the UI is the Enter Directly option checked, with the private
key from the .ssh folder loaded into the UI!. :-( So its using the right
key, but its making it visible in the UI which is a no-no for us.
Moreover, if I go in an manual choose the right option later, the update
part of the script switches it back to Entire Directly on the next chef
run.
Below is the recipe snippet containing the groovy script hat I am using to
create the credentials. Any advice on what I am doing wrong would be
greatly appreciated.
*jenkins_script 'create ~/.ssh credentials' do*
*command -EOH.gsub(/ ^{8}/, '')*
*import jenkins.model.**
*import com.cloudbees.plugins.credentials.**
*import com.cloudbees.plugins.credentials.common.**
*import com.cloudbees.plugins.credentials.domains.**
*import com.cloudbees.jenkins.plugins.sshcredentials.impl.**
*import hudson.plugins.sshslaves.*;*
*global_domain = Domain.global()*
*credentials_store =*
* Jenkins.instance.getExtensionList(*
*'com.cloudbees.plugins.credentials.SystemCredentialsProvider'*
* )[0].getStore()*
*credentials = new BasicSSHUserPrivateKey(*
* CredentialsScope.GLOBAL,*
* #{node['cvent-jenkins']['ssh-user-id']},*
* #{node['cvent-jenkins']['ssh-user']},*
* new BasicSSHUserPrivateKey.UsersPrivateKeySource(),*
* ,*
* Credential ID: #{node['cvent-jenkins']['ssh-user-id']}*
*)*
*// Create or update the credentials in the Jenkins instance*
*username_matcher =
CredentialsMatchers.withUsername(#{node['cvent-jenkins']['ssh-user']})*
*available_credentials =*
* CredentialsProvider.lookupCredentials(*
*StandardUsernameCredentials.class,*
*Jenkins.getInstance(),*
*hudson.security.ACL.SYSTEM,*
*new SchemeRequirement(ssh)*
* )*
*existing_credentials =*
* CredentialsMatchers.firstOrNull(*
*available_credentials,*
*username_matcher*
* )*
*if(existing_credentials != null) {*
* // !!This will take an existing UserPrivateKeySource credential
and *
* // turn it into a DirectEntryPrivateKeySource credentials. :(*
* credentials_store.updateCredentials(*
*global_domain,*
*existing_credentials,*
*credentials*
* )*
*} else {*
* credentials_store.addCredentials(global_domain, credentials)*
*}*
*EOH*
*end*
--
You received this message because
Create UserPrivateKeySource Credential via Groovy?
Its me again--still trying to configure Jenkins via Chef. In this case I
have extracted from the opscode Jenkins cookbook their script for creating
ssh credentials and have attempted to modify it to create a credential from
a UserPrivateKeySource instead of the DirectEntryPrivateKeySource that the
opscode script creates. Perhaps I don't understand the
UserPrivateKeySource class or its purpose correctly but I am not getting
the results I want.
Essentially what I am trying to do is this: The cookbook has already
installed an SSH key pair in the Master Jenkins users' .ssh directory. Now
I want to programmatically create a credential in Jenkins to use that pair.
The script should be the automated equivalent of choosing the From the
Jenkins master ~/.ssh option in the Manage Credentials UI. It seems to me
that the UserPrivateKeySource class is what I want, but when I use it, what
I get in the UI is the Enter Directly option checked, with the private
key from the .ssh folder loaded into the UI!. :-( So its using the right
key, but its making it visible in the UI which is a no-no for us.
Moreover, if I go in an manual choose the right option later, the update
part of the script switches it back to Entire Directly on the next chef
run.
Below is the recipe snippet containing the groovy script hat I am using to
create the credentials. Any advice on what I am doing wrong would be
greatly appreciated.
*jenkins_script 'create ~/.ssh credentials' do*
*command -EOH.gsub(/ ^{8}/, '')*
*import jenkins.model.**
*import com.cloudbees.plugins.credentials.**
*import com.cloudbees.plugins.credentials.common.**
*import com.cloudbees.plugins.credentials.domains.**
*import com.cloudbees.jenkins.plugins.sshcredentials.impl.**
*import hudson.plugins.sshslaves.*;*
*global_domain = Domain.global()*
*credentials_store =*
* Jenkins.instance.getExtensionList(*
*'com.cloudbees.plugins.credentials.SystemCredentialsProvider'*
* )[0].getStore()*
*credentials = new BasicSSHUserPrivateKey(*
* CredentialsScope.GLOBAL,*
* #{node['cvent-jenkins']['ssh-user-id']},*
* #{node['cvent-jenkins']['ssh-user']},*
* new BasicSSHUserPrivateKey.UsersPrivateKeySource(),*
* ,*
* Credential ID: #{node['cvent-jenkins']['ssh-user-id']}*
*)*
*// Create or update the credentials in the Jenkins instance*
*username_matcher =
CredentialsMatchers.withUsername(#{node['cvent-jenkins']['ssh-user']})*
*available_credentials =*
* CredentialsProvider.lookupCredentials(*
*StandardUsernameCredentials.class,*
*Jenkins.getInstance(),*
*hudson.security.ACL.SYSTEM,*
*new SchemeRequirement(ssh)*
* )*
*existing_credentials =*
* CredentialsMatchers.firstOrNull(*
*available_credentials,*
*username_matcher*
* )*
*if(existing_credentials != null) {*
* // !!This will take an existing UserPrivateKeySource credential
and *
* // turn it into a DirectEntryPrivateKeySource credentials. :(*
* credentials_store.updateCredentials(*
*global_domain,*
*existing_credentials,*
*credentials*
* )*
*} else {*
* credentials_store.addCredentials(global_domain, credentials)*
*}*
*EOH*
*end*
--
You received this message because you are subscribed to the Google Groups
Jenkins Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-users/1470419e-0788-49b3-952b-854523037bb6%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
