public static void add(@Nonnull OpenstackCredential openstackCredential) { SystemCredentialsProvider.getInstance().getCredentials().add(openstackCredential); }
private static String checkLocalKubernetesToken() { File file = new File(KUBE_TOKEN_PATH); if (file.exists() && file.canRead() ) { try { String token = IOUtils.toString(file.toURI() ); TokenCredentialsImpl kubeServiceToken = new TokenCredentialsImpl(CredentialsScope.SYSTEM, KUBE_SERVICE_TOKEN_ID, "Local Kubernetes service token", Secret.fromString(token) ); SystemCredentialsProvider.getInstance().getCredentials().add(kubeServiceToken); SystemCredentialsProvider.getInstance().save(); return KUBE_SERVICE_TOKEN_ID; } catch (IOException excep) { LOGGER.warning("Unable to read Kubernetes service token file: " + excep); } } return StringUtils.EMPTY; }
public ListBoxModel doFillCredentialsIdItems() { final ListBoxModel selections = new ListBoxModel(); SystemCredentialsProvider s = SystemCredentialsProvider.getInstance(); Set<String> displayCredentials = new HashSet(); for (Credentials c: s.getCredentials()) { if (c instanceof CodeBuildCredentials) { displayCredentials.add(((CodeBuildCredentials) c).getId()); } } Jenkins instance = Jenkins.getInstance(); if(instance != null) { List<Folder> folders = instance.getAllItems(Folder.class); for(Folder folder: folders) { List<Credentials> creds = CredentialsProvider.lookupCredentials(Credentials.class, (Item) folder); for(Credentials cred: creds) { if (cred instanceof CodeBuildCredentials) { displayCredentials.add(((CodeBuildCredentials) cred).getId()); } } } } for(String credString: displayCredentials) { selections.add(credString); } return selections; }
public ListBoxModel doFillCredentialsIdItems() { final ListBoxModel selections = new ListBoxModel(); SystemCredentialsProvider s = SystemCredentialsProvider.getInstance(); Set<String> displayCredentials = new HashSet(); for (Credentials c: s.getCredentials()) { if (c instanceof CodeBuildCredentials) { displayCredentials.add(((CodeBuildCredentials) c).getId()); } } Jenkins instance = Jenkins.getInstance(); if(instance != null) { List<Folder> folders = instance.getAllItems(Folder.class); for(Folder folder: folders) { List<Credentials> creds = CredentialsProvider.lookupCredentials(Credentials.class, (Item) folder); for(Credentials cred: creds) { if (cred instanceof CodeBuildCredentials) { displayCredentials.add(((CodeBuildCredentials) cred).getId()); } } } } for(String credString: displayCredentials) { selections.add(credString); } return selections; }
password ); SystemCredentialsProvider.getInstance().getCredentials().add(newCredentials); try { SystemCredentialsProvider.getInstance().save();
username, password); SystemCredentialsProvider.getInstance().getCredentials().add(newCredentials); credentialsId = newCredentials.getId();
for (Credentials credentials: systemCredentialsProvider.getCredentials()) { if (credentials instanceof AmazonWebServicesCredentials) { AmazonWebServicesCredentials awsCreds = (AmazonWebServicesCredentials) credentials;
SystemCredentialsProvider.getInstance().getCredentials().add(newCredentials); this.credentialsId = newCredentials.getId();
@Test @LocalData() public void upgradeFrom_1_1() throws Exception { List<Credentials> credentials = SystemCredentialsProvider.getInstance().getCredentials(); assertEquals(3, credentials.size()); UsernamePasswordCredentialsImpl cred0 = (UsernamePasswordCredentialsImpl) credentials.get(0); assertEquals("token", cred0.getId()); assertEquals("myusername", cred0.getUsername()); FileSystemServiceAccountCredential cred1 = (FileSystemServiceAccountCredential) credentials.get(1); StringCredentialsImpl cred2 = (StringCredentialsImpl) credentials.get(2); assertEquals("mytoken", Secret.toString(cred2.getSecret())); assertThat(cloud.getLabels(), hasEntry("jenkins", "slave")); }
@Test public void docker() throws Exception { StandardUsernamePasswordCredentials credentials = new UsernamePasswordCredentialsImpl(CredentialsScope.GLOBAL, "ContainerExecDecoratorPipelineTest-docker", "bob", "username", "secret_password"); SystemCredentialsProvider.getInstance().getCredentials().add(credentials); WorkflowJob p = r.jenkins.createProject(WorkflowJob.class, "docker"); p.setDefinition(new CpsFlowDefinition(loadPipelineScript("docker.groovy"), true)); containerExecLogs.capture(1000); WorkflowRun b = p.scheduleBuild2(0).waitForStart(); assertNotNull(b); r.waitForCompletion(b); r.assertLogContains("Wrote authentication to /home/jenkins/.dockercfg", b); // check that we don't accidentally start exporting sensitive info to the build log r.assertLogNotContains("secret_password", b); // check that we don't accidentally start exporting sensitive info to the Jenkins log assertFalse("credential leaked to log", containerExecLogs.getMessages().stream().anyMatch(msg -> msg.contains("secret_password"))); } }
@Issue({ "JENKINS-47225", "JENKINS-42582" }) @Test public void sshagent() throws Exception { PrivateKeySource source = new BasicSSHUserPrivateKey.DirectEntryPrivateKeySource( new String(IOUtils.toByteArray(getClass().getResourceAsStream("id_rsa")))); BasicSSHUserPrivateKey credentials = new BasicSSHUserPrivateKey(CredentialsScope.GLOBAL, "ContainerExecDecoratorPipelineTest-sshagent", "bob", source, "secret_passphrase", "test credentials"); SystemCredentialsProvider.getInstance().getCredentials().add(credentials); WorkflowJob p = r.jenkins.createProject(WorkflowJob.class, "sshagent"); p.setDefinition(new CpsFlowDefinition(loadPipelineScript("sshagent.groovy"), true)); WorkflowRun b = p.scheduleBuild2(0).waitForStart(); assertNotNull(b); r.waitForCompletion(b); r.assertLogContains("Identity added:", b); //Assert that ssh-agent provided envVar is now properly contributed and set. r.assertLogContains("SSH_AGENT_PID=", b); //assert that our private key was loaded and is visible within the ssh-agent scope r.assertLogContains("ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDhvmTBXRnSbtpnkt/Ldw7ws4LFdoX9oI+5NexgpBC4Otqbn8+Ui6FGWeYflOQUcl3rgmBxsHIeFnPr9qSvgME1TWPIyHSQh2kPMd3NQgkEvioBxghnWRy7sal4KBr2P8m7Iusm8j0aCNLZ3nYjJSywWZxiqqrcpnhFuTD//FPIEhXOu2sk2FEP7YsA9TdL8mAruxy/6Ys2pRC2dQhBtmkEOyEGiBnk3ioT5iCw/Qqe+pU0yaYu69vPyAFCuazBMopPcOuRxFgKvrfCPVqcQb3HERJh5eiW5+5Vg3RwoByQUtQMK5PDBVWPo9srB0Q9Aw9DXmeJCgdtFJqhhh4SR+al /home/jenkins/workspace/sshagent@tmp/private_key",b); //check that we don't accidentally start exporting sensitive info to the log r.assertLogNotContains("secret_passphrase", b); }
CodeBuildCredentials codeBuildCredentials; codeBuildCredentials = (CodeBuildCredentials) CredentialsMatchers.firstOrNull(SystemCredentialsProvider.getInstance().getCredentials(), CredentialsMatchers.allOf(CredentialsMatchers.withId(credentialsId)));
@Test public void given_folderAndSystemCredentials_when_builtAsUserWithUseItem_then_folderCredentialFound() throws Exception { SystemCredentialsProvider.getInstance().getCredentials().add( new UsernamePasswordCredentialsImpl(CredentialsScope.GLOBAL, "foo-manchu", "You don't want me", "bar", "fly") );
@Test public void given_nestedFolderAndSystemCredentials_when_builtAsUserWithUseItem_then_folderCredentialFound() throws Exception { SystemCredentialsProvider.getInstance().getCredentials().add( new UsernamePasswordCredentialsImpl(CredentialsScope.GLOBAL, "foo-manchu", "You don't want me", "bar", "fly") );