Skip to content

Commit

Permalink
Final touches and tests
Browse files Browse the repository at this point in the history
  • Loading branch information
Thai Pham committed Apr 4, 2018
1 parent ab8733a commit 46707c1
Show file tree
Hide file tree
Showing 7 changed files with 220 additions and 7 deletions.
27 changes: 27 additions & 0 deletions NATIVE_TYPES_AND_PROVIDERS.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -384,6 +384,33 @@ jenkins_credentials { '7e86e9fb-a8af-480f-b596-7191dc02bf38':
}
```

### `GoogleRobotPrivateKeyCredentials`

Using this credential type requires that the jenkins `google-oauth-plugin` plugin
has been installed.

```
jenkins_credentials { '587690b0-f793-44e6-bc46-889cce58fb71':
ensure => 'present',
impl => 'GoogleRobotPrivateKeyCredentials',
json_key => @END
{
"client_email": "[email protected]",
"private_key": "-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----\n"
}
| END,
}
```
or
```
jenkins_credentials { '2f867d0d-e0c7-48a6-a355-1d4fd2ac6c22':
ensure => 'present',
impl => 'GoogleRobotPrivateKeyCredentials',
email_address => '[email protected]',
p12_key => 'LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCg==',
}
```

### `jenkins_job`

```
Expand Down
15 changes: 13 additions & 2 deletions files/puppet_helper.groovy
View file
Original file line number Diff line number Diff line change
Expand Up @@ -547,8 +547,19 @@ class Actions {
}
break
case 'com.google.jenkins.plugins.credentials.oauth.GoogleRobotPrivateKeyCredentials':
info['account_id'] = cred.getServiceAccountConfig().getAccountId()
info['private_key'] = IOUtils.toString(cred.getServiceAccountConfig().getPrivateKey().getEncoded(), "UTF-8")
info['json_key'] = null
info['email_address'] = null
info['p12_key'] = null

def serviceAccountConfig = cred.getServiceAccountConfig()
if (serviceAccountConfig.getClass().getName() == 'com.google.jenkins.plugins.credentials.oauth.JsonServiceAccountConfig') {
info['json_key'] = Secret.fromString(new File(serviceAccountConfig.getJsonKeyFile()).getText('UTF-8')).getPlainText()
} else if (serviceAccountConfig.getClass().getName() == 'com.google.jenkins.plugins.credentials.oauth.P12ServiceAccountConfig') {
info['email_address'] = serviceAccountConfig.getEmailAddress()
info['p12_key'] = new File(serviceAccountConfig.getP12KeyFile()).getBytes().encodeBase64().toString()
} else {
throw new UnsupportedCredentialsClass("unsupported service account config " + serviceAccountConfig.getClass().getName())
}
break
default:
throw new UnsupportedCredentialsClass("unsupported " + cred)
Expand Down
3 changes: 3 additions & 0 deletions lib/puppet/provider/jenkins_credentials/cli.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,9 @@ def self.from_hash(info)
[:description, :api_token].each { |k| copy_key(params, info, k) }
when 'GoogleRobotPrivateKeyCredentials'
[:json_key, :email_address, :p12_key].each { |k| copy_key(params, info, k) }
# Since the plugin does not allow to configure the description of the credentials,
# we will just hardcode it to the default value.
params[:description] = 'Managed by Puppet'
when 'ConduitCredentialsImpl'
[:description, :token, :url].each { |k| copy_key(params, info, k) }

Expand Down
4 changes: 2 additions & 2 deletions lib/puppet/type/jenkins_credentials.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -102,15 +102,15 @@
end

newproperty(:json_key) do
desc 'JSON key string - GoogleRobotPrivateKeyCredentials'
desc 'Prettified JSON key string - GoogleRobotPrivateKeyCredentials'
end

newproperty(:email_address) do
desc 'Email address used with a P12 key - GoogleRobotPrivateKeyCredentials'
end

newproperty(:p12_key) do
desc 'P12 key string in Base64 format - GoogleRobotPrivateKeyCredentials'
desc 'P12 key string in Base64 format without line wrapping - GoogleRobotPrivateKeyCredentials'
end

# require all authentication & authorization related types
Expand Down
70 changes: 70 additions & 0 deletions spec/acceptance/xtypes/jenkins_credentials_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -223,6 +223,76 @@
}
end
end

context 'GoogleRobotPrivateKeyCredentials with json_key' do
it 'works with no errors' do
pending('jenkins plugin tests are not consistently failing or succeeding: https://github.com/voxpupuli/puppet-jenkins/issues/839')
pp = base_manifest + <<-EOS
jenkins::plugin { [
'google-oauth-plugin',
'credentials',
'structs',
'oauth-credentials',
]: }
jenkins_credentials { '587690b0-f793-44e6-bc46-889cce58fb71':
ensure => 'present',
impl => 'GoogleRobotPrivateKeyCredentials',
json_key => @END
{
"client_email": "[email protected]",
"private_key": "-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----\n"
}
| END,
}
EOS

apply2(pp)
end

describe file('/var/lib/jenkins/credentials.xml') do
# XXX need to properly compare the XML doc
# trying to match anything other than the id this way might match other
# credentails
it {
pending('jenkins plugin tests are not consistently failing or succeeding: https://github.com/voxpupuli/puppet-jenkins/issues/839')
is_expected.to contain '<projectId>587690b0-f793-44e6-bc46-889cce58fb71</projectId>'
}
end
end

context 'GoogleRobotPrivateKeyCredentials with email_address and p12_key' do
it 'works with no errors' do
pending('jenkins plugin tests are not consistently failing or succeeding: https://github.com/voxpupuli/puppet-jenkins/issues/839')
pp = base_manifest + <<-EOS
jenkins::plugin { [
'google-oauth-plugin',
'credentials',
'structs',
'oauth-credentials',
]: }
jenkins_credentials { '2f867d0d-e0c7-48a6-a355-1d4fd2ac6c22':
ensure => 'present',
impl => 'GoogleRobotPrivateKeyCredentials',
email_address => '[email protected]',
p12_key => 'LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCg==',
}
EOS

apply2(pp)
end

describe file('/var/lib/jenkins/credentials.xml') do
# XXX need to properly compare the XML doc
# trying to match anything other than the id this way might match other
# credentails
it {
pending('jenkins plugin tests are not consistently failing or succeeding: https://github.com/voxpupuli/puppet-jenkins/issues/839')
is_expected.to contain '<projectId>2f867d0d-e0c7-48a6-a355-1d4fd2ac6c22</projectId>'
}
end
end
end # 'present' do

context 'absent' do
Expand Down
100 changes: 99 additions & 1 deletion spec/unit/puppet/provider/jenkins_credentials/cli_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,21 @@
"impl": "GitLabApiTokenImpl",
"description": "GitLab API token",
"api_token": "tokens for days"
},
{
"id": "587690b0-f793-44e6-bc46-889cce58fb71",
"domain": null,
"scope": null,
"impl": "GoogleRobotPrivateKeyCredentials",
"json_key": "{\"client_email\":\"[email protected]\",\"private_key\":\"-----BEGIN PRIVATE KEY-----\\\\n...\\\\n-----END PRIVATE KEY-----\\\\n\"}"
},
{
"id": "2f867d0d-e0c7-48a6-a355-1d4fd2ac6c22",
"domain": null,
"scope": null,
"impl": "GoogleRobotPrivateKeyCredentials",
"email_address": "[email protected]",
"p12_key": "LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCg==",
}
]
EOS
Expand Down Expand Up @@ -92,6 +107,9 @@
key_store_impl
secret_key
access_key
email_address
p12_key
json_key
].each do |k|
expect(provider.public_send(k.to_sym)).to eq :absent
end
Expand Down Expand Up @@ -125,6 +143,9 @@
key_store_impl
secret_key
access_key
email_address
p12_key
json_key
].each do |k|
expect(provider.public_send(k.to_sym)).to eq :absent
end
Expand Down Expand Up @@ -158,6 +179,9 @@
key_store_impl
secret_key
access_key
email_address
p12_key
json_key
].each do |k|
expect(provider.public_send(k.to_sym)).to eq :absent
end
Expand Down Expand Up @@ -191,6 +215,9 @@
key_store_impl
secret_key
access_key
email_address
p12_key
json_key
].each do |k|
expect(provider.public_send(k.to_sym)).to eq :absent
end
Expand Down Expand Up @@ -223,6 +250,9 @@
key_store_impl
content
file_name
email_address
p12_key
json_key
].each do |k|
expect(provider.public_send(k.to_sym)).to eq :absent
end
Expand All @@ -245,6 +275,74 @@
expect(provider.public_send(k.to_sym)).to eq cred[k].nil? ? :undef : cred[k]
end

%w[
username
password
private_key
passphrase
source
key_store_impl
content
file_name
secret_key
access_key
email_address
p12_key
json_key
].each do |k|
expect(provider.public_send(k.to_sym)).to eq :absent
end
end
end

shared_examples 'a provider from example hash 7' do
it do
cred = credentials[5]

expect(provider.name).to eq cred['id']
expect(provider.ensure).to eq :present
%w[
domain
scope
impl
json_key
].each do |k|
expect(provider.public_send(k.to_sym)).to eq cred[k].nil? ? :undef : cred[k]
end

%w[
username
password
private_key
passphrase
source
key_store_impl
content
file_name
secret_key
access_key
].each do |k|
expect(provider.public_send(k.to_sym)).to eq :absent
end
end
end

shared_examples 'a provider from example hash 8' do
it do
cred = credentials[5]

expect(provider.name).to eq cred['id']
expect(provider.ensure).to eq :present
%w[
domain
scope
impl
email_address
p12_key
].each do |k|
expect(provider.public_send(k.to_sym)).to eq cred[k].nil? ? :undef : cred[k]
end

%w[
username
password
Expand Down Expand Up @@ -272,7 +370,7 @@
end

it 'returns the correct number of instances' do
expect(described_class.instances.size).to eq 6
expect(described_class.instances.size).to eq 8
end

context 'first instance returned' do
Expand Down
8 changes: 6 additions & 2 deletions spec/unit/puppet/type/jenkins_credentials_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,8 @@
:StringCredentialsImpl,
:FileCredentialsImpl,
:AWSCredentialsImpl,
:GitLabApiTokenImpl
:GitLabApiTokenImpl,
:GoogleRobotPrivateKeyCredentials,
]
end

Expand All @@ -50,7 +51,10 @@
:key_store_impl,
:secret_key,
:access_key,
:api_token
:api_token,
:email_address,
:p12_key,
:json_key,
].each do |property|
describe property.to_s do
context 'attrtype' do
Expand Down

0 comments on commit 46707c1

Please sign in to comment.