Skip to content

Commit

Permalink
Declarative pipeline behavior example
Browse files Browse the repository at this point in the history 
Change-Id: I62c82b61f81e74fe31d8d961fe4cb3c099a354c6
  • Loading branch information
@MattLud
MattLud committed May 11, 2018
1 parent 908cd0f commit 3488e1f
Show file tree
Hide file tree
Showing 5 changed files with 176 additions and 11 deletions.
69 changes: 59 additions & 10 deletions .../org/csanchez/jenkins/plugins/kubernetes/pipeline/ContainerExecDecoratorPipelineTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,26 +32,75 @@

public class ContainerExecDecoratorPipelineTest extends AbstractKubernetesPipelineTest {

@Issue({ "JENKINS-47225", "JENKINS-42582" })
@Test
public void sshagent() throws Exception {

private void setupSSHCredentials() throws Exception{
PrivateKeySource source = new BasicSSHUserPrivateKey.DirectEntryPrivateKeySource(
new String(IOUtils.toByteArray(getClass().getResourceAsStream("id_rsa"))));
BasicSSHUserPrivateKey credentials = new BasicSSHUserPrivateKey(CredentialsScope.GLOBAL,
"ContainerExecDecoratorPipelineTest-sshagent", "bob", source, "secret_passphrase", "test credentials");
SystemCredentialsProvider.getInstance().getCredentials().add(credentials);

WorkflowJob p = r.jenkins.createProject(WorkflowJob.class, "sshagent");
p.setDefinition(new CpsFlowDefinition(loadPipelineScript("sshagent.groovy"), true));
WorkflowRun b = p.scheduleBuild2(0).waitForStart();
assertNotNull(b);
r.waitForCompletion(b);
}

private void assertLogs(WorkflowRun b, String jobIdentifier) throws Exception{
r.assertLogContains("Identity added:", b);
//Assert that ssh-agent provided envVar is now properly contributed and set.
r.assertLogContains("SSH_AGENT_PID=", b);
//assert that our private key was loaded and is visible within the ssh-agent scope
r.assertLogContains("ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDhvmTBXRnSbtpnkt/Ldw7ws4LFdoX9oI+5NexgpBC4Otqbn8+Ui6FGWeYflOQUcl3rgmBxsHIeFnPr9qSvgME1TWPIyHSQh2kPMd3NQgkEvioBxghnWRy7sal4KBr2P8m7Iusm8j0aCNLZ3nYjJSywWZxiqqrcpnhFuTD//FPIEhXOu2sk2FEP7YsA9TdL8mAruxy/6Ys2pRC2dQhBtmkEOyEGiBnk3ioT5iCw/Qqe+pU0yaYu69vPyAFCuazBMopPcOuRxFgKvrfCPVqcQb3HERJh5eiW5+5Vg3RwoByQUtQMK5PDBVWPo9srB0Q9Aw9DXmeJCgdtFJqhhh4SR+al /home/jenkins/workspace/sshagent@tmp/private_key",b);
//check that we don't accidentally start exporting sensitive info to the log
r.assertLogContains(String.format("ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDhvmTBXRnSbtpnkt/Ldw7ws4LFdoX9oI+5NexgpBC4Otqbn8+Ui6FGWeYflOQUcl3rgmBxsHIeFnPr9qSvgME1TWPIyHSQh2kPMd3NQgkEvioBxghnWRy7sal4KBr2P8m7Iusm8j0aCNLZ3nYjJSywWZxiqqrcpnhFuTD//FPIEhXOu2sk2FEP7YsA9TdL8mAruxy/6Ys2pRC2dQhBtmkEOyEGiBnk3ioT5iCw/Qqe+pU0yaYu69vPyAFCuazBMopPcOuRxFgKvrfCPVqcQb3HERJh5eiW5+5Vg3RwoByQUtQMK5PDBVWPo9srB0Q9Aw9DXmeJCgdtFJqhhh4SR+al /home/jenkins/workspace/%s@tmp/private_key", jobIdentifier),b);
//check that we don't accidentally start exporting sensitive info to the log
r.assertLogNotContains("secret_passphrase", b);
r.assertLogNotContains("Error connecting to agent: No such file or directory", b);
}


@Issue({ "JENKINS-47225", "JENKINS-42582" })
@Test
public void sshagent() throws Exception {
setupSSHCredentials();

WorkflowJob p = r.jenkins.createProject(WorkflowJob.class, "sshagent");
p.setDefinition(new CpsFlowDefinition(loadPipelineScript("sshagent.groovy"), true));
WorkflowRun b = p.scheduleBuild2(0).waitForStart();
assertNotNull(b);
r.waitForCompletion(b);
assertLogs(b, "sshagent");

}

@Test
public void sshagentFromYaml() throws Exception {

setupSSHCredentials();
WorkflowJob p = r.jenkins.createProject(WorkflowJob.class, "sshagentfromyaml");
p.setDefinition(new CpsFlowDefinition(loadPipelineScript("sshagentfromyaml.groovy"), true));
WorkflowRun b = p.scheduleBuild2(0).waitForStart();
assertNotNull(b);
r.waitForCompletion(b);
assertLogs(b, "sshagentfromyaml");
}

@Test
public void sshagentPipeline() throws Exception {

setupSSHCredentials();
WorkflowJob p = r.jenkins.createProject(WorkflowJob.class, "sshagentpipeline");
p.setDefinition(new CpsFlowDefinition(loadPipelineScript("sshagentpipeline.groovy"), true));
WorkflowRun b = p.scheduleBuild2(0).waitForStart();
assertNotNull(b);
r.waitForCompletion(b);
assertLogs(b, "sshagentpipeline");
}

@Test
public void sshagentPipelineFromYaml() throws Exception {

setupSSHCredentials();
WorkflowJob p = r.jenkins.createProject(WorkflowJob.class, "sshagentpipelinefromyaml");
p.setDefinition(new CpsFlowDefinition(loadPipelineScript("sshagentpipelinefromyaml.groovy"), true));
WorkflowRun b = p.scheduleBuild2(0).waitForStart();
assertNotNull(b);
r.waitForCompletion(b);
assertLogs(b, "sshagentpipelinefromyaml");
}
}
9 changes: 8 additions & 1 deletion src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/sshagent.groovy
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,14 @@ podTemplate(label: 'mypod', containers: [
sshagent (credentials: ['ContainerExecDecoratorPipelineTest-sshagent']) {
sh 'env'
sh 'ssh-add -L'
sh 'ssh -vT -o "StrictHostKeyChecking=no" git@github.com'
sh 'ssh -vT -o "StrictHostKeyChecking=no" git@github.com || exit 0'
}
}
sshagent (credentials: ['ContainerExecDecoratorPipelineTest-sshagent']) {
container('ssh-client') {
sh 'env'
sh 'ssh-add -L'
sh 'ssh -vT -o "StrictHostKeyChecking=no" git@github.com || exit 0'
}
}
}
Expand Down
33 changes: 33 additions & 0 deletions src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/sshagentfromyaml.groovy
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
podTemplate(label: 'mypod', yaml: """
apiVersion: v1
kind: Pod
metadata:
spec:
containers:
- name: ssh-client
image: kroniak/ssh-client:3.6
command:
- cat
tty: true
"""
)
{
node ('mypod') {
stage('container log') {
container('ssh-client') {
sshagent (credentials: ['ContainerExecDecoratorPipelineTest-sshagent']) {
sh 'env'
sh 'ssh-add -L'
sh 'ssh -vT -o "StrictHostKeyChecking=no" git@github.com || exit 0'
}
}
sshagent (credentials: ['ContainerExecDecoratorPipelineTest-sshagent']) {
container('ssh-client') {
sh 'env'
sh 'ssh-add -L'
sh 'ssh -vT -o "StrictHostKeyChecking=no" git@github.com || exit 0'
}
}
}
}
}
36 changes: 36 additions & 0 deletions src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/sshagentpipeline.groovy
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
pipeline {
agent {
kubernetes {
label "sshagent"
containerTemplate {
name 'ssh-client'
image 'kroniak/ssh-client:3.6'
workingDir '/home/jenkins'
ttyEnabled true
command 'cat'
}
}
}


stages{
stage('container log') {
steps{
container('ssh-client') {
sshagent (credentials: ['ContainerExecDecoratorPipelineTest-sshagent']) {
sh 'env'
sh 'ssh-add -L'
sh 'ssh -vT -o "StrictHostKeyChecking=no" git@github.com || exit 0'
}
}
sshagent (credentials: ['ContainerExecDecoratorPipelineTest-sshagent']) {
container('ssh-client') {
sh 'env'
sh 'ssh-add -L'
sh 'ssh -vT -o "StrictHostKeyChecking=no" git@github.com || exit 0'
}
}
}
}
}
}
40 changes: 40 additions & 0 deletions ...esources/org/csanchez/jenkins/plugins/kubernetes/pipeline/sshagentpipelinefromyaml.groovy
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
pipeline {
agent {
kubernetes {
label "sshagent"
yaml """
apiVersion: v1
kind: Pod
metadata:
spec:
containers:
- name: ssh-client
image: kroniak/ssh-client:3.6
command:
- cat
tty: true
"""
}
}

stages{
stage('container log') {
steps{
container('ssh-client') {
sshagent (credentials: ['ContainerExecDecoratorPipelineTest-sshagent']) {
sh 'env'
sh 'ssh-add -L'
sh 'ssh -vT -o "StrictHostKeyChecking=no" git@github.com || exit 0'
}
}
sshagent (credentials: ['ContainerExecDecoratorPipelineTest-sshagent']) {
container('ssh-client') {
sh 'env'
sh 'ssh-add -L'
sh 'ssh -vT -o "StrictHostKeyChecking=no" git@github.com || exit 0'
}
}
}
}
}
}

0 comments on commit 3488e1f

Please sign in to comment.