Feature: Custom AWS client configuration

[chriskilding]

Add a custom AWS client configuration feature.

It should have these settings:

• credentials provider (default, profile, assumeRole)
• endpoint configuration
• region

[chriskilding]

To do: Change the "Test Endpoint Configuration" button to "Test Client" - want to let users test all the client options they've set together.

[chriskilding]

Confirmed working in a real installation.

The AWS SecretSource implementation does not use this configuration feature, which could cause confusion if we merge this feature now. So ideally we would remove the SecretSource dependency before merging this feature.

[parmou]

@chriskilding can you implement this now as the SecretSource dependency is now removed. I think this will help because right now the plugin makes use of the node role instead of pod role. #172 . I want to use a custom role. If there is a way of doing it without this, I sure can use some help.

[chriskilding]

Yep - that was the plan for removing the SecretSource, to unblock features like this.

The first feature I reworked, and want to get in to the plugin, is credential renaming (#40). This feature was asked for some time ago, however I've not yet found someone to beta test it. Would you be willing to do that?

Ideally, after that's merged then I can rework this PR and add it.

[chriskilding]

I'm reworking this PR in the meantime to catch it up with all the recent changes. I get 3 tests that fail in (WebCredentialsProviderIT) but for different reasons depending on whether they're run locally or on CI...

---

Sometimes they fail claiming that the ListSecrets config class has no descriptor. This is quite weird because (a) ListSecrets has not been modified in this pull request and (b) it definitely does have a descriptor.

---

Sometimes they fail due to:

Caused by: java.lang.IndexOutOfBoundsException: Index 0 out of bounds for length 0
	at java.base/jdk.internal.util.Preconditions.outOfBounds(Preconditions.java:64)
	at java.base/jdk.internal.util.Preconditions.outOfBoundsCheckIndex(Preconditions.java:70)
	at java.base/jdk.internal.util.Preconditions.checkIndex(Preconditions.java:248)
	at java.base/java.util.Objects.checkIndex(Objects.java:372)
	at java.base/java.util.ArrayList.get(ArrayList.java:459)
	at io.jenkins.plugins.credentials.secretsmanager.config.client.credentialsProvider.WebCredentialsProviderIT$EnhancedForm.setClientCredentialsProviderSelect(WebCredentialsProviderIT.java:66)
	at io.jenkins.plugins.credentials.secretsmanager.config.client.credentialsProvider.WebCredentialsProviderIT$EnhancedForm.setClientWithSTSAssumeRoleSessionCredentialsProvider(WebCredentialsProviderIT.java:60)
	at io.jenkins.plugins.credentials.secretsmanager.config.client.credentialsProvider.WebCredentialsProviderIT.lambda$setCredentialsProvider$1(WebCredentialsProviderIT.java:29)

My guess here is that it tries to find the HTML <select> element where it specifies Default, Profile, or STS AssumeRole, and fails to do so for some reason.

[chriskilding]

@parveshmourya I've now reworked the feature and got the build back to green. I need someone to test the feature in a real (non-production) Jenkins installation to ensure it works. Would you be able to test it? If so I'll send you a link to a beta build of the plugin .hpi. Alternatively you can build it from source on this branch.

[parmou]

@chriskilding yeah, please share the link. I will try to test this, during the weekend or maybe in the coming week.

[chriskilding]

Here's the link from the Jenkins Incrementals repo:

https://repo.jenkins-ci.org/incrementals/io/jenkins/plugins/aws-secrets-manager-credentials-provider/1.0.1-rc176.a_e580b_9224d4/aws-secrets-manager-credentials-provider-1.0.1-rc176.a_e580b_9224d4.hpi

[chriskilding]

@parveshmourya any update on this?

[parmou]

@chriskilding apologies for the super-delay. We decided to hold on to our jenkins changes some time ago and I did not get the time to test it.

[chriskilding]

Thanks for coming back to me, I got some feedback that the feature worked as intended so I went ahead and merged it. The feature is available in recent releases of the plugin.