Permalink
Browse files

Merge branch 'master' into tests

  • Loading branch information...
MadsNielsen committed Feb 14, 2018
2 parents 3006740 + 925a17a commit b8e392d110d417edeb4c4a06ab3dbf3ecac81117
View
@@ -173,5 +173,7 @@ Here is a list of plugin we have successfuly tested to support configuration-as-
- [x] ldap plugin ([details](demos/ldap/README.md))
- [x] mailer plugin with some limitations ([details](demos/mailer/README.md))
- [x] tfs plugin with some limitations ([details](demos/tfs/README.md))
- [x] workflow-cps-global-lib _aka_ "global libraries" ([details](demos/workflow-cps-global-lib/README.md))
- [x] workflow-cps-global-lib _aka_ "global libraries" ([details](demos/workflow-cps-global-lib/README.md))
- [x] matrix-auth-plugin ([details](demos/global-matrix-auth/README.md))
- [ ] role-strategy-plugin ([details](demos/role-strategy-auth/README.md))
- [ ] more to come soon...
@@ -44,3 +44,45 @@ we consider the `Impl` suffix as a common pattern to flag implementation class.
=> symbol name is `usernamePassword`
## Examples
A list of some of the more common credentials.
### SSH Credentials
Example that uses the [SSH credentials plugin](https://plugins.jenkins.io/ssh-credentials)
```yaml
credentials:
system:
? name: "test.com"
description: "test.com domain"
specifications:
- hostnameSpecification:
includes:
- "*.test.com"
: - usernamePassword:
scope: SYSTEM
id: sudo_password
username: root
password: ${SUDO_PASSWORD}
? # "global"
- basicSSHUserPrivateKey:
scope: SYSTEM
id: ssh_with_passprase
username: ssh_root
passphrase: ${SSH_KEY_PASSWORD}
description: "SSH passphrase with private key file"
privateKeySource:
fileOnMaster:
keyStoreFile: /docker/secret/id_rsa_2
- basicSSHUserPrivateKey:
scope: SYSTEM
id: ssh_with_passprase_provided
username: ssh_root
passphrase: ${SSH_KEY_PASSWORD}
description: "SSH passphrase with private key file. Private key provided"
privateKeySource:
directEntry:
privateKey: ${SSH_PRIVATE_KEY}
```
@@ -0,0 +1,22 @@
# matrix-auth-plugin
## Limitations
Project based matrix authentication is on it's way.
## sample-configuration
```yaml
jenkins:
authorizationStrategy:
globalMatrix:
grantedPermissions:
- group:
name: "anonymous"
permissions:
- "Overall/Read"
- group
name: "authenticated"
permissions:
- "Overall/Administer"
```
@@ -0,0 +1,7 @@
# role-strategy-plugin
https://plugins.jenkins.io/role-strategy
## sample
TODO
@@ -1,5 +1,6 @@
package org.jenkinsci.plugins.casc;
import com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey;
import com.cloudbees.plugins.credentials.CredentialsProvider;
import com.cloudbees.plugins.credentials.common.CertificateCredentials;
import com.cloudbees.plugins.credentials.common.UsernamePasswordCredentials;
@@ -27,6 +28,7 @@
@Rule
public RuleChain chain = RuleChain.outerRule(new EnvVarsRule()
.env("SUDO_PASSWORD", "1234")
.env("SSH_PRIVATE_KEY", "s3cr3t")
.env("SSH_KEY_PASSWORD", "ABCD"))
.around(new JenkinsConfiguredWithCodeRule());
@@ -46,5 +48,8 @@ public void configure_system_credentials() throws Exception {
assertThat(certs, hasSize(1));
assertThat(certs.get(0).getPassword().getPlainText(), equalTo("ABCD"));
List<BasicSSHUserPrivateKey> sshPrivateKeys = CredentialsProvider.lookupCredentials(BasicSSHUserPrivateKey.class, j.jenkins, ACL.SYSTEM, Collections.EMPTY_LIST);
assertThat(sshPrivateKeys, hasSize(2));
assertThat(sshPrivateKeys.get(0).getPassphrase().getPlainText(), equalTo("ABCD"));
}
}
@@ -19,4 +19,26 @@ credentials:
keyStoreSource:
fileOnMaster:
keyStoreFile: /docker/secret/id_rsa
- basicSSHUserPrivateKey:
scope: SYSTEM
id: ssh_with_passprase
username: ssh_root
passphrase: ${SSH_KEY_PASSWORD}
description: "SSH passphrase with private key file"
privateKeySource:
fileOnMaster:
keyStoreFile: /docker/secret/id_rsa_2
- basicSSHUserPrivateKey:
scope: SYSTEM
id: ssh_with_passprase_provided
username: ssh_root
passphrase: ${SSH_KEY_PASSWORD}
description: "SSH passphrase with private key file. Private key provided"
privateKeySource:
directEntry:
privateKey: ${SSH_PRIVATE_KEY}

0 comments on commit b8e392d

Please sign in to comment.