From a3b0024b222eb9d3b2ab45c7390e07e6fb8fd9e2 Mon Sep 17 00:00:00 2001 From: Tomas Bjerre Date: Fri, 7 Sep 2018 11:30:44 +0200 Subject: [PATCH] Adding multibranch example with credentials --- CHANGELOG.md | 11 +++- README.md | 46 ++++++++++++++++ ...ltibranch-pipeline-credentials.jenkinsfile | 52 +++++++++++++++++++ 3 files changed, 108 insertions(+), 1 deletion(-) create mode 100644 sandbox/multibranch-pipeline-credentials.jenkinsfile diff --git a/CHANGELOG.md b/CHANGELOG.md index d7d7aee..f3b6743 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,7 +1,16 @@ # Generic Webhook Plugin Changelog Changelog of Generic Webhook Plugin. +## Unreleased +### No issue + +**Adding multibranch example with credentials** + + +[3048f14d3a1674a](https://github.com/jenkinsci/generic-webhook-trigger-plugin/commit/3048f14d3a1674a) Tomas Bjerre *2018-09-07 09:30:44* + + ## 1.44 (2018-09-06 16:48:37) -### GitHub [#77](https://github.com/jenkinsci/generic-webhook-trigger-plugin/issues/77) Auth/security: can the GWT end point be reached without authenticating? *question* +### GitHub [#77](https://github.com/jenkinsci/generic-webhook-trigger-plugin/issues/77) Auth/security: can the GWT end point be reached without authenticating? *enhancement* *question* **Only impersonating if token supplied #77** diff --git a/README.md b/README.md index 810785d..0ca70e9 100644 --- a/README.md +++ b/README.md @@ -108,6 +108,8 @@ If you need the resolved values in pre build steps, like git clone, you need to This plugin can be used with the Job DSL Plugin. There is also an example int he [Violation Comments to GitLab Plugin](https://wiki.jenkins-ci.org/display/JENKINS/Violation+Comments+to+GitLab+Plugin) wiki page. +Job DSL supports injecting credenials when processing the DSL. You can use that if you want the `token` to be set from credentials. + ```groovy job('Generic Job Example') { parameters { @@ -159,6 +161,50 @@ echo $requestHeaderName This plugin can be used with the [Pipeline Multibranch Plugin](https://jenkins.io/doc/pipeline/steps/workflow-multibranch/#properties-set-job-properties). Here is an example: +You can use the credentials plugin to provide the `token` from credentials. +```groovy +withCredentials([string(credentialsId: 'mycredentialsid', variable: 'credentialsVariable')]) { + properties([ + pipelineTriggers([ + [$class: 'GenericTrigger', + ... + token: credentialsVariable, + ... + ] + ]) + ]) +} +``` + +Perhaps you want a different `token` for each job. + +```groovy + properties([ + pipelineTriggers([ + [$class: 'GenericTrigger', + ... + token: env.JOB_NAME, + ... + ] + ]) + ]) +``` + +Or have a credentials string prefixed with the job name. +```groovy +withCredentials([string(credentialsId: 'mycredentialsid', variable: 'credentialsVariable')]) { + properties([ + pipelineTriggers([ + [$class: 'GenericTrigger', + ... + token: env.JOB_NAME + credentialsVariable, + ... + ] + ]) + ]) +} +``` + With a scripted Jenkinsfile like this: ```groovy diff --git a/sandbox/multibranch-pipeline-credentials.jenkinsfile b/sandbox/multibranch-pipeline-credentials.jenkinsfile new file mode 100644 index 0000000..1eb3bb9 --- /dev/null +++ b/sandbox/multibranch-pipeline-credentials.jenkinsfile @@ -0,0 +1,52 @@ +/* + * curl -X POST -H "Content-Type: application/json" -H "headerWithNumber: nbr123" -H "headerWithString: a b c" -d '{ "before": "1848f12", "after": "5cab1", "ref": "refs/heads/develop" }' -vs http://admin:admin@localhost:8080/jenkins/generic-webhook-trigger/invoke?requestWithNumber=nbr%20123\&requestWithString=a%20string + */ +node { + +withCredentials([string(credentialsId: 'mycredentialsid', variable: 'credentialsVariable')]) { + properties([ + pipelineTriggers([ + [$class: 'GenericTrigger', + genericVariables: [ + [key: 'reference', value: '$.ref'], + [ + key: 'before', + value: '$.before', + expressionType: 'JSONPath', //Optional, defaults to JSONPath + regexpFilter: '', //Optional, defaults to empty string + defaultValue: '' //Optional, defaults to empty string + ] + ], + genericRequestVariables: [ + [key: 'requestWithNumber', regexpFilter: '[^0-9]'], + [key: 'requestWithString', regexpFilter: ''] + ], + genericHeaderVariables: [ + [key: 'headerWithNumber', regexpFilter: '[^0-9]'], + [key: 'headerWithString', regexpFilter: ''], + [key: 'X-GitHub-Event', regexpFilter: ''] + ], + token: credentialsVariable, + printContributedVariables: true, + printPostContent: true, + regexpFilterText: '', + regexpFilterExpression: '' + ] + ]) + ]) +} + + + stage("build") { + sh ''' + echo Variables from shell: + echo reference $reference + echo before $before + echo requestWithNumber $requestWithNumber + echo requestWithString $requestWithString + echo headerWithNumber $headerWithNumber + echo headerWithString $headerWithString + echo X_GitHub_Event $X_GitHub_Event + ''' + } +}