add StringCredentialsImpl support to jenkins_credentials

A side effect of the accept test changes is that AIO packages are now
used by default.

Gemfile

@@ -27,4 +27,5 @@ group :system_tests do
   gem 'beaker-rspec',  :require => false
   gem 'serverspec',    :require => false
   gem 'vagrant-wrapper',:require => false
+  gem 'beaker-puppet_install_helper', :require => false
 end

NATIVE_TYPES_AND_PROVIDERS.md

@@ -239,6 +239,7 @@ jenkins_credentials { '<id>':
 
 * `UsernamePasswordCredentialsImpl`
 * `BasicSSHUserPrivateKey`
+* `FileCredentialsImpl`
 
 XXX This type has properties for other credentials classes that are not currently supported.
 
@@ -272,6 +273,22 @@ jenkins_credentials { 'a0469025-1202-4007-983d-0c62f230f1a7':
 }
 ```
 
+#### `FileCredentialsImpl`
+
+Using this credential type requires that the jenkins `plain-credentials` plugin
+has been installed.
+
+```
+jenkins_credentials { '150b2895-b0eb-4813-b8a5-3779690c063c':
+  ensure      => 'present',
+  description => 'secret string',
+  domain      => undef,
+  impl        => 'StringCredentialsImpl',
+  scope       => 'SYSTEM',
+  secret      => '42',
+}
+```
+
 ### `jenkins_job`
 
 ```

files/puppet_helper.groovy

@@ -38,6 +38,8 @@ class InvalidAuthenticationStrategy extends Exception{}
 class UnsupportedCredentialsClass extends Exception {}
 @InheritConstructors
 class InvalidCredentialsId extends Exception {}
+@InheritConstructors
+class MissingRequiredPlugin extends Exception {}
 
 ///////////////////////////////////////////////////////////////////////////////
 // Util
@@ -554,15 +556,33 @@ class Actions {
           conf['description']
         )
         break
+      case 'StringCredentialsImpl':
+        if (! j.getPlugin('plain-credentials')) {
+          throw new MissingRequiredPlugin('plain-credentials')
+        }
+
+        // we can not declare:
+        // import org.jenkinsci.plugins.plaincredentials.impl.*
+        // if plain-credentials is not present
+        cred = this.class.classLoader.loadClass('org.jenkinsci.plugins.plaincredentials.impl.StringCredentialsImpl').newInstance(
+          // CredentialsScope is an enum
+          CredentialsScope."${conf['scope']}",
+          conf['id'],
+          conf['description'],
+          new Secret(conf['secret'])
+        )
+        break
       default:
         throw new UnsupportedCredentialsClass("unsupported " + conf['impl'])
     }
+    assert cred != null
 
     def domain = Domain.global()
     def existingCred = util.findCredentialsById(conf['id'], domain)
     def credStore = j.getExtensionList(
       'com.cloudbees.plugins.credentials.SystemCredentialsProvider'
     )[0].getStore()
+    assert credStore != null
 
     if (existingCred != null) {
       credStore.updateCredentials(domain, existingCred, cred)

lib/puppet/type/jenkins_credentials.rb

@@ -30,7 +30,9 @@
   newproperty(:impl) do
     desc 'name of the java class implimenting the credential'
     defaultto :UsernamePasswordCredentialsImpl
-    newvalues(:UsernamePasswordCredentialsImpl, :BasicSSHUserPrivateKey)
+    newvalues(:UsernamePasswordCredentialsImpl,
+              :BasicSSHUserPrivateKey,
+              :StringCredentialsImpl)
   end
 
   newproperty(:description) do

spec/acceptance/xtypes/jenkins_credentials_spec.rb

@@ -0,0 +1,136 @@
+require 'spec_helper_acceptance'
+
+describe 'jenkins_credentials' do
+  context 'ensure =>' do
+    context 'present' do
+      context 'UsernamePasswordCredentialsImpl' do
+        it 'should work with no errors' do
+          pp = <<-EOS
+          include ::jenkins
+          include ::jenkins::cli::config
+
+          jenkins_credentials { '9b07d668-a87e-4877-9407-ae05056e32ac':
+            ensure      => 'present',
+            description => 'foo',
+            domain      => undef,
+            impl        => 'UsernamePasswordCredentialsImpl',
+            password    => 'password',
+            scope       => 'GLOBAL',
+            username    => 'batman',
+          }
+          EOS
+
+          # Run it twice and test for idempotency
+          apply_manifest(pp, :catch_failures => true)
+          apply_manifest(pp, :catch_failures => true)
+        end
+
+        describe file('/var/lib/jenkins/credentials.xml') do
+          # XXX need to properly compare the XML doc
+          # trying to match anything other than the id this way might match other
+          # credentails
+          it { should contain '<id>9b07d668-a87e-4877-9407-ae05056e32ac</id>' }
+        end
+      end
+
+      context 'BasicSSHUserPrivateKey' do
+        it 'should work with no errors' do
+          pp = <<-EOS
+          include ::jenkins
+          include ::jenkins::cli::config
+
+          jenkins_credentials { 'a0469025-1202-4007-983d-0c62f230f1a7':
+            ensure      => 'present',
+            description => 'bar',
+            domain      => undef,
+            impl        => 'BasicSSHUserPrivateKey',
+            passphrase  => '',
+            private_key => '-----BEGIN RSA PRIVATE KEY----- ...',
+            scope       => 'SYSTEM',
+            username    => 'robin',
+          }
+          EOS
+
+          # Run it twice and test for idempotency
+          apply_manifest(pp, :catch_failures => true)
+          apply_manifest(pp, :catch_failures => true)
+        end
+
+        describe file('/var/lib/jenkins/credentials.xml') do
+          # XXX need to properly compare the XML doc
+          # trying to match anything other than the id this way might match other
+          # credentails
+          it { should contain '<id>a0469025-1202-4007-983d-0c62f230f1a7</id>' }
+        end
+      end
+
+      context 'StringCredentialsImpl' do
+        it 'should work with no errors' do
+          pp = <<-EOS
+          include ::jenkins
+          include ::jenkins::cli::config
+
+          jenkins::plugin { 'plain-credentials':
+            pin => true,
+          }
+
+          jenkins_credentials { '150b2895-b0eb-4813-b8a5-3779690c063c':
+            ensure      => 'present',
+            description => 'baz',
+            domain      => undef,
+            impl        => 'StringCredentialsImpl',
+            scope       => 'SYSTEM',
+            secret      => 'fluffy bunny',
+          }
+          EOS
+
+          # Run it twice and test for idempotency
+          apply_manifest(pp, :catch_failures => true)
+          apply_manifest(pp, :catch_failures => true)
+        end
+
+        describe file('/var/lib/jenkins/credentials.xml') do
+          # XXX need to properly compare the XML doc
+          # trying to match anything other than the id this way might match other
+          # credentails
+          it { should contain '<id>150b2895-b0eb-4813-b8a5-3779690c063c</id>' }
+        end
+      end
+    end # 'present' do
+
+    context 'absent' do
+      context 'StringCredentialsImpl' do
+        it 'should work with no errors' do
+          pp = <<-EOS
+          include ::jenkins
+          include ::jenkins::cli::config
+
+          jenkins::plugin { 'plain-credentials':
+            pin => true,
+          }
+
+          jenkins_credentials { '150b2895-b0eb-4813-b8a5-3779690c063c':
+            ensure      => 'absent',
+            description => 'baz',
+            domain      => undef,
+            impl        => 'StringCredentialsImpl',
+            scope       => 'SYSTEM',
+            secret      => 'fluffy bunny',
+          }
+          EOS
+
+          # Run it twice and test for idempotency
+          apply_manifest(pp, :catch_failures => true)
+          apply_manifest(pp, :catch_failures => true)
+        end
+
+        describe file('/var/lib/jenkins/credentials.xml') do
+          # XXX need to properly compare the XML doc
+          # trying to match anything other than the id this way might match other
+          # credentails
+          it { should_not contain '<id>150b2895-b0eb-4813-b8a5-3779690c063c</id>' }
+        end
+      end
+    end # 'absent' do
+  end # 'ensure =>' do
+end

spec/spec_helper_acceptance.rb

@@ -1,17 +1,14 @@
 require 'beaker-rspec/spec_helper'
 require 'beaker-rspec/helpers/serverspec'
+require 'beaker/puppet_install_helper'
 
 # Install Puppet
 unless ENV['RS_PROVISION'] == 'no'
-  # This will install the latest available package on el and deb based
-  # systems fail on windows and osx, and install via gem on other *nixes
-  foss_opts = { :default_action => 'gem_install' }
-
-  if default.is_pe?; then install_pe; else install_puppet( foss_opts ); end
-
-  hosts.each do |host|
-    on host, "mkdir -p #{host['distmoduledir']}"
-  end
+  ENV['PUPPET_INSTALL_TYPE'] ||= 'agent'
+  # puppet_install_helper does not understand pessimistic version constraints
+  # so we are ignoring PUPPET_VERSION.  Use PUPPET_INSTALL_VERSION instead.
+  ENV.delete 'PUPPET_VERSION'
+  run_puppet_install_helper
 end
 
 UNSUPPORTED_PLATFORMS = ['Suse','windows','AIX','Solaris']
@@ -28,7 +25,6 @@
     # Install module and dependencies
     hosts.each do |host|
       copy_module_to(host, :source => proj_root, :module_name => 'jenkins')
-      shell("/bin/touch #{default['puppetpath']}/hiera.yaml")
 
       on host, puppet('module install puppetlabs-stdlib'), { :acceptable_exit_codes => [0] }
       on host, puppet('module install puppetlabs-java'), { :acceptable_exit_codes => [0] }

spec/unit/puppet/provider/jenkins_credentials/cli_spec.rb

@@ -23,7 +23,16 @@
             "impl": "BasicSSHUserPrivateKey",
             "description": "bar",
             "private_key": "-----BEGIN RSA PRIVATE KEY-----",
+            "username": "robin",
             "passphrase": ""
+        },
+        {
+            "id": "150b2895-b0eb-4813-b8a5-3779690c063c",
+            "domain": null,
+            "scope": "SYSTEM",
+            "impl": "StringCredentialsImpl",
+            "description": "baz",
+            "secret": "fluffy bunny"
         }
     ]
     EOS
@@ -50,6 +59,11 @@
       [
         'private_key',
         'passphrase',
+        'secret',
+        'file_name',
+        'content',
+        'source',
+        'key_store_impl'
       ].each do |k|
         expect(provider.public_send(k.to_sym)).to eq :absent
       end
@@ -67,15 +81,52 @@
         'scope',
         'impl',
         'description',
+        'username',
         'private_key',
         'passphrase',
       ].each do |k|
         expect(provider.public_send(k.to_sym)).to eq cred[k].nil? ? :undef : cred[k]
       end
 
+      [
+        'password',
+        'secret',
+        'file_name',
+        'content',
+        'source',
+        'key_store_impl'
+      ].each do |k|
+        expect(provider.public_send(k.to_sym)).to eq :absent
+      end
+
+    end
+  end
+
+  shared_examples "a provider from example hash 3" do
+    it do
+      cred = credentials[2]
+
+      expect(provider.name).to eq cred['id']
+      expect(provider.ensure).to eq :present
+      [
+        'domain',
+        'scope',
+        'impl',
+        'description',
+        'secret',
+      ].each do |k|
+        expect(provider.public_send(k.to_sym)).to eq cred[k].nil? ? :undef : cred[k]
+      end
+
       [
         'username',
         'password',
+        'private_key',
+        'passphrase',
+        'file_name',
+        'content',
+        'source',
+        'key_store_impl'
       ].each do |k|
         expect(provider.public_send(k.to_sym)).to eq :absent
       end
@@ -93,7 +144,7 @@
       end
 
       it "should return the correct number of instances" do
-        expect(described_class.instances.size).to eq 2
+        expect(described_class.instances.size).to eq 3
       end
 
       context "first instance returned" do
@@ -111,6 +162,14 @@
           end
         end
       end
+
+      context "third instance returned" do
+        it_behaves_like "a provider from example hash 3" do
+          let(:provider) do
+            described_class.instances[2]
+          end
+        end
+      end
     end
 
     context "when called with a catalog param" do
@@ -166,6 +225,12 @@
         described_class.send :from_hash, credentials[1]
       end
     end
+
+    it_behaves_like "a provider from example hash 3" do
+      let(:provider) do
+        described_class.send :from_hash, credentials[2]
+      end
+    end
   end # ::from_hash
 
   describe '::to_hash' do

spec/unit/puppet/type/jenkins_credentials_spec.rb

@@ -28,7 +28,8 @@
         :UsernamePasswordCredentialsImpl,
         [
           :UsernamePasswordCredentialsImpl,
-          :BasicSSHUserPrivateKey
+          :BasicSSHUserPrivateKey,
+          :StringCredentialsImpl,
         ]
     end