Search in sources :

Example 1 with AWSCredentialsImpl

use of com.cloudbees.jenkins.plugins.awscredentials.AWSCredentialsImpl in project configuration-as-code-plugin by jenkinsci.

the class CredentialsReadmeTest method testGlobalScopedCredentials.

@Test
@ConfiguredWithReadme("credentials/README.md#1")
@Envs({ @Env(name = "SSH_KEY_PASSWORD", value = PASSPHRASE), @Env(name = "SSH_PRIVATE_KEY", value = PRIVATE_KEY), @Env(name = "SSH_PRIVATE_FILE_PATH", value = "private-key.pem"), @Env(name = "SOME_USER_PASSWORD", value = PASSWORD), @Env(name = "SECRET_TEXT", value = TEXT), @Env(name = "AWS_ACCESS_KEY", value = ACCESS_KEY), @Env(name = "AWS_SECRET_ACCESS_KEY", value = SECRET_ACCESS_KEY), @Env(name = "SECRET_FILE_PATH", value = MYSECRETFILE_TXT), @Env(name = "SECRET_PASSWORD_CERT", value = PASSWORD), @Env(name = "SECRET_CERT_FILE_PATH", value = TEST_CERT) })
public void testGlobalScopedCredentials() throws Exception {
    List<Credentials> creds = CredentialsProvider.lookupCredentials(Credentials.class, Jenkins.get(), null, Collections.emptyList());
    assertThat(creds, hasSize(8));
    for (Credentials credentials : creds) {
        if (credentials instanceof BasicSSHUserPrivateKey) {
            BasicSSHUserPrivateKey key = (BasicSSHUserPrivateKey) credentials;
            assertThat(key.getPassphrase(), hasPlainText(PASSPHRASE));
            assertThat(key.getPrivateKey(), equalTo(PRIVATE_KEY));
            assertThat(key.getId(), anyOf(is("ssh_with_passphrase_provided"), is("ssh_with_passphrase_provided_via_file")));
            assertThat(key.getUsername(), is("ssh_root"));
            assertThat(key.getScope(), is(CredentialsScope.SYSTEM));
        } else if (credentials instanceof UsernamePasswordCredentials) {
            UsernamePasswordCredentials user = (UsernamePasswordCredentials) credentials;
            assertThat(user.getUsername(), is("some-user"));
            assertThat(user.getPassword(), hasPlainText(PASSWORD));
            assertThat(user.getScope(), is(CredentialsScope.GLOBAL));
        } else if (credentials instanceof StringCredentials) {
            StringCredentials string = (StringCredentials) credentials;
            assertThat(string.getId(), is("secret-text"));
            assertThat(string.getSecret(), hasPlainText(TEXT));
            assertThat(string.getScope(), is(CredentialsScope.GLOBAL));
        } else if (credentials instanceof AWSCredentialsImpl) {
            AWSCredentialsImpl aws = (AWSCredentialsImpl) credentials;
            assertThat(aws.getId(), is("AWS"));
            assertThat(aws.getAccessKey(), equalTo(ACCESS_KEY));
            assertThat(aws.getSecretKey(), hasPlainText(SECRET_ACCESS_KEY));
            assertThat(aws.getScope(), is(CredentialsScope.GLOBAL));
        } else if (credentials instanceof FileCredentials) {
            FileCredentials file = (FileCredentials) credentials;
            assertThat(file.getId(), anyOf(is("secret-file"), is("secret-file_via_binary_file")));
            assertThat(file.getFileName(), is(MYSECRETFILE_TXT));
            String fileContent = IOUtils.toString(file.getContent(), StandardCharsets.UTF_8);
            assertThat(fileContent, containsString("SUPER SECRET"));
            assertThat(file.getScope(), is(CredentialsScope.GLOBAL));
        } else if (credentials instanceof CertificateCredentialsImpl) {
            CertificateCredentialsImpl cert = (CertificateCredentialsImpl) credentials;
            assertThat(cert.getId(), is("secret-certificate"));
            assertThat(cert.getPassword(), hasPlainText(PASSWORD));
            byte[] fileContent = Files.readAllBytes(Paths.get(getClass().getResource(TEST_CERT).toURI()));
            SecretBytes secretBytes = SecretBytes.fromString(Base64.getEncoder().encodeToString(fileContent));
            UploadedKeyStoreSource keyStoreSource = (UploadedKeyStoreSource) cert.getKeyStoreSource();
            assertThat(keyStoreSource.getUploadedKeystore().getPlainData(), is(secretBytes.getPlainData()));
            assertThat(cert.getKeyStore().containsAlias("1"), is(true));
            assertThat(cert.getKeyStore().getCertificate("1").getType(), is("X.509"));
            assertThat(CredentialsNameProvider.name(cert), is("EMAILADDRESS=me@myhost.mydomain, CN=pkcs12, O=Fort-Funston, L=SanFrancisco, ST=CA, C=US (my secret cert)"));
            assertThat(cert.getScope(), is(CredentialsScope.GLOBAL));
        }
    }
}
Also used : AWSCredentialsImpl(com.cloudbees.jenkins.plugins.awscredentials.AWSCredentialsImpl) UploadedKeyStoreSource(com.cloudbees.plugins.credentials.impl.CertificateCredentialsImpl.UploadedKeyStoreSource) SecretBytes(com.cloudbees.plugins.credentials.SecretBytes) FileCredentials(org.jenkinsci.plugins.plaincredentials.FileCredentials) CertificateCredentialsImpl(com.cloudbees.plugins.credentials.impl.CertificateCredentialsImpl) StringCredentials(org.jenkinsci.plugins.plaincredentials.StringCredentials) Matchers.containsString(org.hamcrest.Matchers.containsString) Credentials(com.cloudbees.plugins.credentials.Credentials) StringCredentials(org.jenkinsci.plugins.plaincredentials.StringCredentials) StandardUsernamePasswordCredentials(com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials) UsernamePasswordCredentials(com.cloudbees.plugins.credentials.common.UsernamePasswordCredentials) FileCredentials(org.jenkinsci.plugins.plaincredentials.FileCredentials) BasicSSHUserPrivateKey(com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey) StandardUsernamePasswordCredentials(com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials) UsernamePasswordCredentials(com.cloudbees.plugins.credentials.common.UsernamePasswordCredentials) Test(org.junit.Test) Envs(io.jenkins.plugins.casc.misc.Envs) ConfiguredWithReadme(io.jenkins.plugins.casc.misc.ConfiguredWithReadme)

Aggregations

AWSCredentialsImpl (com.cloudbees.jenkins.plugins.awscredentials.AWSCredentialsImpl)1 BasicSSHUserPrivateKey (com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey)1 Credentials (com.cloudbees.plugins.credentials.Credentials)1 SecretBytes (com.cloudbees.plugins.credentials.SecretBytes)1 StandardUsernamePasswordCredentials (com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials)1 UsernamePasswordCredentials (com.cloudbees.plugins.credentials.common.UsernamePasswordCredentials)1 CertificateCredentialsImpl (com.cloudbees.plugins.credentials.impl.CertificateCredentialsImpl)1 UploadedKeyStoreSource (com.cloudbees.plugins.credentials.impl.CertificateCredentialsImpl.UploadedKeyStoreSource)1 ConfiguredWithReadme (io.jenkins.plugins.casc.misc.ConfiguredWithReadme)1 Envs (io.jenkins.plugins.casc.misc.Envs)1 Matchers.containsString (org.hamcrest.Matchers.containsString)1 FileCredentials (org.jenkinsci.plugins.plaincredentials.FileCredentials)1 StringCredentials (org.jenkinsci.plugins.plaincredentials.StringCredentials)1 Test (org.junit.Test)1