use of com.cloudbees.plugins.credentials.impl.CertificateCredentialsImpl.UploadedKeyStoreSource in project configuration-as-code-plugin by jenkinsci.
the class CredentialsReadmeTest method testGlobalScopedCredentials.
@Test
@ConfiguredWithReadme("credentials/README.md#1")
@Envs({ @Env(name = "SSH_KEY_PASSWORD", value = PASSPHRASE), @Env(name = "SSH_PRIVATE_KEY", value = PRIVATE_KEY), @Env(name = "SSH_PRIVATE_FILE_PATH", value = "private-key.pem"), @Env(name = "SOME_USER_PASSWORD", value = PASSWORD), @Env(name = "SECRET_TEXT", value = TEXT), @Env(name = "AWS_ACCESS_KEY", value = ACCESS_KEY), @Env(name = "AWS_SECRET_ACCESS_KEY", value = SECRET_ACCESS_KEY), @Env(name = "SECRET_FILE_PATH", value = MYSECRETFILE_TXT), @Env(name = "SECRET_PASSWORD_CERT", value = PASSWORD), @Env(name = "SECRET_CERT_FILE_PATH", value = TEST_CERT) })
public void testGlobalScopedCredentials() throws Exception {
List<Credentials> creds = CredentialsProvider.lookupCredentials(Credentials.class, Jenkins.get(), null, Collections.emptyList());
assertThat(creds, hasSize(8));
for (Credentials credentials : creds) {
if (credentials instanceof BasicSSHUserPrivateKey) {
BasicSSHUserPrivateKey key = (BasicSSHUserPrivateKey) credentials;
assertThat(key.getPassphrase(), hasPlainText(PASSPHRASE));
assertThat(key.getPrivateKey(), equalTo(PRIVATE_KEY));
assertThat(key.getId(), anyOf(is("ssh_with_passphrase_provided"), is("ssh_with_passphrase_provided_via_file")));
assertThat(key.getUsername(), is("ssh_root"));
assertThat(key.getScope(), is(CredentialsScope.SYSTEM));
} else if (credentials instanceof UsernamePasswordCredentials) {
UsernamePasswordCredentials user = (UsernamePasswordCredentials) credentials;
assertThat(user.getUsername(), is("some-user"));
assertThat(user.getPassword(), hasPlainText(PASSWORD));
assertThat(user.getScope(), is(CredentialsScope.GLOBAL));
} else if (credentials instanceof StringCredentials) {
StringCredentials string = (StringCredentials) credentials;
assertThat(string.getId(), is("secret-text"));
assertThat(string.getSecret(), hasPlainText(TEXT));
assertThat(string.getScope(), is(CredentialsScope.GLOBAL));
} else if (credentials instanceof AWSCredentialsImpl) {
AWSCredentialsImpl aws = (AWSCredentialsImpl) credentials;
assertThat(aws.getId(), is("AWS"));
assertThat(aws.getAccessKey(), equalTo(ACCESS_KEY));
assertThat(aws.getSecretKey(), hasPlainText(SECRET_ACCESS_KEY));
assertThat(aws.getScope(), is(CredentialsScope.GLOBAL));
} else if (credentials instanceof FileCredentials) {
FileCredentials file = (FileCredentials) credentials;
assertThat(file.getId(), anyOf(is("secret-file"), is("secret-file_via_binary_file")));
assertThat(file.getFileName(), is(MYSECRETFILE_TXT));
String fileContent = IOUtils.toString(file.getContent(), StandardCharsets.UTF_8);
assertThat(fileContent, containsString("SUPER SECRET"));
assertThat(file.getScope(), is(CredentialsScope.GLOBAL));
} else if (credentials instanceof CertificateCredentialsImpl) {
CertificateCredentialsImpl cert = (CertificateCredentialsImpl) credentials;
assertThat(cert.getId(), is("secret-certificate"));
assertThat(cert.getPassword(), hasPlainText(PASSWORD));
byte[] fileContent = Files.readAllBytes(Paths.get(getClass().getResource(TEST_CERT).toURI()));
SecretBytes secretBytes = SecretBytes.fromString(Base64.getEncoder().encodeToString(fileContent));
UploadedKeyStoreSource keyStoreSource = (UploadedKeyStoreSource) cert.getKeyStoreSource();
assertThat(keyStoreSource.getUploadedKeystore().getPlainData(), is(secretBytes.getPlainData()));
assertThat(cert.getKeyStore().containsAlias("1"), is(true));
assertThat(cert.getKeyStore().getCertificate("1").getType(), is("X.509"));
assertThat(CredentialsNameProvider.name(cert), is("EMAILADDRESS=me@myhost.mydomain, CN=pkcs12, O=Fort-Funston, L=SanFrancisco, ST=CA, C=US (my secret cert)"));
assertThat(cert.getScope(), is(CredentialsScope.GLOBAL));
}
}
}
Aggregations