Hi guys,
I have a Credentials plugin question. My plugin uses an API Token to
access our API. We have users store their token as a ‘Secret Text’
Credential in the Credentials plugin. They can then choose it from a
dropdown in the plugin’s Config UI.
I have the plugin working and accessing the Credentials, but what I’m
confused about is correctly restricting which Credentials the plugin can
see. This plugin can be used in both Freestyle and Pipeline jobs, and can
be run on Slave Nodes as well the master Jenkins server.
So, here are my questions:
- What Credentials Scopes is it appropriate for plugin to access? I’m
able to store the Credential ID, and retrieve the Secret for both 'Global'
and 'System' types of Credentials, but it sounds like only ‘Global’
Credentials are intended to be used by Jobs. Is this correct?
- The functions ‘StandardListBoxModel.includeMatchingAs()’ and
‘CredentialsProvider.listCredentials()’ take an ‘Item’ context as a one of
the fields. I’m confused as to how this is used to restrict the search
results. For example, when using this to populate the dropdown list of
API Token Credentials in the Job Config UI, if I pass in the
‘@AncestorInPath Item’ context, and I am restricted to ‘Global’ Scope
Credentials. However, if I switch from passing the ‘Item’ and use
‘Jenkins.getInstance()’, I can see both ‘System’ and ‘Global’ Scope
Credentials.
- Why are these 2 contexts giving me different results, and which one
is correct to use?
- These functions also take an 'Authentication' field, and I am using
‘ACL.SYSTEM’ here, is this correct, and why/why not?
Thanks,
Andrew
--
You received this message because you are subscribed to the Google Groups
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-dev/03a3ec0a-7ffc-48e3-9d12-5ed5b22782ba%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
