Hi Jenkins Developers,
We are currently busy with adding a new feature to OSS code signing plugin.
In the current situation we store credentials (username/password) as global
in Jenkins as credentials provider. For this we use the credentials plugin.
This works well, but we want to improve this to support
FolderCredentialsProvider used in combination with the Role strategy
plugin. Currently this works okay.
1) First step we moved UI code to the simplebuildStep. This works and we
can choose and save the folder based 'global' credential. We can see this
credential in the dropdown list. So this UI and persistence part works.
Now the second part is where we see some problems occur when we execute the
job. The job is inside the folder we created the credentials.
2) When we now execute the job we use following code to lookup the
credential by credentialId.
@Nullable
public static StandardUsernamePasswordCredentials
findCredentials(String credentialsId) {
return findCredentials(credentialsId, null);
}
@Nullable
public static StandardUsernamePasswordCredentials
findCredentials(String credentialsId, Item item) {
if (StringUtils.isBlank(credentialsId)) {
return null;
}
return CredentialsMatchers.firstOrNull(
CredentialsProvider.lookupCredentials(
StandardUsernamePasswordCredentials.class,
item,
ACL.SYSTEM,
Collections.emptyList()),
CredentialsMatchers.allOf(
CredentialsMatchers.withId(credentialsId),
CredentialsMatchers.anyOf(
CredentialsMatchers.instanceOf(StandardUsernamePasswordCredentials.class))));
}
This code executes but throws an exception (as defined by us) that the
credentialID is not found. I can see that this ID corresponds to the folder
based credential.
When updating the configuration with a Jenkins global credential everything
works.
To summarise : Seems that we currently still only can see Jenkins global
credentials instead of folder global credentials we want to include as well.
We already tried to look deeper into credentials API, but don't find a good
hint, so looking for a suggestion here. The job is started by an admin user
and running as SYSTEM.
How can we include both Jenkins and folder provider credentials in the
lookup, so both can be matched ? Currently the folder credentials are not
found.
Any help here is welcome. I think we just oversee something here
--
You received this message because you are subscribed to the Google Groups
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-dev/a33f9274-b484-4f74-ae0d-384c0ff3ba85n%40googlegroups.com.
