I have tried and it doesnt work.. call it a bug or whatever, but i just confirmed from the source code of this plugin , where one commit in the unit test folder says:
ReadFileOnMaster etc. did not actually work. Simpler and better to writeReplace a DirectEntryPrivateKeySource. Source : https://github.com/jenkinsci/ssh-credentials-plugin/commit/1a17d759c5c559ae050681364703dd5f02b5e0f0 sad :// I will prefer giving a path to my ssh private key instead of entering it from a groovy script .. On Tuesday, January 27, 2015 at 5:32:39 AM UTC-8, Kenneth Baltrinic wrote: > > Its me again--still trying to configure Jenkins via Chef. In this case I > have extracted from the opscode Jenkins cookbook their script for creating > ssh credentials and have attempted to modify it to create a credential from > a UserPrivateKeySource instead of the DirectEntryPrivateKeySource that the > opscode script creates. Perhaps I don't understand the > UserPrivateKeySource class or its purpose correctly but I am not getting > the results I want. > > Essentially what I am trying to do is this: The cookbook has already > installed an SSH key pair in the Master Jenkins users' .ssh directory. Now > I want to programmatically create a credential in Jenkins to use that pair. > The script should be the automated equivalent of choosing the "From the > Jenkins master ~/.ssh" option in the Manage Credentials UI. It seems to me > that the UserPrivateKeySource class is what I want, but when I use it, what > I get in the UI is the "Enter Directly" option checked, with the private > key from the .ssh folder loaded into the UI!. :-( So its using the right > key, but its making it visible in the UI which is a no-no for us. > Moreover, if I go in an manual choose the right option later, the update > part of the script switches it back to "Entire Directly" on the next chef > run. > > Below is the recipe snippet containing the groovy script hat I am using to > create the credentials. Any advice on what I am doing wrong would be > greatly appreciated. > > > *jenkins_script 'create ~/.ssh credentials' do* > * command <<-EOH.gsub(/ ^{8}/, '')* > * import jenkins.model.** > * import com.cloudbees.plugins.credentials.** > * import com.cloudbees.plugins.credentials.common.** > * import com.cloudbees.plugins.credentials.domains.** > * import com.cloudbees.jenkins.plugins.sshcredentials.impl.** > * import hudson.plugins.sshslaves.*;* > > * global_domain = Domain.global()* > * credentials_store =* > * Jenkins.instance.getExtensionList(* > * 'com.cloudbees.plugins.credentials.SystemCredentialsProvider'* > * )[0].getStore()* > > * credentials = new BasicSSHUserPrivateKey(* > * CredentialsScope.GLOBAL,* > * "#{node['cvent-jenkins']['ssh-user-id']}",* > * "#{node['cvent-jenkins']['ssh-user']}",* > * new BasicSSHUserPrivateKey.UsersPrivateKeySource(),* > * "",* > * "Credential ID: #{node['cvent-jenkins']['ssh-user-id']}"* > * )* > > * // Create or update the credentials in the Jenkins instance* > * username_matcher = > CredentialsMatchers.withUsername("#{node['cvent-jenkins']['ssh-user']}")* > * available_credentials =* > * CredentialsProvider.lookupCredentials(* > * StandardUsernameCredentials.class,* > * Jenkins.getInstance(),* > * hudson.security.ACL.SYSTEM,* > * new SchemeRequirement("ssh")* > * )* > > * existing_credentials =* > * CredentialsMatchers.firstOrNull(* > * available_credentials,* > * username_matcher* > * )* > > * if(existing_credentials != null) {* > * // !!This will take an existing UserPrivateKeySource credential > and * > * // turn it into a DirectEntryPrivateKeySource credentials. :(* > * credentials_store.updateCredentials(* > * global_domain,* > * existing_credentials,* > * credentials* > * )* > * } else {* > * credentials_store.addCredentials(global_domain, credentials)* > * }* > * EOH* > *end* > -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/50846d22-ce41-4e2c-848b-66cee6590a46%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
