Re: Create UserPrivateKeySource Credential via Groovy?

[Imran Hayder]

OK I FINALLY GOT IT WORKING:))
thanks to your code.
your code works perfectly fine for me ...i just skimmed it down to use 
"UsersPrivateSource" method ..
i ran it against a live jenkins instance and worked right away:)
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////

 import jenkins.model.*
        import com.cloudbees.plugins.credentials.*
        import com.cloudbees.plugins.credentials.common.*
        import com.cloudbees.plugins.credentials.domains.*
        import com.cloudbees.jenkins.plugins.sshcredentials.impl.*
        import hudson.plugins.sshslaves.*;

        global_domain = Domain.global()
        credentials_store =
          Jenkins.instance.getExtensionList(
            'com.cloudbees.plugins.credentials.SystemCredentialsProvider'
          )[0].getStore()
   credentials = new BasicSSHUserPrivateKey(
          CredentialsScope.GLOBAL,
          null,
          "root",
          new BasicSSHUserPrivateKey.UsersPrivateKeySource(),
          "",
          ""
        )
          credentials_store.addCredentials(global_domain, credentials)
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
On Tuesday, January 27, 2015 at 5:32:39 AM UTC-8, Kenneth Baltrinic wrote:
>
> Its me again--still trying to configure Jenkins via Chef.  In this case I 
> have extracted from the opscode Jenkins cookbook their script for creating 
> ssh credentials and have attempted to modify it to create a credential from 
> a UserPrivateKeySource instead of the DirectEntryPrivateKeySource that the 
> opscode script creates.  Perhaps I don't understand the 
> UserPrivateKeySource class or its purpose correctly but I am not getting 
> the results I want. 
>
> Essentially what I am trying to do is this:  The cookbook has already 
> installed an SSH key pair in the Master Jenkins users' .ssh directory.  Now 
> I want to programmatically create a credential in Jenkins to use that pair. 
>  The script should be the automated equivalent of choosing the "From the 
> Jenkins master ~/.ssh" option in the Manage Credentials UI.  It seems to me 
> that the UserPrivateKeySource class is what I want, but when I use it, what 
> I get in the UI is the "Enter Directly" option checked, with the private 
> key from the .ssh folder loaded into the UI!.  :-(  So its using the right 
> key, but its making it visible in the UI which is a no-no for us.   
> Moreover, if I go in an manual choose the right option later, the update 
> part of the script switches it back to "Entire Directly" on the next chef 
> run.  
>
> Below is the recipe snippet containing the groovy script hat I am using to 
> create the credentials.  Any advice on what I am doing wrong would be 
> greatly appreciated.
>
>
> *jenkins_script 'create ~/.ssh credentials' do*
> *    command <<-EOH.gsub(/ ^{8}/, '')*
> *        import jenkins.model.**
> *        import com.cloudbees.plugins.credentials.**
> *        import com.cloudbees.plugins.credentials.common.**
> *        import com.cloudbees.plugins.credentials.domains.**
> *        import com.cloudbees.jenkins.plugins.sshcredentials.impl.**
> *        import hudson.plugins.sshslaves.*;*
>
> *        global_domain = Domain.global()*
> *        credentials_store =*
> *          Jenkins.instance.getExtensionList(*
> *            'com.cloudbees.plugins.credentials.SystemCredentialsProvider'*
> *          )[0].getStore()*
>
> *        credentials = new BasicSSHUserPrivateKey(*
> *          CredentialsScope.GLOBAL,*
> *          "#{node['cvent-jenkins']['ssh-user-id']}",*
> *          "#{node['cvent-jenkins']['ssh-user']}",*
> *          new BasicSSHUserPrivateKey.UsersPrivateKeySource(),*
> *          "",*
> *          "Credential ID: #{node['cvent-jenkins']['ssh-user-id']}"*
> *        )*
>
> *        // Create or update the credentials in the Jenkins instance*
> *        username_matcher = 
> CredentialsMatchers.withUsername("#{node['cvent-jenkins']['ssh-user']}")*
> *        available_credentials =*
> *          CredentialsProvider.lookupCredentials(*
> *            StandardUsernameCredentials.class,*
> *            Jenkins.getInstance(),*
> *            hudson.security.ACL.SYSTEM,*
> *            new SchemeRequirement("ssh")*
> *          )*
>
> *        existing_credentials =*
> *          CredentialsMatchers.firstOrNull(*
> *            available_credentials,*
> *            username_matcher*
> *          )*
>
> *        if(existing_credentials != null) {*
> *          // !!This will take an existing UserPrivateKeySource credential 
> and *
> *          // turn it into a DirectEntryPrivateKeySource credentials. :(*
> *          credentials_store.updateCredentials(*
> *            global_domain,*
> *            existing_credentials,*
> *            credentials*
> *          )*
> *        } else {*
> *          credentials_store.addCredentials(global_domain, credentials)*
> *        }*
> *    EOH*
> *end*
>

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/01f792d8-ec19-48b0-b7ae-62824deae361%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.