Merge pull request #227 from madAndroid/allow_credentials_uuid

Add parameter to set user uuid in jenkins::credentials define
voxpupuli · Aug 9, 2015 · 040b271 · 040b271
2 parents 03bdb74 + f361dd0
commit 040b271
Show file tree

Hide file tree

Showing 4 changed files with 67 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -301,6 +301,24 @@ private key:
     }
 ```
 
+*_Setting a UUID:_*
+
+You can also specify a UUID to use with the credentials, which will be used to
+identify the credentials from within the job config. This is necessary when setting
+credentials for use with the [git plugin](http://docs.openstack.org/infra/jenkins-job-builder/scm.html#scm.git), for example.
+
+You can either manually generate a UUID from a site like https://www.uuidgenerator.net,
+or use the UUID from an existing user, which is accessible within the URL of the
+Jenkins console when managing an existing user's credentials.
+
+```puppet
+    jenkins::credentials { 'deploy-user':
+      password            => '',
+      private_key_or_path => hiera('::deploy_key'),
+      uuid                => hiera('::deploy_credentials_uuid'),
+    }
+```
+
 ### Configuring Security
 
 The Jenkins security model can be set to one of two modes:

diff --git a/files/puppet_helper.groovy b/files/puppet_helper.groovy
@@ -162,18 +162,21 @@ class Actions {
   /////////////////////////
   // create credentials
   /////////////////////////
-  void create_or_update_credentials(String username, String password, String description="", String private_key="") {
+  void create_or_update_credentials(String username, String password, String id="", String description="", String private_key="") {
     def global_domain = Domain.global()
     def credentials_store =
       Jenkins.instance.getExtensionList(
         'com.cloudbees.plugins.credentials.SystemCredentialsProvider'
       )[0].getStore()
 
     def credentials
+    if (id == "") {
+      id = null
+    }
     if (private_key == "" ) {
       credentials = new UsernamePasswordCredentialsImpl(
         CredentialsScope.GLOBAL,
-        null,
+        id,
         description,
         username,
         password
@@ -187,7 +190,7 @@ class Actions {
       }
       credentials = new BasicSSHUserPrivateKey(
         CredentialsScope.GLOBAL,
-        null,
+        id,
         username,
         key_source,
         password,

diff --git a/manifests/credentials.pp b/manifests/credentials.pp
@@ -21,6 +21,7 @@
   $description = 'Managed by Puppet',
   $private_key_or_path = '',
   $ensure = 'present',
+  $uuid = '',
 ){
   validate_string($ensure)
 
@@ -35,11 +36,13 @@
       validate_string($password)
       validate_string($description)
       validate_string($private_key_or_path)
+      validate_string($uuid)
       jenkins::cli::exec { "create-jenkins-credentials-${title}":
         command => [
           'create_or_update_credentials',
           $title,
           "'${password}'",
+          "'${uuid}'",
           "'${description}'",
           "'${private_key_or_path}'",
         ],

diff --git a/spec/defines/jenkins_credentials_spec.rb b/spec/defines/jenkins_credentials_spec.rb
@@ -3,6 +3,10 @@
 describe 'jenkins::credentials', :type => :define do
   let(:title) { 'foo' }
   let(:facts) {{ :osfamily => 'RedHat', :operatingsystem => 'RedHat' }}
+  let(:helper_cmd) { "/usr/bin/java -jar cli.jar -s http://127.0.0.1:8080 groovy /var/lib/jenkins/puppet_helper.groovy" }
+  let(:pre_condition) {
+    "class jenkins::cli_helper { $helper_cmd = '#{helper_cmd}' }"
+  }
 
   describe 'relationships' do
     let(:params) {{ :password => 'foo' }}
@@ -15,4 +19,40 @@
         that_comes_before('Anchor[jenkins::end]')
     end
   end
+
+  describe 'with ensure is present' do
+    let(:params) {{
+      :ensure   => 'present',
+      :password => 'mypass',
+    }}
+    it { should contain_jenkins__cli__exec('create-jenkins-credentials-foo').with({
+      :command    => [ "create_or_update_credentials" , "#{title}", "'mypass'",
+                       "''", "'Managed by Puppet'", "''" ],
+      :unless     => "\$HELPER_CMD credential_info #{title} | grep #{title}",
+    })}
+  end
+
+  describe 'with ensure is absent' do
+    let(:params) {{
+      :ensure   => 'absent',
+      :password => 'mypass',
+    }}
+    it { should contain_jenkins__cli__exec('delete-jenkins-credentials-foo').with({
+      :command    => [ "delete_credentials", "#{title}" ],
+    })}
+  end
+
+  describe 'with uuid set' do
+    let(:params) {{
+      :ensure   => 'present',
+      :password => 'mypass',
+      :uuid     => 'e94d3b98-5ba4-43b9-89ed-79a08ea97f6f',
+    }}
+    it { should contain_jenkins__cli__exec('create-jenkins-credentials-foo').with({
+      :command    => [ "create_or_update_credentials" , "#{title}", "'mypass'",
+                       "'e94d3b98-5ba4-43b9-89ed-79a08ea97f6f'", "'Managed by Puppet'", "''" ],
+      :unless     => "\$HELPER_CMD credential_info #{title} | grep #{title}",
+    })}
+  end
+
 end