/usr/lib/python2.7/dist-packages/jenkinsapi/credential.py is in python-jenkinsapi 0.2.30-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 | """
Module for jenkinsapi Credential class
"""
import logging
log = logging.getLogger(__name__)
class Credential(object):
"""
Base abstract class for credentials
Credentials returned from Jenkins don't hold any sensitive information,
so there is nothing useful can be done with existing credentials
besides attaching them to Nodes or other objects.
You can create concrete Credential instance: UsernamePasswordCredential or
SSHKeyCredential by passing credential's description and credential dict.
Each class expects specific credential dict, see below.
"""
# pylint: disable=unused-argument
def __init__(self, cred_dict):
"""
Create credential
:param str description: as Jenkins doesn't allow human friendly names
for credentials and makes "displayName" itself,
there is no way to find credential later,
this field is used to distinguish between credentials
:param dict cred_dict: dict containing credential information
"""
self.credential_id = cred_dict.get('credential_id', '')
self.description = cred_dict['description']
self.fullname = cred_dict.get('fullName', '')
self.displayname = cred_dict.get('displayName', '')
def __str__(self):
return self.description
def get_attributes(self):
pass
class UsernamePasswordCredential(Credential):
"""
Username and password credential
Constructor expects following dict:
{
'credential_id': str, Automatically set by jenkinsapi
'displayName': str, Automatically set by Jenkins
'fullName': str, Automatically set by Jenkins
'typeName': str, Automatically set by Jenkins
'description': str,
'userName': str,
'password': str
}
When creating credential via jenkinsapi automatic fields not need to be in
dict
"""
def __init__(self, cred_dict):
super(UsernamePasswordCredential, self).__init__(cred_dict)
if 'typeName' in cred_dict:
username = cred_dict['displayName'].split('/')[0]
else:
username = cred_dict['userName']
self.username = username
self.password = cred_dict.get('password', None)
def get_attributes(self):
"""
Used by Credentials object to create credential in Jenkins
"""
c_class = (
'com.cloudbees.plugins.credentials.impl.'
'UsernamePasswordCredentialsImpl'
)
c_id = '' if self.credential_id is None else self.credential_id
return {
'stapler-class': c_class,
'Submit': 'OK',
'json': {
'': '1',
'credentials': {
'stapler-class': c_class,
'id': c_id,
'username': self.username,
'password': self.password,
'description': self.description
}
}
}
class SSHKeyCredential(Credential):
"""
SSH key credential
Constructr expects following dict:
{
'credential_id': str, Automatically set by jenkinsapi
'displayName': str, Automatically set by Jenkins
'fullName': str, Automatically set by Jenkins
'typeName': str, Automatically set by Jenkins
'description': str,
'userName': str,
'passphrase': str, SSH key passphrase,
'private_key': str Private SSH key
}
private_key value is parsed to find type of credential to create:
private_key starts with - the value is private key itself
private_key starts with / the value is a path to key
private_key starts with ~ the value is a key from ~/.ssh
When creating credential via jenkinsapi automatic fields not need to be in
dict
"""
def __init__(self, cred_dict):
super(SSHKeyCredential, self).__init__(cred_dict)
if 'typeName' in cred_dict:
username = cred_dict['displayName'].split(' ')[0]
else:
username = cred_dict['userName']
self.username = username
self.passphrase = cred_dict.get('passphrase', '')
if 'private_key' not in cred_dict or cred_dict['private_key'] is None:
self.key_type = -1
self.key_value = None
elif cred_dict['private_key'].startswith('-'):
self.key_type = 0
self.key_value = cred_dict['private_key']
elif cred_dict['private_key'].startswith('/'):
self.key_type = 1
self.key_value = cred_dict['private_key']
elif cred_dict['private_key'].startswith('~'):
self.key_type = 2
self.key_value = cred_dict['private_key']
else:
raise ValueError('Invalid private_key value')
def get_attributes(self):
"""
Used by Credentials object to create credential in Jenkins
"""
base_class = (
'com.cloudbees.jenkins.plugins.sshcredentials.'
'impl.BasicSSHUserPrivateKey'
)
if self.key_type == 0:
c_class = base_class + '$DirectEntryPrivateKeySource'
elif self.key_type == 1:
c_class = base_class + '$FileOnMasterPrivateKeySource'
elif self.key_type == 2:
c_class = base_class + '$UsersPrivateKeySource'
else:
c_class = None
attrs = {
'value': self.key_type,
'privateKey': self.key_value,
'stapler-class': c_class
}
c_id = '' if self.credential_id is None else self.credential_id
return {
'stapler-class': c_class,
'Submit': 'OK',
'json': {
'': '1',
'credentials': {
'scope': 'GLOBAL',
'id': c_id,
'username': self.username,
'description': self.description,
'privateKeySource': attrs,
'passphrase': self.passphrase,
'stapler-class': base_class,
'$class': base_class
}
}
}
|