那些遇到过的问题

通过Groovy访问Jenkins Credentials商店

khm*_*ise 22 git groovy jenkins

我找到了一种方法来访问Jenkins中凭证存储:

def getPassword = { username ->
    def creds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
        com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials.class,
        jenkins.model.Jenkins.instance
    )

    def c = creds.findResult { it.username == username ? it : null }

    if ( c ) {
        println "found credential ${c.id} for username ${c.username}"

        def credentials_store = jenkins.model.Jenkins.instance.getExtensionList(
            'com.cloudbees.plugins.credentials.SystemCredentialsProvider'
            )[0].getStore()

         println "result: " + credentials_store
    } else {
      println "could not find credential for ${username}"
    }
}

getPassword("XYZ")
Run Code Online (Sandbox Code Playgroud)

但现在我想获得相应用户的密码,我无法做到...

如果我尝试访问passord等,我总是会得到未知的方法等.

这样做的原因是使用此用户/密码来调用git并从存储库中提取信息.

我总是得到这样的东西:

result: com.cloudbees.plugins.credentials.SystemCredentialsProvider$StoreImpl@1639eab2
Run Code Online (Sandbox Code Playgroud)

更新

在用它进行了更多的实验(以及Jeanne Boyarsky的暗示)后,我发现我正在考虑编译.以下内容已经为我提供了用户的密码:

def getUserPassword = { username ->
    def creds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
            com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials.class,
            jenkins.model.Jenkins.instance
            )

    def c = creds.findResult { it.username == username ? it : null }

    if ( c ) {
        return c.password
    } else {
        println "could not find credential for ${username}"
    }
}
Run Code Online (Sandbox Code Playgroud)

此外,通过使用以下代码段,您可以遍历整个凭据存储:

def credentials_store = jenkins.model.Jenkins.instance.getExtensionList(
        'com.cloudbees.plugins.credentials.SystemCredentialsProvider'
        )

println "credentials_store: ${credentials_store}"
println " Description: ${credentials_store.description}"
println " Target: ${credentials_store.target}"
credentials_store.each {  println "credentials_store.each: ${it}" }

credentials_store[0].credentials.each { it ->
    println "credentials: -> ${it}"
    if (it instanceof com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl) {
        println "XXX: username: ${it.username} password: ${it.password} description: ${it.description}"
    }
}
Run Code Online (Sandbox Code Playgroud)

你会得到这样的输出:

[(master)]:
credentials_store: [com.cloudbees.plugins.credentials.SystemCredentialsProvider@5a2822be]
 Description: [The descriptions...]
 Target: [com.cloudbees.plugins.credentials.SystemCredentialsProvider@5a2822be]
credentials_store.each: com.cloudbees.plugins.credentials.SystemCredentialsProvider@5a2822be
credentials: -> com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey@38357ca1
credentials: -> com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey@47cf7703
credentials: -> com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl@739abac5
XXX: username: User1 password: Password description: The description of the user.
credentials: -> com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl@884a53e6
XXX: username: User2 password: Password1 description: The description of the user1.
Result:   [com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey@38357ca1, com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey@47cf7703, com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl@739abac5, com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl@884a53e6]
Run Code Online (Sandbox Code Playgroud)

因此,通过使用子句中相应类,instanceof您可以选择所需的内容.

Jea*_*sky 17

这有效.它获取凭证而不是商店.

我没有写任何错误处理,所以如果你没有设置凭证对象(或者可能你有两个),它就会爆炸.这部分很容易添加.棘手的部分是获得正确的API!

def getPassword = { username ->
    def creds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
        com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials.class,
        jenkins.model.Jenkins.instance
    )

    def c = creds.findResult { it.username == username ? it : null }

    if ( c ) {
        println "found credential ${c.id} for username ${c.username}"

        def systemCredentialsProvider = jenkins.model.Jenkins.instance.getExtensionList(
            'com.cloudbees.plugins.credentials.SystemCredentialsProvider'
            ).first()

      def password = systemCredentialsProvider.credentials.first().password

      println password


    } else {
      println "could not find credential for ${username}"
    }
}

getPassword("jeanne")
Run Code Online (Sandbox Code Playgroud)

mao*_*urf 9

jenkins维基的官方解决方案

打印系统中所有凭据的列表及其ID.

def creds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
        com.cloudbees.plugins.credentials.Credentials.class,
        Jenkins.instance,
        null,
        null
);
for (c in creds) {
    println(c.id + ": " + c.description)
}
Run Code Online (Sandbox Code Playgroud)

  • 下面的UsernamePasswordCredentialsImpl的工作示例。def creds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl.class,Jenkins.instance,null,null); for(c in creds){println(c.id +“:” + c.username +“:” + c.password)} (2认同)

Jes*_*sta 7

一张纸就能获得凭证的价值

假设...

def CREDENTIAL_ID = "<key_credential_id"
Run Code Online (Sandbox Code Playgroud)

获取私钥凭证的一个班轮:

有关提取值的方法,请参阅ssh 凭证实现

def PRIVATE_KEY = com.cloudbees.plugins.credentials.SystemCredentialsProvider.getInstance().getStore().getCredentials(com.cloudbees.plugins.credentials.domains.Domain.global()).find { it.getId().equals(CREDENTIAL_ID) }.getPrivateKey()
Run Code Online (Sandbox Code Playgroud)

获取用户名/密码凭据的一个衬垫:

有关提取值的方法,请参阅用户名密码凭据实现

def PASSWORD = com.cloudbees.plugins.credentials.SystemCredentialsProvider.getInstance().getStore().getCredentials(com.cloudbees.plugins.credentials.domains.Domain.global()).find { it.getId().equals(CREDENTIAL_ID) }.getPassword()
Run Code Online (Sandbox Code Playgroud) 
def USERNAME = com.cloudbees.plugins.credentials.SystemCredentialsProvider.getInstance().getStore().getCredentials(com.cloudbees.plugins.credentials.domains.Domain.global()).find { it.getId().equals(CREDENTIAL_ID) }.getUsername()
Run Code Online (Sandbox Code Playgroud)

获取字符串凭证的一个衬垫:

有关提取值的方法,请参阅纯凭证实现

def SECRET = com.cloudbees.plugins.credentials.SystemCredentialsProvider.getInstance().getStore().getCredentials(com.cloudbees.plugins.credentials.domains.Domain.global()).find { it.getId().equals(CREDENTIAL_ID) }.getSecret().getPlainText()
Run Code Online (Sandbox Code Playgroud)

这允许您执行诸如将凭据注入 docker 代理之类的操作:

def CREDENTIAL_ID = "<key_credential_id"
def SECRET = com.cloudbees.plugins.credentials.SystemCredentialsProvider.getInstance().getStore().getCredentials(com.cloudbees.plugins.credentials.domains.Domain.global()).find { it.getId().equals(CREDENTIAL_ID) }.getSecret().getPlainText()
pipeline {
    agent {
        dockerfile {
            filename "build/Jenkins.Dockerfile"
            additionalBuildArgs "--build-arg SECRET=${SECRET}"
        }
    }
    ...
}
Run Code Online (Sandbox Code Playgroud)

zet*_*t42 5

如果您只想检索给定凭据 ID 的凭据,最简单的方法是使用withCredentials管道步骤将凭据绑定到变量。

withCredentials([usernamePassword( credentialsId: 'myCredentials', 
                     usernameVariable: 'MYUSER', passwordVariable: 'MYPWD' )]) { 
    echo "User: $MYUSER, Pwd: $MYPWD" 
}
Run Code Online (Sandbox Code Playgroud)

归档时间:

查看次数:

19589 次

最近记录:

5 年,9 月 前
相关归档
Git警告:push.default未设置; 它的隐含价值在变化 56
如何使用git grep命令默认显示行号? 36
在Jenkins中的构建步骤之间传递数据 18
Git Azure部署缺少内容目录中的文件(MVC4项目) 15
如何通过git format-patch格式化补丁? 14
为什么要检入称为"提交"的文件? 12
Gradle:并行优化运行测试 8
Eclipse中的Groovy无法识别导入 7
Groovy 有集合的 size 属性吗? 5
有没有办法在 jenkins 2 中插入 Build pipeline 1.5.8 版本的手动批准 2
难疑归档
如何解决Git中的合并冲突 4600
如何迭代字符串的单词? 2895
如何在Node.js中退出 1762
计算C#中的相对时间 1461
如何解决"断点当前不会被命中.此文档没有加载任何符号." 警告? 1456
类型检查:typeof,GetType还是? 1435
在JavaScript对象数组中按id查找对象 1435
Markdown中的评论 1277
检查jQuery中是否存在元素 1209
如何在Git中仅提交区分大小写的文件名更改? 1157