Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-57435

Cannot configure SSH credentials via Job DSL

    Details

    • Similar Issues:

      Description

      Version 1.16 of the SSH Credentials plugin changed the plain SSH private key from String to a hudson.util.Secret.

      This leads to the situation that Job DSL cannot be used to configure SSH credentials any longer.

      This snippet works when using SSH Credentials plugin 1.15:

      folder('foo') {
        properties {
          folderCredentialsProperty {
            domainCredentials {
              domainCredentials {
                domain {
                  name(null)
                  description(null)
                }
                credentials {
                  basicSSHUserPrivateKey {
                    scope('GLOBAL')
                    id('my-ssh')
                    description('My SSH Credentials')
                    username('me')
                    passphrase('')
                    privateKeySource {
                      directEntryPrivateKeySource {
                        privateKey('SSH-PRIVATE-KEY-HERE')
                      }
                    }
                  }
                }
              }
            }
          }
        }
      }
      

      But with SSH Credentials version 1.16, the privateKeySource directive shows as empty in the Job DSL's API browser.

      Maybe there's a way to also support hudson.util.Secret in Job DSL (by simply wrapping Strings into Secret.fromString(...))?

        Attachments

          Issue Links

            Activity

            Hide
            twz123 Tom Wieczorek added a comment -

            I opened PR #1202 that allows the usage of hudson.util.Secret as an input parameter, so that the following snippet works:

            folder('foo') {
              properties {
                folderCredentialsProperty {
                  domainCredentials {
                    domainCredentials {
                      domain {
                        name(null)
                        description(null)
                      }
                      credentials {
                        basicSSHUserPrivateKey {
                          scope('GLOBAL')
                          id('my-ssh')
                          description('My SSH Credentials')
                          username('me')
                          passphrase('')
                          privateKeySource {
                            directEntryPrivateKeySource {
                              privateKey(hudson.util.Secret.fromString('SSH-PRIVATE-KEY-HERE'))
                            }
                          }
                        }
                      }
                    }
                  }
                }
              }
            }
            
            Show
            twz123 Tom Wieczorek added a comment - I opened PR #1202 that allows the usage of hudson.util.Secret as an input parameter, so that the following snippet works: folder( 'foo' ) { properties { folderCredentialsProperty { domainCredentials { domainCredentials { domain { name( null ) description( null ) } credentials { basicSSHUserPrivateKey { scope( 'GLOBAL' ) id( 'my-ssh' ) description( 'My SSH Credentials' ) username( 'me' ) passphrase('') privateKeySource { directEntryPrivateKeySource { privateKey(hudson.util.Secret.fromString( 'SSH-PRIVATE-KEY-HERE' )) } } } } } } } } }
            Hide
            ruenzuo Renzo Crisóstomo added a comment - - edited

            If you're wondering how to do this with configure blocks, it's something like this:

            folder('example') {
                properties {
                    folderCredentialsProperty {
                        domainCredentials {
                            domainCredentials {
                                domain {
                                    name("")
                                    description("")
                                }
                            }
                        }
                    }
                }
                configure {
                    def configNode = it / 'properties' / 'com.cloudbees.hudson.plugins.folder.properties.FolderCredentialsProvider_-FolderCredentialsProperty' / 'domainCredentialsMap' / 'entry' / 'java.util.concurrent.CopyOnWriteArrayList'
                    configNode << 'com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey' {
                        id("test_ssh_credentials")
                        description("")
                        username("test_ssh_credentials")
                        privateKeySource(class:"com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey\$DirectEntryPrivateKeySource") {
                            privateKey("""YOUR_PRIVATE_KEY_HERE""")
                        }
                    }
                }
            }
            
            Show
            ruenzuo Renzo Crisóstomo added a comment - - edited If you're wondering how to do this with configure blocks, it's something like this: folder( 'example' ) { properties { folderCredentialsProperty { domainCredentials { domainCredentials { domain { name("") description("") } } } } } configure { def configNode = it / 'properties' / 'com.cloudbees.hudson.plugins.folder.properties.FolderCredentialsProvider_-FolderCredentialsProperty' / 'domainCredentialsMap' / 'entry' / 'java.util.concurrent.CopyOnWriteArrayList' configNode << 'com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey' { id( "test_ssh_credentials" ) description("") username( "test_ssh_credentials" ) privateKeySource(class: "com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey\$DirectEntryPrivateKeySource" ) { privateKey( """YOUR_PRIVATE_KEY_HERE" "") } } } }
            Hide
            renescheibe René Scheibe added a comment -

            The same issue exists with the https://github.com/jenkinsci/plain-credentials-plugin. It also uses a Secret parameter.

            Show
            renescheibe René Scheibe added a comment - The same issue exists with the https://github.com/jenkinsci/plain-credentials-plugin. It also uses a Secret parameter.

              People

              • Assignee:
                Unassigned
                Reporter:
                twz123 Tom Wieczorek
              • Votes:
                4 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                • Created:
                  Updated: