Support withCredentials on PersonalAccessToken(Impl) #113
Conversation
MarkEWaite
left a comment
MarkEWaite
left a comment
There was a problem hiding this comment.
Minor change needed to sort the imports in order to satisfy checkstyle.
src/test/java/org/jenkinsci/plugin/gitea/credentials/PersonalAccessTokenBindingTest.java
Show resolved
Hide resolved
Testing done:
Confirmed that the Pipeline syntax snippet generator shows the correct syntax, of the form:
withCredentials([giteaPersonalAccessToken(credentialsId: 'my-gitea-token', variable: 'MY_VAR')]) {
// some block
}
Confirmed that the localized form of the variable property and the
credentials property are displayed as expected.
Confirmed that my sample Pipeline worked:
pipeline {
agent {
label 'alpine'
}
stages {
stage('Checkout') {
steps {
withCredentials([giteaPersonalAccessToken(credentialsId: 'gitea-token', variable: 'ABC')]) {
sh 'git clone http://[email protected]:3000/mwaite/bin.git'
}
}
}
}
}
|
The Jenkins Pipeline syntax snippet generator needs some additions to the pull request. The file src/main/resources/org/jenkinsci/plugin/gitea/credentials/PersonalAccessTokenBinding/config.jelly is needed in order to allow the generator to display the form. I've made several changes and tested my changes interactively and think that they are ready for you to consider including them in this pull request. https://github.com/MarkEWaite/gitea-plugin/tree/feature/withCredentials-support |
…ccessTokenBindingTest.java Co-authored-by: Mark Waite <[email protected]>
No need to declare the package of the script. Use the default. No need to declare the full path to the PersonalAccessTokenBinding class, let Jenkins find it by searching. Add a newline to the end of the file.
…/gitea-plugin into feature/withCredentials-support
Guidance on quoting is adapted from https://github.com/jenkinsci/credentials-binding-plugin/edit/master/README.md
…rt' into feature/withCredentials-support
The echo step is more common in Pipeline
MarkEWaite
left a comment
MarkEWaite
left a comment
There was a problem hiding this comment.
This has passed my interactive testing, works with the Pipeline syntax snippet generator, works with localized versions of the Variable and Credentials property, includes documentation, and includes automated tests that exercise the new functionality.
I'd appreciate an (optional) review from @jglick as the expert on credentials binding implementations, but I accept that he may not have time to review it. I believe this is ready to merge and release.
…rt' into feature/withCredentials-support
|
From a ten-second glance this looks like the wrong approach: you should rather implement |
I'm not sure if I understood your comment correctly. I used StringBinding for the implementation and adjusted PersonalAccessToken to implement StringCredentials. af1c198 is the change |
@jglick Please let me know if this change looks good to you. If so, I will incorporate it into the PR. |
|
If withCredentials([string(credentialsId: 'happens-to-be-gitea', variable: 'GITEA_TOKEN')]) {…}It is not really clear to my why |
Not immediately obvious from the snippet generator.
Since that class has existed since 2017, I left it alone. I didn't want to do the compatibility search to see if other plugins depend on it. |
|
Another test case that I ran successfully, using a declarative Pipeline with the environment directive: |
…using-StringCredentials
|
@MarkEWaite could you please create a new PR with your fixes? |
I would much prefer that @sahilm02 receives credit for the work. @sahilm02 would you be willing to include the changes from my feature/withCredentials-support-using-StringCredentials branch? If @sahilm02 does not respond within a week, I can rework my pull request to start with the original commits from @sahilm02 so that the commit history will correctly show the work of @sahilm02 . The current commits on my branch show me as the author of changes that were actually made by @sahilm02 |
I will incorporate your changes. Thanks |
…rt-using-StringCredentials' into feature/withCredentials-support
…/gitea-plugin into feature/withCredentials-support
MarkEWaite
left a comment
MarkEWaite
left a comment
There was a problem hiding this comment.
3 files that need to be removed from the pull request and 1 optional change to a test.
Thanks very much @sahilm02
| @@ -0,0 +1,58 @@ | |||
| package org.jenkinsci.plugin.gitea.credentials; | |||
There was a problem hiding this comment.
This file can be deleted. As noted by Jesse Glick, it is not needed because the binding is using the StringCredentials class rather than implementing its own class
| @@ -0,0 +1,11 @@ | |||
| <?xml version="1.0" encoding="UTF-8"?> | |||
There was a problem hiding this comment.
This file can be deleted. As noted by Jesse Glick, it is not needed because the binding is using the StringCredential rather than implementing its own class
| @@ -0,0 +1,24 @@ | |||
| # The MIT License | |||
There was a problem hiding this comment.
This file can be deleted. As noted by Jesse Glick, it is not needed because the binding is using the StringCredential rather than implementing its own class
| Run<?, ?> build = jenkins.buildAndAssertSuccess(project); | ||
| // Pipeline script outputs a substring of credential so that it will not be masked | ||
| jenkins.assertLogContains("Token1 is ecret", build); | ||
| jenkins.assertLogContains("Token2 is ecret", build); |
There was a problem hiding this comment.
This assertion was added to check that credential masking is working as expected on Windows and Unix. It is optional (no problem if you choose to not include it).
| jenkins.assertLogContains("Token2 is ecret", build); | |
| // Pipeline script shell and bat masks credential | |
| jenkins.assertLogContains("API_TOKEN1 is ****", build); |
4 participants
Fixes JENKINS-75582
MultiBindingimplementation for the PersonalAccessTokenImpl class PersonalAccessToken interface.Testing done
A test was introduced to run the complete pipeline and validate withCredentials, using both the full
$classsyntax and thepersonalAccessTokenIdbinding.Submitter checklist