From 23e6f39287ddae9ee167155b207f41db142fa186 Mon Sep 17 00:00:00 2001 From: Adam Romanek Date: Thu, 10 Feb 2022 15:56:37 +0100 Subject: [PATCH] Fix SSH Agent plugin markup for empty list of users There are cases when you want SSH Agent plugin to just start and stop an SSH agent during the build, without adding any keys automatically. One of such cases is when you want to use an SSH key stored on a SmartCard -like device, such as NitroKey HSM. So far, when the "users" property was set to an empty list then the output XML markup didn't contain the tag and the plugin was then crashing with NullPointerException. Also, when the "users" property was set to a list with just one value then the output XML markup was always generated in the "old style" format (matching plugin versions < 1.5, so like almost 8 years old). With this change, when using the "users" property the markup is generated based on the actual plugin version installed in Jenkins. More importantly, the generated markup is now properly handled by the plugin, no matter if the input is an empty list or a list with one or more entries. Finally, fixed the parent of the tag, which was wrongly put under tag when generating the "new style" markup (1.5+), while it should simply be a top-level tag, laying next to , as in the corresponding implementation class [1]. This means the "ignore-missing-credentials" property was broken when the "users" property was set to a list with more than one entry and it's now fixed. [1] https://github.com/jenkinsci/ssh-agent-plugin/blob/ssh-agent-1.5/src/main/java/com/cloudbees/jenkins/plugins/sshagent/SSHAgentBuildWrapper.java#L83 Change-Id: Ife5a08739da9ea1130f0ea7daa08c16675f6c75d --- jenkins_jobs/modules/wrappers.py | 16 +++++++++------- .../fixtures/ssh-agent-credentials002.xml | 2 +- .../fixtures/ssh-agent-credentials003.xml | 2 +- .../ssh-agent-credentials004-post-v1.5.xml | 11 +++++++++++ .../ssh-agent-credentials004-post-v1.5.yaml | 4 ++++ .../ssh-agent-credentials004.plugins_info.yaml | 3 +++ .../fixtures/ssh-agent-credentials005.xml | 9 +++++++++ .../fixtures/ssh-agent-credentials005.yaml | 3 +++ 8 files changed, 41 insertions(+), 9 deletions(-) create mode 100644 tests/wrappers/fixtures/ssh-agent-credentials004-post-v1.5.xml create mode 100644 tests/wrappers/fixtures/ssh-agent-credentials004-post-v1.5.yaml create mode 100644 tests/wrappers/fixtures/ssh-agent-credentials004.plugins_info.yaml create mode 100644 tests/wrappers/fixtures/ssh-agent-credentials005.xml create mode 100644 tests/wrappers/fixtures/ssh-agent-credentials005.yaml diff --git a/jenkins_jobs/modules/wrappers.py b/jenkins_jobs/modules/wrappers.py index 6d303605b..8afb409c8 100644 --- a/jenkins_jobs/modules/wrappers.py +++ b/jenkins_jobs/modules/wrappers.py @@ -2035,10 +2035,6 @@ def ssh_agent_credentials(registry, xml_parent, data): .. literalinclude:: /../../tests/wrappers/fixtures/ssh-agent-credentials003.yaml - The **users** with one value in list equals to the **user**. In this - case old style XML will be generated. Use this format if you use - SSH-Agent plugin < 1.5. - Example: .. literalinclude:: @@ -2053,16 +2049,22 @@ def ssh_agent_credentials(registry, xml_parent, data): logger = logging.getLogger(__name__) + plugin_info = registry.get_plugin_info("SSH Agent Plugin") + plugin_ver = pkg_resources.parse_version( + plugin_info.get("version", str(sys.maxsize)) + ) + entry_xml = XML.SubElement( xml_parent, "com.cloudbees.jenkins.plugins.sshagent.SSHAgentBuildWrapper" ) + user_parent_entry_xml = entry_xml xml_key = "user" user_list = list() if "users" in data: user_list += data["users"] - if len(user_list) > 1: - entry_xml = XML.SubElement(entry_xml, "credentialIds") + if plugin_ver >= pkg_resources.parse_version("1.5.0"): + user_parent_entry_xml = XML.SubElement(entry_xml, "credentialIds") xml_key = "string" if "user" in data: logger.warning( @@ -2081,7 +2083,7 @@ def ssh_agent_credentials(registry, xml_parent, data): ) for user in user_list: - XML.SubElement(entry_xml, xml_key).text = user + XML.SubElement(user_parent_entry_xml, xml_key).text = user mapping = [("ignore-missing-credentials", "ignoreMissing", False)] helpers.convert_mapping_to_xml(entry_xml, data, mapping, fail_required=False) diff --git a/tests/wrappers/fixtures/ssh-agent-credentials002.xml b/tests/wrappers/fixtures/ssh-agent-credentials002.xml index 2b6f9fe6f..3f9c2be93 100644 --- a/tests/wrappers/fixtures/ssh-agent-credentials002.xml +++ b/tests/wrappers/fixtures/ssh-agent-credentials002.xml @@ -6,8 +6,8 @@ 44747833-247a-407a-a98f-a5a2d785111c f1c0f777-7ac6-43fd-b5c7-68b420aa1392 dd647a01-be21-402b-bfc5-a4e89be7d0c4 - false + false diff --git a/tests/wrappers/fixtures/ssh-agent-credentials003.xml b/tests/wrappers/fixtures/ssh-agent-credentials003.xml index ab9fad817..11866125c 100644 --- a/tests/wrappers/fixtures/ssh-agent-credentials003.xml +++ b/tests/wrappers/fixtures/ssh-agent-credentials003.xml @@ -5,8 +5,8 @@ 44747833-247a-407a-a98f-a5a2d785111c dd647a01-be21-402b-bfc5-a4e89be7d0c4 - false + false diff --git a/tests/wrappers/fixtures/ssh-agent-credentials004-post-v1.5.xml b/tests/wrappers/fixtures/ssh-agent-credentials004-post-v1.5.xml new file mode 100644 index 000000000..2ffc44e36 --- /dev/null +++ b/tests/wrappers/fixtures/ssh-agent-credentials004-post-v1.5.xml @@ -0,0 +1,11 @@ + + + + + + 49d20745-9889-4c02-b286-fc6fb89c36bd + + false + + + diff --git a/tests/wrappers/fixtures/ssh-agent-credentials004-post-v1.5.yaml b/tests/wrappers/fixtures/ssh-agent-credentials004-post-v1.5.yaml new file mode 100644 index 000000000..b0668a940 --- /dev/null +++ b/tests/wrappers/fixtures/ssh-agent-credentials004-post-v1.5.yaml @@ -0,0 +1,4 @@ +wrappers: + - ssh-agent-credentials: + users: + - '49d20745-9889-4c02-b286-fc6fb89c36bd' diff --git a/tests/wrappers/fixtures/ssh-agent-credentials004.plugins_info.yaml b/tests/wrappers/fixtures/ssh-agent-credentials004.plugins_info.yaml new file mode 100644 index 000000000..33670f3de --- /dev/null +++ b/tests/wrappers/fixtures/ssh-agent-credentials004.plugins_info.yaml @@ -0,0 +1,3 @@ +- longName: 'SSH Agent Plugin' + shortName: 'ssh-agent' + version: "1.4" diff --git a/tests/wrappers/fixtures/ssh-agent-credentials005.xml b/tests/wrappers/fixtures/ssh-agent-credentials005.xml new file mode 100644 index 000000000..c0f45d739 --- /dev/null +++ b/tests/wrappers/fixtures/ssh-agent-credentials005.xml @@ -0,0 +1,9 @@ + + + + + + false + + + diff --git a/tests/wrappers/fixtures/ssh-agent-credentials005.yaml b/tests/wrappers/fixtures/ssh-agent-credentials005.yaml new file mode 100644 index 000000000..5f453180c --- /dev/null +++ b/tests/wrappers/fixtures/ssh-agent-credentials005.yaml @@ -0,0 +1,3 @@ +wrappers: + - ssh-agent-credentials: + users: []