From 19f1e536b9c06ada73b097c4b180645d2c33d247 Mon Sep 17 00:00:00 2001
From: Darragh Bailey <dbailey@hp.com>
Date: Fri, 24 Apr 2015 17:56:24 +0100
Subject: [PATCH] Support anonymous credentials for Jenkins plugin info query

Allow setting user and password variables to 'None' to disable the auth
mechanism with python-jenkins.

Jenkins can be configured to allow read-only access to query the plugins
installed. This is useful in test mode to run with read-only access via
the special 'Anonymous' user group in Jenkins, so that the XML can be
generated based on the installed versions of plugins without any risk of
accidental update.

Change-Id: I98ed30dc248e704530429799ccde6347f074c59d
---
 jenkins_jobs/cmd.py | 23 ++++++++++++++++++++---
 1 file changed, 20 insertions(+), 3 deletions(-)

diff --git a/jenkins_jobs/cmd.py b/jenkins_jobs/cmd.py
index 8c5dc1e03..70620253b 100755
--- a/jenkins_jobs/cmd.py
+++ b/jenkins_jobs/cmd.py
@@ -40,8 +40,6 @@ allow_empty_variables=False
 
 [jenkins]
 url=http://localhost:8080/
-user=
-password=
 query_plugins_info=True
 
 [hipchat]
@@ -217,17 +215,36 @@ def execute(options, config):
     elif config.has_option('job_builder', 'ignore_cache'):
         ignore_cache = config.getboolean('job_builder', 'ignore_cache')
 
-    # workaround for python 2.6 interpolation error
+    # Jenkins supports access as an anonymous user, which can be used to
+    # ensure read-only behaviour when querying the version of plugins
+    # installed for test mode to generate XML output matching what will be
+    # uploaded. To enable must pass 'None' as the value for user and password
+    # to python-jenkins
+    #
+    # catching 'TypeError' is a workaround for python 2.6 interpolation error
     # https://bugs.launchpad.net/openstack-ci/+bug/1259631
     try:
         user = config.get('jenkins', 'user')
     except (TypeError, configparser.NoOptionError):
         user = None
+
     try:
         password = config.get('jenkins', 'password')
     except (TypeError, configparser.NoOptionError):
         password = None
 
+    # Inform the user as to what is likely to happen, as they may specify
+    # a real jenkins instance in test mode to get the plugin info to check
+    # the XML generated.
+    if user is None and password is None:
+        logger.info("Will use anonymous access to Jenkins if needed.")
+    elif (user is not None and password is None) or (
+            user is None and password is not None):
+        raise JenkinsJobsException(
+            "Cannot authenticate to Jenkins with only one of User and "
+            "Password provided, please check your configuration."
+        )
+
     plugins_info = None
 
     if getattr(options, 'plugins_info_path', None) is not None: