groovy 如何在脚本控制台中列出我的所有Jenkins凭据?

fnvucqvd  于 2022-11-01  发布在  Jenkins
关注(0)|答案(6)|浏览(220)

我试图让Jenkins从BitBucket克隆我的反复无常的项目。它不会,因为它 * 说 * 有一个问题的凭据-嗯,BitBucket是拒绝任何它是Jenkins提供。
我几乎100%肯定Jenkins没有提供它应该提供的,因为当我运行

hg clone --ssh="ssh -i /path/to/my/key" ssh://hg@bitbucket.org/my-org/my-repo

/path/to/my/key的内容是我放在Jenkins的凭证管理器中的密钥中的内容。我已经验证了在我的jenkins credentials.xml文件中可以找到它。
但是,当我尝试运行作业时,克隆失败的原因是

remote: Host key verification failed.

这让我相信问题出在通过Mercurial插件传递的内容上,但我在日志中看不到它,因为它是某种屏蔽字符串,只是显示为******
因此,我想确保进入Hg插件的凭据实际上是我的credentials.xml文件中存在的凭据。
到目前为止我已经做到了这里:

import com.cloudbees.plugins.credentials.CredentialsProvider
import com.cloudbees.plugins.credentials.common.StandardUsernameCredentials

def creds = CredentialsProvider.all()
print creds

这给了我一个凭据提供商的列表...但我不确定下一步该去哪里。我一直在文档中溺水,试图找出如何获得我想要的凭据信息...但没有骰子。
(How)我是否可以在Groovy脚本控制台中显示我的Jenkins凭据列表?

groovy

6条答案

按热度按时间
bvk5enib

bvk5enib1#

这对我来说很有效...

import java.nio.charset.StandardCharsets;
def creds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
      com.cloudbees.plugins.credentials.Credentials.class
)

for (c in creds) {
  println(c.id)
  if (c.properties.description) {
    println("   description: " + c.description)
  }
  if (c.properties.username) {
    println("   username: " + c.username)
  }
  if (c.properties.password) {
    println("   password: " + c.password)
  }
  if (c.properties.passphrase) {
    println("   passphrase: " + c.passphrase)
  }
  if (c.properties.secret) {
    println("   secret: " + c.secret)
  }
  if (c.properties.secretBytes) {
    println("    secretBytes: ")
    println("\n" + new String(c.secretBytes.getPlainData(), StandardCharsets.UTF_8))
    println("")
  }
  if (c.properties.privateKeySource) {
    println("   privateKey: " + c.getPrivateKey())
  }
  if (c.properties.apiToken) {
    println("   apiToken: " + c.apiToken)
  }
  if (c.properties.token) {
    println("   token: " + c.token)
  }
  if (c.properties.subscriptionId) {
    println("   subscriptionId: " + c.subscriptionId)
  }
  if (c.properties.clientId) {
    println("   clientId: " + c.clientId)
  }
  if (c.properties.tenant) {
    println("   tenant: " + c.tenant)
  }
  if (c.properties.clientSecret) {
    println("   clientSecret: " + c.clientSecret)
  }
  if (c.properties.plainClientSecret) {
    println("   plainClientSecret: " + c.plainClientSecret)
  }
  println("")
}
赞(0)分享  回复(0)举报  2022-11-01
r6vfmomb

r6vfmomb2#

这是一个组合脚本,它将关于这个主题的多个结果连接在一起。它列出了Jenkins所有范围的所有凭据,而不仅仅是根范围。希望它能有所帮助。

import com.cloudbees.plugins.credentials.Credentials

Set<Credentials> allCredentials = new HashSet<Credentials>();

def creds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
      com.cloudbees.plugins.credentials.Credentials.class
);

allCredentials.addAll(creds)

Jenkins.instance.getAllItems(com.cloudbees.hudson.plugins.folder.Folder.class).each{ f ->
 creds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
      com.cloudbees.plugins.credentials.Credentials.class, f)
  allCredentials.addAll(creds)

}

for (c in allCredentials) {
  println(c.id)
  if (c.properties.username) {
    println("   description: " + c.description)
  }
  if (c.properties.username) {
    println("   username: " + c.username)
  }
  if (c.properties.password) {
    println("   password: " + c.password)
  }
  if (c.properties.passphrase) {
    println("   passphrase: " + c.passphrase)
  }
  if (c.properties.secret) {
    println("   secret: " + c.secret)
  }
  if (c.properties.privateKeySource) {
    println("   privateKey: " + c.getPrivateKey())
  }
  println("")
}
赞(0)分享  回复(0)举报  2022-11-01
iih3973s

iih3973s3#

我想有一个可用凭据的列表,并发现这:

def creds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials( com.cloudbees.plugins.credentials.common.StandardUsernameCredentials.class, Jenkins.instance, null, null );

for (c in creds) {
   println(c.id + ": " + c.description)
}

从这里开始:https://wiki.jenkins-ci.org/display/JENKINS/Printing+a+list+of+credentials+and+their+IDs

赞(0)分享  回复(0)举报  2022-11-01
ymdaylpp

ymdaylpp4#

这是快速脏代码,它将打印jenkins上的一些凭证类型,如果需要更多,可以使用这里定义的不同类:
https://github.com/jenkinsci/credentials-plugin/tree/master/src/main/java/com/cloudbees/plugins/credentials/common

def StandardUsernameCredentials = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
    com.cloudbees.plugins.credentials.common.StandardUsernameCredentials.class,
    Jenkins.instance,
    null,
    null ); for (c in StandardUsernameCredentials) {
     println(c.id + ": " + c.description) } def StandardUsernamePasswordCredentials = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
    com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials.class,
    Jenkins.instance,
    null,
    null ); for (c in StandardUsernamePasswordCredentials) {
     println(c.id + ": " + c.description) }

def IdCredentials = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
    com.cloudbees.plugins.credentials.common.IdCredentials.class,
    Jenkins.instance,
    null,
    null ); for (c in IdCredentials) {
     println(c.id + ": " + c.description) }

def StandardCertificateCredentialsCredentials = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
    com.cloudbees.plugins.credentials.common.StandardCertificateCredentials.class,
    Jenkins.instance,
    null,
    null ); for (c in StandardCertificateCredentialsCredentials) {
     println(c.id + ": " + c.description) }
赞(0)分享  回复(0)举报  2022-11-01
yzxexxkh

yzxexxkh5#

这是我根据已接受的答案修改的脚本。我们使用Azure凭据,它将打印这些凭据。如果找不到secret类型,它还将打印c.properties

com.cloudbees.plugins.credentials.Credentials.class
)

for (c in creds) {
  println(c.id)
  if (c.properties.username) {
    println("   description: " + c.description)
  }
  if (c.properties.username) {
    println("   username: |" + c.username + "|")
  }
  else if (c.properties.password) {
    println("   password: |" + c.password + "|")
  }
  else if (c.properties.passphrase) {
    println("   passphrase: |" + c.passphrase + "|")
  }
  else if (c.properties.secret) {
    println("   secret: |" + c.secret + "|")
  }
  else if (c.properties.privateKeySource) {
    println("   privateKey: " + c.getPrivateKey())
  }
  else if (c.properties.clientId) {
    println("   clientId    : " + c.getClientId())
    println("   tenant      : " + c.getTenant())
    println("   subscription: " + c.getSubscriptionId())
    println("   secret      : " + hudson.util.Secret.fromString(c.getClientSecret()))
  }
  else {
    println("unknown secret type")
    println(c.properties)
  }
  println("")
}
赞(0)分享  回复(0)举报  2022-11-01
ux6nzvsh

ux6nzvsh6#

循环访问所有属性,不使用愚蠢的if:

def creds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials( com.cloudbees.plugins.credentials.Credentials.class, Jenkins.instance, null, null );

for (c in creds) {
   println(c.id + ": " + c.description)
   c.properties.each { println it }
   println()
   println()
}

您的安全团队可能会不高兴您这样做:)

赞(0)分享  回复(0)举报  2022-11-01
我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com