如何在脚本控制台中列出我所有的 Jenkins 凭据?
How do I list all of my Jenkins credentials in the script console?
我正在尝试让 Jenkins 从 BitBucket 克隆我的 Mercurial 项目。它不会,因为它 说 凭据有问题 - 好吧,bitbucket 拒绝 Jenkins 提供的任何内容。
我几乎 100% 确定 Jenkins 没有提供它应该提供的东西,因为当我 运行
hg clone --ssh="ssh -i /path/to/my/key" ssh://hg@bitbucket.org/my-org/my-repo
克隆成功。 /path/to/my/key 的内容是我在 Jenkins 的凭证管理器中放入密钥的内容。我已经确认它在我的 jenkins credentials.xml 文件中找到。
和还,当我尝试运行我的工作时?克隆失败,因为
remote: Host key verification failed.
这让我相信问题出在通过 mercurial 插件传递的任何内容上。但是我在日志中看不到它,因为它是某种 masked string 并且只显示为 ******.
所以我想确保进入 Hg 插件的凭据实际上是我的 credentials.xml 文件中存在的凭据。
到目前为止,我已经到了这里:
import com.cloudbees.plugins.credentials.CredentialsProvider
import com.cloudbees.plugins.credentials.common.StandardUsernameCredentials
def creds = CredentialsProvider.all()
print creds
这给了我一个证书提供者列表...但我不确定下一步该去哪里。我一直淹没在文档中,试图弄清楚如何获得我想要的凭据信息......但没有骰子。
(如何)我可以利用我所拥有的并在 Groovy 脚本控制台中显示我的 Jenkins 凭据列表?
我想要一份可用凭据的列表并找到了这个:
def creds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials( com.cloudbees.plugins.credentials.common.StandardUsernameCredentials.class, Jenkins.instance, null, null );
for (c in creds) {
println(c.id + ": " + c.description)
}
从这里得到:
https://wiki.jenkins-ci.org/display/JENKINS/Printing+a+list+of+credentials+and+their+IDs
这是快速脏代码,它会在 jenkins 上打印一些凭证类型,如果您需要更多,您可以使用此处定义的不同 类:
def StandardUsernameCredentials = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
com.cloudbees.plugins.credentials.common.StandardUsernameCredentials.class,
Jenkins.instance,
null,
null ); for (c in StandardUsernameCredentials) {
println(c.id + ": " + c.description) } def StandardUsernamePasswordCredentials = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials.class,
Jenkins.instance,
null,
null ); for (c in StandardUsernamePasswordCredentials) {
println(c.id + ": " + c.description) }
def IdCredentials = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
com.cloudbees.plugins.credentials.common.IdCredentials.class,
Jenkins.instance,
null,
null ); for (c in IdCredentials) {
println(c.id + ": " + c.description) }
def StandardCertificateCredentialsCredentials = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
com.cloudbees.plugins.credentials.common.StandardCertificateCredentials.class,
Jenkins.instance,
null,
null ); for (c in StandardCertificateCredentialsCredentials) {
println(c.id + ": " + c.description) }
这对我来说效果很好...
import java.nio.charset.StandardCharsets;
def creds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
com.cloudbees.plugins.credentials.Credentials.class
)
for (c in creds) {
println(c.id)
if (c.properties.description) {
println(" description: " + c.description)
}
if (c.properties.username) {
println(" username: " + c.username)
}
if (c.properties.password) {
println(" password: " + c.password)
}
if (c.properties.passphrase) {
println(" passphrase: " + c.passphrase)
}
if (c.properties.secret) {
println(" secret: " + c.secret)
}
if (c.properties.secretBytes) {
println(" secretBytes: ")
println("\n" + new String(c.secretBytes.getPlainData(), StandardCharsets.UTF_8))
println("")
}
if (c.properties.privateKeySource) {
println(" privateKey: " + c.getPrivateKey())
}
if (c.properties.apiToken) {
println(" apiToken: " + c.apiToken)
}
if (c.properties.token) {
println(" token: " + c.token)
}
println("")
}
这是一个组合脚本,将有关该主题的多个发现串联在一起。它列出了 Jenkins 所有范围的所有凭据,而不仅仅是根范围。希望对您有所帮助。
import com.cloudbees.plugins.credentials.Credentials
Set<Credentials> allCredentials = new HashSet<Credentials>();
def creds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
com.cloudbees.plugins.credentials.Credentials.class
);
allCredentials.addAll(creds)
Jenkins.instance.getAllItems(com.cloudbees.hudson.plugins.folder.Folder.class).each{ f ->
creds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
com.cloudbees.plugins.credentials.Credentials.class, f)
allCredentials.addAll(creds)
}
for (c in allCredentials) {
println(c.id)
if (c.properties.username) {
println(" description: " + c.description)
}
if (c.properties.username) {
println(" username: " + c.username)
}
if (c.properties.password) {
println(" password: " + c.password)
}
if (c.properties.passphrase) {
println(" passphrase: " + c.passphrase)
}
if (c.properties.secret) {
println(" secret: " + c.secret)
}
if (c.properties.privateKeySource) {
println(" privateKey: " + c.getPrivateKey())
}
println("")
}
这是我根据接受的答案修改的脚本。我们使用 azure 凭据,这将打印它们。如果未找到秘密类型,它还会打印 c.properties。
com.cloudbees.plugins.credentials.Credentials.class
)
for (c in creds) {
println(c.id)
if (c.properties.username) {
println(" description: " + c.description)
}
if (c.properties.username) {
println(" username: |" + c.username + "|")
}
else if (c.properties.password) {
println(" password: |" + c.password + "|")
}
else if (c.properties.passphrase) {
println(" passphrase: |" + c.passphrase + "|")
}
else if (c.properties.secret) {
println(" secret: |" + c.secret + "|")
}
else if (c.properties.privateKeySource) {
println(" privateKey: " + c.getPrivateKey())
}
else if (c.properties.clientId) {
println(" clientId : " + c.getClientId())
println(" tenant : " + c.getTenant())
println(" subscription: " + c.getSubscriptionId())
println(" secret : " + hudson.util.Secret.fromString(c.getClientSecret()))
}
else {
println("unknown secret type")
println(c.properties)
}
println("")
}
我正在尝试让 Jenkins 从 BitBucket 克隆我的 Mercurial 项目。它不会,因为它 说 凭据有问题 - 好吧,bitbucket 拒绝 Jenkins 提供的任何内容。
我几乎 100% 确定 Jenkins 没有提供它应该提供的东西,因为当我 运行
hg clone --ssh="ssh -i /path/to/my/key" ssh://hg@bitbucket.org/my-org/my-repo
克隆成功。 /path/to/my/key 的内容是我在 Jenkins 的凭证管理器中放入密钥的内容。我已经确认它在我的 jenkins credentials.xml 文件中找到。
和还,当我尝试运行我的工作时?克隆失败,因为
remote: Host key verification failed.
这让我相信问题出在通过 mercurial 插件传递的任何内容上。但是我在日志中看不到它,因为它是某种 masked string 并且只显示为 ******.
所以我想确保进入 Hg 插件的凭据实际上是我的 credentials.xml 文件中存在的凭据。
到目前为止,我已经到了这里:
import com.cloudbees.plugins.credentials.CredentialsProvider
import com.cloudbees.plugins.credentials.common.StandardUsernameCredentials
def creds = CredentialsProvider.all()
print creds
这给了我一个证书提供者列表...但我不确定下一步该去哪里。我一直淹没在文档中,试图弄清楚如何获得我想要的凭据信息......但没有骰子。
(如何)我可以利用我所拥有的并在 Groovy 脚本控制台中显示我的 Jenkins 凭据列表?
我想要一份可用凭据的列表并找到了这个:
def creds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials( com.cloudbees.plugins.credentials.common.StandardUsernameCredentials.class, Jenkins.instance, null, null );
for (c in creds) {
println(c.id + ": " + c.description)
}
从这里得到: https://wiki.jenkins-ci.org/display/JENKINS/Printing+a+list+of+credentials+and+their+IDs
这是快速脏代码,它会在 jenkins 上打印一些凭证类型,如果您需要更多,您可以使用此处定义的不同 类:
def StandardUsernameCredentials = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
com.cloudbees.plugins.credentials.common.StandardUsernameCredentials.class,
Jenkins.instance,
null,
null ); for (c in StandardUsernameCredentials) {
println(c.id + ": " + c.description) } def StandardUsernamePasswordCredentials = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials.class,
Jenkins.instance,
null,
null ); for (c in StandardUsernamePasswordCredentials) {
println(c.id + ": " + c.description) }
def IdCredentials = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
com.cloudbees.plugins.credentials.common.IdCredentials.class,
Jenkins.instance,
null,
null ); for (c in IdCredentials) {
println(c.id + ": " + c.description) }
def StandardCertificateCredentialsCredentials = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
com.cloudbees.plugins.credentials.common.StandardCertificateCredentials.class,
Jenkins.instance,
null,
null ); for (c in StandardCertificateCredentialsCredentials) {
println(c.id + ": " + c.description) }
这对我来说效果很好...
import java.nio.charset.StandardCharsets;
def creds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
com.cloudbees.plugins.credentials.Credentials.class
)
for (c in creds) {
println(c.id)
if (c.properties.description) {
println(" description: " + c.description)
}
if (c.properties.username) {
println(" username: " + c.username)
}
if (c.properties.password) {
println(" password: " + c.password)
}
if (c.properties.passphrase) {
println(" passphrase: " + c.passphrase)
}
if (c.properties.secret) {
println(" secret: " + c.secret)
}
if (c.properties.secretBytes) {
println(" secretBytes: ")
println("\n" + new String(c.secretBytes.getPlainData(), StandardCharsets.UTF_8))
println("")
}
if (c.properties.privateKeySource) {
println(" privateKey: " + c.getPrivateKey())
}
if (c.properties.apiToken) {
println(" apiToken: " + c.apiToken)
}
if (c.properties.token) {
println(" token: " + c.token)
}
println("")
}
这是一个组合脚本,将有关该主题的多个发现串联在一起。它列出了 Jenkins 所有范围的所有凭据,而不仅仅是根范围。希望对您有所帮助。
import com.cloudbees.plugins.credentials.Credentials
Set<Credentials> allCredentials = new HashSet<Credentials>();
def creds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
com.cloudbees.plugins.credentials.Credentials.class
);
allCredentials.addAll(creds)
Jenkins.instance.getAllItems(com.cloudbees.hudson.plugins.folder.Folder.class).each{ f ->
creds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
com.cloudbees.plugins.credentials.Credentials.class, f)
allCredentials.addAll(creds)
}
for (c in allCredentials) {
println(c.id)
if (c.properties.username) {
println(" description: " + c.description)
}
if (c.properties.username) {
println(" username: " + c.username)
}
if (c.properties.password) {
println(" password: " + c.password)
}
if (c.properties.passphrase) {
println(" passphrase: " + c.passphrase)
}
if (c.properties.secret) {
println(" secret: " + c.secret)
}
if (c.properties.privateKeySource) {
println(" privateKey: " + c.getPrivateKey())
}
println("")
}
这是我根据接受的答案修改的脚本。我们使用 azure 凭据,这将打印它们。如果未找到秘密类型,它还会打印 c.properties。
com.cloudbees.plugins.credentials.Credentials.class
)
for (c in creds) {
println(c.id)
if (c.properties.username) {
println(" description: " + c.description)
}
if (c.properties.username) {
println(" username: |" + c.username + "|")
}
else if (c.properties.password) {
println(" password: |" + c.password + "|")
}
else if (c.properties.passphrase) {
println(" passphrase: |" + c.passphrase + "|")
}
else if (c.properties.secret) {
println(" secret: |" + c.secret + "|")
}
else if (c.properties.privateKeySource) {
println(" privateKey: " + c.getPrivateKey())
}
else if (c.properties.clientId) {
println(" clientId : " + c.getClientId())
println(" tenant : " + c.getTenant())
println(" subscription: " + c.getSubscriptionId())
println(" secret : " + hudson.util.Secret.fromString(c.getClientSecret()))
}
else {
println("unknown secret type")
println(c.properties)
}
println("")
}