junkdrawer/jenkins-add-credential.sh at main · peterwwillis/junkdrawer · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
#!/usr/bin/env bash
# jenkins-add-credential.sh - Adds a credential to Jenkins credential store via REST API
#
# Example:
#
#   $ JENKINS_SERVER_URL=https://foo.com/ \
#       ./add-jenkins-credential.sh easi-github-token <redacted>

#set -Eeuo pipefail
set -eo pipefail
#set -x

# Using jenkins rest API for credentials - https://getintodevops.com/blog/how-to-add-jenkins-credentials-with-curl-or-ansible

function define () { IFS='\n' read -r -d '' ${1} || true; }

function _create_cred_text () {
    define myjson <<EOCCT
json={
    "": "0",
    "credentials": {
        "scope": "GLOBAL",
        "id": "$1",
        "secret": "$2",
        "description": "$1",
        "\$class": "org.jenkinsci.plugins.plaincredentials.impl.StringCredentialsImpl"
    }
}
EOCCT
    echo "$myjson"
}

function _create_cred_user_pass () {
    define myjson <<EOCCT
json={
  "": "0",
  "credentials": {
    "scope": "GLOBAL",
    "id": "$1",
    "username": "$2",
    "password": "$3",
    "description": "$1",
    "\$class": "com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl"
  }
}
EOCCT
    echo "$myjson"
}

function _create_cred_aws () {
    define myjson <<EOCCT
json={
  "": "0",
  "credentials": {
    "scope": "GLOBAL",
    "id": "$1",
    "accessKey": "$2",
    "secretKey": "$3",
    "description": "$1",
    "\$class": "com.cloudbees.jenkins.plugins.awscredentials.AWSCredentialsImpl"
  }
}
EOCCT
    echo "$myjson"
}

function _send_cred () {
    echo "Creating '$1' ..."
    ./jenkins-curl-wrapper.sh \
        -XPOST \
        --data-urlencode "$2" \
        ${JENKINS_SERVER_URL}/credentials/store/system/domain/_/createCredentials
}

function _usage () {
    cat <<EOUSAGE
Usage: $0 TYPE [OPTIONS ..]

Creates a credential on a remote Jenkins manager.
Pass OPTIONS to the TYPE to specify the arguments for the credentials.

Valid types:
  text
  user_pass

'text' type options:
    NAME                    The credential ID
    SECRET                  The credential secret text

'user_pass' type options:
    NAME                    The credential ID
    USERNAME                The credential username
    PASSWORD                The credential password

'aws' type options:
    NAME                    The credential ID
    ACCESSKEY               The credential AWS access key
    SECRETKET               The credential AWS secret key
EOUSAGE
    exit 1
}

if [ "$1" = "-h" ] || [ "$1" = "--help" ] || [ -z "$1" ] ; then
    _usage
fi

if [ -z "${JENKINS_SERVER_URL}" ] ; then
    echo "Error: set JENKINS_SERVER_URL environment variable"; exit 1
fi

TYPE="$1"
shift

NAME="$1"
JSON="$(_create_cred_$TYPE "$@")"
_send_cred "$NAME" "$JSON"