GithubHelp home page GithubHelp logo

jenkins-utils's Introduction

Jenkins Utils

https://travis-ci.org/tarvitz/jenkins-utils.svg?branch=master https://coveralls.io/repos/github/tarvitz/jenkins-utils/badge.svg?branch=master

Abstract

Implements some jenkins utils in python way.

Notes

jenkins-utils does not support plain-credentials, ssh-credentials plugins, so there's no option to encrypt/decrypt these data yet.

Requirements

  • Python 3.4+
  • pycrypto (non windows systems)
  • pycryptodomex (windows)

Usage

Currently there's encrypt/decrypt operations implemented and gathered in convenient and python developer friendly form.

As an example you an decrypt (or encrypt) message using Jenkins's master and hudson secret keys:

$ python invoke.py --master-key master.key --hudson-secret-key hudson.util.Secret \
                   --action decrypt "{AQAAABAAAAAgd+820Q6QR4ABkf3JpXHacuO3zdj11o8JD/6VIJi8XjS9GJJyWquIYbNokyKKsIfN}"

this is simple text to encrypt

$ python invoke.py --master-key master.key --hudson-secret-key hudson.util.Secret \
                   --aes-type cbc --action encrypt "this is simple text to encrypt"
{AQAAABAAAAAgfb9K8Kaq716l8SwGDqEFMRzm/3ynYDK7IsfI4C7BlVyMIlP/5JGfYK1n1Nc10VoD}
$

Note

  • Master key is located at $JENKINS_HOME/secrets/master.key
  • Hudson key is located at $JENKINS_HOME/secrets/hudson.util.Secret

Advanced use

reader.py

#!/usr/bin/env python3
import sys
import base64
import argparse
from lxml import etree
from jenkins.utils import Secret


def decrypt(opts):
    master_key = open(opts.master_key, 'rb').read()
    hudson_secret_key = open(opts.hudson_key, 'rb').read()
    secret = Secret(
        master_key=master_key, hudson_secret_key=hudson_secret_key
    )
    credentials = etree.fromstring(
        open(opts.credentials, 'rb').read()
    )
    for node in credentials.xpath('//com.cloudbees.plugins.credentials.'
                                  'impl.UsernamePasswordCredentialsImpl'):
        username, *_ = node.xpath('./username/text()')
        password_encoded, *_ = node.xpath('./password/text()')
        password = base64.decodebytes(password_encoded.encode('utf-8'))
        print(
            "Encrypted (username:password): ({}:{})".format(
                username, secret.decrypt(password)
            )
        )


def main():
    parser = argparse.ArgumentParser()
    parser.add_argument('-c', '--credentials', dest='credentials',
                        required=True, help='jenkins credentials.xml file')
    parser.add_argument('-m', '--master-key', dest='master_key',
                        help='jenkins secrets master.key file', required=True)
    parser.add_argument('-H', '--hudson-secret-key', dest='hudson_key',
                        help='jenkins secrets hudson.util.Secret file')
    options = parser.parse_args()
    sys.exit(decrypt(options))


if __name__ == '__main__':
    main()
$ python reader.py -c credentials.xml -m master.key -H hudson.util.Secret

Encrypted (username:password): (scm-bot:W9CA6qTajV)
Encrypted (username:password): (artifactory-bot:vB9V9BtPN4)
Encrypted (username:password): (git-bot:V32c5S8TnHCvmfr)
... and so on

References

jenkins-utils's People

Contributors

pavelbalcarek-se avatar jfpanisset avatar

Watchers

James Cloos avatar

jenkins-utils's Issues

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.