Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SIGN-6984 - allow to store Api Token in global and system scope #13

Merged
merged 5 commits into from
Jun 27, 2024
Merged

SIGN-6984 - allow to store Api Token in global and system scope #13

merged 5 commits into from
Jun 27, 2024

Conversation

volbobvol
Copy link
Contributor

@volbobvol volbobvol commented Jun 24, 2024
edited
Loading

Allow to store Api Token in global and system scope

Submitter checklist

  • Make sure you are opening from a topic/feature/bugfix branch (right side) and not your main branch!
  • Ensure that the pull request title represents the desired changelog entry
  • Please describe what you did
  • Link to relevant issues in GitHub or Jira
  • Link to relevant pull requests, esp. upstream and downstream changes
  • Ensure you have provided tests - that demonstrates feature works or fixes the issue

paulsavoie
paulsavoie reviewed Jun 24, 2024
View reviewed changes
README.md Outdated
1. Store the **Trusted Build System Token** in a System Credential (Under Manage Jenkins / Manage Credentials)
2. Store the API Token(s) in a System Credential so that it is available to the build pipelines of the respective projects
1. Store the **Trusted Build System Token** in a System Credential (Under Manage Jenkins / Manage Credentials) with the id `SignPath.TrustedBuildSystemToken`
2. Store the API Token(s) in a System Credential so that it is available to the build pipelines of the respective projects (default id `SignPath.ApiToken`)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That change comes from me, right? We should probably say "credential" instead of "System credential"

Copy link
Contributor Author

@volbobvol volbobvol Jun 24, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That was in the commit which you asked me to cherry-pick
Fixed

src/main/java/io/jenkins/plugins/signpath/SecretRetrieval/CredentialBasedSecretRetriever.java
String scopeName = scope == null ? "<null>" : scope.getDisplayName();
CredentialsScope credentialScope = credential.getScope();

if (allowedScopes.length > 0 && !Arrays.asList(allowedScopes).contains(credentialScope)) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is the allowedScope.length > 0 actually necessary?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If allowedScope is empty there is no scope restriction

@volbobvol volbobvol merged commit ea5a2c9 into main Jun 27, 2024
13 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@paulsavoie paulsavoie paulsavoie approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@volbobvol @paulsavoie @volodymyr-bobko