Created
December 12, 2016 10:29
-
-
Save Evildethow/4da12d6a067b0287b5eed73bc75976fb to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -o nounset -o errexit -o pipefail | |
| usage() { | |
| cat <<EOM | |
| Usage: | |
| $(basename $0) [OPTIONS] | |
| $(basename $0) [ -j | --jenkins-url | -d | --desc | -c | --cred-id | -cu | --cred-user | -cp | cred-pass | -u | --user-id | -p | --password | |
| | -h | --help ] | |
| Options: | |
| -j, --jenkins-url Jenkins base URL. | |
| -d, --desc Description. | |
| -c, --cred-id Credentials Id to identify these credentials. | |
| -cu, --cred-user Credentials username for authentication. | |
| -cp, --cred-pass Credentials password for authentication. | |
| -u, --user-id Username for Jenkins authentication (and crumb retrieval). | |
| -p, --password Password (or token) for Jenkins authentication (and crumb retrieval). | |
| -h, --help Show usage. | |
| Example: | |
| $(basename $0) -j http://localhost:8080 -d my-creds-desc -c my-user-pass-creds -cu mycreduser -cp mycredpass -u admin -p admin | |
| EOM | |
| exit 1 | |
| } | |
| # Handle opts | |
| [[ $# == 0 ]] && usage | |
| while [[ $# > 0 ]] | |
| do | |
| key="$1" | |
| case ${key} in | |
| -j|--jenkins-url) | |
| JENKINS_URL="${2}" | |
| shift | |
| ;; | |
| -d|--desc) | |
| DESC="${2}" | |
| shift | |
| ;; | |
| -c|--cred-id) | |
| CRED_ID="${2}" | |
| shift | |
| ;; | |
| -cu|--cred-user) | |
| CRED_USER="${2}" | |
| shift | |
| ;; | |
| -cp|--cred-pass) | |
| CRED_PASS="${2}" | |
| shift | |
| ;; | |
| -u|--user-id) | |
| USER_ID="${2}" | |
| shift | |
| ;; | |
| -p|--password) | |
| PASSWORD="${2}" | |
| shift | |
| ;; | |
| -h|--help) | |
| usage | |
| ;; | |
| *) | |
| echo "Error: Unknown arg: [${key}]" | |
| usage | |
| ;; | |
| esac | |
| shift | |
| done | |
| # Print values | |
| printf "\nSelected values:\n" | |
| _body="" | |
| _body="${_body}\n JENKINS_URL \t: ${JENKINS_URL}" | |
| _body="${_body}\n DESC \t: ${DESC}" | |
| _body="${_body}\n CRED_ID \t: ${CRED_ID}" | |
| _body="${_body}\n CRED_USER \t: ${CRED_USER}" | |
| _body="${_body}\n CRED_PASS \t: ${CRED_PASS}" | |
| _body="${_body}\n USER_ID \t: ${USER_ID}" | |
| _body="${_body}\n PASSWORD \t: ${PASSWORD}" | |
| echo "$(printf "${_body}")" | column -s $'\t' -t 2>/dev/null | |
| # Confirm | |
| read -r -p "Are you sure? [y/N]" response | |
| case ${response} in | |
| [yY][eE][sS]|[yY]) | |
| printf "\nConfirmed.\n" | |
| ;; | |
| *) | |
| printf "\nAborting!\n" | |
| exit 0 | |
| ;; | |
| esac | |
| # Check crumb | |
| echo "Checking for CSRF..." | |
| CRUMB=$(curl --fail -0 -u "${USER_ID}:${PASSWORD}" ''${JENKINS_URL}'/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,":",//crumb)' 2>/dev/null || echo "N/A") | |
| if [[ ${CRUMB} != "N/A" ]]; then | |
| echo "CSRF Enabled." | |
| else | |
| echo "CSRF not enabled." | |
| fi | |
| # Create credentials (createCredentials) | |
| RESPONSE=$(curl -L -s -o /dev/null -w "%{http_code}" -u "${USER_ID}:${PASSWORD}" -H "Content-Type:application/x-www-form-urlencoded" -H "$CRUMB" -X POST -d 'json={"": "0", "credentials": {"scope": "GLOBAL", "username": "'"$CRED_USER"'", "password": "'"$CRED_PASS"'", "id": "'"$CRED_ID"'", "description": "'"$DESC"'", "stapler-class": "com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl", "$class": "com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl"}, "Jenkins-Crumb": "'"$CRUMB"'"}' "${JENKINS_URL}/credentials/store/system/domain/_/createCredentials") | |
| if [[ ${RESPONSE} == "200" ]]; then | |
| echo "SUCCESS" | |
| else | |
| echo "ERROR: Failed to create credentials. Response code: [${RESPONSE}]" | |
| exit 1 | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment