Jenkins Utils
Project description
Abstract
Implements some jenkins utils in python way.
Notes
jenkins-utils does not support plain-credentials, ssh-credentials plugins, so there’s no option to encrypt/decrypt these data yet.
Requirements
Python 3.4+
pycrypto (non windows systems)
pycryptodomex (windows)
Usage
Currently there’s encrypt/decrypt operations implemented and gathered in convenient and python developer friendly form.
As an example you an decrypt (or encrypt) message using Jenkins’s master and hudson secret keys:
$ python invoke.py --master-key master.key --hudson-secret-key hudson.util.Secret \
--action decrypt "{AQAAABAAAAAgd+820Q6QR4ABkf3JpXHacuO3zdj11o8JD/6VIJi8XjS9GJJyWquIYbNokyKKsIfN}"
this is simple text to encrypt
$ python invoke.py --master-key master.key --hudson-secret-key hudson.util.Secret \
--aes-type cbc --action encrypt "this is simple text to encrypt"
{AQAAABAAAAAgfb9K8Kaq716l8SwGDqEFMRzm/3ynYDK7IsfI4C7BlVyMIlP/5JGfYK1n1Nc10VoD}
$Advanced use
reader.py
#!/usr/bin/env python3
import sys
import base64
import argparse
from lxml import etree
from jenkins.utils import Secret
def check():
if sys.version_info[:2] < (3, 4):
print("jenkins-cipher requires python-3.4+, exiting ..")
sys.exit(-1)
def decrypt(opts):
master_key = open(opts.master_key, 'rb').read()
hudson_secret_key = open(opts.hudson_key, 'rb').read()
secret = Secret(
master_key=master_key, hudson_secret_key=hudson_secret_key
)
credentials = etree.fromstring(
open(opts.credentials, 'rb').read()
)
for node in credentials.xpath('//com.cloudbees.plugins.credentials.'
'impl.UsernamePasswordCredentialsImpl'):
username, *_ = node.xpath('./username/text()')
password_encoded, *_ = node.xpath('./password/text()')
password = base64.decodebytes(password_encoded.encode('utf-8'))
print(
"Encrypted (username:password): ({}:{})".format(
username, secret.decrypt(password)
)
)
def main():
parser = argparse.ArgumentParser()
parser.add_argument('-c', '--credentials', dest='credentials',
required=True, help='jenkins credentials.xml file')
parser.add_argument('-m', '--master-key', dest='master_key',
help='jenkins secrets master.key file', required=True)
parser.add_argument('-H', '--hudson-secret-key', dest='hudson_key',
help='jenkins secrets hudson.util.Secret file')
options = parser.parse_args()
sys.exit(decrypt(options))
if __name__ == '__main__':
main()$ python reader.py -c credentials.xml -m master.key -H hudson.util.Secret
Encrypted (username:password): (scm-bot:W9CA6qTajV)
Encrypted (username:password): (artifactory-bot:vB9V9BtPN4)
Encrypted (username:password): (git-bot:V32c5S8TnHCvmfr)
... and so onReferences
Jenkins util/Secret.java sources
Jenkins python decrypter
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file jenkins-utils-0.1.tar.gz.
File metadata
- Download URL: jenkins-utils-0.1.tar.gz
- Upload date:
- Size: 9.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
7a5fce8b0c6ce9fb3c5a27694dcaea40dad5f64443154d9d2f75e904a73e5bdc
|
|
| MD5 |
e117a1d7a83d95aa4302a0a384b193a1
|
|
| BLAKE2b-256 |
076ae32a4b5c7ffd81e5766d98bb8f9cb81441f0d9116840ae744e28aab6f8c3
|
File details
Details for the file jenkins_utils-0.1-py3-none-any.whl.
File metadata
- Download URL: jenkins_utils-0.1-py3-none-any.whl
- Upload date:
- Size: 14.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
e34c6d4cbcbdd1ee7236ac22388bceace8a88b4377c00bb7920bb552f542419c
|
|
| MD5 |
562516a90dfce177737ea92fe5b3bedb
|
|
| BLAKE2b-256 |
ea339a6085ae0b44ff03a68e4f0a97b1b283f9719ae5a89cbe6297b84c771638
|
