WIP: DockerServerCredentialsBinding

Author: thomasgl-orange

pom.xml

@@ -77,6 +77,12 @@
       <classifier>tests</classifier>
       <scope>test</scope>
     </dependency>
+    <dependency>
+      <groupId>org.jenkins-ci.plugins</groupId>
+      <artifactId>docker-commons</artifactId>
+      <version>1.0</version>
+      <optional>true</optional>
+    </dependency>
     <dependency>
       <groupId>org.jenkins-ci.plugins.workflow</groupId>
       <artifactId>workflow-support</artifactId>

src/main/java/org/jenkinsci/plugins/credentialsbinding/impl/DockerServerCredentialsBinding.java

@@ -0,0 +1,75 @@
+package org.jenkinsci.plugins.credentialsbinding.impl;
+
+import java.io.IOException;
+import java.util.UUID;
+
+import org.jenkinsci.plugins.credentialsbinding.Binding;
+import org.jenkinsci.plugins.credentialsbinding.BindingDescriptor;
+import org.jenkinsci.plugins.docker.commons.credentials.DockerServerCredentials;
+import org.kohsuke.stapler.DataBoundConstructor;
+
+import hudson.Extension;
+import hudson.FilePath;
+import hudson.Launcher;
+import hudson.model.TaskListener;
+import hudson.model.Run;
+
+import static org.jenkinsci.plugins.credentialsbinding.impl.TempDirUtils.*;
+
+public class DockerServerCredentialsBinding extends
+        Binding<DockerServerCredentials> {
+
+    @DataBoundConstructor
+    public DockerServerCredentialsBinding(String variable, String credentialsId) {
+        super(variable, credentialsId);
+    }
+
+    @Override
+    protected Class<DockerServerCredentials> type() {
+        return DockerServerCredentials.class;
+    }
+
+    @Override
+    public SingleEnvironment bindSingle(Run<?, ?> build, FilePath workspace, Launcher launcher, TaskListener listener)
+            throws IOException, InterruptedException {
+        DockerServerCredentials credentials = getCredentials(build);
+        FilePath secrets = secretsDir(workspace);
+        String dirName = UUID.randomUUID().toString();
+        final FilePath dir = secrets.child(dirName);
+        dir.mkdirs();
+        secrets.chmod(0700);
+        dir.chmod(0700);
+
+        FilePath clientKey = dir.child("key.pem");
+        clientKey.write(credentials.getClientKey(), null);
+        clientKey.chmod(0600);
+
+        FilePath clientCert = dir.child("cert.pem");
+        clientCert.write(credentials.getClientCertificate(), null);
+        clientCert.chmod(0600);
+
+        FilePath serverCACert = dir.child("ca.pem");
+        serverCACert.write(credentials.getServerCaCertificate(), null);
+        serverCACert.chmod(0600);
+
+        return new SingleEnvironment(dir.getRemote(), new UnbinderImpl(dirName));
+    }
+
+    @Extension
+    public static class DescriptorImpl extends
+            BindingDescriptor<DockerServerCredentials> {
+
+        @Override
+        protected Class<DockerServerCredentials> type() {
+            return DockerServerCredentials.class;
+        }
+
+        @Override
+        public String getDisplayName() {
+            return Messages
+                    .DockerServerCredentialsBinding_docker_client_certificate();
+        }
+
+    }
+
+}

src/main/resources/org/jenkinsci/plugins/credentialsbinding/impl/DockerServerCredentialsBinding/config-variables.jelly

@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+The MIT License
+
+Copyright 2013 jglick.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+-->
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:f="/lib/form" xmlns:st="jelly:stapler" xmlns:c="/lib/credentials">
+    <f:entry title="${%Variable}" field="variable">
+        <f:textbox default="DOCKER_CERT_PATH"/>
+    </f:entry>
+</j:jelly>

src/main/resources/org/jenkinsci/plugins/credentialsbinding/impl/DockerServerCredentialsBinding/help-variable.html

@@ -0,0 +1,5 @@
+<div>
+    Name of an environment variable to be set during the build.<br>
+    Its value will be the absolute path of the directory where the <code>{ca,cert,key}.pem</code> files will be created.<br>
+    You probably want to call this variable <code>DOCKER_CERT_PATH</code>, which will be undestood by the docker client binary.<br>
+</div>

src/main/resources/org/jenkinsci/plugins/credentialsbinding/impl/Messages.properties

@@ -4,3 +4,4 @@ StringBinding.secret_text=Secret text
 UsernamePasswordBinding.username_and_password=Username and password (conjoined)
 UsernamePasswordMultiBinding.username_and_password=Username and password (separated)
 ZipFileBinding.secret_zip_file=Secret ZIP file
+DockerServerCredentialsBinding.docker_client_certificate=Docker client certificate