Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[JENKINS-61809] Include JCasC instructions in README #29

Merged
merged 3 commits into from
May 21, 2020
Merged

[JENKINS-61809] Include JCasC instructions in README #29

merged 3 commits into from
May 21, 2020

Conversation

orrc
Copy link
Member

@orrc orrc commented May 17, 2020
edited
Loading

Since JCasC is now a thing, and it's not clearly mentioned somewhere how to configure a Google OAuth credential, and because somebody asked how it works, let's document it.

The config in the Jira ticket looked correct, based on what I could see from the PR which implemented JCasC support, and I was also able to get it working locally.

For info: if you want to try this out, create a jcasc.yml file with the contents that this PR adds to the README, and run Jenkins with JCasC, e.g.:

jcasc.yml

credentials:
  system:
    domainCredentials:
      - credentials:
          - googleRobotPrivateKey:
              projectId: 'Google Play'
              serviceAccountConfig:
                json:
                  secretJsonKey: 'eyJjbGllbnRfZW1haWwiOiJqZW5raW5z […]'

Dockerfile

FROM jenkins/jenkins:2.222.3

RUN /usr/local/bin/install-plugins.sh \
      configuration-as-code:1.40 \
      credentials:2.3.7 \
      google-play-android-publisher:3.0
ENV JAVA_OPTS -Djenkins.install.runSetupWizard=false

COPY jcasc.yml $JENKINS_HOME/jenkins.yaml

$ docker build . -t jenkins-61809
$ docker run --rm -t -i -p 8080:8080 jenkins-61809

You should then be able to use the Google credential in jobs to upload APKs etc..

You can also confirm that the credential was imported as expected via the Script Console, for example:

import com.cloudbees.plugins.credentials.*
import com.google.jenkins.plugins.credentials.oauth.*

def c = CredentialsProvider.lookupCredentials(GoogleRobotPrivateKeyCredentials.class)[0]
def config = c.getServiceAccountConfig()

println("Filename: " + config.filename)
println("JSON:\n" + new String(config.secretJsonKey.getPlainData(), "utf-8"))

@orrc orrc force-pushed the misc/readme-update branch from 140a495 to c877546 Compare May 21, 2020 11:41
@orrc orrc merged commit d9bf2b5 into master May 21, 2020
@orrc orrc deleted the misc/readme-update branch May 21, 2020 11:49
@smellouk
Copy link

For future reference, this works well

import com.cloudbees.plugins.credentials.*
import com.google.jenkins.plugins.credentials.oauth.*

def c = CredentialsProvider.lookupCredentials(GoogleRobotPrivateKeyCredentials.class)[0]
def config = (JsonServiceAccountConfig) c.getServiceAccountConfig()
def method = config.getClass().getDeclaredMethod('getJsonKey');
method.setAccessible(true);
def result = method.invoke(config);

println("Filename: " + config.filename)
println("JSON:\n" + result.toPrettyString())

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@orrc @smellouk