diff --git a/src/main/java/org/conjur/jenkins/api/ConjurAPI.java b/src/main/java/org/conjur/jenkins/api/ConjurAPI.java index 7b54ba3..9a6e700 100644 --- a/src/main/java/org/conjur/jenkins/api/ConjurAPI.java +++ b/src/main/java/org/conjur/jenkins/api/ConjurAPI.java @@ -26,7 +26,6 @@ import hudson.model.ItemGroup; import hudson.model.ModelObject; import hudson.model.Run; -import hudson.remoting.Channel; import hudson.security.ACL; import jenkins.model.GlobalConfiguration; import jenkins.model.Jenkins; @@ -69,29 +68,18 @@ public static String getAuthorizationToken(OkHttpClient client, ConjurConfigurat String resultingToken = null; - Channel channel = Channel.current(); - List availableCredentials = null; - if (channel == null) { - availableCredentials = CredentialsProvider.lookupCredentials(UsernamePasswordCredentials.class, - Jenkins.get(), ACL.SYSTEM, Collections.emptyList()); - - if (context != null) { - if (context instanceof Run) { - availableCredentials.addAll(CredentialsProvider.lookupCredentials(UsernamePasswordCredentials.class, - ((Run) context).getParent(), ACL.SYSTEM, Collections.emptyList())); - } else { - availableCredentials.addAll(CredentialsProvider.lookupCredentials(UsernamePasswordCredentials.class, - (AbstractItem) context, ACL.SYSTEM, Collections.emptyList())); - } - } - } else { - try { - availableCredentials = channel.call(new ConjurAPIUtils.NewAvailableCredentials()); - } catch (InterruptedException e) { - getLogger().log(Level.FINE, "Exception getting available credentials", e); - e.printStackTrace(); + availableCredentials = CredentialsProvider.lookupCredentials(UsernamePasswordCredentials.class, + Jenkins.get(), ACL.SYSTEM, Collections.emptyList()); + + if (context != null) { + if (context instanceof Run) { + availableCredentials.addAll(CredentialsProvider.lookupCredentials(UsernamePasswordCredentials.class, + ((Run) context).getParent(), ACL.SYSTEM, Collections.emptyList())); + } else { + availableCredentials.addAll(CredentialsProvider.lookupCredentials(UsernamePasswordCredentials.class, + (AbstractItem) context, ACL.SYSTEM, Collections.emptyList())); } } diff --git a/src/main/java/org/conjur/jenkins/api/ConjurAPIUtils.java b/src/main/java/org/conjur/jenkins/api/ConjurAPIUtils.java index 4f11872..7d30da6 100644 --- a/src/main/java/org/conjur/jenkins/api/ConjurAPIUtils.java +++ b/src/main/java/org/conjur/jenkins/api/ConjurAPIUtils.java @@ -1,12 +1,9 @@ package org.conjur.jenkins.api; -import java.io.IOException; import java.security.KeyStore; import java.security.SecureRandom; import java.util.Collections; import java.util.Enumeration; -import java.util.List; -import java.util.logging.Level; import java.util.logging.Logger; import javax.net.ssl.KeyManager; @@ -19,19 +16,12 @@ import com.cloudbees.plugins.credentials.CredentialsMatchers; import com.cloudbees.plugins.credentials.CredentialsProvider; import com.cloudbees.plugins.credentials.common.CertificateCredentials; -import com.cloudbees.plugins.credentials.common.UsernamePasswordCredentials; import com.cloudbees.plugins.credentials.domains.DomainRequirement; import org.conjur.jenkins.configuration.ConjurConfiguration; -import org.conjur.jenkins.configuration.GlobalConjurConfiguration; -import org.conjur.jenkins.conjursecrets.ConjurSecretCredentials; -import hudson.remoting.Channel; import hudson.security.ACL; -import hudson.util.Secret; -import jenkins.model.GlobalConfiguration; import jenkins.model.Jenkins; -import jenkins.security.SlaveToMasterCallable; import okhttp3.OkHttpClient; public class ConjurAPIUtils { @@ -41,20 +31,16 @@ static Logger getLogger() { } static CertificateCredentials certificateFromConfiguration(ConjurConfiguration configuration) { - Channel channel = Channel.current(); CertificateCredentials certificate = null; - if (channel == null) { - if (configuration.getCertificateCredentialID() == null ) { return null; } - certificate = CredentialsMatchers.firstOrNull( - CredentialsProvider.lookupCredentials(CertificateCredentials.class, Jenkins.get(), ACL.SYSTEM, - Collections.emptyList()), - CredentialsMatchers.withId(configuration.getCertificateCredentialID())); - } else { - certificate = (CertificateCredentials) objectFromMaster(channel, - new ConjurAPIUtils.NewCertificateCredentials(configuration)); - } + if (configuration.getCertificateCredentialID() == null ) { return null; } + + certificate = CredentialsMatchers.firstOrNull( + CredentialsProvider.lookupCredentials(CertificateCredentials.class, Jenkins.get(), ACL.SYSTEM, + Collections.emptyList()), + CredentialsMatchers.withId(configuration.getCertificateCredentialID())); + return certificate; } @@ -103,140 +89,5 @@ public static OkHttpClient getHttpClient(ConjurConfiguration configuration) { return new OkHttpClient.Builder().build(); } - static class NewCertificateCredentials extends SlaveToMasterCallable { - /** - * Standardize serialization. - */ - private static final long serialVersionUID = 1L; - - ConjurConfiguration configuration; - // Run context; - - public NewCertificateCredentials(ConjurConfiguration configuration) { - super(); - this.configuration = configuration; - // this.context = context; - } - - /** - * {@inheritDoc} - */ - public CertificateCredentials call() throws IOException { - CertificateCredentials certificate = CredentialsMatchers.firstOrNull( - CredentialsProvider.lookupCredentials(CertificateCredentials.class, Jenkins.get(), ACL.SYSTEM, - Collections.emptyList()), - CredentialsMatchers.withId(this.configuration.getCertificateCredentialID())); - - return certificate; - } - } - - static class NewAvailableCredentials extends SlaveToMasterCallable, IOException> { - /** - * Standardize serialization. - */ - private static final long serialVersionUID = 1L; - - // Run context; - - // public NewAvailableCredentials(Run context) { - // super(); - // this.context = context; - // } - - /** - * {@inheritDoc} - */ - public List call() throws IOException { - - List availableCredentials = CredentialsProvider.lookupCredentials( - UsernamePasswordCredentials.class, Jenkins.get(), ACL.SYSTEM, - Collections.emptyList()); - - // if (context != null) { - // availableCredentials.addAll(CredentialsProvider.lookupCredentials(UsernamePasswordCredentials.class, - // context.getParent(), ACL.SYSTEM, - // Collections.emptyList())); - // } - - return availableCredentials; - } - } - - public static class NewGlobalConfiguration extends SlaveToMasterCallable { - /** - * Standardize serialization. - */ - private static final long serialVersionUID = 1L; - - /** - * {@inheritDoc} - */ - public GlobalConjurConfiguration call() throws IOException { - GlobalConjurConfiguration result = GlobalConfiguration.all().get(GlobalConjurConfiguration.class); - return result; - } - } - - public static class NewConjurSecretCredentials extends SlaveToMasterCallable { - /** - * Standardize serialization. - */ - private static final long serialVersionUID = 1L; - - String credentialID; - // Run context; - - public NewConjurSecretCredentials(String credentialID) { - super(); - this.credentialID = credentialID; - // this.context = context; - } - - /** - * {@inheritDoc} - */ - public ConjurSecretCredentials call() throws IOException { - ConjurSecretCredentials credential = CredentialsMatchers - .firstOrNull( - CredentialsProvider.lookupCredentials(ConjurSecretCredentials.class, Jenkins.get(), - ACL.SYSTEM, Collections.emptyList()), - CredentialsMatchers.withId(this.credentialID)); - - return credential; - } - } - - public static Object objectFromMaster(Channel channel, SlaveToMasterCallable callable) { - // Running from a slave, Get credential entry from master - try { - return channel.call(callable); - } catch (Exception e) { - getLogger().log(Level.WARNING, "Exception getting object from Master", e); - e.printStackTrace(); - } - return null; - } - - public static class NewSecretFromString extends SlaveToMasterCallable { - /** - * Standardize serialization. - */ - private static final long serialVersionUID = 1L; - - String secretString; - - public NewSecretFromString(String secretString) { - super(); - this.secretString = secretString; - } - - /** - * {@inheritDoc} - */ - public Secret call() throws IOException { - return Secret.fromString(secretString); - } - } } \ No newline at end of file diff --git a/src/main/java/org/conjur/jenkins/configuration/GlobalConjurConfiguration.java b/src/main/java/org/conjur/jenkins/configuration/GlobalConjurConfiguration.java index 1ff74fe..2c613e7 100644 --- a/src/main/java/org/conjur/jenkins/configuration/GlobalConjurConfiguration.java +++ b/src/main/java/org/conjur/jenkins/configuration/GlobalConjurConfiguration.java @@ -1,20 +1,16 @@ package org.conjur.jenkins.configuration; import java.io.Serializable; -import java.util.logging.Level; import java.util.logging.Logger; import javax.annotation.Nonnull; -import org.conjur.jenkins.api.ConjurAPIUtils; import org.kohsuke.stapler.AncestorInPath; import org.kohsuke.stapler.DataBoundSetter; import org.kohsuke.stapler.QueryParameter; -import org.kohsuke.stapler.interceptor.RequirePOST; import hudson.Extension; import hudson.model.AbstractItem; -import hudson.remoting.Channel; import hudson.util.FormValidation; import jenkins.model.GlobalConfiguration; @@ -67,15 +63,11 @@ public FormValidation doCheckTokenDurarionInSeconds(@AncestorInPath AbstractItem /** @return the singleton instance */ @Nonnull public static GlobalConjurConfiguration get() { - Channel channel = Channel.current(); GlobalConjurConfiguration result = null; - if (channel == null) { - result = GlobalConfiguration.all().get(GlobalConjurConfiguration.class); - } else { - result = (GlobalConjurConfiguration) ConjurAPIUtils.objectFromMaster(channel, - new ConjurAPIUtils.NewGlobalConfiguration()); - } + + result = GlobalConfiguration.all().get(GlobalConjurConfiguration.class); + if (result == null) { throw new IllegalStateException(); } diff --git a/src/main/java/org/conjur/jenkins/conjursecrets/ConjurSecretCredentials.java b/src/main/java/org/conjur/jenkins/conjursecrets/ConjurSecretCredentials.java index 94e999f..506617c 100644 --- a/src/main/java/org/conjur/jenkins/conjursecrets/ConjurSecretCredentials.java +++ b/src/main/java/org/conjur/jenkins/conjursecrets/ConjurSecretCredentials.java @@ -11,7 +11,6 @@ import com.cloudbees.plugins.credentials.common.StandardCredentials; import com.cloudbees.plugins.credentials.domains.DomainRequirement; -import org.conjur.jenkins.api.ConjurAPIUtils; import org.conjur.jenkins.configuration.ConjurConfiguration; import org.conjur.jenkins.exceptions.InvalidConjurSecretException; @@ -19,7 +18,6 @@ import hudson.model.Item; import hudson.model.ModelObject; import hudson.model.Run; -import hudson.remoting.Channel; import hudson.security.ACL; import hudson.util.Secret; import jenkins.model.Jenkins; @@ -83,20 +81,13 @@ static ConjurSecretCredentials credentialWithID(String credentialID, ModelObject ConjurSecretCredentials credential = null; - Channel channel = Channel.current(); + credential = CredentialsMatchers + .firstOrNull( + CredentialsProvider.lookupCredentials(ConjurSecretCredentials.class, Jenkins.get(), + ACL.SYSTEM, Collections.emptyList()), + CredentialsMatchers.withId(credentialID)); - if (channel == null) { - credential = CredentialsMatchers - .firstOrNull( - CredentialsProvider.lookupCredentials(ConjurSecretCredentials.class, Jenkins.get(), - ACL.SYSTEM, Collections.emptyList()), - CredentialsMatchers.withId(credentialID)); - - credential = credentialFromContextIfNeeded(credential, credentialID, context); - } else { - credential = (ConjurSecretCredentials) ConjurAPIUtils.objectFromMaster(channel, - new ConjurAPIUtils.NewConjurSecretCredentials(credentialID)); - } + credential = credentialFromContextIfNeeded(credential, credentialID, context); if (credential == null) { diff --git a/src/main/java/org/conjur/jenkins/conjursecrets/ConjurSecretCredentialsImpl.java b/src/main/java/org/conjur/jenkins/conjursecrets/ConjurSecretCredentialsImpl.java index 5ced152..76b60e2 100644 --- a/src/main/java/org/conjur/jenkins/conjursecrets/ConjurSecretCredentialsImpl.java +++ b/src/main/java/org/conjur/jenkins/conjursecrets/ConjurSecretCredentialsImpl.java @@ -67,13 +67,6 @@ public String getDisplayName() { } static Secret secretFromString(String secretString) { - Channel channel = Channel.current(); - - if (channel != null) { - return (Secret) ConjurAPIUtils.objectFromMaster(channel, - new ConjurAPIUtils.NewSecretFromString(secretString)); - } - return Secret.fromString(secretString); }