[JENKINS-70101] Reproduce inability to use CertificateCredentials on …

…agents
jenkinsci · Dec 9, 2022 · 4ee16f3 · 4ee16f3
1 parent 839a635
commit 4ee16f3
Showing 1 changed file with 26 additions and 0 deletions.
diff --git a/src/test/java/com/cloudbees/plugins/credentials/impl/CertificateCredentialsImplTest.java b/src/test/java/com/cloudbees/plugins/credentials/impl/CertificateCredentialsImplTest.java
@@ -29,6 +29,7 @@
 import com.cloudbees.plugins.credentials.Credentials;
 import com.cloudbees.plugins.credentials.CredentialsNameProvider;
 import com.cloudbees.plugins.credentials.CredentialsProvider;
+import com.cloudbees.plugins.credentials.CredentialsScope;
 import com.cloudbees.plugins.credentials.CredentialsStore;
 import com.cloudbees.plugins.credentials.SecretBytes;
 import com.cloudbees.plugins.credentials.SystemCredentialsProvider;
@@ -53,6 +54,7 @@
 import hudson.cli.UpdateJobCommand;
 import hudson.model.ItemGroup;
 import hudson.model.Job;
+import hudson.model.Node;
 import hudson.security.ACL;
 import hudson.util.Secret;
 import jenkins.model.Jenkins;
@@ -71,10 +73,12 @@
 import java.net.URLEncoder;
 import java.nio.charset.StandardCharsets;
 import java.nio.file.Files;
+import java.security.KeyStore;
 import java.util.Base64;
 import java.util.Collections;
 import java.util.List;
 
+import jenkins.security.MasterToSlaveCallable;
 import static hudson.cli.CLICommandInvoker.Matcher.failedWith;
 import static hudson.cli.CLICommandInvoker.Matcher.succeeded;
 import static org.hamcrest.MatcherAssert.assertThat;
@@ -353,6 +357,16 @@ public void fullSubmitOfUploadedKeystore() throws Exception {
  assertEquals(EXPECTED_DISPLAY_NAME, displayName);
  }
 
+ @Test
+ @Issue("JENKINS-70101")
+ public void useCertificateCredentialsImplOnAgent() throws Throwable {
+ Node node = r.createOnlineSlave();
+ SecretBytes uploadedKeystore = SecretBytes.fromBytes(Files.readAllBytes(p12.toPath()));
+ CertificateCredentialsImpl.UploadedKeyStoreSource storeSource = new CertificateCredentialsImpl.UploadedKeyStoreSource(null, uploadedKeystore);
+ CertificateCredentialsImpl credentials = new CertificateCredentialsImpl(CredentialsScope.GLOBAL, "my-credentials", "description", VALID_PASSWORD, storeSource);
+ assertEquals(EXPECTED_DISPLAY_NAME, node.getChannel().call(new ReadCertificateCredentialsOnAgent(credentials)));
+ }
+
  private String getValidP12_base64() throws Exception {
  return Base64.getEncoder().encodeToString(Files.readAllBytes(p12.toPath()));
  }
@@ -397,4 +411,16 @@ private CredentialsStore getFolderStore(Folder f) {
  return folderStore;
  }
 
+ private static class ReadCertificateCredentialsOnAgent extends MasterToSlaveCallable<String, Throwable> {
+ private final CertificateCredentialsImpl credentials;
+ public ReadCertificateCredentialsOnAgent(CertificateCredentialsImpl credentials) {
+ this.credentials = credentials;
+ }
+ @Override
+ public String call() throws Throwable {
+ KeyStore keyStore = credentials.getKeyStore();
+ // KeyStore is not Serializable, so we just return the DN.
+ return StandardCertificateCredentials.NameProvider.getSubjectDN(keyStore);
+ }
+ }
 }