diff --git a/src/main/java/hudson/plugins/s3/ClientHelper.java b/src/main/java/hudson/plugins/s3/ClientHelper.java index 8251d2d2..f94cf645 100644 --- a/src/main/java/hudson/plugins/s3/ClientHelper.java +++ b/src/main/java/hudson/plugins/s3/ClientHelper.java @@ -1,16 +1,20 @@ package hudson.plugins.s3; import com.amazonaws.ClientConfiguration; +import com.amazonaws.auth.AWSCredentialsProvider; +import com.amazonaws.auth.AWSStaticCredentialsProvider; import com.amazonaws.auth.BasicAWSCredentials; +import com.amazonaws.auth.STSAssumeRoleSessionCredentialsProvider; import com.amazonaws.regions.Region; import com.amazonaws.regions.RegionUtils; import com.amazonaws.regions.Regions; import com.amazonaws.services.s3.AmazonS3; import com.amazonaws.services.s3.AmazonS3Client; +import com.amazonaws.services.s3.AmazonS3ClientBuilder; +import org.apache.commons.lang.StringUtils; import hudson.ProxyConfiguration; import java.util.regex.Pattern; - import javax.annotation.Nonnull; import javax.annotation.Nullable; @@ -19,20 +23,67 @@ public class ClientHelper { "hudson.plugins.s3.DEFAULT_AMAZON_S3_REGION", com.amazonaws.services.s3.model.Region.US_Standard.toAWSRegion().getName()); - public static AmazonS3Client createClient(String accessKey, String secretKey, boolean useRole, String region, ProxyConfiguration proxy) - { - Region awsRegion = getRegionFromString(region); + public static class Builder { + private final ProxyConfiguration proxyConfiguration; + private final String region; - ClientConfiguration clientConfiguration = getClientConfiguration(proxy, awsRegion); + public Builder(String region, ProxyConfiguration proxyConfiguration) { + this.region = region; + this.proxyConfiguration = proxyConfiguration; + } - final AmazonS3Client client; - if (useRole) { - client = new AmazonS3Client(clientConfiguration); - } else { - client = new AmazonS3Client(new BasicAWSCredentials(accessKey, secretKey), clientConfiguration); + public AmazonS3 build(String accessKey, String secretKey) { + return this.buildClient(new AWSStaticCredentialsProvider(new BasicAWSCredentials(accessKey, secretKey))); + } + + public AmazonS3 build(String assumeRole) { + return this.buildClient(new STSAssumeRoleSessionCredentialsProvider.Builder(assumeRole, "jenkins-s3-plugin").build()); } - client.setRegion(awsRegion); + public AmazonS3 build() { + return this.buildClient(null); + } + + private AmazonS3 buildClient(@Nullable AWSCredentialsProvider awsCredentialsProvider) { + Region awsRegion = getRegionFromString(region); + + ClientConfiguration clientConfiguration = getClientConfiguration(proxyConfiguration, awsRegion); + + final AmazonS3 client; + if (awsCredentialsProvider != null) { + client = new AmazonS3Client(awsCredentialsProvider, clientConfiguration); + } else { + client = new AmazonS3Client(clientConfiguration); + } + + client.setRegion(awsRegion); + + return client; + } + } + + /** + * @deprecated use {@link ClientHelper.Builder} instead + */ + @Deprecated + public static AmazonS3 createClient( + String accessKey, + String secretKey, + boolean useRole, + String assumeRole, + String region, + ProxyConfiguration proxy + ) { + Builder builder = new Builder(region, proxy); + + final AmazonS3 client; + if (StringUtils.isNotEmpty(assumeRole)) { + client = builder.build(assumeRole); + } else if (useRole) { + client = builder.build(); + } else { + client = builder.build(accessKey, secretKey); + } return client; } diff --git a/src/main/java/hudson/plugins/s3/Entry.java b/src/main/java/hudson/plugins/s3/Entry.java index 63f95cc6..cecc5fd2 100644 --- a/src/main/java/hudson/plugins/s3/Entry.java +++ b/src/main/java/hudson/plugins/s3/Entry.java @@ -3,11 +3,11 @@ import com.amazonaws.regions.Region; import com.amazonaws.regions.RegionUtils; import com.amazonaws.services.s3.AmazonS3; +import org.kohsuke.stapler.DataBoundConstructor; import hudson.Extension; import hudson.model.Describable; import hudson.model.Descriptor; import hudson.util.ListBoxModel; -import org.kohsuke.stapler.DataBoundConstructor; import java.util.List; diff --git a/src/main/java/hudson/plugins/s3/FileHelper.java b/src/main/java/hudson/plugins/s3/FileHelper.java index 58df7d7f..30f0baf9 100644 --- a/src/main/java/hudson/plugins/s3/FileHelper.java +++ b/src/main/java/hudson/plugins/s3/FileHelper.java @@ -1,7 +1,7 @@ package hudson.plugins.s3; -import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; import org.apache.tools.ant.types.selectors.FilenameSelector; +import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; import java.io.File; @@ -60,4 +60,4 @@ public static int getSearchPathLength(String workSpace, String filterExpanded, b return file2.getParent().length() + 1; } } -} \ No newline at end of file +} diff --git a/src/main/java/hudson/plugins/s3/S3ArtifactsAction.java b/src/main/java/hudson/plugins/s3/S3ArtifactsAction.java index 1f4608af..1a49c4bb 100644 --- a/src/main/java/hudson/plugins/s3/S3ArtifactsAction.java +++ b/src/main/java/hudson/plugins/s3/S3ArtifactsAction.java @@ -1,25 +1,22 @@ package hudson.plugins.s3; -import java.io.File; -import java.io.IOException; - -import java.util.Date; -import java.util.List; - -import javax.servlet.ServletException; +import static javax.servlet.http.HttpServletResponse.SC_NOT_FOUND; -import com.amazonaws.services.s3.AmazonS3Client; +import com.amazonaws.services.s3.AmazonS3; import com.amazonaws.services.s3.model.GeneratePresignedUrlRequest; import com.amazonaws.services.s3.model.ResponseHeaderOverrides; -import jenkins.model.RunAction2; import org.kohsuke.stapler.StaplerRequest; import org.kohsuke.stapler.StaplerResponse; - -import hudson.model.Run; import org.kohsuke.stapler.export.Exported; import org.kohsuke.stapler.export.ExportedBean; +import hudson.model.Run; +import jenkins.model.RunAction2; -import static javax.servlet.http.HttpServletResponse.SC_NOT_FOUND; +import java.io.File; +import java.io.IOException; +import java.util.Date; +import java.util.List; +import javax.servlet.ServletException; @ExportedBean public class S3ArtifactsAction implements RunAction2 { @@ -77,7 +74,7 @@ public void doDownload(final StaplerRequest request, final StaplerResponse respo for (FingerprintRecord record : artifacts) { if (record.getArtifact().getName().equals(artifact)) { final S3Profile s3 = S3BucketPublisher.getProfile(profile); - final AmazonS3Client client = s3.getClient(record.getArtifact().getRegion()); + final AmazonS3 client = s3.getClient(record.getArtifact().getRegion()); final String url = getDownloadURL(client, s3.getSignedUrlExpirySeconds(), build, record); response.sendRedirect2(url); return; @@ -94,7 +91,7 @@ public void doDownload(final StaplerRequest request, final StaplerResponse respo * download and there's no need for the user to have credentials to * access S3. */ - private String getDownloadURL(AmazonS3Client client, int signedUrlExpirySeconds, Run run, FingerprintRecord record) { + private String getDownloadURL(AmazonS3 client, int signedUrlExpirySeconds, Run run, FingerprintRecord record) { final Destination dest = Destination.newFromRun(run, record.getArtifact()); final GeneratePresignedUrlRequest request = new GeneratePresignedUrlRequest(dest.bucketName, dest.objectName); request.setExpiration(new Date(System.currentTimeMillis() + signedUrlExpirySeconds*1000)); diff --git a/src/main/java/hudson/plugins/s3/S3BucketPublisher.java b/src/main/java/hudson/plugins/s3/S3BucketPublisher.java index 55e05f81..ba1495c9 100644 --- a/src/main/java/hudson/plugins/s3/S3BucketPublisher.java +++ b/src/main/java/hudson/plugins/s3/S3BucketPublisher.java @@ -1,11 +1,20 @@ package hudson.plugins.s3; -import com.amazonaws.AmazonClientException; -import com.amazonaws.regions.Region; -import com.amazonaws.services.s3.AmazonS3Client; import com.google.common.collect.ImmutableList; import com.google.common.collect.Lists; import com.google.common.collect.Maps; + +import com.amazonaws.AmazonClientException; +import com.amazonaws.regions.Region; +import com.amazonaws.services.s3.AmazonS3; +import net.sf.json.JSONArray; +import net.sf.json.JSONObject; +import org.apache.commons.lang.StringUtils; +import org.jenkinsci.Symbol; +import org.kohsuke.stapler.DataBoundConstructor; +import org.kohsuke.stapler.QueryParameter; +import org.kohsuke.stapler.StaplerRequest; +import org.kohsuke.stapler.interceptor.RequirePOST; import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; import hudson.AbortException; import hudson.Extension; @@ -30,17 +39,7 @@ import hudson.util.Secret; import jenkins.model.Jenkins; import jenkins.tasks.SimpleBuildStep; -import net.sf.json.JSONArray; -import net.sf.json.JSONObject; -import org.apache.commons.lang.StringUtils; -import org.jenkinsci.Symbol; -import org.kohsuke.stapler.DataBoundConstructor; -import org.kohsuke.stapler.QueryParameter; -import org.kohsuke.stapler.StaplerRequest; -import org.kohsuke.stapler.StaplerResponse; -import org.kohsuke.stapler.interceptor.RequirePOST; -import javax.annotation.Nonnull; import java.io.IOException; import java.io.PrintStream; import java.util.ArrayList; @@ -50,6 +49,8 @@ import java.util.Map; import java.util.logging.Level; import java.util.logging.Logger; +import javax.annotation.Nonnull; +import javax.servlet.ServletException; public final class S3BucketPublisher extends Recorder implements SimpleBuildStep { @@ -510,14 +511,33 @@ public Result[] getPluginFailureResultConstraints() { return pluginFailureResultConstraints.clone(); } + private FormValidation doCheckAssumeRole(String assumeRole) { + if(StringUtils.isEmpty(assumeRole)) { + return FormValidation.ok(); + } + + final String defaultRegion = ClientHelper.DEFAULT_AMAZON_S3_REGION_NAME; + final AmazonS3 client = new ClientHelper.Builder(defaultRegion, Jenkins.get().proxy).build(assumeRole); + + try { + client.listBuckets(); + } catch (AmazonClientException e) { + LOGGER.log(Level.SEVERE, e.getMessage(), e); + return FormValidation.error("Cannot list buckets from S3: " + e.getMessage()); + } + return FormValidation.ok("Successfully assumed role: " + assumeRole); + } + @SuppressWarnings("unused") @RequirePOST public FormValidation doLoginCheck(@QueryParameter String name, @QueryParameter String accessKey, - @QueryParameter Secret secretKey, @QueryParameter boolean useRole) { + @QueryParameter Secret secretKey, @QueryParameter String assumeRole, + @QueryParameter boolean useRole) { Jenkins.get().checkPermission(Jenkins.ADMINISTER); final String checkedName = Util.fixNull(name); final String checkedAccessKey = Util.fixNull(accessKey); + final String checkedAssumeRole = Util.fixNull(assumeRole); final String checkedSecretKey = secretKey != null ? secretKey.getPlainText() : ""; final boolean couldBeValidated = !checkedName.isEmpty() && !checkedAccessKey.isEmpty() && !checkedSecretKey.isEmpty(); @@ -531,6 +551,11 @@ public FormValidation doLoginCheck(@QueryParameter String name, @QueryParameter return FormValidation.ok(); } + if (!checkedAssumeRole.isEmpty()) { + return doCheckAssumeRole(checkedAssumeRole); + } + + if (checkedAccessKey.isEmpty()) { return FormValidation.ok("Please, enter accessKey"); } @@ -541,8 +566,8 @@ public FormValidation doLoginCheck(@QueryParameter String name, @QueryParameter } final String defaultRegion = ClientHelper.DEFAULT_AMAZON_S3_REGION_NAME; - final AmazonS3Client client = ClientHelper.createClient( - checkedAccessKey, checkedSecretKey, useRole, defaultRegion, Jenkins.get().proxy); + final AmazonS3 client = ClientHelper.createClient( + checkedAccessKey, checkedSecretKey, useRole, assumeRole, defaultRegion, Jenkins.get().proxy); try { client.listBuckets(); diff --git a/src/main/java/hudson/plugins/s3/S3CopyArtifact.java b/src/main/java/hudson/plugins/s3/S3CopyArtifact.java index 1ab7d8bd..b2ea6084 100644 --- a/src/main/java/hudson/plugins/s3/S3CopyArtifact.java +++ b/src/main/java/hudson/plugins/s3/S3CopyArtifact.java @@ -24,6 +24,13 @@ package hudson.plugins.s3; import com.google.common.collect.Maps; + +import org.acegisecurity.GrantedAuthority; +import org.acegisecurity.providers.UsernamePasswordAuthenticationToken; +import org.jenkinsci.Symbol; +import org.kohsuke.stapler.AncestorInPath; +import org.kohsuke.stapler.DataBoundConstructor; +import org.kohsuke.stapler.QueryParameter; import hudson.DescriptorExtensionList; import hudson.EnvVars; import hudson.Extension; @@ -62,6 +69,8 @@ import hudson.tasks.Fingerprinter.FingerprintAction; import hudson.util.DescribableList; import hudson.util.FormValidation; +import jenkins.model.Jenkins; +import jenkins.tasks.SimpleBuildStep; import java.io.IOException; import java.io.PrintStream; @@ -72,17 +81,6 @@ import java.util.Map; import java.util.logging.Level; import java.util.logging.Logger; - -import jenkins.model.Jenkins; - -import jenkins.tasks.SimpleBuildStep; -import org.acegisecurity.GrantedAuthority; -import org.acegisecurity.providers.UsernamePasswordAuthenticationToken; -import org.jenkinsci.Symbol; -import org.kohsuke.stapler.AncestorInPath; -import org.kohsuke.stapler.DataBoundConstructor; -import org.kohsuke.stapler.QueryParameter; - import javax.annotation.Nonnull; /** diff --git a/src/main/java/hudson/plugins/s3/S3Profile.java b/src/main/java/hudson/plugins/s3/S3Profile.java index 9a3d1fa7..84485f6a 100644 --- a/src/main/java/hudson/plugins/s3/S3Profile.java +++ b/src/main/java/hudson/plugins/s3/S3Profile.java @@ -1,35 +1,33 @@ package hudson.plugins.s3; -import hudson.FilePath; - -import java.io.IOException; -import java.util.ArrayList; -import java.util.List; -import java.util.Map; -import java.util.concurrent.Callable; -import java.util.concurrent.TimeUnit; +import com.google.common.collect.Lists; +import com.amazonaws.services.s3.AmazonS3; +import com.amazonaws.services.s3.model.DeleteObjectRequest; +import com.amazonaws.services.s3.model.GetObjectRequest; +import com.amazonaws.services.s3.model.ListObjectsRequest; +import com.amazonaws.services.s3.model.ObjectListing; +import com.amazonaws.services.s3.model.S3ObjectSummary; +import org.apache.commons.io.FilenameUtils; +import org.kohsuke.stapler.DataBoundConstructor; +import hudson.FilePath; import hudson.ProxyConfiguration; +import hudson.model.Run; import hudson.plugins.s3.callable.MasterSlaveCallable; import hudson.plugins.s3.callable.S3CleanupUploadCallable; import hudson.plugins.s3.callable.S3DownloadCallable; import hudson.plugins.s3.callable.S3GzipCallable; import hudson.plugins.s3.callable.S3UploadCallable; import hudson.plugins.s3.callable.S3WaitUploadCallable; +import hudson.util.Secret; import jenkins.model.Jenkins; -import org.apache.commons.io.FilenameUtils; -import org.kohsuke.stapler.DataBoundConstructor; - -import com.amazonaws.services.s3.AmazonS3Client; -import com.amazonaws.services.s3.model.DeleteObjectRequest; -import com.amazonaws.services.s3.model.GetObjectRequest; -import com.amazonaws.services.s3.model.ListObjectsRequest; -import com.amazonaws.services.s3.model.ObjectListing; -import com.amazonaws.services.s3.model.S3ObjectSummary; -import com.google.common.collect.Lists; -import hudson.model.Run; -import hudson.util.Secret; +import java.io.IOException; +import java.util.ArrayList; +import java.util.List; +import java.util.Map; +import java.util.concurrent.Callable; +import java.util.concurrent.TimeUnit; public class S3Profile { private final String name; @@ -42,12 +40,14 @@ public class S3Profile { private final boolean keepStructure; private final boolean useRole; + private final String assumeRole; private final int signedUrlExpirySeconds; @DataBoundConstructor - public S3Profile(String name, String accessKey, String secretKey, boolean useRole, int signedUrlExpirySeconds, String maxUploadRetries, String uploadRetryTime, String maxDownloadRetries, String downloadRetryTime, boolean keepStructure) { + public S3Profile(String name, String accessKey, String secretKey, boolean useRole, String assumeRole, int signedUrlExpirySeconds, String maxUploadRetries, String uploadRetryTime, String maxDownloadRetries, String downloadRetryTime, boolean keepStructure) { this.name = name; this.useRole = useRole; + this.assumeRole = assumeRole; this.maxUploadRetries = parseWithDefault(maxUploadRetries, 5); this.uploadRetryTime = parseWithDefault(uploadRetryTime, 5); this.maxDownloadRetries = parseWithDefault(maxDownloadRetries, 5); @@ -108,6 +108,10 @@ public final boolean getUseRole() { return this.useRole; } + public final String getAssumeRole() { + return assumeRole; + } + public boolean isUseRole() { return useRole; } @@ -116,8 +120,8 @@ public int getSignedUrlExpirySeconds() { return signedUrlExpirySeconds; } - public AmazonS3Client getClient(String region) { - return ClientHelper.createClient(accessKey, Secret.toString(secretKey), useRole, region, getProxy()); + public AmazonS3 getClient(String region) { + return ClientHelper.createClient(accessKey, Secret.toString(secretKey), useRole, assumeRole, region, getProxy()); } public List upload(Run run, @@ -150,10 +154,10 @@ public List upload(Run run, final MasterSlaveCallable upload; if (gzipFiles) { - upload = new S3GzipCallable(accessKey, secretKey, useRole, dest, userMetadata, - storageClass, selregion, useServerSideEncryption, getProxy()); + upload = new S3GzipCallable(accessKey, secretKey, useRole, assumeRole, dest, + userMetadata, storageClass, selregion, useServerSideEncryption, getProxy()); } else { - upload = new S3UploadCallable(accessKey, secretKey, useRole, dest, userMetadata, + upload = new S3UploadCallable(accessKey, secretKey, useRole, assumeRole, dest, userMetadata, storageClass, selregion, useServerSideEncryption, getProxy()); } @@ -202,7 +206,7 @@ private T invoke(boolean uploadFromSlave, FilePath filePath, MasterSlaveCall } public List list(Run build, String bucket) { - final AmazonS3Client s3client = getClient(ClientHelper.DEFAULT_AMAZON_S3_REGION_NAME); + final AmazonS3 s3client = getClient(ClientHelper.DEFAULT_AMAZON_S3_REGION_NAME); final String buildName = build.getDisplayName(); final int buildID = build.getNumber(); @@ -246,7 +250,7 @@ public List downloadAll(Run build, fingerprints.add(repeat(maxDownloadRetries, downloadRetryTime, dest, new Callable() { @Override public FingerprintRecord call() throws IOException, InterruptedException { - final String md5 = target.act(new S3DownloadCallable(accessKey, secretKey, useRole, dest, artifact.getRegion(), getProxy())); + final String md5 = target.act(new S3DownloadCallable(accessKey, secretKey, useRole, assumeRole, dest, artifact.getRegion(), getProxy())); return new FingerprintRecord(true, dest.bucketName, target.getName(), artifact.getRegion(), md5); } })); @@ -286,7 +290,7 @@ private FilePath getFilePath(FilePath targetDir, boolean flatten, String fullNam public void delete(Run run, FingerprintRecord record) { final Destination dest = Destination.newFromRun(run, record.getArtifact()); final DeleteObjectRequest req = new DeleteObjectRequest(dest.bucketName, dest.objectName); - final AmazonS3Client client = getClient(record.getArtifact().getRegion()); + final AmazonS3 client = getClient(record.getArtifact().getRegion()); client.deleteObject(req); } diff --git a/src/main/java/hudson/plugins/s3/callable/S3BaseUploadCallable.java b/src/main/java/hudson/plugins/s3/callable/S3BaseUploadCallable.java index 76e72cc5..7cde64f2 100644 --- a/src/main/java/hudson/plugins/s3/callable/S3BaseUploadCallable.java +++ b/src/main/java/hudson/plugins/s3/callable/S3BaseUploadCallable.java @@ -24,9 +24,9 @@ public abstract class S3BaseUploadCallable extends S3Callable { public S3BaseUploadCallable(String accessKey, Secret secretKey, boolean useRole, - Destination dest, Map userMetadata, String storageClass, String selregion, + String assumeRole, Destination dest, Map userMetadata, String storageClass, String selregion, boolean useServerSideEncryption, ProxyConfiguration proxy) { - super(accessKey, secretKey, useRole, selregion, proxy); + super(accessKey, secretKey, useRole, assumeRole, selregion, proxy); this.dest = dest; this.storageClass = storageClass; this.userMetadata = userMetadata; diff --git a/src/main/java/hudson/plugins/s3/callable/S3Callable.java b/src/main/java/hudson/plugins/s3/callable/S3Callable.java index 0916366a..e845ff2d 100644 --- a/src/main/java/hudson/plugins/s3/callable/S3Callable.java +++ b/src/main/java/hudson/plugins/s3/callable/S3Callable.java @@ -16,15 +16,17 @@ abstract class S3Callable implements FileCallable { private final String accessKey; private final Secret secretKey; private final boolean useRole; + private final String assumeRole; private final String region; private final ProxyConfiguration proxy; private static transient HashMap transferManagers = new HashMap<>(); - S3Callable(String accessKey, Secret secretKey, boolean useRole, String region, ProxyConfiguration proxy) { + S3Callable(String accessKey, Secret secretKey, boolean useRole, String assumeRole, String region, ProxyConfiguration proxy) { this.accessKey = accessKey; this.secretKey = secretKey; this.useRole = useRole; + this.assumeRole = assumeRole; this.region = region; this.proxy = proxy; } @@ -32,7 +34,7 @@ abstract class S3Callable implements FileCallable { protected synchronized TransferManager getTransferManager() { final String uniqueKey = getUniqueKey(); if (transferManagers.get(uniqueKey) == null) { - final AmazonS3 client = ClientHelper.createClient(accessKey, Secret.toString(secretKey), useRole, region, proxy); + final AmazonS3 client = ClientHelper.createClient(accessKey, Secret.toString(secretKey), useRole, assumeRole, region, proxy); transferManagers.put(uniqueKey, new TransferManager(client)); } @@ -45,6 +47,6 @@ public void checkRoles(RoleChecker roleChecker) throws SecurityException { } private String getUniqueKey() { - return region + '_' + secretKey + '_' + accessKey + '_' + useRole; + return region + '_' + secretKey + '_' + accessKey + '_' + useRole + '_' + assumeRole; } -} \ No newline at end of file +} diff --git a/src/main/java/hudson/plugins/s3/callable/S3DownloadCallable.java b/src/main/java/hudson/plugins/s3/callable/S3DownloadCallable.java index 82964882..4619e3e6 100644 --- a/src/main/java/hudson/plugins/s3/callable/S3DownloadCallable.java +++ b/src/main/java/hudson/plugins/s3/callable/S3DownloadCallable.java @@ -16,9 +16,9 @@ public final class S3DownloadCallable extends S3Callable private static final long serialVersionUID = 1L; private final Destination dest; - public S3DownloadCallable(String accessKey, Secret secretKey, boolean useRole, Destination dest, String region, ProxyConfiguration proxy) + public S3DownloadCallable(String accessKey, Secret secretKey, boolean useRole, String assumeRole, Destination dest, String region, ProxyConfiguration proxy) { - super(accessKey, secretKey, useRole, region, proxy); + super(accessKey, secretKey, useRole, assumeRole, region, proxy); this.dest = dest; } diff --git a/src/main/java/hudson/plugins/s3/callable/S3GzipCallable.java b/src/main/java/hudson/plugins/s3/callable/S3GzipCallable.java index 39ede386..b2dac036 100644 --- a/src/main/java/hudson/plugins/s3/callable/S3GzipCallable.java +++ b/src/main/java/hudson/plugins/s3/callable/S3GzipCallable.java @@ -23,8 +23,8 @@ import java.util.zip.GZIPOutputStream; public final class S3GzipCallable extends S3BaseUploadCallable implements MasterSlaveCallable { - public S3GzipCallable(String accessKey, Secret secretKey, boolean useRole, Destination dest, Map userMetadata, String storageClass, String selregion, boolean useServerSideEncryption, ProxyConfiguration proxy) { - super(accessKey, secretKey, useRole, dest, userMetadata, storageClass, selregion, useServerSideEncryption, proxy); + public S3GzipCallable(String accessKey, Secret secretKey, boolean useRole, String assumeRole, Destination dest, Map userMetadata, String storageClass, String selregion, boolean useServerSideEncryption, ProxyConfiguration proxy) { + super(accessKey, secretKey, useRole, assumeRole, dest, userMetadata, storageClass, selregion, useServerSideEncryption, proxy); } // Return a File containing the gzipped contents of the input file. diff --git a/src/main/java/hudson/plugins/s3/callable/S3UploadCallable.java b/src/main/java/hudson/plugins/s3/callable/S3UploadCallable.java index 064aea57..3339c32e 100644 --- a/src/main/java/hudson/plugins/s3/callable/S3UploadCallable.java +++ b/src/main/java/hudson/plugins/s3/callable/S3UploadCallable.java @@ -14,8 +14,8 @@ public final class S3UploadCallable extends S3BaseUploadCallable implements MasterSlaveCallable { private static final long serialVersionUID = 1L; - public S3UploadCallable(String accessKey, Secret secretKey, boolean useRole, Destination dest, Map userMetadata, String storageClass, String selregion, boolean useServerSideEncryption, ProxyConfiguration proxy) { - super(accessKey, secretKey, useRole, dest, userMetadata, storageClass, selregion, useServerSideEncryption, proxy); + public S3UploadCallable(String accessKey, Secret secretKey, boolean useRole, String assumeRole, Destination dest, Map userMetadata, String storageClass, String selregion, boolean useServerSideEncryption, ProxyConfiguration proxy) { + super(accessKey, secretKey, useRole, assumeRole, dest, userMetadata, storageClass, selregion, useServerSideEncryption, proxy); } /** @@ -29,4 +29,4 @@ public String invoke(FilePath file) throws IOException, InterruptedException { return MD5.generateFromFile(file); } -} \ No newline at end of file +} diff --git a/src/main/resources/hudson/plugins/s3/S3BucketPublisher/global.jelly b/src/main/resources/hudson/plugins/s3/S3BucketPublisher/global.jelly index 5e4c61d9..12cbf800 100644 --- a/src/main/resources/hudson/plugins/s3/S3BucketPublisher/global.jelly +++ b/src/main/resources/hudson/plugins/s3/S3BucketPublisher/global.jelly @@ -11,6 +11,9 @@ + + + @@ -19,7 +22,7 @@ + method="loginCheck" with="name,useRole,accessKey,secretKey,assumeRole" /> diff --git a/src/main/webapp/help-assumeRole.html b/src/main/webapp/help-assumeRole.html new file mode 100644 index 00000000..ddb0abb3 --- /dev/null +++ b/src/main/webapp/help-assumeRole.html @@ -0,0 +1 @@ +
If this field is set, when doing any S3 operations the Jenkins master will try to assume the role given. This overrides using an IAM role or Access Key/Secret Key
diff --git a/src/test/java/hudson/plugins/s3/FileHelperTest.java b/src/test/java/hudson/plugins/s3/FileHelperTest.java index 091e2f72..91dda08c 100644 --- a/src/test/java/hudson/plugins/s3/FileHelperTest.java +++ b/src/test/java/hudson/plugins/s3/FileHelperTest.java @@ -1,11 +1,11 @@ package hudson.plugins.s3; -import org.junit.Test; - import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; +import org.junit.Test; + public class FileHelperTest { @Test public void testSelectedWithAsterisk() throws Exception { @@ -137,4 +137,4 @@ public void testGetStartIndexWithAsteriskInsideButKeepStructure() throws Excepti int startIndex = FileHelper.getSearchPathLength(workspace, folder, true); assertEquals(shouldBeCut.length(), startIndex); } -} \ No newline at end of file +} diff --git a/src/test/java/hudson/plugins/s3/FingerprintRecordTest.java b/src/test/java/hudson/plugins/s3/FingerprintRecordTest.java index 603dcd37..df673c9d 100644 --- a/src/test/java/hudson/plugins/s3/FingerprintRecordTest.java +++ b/src/test/java/hudson/plugins/s3/FingerprintRecordTest.java @@ -1,12 +1,12 @@ package hudson.plugins.s3; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNotEquals; + import org.junit.Test; import java.net.URLDecoder; -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertNotEquals; - public class FingerprintRecordTest { @Test @@ -25,4 +25,4 @@ public void testGetLinkFromUnixPath() throws Exception { FingerprintRecord unixRecord = new FingerprintRecord(true, "test", unixPath, "us-eat-1", "xxxx"); assertEquals("should match file name", unixPath, unixRecord.getLink()); } -} \ No newline at end of file +} diff --git a/src/test/java/hudson/plugins/s3/S3BucketPublisherTest.java b/src/test/java/hudson/plugins/s3/S3BucketPublisherTest.java index b634120c..9c921d4f 100644 --- a/src/test/java/hudson/plugins/s3/S3BucketPublisherTest.java +++ b/src/test/java/hudson/plugins/s3/S3BucketPublisherTest.java @@ -3,14 +3,14 @@ import com.gargoylesoftware.htmlunit.HttpMethod; import com.gargoylesoftware.htmlunit.WebRequest; import com.gargoylesoftware.htmlunit.util.UrlUtils; -import hudson.model.Item; -import hudson.security.SecurityRealm; -import jenkins.model.Jenkins; import org.junit.Assert; import org.junit.Rule; import org.junit.Test; import org.jvnet.hudson.test.JenkinsRule; import org.jvnet.hudson.test.MockAuthorizationStrategy; +import hudson.model.Item; +import hudson.security.SecurityRealm; +import jenkins.model.Jenkins; public class S3BucketPublisherTest { @Rule diff --git a/src/test/java/hudson/plugins/s3/S3Test.java b/src/test/java/hudson/plugins/s3/S3Test.java index 3c5038c2..d0fcf01b 100644 --- a/src/test/java/hudson/plugins/s3/S3Test.java +++ b/src/test/java/hudson/plugins/s3/S3Test.java @@ -1,8 +1,17 @@ package hudson.plugins.s3; +import static com.google.common.collect.Iterables.filter; +import static com.google.common.collect.Iterables.toArray; +import static com.google.common.collect.Lists.newArrayList; +import static org.junit.Assert.assertEquals; + import com.gargoylesoftware.htmlunit.WebAssert; import com.gargoylesoftware.htmlunit.html.HtmlPage; +import org.junit.Rule; +import org.junit.Test; +import org.jvnet.hudson.test.JenkinsRule; +import org.mockito.Mockito; import hudson.Functions; import hudson.model.Action; import hudson.model.FreeStyleBuild; @@ -16,20 +25,11 @@ import hudson.tasks.Fingerprinter.FingerprintAction; import hudson.tasks.Shell; import jenkins.model.Jenkins; -import org.junit.Rule; -import org.junit.Test; -import org.jvnet.hudson.test.JenkinsRule; -import org.mockito.Mockito; import java.io.IOException; import java.util.Collections; import java.util.List; -import static com.google.common.collect.Iterables.filter; -import static com.google.common.collect.Iterables.toArray; -import static com.google.common.collect.Lists.newArrayList; -import static org.junit.Assert.assertEquals; - public class S3Test { @Rule public JenkinsRule j = new JenkinsRule(); @@ -42,7 +42,7 @@ public void testConfigExists() throws Exception { @Test public void testConfigContainsProfiles() throws Exception { - final S3Profile profile = new S3Profile("S3 profile random name", null, null, true, 0, "0", "0", "0", "0", true); + final S3Profile profile = new S3Profile("S3 profile random name", null, null, true, null, 0, "0", "0", "0", "0", true); replaceS3PluginProfile(profile);