Package com.cloudbees.plugins.credentials

Class CredentialsProvider

java.lang.Object
hudson.model.Descriptor<CredentialsProvider>
com.cloudbees.plugins.credentials.CredentialsProvider
All Implemented Interfaces:
ExtensionPoint, Describable<CredentialsProvider>, Saveable, Loadable, OnMaster, IconSpec
Direct Known Subclasses:
SystemCredentialsProvider.ProviderImpl, UserCredentialsProvider
public abstract class CredentialsProvider extends Descriptor<CredentialsProvider> implements ExtensionPoint, Describable<CredentialsProvider>, IconSpec
An extension point for providing Credentials.

  • Field Details

    • NONE

      public static final CredentialsProvider NONE
      A CredentialsProvider that does nothing for use as a marker
      Since:
      2.1.1

    • GROUP

      public static final PermissionGroup GROUP
      The permission group for credentials.
      Since:
      1.8

    • USE_OWN

      public static final Permission USE_OWN
      Where an immediate action against a job requires that a credential be selected by the user triggering the action, this permission allows the user to select a credential from their private credential store. Immediate actions could include: building with parameters, tagging a build, deploying artifacts, etc.
      Since:
      1.16

    • USE_ITEM

      public static final Permission USE_ITEM
      Where an immediate action against a job requires that a credential be selected by the user triggering the action, this permission allows the user to select a credential from those credentials available within the scope of the job. Immediate actions could include: building with parameters, tagging a build, deploying artifacts, etc. This permission is implied by Item.CONFIGURE as anyone who can configure the job can configure the job to use credentials within the item scope anyway.
      Since:
      1.16

    • CREATE

      public static final Permission CREATE
      The permission for adding credentials to a CredentialsStore.
      Since:
      1.8

    • UPDATE

      public static final Permission UPDATE
      The permission for updating credentials in a CredentialsStore.
      Since:
      1.8

    • VIEW

      public static final Permission VIEW
      The permission for viewing credentials in a CredentialsStore.
      Since:
      1.8

    • DELETE

      public static final Permission DELETE
      The permission for removing credentials from a CredentialsStore.
      Since:
      1.8

    • MANAGE_DOMAINS

      public static final Permission MANAGE_DOMAINS
      The permission for managing credential domains in a CredentialsStore.
      Since:
      1.8

  • Constructor Details

    • CredentialsProvider

      public CredentialsProvider()
      Default constructor.

  • Method Details

    • allCredentialsDescriptors

      public static DescriptorExtensionList<Credentials,CredentialsDescriptor> allCredentialsDescriptors()
      Returns all the registered Credentials descriptors.
      Returns:
      all the registered Credentials descriptors.

    • lookupCredentials

      @Deprecated @NonNull public static <C extends Credentials> List<C> lookupCredentials(@NonNull Class<C> type)
      Deprecated.
      use lookupCredentialsInItem(Class, Item, Authentication, List) or lookupCredentialsInItemGroup(Class, ItemGroup, Authentication, List)

    • lookupCredentials

      @Deprecated @NonNull public static <C extends Credentials> List<C> lookupCredentials(@NonNull Class<C> type, @Nullable Authentication authentication)
      Deprecated.
      use lookupCredentialsInItem(Class, Item, Authentication, List), lookupCredentialsInItemGroup(Class, ItemGroup, Authentication, List)

    • lookupCredentials

      @Deprecated @NonNull public static <C extends Credentials> List<C> lookupCredentials(@NonNull Class<C> type, @Nullable Item item)
      Deprecated.
      use lookupCredentialsInItem(Class, Item, Authentication, List) instead.

    • lookupCredentials

      @Deprecated @NonNull public static <C extends Credentials> List<C> lookupCredentials(@NonNull Class<C> type, @Nullable ItemGroup itemGroup)
      Deprecated.
      use lookupCredentialsInItemGroup(Class, ItemGroup, Authentication, List) instead.

    • lookupCredentials

      @Deprecated @NonNull public static <C extends Credentials> List<C> lookupCredentials(@NonNull Class<C> type, @Nullable ItemGroup itemGroup, @Nullable Authentication authentication)
      Deprecated.
      use lookupCredentialsInItemGroup(Class, ItemGroup, Authentication) instead.

    • lookupCredentials

      @Deprecated @NonNull public static <C extends Credentials> List<C> lookupCredentials(@NonNull Class<C> type, @Nullable Item item, @Nullable Authentication authentication)
      Deprecated.
      use lookupCredentialsInItem(Class, Item, Authentication) instead.

    • lookupCredentials

      @Deprecated @NonNull public static <C extends Credentials> List<C> lookupCredentials(@NonNull Class<C> type, @Nullable ItemGroup itemGroup, @Nullable Authentication authentication, @Nullable DomainRequirement... domainRequirements)
      Deprecated.
      Use lookupCredentialsInItemGroup(Class, ItemGroup, Authentication) or lookupCredentialsInItemGroup(Class, ItemGroup, Authentication, List).

    • lookupCredentialsInItemGroup

      @NonNull public static <C extends Credentials> List<C> lookupCredentialsInItemGroup(@NonNull Class<C> type, @Nullable ItemGroup itemGroup, @Nullable org.springframework.security.core.Authentication authentication)
      Returns all credentials which are available to the specified Authentication for use by the Items in the specified ItemGroup.
      Type Parameters:
      C - the credentials type.
      Parameters:
      type - the type of credentials to get.
      itemGroup - the item group.
      authentication - the authentication.
      Returns:
      the list of credentials.
      Since:
      TODO

    • lookupCredentials

      @NonNull @Deprecated public static <C extends Credentials> List<C> lookupCredentials(@NonNull Class<C> type, @Nullable ItemGroup itemGroup, @Nullable Authentication authentication, @Nullable List<DomainRequirement> domainRequirements)
      Deprecated.
      Use lookupCredentialsInItemGroup(Class, ItemGroup, Authentication, List) instead.

    • lookupCredentialsInItemGroup

      @NonNull public static <C extends Credentials> List<C> lookupCredentialsInItemGroup(@NonNull Class<C> type, @Nullable ItemGroup itemGroup, @Nullable org.springframework.security.core.Authentication authentication, @Nullable List<DomainRequirement> domainRequirements)
      Returns all credentials which are available to the specified Authentication for use by the Items in the specified ItemGroup.
      Type Parameters:
      C - the credentials type.
      Parameters:
      type - the type of credentials to get.
      itemGroup - the item group.
      authentication - the authentication.
      domainRequirements - the credential domains to match.
      Returns:
      the list of credentials.
      Since:
      TODO

    • listCredentials

      @Deprecated public static <C extends IdCredentials> ListBoxModel listCredentials(@NonNull Class<C> type, @Nullable ItemGroup itemGroup, @Nullable Authentication authentication, @Nullable List<DomainRequirement> domainRequirements, @Nullable CredentialsMatcher matcher)
      Deprecated.
      Use listCredentialsInItemGroup(Class, ItemGroup, Authentication, List, CredentialsMatcher) instead.

    • listCredentialsInItemGroup

      public static <C extends IdCredentials> ListBoxModel listCredentialsInItemGroup(@NonNull Class<C> type, @Nullable ItemGroup itemGroup, @Nullable org.springframework.security.core.Authentication authentication, @Nullable List<DomainRequirement> domainRequirements, @Nullable CredentialsMatcher matcher)
      Returns a ListBoxModel of all credentials which are available to the specified Authentication for use by the Items in the specified ItemGroup.
      Type Parameters:
      C - the credentials type.
      Parameters:
      type - the type of credentials to get.
      authentication - the authentication.
      itemGroup - the item group.
      domainRequirements - the credential domains to match.
      matcher - the additional filtering to apply to the credentials
      Returns:
      the ListBoxModel of IdCredentials.getId() with the corresponding display names as provided by CredentialsNameProvider.
      Since:
      TODO

    • lookupCredentials

      @Deprecated @NonNull public static <C extends Credentials> List<C> lookupCredentials(@NonNull Class<C> type, @Nullable Item item, @Nullable Authentication authentication, DomainRequirement... domainRequirements)
      Deprecated.
      use lookupCredentialsInItem(Class, Item, Authentication) or lookupCredentialsInItem(Class, Item, Authentication, List).

    • lookupCredentialsInItem

      @NonNull public static <C extends Credentials> List<C> lookupCredentialsInItem(@NonNull Class<C> type, @Nullable Item item, @Nullable org.springframework.security.core.Authentication authentication)
      Returns all credentials which are available to the specified Authentication for use by the specified Item.
      Type Parameters:
      C - the credentials type.
      Parameters:
      type - the type of credentials to get.
      authentication - the authentication.
      item - the item.
      Returns:
      the list of credentials.
      Since:
      TODO

    • lookupCredentials

      @NonNull @Deprecated public static <C extends Credentials> List<C> lookupCredentials(@NonNull Class<C> type, @Nullable Item item, @Nullable Authentication authentication, @Nullable List<DomainRequirement> domainRequirements)
      Deprecated.
      use lookupCredentialsInItem(Class, Item, Authentication, List)

    • lookupCredentialsInItem

      @NonNull public static <C extends Credentials> List<C> lookupCredentialsInItem(@NonNull Class<C> type, @Nullable Item item, @Nullable org.springframework.security.core.Authentication authentication, @Nullable List<DomainRequirement> domainRequirements)
      Returns all credentials which are available to the specified Authentication for use by the specified Item.
      Type Parameters:
      C - the credentials type.
      Parameters:
      type - the type of credentials to get.
      authentication - the authentication.
      item - the item.
      domainRequirements - the credential domains to match.
      Returns:
      the list of credentials.
      Since:
      TODO

    • listCredentials

      @NonNull @Deprecated public static <C extends IdCredentials> ListBoxModel listCredentials(@NonNull Class<C> type, @Nullable Item item, @Nullable Authentication authentication, @Nullable List<DomainRequirement> domainRequirements, @Nullable CredentialsMatcher matcher)
      Deprecated.
      Use listCredentialsInItem(Class, Item, Authentication, List, CredentialsMatcher) instead.

    • listCredentialsInItem

      @NonNull public static <C extends IdCredentials> ListBoxModel listCredentialsInItem(@NonNull Class<C> type, @Nullable Item item, @Nullable org.springframework.security.core.Authentication authentication, @Nullable List<DomainRequirement> domainRequirements, @Nullable CredentialsMatcher matcher)
      Returns a ListBoxModel of all credentials which are available to the specified Authentication for use by the specified Item.
      Type Parameters:
      C - the credentials type.
      Parameters:
      type - the type of credentials to get.
      authentication - the authentication.
      item - the item.
      domainRequirements - the credential domains to match.
      matcher - the additional filtering to apply to the credentials
      Returns:
      the ListBoxModel of IdCredentials.getId() with the corresponding display names as provided by CredentialsNameProvider.
      Since:
      TODO

    • lookupScopes

      @CheckForNull public static Set<CredentialsScope> lookupScopes(ModelObject object)
      Returns the scopes allowed for credentials stored within the specified object or null if the object is not relevant for scopes and the object's container should be considered instead.
      Parameters:
      object - the object.
      Returns:
      the set of scopes that are relevant for the object or null if the object is not a credentials container.

    • hasStores

      public static boolean hasStores(ModelObject context)
      Tests if the supplied context has any credentials stores associated with it.
      Parameters:
      context - the context object.
      Returns:
      true if and only if the supplied context has at least one CredentialsStore associated with it.
      Since:
      2.1.5

    • lookupStores

      public static Iterable<CredentialsStore> lookupStores(ModelObject context)
      Returns a lazy Iterable of all the CredentialsStore instances contributing credentials to the supplied object.
      Parameters:
      context - the Item or ItemGroup or User to get the CredentialsStores of.
      Returns:
      a lazy Iterable of all CredentialsStore instances.
      Since:
      1.8

    • snapshot

      public static <C extends Credentials> C snapshot(C credential)
      Make a best effort to ensure that the supplied credential is a snapshot credential (i.e. self-contained and does not reference any external stores). WARNING: May produce unusual results if presented an exotic credential that implements multiple distinct credential types at the same time, e.g. a credential that is simultaneously a TLS certificate and a SSH key pair and a GPG key pair all at the same time... unless the author of that credential type also provides a CredentialsSnapshotTaker that can handle such a triple play.
      Type Parameters:
      C - the type of credential.
      Parameters:
      credential - the credential.
      Returns:
      the credential or a snapshot of the credential.
      Since:
      1.14

    • snapshot

      public static <C extends Credentials> C snapshot(Class<C> clazz, C credential)
      Make a best effort to ensure that the supplied credential is a snapshot credential (i.e. self-contained and does not reference any external stores)
      Type Parameters:
      C - the type of credential.
      Parameters:
      clazz - the type of credential that we are trying to snapshot (specified so that if there is more than one type of snapshot able credential interface implemented by the credentials, then they can be separated out.
      credential - the credential.
      Returns:
      the credential or a snapshot of the credential.
      Since:
      1.14

    • findCredentialById

      @CheckForNull public static <C extends IdCredentials> C findCredentialById(@NonNull String id, @NonNull Class<C> type, @NonNull Run<?,?> run)
      A common requirement for plugins is to resolve a specific credential by id in the context of a specific run. Given that the credential itself could be resulting from a build parameter expression and the complexities of determining the scope of items from which the credential should be resolved in a chain of builds, this method provides the correct answer.
      Type Parameters:
      C - the credentials type.
      Parameters:
      id - either the id of the credential to find or a parameter expression for the id.
      type - the type of credential to find.
      run - the Run defining the context within which to find the credential.
      Returns:
      the credential or null if either the credential cannot be found or the user triggering the run is not permitted to use the credential in the context of the run.
      Since:
      TODO

    • findCredentialById

      public static <C extends IdCredentials> C findCredentialById(@NonNull String id, @NonNull Class<C> type, @NonNull Run<?,?> run, DomainRequirement... domainRequirements)
      Deprecated.
      Use findCredentialById(String, Class, Run, List) instead.

    • findCredentialById

      @CheckForNull public static <C extends IdCredentials> C findCredentialById(@NonNull String id, @NonNull Class<C> type, @NonNull Run<?,?> run, @Nullable List<DomainRequirement> domainRequirements)
      A common requirement for plugins is to resolve a specific credential by id in the context of a specific run. Given that the credential itself could be resulting from a build parameter expression and the complexities of determining the scope of items from which the credential should be resolved in a chain of builds, this method provides the correct answer.
      Type Parameters:
      C - the credentials type.
      Parameters:
      id - either the id of the credential to find or a parameter expression for the id.
      type - the type of credential to find.
      run - the Run defining the context within which to find the credential.
      domainRequirements - the domain requirements of the credential.
      Returns:
      the credential or null if either the credential cannot be found or the user triggering the run is not permitted to use the credential in the context of the run.
      Since:
      1.16

    • all

      public static ExtensionList<CredentialsProvider> all()
      Returns the list of all CredentialsProvider.
      Returns:
      the list of all CredentialsProvider.

    • enabled

      public static List<CredentialsProvider> enabled()
      Returns only those CredentialsProvider that are isEnabled().
      Returns:
      a list of CredentialsProvider that are isEnabled().
      Since:
      2.0

    • enabled

      public static List<CredentialsProvider> enabled(Object context)
      Returns only those CredentialsProvider that are isEnabled() within a specific context.
      Parameters:
      context - the context in which to get the list.
      Returns:
      a list of CredentialsProvider that are isEnabled().
      Since:
      2.0

    • getDescriptor

      public Descriptor<CredentialsProvider> getDescriptor()
      Specified by:
      getDescriptor in interface Describable<CredentialsProvider>

    • isEnabled

      public final boolean isEnabled()
      Returns true if this CredentialsProvider is enabled.
      Returns:
      true if this CredentialsProvider is enabled.
      Since:
      2.0

    • isEnabled

      public boolean isEnabled(Object context)
      Returns true if this CredentialsProvider is enabled in the specified context.
      Parameters:
      context - the context.
      Returns:
      true if this CredentialsProvider is enabled in the specified context.
      Since:
      2.0

    • getDisplayName

      @NonNull public String getDisplayName()
      Overrides:
      getDisplayName in class Descriptor<CredentialsProvider>

    • getIconClassName

      public String getIconClassName()
      Specified by:
      getIconClassName in interface IconSpec

    • getScopes

      public Set<CredentialsScope> getScopes(ModelObject object)
      Returns the scopes allowed for credentials stored within the specified object or null if the object is not relevant for scopes and the object's container should be considered instead.
      Parameters:
      object - the object.
      Returns:
      the set of scopes that are relevant for the object or null if the object is not a credentials container.

    • getStore

      @CheckForNull public CredentialsStore getStore(@CheckForNull ModelObject object)
      Returns the CredentialsStore that this CredentialsProvider maintains specifically for this ModelObject or null if either the object is not a credentials container or this CredentialsProvider does not maintain a store specifically bound to this ModelObject.
      Parameters:
      object - the Item or ItemGroup or User that the store is being requested of.
      Returns:
      either null or a scoped CredentialsStore where CredentialsStore.getContext() == object.
      Since:
      1.8

    • getCredentials

      @NonNull @Deprecated public <C extends Credentials> List<C> getCredentials(@NonNull Class<C> type, @Nullable ItemGroup itemGroup, @Nullable Authentication authentication)
      Deprecated.
      use getCredentialsInItemGroup(Class, ItemGroup, Authentication, List) instead.

    • getCredentials

      @Deprecated @NonNull public <C extends Credentials> List<C> getCredentials(@NonNull Class<C> type, @Nullable ItemGroup itemGroup, @Nullable Authentication authentication, @NonNull List<DomainRequirement> domainRequirements)
      Deprecated.
      use getCredentialsInItemGroup(Class, ItemGroup, Authentication, List) instead.

    • getCredentialsInItemGroup

      @NonNull public <C extends Credentials> List<C> getCredentialsInItemGroup(@NonNull Class<C> type, @Nullable ItemGroup itemGroup, @Nullable org.springframework.security.core.Authentication authentication, @NonNull List<DomainRequirement> domainRequirements)
      Returns the credentials provided by this provider which are available to the specified Authentication for items in the specified ItemGroup and are appropriate for the specified .plugins.credentials.domains.DomainRequirements.
      Type Parameters:
      C - the credentials type.
      Parameters:
      type - the type of credentials to return.
      itemGroup - the item group (if null assume Jenkins.get().
      authentication - the authentication (if null assume ACL.SYSTEM2.
      domainRequirements - the credential domains to match (if the CredentialsProvider does not support DomainRequirements then it should assume the match is true).
      Returns:
      the list of credentials.
      Since:
      TODO

    • getCredentialIds

      @NonNull @Deprecated public <C extends IdCredentials> ListBoxModel getCredentialIds(@NonNull Class<C> type, @Nullable ItemGroup itemGroup, @Nullable Authentication authentication, @NonNull List<DomainRequirement> domainRequirements, @NonNull CredentialsMatcher matcher)
      Deprecated.
      Use getCredentialIdsInItemGroup(Class, ItemGroup, Authentication, List, CredentialsMatcher) instead.

    • getCredentialIdsInItemGroup

      @NonNull public <C extends IdCredentials> ListBoxModel getCredentialIdsInItemGroup(@NonNull Class<C> type, @Nullable ItemGroup itemGroup, @Nullable org.springframework.security.core.Authentication authentication, @NonNull List<DomainRequirement> domainRequirements, @NonNull CredentialsMatcher matcher)
      Returns a ListBoxModel of the credentials provided by this provider which are available to the specified Authentication for items in the specified ItemGroup and are appropriate for the specified DomainRequirements. NOTE: implementations are recommended to override this method if the actual secret information is being stored external from Jenkins and the non-secret information can be accessed with lesser traceability requirements. The default implementation just uses getCredentialsInItem(Class, Item, Authentication, List) to build the ListBoxModel. Handling the CredentialsMatcher may require standing up a proxy instance to apply the matcher against if CredentialsMatchers.describe(CredentialsMatcher) returns null
      Type Parameters:
      C - the credentials type.
      Parameters:
      type - the type of credentials to return.
      itemGroup - the item group (if null assume Jenkins.get().
      authentication - the authentication (if null assume ACL.SYSTEM2.
      domainRequirements - the credential domain to match.
      matcher - the additional filtering to apply to the credentials
      Returns:
      the ListBoxModel of IdCredentials.getId() with names provided by CredentialsNameProvider.
      Since:
      TODO

    • getCredentials

      @Deprecated @NonNull public <C extends Credentials> List<C> getCredentials(@NonNull Class<C> type, @NonNull Item item, @Nullable Authentication authentication)
      Deprecated.
      Use getCredentialsInItem(Class, Item, Authentication, List) instead.

    • getCredentials

      @Deprecated @NonNull public <C extends Credentials> List<C> getCredentials(@NonNull Class<C> type, @NonNull Item item, @Nullable Authentication authentication, @NonNull List<DomainRequirement> domainRequirements)
      Deprecated.
      Use getCredentialsInItem(Class, Item, Authentication, List) instead.

    • getCredentialsInItem

      @NonNull public <C extends Credentials> List<C> getCredentialsInItem(@NonNull Class<C> type, @NonNull Item item, @Nullable org.springframework.security.core.Authentication authentication, @NonNull List<DomainRequirement> domainRequirements)
      Returns the credentials provided by this provider which are available to the specified Authentication for the specified Item and are appropriate for the specified DomainRequirements.
      Type Parameters:
      C - the credentials type.
      Parameters:
      type - the type of credentials to return.
      item - the item.
      authentication - the authentication (if null assume ACL.SYSTEM2.
      domainRequirements - the credential domain to match.
      Returns:
      the list of credentials.
      Since:
      TODO

    • getCredentialIds

      @NonNull @Deprecated public <C extends IdCredentials> ListBoxModel getCredentialIds(@NonNull Class<C> type, @NonNull Item item, @Nullable Authentication authentication, @NonNull List<DomainRequirement> domainRequirements, @NonNull CredentialsMatcher matcher)
      Deprecated.
      Use getCredentialIdsInItem(Class, Item, Authentication, List, CredentialsMatcher) instead.

    • getCredentialIdsInItem

      @NonNull public <C extends IdCredentials> ListBoxModel getCredentialIdsInItem(@NonNull Class<C> type, @NonNull Item item, @Nullable org.springframework.security.core.Authentication authentication, @NonNull List<DomainRequirement> domainRequirements, @NonNull CredentialsMatcher matcher)
      Returns a ListBoxModel of the credentials provided by this provider which are available to the specified Authentication for the specified Item and are appropriate for the specified DomainRequirements. NOTE: implementations are recommended to override this method if the actual secret information is being stored external from Jenkins and the non-secret information can be accessed with lesser traceability requirements. The default implementation just uses getCredentialsInItem(Class, Item, Authentication, List) to build the ListBoxModel. Handling the CredentialsMatcher may require standing up a proxy instance to apply the matcher against.
      Type Parameters:
      C - the credentials type.
      Parameters:
      type - the type of credentials to return.
      item - the item.
      authentication - the authentication (if null assume ACL.SYSTEM2.
      domainRequirements - the credential domain to match.
      matcher - the additional filtering to apply to the credentials
      Returns:
      the ListBoxModel of IdCredentials.getId() with names provided by CredentialsNameProvider.
      Since:
      TODO

    • isApplicable

      public final boolean isApplicable(Class<? extends Credentials> clazz)
      Returns true if this CredentialsProvider can provide credentials of the supplied type.
      Parameters:
      clazz - the base type of Credentials to check.
      Returns:
      true if and only if there is at least one CredentialsDescriptor matching the required Credentials interface that isApplicable(Descriptor).
      Since:
      2.0

    • isApplicable

      public final boolean isApplicable(Descriptor<?> descriptor)
      Returns true if the supplied Descriptor is applicable to this CredentialsProvider.
      Parameters:
      descriptor - the Descriptor to check.
      Returns:
      true if and only if the supplied Descriptor is applicable in this CredentialsProvider.
      Since:
      2.0

    • _isApplicable

      protected boolean _isApplicable(Descriptor<?> descriptor)
      CredentialsProvider subtypes can override this method to veto some Descriptors from being available from their store. This is often useful when you are building a custom store that holds a specific type of credentials or where you want to limit the number of choices given to the users.
      Parameters:
      descriptor - the Descriptor to check.
      Returns:
      true if the supplied Descriptor is applicable in this CredentialsProvider
      Since:
      2.0

    • getCredentialsDescriptors

      public final List<CredentialsDescriptor> getCredentialsDescriptors()
      Returns the list of CredentialsDescriptor instances that are applicable within this CredentialsProvider.
      Returns:
      the list of CredentialsDescriptor instances that are applicable within this CredentialsProvider.
      Since:
      2.0

    • hasCredentialsDescriptors

      public final boolean hasCredentialsDescriptors()
      Checks if there is at least one CredentialsDescriptor applicable within this CredentialsProvider.
      Returns:
      true if and ony if there is at least one CredentialsDescriptor applicable within this CredentialsProvider.
      Since:
      2.0

    • getFingerprintOf

      @CheckForNull public static Fingerprint getFingerprintOf(@NonNull Credentials c) throws IOException
      Retrieves the Fingerprint for a specific credential.
      Parameters:
      c - the credential.
      Returns:
      the Fingerprint or null if the credential has no fingerprint associated with it.
      Throws:
      IOException - if the credential's fingerprint hash could not be computed.
      Since:
      2.1.1

    • getOrCreateFingerprintOf

      @NonNull public static Fingerprint getOrCreateFingerprintOf(@NonNull Credentials c) throws IOException
      Creates a fingerprint that can be used to track the usage of a specific credential.
      Parameters:
      c - the credential to fingerprint.
      Returns:
      the Fingerprint.
      Throws:
      IOException - if the credential's fingerprint hash could not be computed.
      Since:
      2.1.1

    • track

      @CheckForNull public static <C extends Credentials> C track(@NonNull Run build, @CheckForNull C credentials)
      Track the usage of credentials in a specific build.
      Type Parameters:
      C - the credentials type.
      Parameters:
      build - the run to tag the fingerprint
      credentials - the credentials to fingerprint.
      Returns:
      the supplied credentials for method chaining.
      Since:
      2.1.1

    • trackAll

      @SafeVarargs @NonNull public static <C extends Credentials> List<C> trackAll(@NonNull Run build, C... credentials)
      Track the usage of credentials in a specific build.
      Type Parameters:
      C - the credentials type.
      Parameters:
      build - the run to tag the fingerprint
      credentials - the credentials to fingerprint.
      Returns:
      the supplied credentials for method chaining.
      Since:
      2.1.1

    • trackAll

      @NonNull public static <C extends Credentials> List<C> trackAll(@NonNull Run build, @NonNull List<C> credentials)
      Track the usage of credentials in a specific build.
      Type Parameters:
      C - the credentials type.
      Parameters:
      build - the run to tag the fingerprint
      credentials - the credentials to fingerprint.
      Returns:
      the supplied credentials for method chaining.
      Since:
      2.1.1

    • track

      @CheckForNull public static <C extends Credentials> C track(@NonNull Node node, @CheckForNull C credentials)
      Track the usage of credentials in a specific node. Would be used for example when launching an agent.
      Type Parameters:
      C - the credentials type.
      Parameters:
      node - the node to tag the fingerprint
      credentials - the credentials to fingerprint.
      Returns:
      the supplied credentials for method chaining.
      Since:
      2.1.1

    • trackAll

      @SafeVarargs @NonNull public static <C extends Credentials> List<C> trackAll(@NonNull Node node, C... credentials)
      Track the usage of credentials in a specific node. Would be used for example when launching an agent.
      Type Parameters:
      C - the credentials type.
      Parameters:
      node - the node to tag the fingerprint
      credentials - the credentials to fingerprint.
      Returns:
      the supplied credentials for method chaining.
      Since:
      2.1.1

    • trackAll

      @NonNull public static <C extends Credentials> List<C> trackAll(@NonNull Node node, @NonNull List<C> credentials)
      Track the usage of credentials in a specific node. Would be used for example when launching an agent.
      Type Parameters:
      C - the credentials type.
      Parameters:
      node - the node to tag the fingerprint
      credentials - the credentials to fingerprint.
      Returns:
      the supplied credentials for method chaining.
      Since:
      2.1.1

    • track

      @CheckForNull public static <C extends Credentials> C track(@NonNull Item item, @CheckForNull C credentials)
      Track the usage of credentials in a specific item but not associated with a specific build, for example SCM polling.
      Type Parameters:
      C - the credentials type.
      Parameters:
      item - the item to tag the fingerprint against
      credentials - the credentials to fingerprint.
      Returns:
      the supplied credentials for method chaining.
      Since:
      2.1.1

    • trackAll

      @SafeVarargs @NonNull public static <C extends Credentials> List<C> trackAll(@NonNull Item item, C... credentials)
      Track the usage of credentials in a specific item but not associated with a specific build, for example SCM polling.
      Type Parameters:
      C - the credentials type.
      Parameters:
      item - the item to tag the fingerprint against
      credentials - the credentials to fingerprint.
      Returns:
      the supplied credentials for method chaining.
      Since:
      2.1.1

    • trackAll

      @NonNull public static <C extends Credentials> List<C> trackAll(@NonNull Item item, @NonNull List<C> credentials)
      Track the usage of credentials in a specific item but not associated with a specific build, for example SCM polling.
      Type Parameters:
      C - the credentials type.
      Parameters:
      item - the item to tag the fingerprint against
      credentials - the credentials to fingerprint.
      Returns:
      the supplied credentials for method chaining.
      Since:
      2.1.1

    • saveAll

      @Restricted(org.kohsuke.accmod.restrictions.DoNotUse.class) public static void saveAll()
      A helper method for Groovy Scripting to address use cases such as JENKINS-39317 where all credential stores need to be resaved. As this is a potentially very expensive operation the method has been marked DoNotUse in order to ensure that no plugin attempts to call this method. If invoking this method from an init.d Groovy script, ensure that the call is guarded by a marker file such that