Class GitHubAppCredentials
java.lang.Object
com.cloudbees.plugins.credentials.BaseCredentials
com.cloudbees.plugins.credentials.impl.BaseStandardCredentials
org.jenkinsci.plugins.github_branch_source.GitHubAppCredentials
- All Implemented Interfaces:
com.cloudbees.plugins.credentials.common.IdCredentials
,com.cloudbees.plugins.credentials.common.PasswordCredentials
,com.cloudbees.plugins.credentials.common.StandardCredentials
,com.cloudbees.plugins.credentials.common.StandardUsernameCredentials
,com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials
,com.cloudbees.plugins.credentials.common.UsernameCredentials
,com.cloudbees.plugins.credentials.common.UsernamePasswordCredentials
,com.cloudbees.plugins.credentials.Credentials
,ExtensionPoint
,Describable<com.cloudbees.plugins.credentials.Credentials>
,Serializable
public class GitHubAppCredentials
extends com.cloudbees.plugins.credentials.impl.BaseStandardCredentials
implements com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials
- See Also:
-
Nested Class Summary
Nested ClassesNested classes/interfaces inherited from class com.cloudbees.plugins.credentials.impl.BaseStandardCredentials
com.cloudbees.plugins.credentials.impl.BaseStandardCredentials.BaseStandardCredentialsDescriptor
Nested classes/interfaces inherited from interface hudson.ExtensionPoint
ExtensionPoint.LegacyInstancesAreScopedToHudson
Nested classes/interfaces inherited from interface com.cloudbees.plugins.credentials.common.IdCredentials
com.cloudbees.plugins.credentials.common.IdCredentials.Helpers
Nested classes/interfaces inherited from interface com.cloudbees.plugins.credentials.common.StandardCredentials
com.cloudbees.plugins.credentials.common.StandardCredentials.NameProvider
Nested classes/interfaces inherited from interface com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials
com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials.NameProvider
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic boolean
Controls whetherGithubProjectProperty
is considered byforRun(hudson.model.Run<?, ?>)
for Pipeline builds. -
Constructor Summary
ConstructorsConstructorDescriptionGitHubAppCredentials
(com.cloudbees.plugins.credentials.CredentialsScope scope, String id, String description, String appID, Secret privateKey) -
Method Summary
Modifier and TypeMethodDescriptioncontextualize
(GitHubAppUsageContext context) com.cloudbees.plugins.credentials.Credentials
getAppID()
getOwner()
Deprecated.boolean
void
void
void
Do not call this method, usesetRepositoryAccessStrategy(org.jenkinsci.plugins.github_branch_source.app_credentials.RepositoryAccessStrategy)
instead.void
protected Object
Ensures that the credentials state as serialized via Remoting to an agent calls back to the controller.Methods inherited from class com.cloudbees.plugins.credentials.impl.BaseStandardCredentials
equals, getDescription, getId, hashCode
Methods inherited from class com.cloudbees.plugins.credentials.BaseCredentials
getDescriptor, getScope
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface com.cloudbees.plugins.credentials.Credentials
getDescriptor, getScope
Methods inherited from interface com.cloudbees.plugins.credentials.common.IdCredentials
getId
Methods inherited from interface com.cloudbees.plugins.credentials.common.StandardCredentials
getDescription
-
Field Details
-
ALLOW_UNSAFE_REPOSITORY_INFERENCE
public static boolean ALLOW_UNSAFE_REPOSITORY_INFERENCEControls whetherGithubProjectProperty
is considered byforRun(hudson.model.Run<?, ?>)
for Pipeline builds.RepositoryAccessStrategy
is intended to prevent users with the ability to edit a Jenkinsfile in a single repository from being able to use GitHub app credentials available to that Pipeline to access other repositories. The existence of theproperties
step means that job properties may not be trusted for Pipeline repository inference.
-
-
Constructor Details
-
GitHubAppCredentials
-
-
Method Details
-
getApiUri
-
setApiUri
-
getAppID
-
getPrivateKey
-
getOwner
Deprecated. -
setOwner
Do not call this method, usesetRepositoryAccessStrategy(org.jenkinsci.plugins.github_branch_source.app_credentials.RepositoryAccessStrategy)
instead. -
getRepositoryAccessStrategy
-
setRepositoryAccessStrategy
@DataBoundSetter public void setRepositoryAccessStrategy(@NonNull RepositoryAccessStrategy strategy) -
getDefaultPermissionsStrategy
-
setDefaultPermissionsStrategy
@DataBoundSetter public void setDefaultPermissionsStrategy(@NonNull DefaultPermissionsStrategy strategy) -
getPassword
- Specified by:
getPassword
in interfacecom.cloudbees.plugins.credentials.common.PasswordCredentials
-
getUsername
- Specified by:
getUsername
in interfacecom.cloudbees.plugins.credentials.common.UsernameCredentials
-
isUsernameSecret
public boolean isUsernameSecret()- Specified by:
isUsernameSecret
in interfacecom.cloudbees.plugins.credentials.common.UsernameCredentials
-
contextualize
-
forRun
- Specified by:
forRun
in interfacecom.cloudbees.plugins.credentials.Credentials
-
writeReplace
Ensures that the credentials state as serialized via Remoting to an agent calls back to the controller. Benefits:- The token is cached locally and used until it is stale.
- The agent never needs to have access to the plaintext private key.
- We avoid the considerable amount of class loading associated with the JWT library, Jackson data binding, Bouncy Castle, etc.
- The agent need not be able to contact GitHub.
-
getRepositoryAccessStrategy()
.