Add secret variables expansion from CNode value

ziouf · ziouf · commit 2ba7033f719a · 2019-11-13T18:17:07.000+01:00
diff --git a/pom.xml b/pom.xml
@@ -58,7 +58,7 @@
         <dependency>
             <groupId>io.jenkins</groupId>
             <artifactId>configuration-as-code</artifactId>
-            <version>1.0</version>
+            <version>1.32</version>
         </dependency>
     </dependencies>
 </project>
diff --git a/src/main/java/io/jenkins/plugins/cascgroovy/GroovyScriptCaller.java b/src/main/java/io/jenkins/plugins/cascgroovy/GroovyScriptCaller.java
@@ -8,9 +8,11 @@
 import io.jenkins.plugins.casc.ConfigurationContext;
 import io.jenkins.plugins.casc.ConfiguratorException;
 import io.jenkins.plugins.casc.Configurator;
+import io.jenkins.plugins.casc.SecretSourceResolver;
 import io.jenkins.plugins.casc.RootElementConfigurator;
 import io.jenkins.plugins.casc.impl.attributes.MultivaluedAttribute;
 import io.jenkins.plugins.casc.model.CNode;
+import io.jenkins.plugins.casc.model.Mapping;
 import io.jenkins.plugins.casc.model.Sequence;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
@@ -24,13 +26,18 @@
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
+import java.util.Map;
+import java.util.HashMap;
 import java.util.Set;
 
+import static io.vavr.API.unchecked;
+import static io.vavr.API.Try;
+
 
 /**
  * @author <a href="mailto:tomasz.szandala@gmail.com">Tomasz Szandala</a>
  */
-@Extension(optional = true)
+@Extension(optional = true, ordinal = -50)
 @Restricted(NoExternalUse.class)
 public class GroovyScriptCaller implements RootElementConfigurator<Boolean[]> {
 
@@ -56,41 +63,36 @@ public Boolean[] getTargetComponent(ConfigurationContext context) {
 
     @Override
     public Boolean[] configure(CNode config, ConfigurationContext context) throws ConfiguratorException {
-        //JenkinsJobManagement mng = new JenkinsJobManagement(System.out, new EnvVars(), null, null, LookupStrategy.JENKINS_ROOT);
-        final Sequence sources = config.asSequence();
-        final Configurator<GroovyScriptSource> con = context.lookup(GroovyScriptSource.class);
-        List<Boolean> generated = new ArrayList<>();
-        for (CNode source : sources) {
-            final String script;
-            try {
-                script = con.configure(source, context).getScript();
-            } catch (IOException e) {
-                throw new ConfiguratorException(this, "Failed to retrieve Groovy script", e);
-            }
-            try {
-                //Binding binding = new Binding();
-                //binding.setVariable("foo", new Integer(2));
-                //GroovyShell shell = new GroovyShell();
-                //shell.evaluate(script);
-
-                Binding binding = new Binding();
-                //binding.setProperty("out",new PrintWriter(stdout,true));
-                //binding.setProperty("stdin",stdin);
-                //binding.setProperty("stdout",stdout);
-                //binding.setProperty("stderr",stderr);
-
-                GroovyShell groovy = new GroovyShell(Jenkins.getActiveInstance().getPluginManager().uberClassLoader, binding);
-                groovy.run(script, "Configuration-as-Code-Groovy", new ArrayList());
-
-                generated.add(true);
-
-            } catch (Exception ex) {
-                throw new ConfiguratorException(this, "Failed to execute script with hash " + script.hashCode(), ex);
-            }
-        }
-        return generated.toArray(new Boolean[generated.size()]);
+        final Configurator<GroovyScriptSource> c = context.lookup(GroovyScriptSource.class);
+        return config.asSequence().stream()
+            .map(source -> getActualValue(source, context))
+            .map(source -> Try(() -> c.configure(source, context).getScript())
+                                .onSuccess(GroovyScriptCaller.this::runGroovyShell)
+                                .isSuccess())
+            .toArray(Boolean[]::new);
+    }
+
+    private CNode getActualValue(CNode source, ConfigurationContext context) {
+        return unchecked(() -> source.asMapping().entrySet().stream().findFirst()).apply()
+            .map(entry -> resolveSourceOrGetValue(entry, context))
+            .orElse(source);
+    }
+
+    private CNode resolveSourceOrGetValue(Map.Entry<String, CNode> entry, ConfigurationContext context) {
+        final Mapping m = new Mapping();
+        m.put(
+            entry.getKey(),
+            SecretSourceResolver.resolve(context, unchecked(() -> entry.getValue().asScalar().getValue()).apply())
+        );
+        return m;
     }
 
+    private Boolean runGroovyShell(String script) {
+        final GroovyShell s = new GroovyShell(Jenkins.getActiveInstance().getPluginManager().uberClassLoader, new Binding());
+        return Try(() -> s.run(script, "Configuration-as-Code-Groovy", new ArrayList())).isSuccess();
+    }
+
+
     @Override
     public Boolean[] check(CNode config, ConfigurationContext context) throws ConfiguratorException {
         // Any way to dry-run a Groovy script ?
@@ -99,7 +101,7 @@ public Boolean[] check(CNode config, ConfigurationContext context) throws Config
 
     @Nonnull
     @Override
-    public List<Configurator> getConfigurators(ConfigurationContext context) {
+    public List<Configurator<Boolean[]>> getConfigurators(ConfigurationContext context) {
         return Collections.singletonList(context.lookup(GroovyScriptSource.class));
     }
 
@@ -108,4 +110,5 @@ public List<Configurator> getConfigurators(ConfigurationContext context) {
     public CNode describe(Boolean[] instance, ConfigurationContext context) throws Exception {
         return null;
     }
+
 }
