feat: retrieve git password from key storage

blink38 · ltamaster · commit 6872c9000b12 · 2025-04-08T16:22:31.000-04:00
diff --git a/src/main/groovy/com/rundeck/plugin/GitResourceModel.groovy b/src/main/groovy/com/rundeck/plugin/GitResourceModel.groovy
@@ -10,6 +10,12 @@ import com.dtolabs.rundeck.core.resources.format.ResourceFormatParser
 import com.dtolabs.rundeck.core.resources.format.ResourceFormatParserException
 import com.dtolabs.rundeck.core.resources.format.UnsupportedFormatException
 import com.dtolabs.utils.Streams
+import com.dtolabs.rundeck.core.execution.ExecutionContext;
+import com.dtolabs.rundeck.core.execution.ExecutionContextImpl;
+import com.rundeck.plugin.util.GitPluginUtil
+import org.rundeck.app.spi.Services;
+import com.dtolabs.rundeck.core.storage.keys.KeyStorageTree;
+import com.dtolabs.rundeck.core.execution.ExecutionListener
 
 
 /**
@@ -31,6 +37,42 @@ class GitResourceModel implements ResourceModelSource , WriteableModelSource{
         this.writable=true;
     }
 
+    GitResourceModel(Services services, Properties configuration, Framework framework) {
+
+        this.configuration = configuration
+        this.framework = framework
+
+        this.extension=configuration.getProperty(GitResourceModelFactory.GIT_FORMAT_FILE)
+        this.writable=Boolean.valueOf(configuration.getProperty(GitResourceModelFactory.WRITABLE))
+        this.fileName=configuration.getProperty(GitResourceModelFactory.GIT_FILE)
+        this.localPath=configuration.getProperty(GitResourceModelFactory.GIT_BASE_DIRECTORY)
+
+        if(gitManager==null){
+            gitManager = new GitManager(configuration)
+        }
+
+        ExecutionContext context = null;
+
+        if(services!=null){
+            context = new ExecutionContextImpl.Builder()
+                    .framework(framework)
+                    .storageTree(services.getService(KeyStorageTree.class))
+                    .build();
+        }else{
+            context = new ExecutionContextImpl.Builder()
+                    .framework(framework)
+                    .build();
+        }
+
+        if(configuration.getProperty(GitResourceModelFactory.GIT_PASSWORD_STORAGE)){
+            def password = GitPluginUtil.getFromKeyStorage(configuration.getProperty(GitResourceModelFactory.GIT_PASSWORD_STORAGE), context)
+            gitManager.setGitPassword(password)
+        }
+
+        if(configuration.getProperty(GitResourceModelFactory.GIT_KEY_STORAGE)) {
+            gitManager.setSshPrivateKeyPath(configuration.getProperty(GitResourceModelFactory.GIT_KEY_STORAGE))
+        }
+    }
 
     GitResourceModel(Properties configuration, Framework framework) {
         this.configuration = configuration
@@ -45,10 +87,21 @@ class GitResourceModel implements ResourceModelSource , WriteableModelSource{
             gitManager = new GitManager(configuration)
         }
 
-        if(configuration.getProperty(GitResourceModelFactory.GIT_PASSWORD_STORAGE)) {
-            gitManager.setGitPassword(configuration.getProperty(GitResourceModelFactory.GIT_PASSWORD_STORAGE))
+        ExecutionContext context = new ExecutionContextImpl.Builder()
+            .framework(this.framework)
+            .storageTree(services.getService(KeyStorageTree.class))
+            .build();
+
+
+        if(configuration.getProperty(GitResourceModelFactory.GIT_PASSWORD_STORAGE)){
+            def password = GitPluginUtil.getFromKeyStorage(configuration.getProperty(GitResourceModelFactory.GIT_PASSWORD_STORAGE), context)
+            gitManager.setGitPassword(password)
         }
 
+        // if(configuration.getProperty(GitResourceModelFactory.GIT_PASSWORD_STORAGE)) {
+        //     gitManager.setGitPassword(configuration.getProperty(GitResourceModelFactory.GIT_PASSWORD_STORAGE))
+        // }
+
         if(configuration.getProperty(GitResourceModelFactory.GIT_KEY_STORAGE)) {
             gitManager.setSshPrivateKeyPath(configuration.getProperty(GitResourceModelFactory.GIT_KEY_STORAGE))
         }
diff --git a/src/main/groovy/com/rundeck/plugin/GitResourceModelFactory.groovy b/src/main/groovy/com/rundeck/plugin/GitResourceModelFactory.groovy
@@ -12,6 +12,7 @@ import com.dtolabs.rundeck.plugins.ServiceNameConstants
 import com.dtolabs.rundeck.plugins.descriptions.PluginDescription
 import com.dtolabs.rundeck.plugins.util.DescriptionBuilder
 import com.rundeck.plugin.util.GitPluginUtil
+import org.rundeck.app.spi.Services;
 
 /**
  * Created by luistoledo on 12/18/17.
@@ -42,7 +43,7 @@ class GitResourceModelFactory implements ResourceModelSourceFactory,Describable
 
 
     final static Map<String, Object> renderingOptionsAuthentication = GitPluginUtil.getRenderOpt("Authentication",false)
-    final static Map<String, Object> renderingOptionsAuthenticationPassword = GitPluginUtil.getRenderOpt("Authentication",false, true)
+    final static Map<String, Object> renderingOptionsAuthenticationPassword = GitPluginUtil.getRenderOpt("Authentication",false, false, true)
     final static Map<String, Object> renderingOptionsConfig = GitPluginUtil.getRenderOpt("Configuration",false)
 
     GitResourceModelFactory(Framework framework) {
@@ -76,7 +77,7 @@ Some examples:
             .property(PropertyUtil.bool(WRITABLE, "Writable",
             "Allow to write the remote file.",
             false,"false",null,renderingOptionsConfig))
-            .property(PropertyUtil.string(GIT_PASSWORD_STORAGE, "Git Password", 'Password to authenticate remotely', false,
+             .property(PropertyUtil.string(GIT_PASSWORD_STORAGE, "Git Password", 'Password to authenticate remotely', false,
             null,null,null, renderingOptionsAuthenticationPassword))
             .property(PropertyUtil.select(GIT_HOSTKEY_CHECKING, "SSH: Strict Host Key Checking", '''Use strict host key checking.
 If `yes`, require remote host SSH key is defined in the `~/.ssh/known_hosts` file, otherwise do not verify.''', false,
@@ -96,6 +97,13 @@ If `yes`, require remote host SSH key is defined in the `~/.ssh/known_hosts` fil
     ResourceModelSource createResourceModelSource(Properties configuration) throws ConfigurationException {
         final GitResourceModel resource = new GitResourceModel(configuration,framework)
 
+        return resource
+    }
+
+     @Override
+    ResourceModelSource createResourceModelSource(final Services services, final Properties configuration) throws ConfigurationException {
+        final GitResourceModel resource = new GitResourceModel(services, configuration,framework)
+
         return resource
     }
 }
diff --git a/src/main/groovy/com/rundeck/plugin/util/GitPluginUtil.groovy b/src/main/groovy/com/rundeck/plugin/util/GitPluginUtil.groovy
@@ -3,6 +3,9 @@ package com.rundeck.plugin.util
 import com.dtolabs.rundeck.core.plugins.configuration.StringRenderingConstants
 import com.dtolabs.rundeck.core.storage.ResourceMeta
 import com.dtolabs.rundeck.plugins.step.PluginStepContext
+import com.dtolabs.rundeck.core.execution.ExecutionContextImpl
+import com.dtolabs.rundeck.core.storage.keys.KeyStorageTree;
+import com.dtolabs.rundeck.core.execution.ExecutionListener
 
 /**
  * Created by luistoledo on 12/18/17.
@@ -41,4 +44,21 @@ class GitPluginUtil {
 
     }
 
+     static String getFromKeyStorage(String path, ExecutionContextImpl context){
+        KeyStorageTree storageTree = context.getStorageTree();
+
+        if (storageTree!=null){
+            ResourceMeta contents = context.getStorageTree().getResource(path).getContents();
+            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
+            contents.writeContent(byteArrayOutputStream);
+            String password = new String(byteArrayOutputStream.toByteArray());
+
+            return password;
+        } else {
+            ExecutionListener logger = context.getExecutionContext().getExecutionListener()
+            logger.log(1, "storageTree is null. Cannot retrieve password");
+            return null
+        }
+
+    }
 }
