adding groovy scripts from darinpope repo for proper hosting on cloudbees branded repos

jha-cloudbees · jha-cloudbees · commit 3187bac4dcec · 2020-07-31T03:21:49.000-04:00
diff --git a/cloudbees-ci/cje-to-ci-migration-examples/README.md b/cloudbees-ci/cje-to-ci-migration-examples/README.md
@@ -0,0 +1,7 @@
+# Jenkins Credentials Migration
+
+Run the script in `export.groovy` in the Script Console on the source Jenkins. It will output an encoded message containing a flattened list of all system and folder credentials. 
+
+Then, paste the value from that script as the value of the `encoded` variable from `import.groovy` and execute in the Script Console on the destination Jenkins. All the credentials and domains from the source Jenkins will now be imported to the system store of the destination Jenkins. 
+
+These scripts were created by Ryan Carrigan and copped from is repo on May 8, 2020
diff --git a/cloudbees-ci/cje-to-ci-migration-examples/export.groovy b/cloudbees-ci/cje-to-ci-migration-examples/export.groovy
@@ -0,0 +1,65 @@
+import com.cloudbees.hudson.plugins.folder.Folder
+import com.cloudbees.hudson.plugins.folder.properties.FolderCredentialsProvider
+import com.cloudbees.plugins.credentials.SystemCredentialsProvider
+import com.cloudbees.plugins.credentials.domains.DomainCredentials
+import com.thoughtworks.xstream.converters.Converter
+import com.thoughtworks.xstream.converters.MarshallingContext
+import com.thoughtworks.xstream.converters.UnmarshallingContext
+import com.thoughtworks.xstream.io.HierarchicalStreamReader
+import com.thoughtworks.xstream.io.HierarchicalStreamWriter
+import com.trilead.ssh2.crypto.Base64
+import hudson.util.Secret
+import hudson.util.XStream2
+import jenkins.model.Jenkins
+
+def instance = Jenkins.get()
+def credentials = []
+
+// Copy all domains from the system credentials provider
+def systemProvider = instance.getExtensionList(SystemCredentialsProvider.class)
+if (!systemProvider.empty) {
+    def systemStore = systemProvider.first().getStore()
+    for (domain in systemStore.domains) {
+        credentials.add(new DomainCredentials(domain, systemStore.getCredentials(domain)))
+    }
+}
+
+// Copy all domains from all folders
+def folderExtension = instance.getExtensionList(FolderCredentialsProvider.class)
+if (!folderExtension.empty) {
+    def folders = instance.getAllItems(Folder.class)
+    def folderProvider = folderExtension.first()
+    for (folder in folders) {
+        def store = folderProvider.getStore(folder)
+        for (domain in store.domains) {
+            credentials.add(new DomainCredentials(domain, store.getCredentials(domain)))
+        }
+    }
+}
+
+// The converter ensures that the output XML contains the unencrypted secrets
+def converter = new Converter() {
+    @Override
+    void marshal(Object object, HierarchicalStreamWriter writer, MarshallingContext context) {
+        writer.value = Secret.toString(object as Secret)
+    }
+
+    @Override
+    Object unmarshal(HierarchicalStreamReader reader, UnmarshallingContext context) { null }
+
+    @Override
+    boolean canConvert(Class type) { type == Secret.class }
+}
+
+def stream = new XStream2()
+stream.registerConverter(converter)
+
+// Marshal the list of credentials into XML
+def encoded = []
+def sections = credentials.collate(25)
+for (section in sections) {
+    def xml = Base64.encode(stream.toXML(section).bytes)
+    encoded.add("\"${xml}\"")
+}
+
+println encoded.toString()
diff --git a/cloudbees-ci/cje-to-ci-migration-examples/import.groovy b/cloudbees-ci/cje-to-ci-migration-examples/import.groovy
@@ -0,0 +1,26 @@
+import com.cloudbees.plugins.credentials.SystemCredentialsProvider
+import com.cloudbees.plugins.credentials.domains.DomainCredentials
+import com.trilead.ssh2.crypto.Base64
+import hudson.util.XStream2
+import jenkins.model.Jenkins
+
+// Paste the encoded message from the script on the source Jenkins
+def encoded = []
+if (!encoded) {
+    return
+}
+
+// The message is decoded and unmarshaled
+for (slice in encoded) {
+    def decoded = new String(Base64.decode(slice.chars))
+    def list = new XStream2().fromXML(decoded) as List<DomainCredentials>
+
+    // Put all the domains from the list into system credentials
+    def store = Jenkins.get().getExtensionList(SystemCredentialsProvider.class).first().getStore()
+    for (domain in list) {
+        for (credentials in domain.credentials) {
+            println "Adding credentials: ${credentials.id}"
+            store.addDomain(domain.getDomain(), credentials)
+        }
+    }
+}
