[JENKINS-46094] Fix SSH Clone trait using agent credentials (#170)

Author: bitwiseman

src/main/java/com/cloudbees/jenkins/plugins/bitbucket/BitbucketGitSCMBuilder.java

@@ -75,6 +75,13 @@ public class BitbucketGitSCMBuilder extends GitSCMBuilder<BitbucketGitSCMBuilder
     @NonNull
     private List<BitbucketHref> cloneLinks = Collections.emptyList();
 
+    /**
+     * The {@link BitbucketRepositoryProtocol} that should be used.
+     * Enables support for blank SSH credentials.
+     */
+    @NonNull
+    private BitbucketRepositoryProtocol protocol = BitbucketRepositoryProtocol.HTTP;
+
     /**
      * Constructor.
      *
@@ -115,6 +122,10 @@ public BitbucketGitSCMBuilder(@NonNull BitbucketSCMSource scmSource, @NonNull SC
                 scmSource.getRepoOwner(),
                 scmSource.getRepository()
         )));
+
+        // Test for protocol
+        withCredentials(credentialsId, null);
+
     }
 
     /**
@@ -149,6 +160,43 @@ public List<BitbucketHref> cloneLinks() {
         return Collections.unmodifiableList(cloneLinks);
     }
 
+    /**
+     * Configures the {@link IdCredentials#getId()} of the {@link Credentials} to use when connecting to the
+     * {@link #remote()}
+     *
+     * @param credentialsId the {@link IdCredentials#getId()} of the {@link Credentials} to use when connecting to
+     *                      the {@link #remote()} or {@code null} to let the git client choose between providing its own
+     *                      credentials or connecting anonymously.
+     * @param protocol the {@link BitbucketRepositoryProtocol} of the {@link Credentials} to use or {@code null}
+     *                 to detect the the protocol based on the credentialsId. Defaults to HTTP if credentials are
+     *                 {@code null}.  Enables support for blank SSH credentials.
+     * @return {@code this} for method chaining.
+     */
+    @NonNull
+    public BitbucketGitSCMBuilder withCredentials(String credentialsId, BitbucketRepositoryProtocol protocol) {
+        if (StringUtils.isNotBlank(credentialsId)) {
+            StandardCredentials credentials = BitbucketCredentials.lookupCredentials(
+                scmSource.getServerUrl(),
+                scmSource.getOwner(),
+                credentialsId,
+                StandardCredentials.class
+            );
+
+            if (protocol == null) {
+                protocol = credentials instanceof SSHUserPrivateKey
+                    ? BitbucketRepositoryProtocol.SSH
+                    : BitbucketRepositoryProtocol.HTTP;
+            }
+        } else if (protocol == null) {
+            // If we set credentials to empty reset the type to HTTP.
+            // To set the build to use empty SSH credentials, call withProtocol after setting credentials
+            protocol = BitbucketRepositoryProtocol.HTTP;
+        }
+
+        this.protocol = protocol;
+        return withCredentials(credentialsId);
+    }
+
     /**
      * Updates the {@link GitSCMBuilder#withRemote(String)} based on the current {@link #head()} and
      * {@link #revision()}.
@@ -159,18 +207,6 @@ public List<BitbucketHref> cloneLinks() {
      */
     @NonNull
     public BitbucketGitSCMBuilder withBitbucketRemote() {
-        // Apply clone links and credentials
-        StandardCredentials credentials = StringUtils.isBlank(credentialsId())
-                ? null
-                : BitbucketCredentials.lookupCredentials(
-                        scmSource().getServerUrl(),
-                        scmSource().getOwner(),
-                        credentialsId(),
-                        StandardCredentials.class
-                );
-        BitbucketRepositoryProtocol protocol = credentials instanceof SSHUserPrivateKey
-                ? BitbucketRepositoryProtocol.SSH
-                : BitbucketRepositoryProtocol.HTTP;
         SCMHead h = head();
         String repoOwner;
         String repository;
@@ -261,5 +297,4 @@ public GitSCM build() {
             withRevision(r);
         }
     }
-
 }

src/main/java/com/cloudbees/jenkins/plugins/bitbucket/BitbucketHgSCMBuilder.java

@@ -79,6 +79,13 @@ public class BitbucketHgSCMBuilder extends MercurialSCMBuilder<BitbucketHgSCMBui
     @NonNull
     private List<BitbucketHref> cloneLinks = Collections.emptyList();
 
+    /**
+     * The {@link BitbucketRepositoryProtocol} that should be used.
+     * Enables support for blank SSH credentials.
+     */
+    @NonNull
+    private BitbucketRepositoryProtocol protocol = BitbucketRepositoryProtocol.HTTP;
+
     /**
      * Constructor.
      *
@@ -90,7 +97,7 @@ public class BitbucketHgSCMBuilder extends MercurialSCMBuilder<BitbucketHgSCMBui
      *                      credentials or connecting anonymously.
      */
     public BitbucketHgSCMBuilder(@NonNull BitbucketSCMSource scmSource, @NonNull SCMHead head,
-                                 @CheckForNull SCMRevision revision, String credentialsId) {
+                                 @CheckForNull SCMRevision revision, @CheckForNull String credentialsId) {
         super(head, revision, /*dummy value*/scmSource.getServerUrl(), credentialsId);
         this.scmSource = scmSource;
         AbstractBitbucketEndpoint endpoint =
@@ -106,6 +113,9 @@ public BitbucketHgSCMBuilder(@NonNull BitbucketSCMSource scmSource, @NonNull SCM
         } catch (MalformedURLException e) {
             // ignore, we are providing a well formed URL and if we are not then we shouldn't apply a browser
         }
+
+        // Test for protocol
+        withCredentialsId(credentialsId, null);
     }
 
     /**
@@ -140,6 +150,43 @@ public List<BitbucketHref> cloneLinks() {
         return Collections.unmodifiableList(cloneLinks);
     }
 
+    /**
+     * Configures the {@link IdCredentials#getId()} of the {@link Credentials} to use when connecting to the
+     * {@link #source()}
+     *
+     * @param credentialsId the {@link IdCredentials#getId()} of the {@link Credentials} to use when connecting to
+     *                      the {@link #source()} or {@code null} to let the git client choose between providing its own
+     *                      credentials or connecting anonymously.
+     * @param protocol the {@link BitbucketRepositoryProtocol} of the {@link Credentials} to use or {@code null}
+     *                 to detect the the protocol based on the credentialsId. Defaults to HTTP if credentials are
+     *                 {@code null}.  Enables support for blank SSH credentials.
+     * @return {@code this} for method chaining.
+     */
+    @NonNull
+    public BitbucketHgSCMBuilder withCredentialsId(String credentialsId, BitbucketRepositoryProtocol protocol) {
+        if (StringUtils.isNotBlank(credentialsId)) {
+            StandardCredentials credentials = BitbucketCredentials.lookupCredentials(
+                scmSource.getServerUrl(),
+                scmSource.getOwner(),
+                credentialsId,
+                StandardCredentials.class
+            );
+
+            if (protocol == null) {
+                protocol = credentials instanceof SSHUserPrivateKey
+                    ? BitbucketRepositoryProtocol.SSH
+                    : BitbucketRepositoryProtocol.HTTP;
+            }
+        } else if (protocol == null) {
+            // If we set credentials to empty reset the type to HTTP.
+            // To set the build to use empty SSH credentials, call withProtocol after setting credentials
+            protocol = BitbucketRepositoryProtocol.HTTP;
+        }
+
+        this.protocol = protocol;
+        return withCredentialsId(credentialsId);
+    }
+
     /**
      * Updates the {@link MercurialSCMBuilder#withSource(String)} based on the current {@link #head()} and
      * {@link #revision()}.
@@ -150,18 +197,6 @@ public List<BitbucketHref> cloneLinks() {
      */
     @NonNull
     public BitbucketHgSCMBuilder withBitbucketSource() {
-        // Apply clone links and credentials
-        StandardCredentials credentials = StringUtils.isBlank(credentialsId())
-                ? null
-                : BitbucketCredentials.lookupCredentials(
-                        scmSource().getServerUrl(),
-                        scmSource().getOwner(),
-                        credentialsId(),
-                        StandardCredentials.class
-                );
-        BitbucketRepositoryProtocol protocol = credentials instanceof SSHUserPrivateKey
-                ? BitbucketRepositoryProtocol.SSH
-                : BitbucketRepositoryProtocol.HTTP;
         SCMHead h = head();
         String repoOwner;
         String repository;
@@ -249,5 +284,4 @@ public MercurialSCM build() {
             withRevision(r);
         }
     }
-
 }

src/main/java/com/cloudbees/jenkins/plugins/bitbucket/SSHCheckoutTrait.java

@@ -23,6 +23,7 @@
  */
 package com.cloudbees.jenkins.plugins.bitbucket;
 
+import com.cloudbees.jenkins.plugins.bitbucket.api.BitbucketRepositoryProtocol;
 import com.cloudbees.jenkins.plugins.sshcredentials.SSHUserPrivateKey;
 import com.cloudbees.plugins.credentials.CredentialsMatchers;
 import com.cloudbees.plugins.credentials.CredentialsProvider;
@@ -105,9 +106,11 @@ public final String getCredentialsId() {
     @Override
     protected void decorateBuilder(SCMBuilder<?, ?> builder) {
         if (builder instanceof GitSCMBuilder) {
-            ((GitSCMBuilder) builder).withCredentials(credentialsId);
+            ((BitbucketGitSCMBuilder) builder)
+                .withCredentials(credentialsId, BitbucketRepositoryProtocol.SSH);
         } else if (builder instanceof MercurialSCMBuilder) {
-            ((MercurialSCMBuilder) builder).withCredentialsId(credentialsId);
+            ((BitbucketHgSCMBuilder) builder)
+                .withCredentialsId(credentialsId, BitbucketRepositoryProtocol.SSH);
         }
     }