From dfcce532b441eac353a00cd9cdef7614f8527c1f Mon Sep 17 00:00:00 2001
From: Thomas Desvenain <thomas.desvenain@gmail.com>
Date: Mon, 6 Jun 2016 21:23:21 +0200
Subject: [PATCH] Added amazon web services to credentials bindings

We can inject access and secret key in environment variables using
Amazon Web Services Credentials plugin.

This allows us to use amazon web service command line client and api
into builders.

Change-Id: I2569cad0e873f2ff80b8b8549c7fcacdf5909ea3
Signed-off-by: Thomas Desvenain <thomas.desvenain@gmail.com>
---
 jenkins_jobs/modules/wrappers.py              | 27 ++++++++++++++++---
 .../wrappers/fixtures/credentials_binding.xml |  5 ++++
 .../fixtures/credentials_binding.yaml         |  5 ++++
 3 files changed, 34 insertions(+), 3 deletions(-)

diff --git a/jenkins_jobs/modules/wrappers.py b/jenkins_jobs/modules/wrappers.py
index d9599d12b..1c8503fd1 100644
--- a/jenkins_jobs/modules/wrappers.py
+++ b/jenkins_jobs/modules/wrappers.py
@@ -1654,12 +1654,16 @@ def credentials_binding(parser, xml_parent, data):
     <Credentials+Binding+Plugin>` version 1.1 or greater.
 
     :arg list binding-type: List of each bindings to create.  Bindings may be
-      of type `zip-file`, `file`, `username-password`, `text` or
-      `username-password-separated`.
+      of type `zip-file`, `file`, `username-password`, `text`,
+      `username-password-separated` or `amazon-web-services`.
       username-password sets a variable to the username and password given in
       the credentials, separated by a colon.
       username-password-separated sets one variable to the username and one
       variable to the password given in the credentials.
+      amazon-web-services sets one variable to the access key and one
+      variable to the secret access key. Requires the
+      :jenkins-wiki:`AWS Credentials Plugin <CloudBees+AWS+Credentials+Plugin>`
+      .
 
         :Parameters: * **credential-id** (`str`) UUID of the credential being
                        referenced
@@ -1671,6 +1675,12 @@ def credentials_binding(parser, xml_parent, data):
                      * **password** (`str`) Environment variable for the
                        password (Required for binding-type
                        username-password-separated)
+                     * **access-key** (`str`) Environment variable for the
+                       access key (Required for binding-type
+                       amazon-web-services)
+                     * **secret-key** (`str`) Environment variable for the
+                       access secret key (Required for binding-type
+                       amazon-web-services)
 
     Example:
 
@@ -1699,7 +1709,10 @@ def credentials_binding(parser, xml_parent, data):
         'username-password-separated': 'org.jenkinsci.plugins.'
                                        'credentialsbinding.impl.'
                                        'UsernamePasswordMultiBinding',
-        'text': 'org.jenkinsci.plugins.credentialsbinding.impl.StringBinding'
+        'text': 'org.jenkinsci.plugins.credentialsbinding.impl.StringBinding',
+        'amazon-web-services':
+            'com.cloudbees.jenkins.plugins.awscredentials'
+            '.AmazonWebServicesCredentialsBinding'
     }
     if not data:
         raise JenkinsJobsException('At least one binding-type must be '
@@ -1721,6 +1734,14 @@ def credentials_binding(parser, xml_parent, data):
                                    ).text = params['password']
                 except KeyError as e:
                     raise MissingAttributeError(e.args[0])
+            elif binding_type == 'amazon-web-services':
+                try:
+                    XML.SubElement(binding_xml, 'accessKeyVariable'
+                                   ).text = params['access-key']
+                    XML.SubElement(binding_xml, 'secretKeyVariable'
+                                   ).text = params['secret-key']
+                except KeyError as e:
+                    raise MissingAttributeError(e.args[0])
             else:
                 variable_xml = XML.SubElement(binding_xml, 'variable')
                 variable_xml.text = params.get('variable')
diff --git a/tests/wrappers/fixtures/credentials_binding.xml b/tests/wrappers/fixtures/credentials_binding.xml
index b54332331..2e4c3bf16 100644
--- a/tests/wrappers/fixtures/credentials_binding.xml
+++ b/tests/wrappers/fixtures/credentials_binding.xml
@@ -24,6 +24,11 @@
           <passwordVariable>myPassword</passwordVariable>
           <credentialsId>b3e6f337-5d44-4f57-921c-1632d796caae</credentialsId>
         </org.jenkinsci.plugins.credentialsbinding.impl.UsernamePasswordMultiBinding>
+        <com.cloudbees.jenkins.plugins.awscredentials.AmazonWebServicesCredentialsBinding>
+          <accessKeyVariable>AWS_ACCESS_KEY_ID</accessKeyVariable>
+          <secretKeyVariable>AWS_SECRET_ACCESS_KEY</secretKeyVariable>
+          <credentialsId>b3e6f337-5d44-4f57-921c-1632d796caaf</credentialsId>
+        </com.cloudbees.jenkins.plugins.awscredentials.AmazonWebServicesCredentialsBinding>
       </bindings>
     </org.jenkinsci.plugins.credentialsbinding.impl.SecretBuildWrapper>
   </buildWrappers>
diff --git a/tests/wrappers/fixtures/credentials_binding.yaml b/tests/wrappers/fixtures/credentials_binding.yaml
index d191e4b3c..651ef034a 100644
--- a/tests/wrappers/fixtures/credentials_binding.yaml
+++ b/tests/wrappers/fixtures/credentials_binding.yaml
@@ -17,3 +17,8 @@ wrappers:
         credential-id: b3e6f337-5d44-4f57-921c-1632d796caae
         username: myUsername
         password: myPassword
+ - credentials-binding:
+     - amazon-web-services:
+        credential-id: b3e6f337-5d44-4f57-921c-1632d796caaf
+        access-key: AWS_ACCESS_KEY_ID
+        secret-key: AWS_SECRET_ACCESS_KEY