timja
commented
1 year ago Pull request welcome
Closed dzauzig closed 1 year ago
timja
commented
1 year ago Pull request welcome
dzauzig
commented
1 year ago I'm sorry but I'm not a Java developer and I have no way to test. But I think these are the code changes needed:
BEFORE:
if (StringUtils.isNotBlank(labelSelector) && !labelSelector.equals(tags.get("jenkins-label"))) {
// User specified a label selector in config, but current credential does not contain a matching tag, skip iteration
continue;AFTER:
if (StringUtils.isNotBlank(labelSelector)) {
boolean labelSelectorFound = false;
String labelSelectorTag = tags.get("jenkins-label");
if (StringUtils.isNotBlank(labelSelectorTag)) {
String[] labelSelectorValues = labelSelectorTag.split(",");
for (String value : labelSelectorValues) {
if (labelSelector.equals(value)) {
labelSelectorFound = true;
break;
}
}
}
if (labelSelectorFound == false) {
continue;
}
}
What feature do you want to see added?
Currently, it is possible to add a tag to an Azure Key Vault secret called "label-selector" to filter what secrets are visible in Jenkins credentials. The problem is that it only supports access to one secret from a single Jenkins server. Please add the ability to access the same secret from multiple jenkins servers. I suggest that the value of the tag be a comma separated list. This would be very simple to implement and would allow multiple Jenkins servers to share access to the same secret.
Code change would go here: https://github.com/jenkinsci/azure-keyvault-plugin/blob/8723b823cd7a816c22f9064aace34061d3e780a5/src/main/java/org/jenkinsci/plugins/azurekeyvaultplugin/AzureCredentialsProvider.java#LL127C1-L128C1
Upstream changes
No response