This change adds support for scoping Jenkins credentials to system. For the secret in Key Vault to be scoped to system in Jenkins, a tag of 'scope' should be set on the Key Vault secret with a value of 'system'. If no scope is set on the Key Vault secret, the default scope will be global. The code uses the same logic as the Kubernetes Credentials Provider plugin to scope the credential to system.
This partially meets #199 although it doesn't include scoping credentials to items (e.g. jobs/ folders).
Testing done
This was tested manually with the following steps.
Secrets created in Azure Key Vault with the following tags
Secret Text
SSH Private Key
Username/Password
Azure Key Vault plugin configured in Jenkins to pull in the credentials
Credentials are accessible for system settings
Secret Text
SSH Private Key & Username/Password
Credentials aren't accessible for jobs
Secret Text
SSH Private Key
Username/Password
### Submitter checklist
- [x] Make sure you are opening from a **topic/feature/bugfix branch** (right side) and not your main branch!
- [x] Ensure that the pull request title represents the desired changelog entry
- [x] Please describe what you did
- [x] Link to relevant issues in GitHub or Jira
- [x] Link to relevant pull requests, esp. upstream and downstream changes
- [x] Ensure you have provided tests - that demonstrates feature works or fixes the issue
This change adds support for scoping Jenkins credentials to system. For the secret in Key Vault to be scoped to system in Jenkins, a tag of 'scope' should be set on the Key Vault secret with a value of 'system'. If no scope is set on the Key Vault secret, the default scope will be global. The code uses the same logic as the Kubernetes Credentials Provider plugin to scope the credential to system.
This partially meets #199 although it doesn't include scoping credentials to items (e.g. jobs/ folders).
Testing done
This was tested manually with the following steps.
Secret Text
SSH Private Key
Username/Password
Azure Key Vault plugin configured in Jenkins to pull in the credentials
Credentials are accessible for system settings
Secret Text
SSH Private Key & Username/Password
Secret Text
SSH Private Key
Username/Password