Skip to content

Commit

Permalink
Added IAM role feature to plugin (#16)
Browse files Browse the repository at this point in the history
  • Loading branch information
AshitaSingamsetty authored Apr 15, 2024
1 parent 6412b91 commit 8efda25
Show file tree
Hide file tree
Showing 3 changed files with 33 additions and 2 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ public class CDEventsGlobalConfig extends GlobalConfiguration {
private String kinesisStreamName;
private String kinesisRegion;
private String kinesisEndpoint;
private String iamRole;

@SuppressFBWarnings(value = {"CD_CIRCULAR_DEPENDENCY", "MC_OVERRIDABLE_METHOD_CALL_IN_CONSTRUCTOR"}, justification = "Circular dependency is false positive triggered by jenkins.model.GlobalConfiguration. " + "Overridable method call in constructor is unavoidable.")
public CDEventsGlobalConfig() {
Expand Down Expand Up @@ -99,6 +100,17 @@ public void setKinesisEndpoint(String kinesisEndpoint) {
save();
}

public String getIamRole() {
return this.iamRole;
}

@DataBoundSetter
public void setIamRole(String iamRole) {
this.iamRole = iamRole;
KinesisSink.nullifyKinesisClient();
save();
}

public FormValidation doCheckKinesisStreamName(@QueryParameter("kinesisStreamName") String kinesisStreamName) {
if (isNullOrEmpty(kinesisStreamName)) {
return FormValidation.error("Kinesis stream cannot be blank");
Expand All @@ -119,4 +131,11 @@ public FormValidation doCheckKinesisEndpoint(@QueryParameter("kinesisEndpoint")
}
return FormValidation.ok();
}

public FormValidation doCheckIamRole(@QueryParameter("iamRole") String iamRole) {
if (isNullOrEmpty(iamRole)) {
return FormValidation.error("IAM Role cannot be blank");
}
return FormValidation.ok();
}
}
13 changes: 11 additions & 2 deletions src/main/java/io/jenkins/plugins/cdevents/sinks/KinesisSink.java
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@

package io.jenkins.plugins.cdevents.sinks;

import com.amazonaws.auth.STSAssumeRoleSessionCredentialsProvider;
import com.amazonaws.client.builder.AwsClientBuilder;
import com.amazonaws.services.kinesis.AmazonKinesis;
import com.amazonaws.services.kinesis.AmazonKinesisClientBuilder;
Expand All @@ -26,6 +27,7 @@ public class KinesisSink extends CDEventsSink {
private volatile static String streamName;
private volatile static String region;
private volatile static String endpoint;
private volatile static String iamRole;

public KinesisSink() {
if (Jenkins.get().getPlugin("aws-java-sdk") == null
Expand All @@ -51,6 +53,8 @@ public static synchronized void rebuildKinesisClient() {
streamName = CDEventsGlobalConfig.get().getKinesisStreamName().trim();
region = CDEventsGlobalConfig.get().getKinesisRegion();
endpoint = CDEventsGlobalConfig.get().getKinesisEndpoint();
iamRole = CDEventsGlobalConfig.get().getIamRole();
String roleSessionName = "cdevents-plugin";

AmazonKinesisClientBuilder kinesisBuilder = AmazonKinesisClientBuilder.standard();
if (region != null && !region.isEmpty()) {
Expand All @@ -61,9 +65,14 @@ public static synchronized void rebuildKinesisClient() {
endpoint, region);
kinesisBuilder.withEndpointConfiguration(endpointConfiguration);
}
if (iamRole != null && !iamRole.isEmpty()) {
STSAssumeRoleSessionCredentialsProvider credentialsProvider = new STSAssumeRoleSessionCredentialsProvider.Builder(
iamRole, roleSessionName).build();
kinesisBuilder.withCredentials(credentialsProvider);
}

LOGGER.info(String.format("Instantiating new Kinesis client {stream=%s, region=%s, endpoint=%s}",
streamName, region, endpoint));
LOGGER.info(String.format("Instantiating new Kinesis client {stream=%s, region=%s, endpoint=%s, iamRole=%s}",
streamName, region, endpoint, iamRole));
kinesis = kinesisBuilder.build();
}
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,9 @@
<f:entry field="kinesisEndpoint" title="${%Endpoint}">
<f:textbox field="kinesisEndpoint" value="${instance.kinesisEndpoint}"/>
</f:entry>
<f:entry field="iamRole" title="${%IamRole}">
<f:textbox field="iamRole" value="${instance.iamRole}"/>
</f:entry>

</f:radioBlock>

Expand Down

0 comments on commit 8efda25

Please sign in to comment.