Adding some initial snippets

Author: sboardwell

classpath-utils/load-libraries-at-runtime.groovy

@@ -0,0 +1,82 @@
+import java.lang.reflect.Method;
+import groovy.sql.Sql
+// Grab the dependencies
+@Grapes([
+    @Grab('mysql:mysql-connector-java:5.1.6')
+])
+// Get the locations
+def grape = groovy.grape.Grape.getInstance()
+def r = grape.listDependencies(this.getClass().getClassLoader())
+def jarURIs = grape.resolve(r[0])
+// Add to systemClassLoader
+try {
+    jarURIs.each {
+        URLClassLoader classLoader = (URLClassLoader) ClassLoader.getSystemClassLoader();
+        Method method = URLClassLoader.class.getDeclaredMethod("addURL", URL.class);
+        method.setAccessible(true);
+        println "Adding jar: ${it}"
+        method.invoke(classLoader, it.toURL());
+    }
+} catch (Exception e) {
+    throw new RuntimeException("Unexpected exception", e);
+}
+// Run your code
+def sql=Sql.newInstance("JDBC_URL", "USERNAME", "PASSWORD", "com.mysql.jdbc.Driver")
+sql.firstRow('SELECT * FROM INFORMATION_SCHEMA.COLUMNS LIMIT 10')
+
+
+
+// Script isolation
+
+scriptToRun = '''
+...insert the script from above here...
+'''
+GroovyClassLoader groovyCL = new GroovyClassLoader();
+Class groovyShellClazz = groovyCL.loadClass(GroovyShell.class.getName());
+Object groovyShellObj = groovyShellClazz.newInstance();
+java.lang.reflect.Method evaluateMethod = groovyShellClazz.getMethod("evaluate", String.class);
+evaluateMethod.invoke(groovyShellObj, scriptToRun);
+
+
+
+// Classpath List
+
+def printClassPath(classLoader) {
+    println "$classLoader"
+    urls = []
+    try {
+        urls = classLoader.getURLs()
+    } catch (def e) {
+        // ignore
+    }
+    urls.each {url->
+        println "- ${url.toString()}"
+        this.class.classLoader.addURL(url);
+    }
+    if (classLoader.parent) {
+        printClassPath(classLoader.parent)
+    }
+}
+printClassPath this.class.classLoader
+
+
+// Classpath List
+
+def printClassPath(classLoader) {
+    println "Hi $classLoader"
+    urls = []
+    try {
+        urls = classLoader.getURLs()
+    } catch (def e) {
+        // ignore
+    }
+    urls.each {url->
+        println "- ${url.toString()}"
+        this.class.classLoader.addURL(url);
+    }
+    if (classLoader.parent) {
+      println "Parent: ${classLoader.parent} (parent of $classLoader)"
+        printClassPath(classLoader.parent)
+    }
+}
+printClassPath this.class.classLoader

list-all-controller-with-plugin.groovy

@@ -0,0 +1,34 @@
+import com.cloudbees.opscenter.server.model.*
+import com.cloudbees.opscenter.server.clusterops.steps.*
+import hudson.remoting.*
+
+controllers = []
+pluginToFind='checks-api'
+scriptToRun = """
+import Jenkins
+Jenkins.instance.pluginManager.plugins.stream().sorted().findAll { it.getShortName() == "${pluginToFind}" }.each { print it.shortName }
+x=null
+"""
+
+Jenkins.instance.getAllItems(ConnectedMaster.class).each {
+  controllers.add(getHost(it.channel, it.class.simpleName, it.encodedName))
+}
+
+def getHost(channel, type, name){
+  def hostReturnStr
+  if(channel){
+    def stream = new ByteArrayOutputStream()
+    def listener = new StreamBuildListener(stream)
+    channel.call(new MasterGroovyClusterOpStep.Script(
+        scriptToRun,
+        listener,
+        "host-script.groovy",
+        [:]))
+    hostReturnStr = stream.toString()
+
+  }
+  return channel ? "${name} - ${hostReturnStr}" : "${name} - OFFLINE"
+}
+
+controllers.each { if (it) { println it } }
+x=null

run-script-on-controller-as-system-user.groovy

@@ -0,0 +1,47 @@
+import com.cloudbees.opscenter.server.model.*
+import com.cloudbees.opscenter.server.clusterops.steps.*
+import hudson.remoting.*
+import hudson.security.ACL
+import jenkins.model.Jenkins
+
+controllerName = "r23322"
+controllers = []
+scriptToRun = '''
+import jenkins.model.Jenkins
+
+// Start Jenkins in maintenance mode
+// Jenkins.instance.doQuietDown()
+
+return Jenkins.instance.getRootUrl()
+'''
+
+def getHost(channel, type, name){
+  def host
+  if(channel) {
+    def stream = new ByteArrayOutputStream()
+    def listener = new StreamBuildListener(stream)
+    channel.call(new MasterGroovyClusterOpStep.Script(
+        scriptToRun,
+        listener,
+        "host-script.groovy",
+        [:])
+    )
+    host = stream.toString().minus("Result: ")
+  } else {
+    host = [type:type, name:name, offline:true]
+  }
+  return host
+}
+
+ACL.impersonate(ACL.SYSTEM, new Runnable() {
+  @Override
+  public void run() {
+
+    Jenkins.instance.getAllItems(ConnectedMaster.class).each {
+      if (it.encodedName == (controllerName)) {
+        controllers.add(getHost(it.channel, it.class.simpleName, it.encodedName))
+      }
+    }
+  }
+})
+println controllers

run-script-on-controller-as-user.groovy

@@ -0,0 +1,39 @@
+import com.cloudbees.opscenter.server.model.*
+import com.cloudbees.opscenter.server.clusterops.steps.*
+import hudson.remoting.*
+
+controllers = []
+scriptToRun = '''
+import jenkins.model.Jenkins
+
+// Start Jenkins in maintenance mode
+Jenkins.instance.doQuietDown()
+
+return Jenkins.instance.pluginManager.plugins.stream().sorted().collect(java.util.stream.Collectors.toList()).each { plugin -> println (plugin.getShortName()) }
+x=""
+'''
+
+Jenkins.instance.getAllItems(ConnectedMaster.class).each {
+  controllers.add(getHost(it.channel, it.class.simpleName, it.encodedName))
+}
+
+def getHost(channel, type, name){
+  def host
+  if(channel){
+    def stream = new ByteArrayOutputStream()
+    def listener = new StreamBuildListener(stream)
+    channel.call(new MasterGroovyClusterOpStep.Script(
+        scriptToRun,
+        listener,
+        "host-script.groovy",
+        [:]))
+    host = stream.toString().minus("Result: ")
+
+  } else {
+
+    host = [type:type, name:name, offline:true]
+  }
+  return host
+}
+
+println controllers

token-utils/create-fixed-token.groovy

@@ -0,0 +1,23 @@
+import hudson.model.User
+import jenkins.security.ApiTokenProperty
+// generate token (this would be pre-defined)
+def r = new Random()
+def result = (0..<32).collect { r.nextInt(16) }
+                    .collect { Integer.toString(it, 16).toLowerCase() }
+                    .join();
+String tok = "11" + result
+println tok
+// assign to user
+String userName = "bob"
+String tokenName = "test-token"
+User user = User.get(userName)
+user.addProperty(new ApiTokenProperty());
+user.getProperty(ApiTokenProperty.class).addFixedNewToken(tokenName, tok);
+// test (can be deleted - just for test purposes)
+String jenkinsUrl = "http://..."
+def sout = new StringBuilder(), serr = new StringBuilder()
+def proc = "curl -s -w '%{http_code}\n' -u ${userName}:${tok}
+${jenkinsUrl}/cjoc/api/json".execute()
+proc.consumeProcessOutput(sout, serr)
+proc.waitForOrKill(1000)
+println "out> $sout\nerr> $serr"

token-utils/create-fixed-token.sh

@@ -0,0 +1,7 @@
+tokensync() {
+user="admin"
+admintok="xxxxxxx" # must be `11` followed by 32 hex chars
+tok=11$(hexdump -n 16 -v -e '16/1 "%02X" "\n"' /dev/random)
+curl -u admin:$admintok -d newTokenName=synched -d newTokenPlainValue=$tok
+$CIURL/cjoc/user/$user/descriptorByName/jenkins.security.ApiTokenProperty/addFixedToken
+} # token

token-utils/read-token-from-aws.groovy

@@ -0,0 +1,131 @@
+@Grapes([
+    @Grab('software.amazon.awssdk:secretsmanager:2.17.188'),
+    @Grab('software.amazon.awssdk:sts:2.17.188')
+])
+import software.amazon.awssdk.regions.Region
+import software.amazon.awssdk.services.secretsmanager.*
+import software.amazon.awssdk.services.secretsmanager.model.*
+import java.util.List
+
+
+def listSecrets(SecretsManagerClient secretsClient) {
+    try {
+        ListSecretsResponse secretsResponse = secretsClient.listSecrets()
+        List<SecretListEntry> secrets = secretsResponse.secretList()
+
+        for (SecretListEntry secret: secrets) {
+            System.out.println("The secret name is "+secret.name())
+            System.out.println("The secret description is "+secret.description())
+        }
+
+    } catch (SecretsManagerException e) {
+        println e.awsErrorDetails().errorMessage()
+        throw e
+    }
+}
+
+def listSecretVersions(SecretsManagerClient secretsClient, String secretName) {
+    try {
+        ListSecretVersionIdsRequest listSecretVersionIdsRequest = ListSecretVersionIdsRequest.builder()
+            .secretId(secretName)
+            .build()
+
+        ListSecretVersionIdsResponse listSecretVersionIdsResponse = secretsClient.listSecretVersionIds(listSecretVersionIdsRequest)
+        for (SecretVersionsListEntry version: listSecretVersionIdsResponse.versions()) {
+            println "The version response is " + version
+            print "    The version value is: "
+            getValueByVersionId(secretsClient, secretName, version.versionId)
+        }
+    } catch (SecretsManagerException e) {
+        println e.awsErrorDetails().errorMessage()
+        throw e
+    }
+}
+
+def getValue(SecretsManagerClient secretsClient, String secretName) {
+    try {
+        GetSecretValueRequest valueRequest = GetSecretValueRequest.builder()
+            .secretId(secretName)
+            .build()
+
+        GetSecretValueResponse valueResponse = secretsClient.getSecretValue(valueRequest)
+        String secret = valueResponse.secretString()
+        println secret
+    } catch (SecretsManagerException e) {
+        println e.awsErrorDetails().errorMessage()
+        throw e
+    }
+}
+
+def getValueByStage(SecretsManagerClient secretsClient, String secretName, String versionStage) {
+    try {
+        GetSecretValueRequest valueRequest = GetSecretValueRequest.builder()
+            .secretId(secretName)
+            .versionStage(versionStage)
+            .build()
+
+        GetSecretValueResponse valueResponse = secretsClient.getSecretValue(valueRequest)
+        String secret = valueResponse.secretString()
+        println secret
+    } catch (SecretsManagerException e) {
+        println e.awsErrorDetails().errorMessage()
+        throw e
+    }
+}
+
+def getValueByVersionId(SecretsManagerClient secretsClient, String secretName, String versionId) {
+    try {
+        GetSecretValueRequest valueRequest = GetSecretValueRequest.builder()
+            .secretId(secretName)
+            .versionId(versionId)
+            .build()
+
+        GetSecretValueResponse valueResponse = secretsClient.getSecretValue(valueRequest)
+        String secret = valueResponse.secretString()
+        println secret
+    } catch (SecretsManagerException e) {
+        println e.awsErrorDetails().errorMessage()
+        throw e
+    }
+}
+
+// -------- START
+String regionStr = 'us-east-1'
+String secretStr = 'sboardwell/test/jenkins/token'
+Region region = Region.of(regionStr)
+SecretsManagerClient secretsClient = SecretsManagerClient.builder()
+        .region(region)
+        .build()
+try {
+    println "------------------------------"
+    println "Listing ALL secrets"
+    println "------------------------------"
+    listSecrets(secretsClient)
+
+    println "------------------------------"
+    println "Listing single secret by versionId"
+    println "------------------------------"
+    listSecretVersions(secretsClient, secretStr)
+
+    println "------------------------------"
+    println "Listing single secret"
+    println "------------------------------"
+    getValue(secretsClient, secretStr)
+
+    println "------------------------------"
+    println "Listing single secret by stage - AWSCURRENT"
+    println "------------------------------"
+    getValueByStage(secretsClient, secretStr, 'AWSCURRENT')
+
+    println "------------------------------"
+    println "Listing single secret by stage - AWSPREVIOUS"
+    println "------------------------------"
+    getValueByStage(secretsClient, secretStr, 'AWSPREVIOUS')
+
+} catch (SecretsManagerException e) {
+    println e.awsErrorDetails().errorMessage()
+    throw e
+} finally {
+    secretsClient.close()
+}
+