Add optional required parameter to VaultSecretValue (#186)

bfaulk96 · jetersen · web-flow · commit a31af7d221c2 · 2021-09-11T00:09:34.000+02:00
Co-authored-by: Joseph Petersen &lt;josephp90@gmail.com&gt;
diff --git a/.idea/codeStyles/Project.xml b/.idea/codeStyles/Project.xml
diff --git a/src/main/java/com/datapipe/jenkins/vault/VaultAccessor.java b/src/main/java/com/datapipe/jenkins/vault/VaultAccessor.java
@@ -174,7 +174,7 @@ public static Map<String, String> retrieveVaultSecrets(Run<?,?> run, PrintStream
                 for (VaultSecretValue value : vaultSecret.getSecretValues()) {
                     String vaultKey = value.getVaultKey();
                     String secret = values.get(vaultKey);
-                    if (StringUtils.isBlank(secret)) {
+                    if (StringUtils.isBlank(secret) && value.getIsRequired()) {
                         throw new IllegalArgumentException(
                             "Vault Secret " + vaultKey + " at " + path
                                 + " is either null or empty. Please check the Secret in Vault.");
diff --git a/src/main/java/com/datapipe/jenkins/vault/model/VaultSecretValue.java b/src/main/java/com/datapipe/jenkins/vault/model/VaultSecretValue.java
@@ -40,6 +40,7 @@ public class VaultSecretValue
     extends AbstractDescribableImpl<VaultSecretValue> {
 
     private String envVar;
+    private boolean isRequired = DescriptorImpl.DEFAULT_IS_REQUIRED;
     private final String vaultKey;
 
     @Deprecated
@@ -58,6 +59,11 @@ public void setEnvVar(String envVar) {
         this.envVar = envVar;
     }
 
+    @DataBoundSetter
+    public void setIsRequired(boolean isRequired) {
+        this.isRequired = isRequired;
+    }
+
     /**
      *
      * @return envVar if value is not empty otherwise return vaultKey
@@ -70,10 +76,16 @@ public String getVaultKey() {
         return vaultKey;
     }
 
+    public boolean getIsRequired() {
+        return isRequired;
+    }
+
     @Extension
     public static final class DescriptorImpl
         extends Descriptor<VaultSecretValue> {
 
+        public final static Boolean DEFAULT_IS_REQUIRED = true;
+
         @Override
         public String getDisplayName() {
             return "Environment variable/vault secret value pair";
diff --git a/src/main/resources/com/datapipe/jenkins/vault/model/VaultSecretValue/config.jelly b/src/main/resources/com/datapipe/jenkins/vault/model/VaultSecretValue/config.jelly
@@ -9,6 +9,10 @@
     <f:textbox/>
   </f:entry>
 
+  <f:entry field="isRequired">
+    <f:checkbox title="Required?" default="${descriptor.DEFAULT_IS_REQUIRED}" />
+  </f:entry>
+
   <f:entry title="">
     <div align="right">
       <f:repeatableDeleteButton/>
diff --git a/src/main/resources/com/datapipe/jenkins/vault/model/VaultSecretValue/help-isRequired.html b/src/main/resources/com/datapipe/jenkins/vault/model/VaultSecretValue/help-isRequired.html
@@ -0,0 +1,4 @@
+<div>
+  A toggle to determine if the given Vault secret value must be present in your secret<br/>
+  If checked, the value is required; the plugin will throw an error if the value is not found in the secret.
+</div>
