Merge pull request #72 from egnyte/jira-token

Add Jira token auth feature
egnyte · Sep 20, 2024 · 5b73450 · 5b73450
2 parents 3b0dbcc + 3d5b35d
commit 5b73450
Show file tree

Hide file tree

Showing 3 changed files with 46 additions and 7 deletions.
diff --git a/README.md b/README.md
@@ -193,8 +193,8 @@ Cloudimized authenticates to Slack using Slack's Applications Bot User token. To
 Cloudimized authenticates to Jira using Username and Password/Token combination. Credentials are passed to script via
 env var
 
-* env var `JIRA_USR` - Jira's username
-* env var `JIRA_PSW` - Jira's password/token
+* env var `JIRA_USR` - Jira's username - (note: not set when using Token auth)
+* env var `JIRA_PSW` - Jira's password/Token
 
 ### Configuration file
 
@@ -288,6 +288,8 @@ change_processor:
      # Regex filter for selecting projects for which create issues (optional)
      filterSet:
         projectId: ".*production-only.*"
+     # Flag to indicate token use for auth instead of Username/Password
+     isToken: True
   # Terraform Runs configuration
   terraform:
     # Terraform URL

diff --git a/cloudimized/core/jiranotifier.py b/cloudimized/core/jiranotifier.py
@@ -10,6 +10,8 @@
 
 JIRA_USR = "JIRA_USR"
 JIRA_PSW = "JIRA_PSW"
+JIRA_IS_TOKEN = "isToken"
+
 
 DEFAULT_ISSUE_TYPE = "Task"
 URL = "url"
@@ -61,8 +63,12 @@ def post(self, change: GitChange):
                 logger.info("Skipping ticket creation for non-matching project id")
                 return
         try:
-            logger.info(f"Connecting to Jira '{self.jira_url}' as '{self.username}'")
-            jira = JIRA(options={'server': self.jira_url}, basic_auth=(self.username, self.password))
+            if self.username:
+                logger.info(f"Connecting to Jira '{self.jira_url}' as '{self.username}'")
+                jira = JIRA(options={'server': self.jira_url}, basic_auth=(self.username, self.password))
+            else:
+                logger.info(f"Connecting to Jira '{self.jira_url}' using token auth")
+                jira = JIRA(options={'server': self.jira_url}, token_auth=self.password)
             summary = f"GCP manual change detected - project: {change.project}, resource: {change.resource_type}"
             # In case multiple changers were identified
             if len(change.changers) == 0:
@@ -109,8 +115,11 @@ def configure_jiranotifier(config: Dict[str, Any], username: str, password: str)
     required_keys = [URL, PROJECTKEY]
     if not all(key in config for key in required_keys):
         raise JiraNotifierError(f"Missing one of required config keys: {required_keys}")
-    if not all(key for key in [username, password]):
-        raise JiraNotifierError(f"Missing Jira Username/Password credentials")
+    if config.get(JIRA_IS_TOKEN, "false") != True:
+        if not username:
+            raise JiraNotifierError(f"Jira username not set in env var: '{JIRA_USR}' AND not using token auth")
+    if not password:
+        raise JiraNotifierError(f"Jira password/token not set in env var: '{JIRA_PSW}'")
     extra_fields = config.get(FIELDS, {})
     if not isinstance(extra_fields, dict):
         raise JiraNotifierError(f"Incorrect Jira Notifier Fields configuration. "

diff --git a/tests/test_jiranotifier.py b/tests/test_jiranotifier.py
@@ -41,7 +41,16 @@ def test_configure_missing_credentials(self):
             configure_jiranotifier(config={"url": "", "projectKey": ""},
                                    username="test_user",
                                    password="")
-        self.assertEqual(f"Missing Jira Username/Password credentials", str(cm.exception))
+        self.assertEqual(f"Jira password/token not set in env var: 'JIRA_PSW'",
+                         str(cm.exception))
+
+    def test_configure_missing_token(self):
+        with self.assertRaises(JiraNotifierError) as cm:
+            configure_jiranotifier(config={"url": "", "projectKey": "", "isToken": True},
+                                   username="",
+                                   password="")
+        self.assertEqual(f"Jira password/token not set in env var: 'JIRA_PSW'",
+                         str(cm.exception))
 
     def test_configure_incorrect_fields_type(self):
         with self.assertRaises(JiraNotifierError) as cm:
@@ -96,6 +105,25 @@ def test_configure_correct_result(self, mock_jiranotifier):
                                              filter_set=None,
                                              extra="testField")
 
+    @mock.patch("cloudimized.core.jiranotifier.JiraNotifier", spec=JiraNotifier)
+    def test_configure_correct_result_with_token_auth(self, mock_jiranotifier):
+        result = configure_jiranotifier(config={"url": "test_url",
+                                                "projectKey": "TEST",
+                                                "isToken": True,
+                                                "fields": {
+                                                    "extra": "testField"
+                                                }},
+                                        username="",
+                                        password="test_password")
+        self.assertIsInstance(result, JiraNotifier)
+        mock_jiranotifier.assert_called_with(jira_url="test_url",
+                                             username="",
+                                             password="test_password",
+                                             issuetype="Task",
+                                             projectkey="TEST",
+                                             filter_set=None,
+                                             extra="testField")
+
     @mock.patch("cloudimized.core.jiranotifier.JIRA", spec=JIRA)
     def test_post_non_manual_change(self, mock_jira):
         self.gitchange.manual = False