in cli/src/main/java/hudson/cli/CLI.java [108:320]
public static int _main(String[] _args) throws Exception {
List<String> args = Arrays.asList(_args);
PrivateKeyProvider provider = new PrivateKeyProvider();
String url = System.getenv("JENKINS_URL");
if (url==null)
url = System.getenv("HUDSON_URL");
boolean noKeyAuth = false;
// TODO perhaps allow mode to be defined by environment variable too (assuming $JENKINS_USER_ID can be used for -user)
Mode mode = null;
String user = null;
String auth = null;
String bearer = null;
String userIdEnv = System.getenv("JENKINS_USER_ID");
String tokenEnv = System.getenv("JENKINS_API_TOKEN");
boolean strictHostKey = false;
while(!args.isEmpty()) {
String head = args.get(0);
if (head.equals("-version")) {
System.out.println("Version: "+computeVersion());
return 0;
}
if (head.equals("-http")) {
if (mode != null) {
printUsage("-http clashes with previously defined mode " + mode);
return -1;
}
mode = Mode.HTTP;
args = args.subList(1, args.size());
continue;
}
if (head.equals("-ssh")) {
if (mode != null) {
printUsage("-ssh clashes with previously defined mode " + mode);
return -1;
}
mode = Mode.SSH;
args = args.subList(1, args.size());
continue;
}
if (head.equals("-webSocket")) {
if (mode != null) {
printUsage("-webSocket clashes with previously defined mode " + mode);
return -1;
}
mode = Mode.WEB_SOCKET;
args = args.subList(1, args.size());
continue;
}
if (head.equals("-remoting")) {
printUsage("-remoting mode is no longer supported");
return -1;
}
if(head.equals("-s") && args.size()>=2) {
url = args.get(1);
args = args.subList(2,args.size());
continue;
}
if (head.equals("-noCertificateCheck")) {
LOGGER.info("Skipping HTTPS certificate checks altogether. Note that this is not secure at all.");
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, new TrustManager[]{new NoCheckTrustManager()}, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
// bypass host name check, too.
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
@SuppressFBWarnings(value = "WEAK_HOSTNAME_VERIFIER", justification = "User set parameter to skip verifier.")
public boolean verify(String s, SSLSession sslSession) {
return true;
}
});
args = args.subList(1,args.size());
continue;
}
if (head.equals("-noKeyAuth")) {
noKeyAuth = true;
args = args.subList(1,args.size());
continue;
}
if(head.equals("-i") && args.size()>=2) {
File f = getFileFromArguments(args);
if (!f.exists()) {
printUsage(Messages.CLI_NoSuchFileExists(f));
return -1;
}
provider.readFrom(f);
args = args.subList(2,args.size());
continue;
}
if (head.equals("-strictHostKey")) {
strictHostKey = true;
args = args.subList(1, args.size());
continue;
}
if (head.equals("-user") && args.size() >= 2) {
user = args.get(1);
args = args.subList(2, args.size());
continue;
}
if (head.equals("-auth") && args.size() >= 2) {
auth = args.get(1);
args = args.subList(2, args.size());
continue;
}
if (head.equals("-bearer") && args.size() >= 2) {
bearer = args.get(1);
args = args.subList(2, args.size());
continue;
}
if (head.equals("-logger") && args.size() >= 2) {
Level level = parse(args.get(1));
for (Handler h : Logger.getLogger("").getHandlers()) {
h.setLevel(level);
}
for (Logger logger : new Logger[] {LOGGER, FullDuplexHttpStream.LOGGER, PlainCLIProtocol.LOGGER, Logger.getLogger("org.apache.sshd")}) { // perhaps also Channel
logger.setLevel(level);
}
args = args.subList(2, args.size());
continue;
}
break;
}
if(url==null) {
printUsage(Messages.CLI_NoURL());
return -1;
}
if (auth != null && bearer != null) {
LOGGER.warning("-auth and -bearer are mutually exclusive");
}
if (auth == null && bearer == null) {
// -auth option not set
if (StringUtils.isNotBlank(userIdEnv) && StringUtils.isNotBlank(tokenEnv)) {
auth = StringUtils.defaultString(userIdEnv).concat(":").concat(StringUtils.defaultString(tokenEnv));
} else if (StringUtils.isNotBlank(userIdEnv) || StringUtils.isNotBlank(tokenEnv)) {
printUsage(Messages.CLI_BadAuth());
return -1;
} // Otherwise, none credentials were set
}
if (!url.endsWith("/")) {
url += '/';
}
if(args.isEmpty())
args = Collections.singletonList("help"); // default to help
if (mode == null) {
mode = Mode.HTTP;
}
LOGGER.log(FINE, "using connection mode {0}", mode);
if (user != null && auth != null) {
LOGGER.warning("-user and -auth are mutually exclusive");
}
if (mode == Mode.SSH) {
if (user == null) {
// TODO SshCliAuthenticator already autodetects the user based on public key; why cannot AsynchronousCommand.getCurrentUser do the same?
LOGGER.warning("-user required when using -ssh");
return -1;
}
if (!noKeyAuth && !provider.hasKeys()) {
provider.readFromDefaultLocations();
}
return SSHCLI.sshConnection(url, user, args, provider, strictHostKey);
}
if (strictHostKey) {
LOGGER.warning("-strictHostKey meaningful only with -ssh");
}
if (noKeyAuth) {
LOGGER.warning("-noKeyAuth meaningful only with -ssh");
}
if (user != null) {
LOGGER.warning("Warning: -user ignored unless using -ssh");
}
CLIConnectionFactory factory = new CLIConnectionFactory();
String userInfo = new URL(url).getUserInfo();
if (userInfo != null) {
factory = factory.basicAuth(userInfo);
} else if (auth != null) {
factory = factory.basicAuth(auth.startsWith("@") ? readAuthFromFile(auth).trim() : auth);
} else if (bearer != null) {
factory = factory.bearerAuth(bearer.startsWith("@") ? readAuthFromFile(bearer).trim() : bearer);
}
if (mode == Mode.HTTP) {
return plainHttpConnection(url, args, factory);
}
if (mode == Mode.WEB_SOCKET) {
return webSocketConnection(url, args, factory);
}
throw new AssertionError();
}