credentials: Escape Groovy characters

Fixes solita#23.

CHANGELOG.rst

@@ -15,6 +15,8 @@ Git master
 - Use a password file and remove most ``no_log`` statements to aid in
   debugging.
 
+- Escape Groovy special characters in credentials (`#23_`).
+
 --------------------------
 Version 1.3.0 (2017-04-20)
 --------------------------
@@ -85,4 +87,5 @@ Version 1.0.0 (2016-06-29)
 
 .. _#14: https://github.com/solita/ansible-role-solita.jenkins/issues/14
 .. _#17: https://github.com/solita/ansible-role-solita.jenkins/issues/17
+.. _#23: https://github.com/solita/ansible-role-solita.jenkins/issues/23
 .. _#24: https://github.com/solita/ansible-role-solita.jenkins/pull/24

doc/solita.jenkins.rst

@@ -215,7 +215,7 @@ the id ``bob``::
       alice:
         username: alice
         password: swordfish
-        description: Alices password        # Optional
+        description: Alice's password       # Optional
 
       bob:
         username: bob                       # Optional
@@ -228,7 +228,7 @@ the id ``bob``::
           da0O2tRUD1uRrlEovhL3PQT2fTzkV8F4YEOl5afVopLb1fK6sDef2i0jr1P0vw==
           -----END RSA PRIVATE KEY-----
         passphrase: swordfish               # Optional
-        description: Bobs SSH Key           # Optional
+        description: Bob's SSH Key          # Optional
 
 ::
 
@@ -238,10 +238,6 @@ the id ``bob``::
       roles:
         - solita.jenkins
 
-.. note ::
-
-    Currently you can't use apostrophes (') in the credentials (`#23`_).
-
 .. note ::
 
     Use YAML's pipe syntax to keep the linebreaks in the private key.

library/solita_jenkins_credential

@@ -9,7 +9,7 @@ import com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey;
 import com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey$DirectEntryPrivateKeySource;
 
 jsonSlurper = new JsonSlurper()
-def params = jsonSlurper.parseText('%s')
+def params = jsonSlurper.parseText("%s")
 
 result = [
     changed: false
@@ -69,6 +69,9 @@ println JsonOutput.toJson(result)
 
 import json
 
+def escape(s):
+    return s.replace('\\', '\\\\').replace('"', '\\"').replace('$', '\\$')
+
 def main():
     module = AnsibleModule(
         argument_spec = dict(
@@ -94,12 +97,12 @@ def main():
 
     rc, stdout, stderr = module.run_command(
             "%(solita_jenkins_cli)s groovy =" % module.params,
-            data=(SCRIPT % script_args_json))
+            data=(SCRIPT % escape(script_args_json)))
 
     if (rc != 0):
         module.fail_json(msg=stderr)
 
-    print(stdout)
+    print(stdout.rstrip())
 
 from ansible.module_utils.basic import *
 if __name__ == '__main__':

test/test_credentials.rb

@@ -17,11 +17,11 @@ def test_add_password
           foo:
             username: foouser
             password: foopass
-            description: foodesc
+            description: foo's desc
           xyz:
             username: xyzuser
             password: xyzpass
-            description: xyzdesc
+            description: xyz's desc
         solita_jenkins_absent_credentials:
           - bar
       roles:
@@ -36,19 +36,19 @@ def test_add_password
           foo:
             username: foouser
             password: foopass
-            description: foodesc
+            description: foo's desc
           bar:
             username: baruser
             password: barpass
-            description: bardesc
+            description: bar's desc
       roles:
         - solita.jenkins
     EOF
     # Foo and xyz should remain present, and bar should be added.
     login_as 'solita_jenkins'
-    assert_equal ['foouser/****** (foodesc)',
-                  'baruser/****** (bardesc)',
-                  'xyzuser/****** (xyzdesc)',
+    assert_equal ["foouser/****** (foo's desc)",
+                  "baruser/****** (bar's desc)",
+                  "xyzuser/****** (xyz's desc)",
                   ].to_set, list_credentials
   end
 
@@ -74,12 +74,12 @@ def test_add_ssh_key
             username: foouser
             private_key: fookey
             passphrase: foopass
-            description: foodesc
+            description: foo's desc
       roles:
         - solita.jenkins
     EOF
     login_as 'solita_jenkins'
-    assert_equal ['foouser (foodesc)'].to_set, list_credentials
+    assert_equal ["foouser (foo's desc)"].to_set, list_credentials
   end
 
   # Credentials listed in solita_jenkins_absent_credentials are removed if they
@@ -94,11 +94,11 @@ def test_remove_credentials
           foo:
             username: foouser
             password: foopass
-            description: foodesc
+            description: foo's desc
           xyz:
             username: xyzuser
             password: xyzpass
-            description: xyzdesc
+            description: xyz's desc
         solita_jenkins_absent_credentials:
           - bar
       roles:
@@ -118,7 +118,7 @@ def test_remove_credentials
     # Xyz should remain present, bar should remain absent, and foo should be
     # removed.
     login_as 'solita_jenkins'
-    assert_equal ['xyzuser/****** (xyzdesc)'].to_set, list_credentials
+    assert_equal ["xyzuser/****** (xyz's desc)"].to_set, list_credentials
   end
 
   # Existing credentials can be changed.
@@ -161,4 +161,27 @@ def test_change_credentials
     assert_equal ['foouser', 'baruser/******'].to_set, list_credentials
   end
 
+  # Special character's are escaped correctly.
+  def test_special_characters
+    # Foo is a password, bar is an SSH key.
+    ansible_playbook '--tags solita_jenkins_credentials', <<-EOF
+    ---
+    - hosts: vagrant
+      vars:
+        solita_jenkins_credentials:
+          foo:
+            username: foouser
+            password: foopass
+            description: "\\\\foo \\"' ${bar}"
+        solita_jenkins_absent_credentials:
+          - bar
+          - xyz
+      roles:
+        - solita.jenkins
+    EOF
+    login_as 'solita_jenkins'
+    assert_equal ["foouser/****** (\\foo \"' ${bar})",
+                  ].to_set, list_credentials
+  end
+
 end