support for self signed certs

build.gradle

@@ -10,7 +10,7 @@ dependencies {
     compile 'org.apache.ivy:ivy:2.2.0'
     compile 'commons-cli:commons-cli:1.2' // should be part of groovy, but not available when running for some reason
     testCompile 'junit:junit:4.10'
-    compile 'org.codehaus.groovy.modules.http-builder:http-builder:0.5.2'
+    compile 'org.codehaus.groovy.modules.http-builder:http-builder:0.6'
 }
 
 task createSourceDirs(description : 'Create empty source directories for all defined sourceSets') << {
@@ -28,12 +28,17 @@ idea {
     }
 }
 
+test {
+    ['jenkinsUrl'].each {
+        if (System.getProperty(it)) systemProperty it, System.getProperty(it)
+    }
+}
 
 task syncWithRepo(dependsOn: 'classes', type: JavaExec) {
     main = 'com.entagen.jenkins.Main'
     classpath = sourceSets.main.runtimeClasspath
     // pass through specified system properties to the call to main
-    ['help', 'jenkinsUrl', 'jenkinsUser', 'jenkinsPassword', 'gitUrl', 'templateJobPrefix', 'templateBranchName', 'branchNameRegex', 'nestedView', 'printConfig', 'dryRun', 'startOnCreate', 'noViews', 'noDelete'].each {
+    ['help', 'jenkinsUrl', 'jenkinsUser', 'jenkinsPassword', 'gitUrl', 'templateJobPrefix', 'templateBranchName', 'branchNameRegex', 'nestedView', 'printConfig', 'dryRun', 'startOnCreate', 'noViews', 'noDelete', 'allowSelfsignedSslCerts'].each {
         if (System.getProperty(it)) systemProperty it, System.getProperty(it)
     }
 

src/main/groovy/com/entagen/jenkins/JenkinsApi.groovy

@@ -10,11 +10,17 @@ import org.apache.http.HttpStatus
 import org.apache.http.HttpRequestInterceptor
 import org.apache.http.protocol.HttpContext
 import org.apache.http.HttpRequest
+import org.apache.http.conn.ssl.SSLSocketFactory
+import org.apache.http.conn.scheme.Scheme
+import org.apache.http.conn.ssl.TrustSelfSignedStrategy
+
+
 
 class JenkinsApi {
     String jenkinsServerUrl
     RESTClient restClient
     HttpRequestInterceptor requestInterceptor
+    SSLSocketFactory socketFactory
     boolean findCrumb = true
     def crumbInfo
 
@@ -37,6 +43,12 @@ class JenkinsApi {
         this.restClient.client.addRequestInterceptor(this.requestInterceptor)
     }
 
+    public void allowSelfsignedSslCerts(){
+        this.socketFactory = new SSLSocketFactory(new TrustSelfSignedStrategy())
+        this.socketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)
+        this.restClient.client.connectionManager.schemeRegistry.register(new Scheme("https", this.socketFactory, 443))
+    }
+
     List<String> getJobNames(String prefix = null) {
         println "getting project names from " + jenkinsServerUrl + "api/json"
         def response = get(path: 'api/json')
@@ -50,7 +62,6 @@ class JenkinsApi {
                 headers: [Accept: 'application/xml'])
         response.data.text
     }
-
     void cloneJobForBranch(ConcreteJob missingJob, List<TemplateJob> templateJobs) {
         String missingJobConfig = configForMissingJob(missingJob, templateJobs)
         TemplateJob templateJob = missingJob.templateJob
@@ -201,6 +212,9 @@ class JenkinsApi {
         if (requestInterceptor) {
             http.client.addRequestInterceptor(this.requestInterceptor)
         }
+        if (this.socketFactory){
+            http.client.connectionManager.schemeRegistry.register(new Scheme("https", this.socketFactory, 443))
+        }
 
         Integer status = HttpStatus.SC_EXPECTATION_FAILED
 

src/main/groovy/com/entagen/jenkins/JenkinsJobManager.groovy

@@ -11,6 +11,7 @@ class JenkinsJobManager {
     String branchNameRegex
     String jenkinsUser
     String jenkinsPassword
+    Boolean allowSelfsignedSslCerts = false
 
     Boolean dryRun = false
     Boolean noViews = false
@@ -152,6 +153,7 @@ class JenkinsJobManager {
             }
 
             if (jenkinsUser || jenkinsPassword) this.jenkinsApi.addBasicAuth(jenkinsUser, jenkinsPassword)
+            if (allowSelfsignedSslCerts) this.jenkinsApi.allowSelfsignedSslCerts()
         }
 
         return this.jenkinsApi

src/main/groovy/com/entagen/jenkins/Main.groovy

@@ -19,7 +19,8 @@ class Main {
             k: [longOpt: 'no-delete', required: false, args: 0, argName: 'noDelete', description: "Do not delete (keep) branches and views - gradle flag -DnoDelete=true"],
             f: [longOpt: 'filter-branch-names', required: false, args:  1, argName:  'branchNameRegex', description: "Only branches matching the regex will be accepted - gradle flag: -DbranchNameRegex=<regex>"],
             usr: [longOpt: 'jenkins-user',  required: false, args: 1, argName: 'jenkinsUser', description: "Jenkins username - gradle flag -DjenkinsUser=<jenkinsUser>"],
-            pwd: [longOpt: 'jenkins-password',  required: false, args: 1, argName: 'jenkinsPassword', description: "Jenkins password - gradle flag -DjenkinsPassword=<jenkinsPassword>"]
+            pwd: [longOpt: 'jenkins-password',  required: false, args: 1, argName: 'jenkinsPassword', description: "Jenkins password - gradle flag -DjenkinsPassword=<jenkinsPassword>"],
+            selfsigned: [longOpt: 'allow-selfsigned-ssl-certs', required:false, args: 0, argName:'allowSelfsignedSslCerts', description: "Allow self signed ssl certificats for Jenkins API calls"]
     ]
 
     public static void main(String[] args) {

src/test/groovy/com/entagen/jenkins/JenkinsApiSSLTest.groovy

@@ -0,0 +1,31 @@
+package com.entagen.jenkins
+
+import org.junit.Test
+import groovy.mock.interceptor.MockFor
+import org.apache.http.client.HttpResponseException
+import groovyx.net.http.RESTClient
+import net.sf.json.JSON
+import net.sf.json.JSONObject
+
+class JenkinsApiSSLTest extends GroovyTestCase {
+
+    private String getJenkinsServerUrl(){
+        return System.getProperty("jenkinsUrl") ?: "http://localhost:9090/jenkins"
+    }
+
+    @Test public void testGetJobNames() {
+        JenkinsApi api = new JenkinsApi(jenkinsServerUrl: getJenkinsServerUrl())
+        api.allowSelfsignedSslCerts()
+        api.getJobNames()
+    }
+
+    @Test public void testGetJobNamesWithoutSelfsignedSslCerts() {
+        JenkinsApi api = new JenkinsApi(jenkinsServerUrl: getJenkinsServerUrl())
+        if(jenkinsServerUrl.startsWith("https")){
+            assert "peer not authenticated" == shouldFail {
+                api.getJobNames("myproj")
+            }
+        }
+    }
+}
+