Add credentials for Gradle plugin repository

src/main/java/hudson/plugins/gradle/injection/BuildScanEnvironmentContributor.java

@@ -12,30 +12,28 @@
 import hudson.util.Secret;
 
 import javax.annotation.Nonnull;
+import javax.annotation.Nullable;
+import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
-import java.util.Set;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
+
+import static hudson.plugins.gradle.injection.GradleInjectionAware.JENKINSGRADLEPLUGIN_GRADLE_PLUGIN_REPOSITORY_PASSWORD;
 
 @Extension
 public class BuildScanEnvironmentContributor extends EnvironmentContributor {
 
     @Override
     public void buildEnvironmentFor(@Nonnull Run run, @Nonnull EnvVars envs, @Nonnull TaskListener listener) {
-        Secret secret = InjectionConfig.get().getAccessKey();
-        if (secret == null || alreadyExecuted(run)) {
-            return;
-        }
-
-        String accessKey = secret.getPlainText();
-        if (!GradleEnterpriseAccessKeyValidator.getInstance().isValid(accessKey)) {
-            GradleEnterpriseLogger logger = new GradleEnterpriseLogger(listener);
-            logger.error("Gradle Enterprise access key format is not valid");
-            run.addAction(GradleEnterpriseParametersAction.empty());
+        Secret secretKey = InjectionConfig.get().getAccessKey();
+        Secret secretPassword = InjectionConfig.get().getGradlePluginRepositoryPassword();
+        if ((secretKey == null && secretPassword == null) || alreadyExecuted(run)) {
             return;
         }
 
-        run.addAction(GradleEnterpriseParametersAction.of(accessKey));
+        run.addAction(GradleEnterpriseParametersAction.of(new GradleEnterpriseLogger(listener), secretKey, secretPassword));
     }
 
     private static boolean alreadyExecuted(@Nonnull Run run) {
@@ -45,7 +43,7 @@ private static boolean alreadyExecuted(@Nonnull Run run) {
     public static class GradleEnterpriseParametersAction extends ParametersAction {
 
         private static final String GRADLE_ENTERPRISE_ACCESS_KEY = "GRADLE_ENTERPRISE_ACCESS_KEY";
-        private static final Set<String> ADDITIONAL_SAFE_PARAMETERS = Collections.singleton(GRADLE_ENTERPRISE_ACCESS_KEY);
+        private static final String GRADLE_ENTERPRISE_REPO_PASSWORD = JENKINSGRADLEPLUGIN_GRADLE_PLUGIN_REPOSITORY_PASSWORD;
 
         private static final GradleEnterpriseParametersAction EMPTY = new GradleEnterpriseParametersAction();
 
@@ -61,10 +59,24 @@ static GradleEnterpriseParametersAction empty() {
             return EMPTY;
         }
 
-        static GradleEnterpriseParametersAction of(String accessKey) {
+        static GradleEnterpriseParametersAction of(GradleEnterpriseLogger logger, @Nullable Secret accessKey, @Nullable Secret repoPassword) {
+            List<ParameterValue> values = new ArrayList<>();
+            if (accessKey != null) {
+                if (!GradleEnterpriseAccessKeyValidator.getInstance().isValid(accessKey.getPlainText())) {
+                    logger.error("Gradle Enterprise access key format is not valid");
+                } else {
+                    values.add(new PasswordParameterValue(GRADLE_ENTERPRISE_ACCESS_KEY, accessKey.getPlainText()));
+                }
+            }
+            if (repoPassword != null) {
+                values.add(new PasswordParameterValue(GRADLE_ENTERPRISE_REPO_PASSWORD, repoPassword.getPlainText()));
+            }
+            if (values.isEmpty()) {
+                return GradleEnterpriseParametersAction.empty();
+            }
             return new GradleEnterpriseParametersAction(
-                Collections.singletonList(new PasswordParameterValue(GRADLE_ENTERPRISE_ACCESS_KEY, accessKey, null)),
-                ADDITIONAL_SAFE_PARAMETERS
+                values,
+                Stream.of(GRADLE_ENTERPRISE_ACCESS_KEY, GRADLE_ENTERPRISE_REPO_PASSWORD).collect(Collectors.toSet())
             );
         }
     }

src/main/java/hudson/plugins/gradle/injection/GradleBuildScanInjection.java

@@ -122,6 +122,13 @@ private void injectEnvironmentVariables(InjectionConfig config, Node node) {
         if (pluginRepositoryUrl != null && InjectionUtil.isValid(InjectionConfig.checkUrl(pluginRepositoryUrl))) {
             EnvUtil.setEnvVar(node, JENKINSGRADLEPLUGIN_GRADLE_PLUGIN_REPOSITORY_URL, pluginRepositoryUrl);
         }
+
+        if (config.getGradlePluginRepositoryUsername() != null) {
+            EnvUtil.setEnvVar(node, JENKINSGRADLEPLUGIN_GRADLE_PLUGIN_REPOSITORY_USERNAME, config.getGradlePluginRepositoryUsername());
+        } else {
+            EnvUtil.removeEnvVar(node, JENKINSGRADLEPLUGIN_GRADLE_PLUGIN_REPOSITORY_USERNAME);
+        }
+
         String ccudPluginVersion = config.getCcudPluginVersion();
         if (ccudPluginVersion != null && InjectionUtil.isValid(InjectionConfig.checkVersion(ccudPluginVersion))) {
             EnvUtil.setEnvVar(node, JENKINSGRADLEPLUGIN_CCUD_PLUGIN_VERSION, ccudPluginVersion);

src/main/java/hudson/plugins/gradle/injection/GradleInjectionAware.java

@@ -18,6 +18,8 @@ public interface GradleInjectionAware {
     String JENKINSGRADLEPLUGIN_GRADLE_ENTERPRISE_ENFORCE_URL = "JENKINSGRADLEPLUGIN_GRADLE_ENTERPRISE_ENFORCE_URL";
     String JENKINSGRADLEPLUGIN_GRADLE_ENTERPRISE_ALLOW_UNTRUSTED_SERVER = "JENKINSGRADLEPLUGIN_GRADLE_ENTERPRISE_ALLOW_UNTRUSTED_SERVER";
     String JENKINSGRADLEPLUGIN_GRADLE_PLUGIN_REPOSITORY_URL = "JENKINSGRADLEPLUGIN_GRADLE_PLUGIN_REPOSITORY_URL";
+    String JENKINSGRADLEPLUGIN_GRADLE_PLUGIN_REPOSITORY_USERNAME = "JENKINSGRADLEPLUGIN_GRADLE_PLUGIN_REPOSITORY_USERNAME";
+    String JENKINSGRADLEPLUGIN_GRADLE_PLUGIN_REPOSITORY_PASSWORD = "JENKINSGRADLEPLUGIN_GRADLE_PLUGIN_REPOSITORY_PASSWORD";
     String JENKINSGRADLEPLUGIN_GRADLE_ENTERPRISE_PLUGIN_VERSION = "JENKINSGRADLEPLUGIN_GRADLE_ENTERPRISE_PLUGIN_VERSION";
     String JENKINSGRADLEPLUGIN_CCUD_PLUGIN_VERSION = "JENKINSGRADLEPLUGIN_CCUD_PLUGIN_VERSION";
 

src/main/java/hudson/plugins/gradle/injection/InjectionConfig.java

@@ -58,6 +58,8 @@ public class InjectionConfig extends GlobalConfiguration {
     private String gradlePluginVersion;
     private String ccudPluginVersion;
     private String gradlePluginRepositoryUrl;
+    private String gradlePluginRepositoryUsername;
+    private Secret gradlePluginRepositoryPassword;
     private ImmutableList<NodeLabelItem> gradleInjectionEnabledNodes;
     private ImmutableList<NodeLabelItem> gradleInjectionDisabledNodes;
 
@@ -148,6 +150,30 @@ public void setAccessKey(Secret accessKey) {
         }
     }
 
+    @CheckForNull
+    public String getGradlePluginRepositoryUsername() {
+        return gradlePluginRepositoryUsername;
+    }
+
+    @DataBoundSetter
+    public void setGradlePluginRepositoryUsername(String gradlePluginRepositoryUsername) {
+        this.gradlePluginRepositoryUsername = Util.fixEmptyAndTrim(gradlePluginRepositoryUsername);
+    }
+
+    @CheckForNull
+    public Secret getGradlePluginRepositoryPassword() {
+        return gradlePluginRepositoryPassword;
+    }
+
+    @DataBoundSetter
+    public void setGradlePluginRepositoryPassword(Secret gradlePluginRepositoryPassword) {
+        if (Util.fixEmptyAndTrim(gradlePluginRepositoryPassword.getPlainText()) == null) {
+            this.gradlePluginRepositoryPassword = null;
+        } else {
+            this.gradlePluginRepositoryPassword = gradlePluginRepositoryPassword;
+        }
+    }
+
     @CheckForNull
     public String getGradlePluginVersion() {
         return gradlePluginVersion;

src/main/resources/hudson/plugins/gradle/injection/InjectionConfig/config.jelly

@@ -72,6 +72,12 @@
                 <f:entry title="${%Gradle plugin repository url}" field="gradlePluginRepositoryUrl">
                     <f:textbox checkMethod="post"/>
                 </f:entry>
+                <f:entry title="${%Gradle plugin repository username}" field="gradlePluginRepositoryUsername">
+                    <f:textbox checkMethod="post"/>
+                </f:entry>
+                <f:entry title="${%Gradle plugin repository password}" field="gradlePluginRepositoryPassword">
+                    <f:password/>
+                </f:entry>
                 <f:entry title="${%Gradle auto-injection enabled nodes}"
                          help="/plugin/gradle/help-gradleInjectionEnabledNodes.html">
                     <f:repeatableProperty field="gradleInjectionEnabledNodes">

src/main/resources/hudson/plugins/gradle/injection/init-script.gradle

@@ -23,16 +23,28 @@ initscript {
     def pluginRepositoryUrl = getInputParam('jenkinsGradlePlugin.gradle.plugin-repository.url')
     def gePluginVersion = getInputParam('jenkinsGradlePlugin.gradle-enterprise.plugin.version')
     def ccudPluginVersion = getInputParam('jenkinsGradlePlugin.ccud.plugin.version')
+    def gradlePluginRepoUsername = getInputParam('jenkinsGradlePlugin.gradle.plugin-repository.username')
+    def gradlePluginRepoPassword = getInputParam('jenkinsGradlePlugin.gradle.plugin-repository.password')
 
     def atLeastGradle5 = GradleVersion.current() >= GradleVersion.version('5.0')
     def atLeastGradle4 = GradleVersion.current() >= GradleVersion.version('4.0')
 
     if (gePluginVersion || ccudPluginVersion && atLeastGradle4) {
         pluginRepositoryUrl = pluginRepositoryUrl ?: 'https://plugins.gradle.org/m2'
         logger.quiet("Gradle Enterprise plugins resolution: $pluginRepositoryUrl")
-
         repositories {
-            maven { url pluginRepositoryUrl }
+            maven {
+                url pluginRepositoryUrl
+                if (gradlePluginRepoUsername && gradlePluginRepoPassword) {
+                    credentials {
+                        username(gradlePluginRepoUsername)
+                        password(gradlePluginRepoPassword)
+                    }
+                    authentication {
+                        basic(BasicAuthentication)
+                    }
+                }
+            }
         }
     }