Feature/custom secret name

README.md

@@ -11,14 +11,14 @@ the Jenkins Credentials Plugin.
 * changes in a Jenkins Build Run thats associated with a Jenkins Job gets replicated to an OpenShift Build object (which is created if necessary if the build was triggered via Jenkins)
 * changes in OpenShift ConfigMap resources are examined for XML documents that correspond to Pod Template configuration for the Kubernetes Cloud plugin at http://github.com/jenkinsci/kubernetes-plugin and change the configuration of the Kubernetes Cloud plugin running in Jenkins to add, edit, or remove Pod Templates based on what exists in the ConfigMap; also note, if the <image></image> setting of the Pod Template starts with "imagestreamtag:", then this plugin will look up the ImageStreamTag for that entry (stripping "imagestreamtag:" first) and if found, replace the entry with the ImageStreamTag's Docker image reference.
 * changes to OpenShift ImageStream resources with the label "role" set to "jenkins-slave" and ImageStreamTag resources with the annotation "role" set to "jenkins-slave" are considered images to used with Pod Templates for the Kubernetes Cloud plugin, where the Pod Templates are added, modified, or deleted from the Kubernetes cloud plugin as corresponding ImageStreams and ImageStreamTags are added, modified, or deleted, or have the "role=jenkins-slave" setting changed.
+* changes to Openshift Secrets with the annotation "jenkins.openshift.io/secret.name" set to any custom name for the secret will result in the name of the Secret being overridden provided that, no other secret has the same identifier. 
 * changes to OpenShift Secrets with the label "credential.sync.jenkins.openshift.io" set to "true" will result in those Secrets getting converted into Jenkins Credentials that are registered with the Jenkins Credentials Plugin.  Mappings occur as follows:
     * "kubernetes.io/basic-auth" map to Jenkins Username / Password credentials
     * "kubernetes.io/ssh-auth" map to Jenkins SSH User credentials
     * Opaque/generic secrets where the data has a "username" key and a "password" key map to Jenkins Username / Password credentials
     * Opaque/generic secrets where the data has a "ssh-privatekey" map to Jenkins SSH User credentials
     * Opaque/generic secrets where the data has a "secrettext" key map to Jenkins Secret Text credentials
     * Opaque/generic secrets where the data has a "openshift-client-token" key map to Jenkins OpenShift Client Plugin Token credentials
-
 * For a Jenkins Secret File credential, the opaque/generic secret requires the 'filename' attribute. See the example below:
 
 ```bash

src/main/java/io/fabric8/jenkins/openshiftsync/Annotations.java

@@ -23,4 +23,5 @@ public class Annotations {
     public static final String GENERATED_BY_JENKINS = "jenkins";
     public static final String DISABLE_SYNC_CREATE = "jenkins.openshift.io/disable-sync-create";
     public static final String BUILDCONFIG_NAME = "openshift.io/build-config.name";
+    public static final String SECRET_NAME = "jenkins.openshift.io/secret.name";
 }

src/main/java/io/fabric8/jenkins/openshiftsync/CredentialsUtils.java

@@ -58,7 +58,8 @@ public static synchronized String updateSourceCredentials(BuildConfig buildConfi
         String credID = null;
         if (sourceSecret != null) {
             credID = upsertCredential(sourceSecret, sourceSecret.getMetadata().getNamespace(),
-                    sourceSecret.getMetadata().getName());
+                    sourceSecret.getMetadata().getName(),
+                    sourceSecret.getMetadata().getAnnotations().get(Annotations.SECRET_NAME));
             if (credID != null)
                 BuildConfigSecretToCredentialsMap.linkBCSecretToCredential(NamespaceName.create(buildConfig).toString(),
                         credID);
@@ -96,19 +97,19 @@ public static synchronized String upsertCredential(Secret secret) throws IOExcep
         if (secret != null) {
             ObjectMeta metadata = secret.getMetadata();
             if (metadata != null) {
-                return upsertCredential(secret, metadata.getNamespace(), metadata.getName());
+                return upsertCredential(secret, metadata.getNamespace(), metadata.getName(), metadata.getAnnotations().get(Annotations.SECRET_NAME));
             }
         }
         return null;
     }
 
-    private static String upsertCredential(Secret secret, String namespace, String secretName) throws IOException {
+    private static String upsertCredential(Secret secret, String namespace, String secretName, String customSecretName) throws IOException {
         String id = null;
         if (secret != null) {
             Credentials creds = secretToCredentials(secret);
             if (creds == null)
                 return null;
-            id = secretName(namespace, secretName);
+            id = secretName(namespace, secretName, customSecretName);
             Credentials existingCreds = lookupCredentials(id);
             final SecurityContext previousContext = ACL.impersonate(ACL.SYSTEM);
             try {
@@ -162,7 +163,7 @@ private static void deleteCredential(String id, NamespaceName name, String resou
 
     public static void deleteCredential(Secret secret) throws IOException {
         if (secret != null) {
-            String id = secretName(secret.getMetadata().getNamespace(), secret.getMetadata().getName());
+            String id = secretName(secret.getMetadata().getNamespace(), secret.getMetadata().getName(), secret.getMetadata().getAnnotations().get(Annotations.SECRET_NAME));
             deleteCredential(id, NamespaceName.create(secret), secret.getMetadata().getResourceVersion());
         }
     }
@@ -197,8 +198,8 @@ private static Credentials lookupCredentials(String id) {
                         CredentialsMatchers.withId(id));
     }
 
-    private static String secretName(String namespace, String name) {
-        return namespace + "-" + name;
+    private static String secretName(String namespace, String name, String customName) {
+        return (customName == null) ? namespace + "-" + name : customName;
     }
 
     private static Credentials arbitraryKeyValueTextCredential(Map<String, String> data, String secretName) {
@@ -225,6 +226,8 @@ private static Credentials arbitraryKeyValueTextCredential(Map<String, String> d
     private static Credentials secretToCredentials(Secret secret) {
         String namespace = secret.getMetadata().getNamespace();
         String name = secret.getMetadata().getName();
+        String customName = secret.getMetadata().getAnnotations().get(Annotations.SECRET_NAME);
+
         Map<String, String> data = secret.getData();
 
         if (data == null) {
@@ -233,7 +236,7 @@ private static Credentials secretToCredentials(Secret secret) {
             return null;
         }
 
-        final String secretName = secretName(namespace, name);
+        final String secretName = secretName(namespace, name, customName);
         switch (secret.getType()) {
         case OPENSHIFT_SECRETS_TYPE_OPAQUE:
             String usernameData = data.get(OPENSHIFT_SECRETS_DATA_USERNAME);