Merge branch 'jfrog:master' into feature/access_credentials_when_auth…

…orize_project_is_enabled
jfrog · Apr 24, 2024 · 7a5cd60 · 7a5cd60
2 parents 5a9aedc + b6506c2
commit 7a5cd60
Show file tree

Hide file tree

Showing 4 changed files with 56 additions and 5 deletions.
diff --git a/pom.xml b/pom.xml
@@ -33,15 +33,15 @@
 
     <properties>
         <!-- Minimal version required by Pipeline dependencies in 2.14.0 -->
-        <jenkins.version>2.235.5</jenkins.version>
+        <jenkins.version>2.263.1</jenkins.version>
         <java.level>8</java.level>
         <!-- TODO: enforcer is full of upper bound dependency issues, including real ones -->
         <enforcer.skip>true</enforcer.skip>
         <findbugs.failOnError>true</findbugs.failOnError>
         <!--Skip integration tests unless explicitly requested with -DskipITs=false-->
         <skipITs>true</skipITs>
 
-        <buildinfo.version>2.41.12</buildinfo.version>
+        <buildinfo.version>2.41.14</buildinfo.version>
         <buildinfo.gradle.version>5.1.14</buildinfo.gradle.version>
     </properties>
 
@@ -143,7 +143,7 @@
         <dependency>
             <groupId>org.jenkins-ci.plugins</groupId>
             <artifactId>apache-httpcomponents-client-4-api</artifactId>
-            <version>4.5.10-1.0</version>
+            <version>4.5.13-1.0</version>
             <exclusions>
                 <!-- An updated version of httpcomponents is received from the buildinfo dependency -->
                 <exclusion>
@@ -455,6 +455,11 @@
             <artifactId>ivy</artifactId>
             <version>2.5.2</version>
         </dependency>
+        <dependency>
+            <groupId>io.jenkins.plugins</groupId>
+            <artifactId>jersey2-api</artifactId>
+            <version>2.35-8</version>
+        </dependency>
         <dependency>
             <groupId>org.jenkins-ci.plugins</groupId>
             <artifactId>jira</artifactId>
@@ -547,6 +552,12 @@
             <version>2.4.21</version>
             <scope>provided</scope>
         </dependency>
+        <dependency>
+            <groupId>org.jenkins-ci.plugins</groupId>
+            <artifactId>jackson2-api</artifactId>
+            <version>2.13.2.20220328-281.v9ecc7a_5e834f</version>
+        </dependency>
+
         <!--Tests-->
         <dependency>
             <groupId>org.jenkins-ci.main</groupId>
@@ -599,6 +610,22 @@
         <!--/Tests-->
     </dependencies>
 
+    <!-- TODO: Remove this section when these transitive dependencies are upgraded in our direct dependency org.mock-server.mockserver-netty -->
+    <dependencyManagement>
+        <dependencies>
+            <dependency>
+                <groupId>org.bouncycastle</groupId>
+                <artifactId>bcprov-jdk18on</artifactId>
+                <version>1.77</version>
+            </dependency>
+            <dependency>
+                <groupId>org.bouncycastle</groupId>
+                <artifactId>bcpkix-jdk18on</artifactId>
+                <version>1.77</version>
+            </dependency>
+        </dependencies>
+    </dependencyManagement>
+
     <build>
         <plugins>
             <plugin>

diff --git a/src/main/java/org/jfrog/hudson/maven3/extractor/MavenExtractorEnvironment.java b/src/main/java/org/jfrog/hudson/maven3/extractor/MavenExtractorEnvironment.java
@@ -52,6 +52,9 @@
 import java.util.List;
 import java.util.Map;
 
+import static org.jfrog.build.api.BuildInfoConfigProperties.ENV_PROPERTIES_FILE_KEY;
+import static org.jfrog.build.api.BuildInfoConfigProperties.ENV_PROPERTIES_FILE_KEY_IV;
+
 /**
  * Class for setting up the {@link Environment} for a {@link MavenModuleSet} project. Responsible for adding the new
  * maven opts with the location of the plugin.
@@ -67,6 +70,8 @@ public class MavenExtractorEnvironment extends Environment {
     private final EnvVars envVars;
     private String propertiesFilePath;
     private final hudson.Launcher launcher;
+    private String propertiesFileKeyIv;
+    private String propertiesFileKey;
 
     // the build env vars method may be called again from another setUp of a wrapper so we need this flag to
     // attempt only once certain operations (like copying file or changing maven opts).
@@ -140,6 +145,8 @@ public void buildEnvVars(Map<String, String> env) {
                 ArtifactoryClientConfiguration configuration = ExtractorUtils.addBuilderInfoArguments(
                         env, build, buildListener, publisherContext, resolverContext, build.getWorkspace(), launcher, false);
                 propertiesFilePath = configuration.getPropertiesFile();
+                propertiesFileKey = env.get(ENV_PROPERTIES_FILE_KEY);
+                propertiesFileKeyIv = env.get(ENV_PROPERTIES_FILE_KEY_IV);
             } catch (Exception e) {
                 throw new RuntimeException(e);
             }
@@ -148,7 +155,7 @@ public void buildEnvVars(Map<String, String> env) {
         if (resolver != null) {
             env.put(BuildInfoConfigProperties.PROP_ARTIFACTORY_RESOLUTION_ENABLED, Boolean.TRUE.toString());
         }
-        env.put(BuildInfoConfigProperties.PROP_PROPS_FILE, propertiesFilePath);
+        addPropertiesFileEnv(env);
     }
 
     private boolean isCheckoutPerformed(Map<String, String> env) {
@@ -217,6 +224,21 @@ private PublisherContext createPublisherContext(ArtifactoryRedeployPublisher pub
         return context;
     }
 
+    /**
+     * buildEnvVars gets triggered multiple times - for ArtifactoryMaven3Native, ArtifactoryRedeployPublisher, and other instances.
+     * Yet, for efficiency, we initialize the build info arguments just once.
+     * Subsequently, the function integrates the required environment variables into subsequent invocations.
+     *
+     * @param env - The job's environment variables
+     */
+    private void addPropertiesFileEnv(Map<String, String> env) {
+        env.put(BuildInfoConfigProperties.PROP_PROPS_FILE, propertiesFilePath);
+        if (StringUtils.isNoneBlank(propertiesFileKey, propertiesFileKeyIv)) {
+            env.put(ENV_PROPERTIES_FILE_KEY, propertiesFileKey);
+            env.put(ENV_PROPERTIES_FILE_KEY_IV, propertiesFileKeyIv);
+        }
+    }
+
     @Extension
     public static class ArtifactoryPlexusContributor extends PlexusModuleContributorFactory {
 

diff --git a/src/main/java/org/jfrog/hudson/pipeline/common/types/buildInfo/Env.java b/src/main/java/org/jfrog/hudson/pipeline/common/types/buildInfo/Env.java
@@ -28,8 +28,10 @@ public class Env implements Serializable {
 
     private static final String apiKeySecretPrefix = "AKCp8";
     private static final int apiKeySecretMinimalLength = 73;
+    // jfrog-ignore - Prefix used to identify a reference token
     private static final String referenceTokenSecretPrefix = "cmVmdGtuOjAxOj";
     private static final int referenceTokenSecretMinimalLength = 64;
+    // jfrog-ignore - Prefix used to identify an access token
     private static final String accessTokenSecretPrefix = "eyJ2ZXIiOiIyIiwidHlwIjoiSldUIiwiYWxnIjoiUlMyNTYiLCJraWQiOiJ";
     private static final int accessTokenSecretMinimalLength = 0;
 

diff --git a/src/main/java/org/jfrog/hudson/util/ExtractorUtils.java b/src/main/java/org/jfrog/hudson/util/ExtractorUtils.java
@@ -584,7 +584,7 @@ private static void savePropertiesToFile(ArtifactoryClientConfiguration configur
                                              Map<String, String> env, boolean skipEncryption) {
         try (OutputStream outputStream = propertiesFile.write()) {
             if (skipEncryption) {
-                configuration.persistToPropertiesFile();
+                configuration.persistToPropertiesFile(outputStream);
             } else {
                 EncryptionKeyPair keyPair = configuration.persistToEncryptedPropertiesFile(outputStream);
                 env.put(ENV_PROPERTIES_FILE_KEY, keyPair.getStringSecretKey());