Merge pull request #274 from jenkinsci/install_with_proxy

AST-38150 Install cx version with the proxy
jenkinsci · Apr 10, 2024 · 9c19049 · 9c19049
2 parents 2eb42f8 + e49094a
commit 9c19049
Show file tree

Hide file tree

Showing 4 changed files with 114 additions and 8 deletions.
diff --git a/pom.xml b/pom.xml
@@ -92,12 +92,23 @@
         <dependency>
             <groupId>com.checkmarx.ast</groupId>
             <artifactId>ast-cli-java-wrapper</artifactId>
-            <version>2.0.7</version>
+            <version>2.0.9</version>
         </dependency>
         <dependency>
             <groupId>org.jenkins-ci.plugins</groupId>
             <artifactId>structs</artifactId>
         </dependency>
+        <dependency>
+            <groupId>com.squareup.okhttp3</groupId>
+            <artifactId>okhttp</artifactId>
+            <version>3.8.0</version>
+        </dependency>
+        <dependency>
+            <groupId>com.squareup.okhttp3</groupId>
+            <artifactId>mockwebserver</artifactId>
+            <version>4.11.0</version>
+            <scope>test</scope>
+        </dependency>
         <dependency>
             <groupId>org.jenkins-ci.plugins</groupId>
             <artifactId>credentials</artifactId>
@@ -136,7 +147,7 @@
         <dependency>
             <groupId>org.projectlombok</groupId>
             <artifactId>lombok</artifactId>
-            <version>1.18.30</version>
+            <version>1.18.32</version>
         </dependency>
         <!--
         Required for jenkins versions < 2.378

diff --git a/src/main/java/com/checkmarx/jenkins/PluginUtils.java b/src/main/java/com/checkmarx/jenkins/PluginUtils.java
@@ -38,7 +38,6 @@ public static List<String> submitScanDetailsToWrapper(final ScanConfig scanConfi
         log.info("Submitting the scan details to the CLI wrapper.");
 
         final CxConfig cxConfig = initiateWrapperObject(scanConfig, checkmarxCliExecutable);
-        cxConfig.setAdditionalParameters(scanConfig.getAdditionalOptions());
 
         final Map<String, String> params = new HashMap<>();
         params.put(CxConstants.AGENT, JENKINS);

diff --git a/src/main/java/com/checkmarx/jenkins/tools/CheckmarxInstaller.java b/src/main/java/com/checkmarx/jenkins/tools/CheckmarxInstaller.java
@@ -2,16 +2,23 @@
 
 import com.checkmarx.jenkins.CxLoggerAdapter;
 import com.checkmarx.jenkins.tools.internal.DownloadService;
+import hudson.EnvVars;
 import hudson.Extension;
 import hudson.FilePath;
 import hudson.Functions;
+import hudson.model.Hudson;
 import hudson.model.Node;
 import hudson.model.TaskListener;
 import hudson.remoting.VirtualChannel;
+import hudson.slaves.EnvironmentVariablesNodeProperty;
 import hudson.tools.ToolInstallation;
 import hudson.tools.ToolInstaller;
 import hudson.tools.ToolInstallerDescriptor;
 import jenkins.security.MasterToSlaveCallable;
+import okhttp3.OkHttpClient;
+import okhttp3.Request;
+import okhttp3.Response;
+import okhttp3.ResponseBody;
 import org.apache.commons.compress.archivers.ArchiveEntry;
 import org.apache.commons.compress.archivers.ArchiveException;
 import org.apache.commons.compress.archivers.ArchiveInputStream;
@@ -26,8 +33,9 @@
 import org.kohsuke.stapler.DataBoundConstructor;
 
 import java.io.*;
-import java.net.URL;
+import java.net.*;
 import java.time.Instant;
+import java.util.Base64;
 import java.util.concurrent.TimeUnit;
 
 import static hudson.Util.fixEmptyAndTrim;
@@ -40,6 +48,7 @@ public class CheckmarxInstaller extends ToolInstaller {
 
     private static final String INSTALLED_FROM = ".installedFrom";
     private static final String TIMESTAMP_FILE = ".timestamp";
+    public static final String HTTP_PROXY = "HTTP_PROXY";
     private final String version;
     private final Long updatePolicyIntervalHours;
     private CxLoggerAdapter log;
@@ -100,10 +109,11 @@ private FilePath installCheckmarxCliAsSingleBinary(FilePath expected, Node node,
         Platform platform = nodeChannel.call(new GetPlatform(node.getDisplayName()));
 
         try {
+            String proxyStr = getProxy(node);
             URL checkmarxDownloadUrl = DownloadService.getDownloadUrlForCli(version, platform);
 
             expected.mkdirs();
-            nodeChannel.call(new Downloader(checkmarxDownloadUrl,
+            nodeChannel.call(new Downloader(checkmarxDownloadUrl, proxyStr,
                     expected.child(DownloadService.buildFileName(version, platform)),
                     expected.child(platform.checkmarxWrapperFileName)
             ));
@@ -118,6 +128,22 @@ private FilePath installCheckmarxCliAsSingleBinary(FilePath expected, Node node,
         return expected;
     }
 
+    private String getProxy(Node node) {
+        EnvVars envVars = getEnvVars(node);
+        String httpProxyStr = envVars.get(HTTP_PROXY);
+        if (StringUtils.isNotEmpty(httpProxyStr)) {
+            log.info("Installer using proxy: " + httpProxyStr);
+        }
+        return httpProxyStr;
+    }
+
+    private static EnvVars getEnvVars(Node node) {
+        EnvironmentVariablesNodeProperty environmentVariablesNodeProperty =
+                ((Hudson) node).getGlobalNodeProperties().get(EnvironmentVariablesNodeProperty.class);
+        EnvVars envVars = environmentVariablesNodeProperty != null ? environmentVariablesNodeProperty.getEnvVars() : new EnvVars();
+        return envVars;
+    }
+
     public String getVersion() {
         return version;
     }
@@ -165,22 +191,25 @@ private static class Downloader extends MasterToSlaveCallable<Void, IOException>
         private final URL downloadUrl;
         private final FilePath output;
         private final FilePath executableFile;
+        private final String proxy;
 
-        Downloader(URL downloadUrl, FilePath output, FilePath executableFile) {
+        Downloader(URL downloadUrl, String proxy, FilePath output, FilePath executableFile) {
             this.downloadUrl = downloadUrl;
             this.output = output;
             this.executableFile = executableFile;
+            this.proxy = proxy;
         }
 
         @Override
         public Void call() throws IOException {
             final File downloadedFile = new File(output.getRemote());
-            FileUtils.copyURLToFile(downloadUrl, downloadedFile, 10000, 10000);
-
             try {
+                copyURLToFile(downloadUrl, proxy, downloadedFile, 10000, 10000);
                 extract(downloadedFile.getAbsolutePath(), downloadedFile.getParent());
             } catch (ArchiveException | CompressorException e) {
                 throw new IOException(format("Could not extract cli: %s", downloadedFile.getAbsolutePath()));
+            } catch (URISyntaxException e) {
+                throw new RuntimeException(e);
             }
 
             final File cxExecutable = new File(executableFile.getRemote());
@@ -195,6 +224,23 @@ public Void call() throws IOException {
             return null;
         }
 
+        public static void copyURLToFile(URL source, String proxyStr, File destination, int connectionTimeoutMillis, int readTimeoutMillis) throws IOException, URISyntaxException {
+            OkHttpClient client = new ProxyHttpClient().getHttpClient(proxyStr, connectionTimeoutMillis,readTimeoutMillis);
+            Request request = new Request.Builder().url(source).build();
+            Response response = client.newCall(request).execute();
+            ResponseBody responseBody = response.body();
+            InputStream stream = responseBody.byteStream();
+            try {
+                FileUtils.copyInputStreamToFile(stream, destination);
+            } catch (Throwable e) {
+                throw new ToolDetectionException("failed to download file by URL" , e);
+            } finally {
+                if (stream != null) {
+                    stream.close();
+                }
+            }
+        }
+
         public static void extract(String srcFile, String dest) throws ArchiveException, IOException, CompressorException {
             FileInputStream fileInputStream = new FileInputStream(srcFile);
             ArchiveInputStream archiveInputStream = generateArchiveInputStream(fileInputStream, srcFile);

diff --git a/src/main/java/com/checkmarx/jenkins/tools/ProxyHttpClient.java b/src/main/java/com/checkmarx/jenkins/tools/ProxyHttpClient.java
@@ -0,0 +1,50 @@
+package com.checkmarx.jenkins.tools;
+
+
+import java.io.IOException;
+import java.net.InetSocketAddress;
+import java.net.Proxy;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.util.concurrent.TimeUnit;
+
+import okhttp3.*;
+import org.apache.commons.lang.StringUtils;
+
+import javax.annotation.Nullable;
+
+
+public class ProxyHttpClient {
+
+    public OkHttpClient getHttpClient(String proxyString, int connectionTimeoutMillis, int readTimeoutMillis) throws URISyntaxException {
+        OkHttpClient.Builder okClientBuilder = new OkHttpClient.Builder()
+                .connectTimeout(connectionTimeoutMillis, TimeUnit.MILLISECONDS)
+                .readTimeout(readTimeoutMillis, TimeUnit.MILLISECONDS);
+        if (proxyString != null) {
+            URI proxy = new URI(proxyString);
+            if (isValidProxy(proxy.getHost(), proxy.getPort())) {
+                Proxy _httpProxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress(proxy.getHost(), proxy.getPort()));
+                if (StringUtils.isNotEmpty(proxy.getUserInfo())) {
+                    String[] userPass = proxy.getUserInfo().split(":");
+                    Authenticator _httpProxyAuth = new Authenticator() {
+                        @Nullable
+                        @Override
+                        public Request authenticate(Route route, Response response) throws IOException {
+                            String credential = Credentials.basic(userPass[0], userPass[1]);
+                            return response.request().newBuilder()
+                                    .header("Proxy-Authorization", credential).build();
+                        }
+                    } ;
+                    return okClientBuilder.proxyAuthenticator(_httpProxyAuth).proxy(_httpProxy).build();
+                } else {
+                    return okClientBuilder.proxy(_httpProxy).build();
+                }
+            }
+        }
+        return okClientBuilder.build();
+    }
+
+    private static boolean isValidProxy(String proxyHost, int proxyPort) {
+        return (!proxyHost.isEmpty()) && (proxyPort >= 10) && (proxyPort <= 65535);
+    }
+}