Merge pull request #101 from Vlatombe/routine-updates

jenkinsci · Dec 19, 2023 · 35478ad · 35478ad
2 parents 0b5cc72 + b34572e
commit 35478ad
Show file tree

Hide file tree

Showing 12 changed files with 179 additions and 98 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -4,3 +4,7 @@ updates:
     directory: "/"
     schedule:
       interval: "daily"
+  - package-ecosystem: github-actions
+    directory: /
+    schedule:
+      interval: weekly
diff --git a/.github/release-drafter.yaml b/.github/release-drafter.yaml
diff --git a/.github/workflows/cd.yaml b/.github/workflows/cd.yaml
@@ -0,0 +1,19 @@
+# Note: additional setup is required, see https://www.jenkins.io/redirect/continuous-delivery-of-plugins
+
+name: cd
+on:
+  workflow_dispatch:
+  check_run:
+    types:
+      - completed
+
+permissions:
+  checks: read
+  contents: write
+
+jobs:
+  maven-cd:
+    uses: jenkins-infra/github-reusable-workflows/.github/workflows/maven-cd.yml@v1
+    secrets:
+      MAVEN_USERNAME: ${{ secrets.MAVEN_USERNAME }}
+      MAVEN_TOKEN: ${{ secrets.MAVEN_TOKEN }}
diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml
diff --git a/.mvn/extensions.xml b/.mvn/extensions.xml
@@ -0,0 +1,7 @@
+<extensions xmlns="http://maven.apache.org/EXTENSIONS/1.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/EXTENSIONS/1.0.0 https://maven.apache.org/xsd/core-extensions-1.0.0.xsd">
+  <extension>
+    <groupId>io.jenkins.tools.incrementals</groupId>
+    <artifactId>git-changelist-maven-extension</artifactId>
+    <version>1.7</version>
+  </extension>
+</extensions>
diff --git a/.mvn/maven.config b/.mvn/maven.config
@@ -0,0 +1,3 @@
+-Pconsume-incrementals
+-Pmight-produce-incrementals
+-Dchangelist.format=%d.v%s
diff --git a/Jenkinsfile b/Jenkinsfile
@@ -1,2 +1,7 @@
-// Build on ci.jenkins.io; see https://github.com/jenkins-infra/pipeline-library
-buildPlugin()
+buildPlugin(
+    useContainerAgent: true,
+    configurations: [
+        [platform: 'linux', jdk: 21],
+        [platform: 'windows', jdk: 17],
+    ]
+)
diff --git a/pom.xml b/pom.xml
@@ -1,36 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
   <modelVersion>4.0.0</modelVersion>
   <parent>
     <groupId>org.jenkins-ci.plugins</groupId>
     <artifactId>plugin</artifactId>
-    <version>4.16</version>
+    <version>4.76</version>
+    <relativePath />
   </parent>
 
   <artifactId>google-login</artifactId>
-  <version>1.9-SNAPSHOT</version>
+  <version>${changelist}</version>
   <packaging>hpi</packaging>
 
-  <scm>
-    <connection>scm:git:ssh://github.com/jenkinsci/google-login-plugin.git</connection>
-    <developerConnection>scm:git:ssh://git@github.com/jenkinsci/google-login-plugin.git</developerConnection>
-    <url>https://github.com/jenkinsci/google-login-plugin</url>
-    <tag>google-login-1.8</tag>
-  </scm>
-
-  <properties>
-    <java.level>8</java.level>
-    <jenkins.version>2.222</jenkins.version>
-  </properties>
-
   <name>Google Login Plugin</name>
   <url>https://wiki.jenkins.io/display/JENKINS/Google+Login+Plugin</url>
-  <developers>
-    <developer>
-      <id>recampbell</id>
-      <name>Ryan Campbell</name>
-      <email>ryan.campbell@gmail.com</email>
-    </developer>
-  </developers>
 
   <licenses>
     <license>
@@ -39,38 +22,122 @@
     </license>
   </licenses>
 
+  <scm>
+    <connection>scm:git:https://github.com/${gitHubRepo}.git</connection>
+    <developerConnection>scm:git:https://github.com/${gitHubRepo}.git</developerConnection>
+    <tag>${scmTag}</tag>
+    <url>https://github.com/${gitHubRepo}</url>
+  </scm>
+
+  <properties>
+    <changelist>999999-SNAPSHOT</changelist>
+    <gitHubRepo>jenkinsci/${project.artifactId}-plugin</gitHubRepo>
+    <jenkins.version>2.401.3</jenkins.version>
+    <spotless.check.skip>false</spotless.check.skip>
+  </properties>
+
   <dependencyManagement>
     <dependencies>
+      <!-- Ensures version compatibility: https://googleapis.github.io/google-http-java-client/setup.html -->
       <dependency>
-        <groupId>io.jenkins.tools.bom</groupId>
-        <artifactId>bom-2.222.x</artifactId>
-        <version>21</version>
+        <groupId>com.google.cloud</groupId>
+        <artifactId>libraries-bom</artifactId>
+        <version>26.29.0</version>
+        <type>pom</type>
         <scope>import</scope>
+      </dependency>
+      <dependency>
+        <groupId>io.jenkins.tools.bom</groupId>
+        <artifactId>bom-2.401.x</artifactId>
+        <version>2663.vd11370dda_e5a_</version>
         <type>pom</type>
+        <scope>import</scope>
       </dependency>
     </dependencies>
   </dependencyManagement>
 
   <dependencies>
+    <!-- com.google.http-client -->
     <dependency>
-      <groupId>com.google.oauth-client</groupId>
-      <artifactId>google-oauth-client</artifactId>
-      <version>1.20.0</version>
+      <groupId>com.google.http-client</groupId>
+      <artifactId>google-http-client</artifactId>
+      <exclusions>
+        <!-- Provided by jackson2-api plugin -->
+        <exclusion>
+          <groupId>com.fasterxml.jackson.core</groupId>
+          <artifactId>jackson-core</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>com.google.code.findbugs</groupId>
+          <artifactId>jsr305</artifactId>
+        </exclusion>
+        <!-- Provided by core -->
+        <exclusion>
+          <groupId>com.google.guava</groupId>
+          <artifactId>guava</artifactId>
+        </exclusion>
+        <!-- Provided by apache-httpcomponents-client-4-api plugin -->
+        <exclusion>
+          <groupId>org.apache.httpcomponents</groupId>
+          <artifactId>httpclient</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>org.apache.httpcomponents</groupId>
+          <artifactId>httpcore</artifactId>
+        </exclusion>
+      </exclusions>
     </dependency>
     <dependency>
       <groupId>com.google.http-client</groupId>
       <artifactId>google-http-client-jackson2</artifactId>
-      <version>1.20.0</version>
+      <exclusions>
+        <!-- Provided by jackson2-api plugin -->
+        <exclusion>
+          <groupId>com.fasterxml.jackson.core</groupId>
+          <artifactId>jackson-core</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>com.google.http-client</groupId>
+          <artifactId>google-http-client</artifactId>
+        </exclusion>
+      </exclusions>
     </dependency>
     <dependency>
       <groupId>com.google.oauth-client</groupId>
-      <artifactId>google-oauth-client-java6</artifactId>
-      <version>1.20.0</version>
+      <artifactId>google-oauth-client</artifactId>
+      <version>1.34.1</version>
+      <exclusions>
+        <exclusion>
+          <!-- Provided by gson-api -->
+          <groupId>com.google.code.gson</groupId>
+          <artifactId>gson</artifactId>
+        </exclusion>
+        <!-- Provided by core -->
+        <exclusion>
+          <groupId>com.google.guava</groupId>
+          <artifactId>guava</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>com.google.http-client</groupId>
+          <artifactId>google-http-client</artifactId>
+        </exclusion>
+      </exclusions>
+    </dependency>
+    <dependency>
+      <groupId>io.jenkins.plugins</groupId>
+      <artifactId>gson-api</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.jenkins-ci.plugins</groupId>
+      <artifactId>apache-httpcomponents-client-4-api</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.jenkins-ci.plugins</groupId>
+      <artifactId>jackson2-api</artifactId>
     </dependency>
     <dependency>
       <groupId>org.jenkins-ci.plugins</groupId>
       <artifactId>mailer</artifactId>
-      <version>1.6</version>
     </dependency>
   </dependencies>
 

diff --git a/src/main/java/org/jenkinsci/plugins/googlelogin/GoogleOAuth2SecurityRealm.java b/src/main/java/org/jenkinsci/plugins/googlelogin/GoogleOAuth2SecurityRealm.java
@@ -47,6 +47,9 @@
 import hudson.security.SecurityRealm;
 import hudson.util.HttpResponses;
 import hudson.util.Secret;
+import java.io.IOException;
+import java.util.Arrays;
+import java.util.StringTokenizer;
 import jenkins.model.Jenkins;
 import jenkins.security.SecurityListener;
 import org.acegisecurity.Authentication;
@@ -68,10 +71,6 @@
 import org.kohsuke.stapler.Stapler;
 import org.kohsuke.stapler.StaplerRequest;
 
-import java.io.IOException;
-import java.util.Arrays;
-import java.util.StringTokenizer;
-
 /**
  * Login with Google using OpenID Connect / OAuth 2
  *
@@ -164,15 +163,12 @@ public String getLoginUrl() {
      */
     @Override
     public SecurityComponents createSecurityComponents() {
-        return new SecurityComponents(
-                new AuthenticationManager() {
-                    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
-                        if (authentication instanceof AnonymousAuthenticationToken)
-                            return authentication;
-                        throw new BadCredentialsException("Unexpected authentication type: " + authentication);
-                    }
-                }
-        );
+        return new SecurityComponents(new AuthenticationManager() {
+            public Authentication authenticate(Authentication authentication) throws AuthenticationException {
+                if (authentication instanceof AnonymousAuthenticationToken) return authentication;
+                throw new BadCredentialsException("Unexpected authentication type: " + authentication);
+            }
+        });
     }
 
     @Override
@@ -185,12 +181,19 @@ protected String getPostLogOutUrl(StaplerRequest req, Authentication auth) {
      */
     @SuppressWarnings("unused") // stapler
     @Restricted(DoNotUse.class) // stapler only
-    public HttpResponse doCommenceLogin(StaplerRequest request, @QueryParameter String from,  @Header("Referer") final String referer) throws IOException {
+    public HttpResponse doCommenceLogin(
+            StaplerRequest request, @QueryParameter String from, @Header("Referer") final String referer)
+            throws IOException {
         final String redirectOnFinish = getRedirectOnFinish(from, referer);
 
         final AuthorizationCodeFlow flow = new AuthorizationCodeFlow.Builder(
-                BearerToken.queryParameterAccessMethod(), HTTP_TRANSPORT, JSON_FACTORY, TOKEN_SERVER_URL,
-                new ClientParametersAuthentication(clientId, clientSecret.getPlainText()), clientId, AUTHORIZATION_SERVER_URL)
+                        BearerToken.queryParameterAccessMethod(),
+                        HTTP_TRANSPORT,
+                        JSON_FACTORY,
+                        TOKEN_SERVER_URL,
+                        new ClientParametersAuthentication(clientId, clientSecret.getPlainText()),
+                        clientId,
+                        AUTHORIZATION_SERVER_URL)
                 .setScopes(Arrays.asList(SCOPE))
                 .build();
 
@@ -219,7 +222,7 @@ public void initialize(HttpRequest request) throws IOException {
                     HttpRequest request = requestFactory.buildGetRequest(url);
 
                     GoogleUserInfo info = request.execute().parseAs(GoogleUserInfo.class);
-                    GrantedAuthority[] authorities = new GrantedAuthority[]{SecurityRealm.AUTHENTICATED_AUTHORITY};
+                    GrantedAuthority[] authorities = new GrantedAuthority[] {SecurityRealm.AUTHENTICATED_AUTHORITY};
                     // logs this user in.
                     UsernamePasswordAuthenticationToken token =
                             new UsernamePasswordAuthenticationToken(info.getEmail(), "", authorities);
@@ -241,7 +244,6 @@ public void initialize(HttpRequest request) throws IOException {
                 } catch (IOException e) {
                     return HttpResponses.error(500, e);
                 }
-
             }
         };
         request.getSession().setAttribute(SESSION_NAME, oAuthSession);
@@ -292,7 +294,6 @@ private String getRootURL() {
         }
     }
 
-
     /**
      * This is where the user comes back to at the end of the OpenID redirect ping-pong.
      */

diff --git a/src/main/java/org/jenkinsci/plugins/googlelogin/GoogleUserInfo.java b/src/main/java/org/jenkinsci/plugins/googlelogin/GoogleUserInfo.java
@@ -23,15 +23,13 @@
  */
 package org.jenkinsci.plugins.googlelogin;
 
-import java.io.IOException;
-
 import com.google.api.client.util.Key;
-
 import hudson.Extension;
 import hudson.model.User;
 import hudson.model.UserProperty;
 import hudson.model.UserPropertyDescriptor;
 import hudson.tasks.Mailer;
+import java.io.IOException;
 
 /**
  * Represents an identity information from the oauth provider.
@@ -83,11 +81,9 @@ public String getName() {
      */
     public void updateProfile(hudson.model.User u) throws IOException {
         // update the user profile by the externally given information
-        if (email != null)
-            u.addProperty(new Mailer.UserProperty(email));
+        if (email != null) u.addProperty(new Mailer.UserProperty(email));
 
-        if (name != null)
-            u.setFullName(name);
+        if (name != null) u.setFullName(name);
 
         u.addProperty(this);
     }