Skip to content

Commit

Permalink
Show security warnings by default (#258) (#522)
Browse files Browse the repository at this point in the history
* Security warnings will be shown by default (#258)

* Improve default security warnings settings: --view-all-security-warnings is false, and --view-security-warnings is true by default (#258)

---------

Co-authored-by: Sam <sam2008ext@gmail.com>
  • Loading branch information
jiakuanghe and samho2008 authored Mar 3, 2023
1 parent 3d3e5b4 commit 4c4a01f
Show file tree
Hide file tree
Showing 5 changed files with 47 additions and 4 deletions.
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ jenkins-plugin-cli --plugin-file /your/path/to/plugins.txt --plugins delivery-pi
* `--war` or `-w`: (optional) Path to Jenkins war file. If no war file is entered, will default to /usr/share/jenkins/jenkins.war or C:\ProgramData\Jenkins\jenkins.war, depending on the user's OS. Plugins that are already included in the Jenkins war will only be downloaded if their required version is newer than the one included.
* `--list` or `-l`: (optional) Lists plugin names and versions of: installed plugins (plugins that already exist in the plugin directory), bundled plugins (non-detached plugins that exist in the war file), plugins that will be downloaded (highest required versions of the requested plugins and dependencies that are not already installed), and the effective plugin set (the highest versions of all plugins that are already installed or will be installed)
* `--verbose`: (optional) Show additional information about plugin dependencies and the download process
* `--view-security-warnings`: (optional) Show if any of the user specified plugins have security warnings
* `--hide-security-warnings`: (optional) Hide if any of the user specified plugins have security warnings
* `--view-all-security-warnings`: (optional) Show all plugins that have security warnings.
* `--available-updates`: (optional) Show if any requested plugins have newer versions available. If a Jenkins version-specific update center is available, the latest plugin version will be determined based on that update center's data.
* `--output {stdout,yaml,txt}`: (optional) Format to output plugin updates file in, stdout is the default.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -76,11 +76,20 @@ class CliOptions {
@Option(name = "--output", usage = "Output format for available updates", aliases = "-o")
private OutputFormat outputFormat = OutputFormat.STDOUT;

/**
* Deprecated, see: https://github.com/jenkinsci/plugin-installation-manager-tool/issues/258
*/
@Option(name = "--view-security-warnings",
usage = "Show if any security warnings exist for the requested plugins",
handler = BooleanOptionHandler.class)
@Deprecated
private boolean showWarnings;

@Option(name = "--hide-security-warnings",
usage = "Hide if any security warnings exist for the requested plugins",
handler = BooleanOptionHandler.class)
private boolean hideWarnings;

@Option(name = "--view-all-security-warnings",
usage = "Set to true to show all plugins that have security warnings",
handler = BooleanOptionHandler.class)
Expand Down Expand Up @@ -163,6 +172,7 @@ Config setup() {
.withJenkinsVersion(getJenkinsVersion())
.withJenkinsWar(getJenkinsWar())
.withShowWarnings(isShowWarnings())
.withHideWarnings(isHideWarnings())
.withShowAllWarnings(isShowAllWarnings())
.withShowPluginsToBeDownloaded(isShowPluginsToBeDownloaded())
.withShowAvailableUpdates(isShowAvailableUpdates())
Expand Down Expand Up @@ -303,6 +313,15 @@ private boolean isShowWarnings() {
return showWarnings;
}

/**
* Gets the value corresponding to if user selected to hide warnings for specified plugins
*
* @return true if user selected CLI Option to hide warnings for specified plugins
*/
private boolean isHideWarnings() {
return hideWarnings;
}

/**
* Gets the value corresponding to if the user selected to show security warnings for all plugins
*
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,7 @@ public void setupDefaultsTest() throws Exception {
assertThat(cfg.getJenkinsWar()).isEqualTo(Settings.DEFAULT_WAR);
assertThat(cfg.isShowAllWarnings()).isFalse();
assertThat(cfg.isShowWarnings()).isFalse();
assertThat(cfg.isHideWarnings()).isFalse();
assertThat(cfg.getJenkinsUc()).hasToString(Settings.DEFAULT_UPDATE_CENTER_LOCATION);
assertThat(cfg.getJenkinsUcExperimental()).hasToString(Settings.DEFAULT_EXPERIMENTAL_UPDATE_CENTER_LOCATION);
assertThat(cfg.getJenkinsIncrementalsRepoMirror()).hasToString(Settings.DEFAULT_INCREMENTALS_REPO_MIRROR_LOCATION);
Expand Down Expand Up @@ -254,6 +255,13 @@ public void setupSecurityWarningsTest() throws CmdLineException {
assertThat(cfg.isShowWarnings()).isTrue();
}

@Test
public void setupHideSecurityWarningsTest() throws CmdLineException {
parser.parseArgument("--hide-security-warnings");
Config cfg = options.setup();
assertThat(cfg.isHideWarnings()).isTrue();
}

@Test
public void showVersionTest() throws Exception {
CliOptions optionsWithVersion = new CliOptions() {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ public class Config {
private final File pluginDir;
private final boolean cleanPluginDir;
private final boolean showWarnings;
private final boolean hideWarnings;
private final boolean showAllWarnings;
private final boolean showAvailableUpdates;
private final boolean showPluginsToBeDownloaded;
Expand Down Expand Up @@ -78,7 +79,8 @@ private Config(
OutputFormat outputFormat,
HashFunction hashFunction,
List<Credentials> credentials,
Path cachePath) {
Path cachePath,
boolean hideWarnings) {
this.pluginDir = pluginDir;
this.cleanPluginDir = cleanPluginDir;
this.showWarnings = showWarnings;
Expand All @@ -102,6 +104,7 @@ private Config(
this.hashFunction = hashFunction;
this.cachePath = cachePath;
this.logOutput = new LogOutput(verbose);
this.hideWarnings = hideWarnings;
}

public File getPluginDir() {
Expand All @@ -116,6 +119,10 @@ public boolean isShowWarnings() {
return showWarnings;
}

public boolean isHideWarnings() {
return hideWarnings;
}

public boolean isShowAllWarnings() {
return showAllWarnings;
}
Expand Down Expand Up @@ -210,6 +217,7 @@ public static class Builder {
private File pluginDir;
private boolean cleanPluginDir;
private boolean showWarnings;
private boolean hideWarnings;
private boolean showAllWarnings;
private boolean showAvailableUpdates;
private boolean showPluginsToBeDownloaded;
Expand Down Expand Up @@ -248,6 +256,11 @@ public Builder withShowWarnings(boolean showWarnings) {
return this;
}

public Builder withHideWarnings(boolean hideWarnings) {
this.hideWarnings = hideWarnings;
return this;
}

public Builder withShowAllWarnings(boolean showAllWarnings) {
this.showAllWarnings = showAllWarnings;
return this;
Expand Down Expand Up @@ -378,7 +391,8 @@ public Config build() {
outputFormat,
hashFunction,
credentials,
cachePath
cachePath,
hideWarnings
);
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -456,7 +456,9 @@ public void showAllSecurityWarnings() {
*/

public void showSpecificSecurityWarnings(List<Plugin> plugins) {
if (cfg.isShowWarnings()) {
// NOTE: By default, the plugin installation manager tool will show security warnings.
// see: https://github.com/jenkinsci/plugin-installation-manager-tool/issues/258
if (!cfg.isHideWarnings()) {
logMessage("\nSecurity warnings:");
for (Plugin plugin : plugins) {
if (warningExists(plugin)) {
Expand Down

0 comments on commit 4c4a01f

Please sign in to comment.