Skip to content

Commit

Permalink
Merge pull request #1242 from jglick/Credentials.forRun
Browse files Browse the repository at this point in the history 
Use `CredentialsProvider.findCredentialById` whenever possible
  • Loading branch information
@MarkEWaite
MarkEWaite authored Mar 26, 2022
2 parents 5c4385b + e153ba3 commit fb3fcec
Showing 1 changed file with 19 additions and 27 deletions.
46 changes: 19 additions & 27 deletions src/main/java/hudson/plugins/git/GitSCM.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,6 @@
import hudson.scm.RepositoryBrowser;
import hudson.scm.SCMDescriptor;
import hudson.scm.SCMRevisionState;
import hudson.security.ACL;
import hudson.security.Permission;
import hudson.tasks.Builder;
import hudson.tasks.Publisher;
Expand Down Expand Up @@ -712,7 +711,7 @@ private PollingResult compareRemoteRevisionWithImpl(Job<?, ?> project, Launcher

final EnvVars environment = project instanceof AbstractProject ? GitUtils.getPollEnvironment((AbstractProject) project, workspace, launcher, listener, false) : new EnvVars();

GitClient git = createClient(listener, environment, project, Jenkins.get(), null);
GitClient git = createClient(listener, environment, lastBuild, Jenkins.get(), null);

for (RemoteConfig remoteConfig : getParamExpandedRepos(lastBuild, listener)) {
String remote = remoteConfig.getName();
Expand Down Expand Up @@ -788,7 +787,7 @@ private PollingResult compareRemoteRevisionWithImpl(Job<?, ?> project, Launcher
return BUILD_NOW;
}

GitClient git = createClient(listener, environment, project, node, workingDirectory);
GitClient git = createClient(listener, environment, lastBuild, node, workingDirectory);

if (git.hasGitRepo(false)) {
// Repo is there - do a fetch
Expand Down Expand Up @@ -829,13 +828,13 @@ private PollingResult compareRemoteRevisionWithImpl(Job<?, ?> project, Launcher
* @throws InterruptedException when interrupted
*/
@NonNull
public GitClient createClient(TaskListener listener, EnvVars environment, Run<?,?> build, FilePath workspace) throws IOException, InterruptedException {
public GitClient createClient(TaskListener listener, EnvVars environment, @NonNull Run<?,?> build, FilePath workspace) throws IOException, InterruptedException {
FilePath ws = workingDirectory(build.getParent(), workspace, environment, listener);
/* ws will be null if the node which ran the build is offline */
if (ws != null) {
ws.mkdirs(); // ensure it exists
}
return createClient(listener,environment, build.getParent(), GitUtils.workspaceToNode(workspace), ws, null);
return createClient(listener,environment, build, GitUtils.workspaceToNode(workspace), ws, null);
}

/**
Expand All @@ -852,23 +851,23 @@ public GitClient createClient(TaskListener listener, EnvVars environment, Run<?,
* @throws InterruptedException when interrupted
*/
@NonNull
public GitClient createClient(TaskListener listener, EnvVars environment, Run<?,?> build, FilePath workspace, UnsupportedCommand postBuildUnsupportedCommand) throws IOException, InterruptedException {
public GitClient createClient(TaskListener listener, EnvVars environment, @NonNull Run<?,?> build, FilePath workspace, UnsupportedCommand postBuildUnsupportedCommand) throws IOException, InterruptedException {
FilePath ws = workingDirectory(build.getParent(), workspace, environment, listener);
/* ws will be null if the node which ran the build is offline */
if (ws != null) {
ws.mkdirs(); // ensure it exists
}
return createClient(listener,environment, build.getParent(), GitUtils.workspaceToNode(workspace), ws, postBuildUnsupportedCommand);
return createClient(listener,environment, build, GitUtils.workspaceToNode(workspace), ws, postBuildUnsupportedCommand);

}

@NonNull
/*package*/ GitClient createClient(TaskListener listener, EnvVars environment, Job project, Node n, FilePath ws) throws IOException, InterruptedException {
return createClient(listener, environment, project, n, ws, null);
private GitClient createClient(TaskListener listener, EnvVars environment, @NonNull Run<?, ?> build, Node n, FilePath ws) throws IOException, InterruptedException {
return createClient(listener, environment, build, n, ws, null);
}

@NonNull
/*package*/ GitClient createClient(TaskListener listener, EnvVars environment, Job project, Node n, FilePath ws, UnsupportedCommand postBuildUnsupportedCommand) throws IOException, InterruptedException {
private GitClient createClient(TaskListener listener, EnvVars environment, @NonNull Run<?, ?> build, Node n, FilePath ws, UnsupportedCommand postBuildUnsupportedCommand) throws IOException, InterruptedException {

if (postBuildUnsupportedCommand == null) {
/* UnsupportedCommand supports JGit by default */
Expand All @@ -890,7 +889,7 @@ public GitClient createClient(TaskListener listener, EnvVars environment, Run<?,
String url = getParameterString(uc.getUrl(), environment);
/* If any of the extensions do not support JGit, it should not be suggested */
/* If the post build action does not support JGit, it should not be suggested */
chooser = new GitToolChooser(url, project, ucCredentialsId, gitTool, n, listener,
chooser = new GitToolChooser(url, build.getParent(), ucCredentialsId, gitTool, n, listener,
unsupportedCommand.determineSupportForJGit() && postBuildUnsupportedCommand.determineSupportForJGit());
}
if (chooser != null) {
Expand All @@ -915,15 +914,13 @@ public GitClient createClient(TaskListener listener, EnvVars environment, Run<?,
listener.getLogger().println("No credentials specified");
} else {
String url = getParameterString(uc.getUrl(), environment);
StandardUsernameCredentials credentials = lookupScanCredentials(project, url, ucCredentialsId);
StandardUsernameCredentials credentials = lookupScanCredentials(build, url, ucCredentialsId);
if (credentials != null) {
c.addCredentials(url, credentials);
if(!isHideCredentials()) {
listener.getLogger().printf("using credential %s%n", credentials.getId());
}
if (project != null && project.getLastBuild() != null) {
CredentialsProvider.track(project.getLastBuild(), credentials);
}
CredentialsProvider.track(build, credentials); // TODO unclear if findCredentialById was meant to do this in all cases
} else {
if(!isHideCredentials()) {
listener.getLogger().printf("Warning: CredentialId \"%s\" could not be found.%n", ucCredentialsId);
Expand All @@ -936,23 +933,18 @@ public GitClient createClient(TaskListener listener, EnvVars environment, Run<?,
return c;
}

private static StandardUsernameCredentials lookupScanCredentials(@CheckForNull Item project,
private static StandardUsernameCredentials lookupScanCredentials(@NonNull Run<?, ?> build,
@CheckForNull String url,
@CheckForNull String ucCredentialsId) {
if (Util.fixEmpty(ucCredentialsId) == null) {
return null;
} else {
return CredentialsMatchers.firstOrNull(
CredentialsProvider.lookupCredentials(
StandardUsernameCredentials.class,
project,
project instanceof Queue.Task
? ((Queue.Task) project).getDefaultAuthentication()
: ACL.SYSTEM,
URIRequirementBuilder.fromUri(url).build()
),
CredentialsMatchers.allOf(CredentialsMatchers.withId(ucCredentialsId), GitClient.CREDENTIALS_MATCHER)
);
StandardUsernameCredentials c = CredentialsProvider.findCredentialById(
ucCredentialsId,
StandardUsernameCredentials.class,
build,
URIRequirementBuilder.fromUri(url).build());
return c != null && GitClient.CREDENTIALS_MATCHER.matches(c) ? c : null;
}
}

Expand Down

0 comments on commit fb3fcec

Please sign in to comment.