Merge branch 'master' into add-resolved-expected-artifacts

gradle.properties

@@ -1,4 +1,4 @@
-fiatVersion=1.52.0
+fiatVersion=1.53.0
 korkVersion=7.247.0
 kotlinVersion=1.6.21
 org.gradle.parallel=true

orca-clouddriver/src/main/groovy/com/netflix/spinnaker/orca/clouddriver/tasks/providers/ecs/EcsServerGroupCreator.groovy

@@ -122,7 +122,7 @@ class EcsServerGroupCreator implements ServerGroupCreator, DeploymentDetailsAwar
       def bakeStage = getPreviousStageWithImage(stage, operation.region, cloudProvider)
 
       if (bakeStage) {
-        operation.dockerImageAddress = bakeStage.context.amiDetails.imageId.value.get(0).toString()
+        operation.dockerImageAddress = bakeStage.context.amiDetails.collect(it->it.imageId).get(0).toString()
       }
     }
 
@@ -216,7 +216,7 @@ class EcsServerGroupCreator implements ServerGroupCreator, DeploymentDetailsAwar
           throw new IllegalStateException("No image stage found in context for $description.imageLabelOrSha.")
         }
 
-        description.imageId = imageStage.context.amiDetails.imageId.value.get(0).toString()
+        description.imageId = imageStage.context.amiDetails.collect(it->it.imageId).get(0).toString()
       }
     }
 

orca-clouddriver/src/test/groovy/com/netflix/spinnaker/orca/clouddriver/tasks/providers/ecs/EcsServerGroupCreatorSpec.groovy

@@ -92,7 +92,7 @@ class EcsServerGroupCreatorSpec extends Specification {
     def parentStage = stage {}
     parentStage.id = parentStageId
     parentStage.refId = parentStageId
-    parentStage.context.amiDetails = [imageId: [value: ["$testReg/$testRepo:$testTag"]]]
+    parentStage.context.amiDetails = List.of(Map.of("imageId","$testReg/$testRepo:$testTag"))
 
     stage.context.imageDescription = testDescription
     stage.parentStageId = parentStageId
@@ -120,7 +120,7 @@ class EcsServerGroupCreatorSpec extends Specification {
     parentStage.id = parentStageId
     parentStage.context.region = testRegion
     parentStage.context.cloudProviderType = "ecs"
-    parentStage.context.amiDetails = [imageId: [value: ["$testReg/$testRepo:$testTag"]]]
+    parentStage.context.amiDetails = List.of(Map.of("imageId","$testReg/$testRepo:$testTag"))
 
     stage.context.region = testRegion
     stage.parentStageId = parentStageId

orca-web/orca-web.gradle

@@ -94,6 +94,7 @@ dependencies {
   testImplementation("io.strikt:strikt-core")
   testImplementation("io.mockk:mockk")
   testImplementation("org.apache.groovy:groovy-json")
+  testImplementation ("com.squareup.retrofit2:retrofit-mock")
 }
 
 test {

orca-web/src/main/groovy/com/netflix/spinnaker/orca/controllers/OperationsController.groovy

@@ -23,6 +23,7 @@ import com.netflix.spinnaker.fiat.shared.FiatService
 import com.netflix.spinnaker.fiat.shared.FiatStatus
 import com.netflix.spinnaker.kork.exceptions.ConfigurationException
 import com.netflix.spinnaker.kork.exceptions.SpinnakerException
+import com.netflix.spinnaker.kork.retrofit.Retrofit2SyncCall
 import com.netflix.spinnaker.kork.retrofit.exceptions.SpinnakerHttpException
 import com.netflix.spinnaker.kork.retrofit.exceptions.SpinnakerServerException
 import com.netflix.spinnaker.orca.api.pipeline.models.PipelineExecution
@@ -390,7 +391,7 @@ class OperationsController {
         def userPermissionRoles = [new Role.View(new Role("anonymous"))] as Set<Role.View>
         try {
           String user = AuthenticatedRequest.getSpinnakerUser().orElse("anonymous")
-          UserPermission.View userPermission = fiatService.getUserPermission(user)
+          UserPermission.View userPermission = Retrofit2SyncCall.execute(fiatService.getUserPermission(user))
           userPermissionRoles = userPermission.roles
         } catch (Exception e) {
           log.error("Unable to determine roles for current user, falling back to 'anonymous'", e)

orca-web/src/test/groovy/com/netflix/spinnaker/orca/controllers/OperationsControllerSpec.groovy

@@ -48,6 +48,7 @@ import org.springframework.http.HttpHeaders
 import org.springframework.http.HttpMethod
 import org.springframework.http.MediaType
 import org.springframework.test.web.servlet.setup.MockMvcBuilders
+import retrofit2.mock.Calls
 import rx.Observable
 import spock.lang.Specification
 import spock.lang.Subject
@@ -682,7 +683,7 @@ class OperationsControllerSpec extends Specification {
     def role = new Role().setName("some-role")
     def permission = new UserPermission().setId("foo").setAccounts([account] as Set).setRoles([role] as Set)
 
-    fiatService.getUserPermission(*_) >> permission.getView()
+    fiatService.getUserPermission(*_) >> Calls.response(permission.getView())
 
     when:
     def preconfiguredWebhooks = controller.preconfiguredWebhooks()

orca-webhook/orca-webhook.gradle

@@ -21,6 +21,7 @@ dependencies {
   implementation(project(":orca-core"))
   implementation(project(":orca-api"))
   implementation("io.spinnaker.kork:kork-core")
+  implementation("io.spinnaker.kork:kork-retrofit")
   implementation("io.spinnaker.kork:kork-web")
   implementation("org.springframework.boot:spring-boot-autoconfigure")
   compileOnly("org.projectlombok:lombok")

orca-webhook/src/main/java/com/netflix/spinnaker/orca/webhook/pipeline/PreconfiguredWebhookStage.java

@@ -19,6 +19,7 @@
 
 import com.netflix.spinnaker.fiat.shared.FiatService;
 import com.netflix.spinnaker.kork.exceptions.SystemException;
+import com.netflix.spinnaker.kork.retrofit.Retrofit2SyncCall;
 import com.netflix.spinnaker.orca.api.pipeline.graph.TaskNode;
 import com.netflix.spinnaker.orca.api.pipeline.models.StageExecution;
 import com.netflix.spinnaker.orca.webhook.config.WebhookProperties.PreconfiguredWebhook;
@@ -70,7 +71,7 @@ public void taskGraph(@Nonnull StageExecution stage, @Nonnull TaskNode.Builder b
     var permissions = preconfiguredWebhook.getPermissions();
     if (permissions != null && !permissions.isEmpty()) {
       String user = AuthenticatedRequest.getSpinnakerUser().orElse("anonymous");
-      var userPermission = fiatService.getUserPermission(user);
+      var userPermission = Retrofit2SyncCall.execute(fiatService.getUserPermission(user));
 
       boolean isAllowed = preconfiguredWebhook.isAllowed("WRITE", userPermission.getRoles());
       if (!isAllowed) {