From d4d331ec478ced8dae717b9207597d9d1bfbb1cb Mon Sep 17 00:00:00 2001 From: Appu Goundan Date: Fri, 10 May 2019 17:54:30 -0400 Subject: [PATCH 1/6] Evaluate settings.xml later, and per id - Also adds in SettingsFixture for tests that want to use an actual instance of settings.xml and optionally can create a SettingsDecrypter from a settings-security.xml --- .../tools/jib/maven/BuildDockerMojo.java | 9 +- .../cloud/tools/jib/maven/BuildImageMojo.java | 9 +- .../cloud/tools/jib/maven/BuildTarMojo.java | 9 +- .../jib/maven/DecryptedMavenSettings.java | 67 --------- .../maven/MavenSettingsServerCredentials.java | 43 ++++-- .../cloud/tools/jib/maven/ProxyProvider.java | 49 ++++-- .../jib/maven/DecryptedMavenSettingsTest.java | 104 ------------- .../MavenSettingsServerCredentialsTest.java | 77 +++++++--- .../tools/jib/maven/ProxyProviderTest.java | 139 +++++++++--------- .../tools/jib/maven/SettingsFixture.java | 73 +++++++++ .../settings/bad-encrypted-proxy-settings.xml | 13 ++ .../settings/encrypted-proxy-settings.xml | 22 +++ .../settings/http-only-proxy-settings.xml | 25 ++++ .../settings/https-only-proxy-settings.xml | 25 ++++ .../settings/no-active-proxy-settings.xml | 22 +++ .../src/test/resources/maven/settings/readme | 13 ++ .../settings/settings-security.empty.xml | 0 .../maven/settings/settings-security.xml | 3 + .../resources/maven/settings/settings.xml | 19 +++ .../plugins/common/InferredAuthException.java | 11 ++ .../plugins/common/InferredAuthProvider.java | 7 + .../common/PluginConfigurationProcessor.java | 32 ++-- 22 files changed, 460 insertions(+), 311 deletions(-) delete mode 100644 jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/DecryptedMavenSettings.java delete mode 100644 jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/DecryptedMavenSettingsTest.java create mode 100644 jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/SettingsFixture.java create mode 100644 jib-maven-plugin/src/test/resources/maven/settings/bad-encrypted-proxy-settings.xml create mode 100644 jib-maven-plugin/src/test/resources/maven/settings/encrypted-proxy-settings.xml create mode 100644 jib-maven-plugin/src/test/resources/maven/settings/http-only-proxy-settings.xml create mode 100644 jib-maven-plugin/src/test/resources/maven/settings/https-only-proxy-settings.xml create mode 100644 jib-maven-plugin/src/test/resources/maven/settings/no-active-proxy-settings.xml create mode 100644 jib-maven-plugin/src/test/resources/maven/settings/readme create mode 100644 jib-maven-plugin/src/test/resources/maven/settings/settings-security.empty.xml create mode 100644 jib-maven-plugin/src/test/resources/maven/settings/settings-security.xml create mode 100644 jib-maven-plugin/src/test/resources/maven/settings/settings.xml create mode 100644 jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/InferredAuthException.java create mode 100644 jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/InferredAuthProvider.java diff --git a/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/BuildDockerMojo.java b/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/BuildDockerMojo.java index 484b5dec69..ef4faf1821 100644 --- a/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/BuildDockerMojo.java +++ b/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/BuildDockerMojo.java @@ -103,18 +103,17 @@ public void execute() throws MojoExecutionException, MojoFailureException { MavenHelpfulSuggestionsBuilder mavenHelpfulSuggestionsBuilder = new MavenHelpfulSuggestionsBuilder(HELPFUL_SUGGESTIONS_PREFIX, this); - DecryptedMavenSettings decryptedSettings = - DecryptedMavenSettings.from(getSession().getSettings(), getSettingsDecrypter()); - PluginConfigurationProcessor pluginConfigurationProcessor = PluginConfigurationProcessor.processCommonConfigurationForDockerDaemonImage( mavenRawConfiguration, - new MavenSettingsServerCredentials(decryptedSettings), + new MavenSettingsServerCredentials( + getSession().getSettings(), getSettingsDecrypter()), projectProperties, dockerExecutable, getDockerClientEnvironment(), mavenHelpfulSuggestionsBuilder.build()); - ProxyProvider.init(decryptedSettings); + ProxyProvider.populateSystemProxyProperties( + getSession().getSettings(), getSettingsDecrypter()); ImageReference targetImageReference = pluginConfigurationProcessor.getTargetImageReference(); HelpfulSuggestions helpfulSuggestions = diff --git a/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/BuildImageMojo.java b/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/BuildImageMojo.java index f233a56bfe..b33a58303b 100644 --- a/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/BuildImageMojo.java +++ b/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/BuildImageMojo.java @@ -97,15 +97,14 @@ public void execute() throws MojoExecutionException, MojoFailureException { EventDispatcher eventDispatcher = new DefaultEventDispatcher(projectProperties.getEventHandlers()); - DecryptedMavenSettings decryptedSettings = - DecryptedMavenSettings.from(getSession().getSettings(), getSettingsDecrypter()); - PluginConfigurationProcessor pluginConfigurationProcessor = PluginConfigurationProcessor.processCommonConfigurationForRegistryImage( mavenRawConfiguration, - new MavenSettingsServerCredentials(decryptedSettings), + new MavenSettingsServerCredentials( + getSession().getSettings(), getSettingsDecrypter()), projectProperties); - ProxyProvider.init(decryptedSettings); + ProxyProvider.populateSystemProxyProperties( + getSession().getSettings(), getSettingsDecrypter()); ImageReference targetImageReference = pluginConfigurationProcessor.getTargetImageReference(); HelpfulSuggestions helpfulSuggestions = diff --git a/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/BuildTarMojo.java b/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/BuildTarMojo.java index 20cbd7c5ee..cd2be26b56 100644 --- a/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/BuildTarMojo.java +++ b/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/BuildTarMojo.java @@ -76,19 +76,18 @@ public void execute() throws MojoExecutionException, MojoFailureException { MavenHelpfulSuggestionsBuilder mavenHelpfulSuggestionsBuilder = new MavenHelpfulSuggestionsBuilder(HELPFUL_SUGGESTIONS_PREFIX, this); - DecryptedMavenSettings decryptedSettings = - DecryptedMavenSettings.from(getSession().getSettings(), getSettingsDecrypter()); - Path buildOutput = Paths.get(getProject().getBuild().getDirectory()); Path tarOutputPath = buildOutput.resolve("jib-image.tar"); PluginConfigurationProcessor pluginConfigurationProcessor = PluginConfigurationProcessor.processCommonConfigurationForTarImage( mavenRawConfiguration, - new MavenSettingsServerCredentials(decryptedSettings), + new MavenSettingsServerCredentials( + getSession().getSettings(), getSettingsDecrypter()), projectProperties, tarOutputPath, mavenHelpfulSuggestionsBuilder.build()); - ProxyProvider.init(decryptedSettings); + ProxyProvider.populateSystemProxyProperties( + getSession().getSettings(), getSettingsDecrypter()); HelpfulSuggestions helpfulSuggestions = mavenHelpfulSuggestionsBuilder diff --git a/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/DecryptedMavenSettings.java b/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/DecryptedMavenSettings.java deleted file mode 100644 index 23b19185f4..0000000000 --- a/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/DecryptedMavenSettings.java +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Copyright 2019 Google LLC. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy of - * the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - */ - -package com.google.cloud.tools.jib.maven; - -import java.util.List; -import org.apache.maven.plugin.MojoExecutionException; -import org.apache.maven.settings.Proxy; -import org.apache.maven.settings.Server; -import org.apache.maven.settings.Settings; -import org.apache.maven.settings.building.SettingsProblem; -import org.apache.maven.settings.crypto.DefaultSettingsDecryptionRequest; -import org.apache.maven.settings.crypto.SettingsDecrypter; -import org.apache.maven.settings.crypto.SettingsDecryptionRequest; -import org.apache.maven.settings.crypto.SettingsDecryptionResult; - -/** Provides decrypted Maven settings information. */ -class DecryptedMavenSettings { - - static DecryptedMavenSettings from(Settings settings, SettingsDecrypter decryptor) - throws MojoExecutionException { - SettingsDecryptionRequest request = new DefaultSettingsDecryptionRequest(settings); - SettingsDecryptionResult result = decryptor.decrypt(request); - // Un-encrypted passwords are passed through, so a problem indicates a real issue. - // If there are any ERROR or FATAL problems reported, then decryption failed. - for (SettingsProblem problem : result.getProblems()) { - if (problem.getSeverity() == SettingsProblem.Severity.ERROR - || problem.getSeverity() == SettingsProblem.Severity.FATAL) { - throw new MojoExecutionException("Unable to decrypt settings.xml: " + problem); - } - } - return new DecryptedMavenSettings(result, settings); - } - - private final SettingsDecryptionResult result; - private final Settings settings; - - private DecryptedMavenSettings(SettingsDecryptionResult result, Settings settings) { - this.result = result; - this.settings = settings; - } - - List getServers() { - // SettingsDecrypter and SettingsDecryptionResult do not document the meanings of the return - // results. SettingsDecryptionResult#getServers() does note that the list of decrypted servers - // can be empty. If the decrypted result returns an empty list, we fall back to the original - // settings. - return result.getServers().isEmpty() ? settings.getServers() : result.getServers(); - } - - List getProxies() { - return result.getProxies().isEmpty() ? settings.getProxies() : result.getProxies(); - } -} diff --git a/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/MavenSettingsServerCredentials.java b/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/MavenSettingsServerCredentials.java index 322a563c5f..122670bd94 100644 --- a/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/MavenSettingsServerCredentials.java +++ b/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/MavenSettingsServerCredentials.java @@ -17,28 +17,36 @@ package com.google.cloud.tools.jib.maven; import com.google.cloud.tools.jib.plugins.common.AuthProperty; +import com.google.cloud.tools.jib.plugins.common.InferredAuthException; +import com.google.cloud.tools.jib.plugins.common.InferredAuthProvider; import java.util.Optional; -import java.util.function.Function; -import java.util.function.Predicate; import org.apache.maven.settings.Server; +import org.apache.maven.settings.Settings; +import org.apache.maven.settings.building.SettingsProblem; +import org.apache.maven.settings.crypto.DefaultSettingsDecryptionRequest; +import org.apache.maven.settings.crypto.SettingsDecrypter; +import org.apache.maven.settings.crypto.SettingsDecryptionRequest; +import org.apache.maven.settings.crypto.SettingsDecryptionResult; /** * Retrieves credentials for servers defined in Maven settings. */ -class MavenSettingsServerCredentials implements Function> { +class MavenSettingsServerCredentials implements InferredAuthProvider { static final String CREDENTIAL_SOURCE = "Maven settings"; - private final DecryptedMavenSettings settings; + private final Settings settings; + private final SettingsDecrypter decrypter; /** * Create new instance. * * @param settings decrypted Maven settings */ - MavenSettingsServerCredentials(DecryptedMavenSettings settings) { + MavenSettingsServerCredentials(Settings settings, SettingsDecrypter decrypter) { this.settings = settings; + this.decrypter = decrypter; } /** @@ -48,15 +56,28 @@ class MavenSettingsServerCredentials implements Function apply(String registry) { - Predicate idMatches = server -> registry.equals(server.getId()); - Optional server = settings.getServers().stream().filter(idMatches).findFirst(); - if (!server.isPresent()) { + public Optional inferredAuth(String registry) throws InferredAuthException { + + Server server = settings.getServer(registry); + if (server == null) { return Optional.empty(); } - String username = server.get().getUsername(); - String password = server.get().getPassword(); + SettingsDecryptionRequest request = new DefaultSettingsDecryptionRequest(server); + SettingsDecryptionResult result = decrypter.decrypt(request); + // Un-encrypted passwords are passed through, so a problem indicates a real issue. + // If there are any ERROR or FATAL problems reported, then decryption failed. + for (SettingsProblem problem : result.getProblems()) { + if (problem.getSeverity() == SettingsProblem.Severity.ERROR + || problem.getSeverity() == SettingsProblem.Severity.FATAL) { + throw new InferredAuthException( + "Unable to decrypt server(" + registry + ") info from settings.xml: " + problem); + } + } + Server resultServer = result.getServer(); + + String username = resultServer.getUsername(); + String password = resultServer.getPassword(); return Optional.of( new AuthProperty() { diff --git a/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/ProxyProvider.java b/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/ProxyProvider.java index 157ac8146c..dff2e6d40b 100644 --- a/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/ProxyProvider.java +++ b/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/ProxyProvider.java @@ -18,8 +18,17 @@ import com.google.common.annotations.VisibleForTesting; import com.google.common.collect.ImmutableList; +import java.util.List; +import java.util.stream.Collectors; import javax.annotation.Nullable; +import org.apache.maven.plugin.MojoExecutionException; import org.apache.maven.settings.Proxy; +import org.apache.maven.settings.Settings; +import org.apache.maven.settings.building.SettingsProblem; +import org.apache.maven.settings.crypto.DefaultSettingsDecryptionRequest; +import org.apache.maven.settings.crypto.SettingsDecrypter; +import org.apache.maven.settings.crypto.SettingsDecryptionRequest; +import org.apache.maven.settings.crypto.SettingsDecryptionResult; /** Propagates proxy configuration from Maven settings to system properties. */ class ProxyProvider { @@ -27,24 +36,40 @@ class ProxyProvider { private static final ImmutableList PROXY_PROPERTIES = ImmutableList.of("proxyHost", "proxyPort", "proxyUser", "proxyPassword"); + private static final ImmutableList PROXY_PROTOCOLS = ImmutableList.of("https", "http"); /** * Initializes proxy settings based on Maven settings. * * @param settings Maven settings */ - static void init(DecryptedMavenSettings settings) { - configureProxy(settings, "https"); - configureProxy(settings, "http"); - } + static void populateSystemProxyProperties(Settings settings, SettingsDecrypter decrypter) + throws MojoExecutionException { + List proxies = + settings + .getProxies() + .stream() + .filter(Proxy::isActive) + .filter(proxy -> PROXY_PROTOCOLS.contains(proxy.getProtocol())) + .collect(Collectors.toList()); - private static void configureProxy(DecryptedMavenSettings settings, String protocol) { - settings - .getProxies() - .stream() - .filter(Proxy::isActive) - .filter(proxy -> protocol.equals(proxy.getProtocol())) - .findFirst() - .ifPresent(ProxyProvider::setProxyProperties); + System.out.println(proxies.size()); + if (proxies.size() == 0) { + return; + } + + SettingsDecryptionRequest request = new DefaultSettingsDecryptionRequest().setProxies(proxies); + System.out.println("Decrypter" + decrypter); + SettingsDecryptionResult result = decrypter.decrypt(request); + + for (SettingsProblem problem : result.getProblems()) { + if (problem.getSeverity() == SettingsProblem.Severity.ERROR + || problem.getSeverity() == SettingsProblem.Severity.FATAL) { + throw new MojoExecutionException( + "Unable to decrypt proxy info from settings.xml: " + problem); + } + } + + result.getProxies().forEach(ProxyProvider::setProxyProperties); } /** diff --git a/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/DecryptedMavenSettingsTest.java b/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/DecryptedMavenSettingsTest.java deleted file mode 100644 index 934c11cf9a..0000000000 --- a/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/DecryptedMavenSettingsTest.java +++ /dev/null @@ -1,104 +0,0 @@ -/* - * Copyright 2019 Google LLC. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy of - * the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - */ - -package com.google.cloud.tools.jib.maven; - -import java.util.Arrays; -import java.util.Collections; -import java.util.List; -import org.apache.maven.plugin.MojoExecutionException; -import org.apache.maven.settings.Proxy; -import org.apache.maven.settings.Server; -import org.apache.maven.settings.Settings; -import org.apache.maven.settings.building.SettingsProblem; -import org.apache.maven.settings.crypto.SettingsDecrypter; -import org.apache.maven.settings.crypto.SettingsDecryptionResult; -import org.junit.Assert; -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.mockito.Mock; -import org.mockito.Mockito; -import org.mockito.junit.MockitoJUnitRunner; - -/** Tests for {@link DecryptedMavenSettings}. */ -@RunWith(MockitoJUnitRunner.class) -public class DecryptedMavenSettingsTest { - - @Mock private Server server1; - @Mock private Server server2; - @Mock private Proxy proxy; - @Mock private Settings settings; - @Mock private SettingsDecrypter settingsDecrypter; - @Mock private SettingsDecryptionResult decryptionResult; - - private final List servers = Arrays.asList(server1, server2); - private final List proxies = Arrays.asList(proxy); - - private DecryptedMavenSettings decryptedSettings; - - @Before - public void setUp() throws MojoExecutionException { - Mockito.when(settingsDecrypter.decrypt(Mockito.any())).thenReturn(decryptionResult); - Mockito.when(decryptionResult.getProblems()).thenReturn(Collections.emptyList()); - - decryptedSettings = DecryptedMavenSettings.from(settings, settingsDecrypter); - } - - @Test - public void testFrom_decrypterFailure() { - SettingsProblem problem = Mockito.mock(SettingsProblem.class); - Mockito.when(problem.getSeverity()).thenReturn(SettingsProblem.Severity.ERROR); - // Maven's SettingsProblem has a more structured toString, but irrelevant here - Mockito.when(problem.toString()).thenReturn("MockProblemText"); - Mockito.when(decryptionResult.getProblems()).thenReturn(Arrays.asList(problem)); - - try { - DecryptedMavenSettings.from(settings, settingsDecrypter); - Assert.fail(); - } catch (MojoExecutionException ex) { - Assert.assertEquals("Unable to decrypt settings.xml: MockProblemText", ex.getMessage()); - } - } - - @Test - public void testGetServers() { - Mockito.when(decryptionResult.getServers()).thenReturn(servers); - Assert.assertEquals(servers, decryptedSettings.getServers()); - } - - @Test - public void testGetProxies() { - Mockito.when(decryptionResult.getProxies()).thenReturn(proxies); - Assert.assertEquals(proxies, decryptedSettings.getProxies()); - } - - @Test - public void testGetServers_emptyListFromDecryption() { - Mockito.when(decryptionResult.getServers()).thenReturn(Collections.emptyList()); - Mockito.when(settings.getServers()).thenReturn(servers); - - Assert.assertEquals(servers, decryptedSettings.getServers()); - } - - @Test - public void testGetProxies_emptyListFromDecryption() { - Mockito.when(decryptionResult.getProxies()).thenReturn(Collections.emptyList()); - Mockito.when(settings.getProxies()).thenReturn(proxies); - - Assert.assertEquals(proxies, decryptedSettings.getProxies()); - } -} diff --git a/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/MavenSettingsServerCredentialsTest.java b/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/MavenSettingsServerCredentialsTest.java index f1c8663c78..6d7fc9b68d 100644 --- a/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/MavenSettingsServerCredentialsTest.java +++ b/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/MavenSettingsServerCredentialsTest.java @@ -17,45 +17,78 @@ package com.google.cloud.tools.jib.maven; import com.google.cloud.tools.jib.plugins.common.AuthProperty; -import java.util.Arrays; +import com.google.cloud.tools.jib.plugins.common.InferredAuthException; +import java.nio.file.Path; +import java.nio.file.Paths; import java.util.Optional; -import org.apache.maven.settings.Server; +import org.hamcrest.core.StringStartsWith; import org.junit.Assert; import org.junit.Before; import org.junit.Test; -import org.junit.runner.RunWith; -import org.mockito.Mock; -import org.mockito.Mockito; -import org.mockito.junit.MockitoJUnitRunner; /** Tests for {@link MavenSettingsServerCredentials}. */ -@RunWith(MockitoJUnitRunner.class) public class MavenSettingsServerCredentialsTest { - @Mock private DecryptedMavenSettings mockSettings; - @Mock private Server mockServer1; - - private MavenSettingsServerCredentials testMavenSettingsServerCredentials; + private MavenSettingsServerCredentials mavenSettingsServerCredentialsNoMasterPassword; + private MavenSettingsServerCredentials mavenSettingsServerCredentials; + private Path testSettings = Paths.get("src/test/resources/maven/settings/settings.xml"); + private Path testSettingsSecurity = + Paths.get("src/test/resources/maven/settings/settings-security.xml"); + private Path testSettingsSecurityEmpty = + Paths.get("src/test/resources/maven/settings/settings-security.empty.xml"); @Before public void setUp() { - Mockito.when(mockSettings.getServers()).thenReturn(Arrays.asList(mockServer1)); - Mockito.when(mockServer1.getId()).thenReturn("server1"); - Mockito.when(mockServer1.getUsername()).thenReturn("server1 username"); - Mockito.when(mockServer1.getPassword()).thenReturn("server1 password"); - testMavenSettingsServerCredentials = new MavenSettingsServerCredentials(mockSettings); + mavenSettingsServerCredentials = + new MavenSettingsServerCredentials( + SettingsFixture.newSettings(testSettings), + SettingsFixture.newSettingsDecrypter(testSettingsSecurity)); + mavenSettingsServerCredentialsNoMasterPassword = + new MavenSettingsServerCredentials( + SettingsFixture.newSettings(testSettings), + SettingsFixture.newSettingsDecrypter(testSettingsSecurityEmpty)); + } + + @Test + public void testInferredAuth_decrypterFailure() { + try { + mavenSettingsServerCredentials.inferredAuth("badServer"); + Assert.fail(); + } catch (InferredAuthException ex) { + Assert.assertThat( + ex.getMessage(), + StringStartsWith.startsWith( + "Unable to decrypt server(badServer) info from settings.xml:")); + } + } + + @Test + public void testInferredAuth_successEncrypted() throws InferredAuthException { + Optional auth = mavenSettingsServerCredentials.inferredAuth("encryptedServer"); + Assert.assertTrue(auth.isPresent()); + Assert.assertEquals("encryptedUser", auth.get().getUsername()); + Assert.assertEquals("password1", auth.get().getPassword()); + } + + @Test + public void testInferredAuth_successUnencrypted() throws InferredAuthException { + Optional auth = mavenSettingsServerCredentials.inferredAuth("simpleServer"); + Assert.assertTrue(auth.isPresent()); + Assert.assertEquals("simpleUser", auth.get().getUsername()); + Assert.assertEquals("password2", auth.get().getPassword()); } @Test - public void testRetrieve_found() { - Optional auth = testMavenSettingsServerCredentials.apply("server1"); + public void testInferredAuth_successNoPasswordDoesNotBlowUp() throws InferredAuthException { + Optional auth = + mavenSettingsServerCredentialsNoMasterPassword.inferredAuth("simpleServer"); Assert.assertTrue(auth.isPresent()); - Assert.assertEquals("server1 username", auth.get().getUsername()); - Assert.assertEquals("server1 password", auth.get().getPassword()); + Assert.assertEquals("simpleUser", auth.get().getUsername()); + Assert.assertEquals("password2", auth.get().getPassword()); } @Test - public void testRetrieve_notFound() { - Assert.assertFalse(testMavenSettingsServerCredentials.apply("serverUnknown").isPresent()); + public void testInferredAuth_notFound() throws InferredAuthException { + Assert.assertFalse(mavenSettingsServerCredentials.inferredAuth("serverUnknown").isPresent()); } } diff --git a/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/ProxyProviderTest.java b/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/ProxyProviderTest.java index caf5e158a6..379ca86d83 100644 --- a/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/ProxyProviderTest.java +++ b/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/ProxyProviderTest.java @@ -17,20 +17,35 @@ package com.google.cloud.tools.jib.maven; import com.google.common.collect.ImmutableList; -import java.util.Arrays; +import java.nio.file.Paths; import java.util.HashMap; import java.util.Map; import java.util.function.Consumer; +import org.apache.maven.plugin.MojoExecutionException; import org.apache.maven.settings.Proxy; +import org.apache.maven.settings.Settings; +import org.apache.maven.settings.crypto.SettingsDecrypter; +import org.hamcrest.core.StringStartsWith; import org.junit.After; import org.junit.Assert; import org.junit.Before; +import org.junit.BeforeClass; import org.junit.Test; -import org.mockito.Mockito; +import org.junit.runner.RunWith; +import org.mockito.junit.MockitoJUnitRunner; /** Test for {@link ProxyProvider}. */ +@RunWith(MockitoJUnitRunner.class) public class ProxyProviderTest { + private static Settings noActiveProxiesSettings; + private static Settings httpOnlyProxySettings; + private static Settings httpsOnlyProxySettings; + private static Settings mixedProxyEncryptedSettings; + private static Settings badProxyEncryptedSettings; + private static SettingsDecrypter settingsDescypter; + private static SettingsDecrypter emptySettingsDescypter; + private static final ImmutableList proxyProperties = ImmutableList.of( "http.proxyHost", @@ -46,6 +61,31 @@ public class ProxyProviderTest { // HashMap to allow saving null values. private final HashMap savedProperties = new HashMap<>(); + @BeforeClass + public static void setUpTestFixtures() { + noActiveProxiesSettings = + SettingsFixture.newSettings( + Paths.get("src/test/resources/maven/settings/no-active-proxy-settings.xml")); + httpOnlyProxySettings = + SettingsFixture.newSettings( + Paths.get("src/test/resources/maven/settings/http-only-proxy-settings.xml")); + httpsOnlyProxySettings = + SettingsFixture.newSettings( + Paths.get("src/test/resources/maven/settings/https-only-proxy-settings.xml")); + mixedProxyEncryptedSettings = + SettingsFixture.newSettings( + Paths.get("src/test/resources/maven/settings/encrypted-proxy-settings.xml")); + badProxyEncryptedSettings = + SettingsFixture.newSettings( + Paths.get("src/test/resources/maven/settings/bad-encrypted-proxy-settings.xml")); + settingsDescypter = + SettingsFixture.newSettingsDecrypter( + Paths.get("src/test/resources/maven/settings/settings-security.xml")); + emptySettingsDescypter = + SettingsFixture.newSettingsDecrypter( + Paths.get("src/test/resources/maven/settings/settings-security.empty.xml")); + } + @Before public void setUp() { proxyProperties.stream().forEach(key -> savedProperties.put(key, System.getProperty(key))); @@ -187,82 +227,49 @@ public void testSetProxyProperties_someValuesUndefined() { } @Test - public void testInit_noActiveProxy() { - Proxy httpProxy = new Proxy(); - httpProxy.setProtocol("http"); - httpProxy.setHost("proxy1 host"); - httpProxy.setActive(false); - - Proxy httpsProxy = new Proxy(); - httpsProxy.setProtocol("https"); - httpsProxy.setHost("proxy2 host"); - httpsProxy.setActive(false); + public void testPopulateSystemProxyProperties_noActiveProxy() throws MojoExecutionException { - DecryptedMavenSettings settings = Mockito.mock(DecryptedMavenSettings.class); - Mockito.when(settings.getProxies()).thenReturn(Arrays.asList(httpProxy, httpsProxy)); - ProxyProvider.init(settings); + ProxyProvider.populateSystemProxyProperties(noActiveProxiesSettings, settingsDescypter); Assert.assertNull(System.getProperty("http.proxyHost")); Assert.assertNull(System.getProperty("https.proxyHost")); } @Test - public void testInit_firstActiveHttpProxy() { - Proxy proxy1 = new Proxy(); - proxy1.setProtocol("http"); - proxy1.setHost("proxy1 host"); - proxy1.setActive(false); - - Proxy proxy2 = new Proxy(); - proxy2.setProtocol("http"); - proxy2.setHost("proxy2 host"); - proxy2.setActive(true); - - Proxy proxy3 = new Proxy(); - proxy3.setProtocol("http"); - proxy3.setHost("proxy3 host"); - proxy3.setActive(false); - - Proxy proxy4 = new Proxy(); - proxy4.setProtocol("http"); - proxy4.setHost("proxy4 host"); - proxy4.setActive(true); - - DecryptedMavenSettings settings = Mockito.mock(DecryptedMavenSettings.class); - Mockito.when(settings.getProxies()).thenReturn(Arrays.asList(proxy1, proxy2, proxy3, proxy4)); - ProxyProvider.init(settings); - - Assert.assertEquals("proxy2 host", System.getProperty("http.proxyHost")); + public void testPopulateSystemProxyProperties_firstActiveHttpProxy() + throws MojoExecutionException { + ProxyProvider.populateSystemProxyProperties(httpOnlyProxySettings, settingsDescypter); + + Assert.assertEquals("proxy2.example.com", System.getProperty("http.proxyHost")); Assert.assertNull(System.getProperty("https.proxyHost")); } @Test - public void testInit_firstActiveHttpsProxy() { - Proxy proxy1 = new Proxy(); - proxy1.setProtocol("https"); - proxy1.setHost("proxy1 host"); - proxy1.setActive(false); - - Proxy proxy2 = new Proxy(); - proxy2.setProtocol("https"); - proxy2.setHost("proxy2 host"); - proxy2.setActive(true); - - Proxy proxy3 = new Proxy(); - proxy3.setProtocol("https"); - proxy3.setHost("proxy3 host"); - proxy3.setActive(false); - - Proxy proxy4 = new Proxy(); - proxy4.setProtocol("https"); - proxy4.setHost("proxy4 host"); - proxy4.setActive(true); - - DecryptedMavenSettings settings = Mockito.mock(DecryptedMavenSettings.class); - Mockito.when(settings.getProxies()).thenReturn(Arrays.asList(proxy1, proxy2, proxy3, proxy4)); - ProxyProvider.init(settings); + public void testPopulateSystemProxyProperties_firstActiveHttpsProxy() + throws MojoExecutionException { + ProxyProvider.populateSystemProxyProperties(httpsOnlyProxySettings, settingsDescypter); + Assert.assertEquals("proxy2.example.com", System.getProperty("https.proxyHost")); Assert.assertNull(System.getProperty("http.proxyHost")); - Assert.assertEquals("proxy2 host", System.getProperty("https.proxyHost")); + } + + @Test + public void testPopulateSystemProxyProperties_EncryptedProxy() throws MojoExecutionException { + ProxyProvider.populateSystemProxyProperties(mixedProxyEncryptedSettings, settingsDescypter); + + Assert.assertEquals("password1", System.getProperty("http.proxyPassword")); + Assert.assertEquals("password2", System.getProperty("https.proxyPassword")); + } + + @Test + public void testPopulateSystemProxyProperties_decryptionFailure() { + try { + ProxyProvider.populateSystemProxyProperties(badProxyEncryptedSettings, settingsDescypter); + Assert.fail(); + } catch (MojoExecutionException ex) { + Assert.assertThat( + ex.getMessage(), + StringStartsWith.startsWith("Unable to decrypt proxy info from settings.xml:")); + } } } diff --git a/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/SettingsFixture.java b/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/SettingsFixture.java new file mode 100644 index 0000000000..40a15f44cb --- /dev/null +++ b/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/SettingsFixture.java @@ -0,0 +1,73 @@ +package com.google.cloud.tools.jib.maven; + +import com.google.common.base.Preconditions; +import java.lang.reflect.Field; +import java.nio.file.Files; +import java.nio.file.Path; +import org.apache.maven.settings.Settings; +import org.apache.maven.settings.building.DefaultSettingsBuilderFactory; +import org.apache.maven.settings.building.DefaultSettingsBuildingRequest; +import org.apache.maven.settings.building.SettingsBuilder; +import org.apache.maven.settings.building.SettingsBuildingException; +import org.apache.maven.settings.building.SettingsBuildingRequest; +import org.apache.maven.settings.crypto.DefaultSettingsDecrypter; +import org.apache.maven.settings.crypto.SettingsDecrypter; +import org.sonatype.plexus.components.cipher.DefaultPlexusCipher; +import org.sonatype.plexus.components.sec.dispatcher.DefaultSecDispatcher; + +public class SettingsFixture { + + /** + * Create a new {@link Settings} for testing purposes. + * + * @param settingsFile absolute path to settings.xml + * @return {@link Settings} built from settingsFile + */ + public static Settings newSettings(Path settingsFile) { + Preconditions.checkArgument(Files.isRegularFile(settingsFile)); + try { + SettingsBuilder settingsBuilder = new DefaultSettingsBuilderFactory().newInstance(); + SettingsBuildingRequest settingsRequest = new DefaultSettingsBuildingRequest(); + settingsRequest.setUserSettingsFile(settingsFile.toFile()); + return settingsBuilder.build(settingsRequest).getEffectiveSettings(); + } catch (SettingsBuildingException ex) { + throw new IllegalStateException("Tests need to be rewritten: " + ex.getMessage(), ex); + } + } + + /** + * Create a new {@link SettingsDecrypter} for testing purposes. + * + * @param settingsSecurityFile absolute path to security-settings.xml + * @return {@link SettingsDecrypter} built from settingsSecurityFile + */ + public static SettingsDecrypter newSettingsDecrypter(Path settingsSecurityFile) { + Preconditions.checkArgument(Files.isRegularFile(settingsSecurityFile)); + try { + + DefaultPlexusCipher injectCypher = new DefaultPlexusCipher(); + + DefaultSecDispatcher injectedDispatcher = new DefaultSecDispatcher(); + injectedDispatcher.setConfigurationFile(settingsSecurityFile.toAbsolutePath().toString()); + setField(DefaultSecDispatcher.class, injectedDispatcher, "_cipher", injectCypher); + + DefaultSettingsDecrypter settingsDecrypter = new DefaultSettingsDecrypter(); + setField( + DefaultSettingsDecrypter.class, + settingsDecrypter, + "securityDispatcher", + injectedDispatcher); + return settingsDecrypter; + } catch (Exception ex) { + throw new IllegalStateException("Tests need to be rewritten: " + ex.getMessage(), ex); + } + } + + private static void setField( + Class clazz, T instance, String fieldName, Object injectedField) + throws NoSuchFieldException, IllegalAccessException { + Field field = clazz.getDeclaredField(fieldName); + field.setAccessible(true); + field.set(instance, injectedField); + } +} diff --git a/jib-maven-plugin/src/test/resources/maven/settings/bad-encrypted-proxy-settings.xml b/jib-maven-plugin/src/test/resources/maven/settings/bad-encrypted-proxy-settings.xml new file mode 100644 index 0000000000..d78c6d62f5 --- /dev/null +++ b/jib-maven-plugin/src/test/resources/maven/settings/bad-encrypted-proxy-settings.xml @@ -0,0 +1,13 @@ + + + + http + true + http + proxy.example.com + 8080 + proxyuser + {i-made-this-up=} + + + \ No newline at end of file diff --git a/jib-maven-plugin/src/test/resources/maven/settings/encrypted-proxy-settings.xml b/jib-maven-plugin/src/test/resources/maven/settings/encrypted-proxy-settings.xml new file mode 100644 index 0000000000..4edc1f040c --- /dev/null +++ b/jib-maven-plugin/src/test/resources/maven/settings/encrypted-proxy-settings.xml @@ -0,0 +1,22 @@ + + + + http + true + http + proxy1.example.com + 8080 + proxyuser + {AmwLphSL7qQHMPGxPn6NHQFNkU+ME6BU550hxoQrKHk=} + + + https + true + https + proxy2.example.com + 8443 + proxyuser + password2 + + + \ No newline at end of file diff --git a/jib-maven-plugin/src/test/resources/maven/settings/http-only-proxy-settings.xml b/jib-maven-plugin/src/test/resources/maven/settings/http-only-proxy-settings.xml new file mode 100644 index 0000000000..02ef8934de --- /dev/null +++ b/jib-maven-plugin/src/test/resources/maven/settings/http-only-proxy-settings.xml @@ -0,0 +1,25 @@ + + + + http1 + false + http + proxy1.example.com + 8080 + + + http2 + true + http + proxy2.example.com + 8080 + + + http3 + true + http + proxy3.example.com + 8080 + + + \ No newline at end of file diff --git a/jib-maven-plugin/src/test/resources/maven/settings/https-only-proxy-settings.xml b/jib-maven-plugin/src/test/resources/maven/settings/https-only-proxy-settings.xml new file mode 100644 index 0000000000..22e3c62eb9 --- /dev/null +++ b/jib-maven-plugin/src/test/resources/maven/settings/https-only-proxy-settings.xml @@ -0,0 +1,25 @@ + + + + https1 + false + https + proxy1.example.com + 8443 + + + https2 + true + https + proxy2.example.com + 8443 + + + https3 + true + https + proxy3.example.com + 8443 + + + \ No newline at end of file diff --git a/jib-maven-plugin/src/test/resources/maven/settings/no-active-proxy-settings.xml b/jib-maven-plugin/src/test/resources/maven/settings/no-active-proxy-settings.xml new file mode 100644 index 0000000000..45702fdec9 --- /dev/null +++ b/jib-maven-plugin/src/test/resources/maven/settings/no-active-proxy-settings.xml @@ -0,0 +1,22 @@ + + + + http + false + http + proxy.example.com + 8080 + proxyuser + somepassword + + + https + false + https + proxy.example.com + 8443 + proxyuser + somepassword + + + \ No newline at end of file diff --git a/jib-maven-plugin/src/test/resources/maven/settings/readme b/jib-maven-plugin/src/test/resources/maven/settings/readme new file mode 100644 index 0000000000..0dd5e2c689 --- /dev/null +++ b/jib-maven-plugin/src/test/resources/maven/settings/readme @@ -0,0 +1,13 @@ +Generate settings-security.xml with, if you change this, you have to change all the files in settings.xml, so just leave it as is: + +$ mvn --encrypt-master-password +Master password: +{generatedValue=} +^^^ copy this password into security-settings.xml + +Create settings.xml with mixed encrypted and unencrpted values, to encrypt a password value use: + +$ mvn --encrypt-password -Dsettings.security= +Password: +{generatedValue=} +^^^ copy this password into the right spot in settings.xml diff --git a/jib-maven-plugin/src/test/resources/maven/settings/settings-security.empty.xml b/jib-maven-plugin/src/test/resources/maven/settings/settings-security.empty.xml new file mode 100644 index 0000000000..e69de29bb2 diff --git a/jib-maven-plugin/src/test/resources/maven/settings/settings-security.xml b/jib-maven-plugin/src/test/resources/maven/settings/settings-security.xml new file mode 100644 index 0000000000..c136e67634 --- /dev/null +++ b/jib-maven-plugin/src/test/resources/maven/settings/settings-security.xml @@ -0,0 +1,3 @@ + + {}X6FMi5KzfGgHeRrZdTiwUdXfVSSqcNdXvVjt3tw7oxs= + diff --git a/jib-maven-plugin/src/test/resources/maven/settings/settings.xml b/jib-maven-plugin/src/test/resources/maven/settings/settings.xml new file mode 100644 index 0000000000..f5fc0a4dcb --- /dev/null +++ b/jib-maven-plugin/src/test/resources/maven/settings/settings.xml @@ -0,0 +1,19 @@ + + + + encryptedServer + encryptedUser + {AmwLphSL7qQHMPGxPn6NHQFNkU+ME6BU550hxoQrKHk=} + + + simpleServer + simpleUser + password2 + + + badServer + badUser + {i-made-this-up=} + + + diff --git a/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/InferredAuthException.java b/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/InferredAuthException.java new file mode 100644 index 0000000000..2f53c6dcf8 --- /dev/null +++ b/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/InferredAuthException.java @@ -0,0 +1,11 @@ +package com.google.cloud.tools.jib.plugins.common; + +/** + * Indicates that the {@link InferredAuthProvider} failed encountered a failure while trying to + * determine auth credentials (not thrown for missing). + */ +public class InferredAuthException extends Exception { + public InferredAuthException(String message) { + super(message); + } +} diff --git a/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/InferredAuthProvider.java b/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/InferredAuthProvider.java new file mode 100644 index 0000000000..f0b6524a2f --- /dev/null +++ b/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/InferredAuthProvider.java @@ -0,0 +1,7 @@ +package com.google.cloud.tools.jib.plugins.common; + +import java.util.Optional; + +public interface InferredAuthProvider { + Optional inferredAuth(String registry) throws InferredAuthException; +} diff --git a/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/PluginConfigurationProcessor.java b/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/PluginConfigurationProcessor.java index 6b31f982a0..a32f90a115 100644 --- a/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/PluginConfigurationProcessor.java +++ b/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/PluginConfigurationProcessor.java @@ -59,7 +59,7 @@ public class PluginConfigurationProcessor { public static PluginConfigurationProcessor processCommonConfigurationForDockerDaemonImage( RawConfiguration rawConfiguration, - Function> inferredAuthProvider, + InferredAuthProvider inferredAuthProvider, ProjectProperties projectProperties, @Nullable Path dockerExecutable, @Nullable Map dockerEnvironment, @@ -89,7 +89,7 @@ public static PluginConfigurationProcessor processCommonConfigurationForDockerDa public static PluginConfigurationProcessor processCommonConfigurationForTarImage( RawConfiguration rawConfiguration, - Function> inferredAuthProvider, + InferredAuthProvider inferredAuthProvider, ProjectProperties projectProperties, Path tarImagePath, HelpfulSuggestions helpfulSuggestions) @@ -112,7 +112,7 @@ public static PluginConfigurationProcessor processCommonConfigurationForTarImage public static PluginConfigurationProcessor processCommonConfigurationForRegistryImage( RawConfiguration rawConfiguration, - Function> inferredAuthProvider, + InferredAuthProvider inferredAuthProvider, ProjectProperties projectProperties) throws InvalidImageReferenceException, MainClassInferenceException, InvalidAppRootException, IOException, InvalidWorkingDirectoryException, InvalidContainerVolumeException, @@ -151,7 +151,7 @@ public static PluginConfigurationProcessor processCommonConfigurationForRegistry @VisibleForTesting static PluginConfigurationProcessor processCommonConfiguration( RawConfiguration rawConfiguration, - Function> inferredAuthProvider, + InferredAuthProvider inferredAuthProvider, ProjectProperties projectProperties, Containerizer containerizer, ImageReference targetImageReference, @@ -398,7 +398,7 @@ private static boolean configureCredentialRetrievers( String usernamePropertyName, String passwordPropertyName, AuthProperty knownAuth, - Function> inferredAuthProvider, + InferredAuthProvider inferredAuthProvider, @Nullable String credHelper) throws FileNotFoundException { DefaultCredentialRetrievers defaultCredentialRetrievers = @@ -416,15 +416,19 @@ private static boolean configureCredentialRetrievers( defaultCredentialRetrievers.setKnownCredential( optionalCredential.get(), knownAuth.getAuthDescriptor()); } else { - Optional optionalInferredAuth = - inferredAuthProvider.apply(imageReference.getRegistry()); - credentialPresent = optionalInferredAuth.isPresent(); - if (optionalInferredAuth.isPresent()) { - AuthProperty auth = optionalInferredAuth.get(); - String username = Verify.verifyNotNull(auth.getUsername()); - String password = Verify.verifyNotNull(auth.getPassword()); - Credential credential = Credential.from(username, password); - defaultCredentialRetrievers.setInferredCredential(credential, auth.getAuthDescriptor()); + try { + Optional optionalInferredAuth = + inferredAuthProvider.inferredAuth(imageReference.getRegistry()); + credentialPresent = optionalInferredAuth.isPresent(); + if (optionalInferredAuth.isPresent()) { + AuthProperty auth = optionalInferredAuth.get(); + String username = Verify.verifyNotNull(auth.getUsername()); + String password = Verify.verifyNotNull(auth.getPassword()); + Credential credential = Credential.from(username, password); + defaultCredentialRetrievers.setInferredCredential(credential, auth.getAuthDescriptor()); + } + } catch (InferredAuthException ex) { + eventDispatcher.dispatch(LogEvent.warn("InferredAuthException: " + ex.getMessage())); } } defaultCredentialRetrievers.setCredentialHelper(credHelper); From f1030ae5dac50f084b42789039718f312e56cf54 Mon Sep 17 00:00:00 2001 From: Appu Goundan Date: Fri, 10 May 2019 18:05:25 -0400 Subject: [PATCH 2/6] formatting --- .../tools/jib/plugins/common/PluginConfigurationProcessor.java | 1 - 1 file changed, 1 deletion(-) diff --git a/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/PluginConfigurationProcessor.java b/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/PluginConfigurationProcessor.java index a32f90a115..b097993a35 100644 --- a/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/PluginConfigurationProcessor.java +++ b/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/PluginConfigurationProcessor.java @@ -48,7 +48,6 @@ import java.util.Map; import java.util.Optional; import java.util.Set; -import java.util.function.Function; import javax.annotation.Nullable; /** From 8144996d3f166971efab0e826ab83e29e5e523f0 Mon Sep 17 00:00:00 2001 From: Appu Goundan Date: Mon, 13 May 2019 10:20:03 -0400 Subject: [PATCH 3/6] Only use first active proxy - Also comments, spelling, copyright --- .../cloud/tools/jib/maven/ProxyProvider.java | 18 +++++++++----- .../tools/jib/maven/ProxyProviderTest.java | 14 +++++------ .../plugins/common/InferredAuthException.java | 18 +++++++++++++- .../plugins/common/InferredAuthProvider.java | 24 +++++++++++++++++++ 4 files changed, 60 insertions(+), 14 deletions(-) diff --git a/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/ProxyProvider.java b/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/ProxyProvider.java index dff2e6d40b..4738a09dd9 100644 --- a/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/ProxyProvider.java +++ b/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/ProxyProvider.java @@ -19,6 +19,7 @@ import com.google.common.annotations.VisibleForTesting; import com.google.common.collect.ImmutableList; import java.util.List; +import java.util.Optional; import java.util.stream.Collectors; import javax.annotation.Nullable; import org.apache.maven.plugin.MojoExecutionException; @@ -45,20 +46,25 @@ class ProxyProvider { static void populateSystemProxyProperties(Settings settings, SettingsDecrypter decrypter) throws MojoExecutionException { List proxies = - settings - .getProxies() + PROXY_PROTOCOLS .stream() - .filter(Proxy::isActive) - .filter(proxy -> PROXY_PROTOCOLS.contains(proxy.getProtocol())) + .map( + protocol -> + settings + .getProxies() + .stream() + .filter(Proxy::isActive) + .filter(proxy -> protocol.equals(proxy.getProtocol())) + .findFirst()) + .filter(Optional::isPresent) + .map(Optional::get) .collect(Collectors.toList()); - System.out.println(proxies.size()); if (proxies.size() == 0) { return; } SettingsDecryptionRequest request = new DefaultSettingsDecryptionRequest().setProxies(proxies); - System.out.println("Decrypter" + decrypter); SettingsDecryptionResult result = decrypter.decrypt(request); for (SettingsProblem problem : result.getProblems()) { diff --git a/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/ProxyProviderTest.java b/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/ProxyProviderTest.java index 379ca86d83..48c8575db2 100644 --- a/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/ProxyProviderTest.java +++ b/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/ProxyProviderTest.java @@ -43,7 +43,7 @@ public class ProxyProviderTest { private static Settings httpsOnlyProxySettings; private static Settings mixedProxyEncryptedSettings; private static Settings badProxyEncryptedSettings; - private static SettingsDecrypter settingsDescypter; + private static SettingsDecrypter settingsDecrypter; private static SettingsDecrypter emptySettingsDescypter; private static final ImmutableList proxyProperties = @@ -78,7 +78,7 @@ public static void setUpTestFixtures() { badProxyEncryptedSettings = SettingsFixture.newSettings( Paths.get("src/test/resources/maven/settings/bad-encrypted-proxy-settings.xml")); - settingsDescypter = + settingsDecrypter = SettingsFixture.newSettingsDecrypter( Paths.get("src/test/resources/maven/settings/settings-security.xml")); emptySettingsDescypter = @@ -229,7 +229,7 @@ public void testSetProxyProperties_someValuesUndefined() { @Test public void testPopulateSystemProxyProperties_noActiveProxy() throws MojoExecutionException { - ProxyProvider.populateSystemProxyProperties(noActiveProxiesSettings, settingsDescypter); + ProxyProvider.populateSystemProxyProperties(noActiveProxiesSettings, settingsDecrypter); Assert.assertNull(System.getProperty("http.proxyHost")); Assert.assertNull(System.getProperty("https.proxyHost")); @@ -238,7 +238,7 @@ public void testPopulateSystemProxyProperties_noActiveProxy() throws MojoExecuti @Test public void testPopulateSystemProxyProperties_firstActiveHttpProxy() throws MojoExecutionException { - ProxyProvider.populateSystemProxyProperties(httpOnlyProxySettings, settingsDescypter); + ProxyProvider.populateSystemProxyProperties(httpOnlyProxySettings, settingsDecrypter); Assert.assertEquals("proxy2.example.com", System.getProperty("http.proxyHost")); Assert.assertNull(System.getProperty("https.proxyHost")); @@ -247,7 +247,7 @@ public void testPopulateSystemProxyProperties_firstActiveHttpProxy() @Test public void testPopulateSystemProxyProperties_firstActiveHttpsProxy() throws MojoExecutionException { - ProxyProvider.populateSystemProxyProperties(httpsOnlyProxySettings, settingsDescypter); + ProxyProvider.populateSystemProxyProperties(httpsOnlyProxySettings, settingsDecrypter); Assert.assertEquals("proxy2.example.com", System.getProperty("https.proxyHost")); Assert.assertNull(System.getProperty("http.proxyHost")); @@ -255,7 +255,7 @@ public void testPopulateSystemProxyProperties_firstActiveHttpsProxy() @Test public void testPopulateSystemProxyProperties_EncryptedProxy() throws MojoExecutionException { - ProxyProvider.populateSystemProxyProperties(mixedProxyEncryptedSettings, settingsDescypter); + ProxyProvider.populateSystemProxyProperties(mixedProxyEncryptedSettings, settingsDecrypter); Assert.assertEquals("password1", System.getProperty("http.proxyPassword")); Assert.assertEquals("password2", System.getProperty("https.proxyPassword")); @@ -264,7 +264,7 @@ public void testPopulateSystemProxyProperties_EncryptedProxy() throws MojoExecut @Test public void testPopulateSystemProxyProperties_decryptionFailure() { try { - ProxyProvider.populateSystemProxyProperties(badProxyEncryptedSettings, settingsDescypter); + ProxyProvider.populateSystemProxyProperties(badProxyEncryptedSettings, settingsDecrypter); Assert.fail(); } catch (MojoExecutionException ex) { Assert.assertThat( diff --git a/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/InferredAuthException.java b/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/InferredAuthException.java index 2f53c6dcf8..c95c916141 100644 --- a/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/InferredAuthException.java +++ b/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/InferredAuthException.java @@ -1,7 +1,23 @@ +/* + * Copyright 2019 Google LLC. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ + package com.google.cloud.tools.jib.plugins.common; /** - * Indicates that the {@link InferredAuthProvider} failed encountered a failure while trying to + * Indicates that the {@link InferredAuthProvider} encountered a failure while trying to * determine auth credentials (not thrown for missing). */ public class InferredAuthException extends Exception { diff --git a/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/InferredAuthProvider.java b/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/InferredAuthProvider.java index f0b6524a2f..ae8b2ab9de 100644 --- a/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/InferredAuthProvider.java +++ b/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/InferredAuthProvider.java @@ -1,7 +1,31 @@ +/* + * Copyright 2019 Google LLC. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ + package com.google.cloud.tools.jib.plugins.common; import java.util.Optional; +/** An auth provider specific to the client's architecture. */ public interface InferredAuthProvider { + + /** + * Find auth credentials for a specific registry. + * @param registry we want credential for + * @return auth information for the registry (can be empty) + * @throws InferredAuthException if the auth discovery process resulted in a fatal error + */ Optional inferredAuth(String registry) throws InferredAuthException; } From a9e4639581ecab144f25c2e480ef3948d9405a7f Mon Sep 17 00:00:00 2001 From: Appu Goundan Date: Mon, 13 May 2019 14:57:21 -0400 Subject: [PATCH 4/6] formatting + copyright --- .../cloud/tools/jib/maven/SettingsFixture.java | 16 ++++++++++++++++ .../plugins/common/InferredAuthException.java | 4 ++-- .../jib/plugins/common/InferredAuthProvider.java | 1 + 3 files changed, 19 insertions(+), 2 deletions(-) diff --git a/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/SettingsFixture.java b/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/SettingsFixture.java index 40a15f44cb..8fe60a6dbe 100644 --- a/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/SettingsFixture.java +++ b/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/SettingsFixture.java @@ -1,3 +1,19 @@ +/* + * Copyright 2019 Google LLC. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ + package com.google.cloud.tools.jib.maven; import com.google.common.base.Preconditions; diff --git a/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/InferredAuthException.java b/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/InferredAuthException.java index c95c916141..d53b1d96fc 100644 --- a/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/InferredAuthException.java +++ b/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/InferredAuthException.java @@ -17,8 +17,8 @@ package com.google.cloud.tools.jib.plugins.common; /** - * Indicates that the {@link InferredAuthProvider} encountered a failure while trying to - * determine auth credentials (not thrown for missing). + * Indicates that the {@link InferredAuthProvider} encountered a failure while trying to determine + * auth credentials (not thrown for missing). */ public class InferredAuthException extends Exception { public InferredAuthException(String message) { diff --git a/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/InferredAuthProvider.java b/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/InferredAuthProvider.java index ae8b2ab9de..ed25efd0c3 100644 --- a/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/InferredAuthProvider.java +++ b/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/InferredAuthProvider.java @@ -23,6 +23,7 @@ public interface InferredAuthProvider { /** * Find auth credentials for a specific registry. + * * @param registry we want credential for * @return auth information for the registry (can be empty) * @throws InferredAuthException if the auth discovery process resulted in a fatal error From 0f673f1d3a815ccdb089b9f44702646fba3addc9 Mon Sep 17 00:00:00 2001 From: Appu Goundan Date: Mon, 13 May 2019 16:29:57 -0400 Subject: [PATCH 5/6] rework code a little to be more obvious --- .../tools/jib/maven/BuildDockerMojo.java | 2 +- .../cloud/tools/jib/maven/BuildImageMojo.java | 2 +- .../cloud/tools/jib/maven/BuildTarMojo.java | 2 +- ...r.java => MavenSettingsProxyProvider.java} | 43 +++++----- .../maven/MavenSettingsServerCredentials.java | 2 +- ...va => MavenSettingsProxyProviderTest.java} | 82 ++++++++++--------- .../MavenSettingsServerCredentialsTest.java | 15 ++-- .../plugins/common/InferredAuthProvider.java | 2 +- .../common/PluginConfigurationProcessor.java | 2 +- 9 files changed, 75 insertions(+), 77 deletions(-) rename jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/{ProxyProvider.java => MavenSettingsProxyProvider.java} (77%) rename jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/{ProxyProviderTest.java => MavenSettingsProxyProviderTest.java} (71%) diff --git a/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/BuildDockerMojo.java b/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/BuildDockerMojo.java index ef4faf1821..fe767af3f0 100644 --- a/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/BuildDockerMojo.java +++ b/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/BuildDockerMojo.java @@ -112,7 +112,7 @@ public void execute() throws MojoExecutionException, MojoFailureException { dockerExecutable, getDockerClientEnvironment(), mavenHelpfulSuggestionsBuilder.build()); - ProxyProvider.populateSystemProxyProperties( + MavenSettingsProxyProvider.activateHttpAndHttpsProxies( getSession().getSettings(), getSettingsDecrypter()); ImageReference targetImageReference = pluginConfigurationProcessor.getTargetImageReference(); diff --git a/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/BuildImageMojo.java b/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/BuildImageMojo.java index b33a58303b..041981f49e 100644 --- a/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/BuildImageMojo.java +++ b/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/BuildImageMojo.java @@ -103,7 +103,7 @@ public void execute() throws MojoExecutionException, MojoFailureException { new MavenSettingsServerCredentials( getSession().getSettings(), getSettingsDecrypter()), projectProperties); - ProxyProvider.populateSystemProxyProperties( + MavenSettingsProxyProvider.activateHttpAndHttpsProxies( getSession().getSettings(), getSettingsDecrypter()); ImageReference targetImageReference = pluginConfigurationProcessor.getTargetImageReference(); diff --git a/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/BuildTarMojo.java b/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/BuildTarMojo.java index cd2be26b56..413e099dc5 100644 --- a/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/BuildTarMojo.java +++ b/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/BuildTarMojo.java @@ -86,7 +86,7 @@ public void execute() throws MojoExecutionException, MojoFailureException { projectProperties, tarOutputPath, mavenHelpfulSuggestionsBuilder.build()); - ProxyProvider.populateSystemProxyProperties( + MavenSettingsProxyProvider.activateHttpAndHttpsProxies( getSession().getSettings(), getSettingsDecrypter()); HelpfulSuggestions helpfulSuggestions = diff --git a/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/ProxyProvider.java b/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/MavenSettingsProxyProvider.java similarity index 77% rename from jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/ProxyProvider.java rename to jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/MavenSettingsProxyProvider.java index 4738a09dd9..b61c67d184 100644 --- a/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/ProxyProvider.java +++ b/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/MavenSettingsProxyProvider.java @@ -18,9 +18,8 @@ import com.google.common.annotations.VisibleForTesting; import com.google.common.collect.ImmutableList; +import java.util.ArrayList; import java.util.List; -import java.util.Optional; -import java.util.stream.Collectors; import javax.annotation.Nullable; import org.apache.maven.plugin.MojoExecutionException; import org.apache.maven.settings.Proxy; @@ -32,33 +31,32 @@ import org.apache.maven.settings.crypto.SettingsDecryptionResult; /** Propagates proxy configuration from Maven settings to system properties. */ -class ProxyProvider { +class MavenSettingsProxyProvider { private static final ImmutableList PROXY_PROPERTIES = ImmutableList.of("proxyHost", "proxyPort", "proxyUser", "proxyPassword"); - private static final ImmutableList PROXY_PROTOCOLS = ImmutableList.of("https", "http"); /** - * Initializes proxy settings based on Maven settings. + * Initializes proxy settings based on Maven settings if they are not already set by the user + * directly. * * @param settings Maven settings */ - static void populateSystemProxyProperties(Settings settings, SettingsDecrypter decrypter) + static void activateHttpAndHttpsProxies(Settings settings, SettingsDecrypter decrypter) throws MojoExecutionException { - List proxies = - PROXY_PROTOCOLS - .stream() - .map( - protocol -> - settings - .getProxies() - .stream() - .filter(Proxy::isActive) - .filter(proxy -> protocol.equals(proxy.getProtocol())) - .findFirst()) - .filter(Optional::isPresent) - .map(Optional::get) - .collect(Collectors.toList()); + List proxies = new ArrayList<>(2); + for (String protocol : ImmutableList.of("http", "https")) { + if (areProxyPropertiesSet(protocol)) { + return; + } + settings + .getProxies() + .stream() + .filter(Proxy::isActive) + .filter(proxy -> protocol.equals(proxy.getProtocol())) + .findFirst() + .ifPresent(proxies::add); + } if (proxies.size() == 0) { return; @@ -75,7 +73,7 @@ static void populateSystemProxyProperties(Settings settings, SettingsDecrypter d } } - result.getProxies().forEach(ProxyProvider::setProxyProperties); + result.getProxies().forEach(MavenSettingsProxyProvider::setProxyProperties); } /** @@ -86,9 +84,6 @@ static void populateSystemProxyProperties(Settings settings, SettingsDecrypter d @VisibleForTesting static void setProxyProperties(Proxy proxy) { String protocol = proxy.getProtocol(); - if (areProxyPropertiesSet(protocol)) { - return; - } setPropertySafe(protocol + ".proxyHost", proxy.getHost()); setPropertySafe(protocol + ".proxyPort", String.valueOf(proxy.getPort())); diff --git a/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/MavenSettingsServerCredentials.java b/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/MavenSettingsServerCredentials.java index 122670bd94..a42d4a6f6e 100644 --- a/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/MavenSettingsServerCredentials.java +++ b/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/MavenSettingsServerCredentials.java @@ -56,7 +56,7 @@ class MavenSettingsServerCredentials implements InferredAuthProvider { * @return the auth info for the registry, or {@link Optional#empty} if none could be retrieved */ @Override - public Optional inferredAuth(String registry) throws InferredAuthException { + public Optional inferAuth(String registry) throws InferredAuthException { Server server = settings.getServer(registry); if (server == null) { diff --git a/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/ProxyProviderTest.java b/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/MavenSettingsProxyProviderTest.java similarity index 71% rename from jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/ProxyProviderTest.java rename to jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/MavenSettingsProxyProviderTest.java index 48c8575db2..cf4d579660 100644 --- a/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/ProxyProviderTest.java +++ b/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/MavenSettingsProxyProviderTest.java @@ -25,7 +25,7 @@ import org.apache.maven.settings.Proxy; import org.apache.maven.settings.Settings; import org.apache.maven.settings.crypto.SettingsDecrypter; -import org.hamcrest.core.StringStartsWith; +import org.hamcrest.CoreMatchers; import org.junit.After; import org.junit.Assert; import org.junit.Before; @@ -34,9 +34,9 @@ import org.junit.runner.RunWith; import org.mockito.junit.MockitoJUnitRunner; -/** Test for {@link ProxyProvider}. */ +/** Test for {@link MavenSettingsProxyProvider}. */ @RunWith(MockitoJUnitRunner.class) -public class ProxyProviderTest { +public class MavenSettingsProxyProviderTest { private static Settings noActiveProxiesSettings; private static Settings httpOnlyProxySettings; @@ -107,71 +107,71 @@ public void tearDown() { @Test public void testAreProxyPropertiesSet() { - Assert.assertFalse(ProxyProvider.areProxyPropertiesSet("http")); - Assert.assertFalse(ProxyProvider.areProxyPropertiesSet("https")); + Assert.assertFalse(MavenSettingsProxyProvider.areProxyPropertiesSet("http")); + Assert.assertFalse(MavenSettingsProxyProvider.areProxyPropertiesSet("https")); } @Test public void testAreProxyPropertiesSet_httpHostSet() { System.setProperty("http.proxyHost", "host"); - Assert.assertTrue(ProxyProvider.areProxyPropertiesSet("http")); - Assert.assertFalse(ProxyProvider.areProxyPropertiesSet("https")); + Assert.assertTrue(MavenSettingsProxyProvider.areProxyPropertiesSet("http")); + Assert.assertFalse(MavenSettingsProxyProvider.areProxyPropertiesSet("https")); } @Test public void testAreProxyPropertiesSet_httpsHostSet() { System.setProperty("https.proxyHost", "host"); - Assert.assertFalse(ProxyProvider.areProxyPropertiesSet("http")); - Assert.assertTrue(ProxyProvider.areProxyPropertiesSet("https")); + Assert.assertFalse(MavenSettingsProxyProvider.areProxyPropertiesSet("http")); + Assert.assertTrue(MavenSettingsProxyProvider.areProxyPropertiesSet("https")); } @Test public void testAreProxyPropertiesSet_httpPortSet() { System.setProperty("http.proxyPort", "port"); - Assert.assertTrue(ProxyProvider.areProxyPropertiesSet("http")); - Assert.assertFalse(ProxyProvider.areProxyPropertiesSet("https")); + Assert.assertTrue(MavenSettingsProxyProvider.areProxyPropertiesSet("http")); + Assert.assertFalse(MavenSettingsProxyProvider.areProxyPropertiesSet("https")); } @Test public void testAreProxyPropertiesSet_httpsPortSet() { System.setProperty("https.proxyPort", "port"); - Assert.assertFalse(ProxyProvider.areProxyPropertiesSet("http")); - Assert.assertTrue(ProxyProvider.areProxyPropertiesSet("https")); + Assert.assertFalse(MavenSettingsProxyProvider.areProxyPropertiesSet("http")); + Assert.assertTrue(MavenSettingsProxyProvider.areProxyPropertiesSet("https")); } @Test public void testAreProxyPropertiesSet_httpUserSet() { System.setProperty("http.proxyUser", "user"); - Assert.assertTrue(ProxyProvider.areProxyPropertiesSet("http")); - Assert.assertFalse(ProxyProvider.areProxyPropertiesSet("https")); + Assert.assertTrue(MavenSettingsProxyProvider.areProxyPropertiesSet("http")); + Assert.assertFalse(MavenSettingsProxyProvider.areProxyPropertiesSet("https")); } @Test public void testAreProxyPropertiesSet_httpsUserSet() { System.setProperty("https.proxyUser", "user"); - Assert.assertFalse(ProxyProvider.areProxyPropertiesSet("http")); - Assert.assertTrue(ProxyProvider.areProxyPropertiesSet("https")); + Assert.assertFalse(MavenSettingsProxyProvider.areProxyPropertiesSet("http")); + Assert.assertTrue(MavenSettingsProxyProvider.areProxyPropertiesSet("https")); } @Test public void testAreProxyPropertiesSet_httpPasswordSet() { System.setProperty("http.proxyPassword", "password"); - Assert.assertTrue(ProxyProvider.areProxyPropertiesSet("http")); - Assert.assertFalse(ProxyProvider.areProxyPropertiesSet("https")); + Assert.assertTrue(MavenSettingsProxyProvider.areProxyPropertiesSet("http")); + Assert.assertFalse(MavenSettingsProxyProvider.areProxyPropertiesSet("https")); } @Test public void testAreProxyPropertiesSet_httpsPasswordSet() { System.setProperty("https.proxyPassword", "password"); - Assert.assertFalse(ProxyProvider.areProxyPropertiesSet("http")); - Assert.assertTrue(ProxyProvider.areProxyPropertiesSet("https")); + Assert.assertFalse(MavenSettingsProxyProvider.areProxyPropertiesSet("http")); + Assert.assertTrue(MavenSettingsProxyProvider.areProxyPropertiesSet("https")); } @Test public void testAreProxyPropertiesSet_ignoresHttpNonProxyHosts() { System.setProperty("http.nonProxyHosts", "non proxy hosts"); - Assert.assertFalse(ProxyProvider.areProxyPropertiesSet("http")); - Assert.assertFalse(ProxyProvider.areProxyPropertiesSet("https")); + Assert.assertFalse(MavenSettingsProxyProvider.areProxyPropertiesSet("http")); + Assert.assertFalse(MavenSettingsProxyProvider.areProxyPropertiesSet("https")); } @Test @@ -184,7 +184,7 @@ public void testSetProxyProperties() { httpProxy.setPassword("pass"); httpProxy.setNonProxyHosts("non proxy hosts"); - ProxyProvider.setProxyProperties(httpProxy); + MavenSettingsProxyProvider.setProxyProperties(httpProxy); Assert.assertEquals("host", System.getProperty("http.proxyHost")); Assert.assertEquals("1080", System.getProperty("http.proxyPort")); Assert.assertEquals("user", System.getProperty("http.proxyUser")); @@ -197,7 +197,7 @@ public void testSetProxyProperties() { httpsProxy.setPort(1443); httpsProxy.setUsername("https user"); httpsProxy.setPassword("https pass"); - ProxyProvider.setProxyProperties(httpsProxy); + MavenSettingsProxyProvider.setProxyProperties(httpsProxy); Assert.assertEquals("https host", System.getProperty("https.proxyHost")); Assert.assertEquals("1443", System.getProperty("https.proxyPort")); Assert.assertEquals("https user", System.getProperty("https.proxyUser")); @@ -210,7 +210,7 @@ public void testSetProxyProperties_someValuesUndefined() { httpProxy.setProtocol("http"); httpProxy.setHost("http://host"); - ProxyProvider.setProxyProperties(httpProxy); + MavenSettingsProxyProvider.setProxyProperties(httpProxy); Assert.assertEquals("http://host", System.getProperty("http.proxyHost")); Assert.assertNull(System.getProperty("http.proxyUser")); Assert.assertNull(System.getProperty("http.proxyPassword")); @@ -220,56 +220,60 @@ public void testSetProxyProperties_someValuesUndefined() { httpsProxy.setProtocol("https"); httpsProxy.setUsername("https user"); httpsProxy.setPassword("https pass"); - ProxyProvider.setProxyProperties(httpsProxy); + MavenSettingsProxyProvider.setProxyProperties(httpsProxy); Assert.assertNull(System.getProperty("https.proxyHost")); Assert.assertEquals("https user", System.getProperty("https.proxyUser")); Assert.assertEquals("https pass", System.getProperty("https.proxyPassword")); } @Test - public void testPopulateSystemProxyProperties_noActiveProxy() throws MojoExecutionException { + public void testActivateHttpAndHttpsProxies_noActiveProxy() throws MojoExecutionException { - ProxyProvider.populateSystemProxyProperties(noActiveProxiesSettings, settingsDecrypter); + MavenSettingsProxyProvider.activateHttpAndHttpsProxies( + noActiveProxiesSettings, settingsDecrypter); Assert.assertNull(System.getProperty("http.proxyHost")); Assert.assertNull(System.getProperty("https.proxyHost")); } @Test - public void testPopulateSystemProxyProperties_firstActiveHttpProxy() - throws MojoExecutionException { - ProxyProvider.populateSystemProxyProperties(httpOnlyProxySettings, settingsDecrypter); + public void testActivateHttpAndHttpsProxies_firstActiveHttpProxy() throws MojoExecutionException { + MavenSettingsProxyProvider.activateHttpAndHttpsProxies( + httpOnlyProxySettings, settingsDecrypter); Assert.assertEquals("proxy2.example.com", System.getProperty("http.proxyHost")); Assert.assertNull(System.getProperty("https.proxyHost")); } @Test - public void testPopulateSystemProxyProperties_firstActiveHttpsProxy() + public void testActivateHttpAndHttpsProxies_firstActiveHttpsProxy() throws MojoExecutionException { - ProxyProvider.populateSystemProxyProperties(httpsOnlyProxySettings, settingsDecrypter); + MavenSettingsProxyProvider.activateHttpAndHttpsProxies( + httpsOnlyProxySettings, settingsDecrypter); Assert.assertEquals("proxy2.example.com", System.getProperty("https.proxyHost")); Assert.assertNull(System.getProperty("http.proxyHost")); } @Test - public void testPopulateSystemProxyProperties_EncryptedProxy() throws MojoExecutionException { - ProxyProvider.populateSystemProxyProperties(mixedProxyEncryptedSettings, settingsDecrypter); + public void testActivateHttpAndHttpsProxies_encryptedProxy() throws MojoExecutionException { + MavenSettingsProxyProvider.activateHttpAndHttpsProxies( + mixedProxyEncryptedSettings, settingsDecrypter); Assert.assertEquals("password1", System.getProperty("http.proxyPassword")); Assert.assertEquals("password2", System.getProperty("https.proxyPassword")); } @Test - public void testPopulateSystemProxyProperties_decryptionFailure() { + public void testActivateHttpAndHttpsProxies_decryptionFailure() { try { - ProxyProvider.populateSystemProxyProperties(badProxyEncryptedSettings, settingsDecrypter); + MavenSettingsProxyProvider.activateHttpAndHttpsProxies( + badProxyEncryptedSettings, settingsDecrypter); Assert.fail(); } catch (MojoExecutionException ex) { Assert.assertThat( ex.getMessage(), - StringStartsWith.startsWith("Unable to decrypt proxy info from settings.xml:")); + CoreMatchers.startsWith("Unable to decrypt proxy info from settings.xml:")); } } } diff --git a/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/MavenSettingsServerCredentialsTest.java b/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/MavenSettingsServerCredentialsTest.java index 6d7fc9b68d..45e6c04682 100644 --- a/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/MavenSettingsServerCredentialsTest.java +++ b/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/MavenSettingsServerCredentialsTest.java @@ -21,7 +21,7 @@ import java.nio.file.Path; import java.nio.file.Paths; import java.util.Optional; -import org.hamcrest.core.StringStartsWith; +import org.hamcrest.CoreMatchers; import org.junit.Assert; import org.junit.Before; import org.junit.Test; @@ -52,19 +52,18 @@ public void setUp() { @Test public void testInferredAuth_decrypterFailure() { try { - mavenSettingsServerCredentials.inferredAuth("badServer"); + mavenSettingsServerCredentials.inferAuth("badServer"); Assert.fail(); } catch (InferredAuthException ex) { Assert.assertThat( ex.getMessage(), - StringStartsWith.startsWith( - "Unable to decrypt server(badServer) info from settings.xml:")); + CoreMatchers.startsWith("Unable to decrypt server(badServer) info from settings.xml:")); } } @Test public void testInferredAuth_successEncrypted() throws InferredAuthException { - Optional auth = mavenSettingsServerCredentials.inferredAuth("encryptedServer"); + Optional auth = mavenSettingsServerCredentials.inferAuth("encryptedServer"); Assert.assertTrue(auth.isPresent()); Assert.assertEquals("encryptedUser", auth.get().getUsername()); Assert.assertEquals("password1", auth.get().getPassword()); @@ -72,7 +71,7 @@ public void testInferredAuth_successEncrypted() throws InferredAuthException { @Test public void testInferredAuth_successUnencrypted() throws InferredAuthException { - Optional auth = mavenSettingsServerCredentials.inferredAuth("simpleServer"); + Optional auth = mavenSettingsServerCredentials.inferAuth("simpleServer"); Assert.assertTrue(auth.isPresent()); Assert.assertEquals("simpleUser", auth.get().getUsername()); Assert.assertEquals("password2", auth.get().getPassword()); @@ -81,7 +80,7 @@ public void testInferredAuth_successUnencrypted() throws InferredAuthException { @Test public void testInferredAuth_successNoPasswordDoesNotBlowUp() throws InferredAuthException { Optional auth = - mavenSettingsServerCredentialsNoMasterPassword.inferredAuth("simpleServer"); + mavenSettingsServerCredentialsNoMasterPassword.inferAuth("simpleServer"); Assert.assertTrue(auth.isPresent()); Assert.assertEquals("simpleUser", auth.get().getUsername()); Assert.assertEquals("password2", auth.get().getPassword()); @@ -89,6 +88,6 @@ public void testInferredAuth_successNoPasswordDoesNotBlowUp() throws InferredAut @Test public void testInferredAuth_notFound() throws InferredAuthException { - Assert.assertFalse(mavenSettingsServerCredentials.inferredAuth("serverUnknown").isPresent()); + Assert.assertFalse(mavenSettingsServerCredentials.inferAuth("serverUnknown").isPresent()); } } diff --git a/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/InferredAuthProvider.java b/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/InferredAuthProvider.java index ed25efd0c3..6b4e03ce5a 100644 --- a/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/InferredAuthProvider.java +++ b/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/InferredAuthProvider.java @@ -28,5 +28,5 @@ public interface InferredAuthProvider { * @return auth information for the registry (can be empty) * @throws InferredAuthException if the auth discovery process resulted in a fatal error */ - Optional inferredAuth(String registry) throws InferredAuthException; + Optional inferAuth(String registry) throws InferredAuthException; } diff --git a/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/PluginConfigurationProcessor.java b/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/PluginConfigurationProcessor.java index b097993a35..493a18f7b9 100644 --- a/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/PluginConfigurationProcessor.java +++ b/jib-plugins-common/src/main/java/com/google/cloud/tools/jib/plugins/common/PluginConfigurationProcessor.java @@ -417,7 +417,7 @@ private static boolean configureCredentialRetrievers( } else { try { Optional optionalInferredAuth = - inferredAuthProvider.inferredAuth(imageReference.getRegistry()); + inferredAuthProvider.inferAuth(imageReference.getRegistry()); credentialPresent = optionalInferredAuth.isPresent(); if (optionalInferredAuth.isPresent()) { AuthProperty auth = optionalInferredAuth.get(); From 1e99166d3282d7bfb7bb1ef7623c623e87594e37 Mon Sep 17 00:00:00 2001 From: Appu Goundan Date: Mon, 13 May 2019 17:40:17 -0400 Subject: [PATCH 6/6] only skip the protocol that is set, not all --- .../jib/maven/MavenSettingsProxyProvider.java | 2 +- .../maven/MavenSettingsProxyProviderTest.java | 22 +++++++++++++++++++ 2 files changed, 23 insertions(+), 1 deletion(-) diff --git a/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/MavenSettingsProxyProvider.java b/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/MavenSettingsProxyProvider.java index b61c67d184..00152be27c 100644 --- a/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/MavenSettingsProxyProvider.java +++ b/jib-maven-plugin/src/main/java/com/google/cloud/tools/jib/maven/MavenSettingsProxyProvider.java @@ -47,7 +47,7 @@ static void activateHttpAndHttpsProxies(Settings settings, SettingsDecrypter dec List proxies = new ArrayList<>(2); for (String protocol : ImmutableList.of("http", "https")) { if (areProxyPropertiesSet(protocol)) { - return; + continue; } settings .getProxies() diff --git a/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/MavenSettingsProxyProviderTest.java b/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/MavenSettingsProxyProviderTest.java index cf4d579660..f0d1c08a5c 100644 --- a/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/MavenSettingsProxyProviderTest.java +++ b/jib-maven-plugin/src/test/java/com/google/cloud/tools/jib/maven/MavenSettingsProxyProviderTest.java @@ -264,6 +264,28 @@ public void testActivateHttpAndHttpsProxies_encryptedProxy() throws MojoExecutio Assert.assertEquals("password2", System.getProperty("https.proxyPassword")); } + @Test + public void testActivateHttpAndHttpsProxies_dontOverwriteUserHttp() + throws MojoExecutionException { + System.setProperty("http.proxyHost", "host"); + MavenSettingsProxyProvider.activateHttpAndHttpsProxies( + mixedProxyEncryptedSettings, settingsDecrypter); + + Assert.assertNull(System.getProperty("http.proxyPassword")); + Assert.assertEquals("password2", System.getProperty("https.proxyPassword")); + } + + @Test + public void testActivateHttpAndHttpsProxies_dontOverwriteUserHttps() + throws MojoExecutionException { + System.setProperty("https.proxyHost", "host"); + MavenSettingsProxyProvider.activateHttpAndHttpsProxies( + mixedProxyEncryptedSettings, settingsDecrypter); + + Assert.assertEquals("password1", System.getProperty("http.proxyPassword")); + Assert.assertNull(System.getProperty("https.proxyPassword")); + } + @Test public void testActivateHttpAndHttpsProxies_decryptionFailure() { try {