[JENKINS-75073] Missing serverUrl in fillCredentialsIdItems cause some credentials missing in the initial configuration #953
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
src/main/java/com/cloudbees/jenkins/plugins/bitbucket/BitbucketSCMNavigator.java
Fixed
Show fixed
Hide fixed
src/main/java/com/cloudbees/jenkins/plugins/bitbucket/BitbucketSCMNavigator.java
Fixed
Show fixed
Hide fixed
| } | ||
|
|
||
| @SuppressWarnings("unused") // used By stapler | ||
| public static FormValidation doCheckMirrorId(@QueryParameter String value, @QueryParameter String serverUrl) { | ||
| public static FormValidation doCheckMirrorId(@QueryParameter String value, |
Check warning
Code scanning / Jenkins Security Scan
Stapler: Missing permission check Warning
src/main/java/com/cloudbees/jenkins/plugins/bitbucket/BitbucketSCMSource.java
Fixed
Show fixed
Hide fixed
| @@ -1349,10 +1353,11 @@ | |||
| } | |||
|
|
|||
| @SuppressWarnings("unused") // used By stapler | |||
| public static FormValidation doCheckMirrorId(@QueryParameter String value, @QueryParameter String serverUrl) { | |||
| public static FormValidation doCheckMirrorId(@QueryParameter String value, | |||
Check warning
Code scanning / Jenkins Security Scan
Stapler: Missing permission check Warning
There was a problem hiding this comment.
CodeQL found more than 20 potential problems in the proposed changes. Check the Files changed tab for more details.
| endpoint = new BitbucketServerEndpoint(null, serverURL, false, null); | ||
| } | ||
| AbstractBitbucketEndpoint endpoint = BitbucketEndpointConfiguration.get() | ||
| .findEndpoint(serverURL) |
There was a problem hiding this comment.
serverURL is never null because scmSource.getServerUrl() return a non null value (default is cloud).
normalizeServerUrl is useless here
src/main/java/com/cloudbees/jenkins/plugins/bitbucket/BitbucketSCMNavigator.java
Show resolved
Hide resolved
| @@ -74,7 +73,7 @@ public BitbucketSCMSourceBuilder(@CheckForNull String id, @NonNull String server | |||
| @NonNull String repoName, @CheckForNull String mirrorId) { | |||
| super(BitbucketSCMSource.class, repoName); | |||
| this.id = id; | |||
| this.serverUrl = BitbucketEndpointConfiguration.normalizeServerUrl(serverUrl); | |||
| this.serverUrl = serverUrl; | |||
There was a problem hiding this comment.
it is declared nonnull normalizeServerUrl is useless to default empty to bitbucket cloud
| @@ -324,7 +324,7 @@ public static String normalizeServerUrl(@CheckForNull String serverUrl) { | |||
| } catch (URISyntaxException e) { | |||
| // ignore, this was a best effort tidy-up | |||
| } | |||
| return serverUrl.replaceAll("/$", ""); | |||
| return serverURL.replaceAll("/$", ""); | |||
There was a problem hiding this comment.
which server url could have /$ ?
If serverUrl contains variable than any /${VAR} will be translated to {VAR} and will not work in any bitbucket client
nfalco79
force-pushed
the
feature/JENKINS-75073
branch
6 times, most recently
from
f70043e to
7ff7bc3
Compare
|
Fixes #608 |
nfalco79
force-pushed
the
feature/JENKINS-75073
branch
2 times, most recently
from
d7235d1 to
0f1552e
Compare
nfalco79
force-pushed
the
feature/JENKINS-75073
branch
4 times, most recently
from
2a4408e to
4a65742
Compare
| MockAuthorizationStrategy mockStrategy = new MockAuthorizationStrategy(); | ||
| mockStrategy.grant(Jenkins.MANAGE).onRoot().to("admin"); | ||
| j.jenkins.setAuthorizationStrategy(mockStrategy); | ||
| try (ACLContext context = ACL.as(User.get("admin"))) { |
Check notice
Code scanning / CodeQL
Deprecated method or constructor invocation Note test
nfalco79
force-pushed
the
feature/JENKINS-75073
branch
2 times, most recently
from
50d80b9 to
d142bf4
Compare
| super(manageHooks, credentialsId); | ||
| this.serverUrl = BitbucketEndpointConfiguration.normalizeServerUrl(serverUrl); | ||
|
|
Check warning
Code scanning / CodeQL
Dereferenced variable may be null Warning
nfalco79
force-pushed
the
feature/JENKINS-75073
branch
4 times, most recently
from
a775182 to
9c6a177
Compare
…e credentials missing in the initial configuration If the number of server instances is only one, when a new Jenkins project is created the server list combobox is not available. This causes, in the UI component that loads credentials, to pass the stapler parameter serverUrl as an empty string. In this scenario, serverUrl must be taken from the first of configured endpoints so that it can properly filter the list of credentials. Move some unit test to JUnit5
nfalco79
force-pushed
the
feature/JENKINS-75073
branch
from
9c6a177 to
0cbd6b6
Compare
If the number of server instances is only one, when a new Jenkins project is created the server list combobox is not available. This causes, in the UI component that loads credentials, to pass the stapler parameter serverUrl as an empty string.
In this scenario, serverUrl must be taken from the first of configured endpoints so that it can properly filter the list of credentials.
Test why and the use case to normalizeServerUrl must be bitbucket cloud if server url is null