root
/
jenkins
mirror of https://github.com/jenkinsci/jenkins.git
1
0
Fork 0
Code Issues Actions 2 Packages Projects Releases Wiki Activity

More test fixups related to JTH change (#9767)

This commit is contained in:
Jesse Glick 2024-09-20 21:51:17 -04:00 committed by GitHub
parent 79d1f7af9d
commit f5ccd65e4e
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 28 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
test/src/test/java/hudson/slaves/JNLPLauncherRealTest.java
View File

@ -25,7 +25,7 @@
package hudson.slaves; package hudson.slaves;
import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.endsWith; import static org.hamcrest.Matchers.hasKey;
import static org.hamcrest.Matchers.is; import static org.hamcrest.Matchers.is;
import hudson.ExtensionList; import hudson.ExtensionList;
@ -104,7 +104,7 @@ public class JNLPLauncherRealTest {
p.setAssignedNode(agent); p.setAssignedNode(agent);
FreeStyleBuild b = r.buildAndAssertSuccess(p); FreeStyleBuild b = r.buildAndAssertSuccess(p);
if (webSocket) { if (webSocket) {
assertThat(agent.toComputer().getSystemProperties().get("java.class.path").toString(), endsWith("agent.jar")); assertThat(agent.toComputer().getSystemProperties(), hasKey("os.name"));
} }
System.err.println(JenkinsRule.getLog(b)); System.err.println(JenkinsRule.getLog(b));
} }

36
test/src/test/java/jenkins/security/Security3430Test.java
View File

@ -38,9 +38,9 @@ import org.apache.commons.io.IOUtils;
import org.hamcrest.Description; import org.hamcrest.Description;
import org.hamcrest.Matcher; import org.hamcrest.Matcher;
import org.hamcrest.TypeSafeMatcher; import org.hamcrest.TypeSafeMatcher;
import org.junit.Ignore;
import org.junit.Rule; import org.junit.Rule;
import org.junit.Test; import org.junit.Test;
import org.junit.rules.TemporaryFolder;
import org.jvnet.hudson.test.InboundAgentRule; import org.jvnet.hudson.test.InboundAgentRule;
import org.jvnet.hudson.test.JenkinsRule; import org.jvnet.hudson.test.JenkinsRule;
import org.jvnet.hudson.test.RealJenkinsRule; import org.jvnet.hudson.test.RealJenkinsRule;
@ -54,6 +54,9 @@ public class Security3430Test {
@Rule @Rule
public InboundAgentRule agents = new InboundAgentRule(); public InboundAgentRule agents = new InboundAgentRule();
@Rule
public TemporaryFolder tmp = new TemporaryFolder();
@Test @Test
public void runWithOldestSupportedAgentJar() throws Throwable { public void runWithOldestSupportedAgentJar() throws Throwable {
runWithRemoting(RemotingVersionInfo.getMinimumSupportedVersion().toString(), "/old-remoting/remoting-minimum-supported.jar", true); runWithRemoting(RemotingVersionInfo.getMinimumSupportedVersion().toString(), "/old-remoting/remoting-minimum-supported.jar", true);
@ -64,22 +67,16 @@ public class Security3430Test {
runWithRemoting("3256.v88a_f6e922152", "/old-remoting/remoting-before-SECURITY-3430-fix.jar", true); runWithRemoting("3256.v88a_f6e922152", "/old-remoting/remoting-before-SECURITY-3430-fix.jar", true);
} }
@Ignore("TODO Expected: is an empty collection; but: <[Allowing URL: file:/…/test/target/webroot…/WEB-INF/lib/stapler-1903.v994a_db_314d58.jar, Determined to be core jar: file:/…/test/target/webroot…/WEB-INF/lib/stapler-1903.v994a_db_314d58.jar]>")
@Test @Test
public void runWithCurrentAgentJar() throws Throwable { public void runWithCurrentAgentJar() throws Throwable {
runWithRemoting(null, null, false); runWithRemoting(Launcher.VERSION, null, false);
} }
private void runWithRemoting(String expectedRemotingVersion, String remotingResourcePath, boolean requestingJarFromAgent) throws Throwable { private void runWithRemoting(String expectedRemotingVersion, String remotingResourcePath, boolean requestingJarFromAgent) throws Throwable {
if (expectedRemotingVersion != null) {
// TODO brittle; rather call InboundAgentRule.start(AgentArguments, Options) with a known agentJar
FileUtils.copyURLToFile(Security3430Test.class.getResource(remotingResourcePath), new File(System.getProperty("java.io.tmpdir"), "agent.jar"));
}
jj.startJenkins(); jj.startJenkins();
final String agentName = "agent1"; final String agentName = "agent1";
try { try {
agents.createAgent(jj, InboundAgentRule.Options.newBuilder().name(agentName).build()); createAgent(agentName, remotingResourcePath);
jj.runRemotely(Security3430Test::_run, agentName, expectedRemotingVersion, requestingJarFromAgent, true); jj.runRemotely(Security3430Test::_run, agentName, expectedRemotingVersion, requestingJarFromAgent, true);
} finally { } finally {
agents.stop(jj, agentName); agents.stop(jj, agentName);
@ -87,13 +84,31 @@ public class Security3430Test {
jj.runRemotely(Security3430Test::disableJarURLValidatorImpl); jj.runRemotely(Security3430Test::disableJarURLValidatorImpl);
final String agentName2 = "agent2"; final String agentName2 = "agent2";
try { try {
agents.createAgent(jj, InboundAgentRule.Options.newBuilder().name(agentName2).build()); createAgent(agentName2, remotingResourcePath);
jj.runRemotely(Security3430Test::_run, agentName2, expectedRemotingVersion, requestingJarFromAgent, false); jj.runRemotely(Security3430Test::_run, agentName2, expectedRemotingVersion, requestingJarFromAgent, false);
} finally { } finally {
agents.stop(jj, agentName2); agents.stop(jj, agentName2);
} }
} }
private void createAgent(String name, String remotingResourcePath) throws Throwable {
if (remotingResourcePath != null) {
var jar = tmp.newFile(name + ".jar");
FileUtils.copyURLToFile(Security3430Test.class.getResource(remotingResourcePath), jar);
// TODO awkward, especially as InboundAgentRule.getAgentArguments is private;
// would be helpful to have an option for a specific agent JAR:
var opts = InboundAgentRule.Options.newBuilder().name(name).skipStart().build();
agents.createAgent(jj, opts);
agents.start(new InboundAgentRule.AgentArguments(jj.getUrl() + "computer/" + name + "/slave-agent.jnlp", jar, jj.runRemotely(Security3430Test::getJnlpMac, name), 1, List.of()), opts);
} else {
agents.createAgent(jj, InboundAgentRule.Options.newBuilder().name(name).build());
}
}
private static String getJnlpMac(JenkinsRule r, String name) throws Throwable {
return ((SlaveComputer) r.jenkins.getComputer(name)).getJnlpMac();
}
// This is quite artificial, but demonstrating that without JarURLValidatorImpl we do not allow any calls from the agent: // This is quite artificial, but demonstrating that without JarURLValidatorImpl we do not allow any calls from the agent:
private static void disableJarURLValidatorImpl(JenkinsRule j) { private static void disableJarURLValidatorImpl(JenkinsRule j) {
assertTrue(ExtensionList.lookup(ChannelConfigurator.class).remove(ExtensionList.lookupSingleton(JarURLValidatorImpl.class))); assertTrue(ExtensionList.lookup(ChannelConfigurator.class).remove(ExtensionList.lookupSingleton(JarURLValidatorImpl.class)));
@ -114,6 +129,7 @@ public class Security3430Test {
final Computer computer = j.jenkins.getComputer(agentName); final Computer computer = j.jenkins.getComputer(agentName);
assertThat(computer, instanceOf(SlaveComputer.class)); assertThat(computer, instanceOf(SlaveComputer.class));
SlaveComputer agent = (SlaveComputer) computer; SlaveComputer agent = (SlaveComputer) computer;
j.waitOnline(agent.getNode());
final Channel channel = agent.getChannel(); final Channel channel = agent.getChannel();
if (expectedRemotingVersion != null) { if (expectedRemotingVersion != null) {
final String result = channel.call(new AgentVersionCallable()); final String result = channel.call(new AgentVersionCallable());