Filter settings.xml properties without collecting envs (#60)

* Update build-info version to 2.39.8
jfrog · Mar 23, 2023 · c9e13c9 · c9e13c9
1 parent 6c468ce
commit c9e13c9
Show file tree

Hide file tree

Showing 41 changed files with 1,434 additions and 19 deletions.
diff --git a/pom.xml b/pom.xml
@@ -13,7 +13,7 @@
 
     <properties>
         <maven.min.version>3.3.9</maven.min.version>
-        <buildinfo.version>2.39.6</buildinfo.version>
+        <buildinfo.version>2.39.8</buildinfo.version>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <maven.compiler.source>1.8</maven.compiler.source>
         <maven.compiler.target>1.8</maven.compiler.target>

diff --git a/src/main/java/org/jfrog/buildinfo/deployment/BuildInfoRecorder.java b/src/main/java/org/jfrog/buildinfo/deployment/BuildInfoRecorder.java
@@ -39,6 +39,7 @@
 
 import static org.jfrog.build.extractor.BuildInfoExtractorUtils.getModuleIdString;
 import static org.jfrog.build.extractor.BuildInfoExtractorUtils.getTypeString;
+import static org.jfrog.build.extractor.packageManager.PackageManagerUtils.filterBuildInfoProperties;
 import static org.jfrog.buildinfo.utils.Utils.getArtifactName;
 import static org.jfrog.buildinfo.utils.Utils.getDeploymentPath;
 import static org.jfrog.buildinfo.utils.Utils.getFileExtension;
@@ -164,7 +165,7 @@ public BuildInfo extract(ExecutionEvent event) {
 
         long time = new Date().getTime() - session.getRequest().getStartTime().getTime();
         BuildInfo buildInfo = buildInfoBuilder.durationMillis(time).build();
-        PackageManagerUtils.collectAndFilterEnvIfNeeded(conf, buildInfo);
+        PackageManagerUtils.collectEnvAndFilterProperties(conf, buildInfo);
         return buildInfo;
     }
 

diff --git a/src/test/java/org/jfrog/buildinfo/integration/ArtifactoryPluginITest.java b/src/test/java/org/jfrog/buildinfo/integration/ArtifactoryPluginITest.java
@@ -28,7 +28,6 @@
 import java.util.Comparator;
 import java.util.List;
 import java.util.Objects;
-import java.util.Properties;
 
 import static org.mockserver.model.HttpRequest.request;
 
@@ -137,6 +136,23 @@ private void testMultiModule(String projectName) throws Exception {
         }
     }
 
+    /**
+     * Check exclude modules properties with <includeEnvVars>false</includeEnvVars>
+     */
+    public void testMultiModuleModuleEnv() throws Exception {
+        try (ClientAndServer mockServer = ClientAndServer.startClientAndServer(8081)) {
+            initializeMockServer(mockServer);
+            runProject("multi-module-filter-modules-properties");
+
+            // Extract build from request
+            BuildInfo build = getBuild(mockServer);
+
+            // Check include exclude properties
+            build.getModules().forEach((value) -> assertFalse(value.getProperties().containsKey("password")));
+            build.getModules().forEach((value) -> assertTrue(value.getProperties().containsKey("username")));
+        }
+    }
+
     public void testMavenArchetypeExample() throws Exception {
         try (ClientAndServer mockServer = ClientAndServer.startClientAndServer(8081)) {
             initializeMockServer(mockServer);
@@ -152,7 +168,7 @@ public void testMavenArchetypeExample() throws Exception {
             Module module = build.getModule("org.example:maven-archetype-simple:1.0-SNAPSHOT");
             assertEquals(MAVEN_ARC_ARTIFACTS.length, CollectionUtils.size(module.getArtifacts()));
             assertNotSame(Collections.EMPTY_LIST, module.getDependencies());
-            assertEquals(4, CollectionUtils.size(module.getProperties()));
+            assertEquals(5, CollectionUtils.size(module.getProperties()));
         }
     }
 
@@ -215,14 +231,7 @@ private void checkDeployedArtifacts(ClientAndServer mockServer, String[] expecte
      * @throws JsonProcessingException - In case of parsing error
      */
     private BuildInfo getAndAssertBuild(ClientAndServer mockServer) throws JsonProcessingException {
-        RequestDefinition[] requestDefinitions = mockServer.retrieveRecordedRequests(request("/artifactory/api/build"));
-        assertEquals(1, ArrayUtils.getLength(requestDefinitions));
-        RequestDefinition buildInfoRequest = requestDefinitions[0];
-        ObjectMapper mapper = new ObjectMapper();
-        JsonNode buildInfoRequestNode = mapper.readTree(buildInfoRequest.toString());
-        JsonNode body = buildInfoRequestNode.get("body");
-        JsonNode json = body.get("json");
-        BuildInfo build = mapper.readValue(json.toString(), BuildInfo.class);
+        BuildInfo build = getBuild(mockServer);
         assertNotNull(build);
 
         // Check common fields
@@ -235,15 +244,21 @@ private BuildInfo getAndAssertBuild(ClientAndServer mockServer) throws JsonProce
         assertTrue(build.getDurationMillis() > 0);
         assertFalse(build.getProperties().isEmpty());
 
-        // Check include exclude properties
-        Properties propertyExpectedToBeFiltered = new Properties();
-        Properties propertyIsNotExpectedToBeFiltered = new Properties();
-        propertyExpectedToBeFiltered.put("password", "password-password");
-        propertyIsNotExpectedToBeFiltered.put("username", "admin-admin");
         // Check build properties exclude
-        assertFalse(build.getProperties().contains(propertyExpectedToBeFiltered));
+        assertFalse(build.getProperties().containsKey("password"));
         // Check module properties exclude
-        build.getModules().forEach((value) -> assertFalse(value.getProperties().contains(propertyExpectedToBeFiltered)));
+        build.getModules().forEach((value) -> assertFalse(value.getProperties().containsKey("password")));
         return build;
     }
+
+    private BuildInfo getBuild(ClientAndServer mockServer) throws JsonProcessingException {
+        RequestDefinition[] requestDefinitions = mockServer.retrieveRecordedRequests(request("/artifactory/api/build"));
+        assertEquals(1, ArrayUtils.getLength(requestDefinitions));
+        RequestDefinition buildInfoRequest = requestDefinitions[0];
+        ObjectMapper mapper = new ObjectMapper();
+        JsonNode buildInfoRequestNode = mapper.readTree(buildInfoRequest.toString());
+        JsonNode body = buildInfoRequestNode.get("body");
+        JsonNode json = body.get("json");
+        return mapper.readValue(json.toString(), BuildInfo.class);
+    }
 }
diff --git a/src/test/resources/integration/maven-archetype-simple/settings.xml b/src/test/resources/integration/maven-archetype-simple/settings.xml
@@ -0,0 +1,15 @@
+<settings>
+    <profiles>
+        <profile>
+            <id>artifactory-plugin-properties</id>
+            <properties>
+                <username>admin-admin</username>
+                <password>password-password</password>
+            </properties>
+        </profile>
+    </profiles>
+
+    <activeProfiles>
+        <activeProfile>artifactory-plugin-properties</activeProfile>
+    </activeProfiles>
+</settings>
diff --git a/src/test/resources/integration/multi-module-filter-modules-properties/dotgit/HEAD b/src/test/resources/integration/multi-module-filter-modules-properties/dotgit/HEAD
@@ -0,0 +1 @@
+ref: refs/heads/master
diff --git a/src/test/resources/integration/multi-module-filter-modules-properties/dotgit/config b/src/test/resources/integration/multi-module-filter-modules-properties/dotgit/config
@@ -0,0 +1,13 @@
+[core]
+	repositoryformatversion = 0
+	filemode = true
+	bare = false
+	logallrefupdates = true
+	ignorecase = true
+	precomposeunicode = true
+[remote "origin"]
+	url = https://github.com/jfrog/project-examples.git
+	fetch = +refs/heads/*:refs/remotes/origin/*
+[branch "master"]
+	remote = origin
+	merge = refs/heads/master
diff --git a/src/test/resources/integration/multi-module-filter-modules-properties/dotgit/description b/src/test/resources/integration/multi-module-filter-modules-properties/dotgit/description
@@ -0,0 +1 @@
+Unnamed repository; edit this file 'description' to name the repository.
diff --git a/...ces/integration/multi-module-filter-modules-properties/dotgit/hooks/applypatch-msg.sample b/...ces/integration/multi-module-filter-modules-properties/dotgit/hooks/applypatch-msg.sample
@@ -0,0 +1,15 @@
+#!/bin/sh
+#
+# An example hook script to check the commit log message taken by
+# applypatch from an e-mail message.
+#
+# The hook should exit with non-zero status after issuing an
+# appropriate message if it wants to stop the commit.  The hook is
+# allowed to edit the commit message file.
+#
+# To enable this hook, rename this file to "applypatch-msg".
+
+. git-sh-setup
+commitmsg="$(git rev-parse --git-path hooks/commit-msg)"
+test -x "$commitmsg" && exec "$commitmsg" ${1+"$@"}
+:
diff --git a/...sources/integration/multi-module-filter-modules-properties/dotgit/hooks/commit-msg.sample b/...sources/integration/multi-module-filter-modules-properties/dotgit/hooks/commit-msg.sample
@@ -0,0 +1,24 @@
+#!/bin/sh
+#
+# An example hook script to check the commit log message.
+# Called by "git commit" with one argument, the name of the file
+# that has the commit message.  The hook should exit with non-zero
+# status after issuing an appropriate message if it wants to stop the
+# commit.  The hook is allowed to edit the commit message file.
+#
+# To enable this hook, rename this file to "commit-msg".
+
+# Uncomment the below to add a Signed-off-by line to the message.
+# Doing this in a hook is a bad idea in general, but the prepare-commit-msg
+# hook is more suited to it.
+#
+# SOB=$(git var GIT_AUTHOR_IDENT | sed -n 's/^\(.*>\).*$/Signed-off-by: \1/p')
+# grep -qs "^$SOB" "$1" || echo "$SOB" >> "$1"
+
+# This example catches duplicate Signed-off-by lines.
+
+test "" = "$(grep '^Signed-off-by: ' "$1" |
+	 sort | uniq -c | sed -e '/^[ 	]*1[ 	]/d')" || {
+	echo >&2 Duplicate Signed-off-by lines.
+	exit 1
+}
diff --git a/...integration/multi-module-filter-modules-properties/dotgit/hooks/fsmonitor-watchman.sample b/...integration/multi-module-filter-modules-properties/dotgit/hooks/fsmonitor-watchman.sample
@@ -0,0 +1,173 @@
+#!/usr/bin/perl
+
+use strict;
+use warnings;
+use IPC::Open2;
+
+# An example hook script to integrate Watchman
+# (https://facebook.github.io/watchman/) with git to speed up detecting
+# new and modified files.
+#
+# The hook is passed a version (currently 2) and last update token
+# formatted as a string and outputs to stdout a new update token and
+# all files that have been modified since the update token. Paths must
+# be relative to the root of the working tree and separated by a single NUL.
+#
+# To enable this hook, rename this file to "query-watchman" and set
+# 'git config core.fsmonitor .git/hooks/query-watchman'
+#
+my ($version, $last_update_token) = @ARGV;
+
+# Uncomment for debugging
+# print STDERR "$0 $version $last_update_token\n";
+
+# Check the hook interface version
+if ($version ne 2) {
+	die "Unsupported query-fsmonitor hook version '$version'.\n" .
+	    "Falling back to scanning...\n";
+}
+
+my $git_work_tree = get_working_dir();
+
+my $retry = 1;
+
+my $json_pkg;
+eval {
+	require JSON::XS;
+	$json_pkg = "JSON::XS";
+	1;
+} or do {
+	require JSON::PP;
+	$json_pkg = "JSON::PP";
+};
+
+launch_watchman();
+
+sub launch_watchman {
+	my $o = watchman_query();
+	if (is_work_tree_watched($o)) {
+		output_result($o->{clock}, @{$o->{files}});
+	}
+}
+
+sub output_result {
+	my ($clockid, @files) = @_;
+
+	# Uncomment for debugging watchman output
+	# open (my $fh, ">", ".git/watchman-output.out");
+	# binmode $fh, ":utf8";
+	# print $fh "$clockid\n@files\n";
+	# close $fh;
+
+	binmode STDOUT, ":utf8";
+	print $clockid;
+	print "\0";
+	local $, = "\0";
+	print @files;
+}
+
+sub watchman_clock {
+	my $response = qx/watchman clock "$git_work_tree"/;
+	die "Failed to get clock id on '$git_work_tree'.\n" .
+		"Falling back to scanning...\n" if $? != 0;
+
+	return $json_pkg->new->utf8->decode($response);
+}
+
+sub watchman_query {
+	my $pid = open2(\*CHLD_OUT, \*CHLD_IN, 'watchman -j --no-pretty')
+	or die "open2() failed: $!\n" .
+	"Falling back to scanning...\n";
+
+	# In the query expression below we're asking for names of files that
+	# changed since $last_update_token but not from the .git folder.
+	#
+	# To accomplish this, we're using the "since" generator to use the
+	# recency index to select candidate nodes and "fields" to limit the
+	# output to file names only. Then we're using the "expression" term to
+	# further constrain the results.
+	if (substr($last_update_token, 0, 1) eq "c") {
+		$last_update_token = "\"$last_update_token\"";
+	}
+	my $query = <<"	END";
+		["query", "$git_work_tree", {
+			"since": $last_update_token,
+			"fields": ["name"],
+			"expression": ["not", ["dirname", ".git"]]
+		}]
+	END
+
+	# Uncomment for debugging the watchman query
+	# open (my $fh, ">", ".git/watchman-query.json");
+	# print $fh $query;
+	# close $fh;
+
+	print CHLD_IN $query;
+	close CHLD_IN;
+	my $response = do {local $/; <CHLD_OUT>};
+
+	# Uncomment for debugging the watch response
+	# open ($fh, ">", ".git/watchman-response.json");
+	# print $fh $response;
+	# close $fh;
+
+	die "Watchman: command returned no output.\n" .
+	"Falling back to scanning...\n" if $response eq "";
+	die "Watchman: command returned invalid output: $response\n" .
+	"Falling back to scanning...\n" unless $response =~ /^\{/;
+
+	return $json_pkg->new->utf8->decode($response);
+}
+
+sub is_work_tree_watched {
+	my ($output) = @_;
+	my $error = $output->{error};
+	if ($retry > 0 and $error and $error =~ m/unable to resolve root .* directory (.*) is not watched/) {
+		$retry--;
+		my $response = qx/watchman watch "$git_work_tree"/;
+		die "Failed to make watchman watch '$git_work_tree'.\n" .
+		    "Falling back to scanning...\n" if $? != 0;
+		$output = $json_pkg->new->utf8->decode($response);
+		$error = $output->{error};
+		die "Watchman: $error.\n" .
+		"Falling back to scanning...\n" if $error;
+
+		# Uncomment for debugging watchman output
+		# open (my $fh, ">", ".git/watchman-output.out");
+		# close $fh;
+
+		# Watchman will always return all files on the first query so
+		# return the fast "everything is dirty" flag to git and do the
+		# Watchman query just to get it over with now so we won't pay
+		# the cost in git to look up each individual file.
+		my $o = watchman_clock();
+		$error = $output->{error};
+
+		die "Watchman: $error.\n" .
+		"Falling back to scanning...\n" if $error;
+
+		output_result($o->{clock}, ("/"));
+		$last_update_token = $o->{clock};
+
+		eval { launch_watchman() };
+		return 0;
+	}
+
+	die "Watchman: $error.\n" .
+	"Falling back to scanning...\n" if $error;
+
+	return 1;
+}
+
+sub get_working_dir {
+	my $working_dir;
+	if ($^O =~ 'msys' || $^O =~ 'cygwin') {
+		$working_dir = Win32::GetCwd();
+		$working_dir =~ tr/\\/\//;
+	} else {
+		require Cwd;
+		$working_dir = Cwd::cwd();
+	}
+
+	return $working_dir;
+}
diff --git a/...ources/integration/multi-module-filter-modules-properties/dotgit/hooks/post-update.sample b/...ources/integration/multi-module-filter-modules-properties/dotgit/hooks/post-update.sample
@@ -0,0 +1,8 @@
+#!/bin/sh
+#
+# An example hook script to prepare a packed repository for use over
+# dumb transports.
+#
+# To enable this hook, rename this file to "post-update".
+
+exec git update-server-info
diff --git a/...ces/integration/multi-module-filter-modules-properties/dotgit/hooks/pre-applypatch.sample b/...ces/integration/multi-module-filter-modules-properties/dotgit/hooks/pre-applypatch.sample
@@ -0,0 +1,14 @@
+#!/bin/sh
+#
+# An example hook script to verify what is about to be committed
+# by applypatch from an e-mail message.
+#
+# The hook should exit with non-zero status after issuing an
+# appropriate message if it wants to stop the commit.
+#
+# To enable this hook, rename this file to "pre-applypatch".
+
+. git-sh-setup
+precommit="$(git rev-parse --git-path hooks/pre-commit)"
+test -x "$precommit" && exec "$precommit" ${1+"$@"}
+: