From 929154b68eaac846fae586f2275b02aee73084ba Mon Sep 17 00:00:00 2001 From: Mykola Rybak Date: Thu, 15 Feb 2024 14:12:41 +0200 Subject: [PATCH] #870: Update to SonarQube 10.4 Updates to the latest Sonarqube minor version, including changes to the Github decorator to handle changes in the JTW library method signatures inherited from Sonarqube core, and test only changes to the Class Loader code built into Sonarqube. --- .env | 2 +- build.gradle | 2 +- .../v3/RestApplicationAuthenticationProvider.java | 6 +++--- ...assReferenceElevatedClassLoaderFactoryTest.java | 4 ++-- .../ReflectiveElevatedClassLoaderFactoryTest.java | 14 +++++++------- 5 files changed, 14 insertions(+), 14 deletions(-) diff --git a/.env b/.env index d01e37f53..e60228f63 100644 --- a/.env +++ b/.env @@ -1,5 +1,5 @@ # The Sonarqube base image. 'latest' if building locally, '8.5-community' if targeting a specific version -SONARQUBE_VERSION=10.3-community +SONARQUBE_VERSION=10.4-community # The name of the Dockerfile to run. 'Dockerfile' is building locally, 'release.Dockerfile' if building the release image DOCKERFILE=Dockerfile diff --git a/build.gradle b/build.gradle index 0013ae366..dea713306 100644 --- a/build.gradle +++ b/build.gradle @@ -40,7 +40,7 @@ repositories { } } -def sonarqubeVersion = '10.3.0.82913' +def sonarqubeVersion = '10.4.0.87286' def sonarqubeLibDir = "${projectDir}/sonarqube-lib" def sonarLibraries = "${sonarqubeLibDir}/sonarqube-${sonarqubeVersion}/lib" diff --git a/src/main/java/com/github/mc1arke/sonarqube/plugin/almclient/github/v3/RestApplicationAuthenticationProvider.java b/src/main/java/com/github/mc1arke/sonarqube/plugin/almclient/github/v3/RestApplicationAuthenticationProvider.java index a606fecdc..40f8c6075 100644 --- a/src/main/java/com/github/mc1arke/sonarqube/plugin/almclient/github/v3/RestApplicationAuthenticationProvider.java +++ b/src/main/java/com/github/mc1arke/sonarqube/plugin/almclient/github/v3/RestApplicationAuthenticationProvider.java @@ -28,7 +28,7 @@ import com.github.mc1arke.sonarqube.plugin.almclient.github.v3.model.AppToken; import com.github.mc1arke.sonarqube.plugin.almclient.github.v3.model.InstallationRepositories; import com.github.mc1arke.sonarqube.plugin.almclient.github.v3.model.Repository; -import io.jsonwebtoken.SignatureAlgorithm; +import io.jsonwebtoken.Jwts; import io.jsonwebtoken.impl.DefaultJwtBuilder; import org.bouncycastle.openssl.PEMKeyPair; import org.bouncycastle.openssl.PEMParser; @@ -78,8 +78,8 @@ public RepositoryAuthenticationToken getInstallationToken(String apiUrl, String Instant issued = clock.instant().minus(10, ChronoUnit.SECONDS); Instant expiry = issued.plus(2, ChronoUnit.MINUTES); - String jwtToken = new DefaultJwtBuilder().setIssuedAt(Date.from(issued)).setExpiration(Date.from(expiry)) - .claim("iss", appId).signWith(createPrivateKey(apiPrivateKey), SignatureAlgorithm.RS256).compact(); + String jwtToken = new DefaultJwtBuilder().issuedAt(Date.from(issued)).expiration(Date.from(expiry)) + .claim("iss", appId).signWith(createPrivateKey(apiPrivateKey), Jwts.SIG.RS256).compact(); Optional repositoryAuthenticationToken = findTokenFromAppInstallationList(getV3Url(apiUrl) + "/app/installations", jwtToken, projectPath); diff --git a/src/test/java/com/github/mc1arke/sonarqube/plugin/classloader/ClassReferenceElevatedClassLoaderFactoryTest.java b/src/test/java/com/github/mc1arke/sonarqube/plugin/classloader/ClassReferenceElevatedClassLoaderFactoryTest.java index 1a9fe302d..e9d498c74 100644 --- a/src/test/java/com/github/mc1arke/sonarqube/plugin/classloader/ClassReferenceElevatedClassLoaderFactoryTest.java +++ b/src/test/java/com/github/mc1arke/sonarqube/plugin/classloader/ClassReferenceElevatedClassLoaderFactoryTest.java @@ -82,10 +82,10 @@ public void testClassloaderReturnedOnHappyPath() throws ReflectiveOperationExcep public void testLoadClass() throws ClassNotFoundException, MalformedURLException { ClassloaderBuilder builder = new ClassloaderBuilder(); builder.newClassloader("_api_", getClass().getClassLoader()); - builder.setMask("_api_", new Mask().addInclusion("java/").addInclusion("org/sonar/api/")); + builder.setMask("_api_", Mask.builder().include("java/", "org/sonar/api/").build()); builder.newClassloader("_customPlugin"); - builder.setParent("_customPlugin", "_api_", new Mask()); + builder.setParent("_customPlugin", "_api_", Mask.ALL); builder.setLoadingOrder("_customPlugin", ClassloaderBuilder.LoadingOrder.SELF_FIRST); for (URL pluginUrl : findSonarqubePluginJars()) { diff --git a/src/test/java/com/github/mc1arke/sonarqube/plugin/classloader/ReflectiveElevatedClassLoaderFactoryTest.java b/src/test/java/com/github/mc1arke/sonarqube/plugin/classloader/ReflectiveElevatedClassLoaderFactoryTest.java index 62f9107ae..633f8f2d3 100644 --- a/src/test/java/com/github/mc1arke/sonarqube/plugin/classloader/ReflectiveElevatedClassLoaderFactoryTest.java +++ b/src/test/java/com/github/mc1arke/sonarqube/plugin/classloader/ReflectiveElevatedClassLoaderFactoryTest.java @@ -38,7 +38,7 @@ * @author Michael Clarke */ public class ReflectiveElevatedClassLoaderFactoryTest { - + private static final String TARGET_PLUGIN_CLASS = "org.sonar.plugins.java.JavaPlugin"; private static final String BUNDLED_PLUGINS_DIRECTORY = "lib/extensions"; private static final String SONARQUBE_LIB_DIRECTORY = "sonarqube-lib/"; @@ -54,10 +54,10 @@ public ExpectedException expectedException() { public void testLoadClass() throws ClassNotFoundException, MalformedURLException { ClassloaderBuilder builder = new ClassloaderBuilder(); builder.newClassloader("_api_", getClass().getClassLoader()); - builder.setMask("_api_", new Mask().addInclusion("java/").addInclusion("org/sonar/api/")); + builder.setMask("_api_", Mask.builder().include("java/", "org/sonar/api/").build()); builder.newClassloader("_customPlugin"); - builder.setParent("_customPlugin", "_api_", new Mask()); + builder.setParent("_customPlugin", "_api_", Mask.ALL); builder.setLoadingOrder("_customPlugin", ClassloaderBuilder.LoadingOrder.SELF_FIRST); File[] sonarQubeDistributions = new File(SONARQUBE_LIB_DIRECTORY).listFiles(); @@ -84,10 +84,10 @@ public void testLoadClass() throws ClassNotFoundException, MalformedURLException public void testLoadClassInvalidClassRealmKey() throws ClassNotFoundException, MalformedURLException { ClassloaderBuilder builder = new ClassloaderBuilder(); builder.newClassloader("_xxx_", getClass().getClassLoader()); - builder.setMask("_xxx_", new Mask().addInclusion("java/").addInclusion("org/sonar/api/")); + builder.setMask("_xxx_", Mask.builder().include("java/", "org/sonar/api/").build()); builder.newClassloader("_customPlugin"); - builder.setParent("_customPlugin", "_xxx_", new Mask()); + builder.setParent("_customPlugin", "_xxx_", Mask.ALL); builder.setLoadingOrder("_customPlugin", ClassloaderBuilder.LoadingOrder.SELF_FIRST); File[] sonarQubeDistributions = new File(SONARQUBE_LIB_DIRECTORY).listFiles(); @@ -115,7 +115,7 @@ public void testLoadClassInvalidClassRealmKey() throws ClassNotFoundException, M public void testLoadClassNoParentRef() throws ClassNotFoundException, MalformedURLException { ClassloaderBuilder builder = new ClassloaderBuilder(); builder.newClassloader("_xxx_", getClass().getClassLoader()); - builder.setMask("_xxx_", new Mask()); + builder.setMask("_xxx_", Mask.ALL); File[] sonarQubeDistributions = new File(SONARQUBE_LIB_DIRECTORY).listFiles(); @@ -141,7 +141,7 @@ public void testLoadClassNoParentRef() throws ClassNotFoundException, MalformedU public void testLoadClassInvalidApiClassloader() throws ClassNotFoundException, MalformedURLException { ClassloaderBuilder builder = new ClassloaderBuilder(); builder.newClassloader("_customPlugin"); - builder.setParent("_customPlugin", new URLClassLoader(new URL[0]), new Mask()); + builder.setParent("_customPlugin", new URLClassLoader(new URL[0]), Mask.ALL); builder.setLoadingOrder("_customPlugin", ClassloaderBuilder.LoadingOrder.SELF_FIRST); File[] sonarQubeDistributions = new File(SONARQUBE_LIB_DIRECTORY).listFiles();