@Override public void addEnvironmentVariable(String name, String value) { variables.add(new EnvironmentVariableConfig(name.trim(), value)); }
CREnvironmentVariable environmentVariableConfigToCREnvironmentVariable(EnvironmentVariableConfig environmentVariableConfig) { if (environmentVariableConfig.isSecure()) { return new CREnvironmentVariable(environmentVariableConfig.getName(), null, environmentVariableConfig.getEncryptedValue()); } else { String value = environmentVariableConfig.getValue(); if(StringUtils.isBlank(value)) value = ""; return new CREnvironmentVariable(environmentVariableConfig.getName(), value); } }
public static void toJSON(OutputWriter jsonWriter, EnvironmentVariableConfig environmentVariableConfig) { if (!environmentVariableConfig.errors().isEmpty()) { jsonWriter.addChild("errors", errorWriter -> { HashMap<String, String> mapping = new HashMap<>(); mapping.put("encryptedValue", "encrypted_value"); new ErrorGetter(mapping).toJSON(jsonWriter, environmentVariableConfig); }); } jsonWriter.add("secure", environmentVariableConfig.isSecure()); jsonWriter.add("name", environmentVariableConfig.getName()); if (environmentVariableConfig.isPlain()) { jsonWriter.addIfNotNull("value", environmentVariableConfig.getValueForDisplay()); } if (environmentVariableConfig.isSecure()) { jsonWriter.addIfNotNull("encrypted_value", environmentVariableConfig.getValueForDisplay()); } }
@Test public void shouldEncryptValueWhenConstructedAsSecure() throws CryptoException { GoCipher goCipher = mock(GoCipher.class); String encryptedText = "encrypted"; when(goCipher.encrypt("password")).thenReturn(encryptedText); EnvironmentVariableConfig environmentVariableConfig = new EnvironmentVariableConfig(goCipher); HashMap attrs = getAttributeMap("password", "true", "true"); environmentVariableConfig.setConfigAttributes(attrs); assertThat(environmentVariableConfig.getEncryptedValue(), is(encryptedText)); assertThat(environmentVariableConfig.getName(), is("foo")); assertThat(environmentVariableConfig.isSecure(), is(true)); }
@Test public void shouldReturnValueForInSecureVariables() { EnvironmentVariableConfig environmentVariableConfig = new EnvironmentVariableConfig(goCipher, "foo", "bar", false); assertThat(environmentVariableConfig.getName(), is("foo")); assertThat(environmentVariableConfig.getValue(), is("bar")); assertThat(environmentVariableConfig.getValueForDisplay(), is("bar")); }
@Test public void shouldAssignNameAndValueForAVanillaEnvironmentVariable() { EnvironmentVariableConfig environmentVariableConfig = new EnvironmentVariableConfig((GoCipher) null); HashMap attrs = new HashMap(); attrs.put(EnvironmentVariableConfig.NAME, "foo"); attrs.put(EnvironmentVariableConfig.VALUE, "password"); environmentVariableConfig.setConfigAttributes(attrs); assertThat(environmentVariableConfig.getValue(), is("password")); assertThat(environmentVariableConfig.getName(), is("foo")); assertThat(environmentVariableConfig.isSecure(), is(false)); }
@Test public void shouldPopulateErrorWhenDuplicateEnvironmentVariableNameIsPresent() { environmentVariablesConfig = new EnvironmentVariablesConfig(); EnvironmentVariableConfig one = new EnvironmentVariableConfig("FOO", "BAR"); EnvironmentVariableConfig two = new EnvironmentVariableConfig("FOO", "bAZ"); environmentVariablesConfig.add(one); environmentVariablesConfig.add(two); environmentVariablesConfig.validate(context); assertThat(one.errors().isEmpty(), is(false)); assertThat(one.errors().firstError(), contains("Environment Variable name 'FOO' is not unique for pipeline 'some-pipeline'")); assertThat(two.errors().isEmpty(), is(false)); assertThat(two.errors().firstError(), contains("Environment Variable name 'FOO' is not unique for pipeline 'some-pipeline'")); }
@Test public void shouldDeserializeWithNoErrorFlagIfAnEncryptedVariableHasCipherTextSetWithSecureTrue() throws Exception { EnvironmentVariableConfig variable = new EnvironmentVariableConfig(); variable.deserialize("PASSWORD", null, true, "cipherText"); assertTrue(variable.errors().isEmpty()); }
@Test public void shouldNotErrorOutWhenValidationIsSuccessfulForPlainTextVariables() { EnvironmentVariableConfig environmentVariableConfig = new EnvironmentVariableConfig(goCipher, "plain_key", "plain_value", false); environmentVariableConfig.validate(null); assertThat(environmentVariableConfig.errors().isEmpty(), is(true)); }
@Test public void shouldGetPlainTextValue() throws CryptoException { GoCipher mockGoCipher = mock(GoCipher.class); String plainText = "password"; EnvironmentVariableConfig environmentVariableConfig = new EnvironmentVariableConfig(mockGoCipher); HashMap attrs = getAttributeMap(plainText, "false", "1"); environmentVariableConfig.setConfigAttributes(attrs); assertThat(environmentVariableConfig.getValue(), is(plainText)); verify(mockGoCipher, never()).decrypt(anyString()); verify(mockGoCipher, never()).encrypt(anyString()); }
@Test public void shouldErrorOutForEncryptedValueBeingSetWhenSecureIsFalse() throws Exception { EnvironmentVariableConfig variable = new EnvironmentVariableConfig(); variable.deserialize("PASSWORD", null, false, "cipherText"); variable.validateTree(null); assertThat(variable.errors().getAllOn("encryptedValue"), is(Arrays.asList("You may specify encrypted value only when option 'secure' is true."))); } }
public EnvironmentVariableConfig getVariable(String variableName) { for (EnvironmentVariableConfig variableConfig : this) { if (variableConfig.getName().equals(variableName)) { return variableConfig; } } return null; }
@Override public void build(ScheduleOptions scheduleOptions, HttpOperationResult result, String pipelineName, PipelineScheduleOptions pipelineScheduleOptions, HealthStateType healthStateType) { for (EnvironmentVariableConfig environmentVariable : pipelineScheduleOptions.getSecureEnvironmentVariables()) { if (!goConfigService.hasVariableInScope(pipelineName, environmentVariable.getName())) { String variableUnconfiguredMessage = String.format("Variable '%s' has not been configured for pipeline '%s'", environmentVariable.getName(), pipelineName); result.unprocessibleEntity("Request to schedule pipeline rejected", variableUnconfiguredMessage, healthStateType); return; } environmentVariable.validate(null); if (!environmentVariable.errors().isEmpty()) { result.unprocessibleEntity("Request to schedule pipeline rejected", environmentVariable.errors().asString(), healthStateType); return; } scheduleOptions.getVariables().add(environmentVariable); } } }
@Test public void shouldCopyErrorsForFieldsOnPipelineConfig(){ PipelineConfig pipelineConfig = PipelineConfigMother.pipelineConfig("pipeline", MaterialConfigsMother.defaultMaterialConfigs(), new JobConfigs(JobConfigMother.createJobConfigWithJobNameAndEmptyResources())); pipelineConfig.setVariables(new EnvironmentVariablesConfig(asList(new EnvironmentVariableConfig("name", "value")))); PipelineConfig pipelineWithErrors = new Cloner().deepClone(pipelineConfig); pipelineWithErrors.getVariables().get(0).addError("name", "error on environment variable"); pipelineWithErrors.first().addError("name", "error on stage"); pipelineWithErrors.first().getJobs().first().addError("name", "error on job"); BasicCruiseConfig.copyErrors(pipelineWithErrors, pipelineConfig); assertThat(pipelineConfig.getVariables().get(0).errors().on("name"), is("error on environment variable")); assertThat(pipelineConfig.first().errors().on("name"), is("error on stage")); assertThat(pipelineConfig.first().getJobs().first().errors().on("name"), is("error on job")); }
public static EnvironmentVariableConfig fromJSON(JsonReader jsonReader) { String name = jsonReader.getString("name"); Boolean secure = jsonReader.optBoolean("secure").orElse(false); String value = secure ? jsonReader.optString("value").orElse(null) : jsonReader.getString("value"); String encryptedValue = jsonReader.optString("encrypted_value").orElse(null); try { EnvironmentVariableConfig environmentVariableConfig = new EnvironmentVariableConfig(); environmentVariableConfig.deserialize(name, value, secure, encryptedValue); return environmentVariableConfig; } catch (CryptoException e) { throw new InvalidGoCipherTextRuntimeException(e.getMessage(), e); } }
@Test public void shouldAllowAnEnvironmentVariableToBeMarkedAsSecure_WithEncryptedValueInItsOwnTag() throws Exception { String value = "abc"; String encryptedValue = new GoCipher().encrypt(value); String content = configWithPipeline(format( "<pipeline name='some_pipeline'>" + "<environmentvariables>\n" + " <variable name=\"var_name\" secure=\"true\"><encryptedValue>%s</encryptedValue></variable>\n" + " </environmentvariables>" + " <materials>" + " <svn url='svnurl'/>" + " </materials>" + " <stage name='some_stage'>" + " <jobs>" + " <job name='some_job'>" + " </job>" + " </jobs>" + " </stage>" + "</pipeline>", encryptedValue), CONFIG_SCHEMA_VERSION); CruiseConfig config = ConfigMigrator.loadWithMigration(content).config; PipelineConfig pipelineConfig = config.pipelineConfigByName(new CaseInsensitiveString("some_pipeline")); EnvironmentVariablesConfig variables = pipelineConfig.getVariables(); assertThat(variables.size(), is(1)); EnvironmentVariableConfig environmentVariableConfig = variables.get(0); assertThat(environmentVariableConfig.getEncryptedValue(), is(encryptedValue)); assertThat(environmentVariableConfig.isSecure(), is(true)); }