@Test public void shouldValidateWhetherTheReferredParamsAreDefinedInPipelinesUsingTheTemplate() { PipelineTemplateConfig templateWithParams = PipelineTemplateConfigMother.createTemplateWithParams("template", "param1", "param2"); PipelineConfig pipelineConfig = PipelineConfigMother.pipelineConfigWithTemplate("pipeline", "template"); BasicCruiseConfig cruiseConfig = GoConfigMother.defaultCruiseConfig(); cruiseConfig.addTemplate(templateWithParams); cruiseConfig.addPipelineWithoutValidation("group", pipelineConfig); templateWithParams.validateTree(ConfigSaveValidationContext.forChain(cruiseConfig), cruiseConfig, false); assertThat(templateWithParams.errors().getAllOn("params"), is(Arrays.asList("The param 'param1' is not defined in pipeline 'pipeline'", "The param 'param2' is not defined in pipeline 'pipeline'"))); }
@Test public void encryptSecureProperties_shouldLeaveUserEnteredValuesAsIsIfJobDoesNotExist() throws CryptoException { FetchPluggableArtifactTask task = new FetchPluggableArtifactTask(new CaseInsensitiveString("pipeline"), new CaseInsensitiveString("stage"), new CaseInsensitiveString("job"), "s3"); ArrayList<ConfigurationProperty> configurationProperties = new ArrayList<>(); configurationProperties.add(ConfigurationPropertyMother.create("plain", false, "plain")); configurationProperties.add(ConfigurationPropertyMother.create("secure", true, new GoCipher().encrypt("password"))); PipelineConfig pipelineConfig = PipelineConfigMother.createPipelineConfig("pipeline", "stage", "j1"); BasicCruiseConfig cruiseConfig = GoConfigMother.defaultCruiseConfig(); cruiseConfig.addPipelineWithoutValidation("foo", pipelineConfig); task.addConfigurations(configurationProperties); task.encryptSecureProperties(cruiseConfig, pipelineConfig, task); assertThat(task.getConfiguration(), is(configurationProperties)); }
@Test public void shouldNotCloneAllTemplatesWithAssociatedPipelines() { PipelineTemplateConfig template = PipelineTemplateConfigMother.createTemplate("template-1"); BasicCruiseConfig config = GoConfigMother.defaultCruiseConfig(); config.addTemplate(template); config.addPipelineWithoutValidation("g1", PipelineConfigMother.pipelineConfigWithTemplate("p1", template.name().toString())); //to prime cache config.templatesWithAssociatedPipelines(); //change state config.findGroup("g1").remove(0); config.getTemplates().removeTemplateNamed(template.name()); BasicCruiseConfig cloned = new GoConfigCloner().deepClone(config); assertThat(ReflectionUtil.getField(config, "allTemplatesWithAssociatedPipelines"), is(not((nullValue())))); assertThat(ReflectionUtil.getField(cloned, "allTemplatesWithAssociatedPipelines"), is(nullValue())); assertThat(cloned.templatesWithAssociatedPipelines().size(), is(0)); }
@Test public void encryptSecureProperties_shouldLeaveUserEnteredValuesAsIsIfStageDoesNotExist() throws CryptoException { FetchPluggableArtifactTask task = new FetchPluggableArtifactTask(new CaseInsensitiveString("pipeline"), new CaseInsensitiveString("stage"), new CaseInsensitiveString("job"), "s3"); ArrayList<ConfigurationProperty> configurationProperties = new ArrayList<>(); configurationProperties.add(ConfigurationPropertyMother.create("plain", false, "plain")); configurationProperties.add(ConfigurationPropertyMother.create("secure", true, new GoCipher().encrypt("password"))); PipelineConfig pipelineConfig = PipelineConfigMother.createPipelineConfig("pipeline", "s1", "j1"); BasicCruiseConfig cruiseConfig = GoConfigMother.defaultCruiseConfig(); cruiseConfig.addPipelineWithoutValidation("foo", pipelineConfig); task.addConfigurations(configurationProperties); task.encryptSecureProperties(cruiseConfig, pipelineConfig, task); assertThat(task.getConfiguration(), is(configurationProperties)); }
@Test public void encryptSecureProperties_shouldLeaveUserEnteredValuesAsIsIfArtifactDoesNotExist() throws CryptoException { FetchPluggableArtifactTask task = new FetchPluggableArtifactTask(new CaseInsensitiveString("pipeline"), new CaseInsensitiveString("stage"), new CaseInsensitiveString("job"), "s3"); ArrayList<ConfigurationProperty> configurationProperties = new ArrayList<>(); configurationProperties.add(ConfigurationPropertyMother.create("plain", false, "plain")); configurationProperties.add(ConfigurationPropertyMother.create("secure", true, new GoCipher().encrypt("password"))); PipelineConfig pipelineConfig = PipelineConfigMother.createPipelineConfig("pipeline", "stage", "job"); BasicCruiseConfig cruiseConfig = GoConfigMother.defaultCruiseConfig(); cruiseConfig.addPipelineWithoutValidation("foo", pipelineConfig); task.addConfigurations(configurationProperties); task.encryptSecureProperties(cruiseConfig, pipelineConfig, task); assertThat(task.getConfiguration(), is(configurationProperties)); }
@Test public void encryptSecureProperties_shouldLeaveUserEnteredValuesAsIsIfArtifactStoreIsMissing() throws CryptoException { FetchPluggableArtifactTask task = new FetchPluggableArtifactTask(new CaseInsensitiveString("pipeline"), new CaseInsensitiveString("stage"), new CaseInsensitiveString("job"), "s3"); ArrayList<ConfigurationProperty> configurationProperties = new ArrayList<>(); configurationProperties.add(ConfigurationPropertyMother.create("plain", false, "plain")); configurationProperties.add(ConfigurationPropertyMother.create("secure", true, new GoCipher().encrypt("password"))); PipelineConfig pipelineConfig = PipelineConfigMother.createPipelineConfig("pipeline", "stage", "job"); pipelineConfig.getStage("stage").jobConfigByConfigName("job").artifactConfigs().add(new PluggableArtifactConfig("s3", "aws")); BasicCruiseConfig cruiseConfig = GoConfigMother.defaultCruiseConfig(); cruiseConfig.addPipelineWithoutValidation("foo", pipelineConfig); task.addConfigurations(configurationProperties); task.encryptSecureProperties(cruiseConfig, pipelineConfig, task); assertThat(task.getConfiguration(), is(configurationProperties)); }
@Test public void encryptSecureProperties_shouldLeaveUserEnteredValuesAsIsIfPluginIsMissing() throws CryptoException { ArtifactMetadataStore.instance().remove("cd.go.s3"); FetchPluggableArtifactTask task = new FetchPluggableArtifactTask(new CaseInsensitiveString("pipeline"), new CaseInsensitiveString("stage"), new CaseInsensitiveString("job"), "s3"); ArrayList<ConfigurationProperty> configurationProperties = new ArrayList<>(); configurationProperties.add(ConfigurationPropertyMother.create("plain", false, "plain")); configurationProperties.add(ConfigurationPropertyMother.create("secure", true, new GoCipher().encrypt("password"))); PipelineConfig pipelineConfig = PipelineConfigMother.createPipelineConfig("pipeline", "stage", "job"); PluggableArtifactConfig pluggableArtifactConfig = new PluggableArtifactConfig("s3", "aws"); pipelineConfig.getStage("stage").jobConfigByConfigName("job").artifactConfigs().add(pluggableArtifactConfig); BasicCruiseConfig cruiseConfig = GoConfigMother.defaultCruiseConfig(); cruiseConfig.addPipelineWithoutValidation("foo", pipelineConfig); task.addConfigurations(configurationProperties); task.encryptSecureProperties(cruiseConfig, pipelineConfig, task); assertThat(task.getConfiguration(), is(configurationProperties)); }
@Test public void shouldValidateTemplateStageUsedInDownstreamPipelines() { JobConfig jobConfigWithExecTask = new JobConfig(new CaseInsensitiveString("defaultJob")); jobConfigWithExecTask.addTask(new ExecTask("ls", "l", "server/config")); JobConfigs jobConfigs = new JobConfigs(jobConfigWithExecTask); StageConfig stageConfig = StageConfigMother.custom("stage", jobConfigs); PipelineTemplateConfig template = PipelineTemplateConfigMother.createTemplate("template", stageConfig); PipelineConfig upstreamPipelineUsingTemplate = PipelineConfigMother.pipelineConfigWithTemplate("pipeline", "template"); upstreamPipelineUsingTemplate.usingTemplate(template); //Pipeline and stage of upstreamPipelineUsingTemplate MaterialConfig dependency = new DependencyMaterialConfig(new CaseInsensitiveString("pipeline"), new CaseInsensitiveString("non-existent-stage")); PipelineConfig downStreamPipeline = PipelineConfigMother.pipelineConfig("downstreamPipeline", new MaterialConfigs(dependency)); BasicCruiseConfig cruiseConfig = GoConfigMother.defaultCruiseConfig(); cruiseConfig.addTemplate(template); cruiseConfig.addPipelineWithoutValidation("group", upstreamPipelineUsingTemplate); cruiseConfig.addPipelineWithoutValidation("group", downStreamPipeline); template.validateTree(ConfigSaveValidationContext.forChain(cruiseConfig), cruiseConfig, false); assertThat(template.errors().getAllOn("base"), is(Arrays.asList("Stage with name 'non-existent-stage' does not exist on pipeline 'pipeline', it is being referred to from pipeline 'downstreamPipeline' (cruise-config.xml)"))); }
@Test public void shouldValidatePublishExternalArtifactOfATemplateInTheContextOfPipelinesUsingTheTemplate() throws Exception { JobConfig jobConfig = new JobConfig(new CaseInsensitiveString("defaultJob")); jobConfig.artifactConfigs().add(new PluggableArtifactConfig("some-id", "non-existent-store-id")); JobConfigs jobConfigs = new JobConfigs(jobConfig); StageConfig stageConfig = StageConfigMother.custom("stage", jobConfigs); PipelineTemplateConfig template = PipelineTemplateConfigMother.createTemplate("template", stageConfig); PipelineConfig pipelineConfig = PipelineConfigMother.pipelineConfigWithTemplate("pipeline", "template"); pipelineConfig.usingTemplate(template); BasicCruiseConfig cruiseConfig = GoConfigMother.defaultCruiseConfig(); cruiseConfig.addTemplate(template); cruiseConfig.addPipelineWithoutValidation("group", pipelineConfig); template.validateTree(ConfigSaveValidationContext.forChain(cruiseConfig), cruiseConfig, false); assertThat(template.errors().getAllOn("storeId"), is(Arrays.asList("Artifact store with id `non-existent-store-id` does not exist. Please correct the `storeId` attribute on pipeline `pipeline`."))); }
@Test public void shouldValidateFetchTasksOfATemplateInTheContextOfPipelinesUsingTheTemplate() throws Exception { JobConfig jobConfig = new JobConfig(new CaseInsensitiveString("defaultJob")); jobConfig.addTask(new FetchTask(new CaseInsensitiveString("non-existent-pipeline"), new CaseInsensitiveString("stage"), new CaseInsensitiveString("job"), "src", "dest")); JobConfigs jobConfigs = new JobConfigs(jobConfig); StageConfig stageConfig = StageConfigMother.custom("stage", jobConfigs); PipelineTemplateConfig template = PipelineTemplateConfigMother.createTemplate("template", stageConfig); PipelineConfig pipelineConfig = PipelineConfigMother.pipelineConfigWithTemplate("pipeline", "template"); pipelineConfig.usingTemplate(template); BasicCruiseConfig cruiseConfig = GoConfigMother.defaultCruiseConfig(); cruiseConfig.addTemplate(template); cruiseConfig.addPipelineWithoutValidation("group", pipelineConfig); template.validateTree(ConfigSaveValidationContext.forChain(cruiseConfig), cruiseConfig, false); assertThat(template.errors().getAllOn("pipeline"), is(Arrays.asList("\"pipeline :: stage :: defaultJob\" tries to fetch artifact from pipeline \"non-existent-pipeline\" which does not exist."))); }
@Test public void shouldValidateFetchPluggableTasksOfATemplateInTheContextOfPipelinesUsingTheTemplate() throws Exception { JobConfig jobConfig = new JobConfig(new CaseInsensitiveString("defaultJob")); jobConfig.addTask(new FetchPluggableArtifactTask(new CaseInsensitiveString("non-existent-pipeline"), new CaseInsensitiveString("stage"), new CaseInsensitiveString("job"), "artifactId")); JobConfigs jobConfigs = new JobConfigs(jobConfig); StageConfig stageConfig = StageConfigMother.custom("stage", jobConfigs); PipelineTemplateConfig template = PipelineTemplateConfigMother.createTemplate("template", stageConfig); PipelineConfig pipelineConfig = PipelineConfigMother.pipelineConfigWithTemplate("pipeline", "template"); pipelineConfig.usingTemplate(template); BasicCruiseConfig cruiseConfig = GoConfigMother.defaultCruiseConfig(); cruiseConfig.addTemplate(template); cruiseConfig.addPipelineWithoutValidation("group", pipelineConfig); template.validateTree(ConfigSaveValidationContext.forChain(cruiseConfig), cruiseConfig, false); assertThat(template.errors().getAllOn("pipeline"), is(Arrays.asList("\"pipeline :: stage :: defaultJob\" tries to fetch artifact from pipeline \"non-existent-pipeline\" which does not exist."))); }
@Test public void encryptSecureProperties_shouldEncryptSecureProperties() throws CryptoException { ArrayList<PluginConfiguration> pluginConfigurations = new ArrayList<>(); pluginConfigurations.add(new PluginConfiguration("secure_property1", new Metadata(true, true))); pluginConfigurations.add(new PluginConfiguration("secure_property2", new Metadata(true, true))); pluginConfigurations.add(new PluginConfiguration("plain", new Metadata(true, false))); when(artifactPluginInfo.getFetchArtifactSettings()).thenReturn(new PluggableInstanceSettings(pluginConfigurations)); PipelineConfig pipelineConfig = PipelineConfigMother.createPipelineConfig("pipeline", "stage", "job"); PluggableArtifactConfig pluggableArtifactConfig = new PluggableArtifactConfig("s3", "aws"); pipelineConfig.getStage("stage").jobConfigByConfigName("job").artifactConfigs().add(pluggableArtifactConfig); BasicCruiseConfig cruiseConfig = GoConfigMother.defaultCruiseConfig(); cruiseConfig.addPipelineWithoutValidation("foo", pipelineConfig); cruiseConfig.getArtifactStores().add(new ArtifactStore("aws", artifactPluginInfo.getDescriptor().id())); FetchPluggableArtifactTask task = new FetchPluggableArtifactTask(new CaseInsensitiveString("pipeline"), new CaseInsensitiveString("stage"), new CaseInsensitiveString("job"), "s3"); ArrayList<ConfigurationProperty> configurationProperties = new ArrayList<>(); configurationProperties.add(new ConfigurationProperty(new ConfigurationKey("plain"), new ConfigurationValue("plain"))); configurationProperties.add(new ConfigurationProperty(new ConfigurationKey("secure_property1"), new ConfigurationValue("password"))); configurationProperties.add(new ConfigurationProperty(new ConfigurationKey("secure_property2"), new EncryptedConfigurationValue(new GoCipher().encrypt("secret")))); ArrayList<ConfigurationProperty> expectedConfigurationProperties = new ArrayList<>(); expectedConfigurationProperties.add(new ConfigurationProperty(new ConfigurationKey("plain"), new ConfigurationValue("plain"))); expectedConfigurationProperties.add(new ConfigurationProperty(new ConfigurationKey("secure_property1"), new EncryptedConfigurationValue(new GoCipher().encrypt("password")))); expectedConfigurationProperties.add(new ConfigurationProperty(new ConfigurationKey("secure_property2"), new EncryptedConfigurationValue(new GoCipher().encrypt("secret")))); task.addConfigurations(configurationProperties); task.encryptSecureProperties(cruiseConfig, pipelineConfig, task); assertThat(task.getConfiguration().size(), is(3)); assertThat(task.getConfiguration(), is(expectedConfigurationProperties)); }
@Test public void shouldValidateStageApprovalAuthorizationOfATemplateInTheContextOfPipelinesUsingTheTemplate() throws Exception { JobConfig jobConfig = new JobConfig(new CaseInsensitiveString("defaultJob")); JobConfigs jobConfigs = new JobConfigs(jobConfig); StageConfig stageConfig = StageConfigMother.custom("stage", jobConfigs); stageConfig.setApproval(new Approval(new AuthConfig(new AdminRole(new CaseInsensitiveString("non-existent-role"))))); PipelineTemplateConfig template = PipelineTemplateConfigMother.createTemplate("template", stageConfig); PipelineConfig pipelineConfig = PipelineConfigMother.pipelineConfigWithTemplate("pipeline", "template"); pipelineConfig.usingTemplate(template); BasicCruiseConfig cruiseConfig = GoConfigMother.defaultCruiseConfig(); cruiseConfig.addTemplate(template); cruiseConfig.addPipelineWithoutValidation("group", pipelineConfig); template.validateTree(ConfigSaveValidationContext.forChain(cruiseConfig), cruiseConfig, false); assertThat(template.errors().getAllOn("name"), is(Arrays.asList("Role \"non-existent-role\" does not exist."))); }
@Test public void shouldValidateTemplateJobsUsedInDownstreamPipelines() { JobConfig jobConfigWithExecTask = new JobConfig(new CaseInsensitiveString("defaultJob")); jobConfigWithExecTask.addTask(new ExecTask("ls", "l", "server/config")); JobConfigs jobConfigs = new JobConfigs(jobConfigWithExecTask); JobConfig jobConfigWithFetchTask = new JobConfig(new CaseInsensitiveString("fetchJob")); jobConfigWithFetchTask.addTask(new FetchTask(new CaseInsensitiveString("pipeline"), new CaseInsensitiveString("stage"), new CaseInsensitiveString("non-existent-job"), "src", "dest")); JobConfigs jobConfigsForDownstream = new JobConfigs(jobConfigWithFetchTask); StageConfig stageConfig = StageConfigMother.custom("stage", jobConfigs); PipelineTemplateConfig template = PipelineTemplateConfigMother.createTemplate("template", stageConfig); PipelineConfig upstreamPipelineUsingTemplate = PipelineConfigMother.pipelineConfigWithTemplate("pipeline", "template"); upstreamPipelineUsingTemplate.usingTemplate(template); //Pipeline and stage of upstreamPipelineUsingTemplate MaterialConfig dependency = new DependencyMaterialConfig(new CaseInsensitiveString("pipeline"), new CaseInsensitiveString("stage")); PipelineConfig downStreamPipeline = PipelineConfigMother.pipelineConfig("downstreamPipeline", new MaterialConfigs(dependency), jobConfigsForDownstream); BasicCruiseConfig cruiseConfig = GoConfigMother.defaultCruiseConfig(); cruiseConfig.addTemplate(template); cruiseConfig.addPipelineWithoutValidation("group", upstreamPipelineUsingTemplate); cruiseConfig.addPipelineWithoutValidation("group", downStreamPipeline); template.validateTree(ConfigSaveValidationContext.forChain(cruiseConfig), cruiseConfig, false); assertThat(template.errors().getAllOn("base"), is(Arrays.asList("\"downstreamPipeline :: mingle :: fetchJob\" tries to fetch artifact from job \"pipeline :: stage :: non-existent-job\" which does not exist."))); }
cruiseConfig.addPipelineWithoutValidation("foo", pipelineConfig); cruiseConfig.getArtifactStores().add(new ArtifactStore("aws", artifactPluginInfo.getDescriptor().id()));
@Test public void shouldValidateStagePermissionsOfATemplateStageInTheContextOfPipelineUsingTheTemplate() { StageConfig stageConfig = StageConfigMother.custom("stage", new JobConfigs(new JobConfig(new CaseInsensitiveString("defaultJob")))); stageConfig.setApproval(new Approval(new AuthConfig(new AdminUser(new CaseInsensitiveString("non-admin-non-operate"))))); PipelineTemplateConfig template = PipelineTemplateConfigMother.createTemplate("template", stageConfig); PipelineConfig pipelineConfig = PipelineConfigMother.pipelineConfigWithTemplate("pipeline", "template"); pipelineConfig.usingTemplate(template); BasicCruiseConfig cruiseConfig = GoConfigMother.defaultCruiseConfig(); cruiseConfig.addTemplate(template); cruiseConfig.addPipelineWithoutValidation("group", pipelineConfig); PipelineConfigs group = cruiseConfig.findGroup("group"); group.setAuthorization(new Authorization(new ViewConfig(), new OperationConfig(new AdminUser(new CaseInsensitiveString("foo"))), new AdminsConfig())); cruiseConfig.server().security().securityAuthConfigs().add(new SecurityAuthConfig()); cruiseConfig.server().security().adminsConfig().add(new AdminUser(new CaseInsensitiveString("super-admin"))); template.validateTree(ConfigSaveValidationContext.forChain(cruiseConfig), cruiseConfig, false); assertThat(template.errors().getAllOn("name"), is(Arrays.asList("User \"non-admin-non-operate\" who is not authorized to operate pipeline group `group` can not be authorized to approve stage"))); }