public boolean validateTree(ValidationContext validationContext) { validate(validationContext); return errors().isEmpty(); }
public void validate(ValidationContext validationContext) { try { getValue(); } catch (Exception e) { errors().add(VALUE, String.format("Encrypted value for variable named '%s' is invalid. This usually happens when the cipher text is modified to have an invalid value.", getName())); } }
@Test public void shouldDeserializeWithErrorFlagIfAnEncryptedVarialeHasBothClearTextAndCipherText() throws Exception { EnvironmentVariableConfig variable = new EnvironmentVariableConfig(); variable.deserialize("PASSWORD", "clearText", true, "c!ph3rt3xt"); assertThat(variable.errors().getAllOn("value"), is(Arrays.asList("You may only specify `value` or `encrypted_value`, not both!"))); assertThat(variable.errors().getAllOn("encryptedValue"), is(Arrays.asList("You may only specify `value` or `encrypted_value`, not both!"))); }
@Override public void build(ScheduleOptions scheduleOptions, HttpOperationResult result, String pipelineName, PipelineScheduleOptions pipelineScheduleOptions, HealthStateType healthStateType) { for (EnvironmentVariableConfig environmentVariable : pipelineScheduleOptions.getSecureEnvironmentVariables()) { if (!goConfigService.hasVariableInScope(pipelineName, environmentVariable.getName())) { String variableUnconfiguredMessage = String.format("Variable '%s' has not been configured for pipeline '%s'", environmentVariable.getName(), pipelineName); result.unprocessibleEntity("Request to schedule pipeline rejected", variableUnconfiguredMessage, healthStateType); return; } environmentVariable.validate(null); if (!environmentVariable.errors().isEmpty()) { result.unprocessibleEntity("Request to schedule pipeline rejected", environmentVariable.errors().asString(), healthStateType); return; } scheduleOptions.getVariables().add(environmentVariable); } } }
@Test public void shouldNotErrorOutWhenValidationIsSuccessfulForSecureVariables() throws CryptoException { String plainText = "secure_value"; String cipherText = "cipherText"; when(goCipher.encrypt(plainText)).thenReturn(cipherText); when(goCipher.decrypt(cipherText)).thenReturn(plainText); EnvironmentVariableConfig environmentVariableConfig = new EnvironmentVariableConfig(goCipher, "secure_key", plainText, true); environmentVariableConfig.validate(null); assertThat(environmentVariableConfig.errors().isEmpty(), is(true)); }
@Test public void shouldErrorOutOnValidateWhenEncryptedValueIsForceChanged() throws CryptoException { String plainText = "secure_value"; String cipherText = "cipherText"; when(goCipher.encrypt(plainText)).thenReturn(cipherText); when(goCipher.decrypt(cipherText)).thenThrow(new CryptoException("last block incomplete in decryption")); EnvironmentVariableConfig environmentVariableConfig = new EnvironmentVariableConfig(goCipher, "secure_key", plainText, true); environmentVariableConfig.validate(null); ConfigErrors error = environmentVariableConfig.errors(); assertThat(error.isEmpty(), is(false)); assertThat(error.on(EnvironmentVariableConfig.VALUE), is("Encrypted value for variable named 'secure_key' is invalid. This usually happens when the cipher text is modified to have an invalid value.")); }
@Test public void shouldErrorOutForEncryptedValueBeingSetWhenSecureIsFalse() throws Exception { EnvironmentVariableConfig variable = new EnvironmentVariableConfig(); variable.deserialize("PASSWORD", null, false, "cipherText"); variable.validateTree(null); assertThat(variable.errors().getAllOn("encryptedValue"), is(Arrays.asList("You may specify encrypted value only when option 'secure' is true."))); } }
@Test public void shouldNotErrorOutWhenValidationIsSuccessfulForPlainTextVariables() { EnvironmentVariableConfig environmentVariableConfig = new EnvironmentVariableConfig(goCipher, "plain_key", "plain_value", false); environmentVariableConfig.validate(null); assertThat(environmentVariableConfig.errors().isEmpty(), is(true)); }
public static void toJSON(OutputWriter jsonWriter, EnvironmentVariableConfig environmentVariableConfig) { if (!environmentVariableConfig.errors().isEmpty()) { jsonWriter.addChild("errors", errorWriter -> { HashMap<String, String> mapping = new HashMap<>(); mapping.put("encryptedValue", "encrypted_value"); new ErrorGetter(mapping).toJSON(jsonWriter, environmentVariableConfig); }); } jsonWriter.add("secure", environmentVariableConfig.isSecure()); jsonWriter.add("name", environmentVariableConfig.getName()); if (environmentVariableConfig.isPlain()) { jsonWriter.addIfNotNull("value", environmentVariableConfig.getValueForDisplay()); } if (environmentVariableConfig.isSecure()) { jsonWriter.addIfNotNull("encrypted_value", environmentVariableConfig.getValueForDisplay()); } }
@Test public void shouldPopulateErrorWhenDuplicateEnvironmentVariableNameIsPresent() { environmentVariablesConfig = new EnvironmentVariablesConfig(); EnvironmentVariableConfig one = new EnvironmentVariableConfig("FOO", "BAR"); EnvironmentVariableConfig two = new EnvironmentVariableConfig("FOO", "bAZ"); environmentVariablesConfig.add(one); environmentVariablesConfig.add(two); environmentVariablesConfig.validate(context); assertThat(one.errors().isEmpty(), is(false)); assertThat(one.errors().firstError(), contains("Environment Variable name 'FOO' is not unique for pipeline 'some-pipeline'")); assertThat(two.errors().isEmpty(), is(false)); assertThat(two.errors().firstError(), contains("Environment Variable name 'FOO' is not unique for pipeline 'some-pipeline'")); }
@Test public void shouldPopulateErrorWhenVariableNameStartsWithSpace() { environmentVariablesConfig = new EnvironmentVariablesConfig(); EnvironmentVariableConfig one = new EnvironmentVariableConfig(" foo", "BAR"); environmentVariablesConfig.add(one); environmentVariablesConfig.validate(context); assertThat(one.errors().isEmpty(), is(false)); assertThat(one.errors().on(EnvironmentVariableConfig.NAME), contains("Environment Variable cannot start or end with spaces for pipeline 'some-pipeline'.")); }
public static void toJSON(OutputWriter jsonWriter, EnvironmentVariableConfig environmentVariableConfig) { if (!environmentVariableConfig.errors().isEmpty()) { jsonWriter.addChild("errors", errorWriter -> { HashMap<String, String> mapping = new HashMap<>(); mapping.put("encryptedValue", "encrypted_value"); new ErrorGetter(mapping).toJSON(jsonWriter, environmentVariableConfig); }); } jsonWriter.add("secure", environmentVariableConfig.isSecure()); jsonWriter.add("name", environmentVariableConfig.getName()); if (environmentVariableConfig.isPlain()) { jsonWriter.addIfNotNull("value", environmentVariableConfig.getValueForDisplay()); } if (environmentVariableConfig.isSecure()) { jsonWriter.addIfNotNull("encrypted_value", environmentVariableConfig.getValueForDisplay()); } }
@Test public void shouldPopulateErrorWhenVariableNameIsEmpty() { environmentVariablesConfig = new EnvironmentVariablesConfig(); EnvironmentVariableConfig one = new EnvironmentVariableConfig("", "BAR"); environmentVariablesConfig.add(one); environmentVariablesConfig.validate(context); assertThat(one.errors().isEmpty(), is(false)); assertThat(one.errors().on(EnvironmentVariableConfig.NAME), contains("Environment Variable cannot have an empty name for pipeline 'some-pipeline'.")); }
@Test public void shouldPopulateErrorWhenVariableNameContainsLeadingAndTrailingSpaces() { environmentVariablesConfig = new EnvironmentVariablesConfig(); EnvironmentVariableConfig one = new EnvironmentVariableConfig(" FOO ", "BAR"); environmentVariablesConfig.add(one); environmentVariablesConfig.validate(context); assertThat(one.errors().isEmpty(), is(false)); assertThat(one.errors().on(EnvironmentVariableConfig.NAME), contains("Environment Variable cannot start or end with spaces for pipeline 'some-pipeline'.")); }
@Test public void shouldPopulateErrorWhenVariableNameEndsWithSpace() { environmentVariablesConfig = new EnvironmentVariablesConfig(); EnvironmentVariableConfig one = new EnvironmentVariableConfig("FOO ", "BAR"); environmentVariablesConfig.add(one); environmentVariablesConfig.validate(context); assertThat(one.errors().isEmpty(), is(false)); assertThat(one.errors().on(EnvironmentVariableConfig.NAME), contains("Environment Variable cannot start or end with spaces for pipeline 'some-pipeline'.")); }
@Test public void shouldDeserializeWithNoErrorFlagIfAnEncryptedVariableHasCipherTextSetWithSecureTrue() throws Exception { EnvironmentVariableConfig variable = new EnvironmentVariableConfig(); variable.deserialize("PASSWORD", null, true, "cipherText"); assertTrue(variable.errors().isEmpty()); }
@Test public void shouldValidateTree() { environmentVariablesConfig = new EnvironmentVariablesConfig(); EnvironmentVariableConfig one = new EnvironmentVariableConfig("FOO", "BAR"); EnvironmentVariableConfig two = new EnvironmentVariableConfig("FOO", "bAZ"); EnvironmentVariableConfig three = new EnvironmentVariableConfig("", "bAZ"); environmentVariablesConfig.add(one); environmentVariablesConfig.add(two); environmentVariablesConfig.add(three); environmentVariablesConfig.validateTree(PipelineConfigSaveValidationContext.forChain(true, "group", new PipelineConfig(new CaseInsensitiveString("p1"), null))); assertThat(one.errors().isEmpty(), is(false)); assertThat(one.errors().firstError(), contains("Environment Variable name 'FOO' is not unique for pipeline 'p1'")); assertThat(two.errors().isEmpty(), is(false)); assertThat(two.errors().firstError(), contains("Environment Variable name 'FOO' is not unique for pipeline 'p1'")); assertThat(three.errors().isEmpty(), is(false)); assertThat(three.errors().firstError(), contains("Environment Variable cannot have an empty name for pipeline 'p1'.")); }
@Test public void shouldDeserializeWithNoErrorFlagIfAnEncryptedVarialeHasClearTextWithSecureTrue() throws Exception { EnvironmentVariableConfig variable = new EnvironmentVariableConfig(); variable.deserialize("PASSWORD", "clearText", true, null); assertTrue(variable.errors().isEmpty()); }
@Test public void shouldDeserializeWithNoErrorFlagIfAnEncryptedVarialeHasEitherClearTextWithSecureFalse() throws Exception { EnvironmentVariableConfig variable = new EnvironmentVariableConfig(); variable.deserialize("PASSWORD", "clearText", false, null); assertTrue(variable.errors().isEmpty()); }
@Test public void shouldCopyErrorsForFieldsOnPipelineConfig(){ PipelineConfig pipelineConfig = PipelineConfigMother.pipelineConfig("pipeline", MaterialConfigsMother.defaultMaterialConfigs(), new JobConfigs(JobConfigMother.createJobConfigWithJobNameAndEmptyResources())); pipelineConfig.setVariables(new EnvironmentVariablesConfig(asList(new EnvironmentVariableConfig("name", "value")))); PipelineConfig pipelineWithErrors = new Cloner().deepClone(pipelineConfig); pipelineWithErrors.getVariables().get(0).addError("name", "error on environment variable"); pipelineWithErrors.first().addError("name", "error on stage"); pipelineWithErrors.first().getJobs().first().addError("name", "error on job"); BasicCruiseConfig.copyErrors(pipelineWithErrors, pipelineConfig); assertThat(pipelineConfig.getVariables().get(0).errors().on("name"), is("error on environment variable")); assertThat(pipelineConfig.first().errors().on("name"), is("error on stage")); assertThat(pipelineConfig.first().getJobs().first().errors().on("name"), is("error on job")); }