public EnvironmentVariableConfig(EnvironmentVariableConfig variable) { this(variable.goCipher, variable.name, variable.getValue(), variable.isSecure); }
@Test public void shouldReturnEncryptedValueForSecureVariables() throws CryptoException { when(goCipher.encrypt("bar")).thenReturn("encrypted"); when(goCipher.decrypt("encrypted")).thenReturn("bar"); EnvironmentVariableConfig environmentVariableConfig = new EnvironmentVariableConfig(goCipher, "foo", "bar", true); assertThat(environmentVariableConfig.getName(), is("foo")); assertThat(environmentVariableConfig.getValue(), is("bar")); assertThat(environmentVariableConfig.getValueForDisplay(), is(environmentVariableConfig.getEncryptedValue())); }
public String getDisplayValue() { if (isSecure()) return "****"; return getValue(); }
@Test public void shouldReturnValueForInSecureVariables() { EnvironmentVariableConfig environmentVariableConfig = new EnvironmentVariableConfig(goCipher, "foo", "bar", false); assertThat(environmentVariableConfig.getName(), is("foo")); assertThat(environmentVariableConfig.getValue(), is("bar")); assertThat(environmentVariableConfig.getValueForDisplay(), is("bar")); }
public EnvironmentVariable(EnvironmentVariableConfig environmentVariableConfig) { this(environmentVariableConfig.getName(), environmentVariableConfig.getValue(), environmentVariableConfig.isSecure()); }
public void validate(ValidationContext validationContext) { try { getValue(); } catch (Exception e) { errors().add(VALUE, String.format("Encrypted value for variable named '%s' is invalid. This usually happens when the cipher text is modified to have an invalid value.", getName())); } }
void addTo(EnvironmentVariableContext context) { context.setProperty(name, getValue(), isSecure()); }
CREnvironmentVariable environmentVariableConfigToCREnvironmentVariable(EnvironmentVariableConfig environmentVariableConfig) { if (environmentVariableConfig.isSecure()) { return new CREnvironmentVariable(environmentVariableConfig.getName(), null, environmentVariableConfig.getEncryptedValue()); } else { String value = environmentVariableConfig.getValue(); if(StringUtils.isBlank(value)) value = ""; return new CREnvironmentVariable(environmentVariableConfig.getName(), value); } }
@Test public void shouldGetPlainTextValue() throws CryptoException { GoCipher mockGoCipher = mock(GoCipher.class); String plainText = "password"; EnvironmentVariableConfig environmentVariableConfig = new EnvironmentVariableConfig(mockGoCipher); HashMap attrs = getAttributeMap(plainText, "false", "1"); environmentVariableConfig.setConfigAttributes(attrs); assertThat(environmentVariableConfig.getValue(), is(plainText)); verify(mockGoCipher, never()).decrypt(anyString()); verify(mockGoCipher, never()).encrypt(anyString()); }
@Test public void shouldGetPlainTextValueFromAnEncryptedValue() throws CryptoException { GoCipher mockGoCipher = mock(GoCipher.class); String plainText = "password"; String cipherText = "encrypted"; when(mockGoCipher.encrypt(plainText)).thenReturn(cipherText); when(mockGoCipher.decrypt(cipherText)).thenReturn(plainText); EnvironmentVariableConfig environmentVariableConfig = new EnvironmentVariableConfig(mockGoCipher); HashMap attrs = getAttributeMap(plainText, "true", "true"); environmentVariableConfig.setConfigAttributes(attrs); assertThat(environmentVariableConfig.getValue(), is(plainText)); verify(mockGoCipher).decrypt(cipherText); }
@Test public void shouldAssignNameAndValueForAVanillaEnvironmentVariable() { EnvironmentVariableConfig environmentVariableConfig = new EnvironmentVariableConfig((GoCipher) null); HashMap attrs = new HashMap(); attrs.put(EnvironmentVariableConfig.NAME, "foo"); attrs.put(EnvironmentVariableConfig.VALUE, "password"); environmentVariableConfig.setConfigAttributes(attrs); assertThat(environmentVariableConfig.getValue(), is("password")); assertThat(environmentVariableConfig.getName(), is("foo")); assertThat(environmentVariableConfig.isSecure(), is(false)); }
@Test public void shouldCopyEnvironmentVariableConfig() { EnvironmentVariableConfig secureEnvironmentVariable = new EnvironmentVariableConfig(goCipher, "plain_key", "plain_value", true); EnvironmentVariableConfig copy = new EnvironmentVariableConfig(secureEnvironmentVariable); assertThat(copy.getName(), is(secureEnvironmentVariable.getName())); assertThat(copy.getValue(), is(secureEnvironmentVariable.getValue())); assertThat(copy.getEncryptedValue(), is(secureEnvironmentVariable.getEncryptedValue())); assertThat(copy.isSecure(), is(secureEnvironmentVariable.isSecure())); }
@Test public void shouldMigrateEmptyEnvironmentVariable() throws Exception { String content = configWithPipeline( "<pipeline name='some_pipeline'>" + "<environmentvariables>\n" + " <variable name=\"var_name\" />\n" + " </environmentvariables>" + " <materials>" + " <svn url='svnurl'/>" + " </materials>" + " <stage name='some_stage'>" + " <jobs>" + " <job name='some_job'>" + " </job>" + " </jobs>" + " </stage>" + "</pipeline>", 48); CruiseConfig config = ConfigMigrator.loadWithMigration(content).config; PipelineConfig pipelineConfig = config.pipelineConfigByName(new CaseInsensitiveString("some_pipeline")); EnvironmentVariablesConfig variables = pipelineConfig.getVariables(); assertThat(variables.size(), is(1)); EnvironmentVariableConfig environmentVariableConfig = variables.get(0); assertThat(environmentVariableConfig.getName(), is("var_name")); assertThat(environmentVariableConfig.getValue().isEmpty(), is(true)); }
@Test public void shouldMigrateEncryptedEnvironmentVariablesWithNewlineAndSpaces_XslMigrationFrom88To90() throws Exception { resetCipher.setupDESCipherFile(); String plainText = "user-password!"; // "user-password!" encrypted using the above key String encryptedValue = "mvcX9yrQsM4iPgm1tDxN1A=="; String encryptedValueWithWhitespaceAndNewline = new StringBuilder(encryptedValue).insert(2, "\r\n" + " ").toString(); String content = configWithPipeline( "<pipeline name='some_pipeline'>" + "<environmentvariables>\n" + " <variable name=\"var_name\" secure=\"true\"><encryptedValue>" + encryptedValueWithWhitespaceAndNewline + "</encryptedValue></variable>\n" + " </environmentvariables>" + " <materials>" + " <svn url='svnurl'/>" + " </materials>" + " <stage name='some_stage'>" + " <jobs>" + " <job name='some_job'>" + " </job>" + " </jobs>" + " </stage>" + "</pipeline>", 88); CruiseConfig config = ConfigMigrator.loadWithMigration(content).config; assertThat(config.allPipelines().get(0).getVariables().get(0).getValue(), is(plainText)); assertThat(config.allPipelines().get(0).getVariables().get(0).getEncryptedValue(), startsWith("AES:")); }
@Test public void shouldMigrateDESEncryptedEnvironmentVariables_XslMigrationFrom108To109() throws Exception { resetCipher.setupDESCipherFile(); String clearText = "user-password!"; // "user-password!" encrypted using the above key String desEncryptedPassword = "mvcX9yrQsM4iPgm1tDxN1A=="; String content = configWithPipeline( "" + "<pipeline name='some_pipeline'>" + " <environmentvariables>" + " <variable name='var_name' secure='true'>" + " <encryptedValue>" + desEncryptedPassword + "</encryptedValue>" + " </variable>" + " </environmentvariables>" + " <materials>" + " <svn url='svnurl'/>" + " </materials>" + " <stage name='some_stage'>" + " <jobs>" + " <job name='some_job'>" + " </job>" + " </jobs>" + " </stage>" + "</pipeline>", 108); CruiseConfig config = ConfigMigrator.loadWithMigration(content).config; assertThat(config.allPipelines().get(0).getVariables().get(0).getValue(), is(clearText)); String encryptedValue = config.allPipelines().get(0).getVariables().get(0).getEncryptedValue(); assertThat(encryptedValue, startsWith("AES:")); assertThat(new AESEncrypter(new AESCipherProvider(systemEnvironment)).decrypt(encryptedValue), is("user-password!")); }
public static void toJSON(OutputWriter writer, TriggerOptions triggerOptions) { PipelineInstanceModel pipelineInstanceModel = triggerOptions.getPipelineInstanceModel(); writer .addLinks(outputLinkWriter -> outputLinkWriter.addAbsoluteLink("doc", Routes.Pipeline.DOC_TRIGGER_OPTIONS) .addLink("self", Routes.Pipeline.triggerOptions(pipelineInstanceModel.getName())) .addLink("schedule", Routes.Pipeline.schedule(pipelineInstanceModel.getName()))) .addChildList("variables", outputListWriter -> triggerOptions.getVariables().forEach(env -> outputListWriter.addChild(envWriter -> { envWriter .add("name", env.getName()) .add("secure", env.isSecure()); if (!env.isSecure()) { envWriter.add("value", env.getValue()); } }) )) .addChildList("materials", outputListWriter -> pipelineInstanceModel.getMaterials() .forEach(material -> outputListWriter.addChild(material(material, pipelineInstanceModel.findCurrentMaterialRevisionForUI(material))))); }