Remove FileOnMasterKeyStroreSource and SECURITY-1322 migration

[jtnord]

It has been 5 years since the security fix was introduced and the migration code occurred.

Whilst an admin could have still (ab)used the CLI/REST to set a FileOnMaster they could not do this from the UI creating a disparity.

This change removes the migration and the ability to use this via CLI/REST

As noted originally and as would be present in the Jenkins logs at INFO level:
SECURITY-1322: Migrating FileOnMasterKeyStoreSource to UploadedKeyStoreSource. The containing item may need to be saved to complete the migration.
Users would be required to check that they have saved any jobs where migration has occurred before updating to ensure that the CertificateCredential is not lost.

Testing done

mvn verify

Submitter checklist

• Make sure you are opening from a topic/feature/bugfix branch (right side) and not your main branch!
• Ensure that the pull request title represents the desired changelog entry
• Please describe what you did
• Link to relevant issues in GitHub or Jira
• Link to relevant pull requests, esp. upstream and downstream changes
• Ensure you have provided tests - that demonstrates feature works or fixes the issue

[jtnord]

the code these tests where testing has been deleted.
Whilst we could leave a test that shows the behaviour doesn't work, I don't see a point in that)

[dwnusbaum]

@jtnord Maybe you already know, but just in case, a few plugins use FileOnMasterKeyStoreSource directly in tests, so this will cause some PCT issues. Here is what I see in a quick GitHub search:

• https://github.com/jenkinsci/pipeline-model-definition-plugin/blob/41dd8ef6dd561452755641a2a3c76e69e9b2d0cb/pipeline-model-definition/src/test/java/org/jenkinsci/plugins/pipeline/modeldefinition/steps/CredentialWrapperStepTest.java#L118
• https://github.com/jenkinsci/credentials-binding-plugin/blob/dc9d38cb254d73797414717cdb6049150b206f87/src/test/java/org/jenkinsci/plugins/credentialsbinding/impl/CertificateMultiBindingTest.java#L100
• https://github.com/jenkinsci/compuware-common-configuration-plugin/blob/4a9f696e77a24f1b688d120c7738a55d62d5bd27/src/test/java/com/compuware/jenkins/common/configuration/HostConnectionTest.java#L282

[jtnord]

@jtnord Maybe you already know, but just in case, a few plugins use FileOnMasterKeyStoreSource directly in tests, so this will cause some PCT issues. Here is what I see in a quick GitHub search:

Thanks. the compuware was written 4 years after the original deprecation so I have no inclination to fix that - will fix the other 2.

[dwnusbaum]

@jtnord The PR title has a typo, I edited my comment once I realized, see https://github.com/search?type=code&q=+owner%3Ajenkinsci+FileOnMasterKeyStoreSource

[jtnord]

@jtnord The PR title has a typo, I edited my comment once I realized, see https://github.com/search?type=code&q=+owner%3Ajenkinsci+FileOnMasterKeyStoreSource

🤦 thanks!

[basil]

Breaks PCT in credentials-binding with java.lang.NoClassDefFoundError: com/cloudbees/plugins/credentials/impl/CertificateCredentialsImpl$FileOnMasterKeyStoreSource. The class is still used in CertificateMultiBindingTest.

[basil]

@jtnord

[dwnusbaum]

BOM update just needs to be coordinated with jenkinsci/credentials-binding-plugin#310 and jenkinsci/pipeline-model-definition-plugin#723.

[basil]

BOM update just needs to be coordinated with jenkinsci/credentials-binding-plugin#310 and jenkinsci/pipeline-model-definition-plugin#723.

@dwnusbaum No, jenkinsci/credentials-binding-plugin#310 is incomplete—that PR removed one usage of FileOnMasterKeyStoreSource, but there is still another usage a few dozen lines down in the same file.