Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Modernize to Jenkins 2.479 and Jakarta EE 9 #134

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Modernize to Jenkins 2.479 and Jakarta EE 9 #134

wants to merge 2 commits into from

Conversation

mtughan
Copy link

@mtughan mtughan commented Nov 21, 2024

  • Adapter methods are added for old overrides.
  • Switch to JUnit 5 for tests

Required for the Scriptler plugin to modernize as well without breaking SSH compatibility.

Testing done

Unit tests updated and run.

Submitter checklist

  • Make sure you are opening from a topic/feature/bugfix branch (right side) and not your main branch!
  • Ensure that the pull request title represents the desired changelog entry
  • Please describe what you did
  • Link to relevant issues in GitHub or Jira
  • Link to relevant pull requests, esp. upstream and downstream changes
  • Ensure you have provided tests - that demonstrates feature works or fixes the issue

@mtughan mtughan requested a review from a team as a code owner November 21, 2024 15:02
@mtughan mtughan marked this pull request as draft November 21, 2024 16:40
@mtughan
Copy link
Author

mtughan commented Nov 21, 2024

Trying to figure out why SpotBugs is errantly flagging a null issue where one doesn’t exist and why it’s not suppressing.

@mtughan mtughan marked this pull request as ready for review November 21, 2024 17:48
@mtughan mtughan marked this pull request as draft November 21, 2024 18:53
mtughan
mtughan commented Nov 21, 2024
View reviewed changes
src/main/java/org/jenkinsci/plugins/gitserver/CSRFExclusionImpl.java Outdated
@@ -40,48 +41,50 @@
*/
@Extension
public class CSRFExclusionImpl extends CrumbExclusion {
private static final Set<String> ALLOWED_CONTENT_TYPES = Set.of(
"application/x-git-receive-pack-request",
"application/x-git-upload-pack-request"
Copy link
Author

@mtughan mtughan Nov 21, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Turns out that this content type has been missing for who knows how long, so CSRF protection would have blocked any Git fetches to a repository. Given that, I'm going to probably add functionality to the Scriptler plugin to enable/disable the Git repository (defaulting to disabled) and see what happens. I'm suspecting that no one uses it.

SSH access still works, but I feel like that would be less commonly used because you'd also have to enable the SSH server within Jenkins first.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just read the comments in #112 about HTTP access. Without knowing more about HTTP access, I'm removing this part from the commit and it can be dealt with separately.

@mtughan mtughan marked this pull request as ready for review November 21, 2024 19:34
@mtughan mtughan force-pushed the modernize-2.479 branch 2 times, most recently from 90bd3d1 to 0d96613 Compare November 22, 2024 15:18
@mtughan
Modernize to Jenkins 2.479 and Jakarta EE 9
f4a410b 
* Adapter methods are added for old overrides.
* Switch to JUnit 5 for tests
@mtughan
Copy link
Author

mtughan commented Dec 11, 2024

@jenkinsci/git-server-plugin-developers, please review when able.

@basil basil added the internal label Jan 17, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
internal
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mtughan @basil