forked from maxlaverse/kubernetes-credentials-plugin
-
Notifications
You must be signed in to change notification settings - Fork 29
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #50 from jmdesprez/JENKINS-73525
- Loading branch information
Showing
18 changed files
with
581 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
37 changes: 37 additions & 0 deletions
37
...test/java/org/jenkinsci/plugins/kubernetes/auth/AbstractKubernetesAuthConfigFIPSTest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
package org.jenkinsci.plugins.kubernetes.auth; | ||
|
||
import static org.junit.Assert.fail; | ||
|
||
import org.junit.Test; | ||
|
||
public abstract class AbstractKubernetesAuthConfigFIPSTest { | ||
protected String scheme; | ||
|
||
protected boolean skipTLSVerify; | ||
|
||
protected boolean shouldPass; | ||
|
||
protected String motivation; | ||
|
||
public AbstractKubernetesAuthConfigFIPSTest( | ||
String scheme, boolean skipTLSVerify, boolean shouldPass, String motivation) { | ||
this.scheme = scheme; | ||
this.skipTLSVerify = skipTLSVerify; | ||
this.shouldPass = shouldPass; | ||
this.motivation = motivation; | ||
} | ||
|
||
@Test | ||
public void testCreateKubernetesAuthConfig() { | ||
try { | ||
new KubernetesAuthConfig(scheme + "://server", null, skipTLSVerify); | ||
if (!shouldPass) { | ||
fail("This test was expected to fail, reason: " + motivation); | ||
} | ||
} catch (IllegalArgumentException e) { | ||
if (shouldPass) { | ||
fail("This test was expected to pass, reason: " + motivation); | ||
} | ||
} | ||
} | ||
} |
32 changes: 32 additions & 0 deletions
32
src/test/java/org/jenkinsci/plugins/kubernetes/auth/KubernetesAuthConfigWithFIPSTest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
package org.jenkinsci.plugins.kubernetes.auth; | ||
|
||
import java.util.Arrays; | ||
import java.util.Collection; | ||
import jenkins.security.FIPS140; | ||
import org.junit.ClassRule; | ||
import org.junit.runner.RunWith; | ||
import org.junit.runners.Parameterized; | ||
import org.jvnet.hudson.test.FlagRule; | ||
|
||
@RunWith(Parameterized.class) | ||
public class KubernetesAuthConfigWithFIPSTest extends AbstractKubernetesAuthConfigFIPSTest { | ||
@ClassRule | ||
public static FlagRule<String> fipsFlag = FlagRule.systemProperty(FIPS140.class.getName() + ".COMPLIANCE", "true"); | ||
|
||
public KubernetesAuthConfigWithFIPSTest( | ||
String scheme, boolean skipTLSVerify, boolean shouldPass, String motivation) { | ||
super(scheme, skipTLSVerify, shouldPass, motivation); | ||
} | ||
|
||
@Parameterized.Parameters | ||
public static Collection<Object[]> parameters() { | ||
return Arrays.asList(new Object[][] { | ||
// Valid use cases | ||
{"https", false, true, "TLS is used and the TLS verification is not skipped, this should be accepted"}, | ||
// Invalid use cases | ||
{"https", true, false, "Skip TLS check is not accepted in FIPS mode"}, | ||
{"http", false, false, "TLS is mandatory when in FIPS mode"}, | ||
{"http", true, false, "TLS and TLS check are mandatory when in FIPS mode"}, | ||
}); | ||
} | ||
} |
31 changes: 31 additions & 0 deletions
31
src/test/java/org/jenkinsci/plugins/kubernetes/auth/KubernetesAuthConfigWithoutFIPSTest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
package org.jenkinsci.plugins.kubernetes.auth; | ||
|
||
import java.util.Arrays; | ||
import java.util.Collection; | ||
import jenkins.security.FIPS140; | ||
import org.junit.ClassRule; | ||
import org.junit.runner.RunWith; | ||
import org.junit.runners.Parameterized; | ||
import org.jvnet.hudson.test.FlagRule; | ||
|
||
@RunWith(Parameterized.class) | ||
public class KubernetesAuthConfigWithoutFIPSTest extends AbstractKubernetesAuthConfigFIPSTest { | ||
@ClassRule | ||
public static FlagRule<String> fipsFlag = FlagRule.systemProperty(FIPS140.class.getName() + ".COMPLIANCE", "false"); | ||
|
||
public KubernetesAuthConfigWithoutFIPSTest( | ||
String scheme, boolean skipTLSVerify, boolean shouldPass, String motivation) { | ||
super(scheme, skipTLSVerify, shouldPass, motivation); | ||
} | ||
|
||
@Parameterized.Parameters | ||
public static Collection<Object[]> parameters() { | ||
return Arrays.asList(new Object[][] { | ||
// Valid use cases | ||
{"https", false, true, "Not in FIPS mode, any combination should be valid"}, | ||
{"http", false, true, "Not in FIPS mode, any combination should be valid"}, | ||
{"http", true, true, "Not in FIPS mode, any combination should be valid"}, | ||
{"https", true, true, "Not in FIPS mode, any combination should be valid"}, | ||
}); | ||
} | ||
} |
40 changes: 40 additions & 0 deletions
40
...insci/plugins/kubernetes/credentials/AbstractHttpClientWithTLSOptionsFactoryFIPSTest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
package org.jenkinsci.plugins.kubernetes.credentials; | ||
|
||
import static org.junit.Assert.fail; | ||
|
||
import java.net.URI; | ||
import java.net.URISyntaxException; | ||
import org.junit.Test; | ||
|
||
public abstract class AbstractHttpClientWithTLSOptionsFactoryFIPSTest { | ||
protected String scheme; | ||
|
||
protected boolean skipTLSVerify; | ||
|
||
protected boolean shouldPass; | ||
|
||
protected String motivation; | ||
|
||
public AbstractHttpClientWithTLSOptionsFactoryFIPSTest(String scheme, boolean skipTLSVerify, boolean shouldPass, String motivation) { | ||
this.scheme = scheme; | ||
this.skipTLSVerify = skipTLSVerify; | ||
this.shouldPass = shouldPass; | ||
this.motivation = motivation; | ||
} | ||
|
||
@Test | ||
public void testCreateKubernetesAuthConfig() throws URISyntaxException { | ||
try { | ||
HttpClientWithTLSOptionsFactory.getBuilder(new URI(scheme, "localhost", null, null), null, skipTLSVerify); | ||
if (!shouldPass) { | ||
fail("This test was expected to fail, reason: " + motivation); | ||
} | ||
} catch (IllegalArgumentException e) { | ||
if (shouldPass) { | ||
fail("This test was expected to pass, reason: " + motivation); | ||
} | ||
} catch (HttpClientWithTLSOptionsFactory.TLSConfigurationError e) { | ||
fail("This test should not cause a TLSConfigurationError"); | ||
} | ||
} | ||
} |
Oops, something went wrong.