Updated unit tests, helm charts and validation logic

api/v1alpha2/jenkins_webhook.go

@@ -26,9 +26,12 @@ import (
 	"os"
 	"time"
 
+	"github.com/jenkinsci/kubernetes-operator/pkg/constants"
 	"github.com/jenkinsci/kubernetes-operator/pkg/plugins"
 
 	"golang.org/x/mod/semver"
+	corev1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	ctrl "sigs.k8s.io/controller-runtime"
 	logf "sigs.k8s.io/controller-runtime/pkg/log"
@@ -37,7 +40,7 @@ import (
 
 var (
 	jenkinslog                   = logf.Log.WithName("jenkins-resource") // log is for logging in this package.
-	PluginsMgr PluginDataManager = *NewPluginsDataManager()
+	PluginsMgr PluginDataManager = *NewPluginsDataManager("https://ci.jenkins.io/job/Infra/job/plugin-site-api/job/generate-data/lastSuccessfulBuild/artifact/plugins.json.gzip", "/tmp/plugins.json.gzip", "/tmp/plugins.json", false, time.Duration(1000)*time.Second)
 	_          webhook.Validator = &Jenkins{}
 )
 
@@ -182,14 +185,13 @@ func Validate(r Jenkins) error {
 	return nil
 }
 
-func NewPluginsDataManager() *PluginDataManager {
+func NewPluginsDataManager(hosturl string, compressedFilePath string, pluginDataFile string, isCached bool, timeout time.Duration) *PluginDataManager {
 	return &PluginDataManager{
-		Hosturl:            "https://ci.jenkins.io/job/Infra/job/plugin-site-api/job/generate-data/lastSuccessfulBuild/artifact/plugins.json.gzip",
+		Hosturl:            hosturl,
-		CompressedFilePath: "/tmp/plugins.json.gzip",
+		CompressedFilePath: compressedFilePath,
-		PluginDataFile:     "/tmp/plugins.json",
+		PluginDataFile:     pluginDataFile,
-		IsCached:           false,
+		IsCached:           isCached,
-		Attempts:           0,
+		Timeout:            timeout,
-		Timeout:            time.Duration(1000) * time.Second,
 	}
 }
 
@@ -334,3 +336,30 @@ func compareVersions(firstVersion string, lastVersion string, pluginVersion stri
 	}
 	return true
 }
+
+func CreateJenkinsCR(name string, namespace string, userPlugins []Plugin, validateSecurityWarnings bool) *Jenkins {
+	jenkins := &Jenkins{
+		TypeMeta: JenkinsTypeMeta(),
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      name,
+			Namespace: namespace,
+		},
+		Spec: JenkinsSpec{
+			Master: JenkinsMaster{
+				Annotations: map[string]string{"test": "label"},
+				Plugins:     userPlugins,
+			},
+			ValidateSecurityWarnings: validateSecurityWarnings,
+			Service: Service{
+				Type: corev1.ServiceTypeNodePort,
+				Port: constants.DefaultHTTPPortInt32,
+			},
+		},
+	}
+
+	return jenkins
+}
+
+func CreateSecurityWarnings(firstVersion string, lastVersion string) []Warning {
+	return []Warning{{Versions: []Version{{FirstVersion: firstVersion, LastVersion: lastVersion}}, ID: "null", Message: "unit testing", URL: "null", Active: false}}
+}

api/v1alpha2/jenkins_webhook_test.go

@@ -3,12 +3,8 @@ package v1alpha2
 import (
 	"errors"
 	"testing"
-	"time"
 
-	"github.com/jenkinsci/kubernetes-operator/pkg/constants"
 	"github.com/stretchr/testify/assert"
-	corev1 "k8s.io/api/core/v1"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
 func TestMakeSemanticVersion(t *testing.T) {
@@ -81,83 +77,77 @@ func TestCompareVersions(t *testing.T) {
 func TestValidate(t *testing.T) {
 	t.Run("Validating when plugins data file is not fetched", func(t *testing.T) {
 		userplugins := []Plugin{{Name: "script-security", Version: "1.77"}, {Name: "git-client", Version: "3.9"}, {Name: "git", Version: "4.8.1"}, {Name: "plain-credentials", Version: "1.7"}}
-		jenkinscr := *createJenkinsCR(userplugins, true)
+		jenkinscr := *CreateJenkinsCR("Jenkins", "test", userplugins, true)
 		got := jenkinscr.ValidateCreate()
 		assert.Equal(t, got, errors.New("plugins data has not been fetched"))
 	})
 
-	isInitialized := make(chan bool)
+	PluginsMgr.IsCached = true
-	go PluginsMgr.FetchPluginData(isInitialized)
+	t.Run("Validating a Jenkins CR with plugins not having security warnings and validation is turned on", func(t *testing.T) {
-	if <-isInitialized {
+		PluginsMgr.PluginDataCache = PluginsInfo{Plugins: []PluginInfo{
-		t.Run("Validating a Jenkins CR with plugins not having security warnings and validation is turned on", func(t *testing.T) {
+			{Name: "security-script"},
-			userplugins := []Plugin{{Name: "script-security", Version: "1.77"}, {Name: "git-client", Version: "3.9"}, {Name: "git", Version: "4.8.1"}, {Name: "plain-credentials", Version: "1.7"}}
+			{Name: "git-client"},
-			jenkinscr := *createJenkinsCR(userplugins, true)
+			{Name: "git"},
-			got := jenkinscr.ValidateCreate()
+			{Name: "google-login", SecurityWarnings: CreateSecurityWarnings("", "1.2")},
-			assert.Nil(t, got)
+			{Name: "sample-plugin", SecurityWarnings: CreateSecurityWarnings("", "0.8")},
-		})
+			{Name: "mailer"},
-
+			{Name: "plain-credentials"}}}
-		t.Run("Validating a Jenkins CR with some of the plugins having security warnings and validation is turned on", func(t *testing.T) {
+		userplugins := []Plugin{{Name: "script-security", Version: "1.77"}, {Name: "git-client", Version: "3.9"}, {Name: "git", Version: "4.8.1"}, {Name: "plain-credentials", Version: "1.7"}}
-			userplugins := []Plugin{{Name: "google-login", Version: "1.2"}, {Name: "mailer", Version: "1.1"}, {Name: "git", Version: "4.8.1"}, {Name: "command-launcher", Version: "1.6"}, {Name: "workflow-cps", Version: "2.59"}}
+		jenkinscr := *CreateJenkinsCR("Jenkins", "test", userplugins, true)
-			jenkinscr := *createJenkinsCR(userplugins, true)
+		got := jenkinscr.ValidateCreate()
-			got := jenkinscr.ValidateCreate()
+		assert.Nil(t, got)
-			assert.Equal(t, got, errors.New("security vulnerabilities detected in the following user-defined plugins: \nworkflow-cps:2.59\ngoogle-login:1.2\nmailer:1.1"))
-		})
-
-		t.Run("Updating a Jenkins CR with some of the plugins having security warnings and validation is turned on", func(t *testing.T) {
-			userplugins := []Plugin{{Name: "google-login", Version: "1.2"}, {Name: "mailer", Version: "1.1"}, {Name: "git", Version: "4.8.1"}, {Name: "command-launcher", Version: "1.6"}, {Name: "workflow-cps", Version: "2.59"}}
-			oldjenkinscr := *createJenkinsCR(userplugins, true)
-
-			userplugins = []Plugin{{Name: "handy-uri-templates-2-api", Version: "2.1.8-1.0"}, {Name: "resource-disposer", Version: "0.8"}, {Name: "jjwt-api", Version: "0.11.2-9.c8b45b8bb173"}, {Name: "blueocean-github-pipeline", Version: "1.2.0-beta-3"}, {Name: "ghprb", Version: "1.39"}}
-			newjenkinscr := *createJenkinsCR(userplugins, true)
-			got := newjenkinscr.ValidateUpdate(&oldjenkinscr)
-			assert.Equal(t, got, errors.New("security vulnerabilities detected in the following user-defined plugins: \nresource-disposer:0.8\nblueocean-github-pipeline:1.2.0-beta-3\nghprb:1.39"))
-		})
-
-		t.Run("Validation is turned off", func(t *testing.T) {
-			userplugins := []Plugin{{Name: "google-login", Version: "1.2"}, {Name: "mailer", Version: "1.1"}, {Name: "git", Version: "4.8.1"}, {Name: "command-launcher", Version: "1.6"}, {Name: "workflow-cps", Version: "2.59"}}
-			jenkinscr := *createJenkinsCR(userplugins, false)
-			got := jenkinscr.ValidateCreate()
-			assert.Nil(t, got)
-		})
-	} else {
-		t.Fatal("Plugin Data File is not Downloaded")
-	}
-}
-
-func TestFetchPluginData(t *testing.T) {
-	t.Run("Timeout error while downloading plugins data file", func(t *testing.T) {
-		pluginsDataMgr := *NewPluginsDataManager()
-		pluginsDataMgr.Timeout = time.Duration(1) * time.Nanosecond
-		got := pluginsDataMgr.download()
-		assert.NotNil(t, got)
 	})
-	t.Run("Successfully fetching plugins data file", func(t *testing.T) {
+
-		isInitialized := make(chan bool)
+	t.Run("Validating a Jenkins CR with some of the plugins having security warnings and validation is turned on", func(t *testing.T) {
-		pluginsDataMgr := *NewPluginsDataManager()
+		PluginsMgr.PluginDataCache = PluginsInfo{Plugins: []PluginInfo{
-		go pluginsDataMgr.FetchPluginData(isInitialized)
+			{Name: "security-script", SecurityWarnings: CreateSecurityWarnings("1.2", "2.2")},
-		assert.Equal(t, <-isInitialized, true)
+			{Name: "workflow-cps", SecurityWarnings: CreateSecurityWarnings("2.59", "")},
+			{Name: "git-client"},
+			{Name: "git"},
+			{Name: "sample-plugin", SecurityWarnings: CreateSecurityWarnings("0.8", "")},
+			{Name: "command-launcher", SecurityWarnings: CreateSecurityWarnings("1.2", "1.4")},
+			{Name: "plain-credentials"},
+			{Name: "google-login", SecurityWarnings: CreateSecurityWarnings("1.1", "1.3")},
+			{Name: "mailer", SecurityWarnings: CreateSecurityWarnings("1.0.3", "1.1.4")},
+		}}
+		userplugins := []Plugin{{Name: "google-login", Version: "1.2"}, {Name: "mailer", Version: "1.1"}, {Name: "git", Version: "4.8.1"}, {Name: "command-launcher", Version: "1.6"}, {Name: "workflow-cps", Version: "2.59"}}
+		jenkinscr := *CreateJenkinsCR("Jenkins", "test", userplugins, true)
+		got := jenkinscr.ValidateCreate()
+		assert.Equal(t, got, errors.New("security vulnerabilities detected in the following user-defined plugins: \nworkflow-cps:2.59\ngoogle-login:1.2\nmailer:1.1"))
+	})
+
+	t.Run("Updating a Jenkins CR with some of the plugins having security warnings and validation is turned on", func(t *testing.T) {
+		PluginsMgr.PluginDataCache = PluginsInfo{Plugins: []PluginInfo{
+			{Name: "handy-uri-templates-2-api", SecurityWarnings: CreateSecurityWarnings("2.1.8-1.0", "2.2.8-1.0")},
+			{Name: "workflow-cps", SecurityWarnings: CreateSecurityWarnings("2.59", "")},
+			{Name: "resource-disposer", SecurityWarnings: CreateSecurityWarnings("0.7", "1.2")},
+			{Name: "git"},
+			{Name: "jjwt-api"},
+			{Name: "blueocean-github-pipeline", SecurityWarnings: CreateSecurityWarnings("1.2.0-alpha-2", "1.2.0-beta-5")},
+			{Name: "command-launcher", SecurityWarnings: CreateSecurityWarnings("1.2", "1.4")},
+			{Name: "plain-credentials"},
+			{Name: "ghprb", SecurityWarnings: CreateSecurityWarnings("1.1", "1.43")},
+			{Name: "mailer", SecurityWarnings: CreateSecurityWarnings("1.0.3", "1.1.4")},
+		}}
+
+		userplugins := []Plugin{{Name: "google-login", Version: "1.2"}, {Name: "mailer", Version: "1.1"}, {Name: "git", Version: "4.8.1"}, {Name: "command-launcher", Version: "1.6"}, {Name: "workflow-cps", Version: "2.59"}}
+		oldjenkinscr := *CreateJenkinsCR("Jenkins", "test", userplugins, true)
+
+		userplugins = []Plugin{{Name: "handy-uri-templates-2-api", Version: "2.1.8-1.0"}, {Name: "resource-disposer", Version: "0.8"}, {Name: "jjwt-api", Version: "0.11.2-9.c8b45b8bb173"}, {Name: "blueocean-github-pipeline", Version: "1.2.0-beta-3"}, {Name: "ghprb", Version: "1.39"}}
+		newjenkinscr := *CreateJenkinsCR("Jenkins", "test", userplugins, true)
+		got := newjenkinscr.ValidateUpdate(&oldjenkinscr)
+		assert.Equal(t, got, errors.New("security vulnerabilities detected in the following user-defined plugins: \nhandy-uri-templates-2-api:2.1.8-1.0\nresource-disposer:0.8\nblueocean-github-pipeline:1.2.0-beta-3\nghprb:1.39"))
+	})
+
+	t.Run("Validation is turned off", func(t *testing.T) {
+		userplugins := []Plugin{{Name: "google-login", Version: "1.2"}, {Name: "mailer", Version: "1.1"}, {Name: "git", Version: "4.8.1"}, {Name: "command-launcher", Version: "1.6"}, {Name: "workflow-cps", Version: "2.59"}}
+		jenkinscr := *CreateJenkinsCR("Jenkins", "test", userplugins, false)
+		got := jenkinscr.ValidateCreate()
+		assert.Nil(t, got)
+
+		userplugins = []Plugin{{Name: "google-login", Version: "1.2"}, {Name: "mailer", Version: "1.1"}, {Name: "git", Version: "4.8.1"}, {Name: "command-launcher", Version: "1.6"}, {Name: "workflow-cps", Version: "2.59"}}
+		newjenkinscr := *CreateJenkinsCR("jenkins", "test", userplugins, false)
+		got = newjenkinscr.ValidateUpdate(&jenkinscr)
+		assert.Nil(t, got)
 	})
 }
-
-func createJenkinsCR(userPlugins []Plugin, validateSecurityWarnings bool) *Jenkins {
-	jenkins := &Jenkins{
-		TypeMeta: JenkinsTypeMeta(),
-		ObjectMeta: metav1.ObjectMeta{
-			Name:      "Jenkins",
-			Namespace: "test",
-		},
-		Spec: JenkinsSpec{
-			Master: JenkinsMaster{
-				Annotations: map[string]string{"test": "label"},
-				Plugins:     userPlugins,
-			},
-			ValidateSecurityWarnings: validateSecurityWarnings,
-			Service: Service{
-				Type: corev1.ServiceTypeNodePort,
-				Port: constants.DefaultHTTPPortInt32,
-			},
-		},
-	}
-
-	return jenkins
-}

chart/jenkins-operator/Chart.lock

@@ -1,6 +1,6 @@
 dependencies:
 - name: cert-manager
   repository: https://charts.jetstack.io
-  version: v1.5.0
+  version: v1.5.1
-digest: sha256:9113e5b4333cbe0a9b9eb340cb8bc201f5c110a56058a637c18733e36711c513
+digest: sha256:3220f5584bd04a8c8d4b2a076d49cc046211a463bb9a12ebbbae752be9b70bb1
-generated: "2021-08-16T04:18:49.917544487+05:30"
+generated: "2021-08-18T01:07:49.505353718+05:30"

chart/jenkins-operator/Chart.yaml

@@ -5,8 +5,7 @@ name: jenkins-operator
 version: 0.5.2
 icon: https://raw.githubusercontent.com/jenkinsci/kubernetes-operator/master/assets/jenkins-operator-icon.png
 dependencies:
-    - name: cert-manager 
+- name: cert-manager
-      version: "1.5.0"
+  version: "1.5.1"
-      condition: webhook.enabled
+  condition: webhook.enabled
-      repository: "https://charts.jetstack.io"
+  repository: https://charts.jetstack.io
-        

chart/jenkins-operator/values.yaml

@@ -292,7 +292,4 @@ webhook:
     # time after which the certificate will be automatically renewed 
     renewbefore: 360h
   # enable or disable the validation webhook
-  enabled: false
+  enabled: false
-
-cert-manager:
-  installCRDs: true