From ff995f2ab7d59baee28d00ba37236cbebbf8f6af Mon Sep 17 00:00:00 2001 From: Lars Fronius Date: Tue, 3 Sep 2019 13:09:58 +0200 Subject: [PATCH 1/3] adds configuration element for tunnel for JNLP agent --- .../jenkins/codebuilder/CodeBuilderCloud.java | 20 +++++++++++++- .../codebuilder/CodeBuilderLauncher.java | 27 ++++++++++++++++--- .../codebuilder/CodeBuilderCloud/config.jelly | 4 +++ 3 files changed, 46 insertions(+), 5 deletions(-) diff --git a/src/main/java/dev/lsegal/jenkins/codebuilder/CodeBuilderCloud.java b/src/main/java/dev/lsegal/jenkins/codebuilder/CodeBuilderCloud.java index 39ba04f..0bf59a4 100644 --- a/src/main/java/dev/lsegal/jenkins/codebuilder/CodeBuilderCloud.java +++ b/src/main/java/dev/lsegal/jenkins/codebuilder/CodeBuilderCloud.java @@ -42,6 +42,7 @@ import hudson.slaves.Cloud; import hudson.slaves.NodeProvisioner; import hudson.slaves.NodeProvisioner.PlannedNode; + import hudson.util.ListBoxModel; import jenkins.model.Jenkins; import jenkins.model.JenkinsLocationConfiguration; @@ -79,6 +80,10 @@ public class CodeBuilderCloud extends Cloud { private String jenkinsUrl; private String jnlpImage; private String jnlpCommand; + + @CheckForNull + private String tunnel; + private int agentTimeout; private transient AWSCodeBuild client; @@ -187,6 +192,8 @@ public void setLabel(String label) { this.label = label; } + + /** * Getter for the field jenkinsUrl. * @@ -260,6 +267,15 @@ public void setJnlpImage(String jnlpImage) { this.jnlpImage = jnlpImage; } + public String getTunnel() { + return tunnel; + } + + @DataBoundSetter + public void setTunnel(String tunnel) { + this.tunnel = tunnel; + } + /** * Getter for the field agentTimeout. * @@ -375,7 +391,7 @@ public synchronized Collection provision(Label label, int excessWor final String displayName = String.format("%s.cb-%s", projectName, suffix); final CodeBuilderCloud cloud = this; final Future nodeResolver = Computer.threadPoolForRemoting.submit(() -> { - CodeBuilderLauncher launcher = new CodeBuilderLauncher(cloud); + CodeBuilderLauncher launcher = new CodeBuilderLauncher(cloud, tunnel, null); CodeBuilderAgent agent = new CodeBuilderAgent(cloud, displayName, launcher); jenkins().addNode(agent); return agent; @@ -412,6 +428,8 @@ private static String getDefaultRegion() { } } + + @Extension public static class DescriptorImpl extends Descriptor { @Override diff --git a/src/main/java/dev/lsegal/jenkins/codebuilder/CodeBuilderLauncher.java b/src/main/java/dev/lsegal/jenkins/codebuilder/CodeBuilderLauncher.java index 34a9609..16917f9 100644 --- a/src/main/java/dev/lsegal/jenkins/codebuilder/CodeBuilderLauncher.java +++ b/src/main/java/dev/lsegal/jenkins/codebuilder/CodeBuilderLauncher.java @@ -1,6 +1,9 @@ package dev.lsegal.jenkins.codebuilder; import java.io.IOException; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Collection; import java.util.concurrent.TimeoutException; import javax.annotation.Nonnull; @@ -9,6 +12,8 @@ import com.amazonaws.services.codebuild.model.StartBuildRequest; import com.amazonaws.services.codebuild.model.StartBuildResult; +import com.iwombat.util.StringUtil; +import org.apache.commons.lang.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -18,6 +23,7 @@ import hudson.slaves.SlaveComputer; import hudson.util.StreamTaskListener; + /** * CodeBuilderLauncher class. * @@ -35,8 +41,8 @@ public class CodeBuilderLauncher extends JNLPLauncher { * * @param cloud a {@link CodeBuilderCloud} object. */ - public CodeBuilderLauncher(CodeBuilderCloud cloud) { - super(); + public CodeBuilderLauncher(CodeBuilderCloud cloud, String tunnel, String vmargs) { + super(tunnel, vmargs); this.cloud = cloud; } @@ -113,8 +119,21 @@ private String buildspec(@Nonnull SlaveComputer computer) { if (n == null) { return ""; } - String cmd = String.format("%s -noreconnect -workDir \"$CODEBUILD_SRC_DIR\" -url \"%s\" \"%s\" \"%s\"", - cloud.getJnlpCommand(), cloud.getJenkinsUrl(), computer.getJnlpMac(), n.getDisplayName()); + Collection command = new ArrayList(Arrays.asList( + "jenkins-agent", + "-noreconnect", + "-workDir", + "\"$CODEBUILD_SRC_DIR\"", + "-url", + String.format("\"%s\"", cloud.getJenkinsUrl()), + String.format("\"%s\"", computer.getJnlpMac()), + String.format("\"%s\"", n.getDisplayName()) + )); + if (StringUtils.isNotBlank(tunnel)) { + command.add("-tunnel"); + command.add(cloud.getTunnel()); + } + String cmd = String.join(" ", command); StringBuilder builder = new StringBuilder(); builder.append("version: 0.2\n"); builder.append("phases:\n"); diff --git a/src/main/resources/dev/lsegal/jenkins/codebuilder/CodeBuilderCloud/config.jelly b/src/main/resources/dev/lsegal/jenkins/codebuilder/CodeBuilderCloud/config.jelly index 90662aa..c4dfa2e 100644 --- a/src/main/resources/dev/lsegal/jenkins/codebuilder/CodeBuilderCloud/config.jelly +++ b/src/main/resources/dev/lsegal/jenkins/codebuilder/CodeBuilderCloud/config.jelly @@ -26,6 +26,10 @@ + + + + From 42d227c7a284d7d809338ef03731b7b6e2cc7c6b Mon Sep 17 00:00:00 2001 From: Lars Fronius Date: Tue, 3 Sep 2019 13:48:04 +0200 Subject: [PATCH 2/3] fix test, adds docs --- .../dev/lsegal/jenkins/codebuilder/CodeBuilderLauncher.java | 2 ++ .../dev/lsegal/jenkins/codebuilder/CodeBuilderCloudTest.java | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/src/main/java/dev/lsegal/jenkins/codebuilder/CodeBuilderLauncher.java b/src/main/java/dev/lsegal/jenkins/codebuilder/CodeBuilderLauncher.java index 16917f9..202e425 100644 --- a/src/main/java/dev/lsegal/jenkins/codebuilder/CodeBuilderLauncher.java +++ b/src/main/java/dev/lsegal/jenkins/codebuilder/CodeBuilderLauncher.java @@ -40,6 +40,8 @@ public class CodeBuilderLauncher extends JNLPLauncher { * Constructor for CodeBuilderLauncher. * * @param cloud a {@link CodeBuilderCloud} object. + * @param tunnel tunnel URL if configured {@link String} + * @param vmargs a {@link String} */ public CodeBuilderLauncher(CodeBuilderCloud cloud, String tunnel, String vmargs) { super(tunnel, vmargs); diff --git a/src/test/java/dev/lsegal/jenkins/codebuilder/CodeBuilderCloudTest.java b/src/test/java/dev/lsegal/jenkins/codebuilder/CodeBuilderCloudTest.java index 76ca36f..a2c59e7 100644 --- a/src/test/java/dev/lsegal/jenkins/codebuilder/CodeBuilderCloudTest.java +++ b/src/test/java/dev/lsegal/jenkins/codebuilder/CodeBuilderCloudTest.java @@ -13,7 +13,7 @@ public class CodeBuilderCloudTest { @Test public void initializes_correctly() throws InterruptedException { - CodeBuilderCloud cloud = new CodeBuilderCloud(null, "project", null, "us-west-2"); + CodeBuilderCloud cloud = new CodeBuilderCloud(null, "project", null, "local"); assertEquals("project", cloud.getProjectName()); assertEquals("codebuilder_0", cloud.getDisplayName()); assertNotNull(cloud.getClient()); From 16954217fbd3e261bf361c615afd75c5bbcc702c Mon Sep 17 00:00:00 2001 From: Giovanni Di Santi Date: Thu, 2 Feb 2023 08:58:41 +0100 Subject: [PATCH 3/3] [skip ci] Add Advanced Security code scanning workflow --- .github/workflows/codeql-analysis.yml | 31 +++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 .github/workflows/codeql-analysis.yml diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 0000000..c0bb005 --- /dev/null +++ b/.github/workflows/codeql-analysis.yml @@ -0,0 +1,31 @@ +name: "CodeQL" + +on: + # workflow_dispatch enables manual triggering of the workflow + workflow_dispatch: + schedule: + - cron: '54 0 * * 2' +env: + FAST_EMAIL: ${{ secrets.FAST_EMAIL }} + FAST_USER: ${{ secrets.FAST_USER }} + FAST_TOKEN: ${{ secrets.FAST_TOKEN }} + FAST_HTTPAUTH: ${{ secrets.FAST_HTTPAUTH }} + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + steps: + - name: S24 static application security testing (SAST) action + uses: scout24/s24-sast-action@v1 + with: + languages: java + fast_user: ${{ env.FAST_USER }} + fast_token: ${{ env.FAST_TOKEN }} + java_version: '11' +