JENKINS-45789 Use Credentials Plugin for JIRA Global Configuration User

[gmshake]

Issue link: https://issues.jenkins-ci.org/browse/JENKINS-45789

TODO:

1. Better document on credentialsId field. move out from this PR
2. Manually merge Partial fix for JENKINS-48357, reverting commit 420f69076b8606c74cf24f301b9446778d88658f #139 JENKINS-48357 Fix by bumping version of Jenkins Apache HttpComponents Client 4.x API Plugin #147 into local repository to test this PR.
3. Rebase to latest master.

@oleg-nenashev @jglick @warden

[coveralls]

Coverage increased (+1.08%) to 53.273% when pulling d063bbc on gmshake:JENKINS-45789 into bed1307 on jenkinsci:master.

[artkoshelev]

could we move url null check inside lookupSystemCredentials?

[gmshake]

Good catch!

[artkoshelev]

why cast to String?

[gmshake]

Emm, I found this change make the test not functional as expected, I'll fix it :(

[artkoshelev]

please specify method to use instead of deprecated one and the reason for deprecation

[gmshake]

Deprecate the previous constructor but leave it in place for Java-level compatibility. See https://jenkins.io/doc/developer/plugin-development/pipeline-integration/ , section "Constructor vs. setters"

[artkoshelev]

please add tests for this class

[gmshake]

OK, I'll do it :)

[gmshake]

Tests for CredentialsHelper added. Commit: 0966980

[gmshake]

Sigh :(

[artkoshelev]

we could return c here and drop null check below

[gmshake]

+1

[artkoshelev]

shouldn't we call setCredentialsId here as well?

[gmshake]

There is a condition that credentialsId is not blank but no matched credentials. setCredentialsId should be called under null check with credentials :(

[artkoshelev]

i would move this method and one below to CredentialsHelper

[gmshake]

Ping @artkoshelev

[artkoshelev]

why do we need powermock? (we already have mockito)

[gmshake]

Testcase DescriptorImplTest#testValidateConnectionError()

jira-plugin/src/test/java/hudson/plugins/jira/DescriptorImplTest.java

Line 46 in 07e3440

FormValidation validation = descriptor.doValidate("user", "http://localhost:8080", "pass", null, null, false, " ", JiraSite.DEFAULT_TIMEOUT);

made false positive IIUC.

    @Test
    public void testValidateConnectionError() throws Exception {
        when(jiraSession.getMyPermissions()).thenThrow(RestClientException.class);
        when(jiraSite.createSession()).thenReturn(jiraSession);
        FormValidation validation = descriptor.doValidate("user", "http://localhost:8080", "pass", null, null, false, " ", JiraSite.DEFAULT_TIMEOUT);
        assertEquals(validation.kind, FormValidation.Kind.ERROR);
    }

The condition passed to descriptor.doValidate() indeed test alternativeURL.
Since mockito does not support mock new operations, I imported powermock to correct this test.

[artkoshelev]

How about using builder pattern for JiraSite instead? It would help fixing "million-paramaters-constructor" calls for JiraSite as well as allow properly inject mocked JiraSite implementation in tests.

[gmshake]

Builder pattern seems not helpful with mock, mock JiraSite.createSession() in this case. Can you explain more about how to mock with builder pattern? Thanks!

[artkoshelev]

In order to properly inject JiraSite object in DescriptorImpl you might define getJiraSite() method and mock it later, but it would require to pass all the parameters you have for JiraSite constructor. Instead, you define getJiraSiteBuilder() returning just new builder, then you configure builder in your impl code and call build() to get actual JiraSite constructed. Later in tests, you mock getJiraSiteBuilder() to return mocked/spy'ed builder, which would return mocked site on build() call.

[gmshake]

I'm not sure whether I implement the builder pattern right or not. It looks ugly 👎
I'll include this if it satisfies. See https://github.com/gmshake/jira-plugin/pull/1/files

[artkoshelev]

I would prefer to log something more meaningful, e.g. Provided username and password were successfully migrated and stored as {credentialsId}

[gmshake]

Good catch:)

[artkoshelev]

why do we need to use reflection?

[gmshake]

JiraSite is designed to use final field credentialsId and credentials, during the progress of deserialization, the instance of JiraSite is created before JiraSite#readResolve() is called,

jira-plugin/src/main/java/hudson/plugins/jira/JiraSite.java

Line 253 in 07e3440

protected Object readResolve() {

hence we need use reflection to update relevant fields.
There's another solution, that return a new constructed JiraSite with all need value from the temp deserialization instance from with JiraSite#readResolve(), what do you think?

[gmshake]

@artkoshelev Thanks very much for your help with this PR, I did not notice there is an acceptance test for this plugin at the time this PR created, https://github.com/jenkinsci/acceptance-test-harness/blob/master/src/test/java/plugins/JiraPluginTest.java
Do I need to update the test, since this PR introduced incompatible UI change ? Then there would be another issue that new version of Jira plugin will break the acceptance test before relevant tests updated. Any suggestion?

[artkoshelev]

I'm not sure how it handled, better to ask someone supporting acceptance-test-harness. my guess would be:

1. made PR with fix for acceptance tests, wait for builds to be red
2. merge this change, release plugin
3. re-run build on PR above, merge PR for acceptance tests

[tonivdv]

Any news on this? Need help?

[gmshake]

@tonivdv Sorry but I was busy, I'm planning to get this feature done within next few days :)

[gmshake]

Rebased to latest master, and resolved conflicts.

[gmshake]

It's weird that the coverage decreased :(

Related to powermock / jacoco compatibility, see https://github.com/powermock/powermock/wiki/Code-coverage-with-JaCoCo#on-the-fly-instrumentation

[gmshake]

Ping @artkoshelev

[artkoshelev]

@gmshake sorry, won't be able to review it properly till next week

[gmshake]

Rebased to master and resolved conflicts.

[gmshake]

Ping @artkoshelev

[artkoshelev]

looking, sorry for the delay

[samuelmasuy]

Really looking forward this merge! Any news on this?

[artkoshelev]

How about using builder pattern for JiraSite instead? It would help fixing "million-paramaters-constructor" calls for JiraSite as well as allow properly inject mocked JiraSite implementation in tests.

[artkoshelev]

this method is not used as far as i can see, let's delete it

[gmshake]

We need readResolve() for backward compatibility, and it is required during deserialization, see https://wiki.jenkins.io/display/JENKINS/Hint+on+retaining+backward+compatibility

[artkoshelev]

Could you please put "ignore unused" annotation with this link?

[gmshake]

Sure

[artkoshelev]

Static methods are usually anti-pattern: you couldn't mock them when you test dependent components. Let's implement it as a normal component, say CredentialsManager?

[gmshake]

As the logic is simple enough, only integration tests are written for it. I'm not seeing any value writing unit test here. What do you think?

[artkoshelev]

What would be the user experience when plugin with this changes installed? Would existing username/password be lost?

[gmshake]

Existing username/password will migrated to credentials and be stored. The config will not be touched anyway, i.e. require end user re-config jira-plugin global settings. It will be better that no re-config required. I'm struggling on this yet. I'm not sure how to trigger jenkins to auto save jira-plugin settings.

[artkoshelev]

@warden @olamy @oleg-nenashev any ideas on this?

[artkoshelev]

IDEA suggests to rename unused variable to ignored

[gmshake]

👍

[artkoshelev]

not needed, since we don't expect any exceptions anyway

[gmshake]

Gotcha

[artkoshelev]

@samuelmasuy once conflicts fixed and PR comments addressed, i'm happy to merge it

[gmshake]

Rebased to latest master and resolved conflicts. Polished as @artkoshelev suggested.

[gmshake]

Thanks @artkoshelev :)

[tonivdv]

Thanks. Will you release a new version soon with this improvement?

[artkoshelev]

@tonivdv please ask @olamy or @warden to release new version =)