Skip to content
This repository has been archived by the owner. It is now read-only.
Permalink
Browse files
[JENKINS-13056][JENKINS-31812] Added option to specify a reference job.
The reference results will now be obtained either
a) from the current job
b) from a specified reference job (given by the name)

The reference job will be selected using the properties:
- ignoreAnalysisResult: ignores the result of the previous analysis run
- overallResultMustBeSuccess: picks only builds with overall SUCCESS
  • Loading branch information
uhafner committed Mar 10, 2018
1 parent eee475d commit 3c64ac6c68b433e3f3b4e960e02a99c414223b31
Showing 3 changed files with 62 additions and 14 deletions.
@@ -8,14 +8,15 @@
import org.jenkinsci.plugins.workflow.job.WorkflowJob;
import org.jenkinsci.plugins.workflow.job.WorkflowRun;

import static edu.hm.hafner.analysis.assertj.Assertions.*;
import io.jenkins.plugins.analysis.core.model.AnalysisResult;
import io.jenkins.plugins.analysis.core.model.StaticAnalysisTool;
import io.jenkins.plugins.analysis.core.steps.PublishIssuesStep;
import io.jenkins.plugins.analysis.core.steps.ScanForIssuesStep;
import io.jenkins.plugins.analysis.core.testutil.IntegrationTest;
import io.jenkins.plugins.analysis.core.views.ResultAction;

import static edu.hm.hafner.analysis.assertj.Assertions.*;

import hudson.FilePath;
import hudson.model.Result;
import hudson.model.TopLevelItem;
@@ -93,8 +94,20 @@ protected WorkflowJob createJobWithWorkspaceFiles(final String... fileNames) {
* @return the pipeline job
*/
protected WorkflowJob createJob() {
return createJob("Integration-Test");
}

/**
* Creates an empty pipeline job with the specified name.
*
* @param name
* the name of the job
*
* @return the pipeline job
*/
protected WorkflowJob createJob(final String name) {
try {
return j.jenkins.createProject(WorkflowJob.class, "Integration-Test");
return j.jenkins.createProject(WorkflowJob.class, name);
}
catch (IOException e) {
throw new AssertionError(e);
@@ -14,9 +14,6 @@
import org.jvnet.hudson.test.TestExtension;
import org.kohsuke.stapler.HttpResponse;

import edu.hm.hafner.analysis.Issue;
import edu.hm.hafner.analysis.Issues;
import static edu.hm.hafner.analysis.assertj.Assertions.*;
import io.jenkins.plugins.analysis.core.model.AnalysisResult;
import io.jenkins.plugins.analysis.core.model.StaticAnalysisTool;
import io.jenkins.plugins.analysis.core.steps.PublishIssuesStep;
@@ -25,9 +22,14 @@
import io.jenkins.plugins.analysis.warnings.groovy.GroovyParser;
import io.jenkins.plugins.analysis.warnings.groovy.ParserConfiguration;

import static edu.hm.hafner.analysis.assertj.Assertions.*;

import hudson.model.UnprotectedRootAction;
import hudson.util.HttpResponses;

import edu.hm.hafner.analysis.Issue;
import edu.hm.hafner.analysis.Issues;

/**
* Integration tests of the warnings plug-in in pipelines.
*
@@ -71,9 +73,8 @@ public void shouldCombineIssuesOfSeveralFiles() {
}

/**
* Runs the all Java parsers on three output files: the build should report issues of all tools.
* The results should be aggregated into a new action with the specified ID. Since no name is given
* the default name is used.
* Runs the all Java parsers on three output files: the build should report issues of all tools. The results should
* be aggregated into a new action with the specified ID. Since no name is given the default name is used.
*/
@Test
public void shouldProvideADefaultNameIfNoOneIsGiven() {
@@ -83,8 +84,8 @@ public void shouldProvideADefaultNameIfNoOneIsGiven() {
}

/**
* Runs the all Java parsers on three output files: the build should report issues of all tools.
* The results should be aggregated into a new action with the specified ID and the specified name.
* Runs the all Java parsers on three output files: the build should report issues of all tools. The results should
* be aggregated into a new action with the specified ID and the specified name.
*/
@Test
public void shouldUseSpecifiedName() {
@@ -120,8 +121,8 @@ private void assertThatJavaIssuesArePublished(final AnalysisResult result) {
}

/**
* Runs the Java parser on an pep8 log file: the build should report no issues.
* A result should be available with the java ID and name.
* Runs the Java parser on an pep8 log file: the build should report no issues. A result should be available with
* the java ID and name.
*/
@Test
public void shouldHaveActionWithIdAndNameWithEmptyResults() {
@@ -185,6 +186,36 @@ public void shouldIncludeJustOneFile() {
assertThat(result.getIssues()).hasSize(1);
}

// TODO: check all variants of a reference (non-existing name, no run in job, overallResultMustBeSuccess, ignoreAnalysisResult, etc.)
/**
* Creates a reference job and starts the analysis for this job. Then another job is created that uses the first
* one as reference. Verifies that the association is correctly stored.
*/
@Test
public void shouldUseOtherJobAsReference() {
WorkflowJob reference = createJob("reference");
copyFilesToWorkspace(reference, "java-start.txt");
reference.setDefinition(asStage(createScanForIssuesStep(Java.class), PUBLISH_ISSUES_STEP));

AnalysisResult referenceResult = scheduleBuild(reference, Java.class);

assertThat(referenceResult.getTotalSize()).isEqualTo(2);
assertThat(referenceResult.getIssues()).hasSize(2);
assertThat(referenceResult.getReferenceBuild()).isEmpty();

WorkflowJob job = createJobWithWorkspaceFiles("java-start.txt");
job.setDefinition(asStage(createScanForIssuesStep(Java.class),
"publishIssues issues:[issues], referenceJobName:'reference'"));

AnalysisResult result = scheduleBuild(reference, Java.class);

assertThat(result.getTotalSize()).isEqualTo(2);
assertThat(result.getIssues()).hasSize(2);
assertThat(result.getReferenceBuild()).hasValue(referenceResult.getOwner());

// TODO: add verification for io.jenkins.plugins.analysis.core.model.IssueDifference
}

/**
* Verifies that parsers based on Digester are not vulnerable to an XXE attack. Previous versions allowed any user
* with an ability to configure a job to read any file from the Jenkins Master (even on hardened systems where
@@ -215,12 +246,14 @@ public void showPreventXxeSecurity656() throws Exception {
FindBugs.class, JcReport.class);
for (Class<? extends StaticAnalysisTool> tool : classes) {
job.setDefinition(asStage(
String.format("def issues = scanForIssues tool: [$class: '%s'], pattern:'xxe.xml'", tool.getSimpleName()),
String.format("def issues = scanForIssues tool: [$class: '%s'], pattern:'xxe.xml'",
tool.getSimpleName()),
"publishIssues issues:[issues]"));

scheduleBuild(job, tool);

YouCannotTriggerMe urlHandler = j.jenkins.getExtensionList(UnprotectedRootAction.class).get(YouCannotTriggerMe.class);
YouCannotTriggerMe urlHandler = j.jenkins.getExtensionList(UnprotectedRootAction.class)
.get(YouCannotTriggerMe.class);
assertThat(urlHandler).isNotNull();

assertThat(urlHandler.triggerCount).as("XXE detected for parser %s: URL has been triggered!", tool)
@@ -0,0 +1,2 @@
[WARNING] C:\File.java:[12,39] [deprecation] something has been deprecated
[WARNING] C:\File.java:[40,36] [deprecation] something has been deprecated

0 comments on commit 3c64ac6

Please sign in to comment.