This is an automated email from the ASF dual-hosted git repository.
lburgazzoli pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/camel-k.git
The following commit(s) were added to refs/heads/master by this push:
new 1de2681 fix: Validate maven artifacts
1de2681 is described below
commit 1de2681fc8eada9ec0285954152fdeecda50ae29
Author: James Netherton <jamesnether...@gmail.com>
AuthorDate: Mon Jun 24 09:47:12 2019 +0100
fix: Validate maven artifacts
fixes #742
---
pkg/cmd/install.go | 99 ++++++++++++++++++++---------------
pkg/util/maven/maven_project.go | 9 +++-
pkg/util/maven/maven_project_test.go | 18 +++++++
pkg/util/maven/maven_settings_test.go | 10 ++--
pkg/util/maven/maven_types.go | 5 +-
5 files changed, 91 insertions(+), 50 deletions(-)
diff --git a/pkg/cmd/install.go b/pkg/cmd/install.go
index f7e21a3..885fb0a 100644
--- a/pkg/cmd/install.go
+++ b/pkg/cmd/install.go
@@ -212,58 +212,62 @@ func (o *installCmdOptions) install(_ *cobra.Command, _
[]string) error {
platform.Spec.Build.Timeout.Duration = d
}
- if len(o.mavenRepositories) > 0 {
- o.mavenSettings =
fmt.Sprintf("configmap:%s-maven-settings/settings.xml", platform.Name)
+ o.mavenSettings =
fmt.Sprintf("configmap:%s-maven-settings/settings.xml", platform.Name)
- settings := maven.NewSettings()
- repositories := make([]maven.Repository, 0,
len(o.mavenRepositories))
+ settings := maven.NewSettings()
+ repositories := make([]maven.Repository, 0,
len(o.mavenRepositories))
- for i, r := range o.mavenRepositories {
- repository := maven.NewRepository(r)
- if repository.ID == "" {
- repository.ID =
fmt.Sprintf("repository-%03d", i)
- }
-
- repositories = append(repositories, repository)
+ for i, r := range o.mavenRepositories {
+ repository := maven.NewRepository(r)
+ if repository.ID == "" {
+ repository.ID = fmt.Sprintf("repository-%03d",
i)
}
- settings.Profiles = []maven.Profile{
- {
- ID: "maven-settings",
- Activation: maven.Activation{
- ActiveByDefault: true,
- },
- Repositories: repositories,
- PluginRepositories: repositories,
- },
- }
+ repositories = append(repositories, repository)
+ }
- data, err := util.EncodeXML(settings)
- if err != nil {
- return err
- }
+ // Enables strict checksums for Maven central if not already
configured
+ if !containsMvnCentral(repositories) {
+ repository :=
maven.NewRepository("https://repo.maven.apache.org/maven2@id=central";)
+ repositories = append([]maven.Repository{repository},
repositories...)
+ }
- cm := corev1.ConfigMap{
- TypeMeta: metav1.TypeMeta{
- Kind: "ConfigMap",
- APIVersion: "v1",
- },
- ObjectMeta: metav1.ObjectMeta{
- Name: platform.Name +
"-maven-settings",
- Namespace: namespace,
- Labels: map[string]string{
- "app": "camel-k",
- },
+ settings.Profiles = []maven.Profile{
+ {
+ ID: "maven-settings",
+ Activation: maven.Activation{
+ ActiveByDefault: true,
},
- Data: map[string]string{
- "settings.xml": string(data),
+ Repositories: repositories,
+ PluginRepositories: repositories,
+ },
+ }
+
+ data, err := util.EncodeXML(settings)
+ if err != nil {
+ return err
+ }
+
+ cm := corev1.ConfigMap{
+ TypeMeta: metav1.TypeMeta{
+ Kind: "ConfigMap",
+ APIVersion: "v1",
+ },
+ ObjectMeta: metav1.ObjectMeta{
+ Name: platform.Name + "-maven-settings",
+ Namespace: namespace,
+ Labels: map[string]string{
+ "app": "camel-k",
},
- }
+ },
+ Data: map[string]string{
+ "settings.xml": string(data),
+ },
+ }
- err = install.RuntimeObjectOrCollect(o.Context, c,
namespace, collection, &cm)
- if err != nil {
- return err
- }
+ err = install.RuntimeObjectOrCollect(o.Context, c, namespace,
collection, &cm)
+ if err != nil {
+ return err
}
if o.mavenSettings != "" {
@@ -434,3 +438,12 @@ func decodeMavenSettings(mavenSettings string)
(v1alpha1.ValueSource, error) {
return v1alpha1.ValueSource{}, fmt.Errorf("illegal maven setting
definition, syntax: configmap|secret:resource-name[/settings path]")
}
+
+func containsMvnCentral(repositories []maven.Repository) bool {
+ for _, r := range repositories {
+ if r.ID == "central" {
+ return true
+ }
+ }
+ return false
+}
diff --git a/pkg/util/maven/maven_project.go b/pkg/util/maven/maven_project.go
index 541414f..db4ea04 100644
--- a/pkg/util/maven/maven_project.go
+++ b/pkg/util/maven/maven_project.go
@@ -166,10 +166,12 @@ func NewRepository(repo string) Repository {
r := Repository{
URL: repo,
Releases: RepositoryPolicy{
- Enabled: true,
+ Enabled: true,
+ ChecksumPolicy: "fail",
},
Snapshots: RepositoryPolicy{
- Enabled: false,
+ Enabled: false,
+ ChecksumPolicy: "fail",
},
}
@@ -184,6 +186,9 @@ func NewRepository(repo string) Repository {
r.Releases.Enabled = false
case strings.HasPrefix(attribute, "id="):
r.ID = attribute[3:]
+ case strings.HasPrefix(attribute, "checksumpolicy="):
+ r.Snapshots.ChecksumPolicy = attribute[15:]
+ r.Releases.ChecksumPolicy = attribute[15:]
}
}
}
diff --git a/pkg/util/maven/maven_project_test.go
b/pkg/util/maven/maven_project_test.go
index 6c8e980..d717d7f 100644
--- a/pkg/util/maven/maven_project_test.go
+++ b/pkg/util/maven/maven_project_test.go
@@ -187,6 +187,8 @@ func TestNewRepository(t *testing.T) {
assert.Equal(t, "http://nexus/public";, r.URL)
assert.True(t, r.Releases.Enabled)
assert.False(t, r.Snapshots.Enabled)
+ assert.Equal(t, "fail", r.Releases.ChecksumPolicy)
+ assert.Equal(t, "fail", r.Snapshots.ChecksumPolicy)
}
func TestNewRepositoryWithSnapshots(t *testing.T) {
@@ -195,6 +197,8 @@ func TestNewRepositoryWithSnapshots(t *testing.T) {
assert.Equal(t, "http://nexus/public";, r.URL)
assert.True(t, r.Releases.Enabled)
assert.True(t, r.Snapshots.Enabled)
+ assert.Equal(t, "fail", r.Releases.ChecksumPolicy)
+ assert.Equal(t, "fail", r.Snapshots.ChecksumPolicy)
}
func TestNewRepositoryWithSnapshotsAndID(t *testing.T) {
@@ -203,6 +207,8 @@ func TestNewRepositoryWithSnapshotsAndID(t *testing.T) {
assert.Equal(t, "http://nexus/public";, r.URL)
assert.True(t, r.Releases.Enabled)
assert.True(t, r.Snapshots.Enabled)
+ assert.Equal(t, "fail", r.Releases.ChecksumPolicy)
+ assert.Equal(t, "fail", r.Snapshots.ChecksumPolicy)
}
func TestNewRepositoryWithID(t *testing.T) {
@@ -211,4 +217,16 @@ func TestNewRepositoryWithID(t *testing.T) {
assert.Equal(t, "http://nexus/public";, r.URL)
assert.True(t, r.Releases.Enabled)
assert.False(t, r.Snapshots.Enabled)
+ assert.Equal(t, "fail", r.Releases.ChecksumPolicy)
+ assert.Equal(t, "fail", r.Snapshots.ChecksumPolicy)
+}
+
+func TestNewRepositoryWithChecksumPolicy(t *testing.T) {
+ r := NewRepository("http://nexus/public@checksumpolicy=warn";)
+ assert.Equal(t, "", r.ID)
+ assert.Equal(t, "http://nexus/public";, r.URL)
+ assert.True(t, r.Releases.Enabled)
+ assert.False(t, r.Snapshots.Enabled)
+ assert.Equal(t, "warn", r.Releases.ChecksumPolicy)
+ assert.Equal(t, "warn", r.Snapshots.ChecksumPolicy)
}
diff --git a/pkg/util/maven/maven_settings_test.go
b/pkg/util/maven/maven_settings_test.go
index ef1df7f..75d2a20 100644
--- a/pkg/util/maven/maven_settings_test.go
+++ b/pkg/util/maven/maven_settings_test.go
@@ -40,10 +40,12 @@ const expectedSettings = `<?xml version="1.0"
encoding="UTF-8"?>
<url>https://repo.maven.apache.org/maven2</url>
<snapshots>
<enabled>false</enabled>
+ <checksumPolicy>warn</checksumPolicy>
</snapshots>
<releases>
<enabled>true</enabled>
<updatePolicy>never</updatePolicy>
+ <checksumPolicy>fail</checksumPolicy>
</releases>
</repository>
</repositories>
@@ -66,11 +68,13 @@ func TestSettingsGeneration(t *testing.T) {
ID: "central",
URL:
"https://repo.maven.apache.org/maven2";,
Snapshots: RepositoryPolicy{
- Enabled: false,
+ Enabled: false,
+ ChecksumPolicy: "warn",
},
Releases: RepositoryPolicy{
- Enabled: true,
- UpdatePolicy: "never",
+ Enabled: true,
+ UpdatePolicy: "never",
+ ChecksumPolicy: "fail",
},
},
},
diff --git a/pkg/util/maven/maven_types.go b/pkg/util/maven/maven_types.go
index 26e5b3c..6adbd06 100644
--- a/pkg/util/maven/maven_types.go
+++ b/pkg/util/maven/maven_types.go
@@ -35,8 +35,9 @@ type Repository struct {
// RepositoryPolicy --
type RepositoryPolicy struct {
- Enabled bool `xml:"enabled"`
- UpdatePolicy string `xml:"updatePolicy,omitempty"`
+ Enabled bool `xml:"enabled"`
+ UpdatePolicy string `xml:"updatePolicy,omitempty"`
+ ChecksumPolicy string `xml:"checksumPolicy,omitempty"`
}
// Build --
