Actually use TLS in (some) Maven tests and shove a few minutes from t…

…heir execution (#4591) * TLS support in tests * Switch from org.jenkins-ci.plugins to org.codehaus.mojo Reduces what needs to be resolved to speed up test. * Adopt org.jenkins-ci:jenkins for external repo test --------- Co-authored-by: Tim te Beek <tim@moderne.io>
openrewrite · Oct 21, 2024 · ae1a920 · ae1a920
1 parent ef493d1
commit ae1a920
Show file tree

Hide file tree

Showing 4 changed files with 892 additions and 792 deletions.
diff --git a/rewrite-maven/build.gradle.kts b/rewrite-maven/build.gradle.kts
@@ -38,7 +38,8 @@ dependencies {
 
     testImplementation(project(":rewrite-test"))
     testImplementation("com.squareup.okhttp3:mockwebserver:4.+")
-    testImplementation("com.squareup.okio:okio-jvm:3.0.0")
+    testImplementation("com.squareup.okhttp3:okhttp-tls:4.+")
+    testImplementation("com.squareup.okio:okio-jvm:3.9.1")
     testImplementation("org.mapdb:mapdb:latest.release")
     testImplementation("guru.nidi:graphviz-java:latest.release")
 

diff --git a/rewrite-maven/src/test/java/org/openrewrite/maven/MavenParserTest.java b/rewrite-maven/src/test/java/org/openrewrite/maven/MavenParserTest.java
@@ -17,27 +17,33 @@
 
 import com.fasterxml.jackson.databind.node.JsonNodeFactory;
 import com.fasterxml.jackson.databind.node.ObjectNode;
+import okhttp3.OkHttpClient;
 import okhttp3.mockwebserver.Dispatcher;
 import okhttp3.mockwebserver.MockResponse;
 import okhttp3.mockwebserver.MockWebServer;
 import okhttp3.mockwebserver.RecordedRequest;
+import okhttp3.tls.HandshakeCertificates;
+import okhttp3.tls.HeldCertificate;
 import org.junit.jupiter.api.Disabled;
 import org.junit.jupiter.api.Test;
+import org.openrewrite.HttpSenderExecutionContextView;
 import org.openrewrite.InMemoryExecutionContext;
 import org.openrewrite.Issue;
 import org.openrewrite.ParseExceptionResult;
 import org.openrewrite.Parser;
+import org.openrewrite.ipc.http.OkHttpSender;
 import org.openrewrite.maven.internal.MavenParsingException;
 import org.openrewrite.maven.tree.*;
 import org.openrewrite.test.RewriteTest;
 import org.openrewrite.test.TypeValidation;
 import org.openrewrite.tree.ParseError;
 
 import java.io.IOException;
+import java.net.InetAddress;
 import java.nio.file.Paths;
 import java.util.Base64;
 import java.util.List;
-import java.util.stream.StreamSupport;
+import java.util.Objects;
 
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
@@ -906,13 +912,23 @@ void mirrorsAndAuth() throws IOException {
         var username = "admin";
         var password = "password";
         try (MockWebServer mockRepo = new MockWebServer()) {
+            // TLS server setup based on https://github.com/square/okhttp/blob/master/okhttp-tls/README.md
+            String localhost = InetAddress.getByName("localhost").getCanonicalHostName();
+            HeldCertificate localhostCertificate = new HeldCertificate.Builder()
+              .addSubjectAlternativeName(localhost)
+              .build();
+            HandshakeCertificates serverCertificates = new HandshakeCertificates.Builder()
+              .heldCertificate(localhostCertificate)
+              .build();
+            mockRepo.useHttps(serverCertificates.sslSocketFactory(), false);
+
             mockRepo.setDispatcher(new Dispatcher() {
                 @Override
                 public MockResponse dispatch(RecordedRequest request) {
                     MockResponse resp = new MockResponse();
-                    if (StreamSupport.stream(request.getHeaders().spliterator(), false)
-                      .noneMatch(it -> it.getFirst().equals("Authorization") &&
-                                       it.getSecond().equals("Basic " + Base64.getEncoder().encodeToString((username + ":" + password).getBytes())))) {
+                    if (!Objects.equals(
+                      request.getHeader("Authorization"),
+                      "Basic " + Base64.getEncoder().encodeToString((username + ":" + password).getBytes()))) {
                         return resp.setResponseCode(401);
                     } else {
                         if (!"HEAD".equalsIgnoreCase(request.getMethod())) {
@@ -935,7 +951,7 @@ public MockResponse dispatch(RecordedRequest request) {
             });
 
             mockRepo.start();
-            var ctx = MavenExecutionContextView.view(new InMemoryExecutionContext(t -> {
+            var mavenCtx = MavenExecutionContextView.view(new InMemoryExecutionContext(t -> {
                 throw new RuntimeException(t);
             }));
             var settings = MavenSettings.parse(Parser.Input.fromString(Paths.get("settings.xml"),
@@ -959,8 +975,17 @@ public MockResponse dispatch(RecordedRequest request) {
                     </servers>
                 </settings>
                 """.formatted(mockRepo.getHostName(), mockRepo.getPort(), username, password)
-            ), ctx);
-            ctx.setMavenSettings(settings);
+            ), mavenCtx);
+            mavenCtx.setMavenSettings(settings);
+
+            // TLS client setup (just make it trust the self-signed certificate)
+            HandshakeCertificates clientCertificates = new HandshakeCertificates.Builder()
+              .addTrustedCertificate(localhostCertificate.certificate())
+              .build();
+            OkHttpClient client = new OkHttpClient.Builder()
+              .sslSocketFactory(clientCertificates.sslSocketFactory(), clientCertificates.trustManager())
+              .build();
+            var ctx = new HttpSenderExecutionContextView(mavenCtx).setHttpSender(new OkHttpSender(client));
 
             var maven = MavenParser.builder().build().parse(
               ctx,

diff --git a/rewrite-maven/src/test/java/org/openrewrite/maven/UpgradeParentVersionTest.java b/rewrite-maven/src/test/java/org/openrewrite/maven/UpgradeParentVersionTest.java
@@ -61,7 +61,7 @@ void doesNotDowngradeVersion() {
     void nonMavenCentralRepository() {
         rewriteRun(
           spec -> spec
-            .recipe(new UpgradeParentVersion("org.jenkins-ci.plugins", "plugin", "4.40", null))
+            .recipe(new UpgradeParentVersion("org.jenkins-ci", "jenkins", "1.125", null))
             .executionContext(
               MavenExecutionContextView
                 .view(new InMemoryExecutionContext())
@@ -73,22 +73,22 @@ void nonMavenCentralRepository() {
             """
               <project>
                   <parent>
-                      <groupId>org.jenkins-ci.plugins</groupId>
-                      <artifactId>plugin</artifactId>
-                      <version>4.33</version>
+                      <groupId>org.jenkins-ci</groupId>
+                      <artifactId>jenkins</artifactId>
+                      <version>1.124</version>
                   </parent>
-                  <artifactId>antisamy-markup-formatter</artifactId>
+                  <artifactId>example</artifactId>
                   <version>1.0.0</version>
               </project>
               """,
             """
               <project>
                   <parent>
-                      <groupId>org.jenkins-ci.plugins</groupId>
-                      <artifactId>plugin</artifactId>
-                      <version>4.40</version>
+                      <groupId>org.jenkins-ci</groupId>
+                      <artifactId>jenkins</artifactId>
+                      <version>1.125</version>
                   </parent>
-                  <artifactId>antisamy-markup-formatter</artifactId>
+                  <artifactId>example</artifactId>
                   <version>1.0.0</version>
               </project>
               """