Add comprehensive unit tests for model and service classes#1
Merged
Conversation
…ility Introduces 9 test classes covering the security-critical ACL engine, deployment models, SSH configuration, and prompt type conversion logic. Refactors EnvironmentACLChecker to extract pure evaluation logic from Jenkins singletons, enabling direct unit testing without a running Jenkins instance. Adds JUnit 5 and Mockito test dependencies. Test coverage includes: - EnvironmentACLChecker: deny-first evaluation, priority ordering, environment group/tag matching, regex job patterns, complex org policies - ACLRule, EnvironmentGroup, VaultCredentialMapping: model construction, null safety, vault credential lookup, node label formatting - DeploymentJob, JobParameter: param-to-map conversion, duplicate handling - PromptDefinition: type conversion for string/choice/boolean/password - SshConfig: bounds validation, JSch property generation, factory methods - SshEnvironment: validation, display formatting https://claude.ai/code/session_01Uut1RD3VXAuMMuMZcxdPcw
The .hpi binary was tracked in git (162KB). Build artifacts should be distributed via GitHub Releases (already supported by make github-release), not checked into version control. Also ignores .vscode/ and .idea/. https://claude.ai/code/session_01Uut1RD3VXAuMMuMZcxdPcw
GitHub Actions: - CI workflow runs mvn verify with spotless + spotbugs on every PR to main Security (AnsiblePlaybookCommandBuilder): - Fix shell injection via single-quote breakout in escapeValue(). The old escape (\') does not work inside single-quoted strings in POSIX shell. Replaced with the correct '\'' idiom. - Add requireSafeIdentifier() validation that rejects shell metacharacters (;, $, `, |, &, spaces) in playbook paths, usernames, inventory paths, and extra var keys. - Calls validate() at build time rather than relying on callers. Makefile: - Add `make test` and `make verify` targets. - Improve `make help` to list all available commands. https://claude.ai/code/session_01Uut1RD3VXAuMMuMZcxdPcw
This is the breaking rename that should happen at v1.0.0 before adoption. Every reference to "pulsar" across the entire codebase is now "jerakin": Package rename (58 Java files + 12 Jelly resource files): - io.jenkins.plugins.pulsar → io.jenkins.plugins.jerakin - All imports, package declarations, and resource directory paths updated JCasC symbol rename: - @symbol("pulsarDeployments") → @symbol("jerakinDeployments") - YAML configs updated to match Job naming convention: - PulsarJob_ prefix → JerakinJob_ prefix in DeploymentJobManager README rewrite: - Shorter, action-oriented structure with Quick Start section - All examples use consistent jerakin naming - Added Development section with make targets Open-source infrastructure: - Dependabot for Maven + GitHub Actions dependency updates - GitHub issue templates (bug report, feature request) - Fixed broken `make release` target (removed non-existent lint/update-center) Config updates: - pom.xml: display name → "Jerakin Plugin" - log.properties: updated package paths - libraries.yml: pulsar-library → jerakin-library https://claude.ai/code/session_01Uut1RD3VXAuMMuMZcxdPcw
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR adds extensive unit test coverage for core model classes and the ACL evaluation engine, enabling thorough testing of business logic without requiring a running Jenkins instance.
Key Changes
Test Coverage Added
EnvironmentACLCheckerTest (570 lines): Comprehensive tests for the ACL evaluation engine covering:
matchesJob()Model class tests: New test suites for:
ACLRuleTest: Rule construction, field setters, null-safetyEnvironmentGroupTest: Group configuration, vault credential lookup, node label handlingSshEnvironmentTest: SSH environment validation, display formattingSshConfigTest: SSH configuration bounds validation, JSch properties generation, factory methodsPromptDefinitionTest: Parameter type conversion (string, choice, boolean, password)DeploymentJobTest: Job parameter handling and map conversionJobParameterTest: Parameter immutability and serializationVaultCredentialMappingTest: Vault credential mapping configurationSource Code Modifications
hasAccess()method to expose a package-private overload that accepts rules and environment groups directly, enabling unit testing without Jenkins configuration. The public API remains unchanged.Testing Infrastructure
pom.xmlfor modern test framework support@Nestedand@DisplayNameannotations for clear test organization and documentationImplementation Details
https://claude.ai/code/session_01Uut1RD3VXAuMMuMZcxdPcw