jenkinsci · jtnord · Jun 1, 2016 · Jun 1, 2016 · niravmsh · Oct 21, 2017
@@ -9,7 +9,7 @@
 	<parent>
 		<groupId>org.jenkins-ci.plugins</groupId>
 		<artifactId>plugin</artifactId>
-		<version>1.509.3</version>
+		<version>2.9</version>
 	</parent>
 
 	<name>Jenkins Maven Release Plug-in Plug-in</name>
@@ -19,7 +19,10 @@
 	<properties>
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
-		<maven.test.version>3.0.4</maven.test.version>
+		<maven.test.version>3.1.0</maven.test.version>
+		<jenkins.version>2.7</jenkins.version>
+		<jenkins-test-harness.version>2.8</jenkins-test-harness.version>		
+		<findbugs.failOnError>false</findbugs.failOnError>
 	</properties>
 
 	<developers>
@@ -55,6 +58,7 @@
 		<dependency>
 			<groupId>org.jenkins-ci.main</groupId>
 			<artifactId>maven-plugin</artifactId>
+			<version>2.13</version>
 		</dependency>
 		<dependency>
 			<groupId>org.apache.maven.release</groupId>
@@ -115,6 +119,12 @@
 			<version>${maven.test.version}</version>
 			<scope>test</scope>
 		</dependency>
+		<dependency>
+			<groupId>org.jenkins-ci.main</groupId>
+			<artifactId>jenkins-test-harness-tools</artifactId>
+			<version>2.0</version>
+			<scope>test</scope>
+		</dependency>
 	</dependencies>
 
 	<build>
@@ -130,17 +140,20 @@
 					</excludes>
 				</configuration>
 			</plugin>
+<!--
 			<plugin>
 				<groupId>org.jenkins-ci.tools</groupId>
 				<artifactId>maven-hpi-plugin</artifactId>
 				<version>1.96</version>
 				<extensions>true</extensions>
 			</plugin>
+-->
+<!--
             <plugin>
               <artifactId>maven-release-plugin</artifactId>
               <version>2.5</version>
             </plugin>            
-		</plugins>
+-->		</plugins>
 	</build>
 
 

@@ -39,9 +39,11 @@
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Collections;
+import java.util.HashSet;
 import java.util.List;
 import java.util.Locale;
 import java.util.Map;
+import java.util.Set;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
@@ -250,21 +252,24 @@ public void doSubmit(StaplerRequest req, StaplerResponse resp) throws IOExceptio
 			}
 		}
 
+		Set<String> safeParams = new HashSet<String>();
 		// if configured, expose the SCM credentails as additional parameters
 		if (StringUtils.isNotBlank(m2Wrapper.getScmPasswordEnvVar())) {
 			String scmPasswordVal = StringUtils.isEmpty(scmPassword) ? "" : scmPassword;
 			values.add(new PasswordParameterValue(m2Wrapper.getScmPasswordEnvVar(), scmPasswordVal));
+			safeParams.add(m2Wrapper.getScmPasswordEnvVar());
 		}
 		if (StringUtils.isNotBlank(m2Wrapper.getScmUserEnvVar())) {
 			String scmUsernameVal = StringUtils.isEmpty(scmUsername) ? "" : scmUsername;
 			values.add(new StringParameterValue(m2Wrapper.getScmUserEnvVar(), scmUsernameVal));
+			safeParams.add(m2Wrapper.getScmUserEnvVar());
 		}
 		values.add(new StringParameterValue(M2ReleaseBuildWrapper.DescriptorImpl.DEFAULT_RELEASE_VERSION_ENVVAR, releaseVersion));
 		values.add(new StringParameterValue(M2ReleaseBuildWrapper.DescriptorImpl.DEFAULT_DEV_VERSION_ENVVAR, developmentVersion));
 		values.add(new BooleanParameterValue(M2ReleaseBuildWrapper.DescriptorImpl.DEFAULT_DRYRUN_ENVVAR, isDryRun));
 
 		// schedule release build
-		ParametersAction parameters = new ParametersAction(values);
+		ParametersAction parameters = new ParametersAction(values, safeParams);
 
 		M2ReleaseArgumentsAction arguments = new M2ReleaseArgumentsAction();
 		arguments.setDryRun(isDryRun);

@@ -1,8 +1,9 @@
+<?jelly escape-by-default='true'?>
 <!--
   This view is used to render the plugin list page.
 
   Since we don't really have anything dynamic here, let's just use static HTML. 
 -->
 <div>
   A plug-in that enables you to perform releases using the <a href="http://maven.apache.org/plugins/maven-release-plugin/">maven-release-plugin</a> from Jenkins.
-</div>
+</div>
@@ -1,3 +1,4 @@
+<?jelly escape-by-default='true'?>
 <!--
 The MIT License
 
@@ -31,4 +32,4 @@ THE SOFTWARE.
       (<a href="${jobBaseUrl}${job.shortUrl}lastRelease/">${info.action.versionNumber}</a>)
     </j:if>
   </td>
-</j:jelly>
+</j:jelly>
@@ -1,3 +1,4 @@
+<?jelly escape-by-default='true'?>
 <!--
 The MIT License
 
@@ -24,4 +25,4 @@ THE SOFTWARE.
 
 <j:jelly xmlns:j="jelly:core">
     <th>${%Last Release}</th>
-</j:jelly>
+</j:jelly>
@@ -1,3 +1,4 @@
+<?jelly escape-by-default='true'?>
 <!--
 	The user tried to schedule a build but it failed.
 -->
@@ -10,4 +11,4 @@
 			</p>
 		</l:main-panel>
 	</l:layout>
-</j:jelly>
+</j:jelly>
@@ -3,6 +3,7 @@
 
 	This belongs to a build view.
 -->
+<?jelly escape-by-default='true'?>
 <j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
 	<l:layout norefresh="true">
 		<l:main-panel>

@@ -1,3 +1,4 @@
+<?jelly escape-by-default='true'?>
 <j:jelly xmlns:j="jelly:core">
     <j:choose>
         <j:when test="${it.isFailedBuild()}">

@@ -1,3 +1,4 @@
+<?jelly escape-by-default='true'?>
 <j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
 	<!--
 		This jelly script is used for per-project configuration.

@@ -1,3 +1,4 @@
+<?jelly escape-by-default='true'?>
 <j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
 	<!--
 		This Jelly script is used to produce the global configuration option.

@@ -1,3 +1,4 @@
+<?jelly escape-by-default='true'?>
 <j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
 	<p>${%releasedBy(it.userName,rootURL)}</p>
 </j:jelly>
@@ -1,3 +1,4 @@
+<?jelly escape-by-default='true'?>
 <!--
 The MIT License
 
@@ -26,4 +27,4 @@ THE SOFTWARE.
   <f:entry title="${%Name}">
     <f:textbox name="portlet.name" field="name"/>
   </f:entry>
-</j:jelly>
+</j:jelly>
@@ -1,3 +1,4 @@
+<?jelly escape-by-default='true'?>
 <!--
 The MIT License
 
@@ -77,4 +78,4 @@ THE SOFTWARE.
       <a href="rssFailed"><img src="${imagesURL}/atom.gif" border="0" alt="Feed"/> ${%for failed releases}</a>
     </span>
   </div>
-</j:jelly>
+</j:jelly>
@@ -1,3 +1,4 @@
+<?jelly escape-by-default='true'?>
 <!--
 The MIT License
 
@@ -39,4 +40,4 @@ THE SOFTWARE.
     </j:otherwise>
   </j:choose>
   </dp:decorate>
-</j:jelly>
+</j:jelly>
@@ -23,6 +23,8 @@
  */
 package org.jvnet.hudson.plugins.m2release;
 
+import java.io.IOException;
+
 import hudson.maven.MavenUtil;
 import hudson.maven.MavenModuleSet;
 import hudson.maven.MavenModuleSetBuild;
@@ -31,23 +33,24 @@
 import org.jvnet.hudson.plugins.m2release.M2ReleaseBuildWrapper.DescriptorImpl;
 import org.jvnet.hudson.test.ExtractResourceSCM;
 import org.jvnet.hudson.test.HudsonTestCase;
+import org.jvnet.hudson.test.ToolInstallations;
 
 public class M2ReleaseActionTest extends HudsonTestCase {
 
 	public void testPrepareRelease_dryRun_m3() throws Exception {
-		MavenInstallation mavenInstallation = configureMaven3();
+		MavenInstallation mavenInstallation = ToolInstallations.configureMaven3();
 		final MavenModuleSetBuild build = this.runPepareRelease_dryRun("maven3-project.zip", "maven3-project/pom.xml", mavenInstallation);
 		assertTrue("should have been run with maven 3", MavenUtil.maven3orLater(build.getMavenVersionUsed()));
 	}
 
 	public void testPrepareRelease_dryRun_m2project_with_m3() throws Exception {
-		MavenInstallation mavenInstallation = configureMaven3();
+		MavenInstallation mavenInstallation = ToolInstallations.configureMaven3();
 		final MavenModuleSetBuild build = this.runPepareRelease_dryRun("maven2-project.zip", "pom.xml", mavenInstallation);
 		assertTrue("should have been run with maven 3", MavenUtil.maven3orLater(build.getMavenVersionUsed()));
 	}
 
 	public void testPrepareRelease_dryRun_m2project_with_m2() throws Exception {
-		MavenInstallation mavenInstallation = configureDefaultMaven();
+		MavenInstallation mavenInstallation = ToolInstallations.configureDefaultMaven();
 		final MavenModuleSetBuild build = this.runPepareRelease_dryRun("maven2-project.zip", "pom.xml", mavenInstallation);
 		assertFalse("should have been run with maven 2", MavenUtil.maven3orLater(build.getMavenVersionUsed()));
 	}
@@ -70,4 +73,8 @@ public MavenModuleSetBuild runPepareRelease_dryRun(String projectZip, String unp
 		return assertBuildStatusSuccess(m.scheduleBuild2(0, new ReleaseCause(), args));
 	}
 
+	protected MavenModuleSet createMavenProject() throws IOException {
+		return jenkins.createProject(MavenModuleSet.class, createUniqueProjectName());
+	}
+
 }
@@ -38,6 +38,9 @@
 import org.jvnet.hudson.test.ExtractResourceSCM;
 import org.jvnet.hudson.test.HudsonTestCase;
 
+import static org.jvnet.hudson.test.ToolInstallations.configureDefaultMaven;
+import static org.jvnet.hudson.test.ToolInstallations.configureMaven3;
+
 public class M2ReleaseBadgeActionTest extends HudsonTestCase {
 
 	public void testBadgeForSuccessfulDryRunRelease() throws Exception {
@@ -115,4 +118,9 @@ public boolean perform(AbstractBuild<?, ?> build, Launcher launcher, BuildListen
 			return false; // failing build
 		}
 	}
-}
+
+        protected MavenModuleSet createMavenProject() throws IOException {
+                return jenkins.createProject(MavenModuleSet.class, createUniqueProjectName());
+        }
+}
+