support trustedCerts for cloneGitRepo (#4909)

* support trustedCerts for cloneGitRepo * some more steps * Update sap_com_0948.go * remove warning for config value type * updated description for certificateNames * go generate artifacts * variable order and space in "[]interface {}"
SAP · May 10, 2024 · ac55ddf · ac55ddf
1 parent ff9b3d4
commit ac55ddf
Show file tree

Hide file tree

Showing 20 changed files with 144 additions and 47 deletions.
diff --git a/cmd/abapEnvironmentAssemblePackages_generated.go b/cmd/abapEnvironmentAssemblePackages_generated.go
diff --git a/cmd/abapEnvironmentBuild_generated.go b/cmd/abapEnvironmentBuild_generated.go
diff --git a/cmd/abapEnvironmentCheckoutBranch.go b/cmd/abapEnvironmentCheckoutBranch.go
@@ -47,6 +47,7 @@ func runAbapEnvironmentCheckoutBranch(options *abapEnvironmentCheckoutBranchOpti
 	if errorGetInfo != nil {
 		log.Entry().WithError(errorGetInfo).Fatal("Parameters for the ABAP Connection not available")
 	}
+	connectionDetails.CertificateNames = options.CertificateNames
 
 	repositories := []abaputils.Repository{}
 	err = checkCheckoutBranchRepositoryConfiguration(*options)

diff --git a/cmd/abapEnvironmentCheckoutBranch_generated.go b/cmd/abapEnvironmentCheckoutBranch_generated.go
diff --git a/cmd/abapEnvironmentCloneGitRepo.go b/cmd/abapEnvironmentCloneGitRepo.go
@@ -52,6 +52,7 @@ func runAbapEnvironmentCloneGitRepo(config *abapEnvironmentCloneGitRepoOptions,
 	if errorGetInfo != nil {
 		return errors.Wrap(errorGetInfo, "Parameters for the ABAP Connection not available")
 	}
+	connectionDetails.CertificateNames = config.CertificateNames
 
 	log.Entry().Infof("Start cloning %v repositories", len(repositories))
 	for _, repo := range repositories {

diff --git a/cmd/abapEnvironmentCloneGitRepo_generated.go b/cmd/abapEnvironmentCloneGitRepo_generated.go
diff --git a/cmd/abapEnvironmentCreateTag.go b/cmd/abapEnvironmentCreateTag.go
@@ -40,6 +40,7 @@ func runAbapEnvironmentCreateTag(config *abapEnvironmentCreateTagOptions, com ab
 	if errorGetInfo != nil {
 		return errors.Wrap(errorGetInfo, "Parameters for the ABAP Connection not available")
 	}
+	connectionDetails.CertificateNames = config.CertificateNames
 
 	backlog, errorPrepare := prepareBacklog(config)
 	if errorPrepare != nil {

diff --git a/cmd/abapEnvironmentCreateTag_generated.go b/cmd/abapEnvironmentCreateTag_generated.go
diff --git a/cmd/abapEnvironmentPullGitRepo.go b/cmd/abapEnvironmentPullGitRepo.go
@@ -45,6 +45,7 @@ func runAbapEnvironmentPullGitRepo(options *abapEnvironmentPullGitRepoOptions, c
 	if err != nil {
 		return errors.Wrap(err, "Parameters for the ABAP Connection not available")
 	}
+	connectionDetails.CertificateNames = options.CertificateNames
 
 	var repositories []abaputils.Repository
 	err = checkPullRepositoryConfiguration(*options)

diff --git a/cmd/abapEnvironmentPullGitRepo_generated.go b/cmd/abapEnvironmentPullGitRepo_generated.go
diff --git a/pkg/abaputils/abaputils.go b/pkg/abaputils/abaputils.go
@@ -300,11 +300,12 @@ type AbapMetadata struct {
 
 // ConnectionDetailsHTTP contains fields for HTTP connections including the XCSRF token
 type ConnectionDetailsHTTP struct {
-	Host       string
-	User       string `json:"user"`
-	Password   string `json:"password"`
-	URL        string `json:"url"`
-	XCsrfToken string `json:"xcsrftoken"`
+	Host             string
+	User             string   `json:"user"`
+	Password         string   `json:"password"`
+	URL              string   `json:"url"`
+	XCsrfToken       string   `json:"xcsrftoken"`
+	CertificateNames []string `json:"-"`
 }
 
 // AbapError contains the error code and the error message for ABAP errors

diff --git a/pkg/abaputils/sap_com_0510.go b/pkg/abaputils/sap_com_0510.go
@@ -330,6 +330,7 @@ func (api *SAP_COM_0510) initialRequest() error {
 		CookieJar:          cookieJar,
 		Username:           api.con.User,
 		Password:           api.con.Password,
+		TrustedCerts:       api.con.CertificateNames,
 	})
 
 	headConnection := api.con

diff --git a/pkg/abaputils/sap_com_0948.go b/pkg/abaputils/sap_com_0948.go
@@ -339,6 +339,7 @@ func (api *SAP_COM_0948) initialRequest() error {
 		CookieJar:          cookieJar,
 		Username:           api.con.User,
 		Password:           api.con.Password,
+		TrustedCerts:       api.con.CertificateNames,
 	})
 
 	// HEAD request to the root is not sufficient, as an unauthorized called is allowed to do so

diff --git a/pkg/config/config.go b/pkg/config/config.go
@@ -510,7 +510,17 @@ func merge(base, overlay map[string]interface{}, metadata StepData) map[string]i
 			for _, v := range metadata.Spec.Inputs.Parameters {
 				tVal := reflect.TypeOf(value).String()
 				if v.Name == key && tVal != v.Type {
-					log.Entry().Warn("config value provided for ", v.Name, " is of wrong type ", tVal, " should be of type ", v.Type)
+					if tVal == "[]interface {}" && v.Type == "[]string" {
+						//json Unmarshal genertes arrays of interface{} for string arrays
+						for _, interfaceValue := range value.([]interface{}) {
+							arrayValueType := reflect.TypeOf(interfaceValue).String()
+							if arrayValueType != "string" {
+								log.Entry().Warnf("config id %s should only contain strings but contains a %s", v.Name, arrayValueType)
+							}
+						}
+					} else {
+						log.Entry().Warnf("config value provided for %s is of wrong type %s should be of type %s", v.Name, tVal, v.Type)
+					}
 				}
 			}
 		}

diff --git a/resources/metadata/abapEnvironmentAssemblePackages.yaml b/resources/metadata/abapEnvironmentAssemblePackages.yaml
@@ -129,7 +129,7 @@ spec:
           - STEPS
       - name: certificateNames
         type: "[]string"
-        description: certificates for the backend system, this certificates needs to be stored in .pipeline/trustStore
+        description: "file names of trusted (self-signed) server certificates - need to be stored in .pipeline/trustStore"
         mandatory: false
         scope:
           - PARAMETERS

diff --git a/resources/metadata/abapEnvironmentBuild.yaml b/resources/metadata/abapEnvironmentBuild.yaml
@@ -203,7 +203,7 @@ spec:
           - STEPS
       - name: certificateNames
         type: "[]string"
-        description: certificates for the backend system, this certificates needs to be stored in .pipeline/trustStore
+        description: "file names of trusted (self-signed) server certificates - need to be stored in .pipeline/trustStore"
         mandatory: false
         scope:
           - PARAMETERS

diff --git a/resources/metadata/abapEnvironmentCheckoutBranch.yaml b/resources/metadata/abapEnvironmentCheckoutBranch.yaml
@@ -127,6 +127,15 @@ spec:
           - name: cloudFoundry/serviceKey
           - name: cloudFoundry/serviceKeyName
           - name: cfServiceKeyName
+      - name: certificateNames
+        type: "[]string"
+        description: "file names of trusted (self-signed) server certificates - need to be stored in .pipeline/trustStore"
+        mandatory: false
+        scope:
+          - PARAMETERS
+          - STAGES
+          - STEPS
+          - GENERAL
   containers:
     - name: cf
       image: ppiper/cf-cli:v12
diff --git a/resources/metadata/abapEnvironmentCloneGitRepo.yaml b/resources/metadata/abapEnvironmentCloneGitRepo.yaml
@@ -127,6 +127,15 @@ spec:
           - name: cloudFoundry/serviceKey
           - name: cloudFoundry/serviceKeyName
           - name: cfServiceKey
+      - name: certificateNames
+        type: "[]string"
+        description: "file names of trusted (self-signed) server certificates - need to be stored in .pipeline/trustStore"
+        mandatory: false
+        scope:
+          - PARAMETERS
+          - STAGES
+          - STEPS
+          - GENERAL
   containers:
     - name: cf
       image: ppiper/cf-cli:v12