SONAR-12893 Disable password check in QA to make it faster

2 files changed, 46 insertions, 1 deletions

diff --git a/.cirrus.yml b/.cirrus.yml
index be12730329b..1db2cc7a3d8 100644
--- a/.cirrus.yml
+++ b/.cirrus.yml
@@ -138,11 +138,11 @@ qa_task:
       QA_CATEGORY: Cat5
       QA_CATEGORY: Cat6
       QA_CATEGORY: Cat7
+      QA_CATEGORY: Authentication
       QA_CATEGORY: Gov
       QA_CATEGORY: License
       QA_CATEGORY: Branch
       QA_CATEGORY: Upgrade
-      QA_CATEGORY: HA
   script:
     - ./private/cirrus/cirrus-qa.sh postgres106
   on_failure:
@@ -154,6 +154,50 @@ qa_task:
       path: "**/test-results/**/*.xml"
       format: junit
 
+qa_ha_task:
+  depends_on: build
+  # Comment the following line and commit with message "DO NOT MERGE" in order to run
+  # this task on your branch
+  only_if: $CIRRUS_BRANCH == "branch-nightly-build"
+  gke_container:
+    dockerfile: private/docker/Dockerfile-build
+    builder_image_project: ci-cd-215716
+    builder_image_name: docker-builder-v1
+    cluster_name: cirrus-uscentral1a-cluster
+    zone: us-central1-a
+    namespace: default
+    cpu: 2.4
+    memory: 10Gb
+    additional_containers:
+      - name: postgres
+        image: postgres:12.1
+        port: 5432
+        cpu: 1
+        memory: 1Gb
+        env:
+          POSTGRES_USER: postgres
+          POSTGRES_PASSWORD: postgres
+  env:
+      # No need to clone the full history.
+      # Depth of 1 is not enough because it would fail the build in case of consecutive pushes
+      # (example of error: "Hard resetting to c968ecaf7a1942dacecd78480b3751ac74d53c33...Failed to force reset to c968ecaf7a1942dacecd78480b3751ac74d53c33: object not found!")
+    CIRRUS_CLONE_DEPTH: 50
+    QA_CATEGORY: HA
+  gradle_cache:
+    folder: ~/.gradle/caches
+  script:
+    - ./private/cirrus/cirrus-qa.sh postgres106
+  cleanup_before_cache_script:
+    - ./private/cirrus/cleanup-gradle-cache.sh
+  on_failure:
+    reports_artifacts:
+      path: "**/build/reports/**/*"
+    screenshots_artifacts:
+      path: "**/build/screenshots/**/*"
+    junit_artifacts:
+      path: "**/test-results/**/*.xml"
+      format: junit
+
 # SAML QA is executed in a dedicated task in order to not slow down the pipeline, as a Keycloak server docker image is required.
 qa_saml_task:
   depends_on: build
diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/CredentialsLocalAuthentication.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/CredentialsLocalAuthentication.java
index 3fd0966fa5f..de8a469a7bc 100644
--- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/CredentialsLocalAuthentication.java
+++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/CredentialsLocalAuthentication.java
@@ -185,6 +185,7 @@ public class CredentialsLocalAuthentication {
   private static final class BcryptFunction implements HashFunction {
     @Override
     public AuthenticationResult checkCredentials(UserDto user, String password) {
+      // This behavior is overridden in most of integration tests for performance reasons, any changes to BCrypt calls should be propagated to Byteman classes
       if (!BCrypt.checkpw(password, user.getCryptedPassword())) {
         return new AuthenticationResult(false, "wrong password");
       }