From 50477b4d242b12313d43d30dcfdb6d5dfde0344c Mon Sep 17 00:00:00 2001 From: Julien Lancelot Date: Thu, 9 Jan 2020 13:11:23 +0100 Subject: SONAR-12893 Disable password check in QA to make it faster --- .cirrus.yml | 46 +++++++++++++++++++++- .../CredentialsLocalAuthentication.java | 1 + 2 files changed, 46 insertions(+), 1 deletion(-) diff --git a/.cirrus.yml b/.cirrus.yml index be12730329b..1db2cc7a3d8 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -138,11 +138,11 @@ qa_task: QA_CATEGORY: Cat5 QA_CATEGORY: Cat6 QA_CATEGORY: Cat7 + QA_CATEGORY: Authentication QA_CATEGORY: Gov QA_CATEGORY: License QA_CATEGORY: Branch QA_CATEGORY: Upgrade - QA_CATEGORY: HA script: - ./private/cirrus/cirrus-qa.sh postgres106 on_failure: @@ -154,6 +154,50 @@ qa_task: path: "**/test-results/**/*.xml" format: junit +qa_ha_task: + depends_on: build + # Comment the following line and commit with message "DO NOT MERGE" in order to run + # this task on your branch + only_if: $CIRRUS_BRANCH == "branch-nightly-build" + gke_container: + dockerfile: private/docker/Dockerfile-build + builder_image_project: ci-cd-215716 + builder_image_name: docker-builder-v1 + cluster_name: cirrus-uscentral1a-cluster + zone: us-central1-a + namespace: default + cpu: 2.4 + memory: 10Gb + additional_containers: + - name: postgres + image: postgres:12.1 + port: 5432 + cpu: 1 + memory: 1Gb + env: + POSTGRES_USER: postgres + POSTGRES_PASSWORD: postgres + env: + # No need to clone the full history. + # Depth of 1 is not enough because it would fail the build in case of consecutive pushes + # (example of error: "Hard resetting to c968ecaf7a1942dacecd78480b3751ac74d53c33...Failed to force reset to c968ecaf7a1942dacecd78480b3751ac74d53c33: object not found!") + CIRRUS_CLONE_DEPTH: 50 + QA_CATEGORY: HA + gradle_cache: + folder: ~/.gradle/caches + script: + - ./private/cirrus/cirrus-qa.sh postgres106 + cleanup_before_cache_script: + - ./private/cirrus/cleanup-gradle-cache.sh + on_failure: + reports_artifacts: + path: "**/build/reports/**/*" + screenshots_artifacts: + path: "**/build/screenshots/**/*" + junit_artifacts: + path: "**/test-results/**/*.xml" + format: junit + # SAML QA is executed in a dedicated task in order to not slow down the pipeline, as a Keycloak server docker image is required. qa_saml_task: depends_on: build diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/CredentialsLocalAuthentication.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/CredentialsLocalAuthentication.java index 3fd0966fa5f..de8a469a7bc 100644 --- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/CredentialsLocalAuthentication.java +++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/CredentialsLocalAuthentication.java @@ -185,6 +185,7 @@ public class CredentialsLocalAuthentication { private static final class BcryptFunction implements HashFunction { @Override public AuthenticationResult checkCredentials(UserDto user, String password) { + // This behavior is overridden in most of integration tests for performance reasons, any changes to BCrypt calls should be propagated to Byteman classes if (!BCrypt.checkpw(password, user.getCryptedPassword())) { return new AuthenticationResult(false, "wrong password"); } -- cgit v1.2.3