Merge pull request #55 from jmdesprez/JENKINS-73610

Author: Vlatombe

src/main/java/org/jenkinsci/plugins/kubernetes/credentials/Utils.java

@@ -66,7 +66,10 @@ public static String encodeKey(Key key) {
      * @throws IllegalArgumentException If the request is invalid
      */
     public static void ensureFIPSCompliantURIRequest(URI uri, boolean skipTLSVerify) {
-        boolean isInsecure = uri.getScheme().equals("http");
+        boolean isInsecure = false;
+        if (uri != null) {
+            isInsecure = "http".equals(uri.getScheme());
+        }
         ensureFIPSCompliant(isInsecure, skipTLSVerify);
     }
 
@@ -82,7 +85,10 @@ public static void ensureFIPSCompliantURIRequest(URI uri, boolean skipTLSVerify)
      * @throws IllegalArgumentException If the request is invalid
      */
     public static void ensureFIPSCompliantRequest(String stringRequest, boolean skipTLSVerify) {
-        boolean isInsecure = stringRequest.startsWith("http://");
+        boolean isInsecure = false;
+        if(stringRequest != null) {
+            isInsecure = stringRequest.startsWith("http://");
+        }
         ensureFIPSCompliant(isInsecure, skipTLSVerify);
     }
 

src/test/java/org/jenkinsci/plugins/kubernetes/credentials/AbstractHttpClientWithTLSOptionsFactoryFIPSTest.java

@@ -25,7 +25,13 @@ public AbstractHttpClientWithTLSOptionsFactoryFIPSTest(String scheme, boolean sk
     @Test
     public void testCreateKubernetesAuthConfig() throws URISyntaxException {
         try {
-            HttpClientWithTLSOptionsFactory.getBuilder(new URI(scheme, "localhost", null, null), null, skipTLSVerify);
+            URI uri;
+            if (scheme != null) {
+                uri = new URI(scheme, "localhost", null, null);
+            } else {
+                uri = null;
+            }
+            HttpClientWithTLSOptionsFactory.getBuilder(uri, null, skipTLSVerify);
             if (!shouldPass) {
                 fail("This test was expected to fail, reason: " + motivation);
             }

src/test/java/org/jenkinsci/plugins/kubernetes/credentials/AbstractOpenShiftBearerTokenCredentialFIPSTest.java

@@ -1,6 +1,7 @@
 package org.jenkinsci.plugins.kubernetes.credentials;
 
 import com.cloudbees.plugins.credentials.CredentialsScope;
+import edu.umd.cs.findbugs.annotations.NonNull;
 import org.eclipse.jetty.server.Connector;
 import org.eclipse.jetty.server.HttpConfiguration;
 import org.eclipse.jetty.server.HttpConnectionFactory;
@@ -56,7 +57,7 @@ public abstract class AbstractOpenShiftBearerTokenCredentialFIPSTest {
 
 
     public AbstractOpenShiftBearerTokenCredentialFIPSTest(
-            String scheme, boolean skipTLSVerify, boolean shouldPass, String motivation) {
+            @NonNull String scheme, boolean skipTLSVerify, boolean shouldPass, String motivation) {
         this.scheme = scheme;
         this.skipTLSVerify = skipTLSVerify;
         this.shouldPass = shouldPass;

src/test/java/org/jenkinsci/plugins/kubernetes/credentials/AbstractUtilsFIPSTest.java

@@ -27,9 +27,32 @@ public AbstractUtilsFIPSTest(
 
     @Test
     public void ensureFIPSCompliantURIRequest() throws URISyntaxException {
-        HttpUriRequest request = new HttpGet(new URI(scheme, "localhost", null, null));
         try {
-            Utils.ensureFIPSCompliantURIRequest(request.getURI(), skipTLSVerify);
+            if(scheme != null) {
+                HttpUriRequest request = new HttpGet(new URI(scheme, "localhost", null, null));
+                URI uri = request.getURI();
+                Utils.ensureFIPSCompliantURIRequest(uri, skipTLSVerify);
+            } else {
+                Utils.ensureFIPSCompliantURIRequest(null, skipTLSVerify);
+            }
+            if (!shouldPass) {
+                fail("This test was expected to fail, reason: " + motivation);
+            }
+        } catch (IllegalArgumentException e) {
+            if (shouldPass) {
+                fail("This test was expected to pass, reason: " + motivation);
+            }
+        }
+    }
+
+    @Test
+    public void ensureFIPSCompliantRequest() {
+        try {
+            if(scheme != null) {
+                Utils.ensureFIPSCompliantRequest(scheme + "://localhost", skipTLSVerify);
+            } else {
+                Utils.ensureFIPSCompliantRequest(null, skipTLSVerify);
+            }
             if (!shouldPass) {
                 fail("This test was expected to fail, reason: " + motivation);
             }

src/test/java/org/jenkinsci/plugins/kubernetes/credentials/HttpClientWithTLSOptionsFactoryWithFIPSTest.java

@@ -23,6 +23,7 @@ public HttpClientWithTLSOptionsFactoryWithFIPSTest(
     public static Collection<Object[]> parameters() {
         return Arrays.asList(new Object[][] {
             // Valid use cases
+            {null, false, true, "No URL provided and the TLS verification is not skipped, this should be accepted"},
             {"https", false, true, "TLS is used and the TLS verification is not skipped, this should be accepted"},
             // Invalid use cases
             {"https", true, false, "Skip TLS check is not accepted in FIPS mode"},

src/test/java/org/jenkinsci/plugins/kubernetes/credentials/HttpClientWithTLSOptionsFactoryWithoutFIPSTest.java

@@ -23,6 +23,7 @@ public HttpClientWithTLSOptionsFactoryWithoutFIPSTest(
     public static Collection<Object[]> parameters() {
         return Arrays.asList(new Object[][] {
             // Valid use cases
+            {null, false, true, "Not in FIPS mode, any combination should be valid"},
             {"https", false, true, "Not in FIPS mode, any combination should be valid"},
             {"http", false, true, "Not in FIPS mode, any combination should be valid"},
             {"http", true, true, "Not in FIPS mode, any combination should be valid"},

src/test/java/org/jenkinsci/plugins/kubernetes/credentials/UtilsWithFIPSTest.java

@@ -22,6 +22,7 @@ public UtilsWithFIPSTest(
     public static Collection<Object[]> parameters() {
         return Arrays.asList(new Object[][] {
             // Valid use cases
+            {null, false, true, "No URL provided and the TLS verification is not skipped, this should be accepted"},
             {"https", false, true, "TLS is used and the TLS verification is not skipped, this should be accepted"},
             // Invalid use cases
             {"https", true, false, "Skip TLS check is not accepted in FIPS mode"},

src/test/java/org/jenkinsci/plugins/kubernetes/credentials/UtilsWithoutFIPSTest.java

@@ -20,6 +20,7 @@ public UtilsWithoutFIPSTest(String scheme, boolean skipTLSVerify, boolean should
     @Parameterized.Parameters
     public static Collection<Object[]> parameters() {
         return Arrays.asList(new Object[][] {
+            {null, true, true, "Not in FIPS mode, any combination should be valid"},
             {"https", true, true, "Not in FIPS mode, any combination should be valid"},
             {"https", false, true, "Not in FIPS mode, any combination should be valid"},
             {"http", true, true, "Not in FIPS mode, any combination should be valid"},