Switching *-name.txt to a manifest attribute; and fixes related to cache maintenance

Author: jglick

src/main/java/org/jenkinsci/plugins/workflow/libs/LibraryAdder.java

@@ -228,7 +228,6 @@ static URL retrieve(@NonNull LibraryRecord record, @NonNull LibraryRetriever ret
                               listener.getLogger().println("Library " + name + "@" + version + " is due for a refresh after " + cachingMinutes + " minutes, clearing.");
                                 if (versionCacheJar.exists()) {
                                     versionCacheJar.delete();
-                                    versionCacheJar.sibling(record.getDirectoryName() + "-name.txt").delete();
                                 }
                                 retrieve = true;
                                 break;
@@ -247,16 +246,13 @@ static URL retrieve(@NonNull LibraryRecord record, @NonNull LibraryRetriever ret
                 }
 
                 lastReadFile.touch(System.currentTimeMillis());
-                versionCacheJar.sibling(record.getDirectoryName() + "-name.txt").write(name, "UTF-8");
                 versionCacheJar.copyTo(libJar);
             } finally {
               retrieveLock.readLock().unlock();
             }
         } else {
             retriever.retrieveJar(name, version, changelog, libJar, run, listener);
         }
-        // Write the user-provided name to a file as a debugging aid.
-        libJar.sibling(record.getDirectoryName() + "-name.txt").write(name, "UTF-8");
 
         // Replace any classes requested for replay:
         if (!record.trusted) {

src/main/java/org/jenkinsci/plugins/workflow/libs/LibraryCachingCleanup.java

@@ -9,6 +9,7 @@
 import java.io.IOException;
 import java.util.concurrent.TimeUnit;
 import java.util.concurrent.locks.ReentrantReadWriteLock;
+import jenkins.model.Jenkins;
 
 import jenkins.util.SystemProperties;
 
@@ -27,41 +28,28 @@ public LibraryCachingCleanup() {
 
     @Override protected void execute(TaskListener listener) throws IOException, InterruptedException {
         FilePath globalCacheDir = LibraryCachingConfiguration.getGlobalLibrariesCacheDir();
-        for (FilePath library : globalCacheDir.list()) {
-            if (!removeIfExpiredCacheDirectory(library)) {
-                // Prior to the SECURITY-2586 fix, library caches had a two-level directory structure.
-                // These caches will never be used again, so we delete any that we find.
-                for (FilePath version: library.list()) {
-                    if (version.child(LibraryCachingConfiguration.LAST_READ_FILE).exists()) {
-                        library.deleteRecursive();
-                        break;
-                    }
-                }
-            }
+        for (FilePath libJar : globalCacheDir.list()) {
+            removeIfExpiredCacheJar(libJar);
         }
+        // Old cache directory; format has changed, so just delete it:
+        Jenkins.get().getRootPath().child("global-libraries-cache").deleteRecursive();
     }
 
     /**
-     * Delete the specified cache directory if it is outdated.
-     * @return true if specified directory is a cache directory, regardless of whether it was outdated. Used to detect
-     * whether the cache was created before or after the fix for SECURITY-2586.
+     * Delete the specified cache JAR if it is outdated.
      */
-    private boolean removeIfExpiredCacheDirectory(FilePath library) throws IOException, InterruptedException {
-        final FilePath lastReadFile = new FilePath(library, LibraryCachingConfiguration.LAST_READ_FILE);
+    private void removeIfExpiredCacheJar(FilePath libJar) throws IOException, InterruptedException {
+        final FilePath lastReadFile = libJar.sibling(libJar.getBaseName() + "." + LibraryCachingConfiguration.LAST_READ_FILE);
         if (lastReadFile.exists()) {
-            ReentrantReadWriteLock retrieveLock = LibraryAdder.getReadWriteLockFor(library.getName());
+            ReentrantReadWriteLock retrieveLock = LibraryAdder.getReadWriteLockFor(libJar.getBaseName());
             retrieveLock.writeLock().lockInterruptibly();
             try {
                 if (System.currentTimeMillis() - lastReadFile.lastModified() > TimeUnit.DAYS.toMillis(EXPIRE_AFTER_READ_DAYS)) {
-                
-                    library.deleteRecursive();
-                    library.withSuffix("-name.txt").delete();
+                    libJar.delete();
                 }
             } finally {
                 retrieveLock.writeLock().unlock();
             }
-            return true;
         }
-        return false;
     }
 }

src/main/java/org/jenkinsci/plugins/workflow/libs/LibraryCachingConfiguration.java

@@ -10,17 +10,15 @@
 import org.kohsuke.stapler.QueryParameter;
 
 import java.io.IOException;
-import java.io.InputStream;
-import java.nio.charset.StandardCharsets;
 import java.util.Arrays;
 import java.util.Collections;
 import java.util.List;
 import java.util.concurrent.TimeUnit;
 import java.util.concurrent.locks.ReentrantReadWriteLock;
+import java.util.jar.JarFile;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
-import org.apache.commons.io.IOUtils;
 import org.apache.commons.lang.StringUtils;
 
 public final class LibraryCachingConfiguration extends AbstractDescribableImpl<LibraryCachingConfiguration> {
@@ -94,26 +92,22 @@ public FormValidation doClearCache(@QueryParameter String name, @QueryParameter
 
             try {
                 if (LibraryCachingConfiguration.getGlobalLibrariesCacheDir().exists()) {
-                    for (FilePath libraryNamePath : LibraryCachingConfiguration.getGlobalLibrariesCacheDir().list("*-name.txt")) {
+                    for (FilePath libraryCachePath : LibraryCachingConfiguration.getGlobalLibrariesCacheDir().list("*.jar")) {
                         // Libraries configured in distinct locations may have the same name. Since only admins are allowed here, this is not a huge issue, but it is probably unexpected.
                         String cacheName;
-                        try (InputStream stream = libraryNamePath.read()) {
-                            cacheName = IOUtils.toString(stream, StandardCharsets.UTF_8);
+                        try (JarFile jf = new JarFile(libraryCachePath.getRemote())) {
+                            cacheName = jf.getManifest().getMainAttributes().getValue(LibraryRetriever.ATTR_LIBRARY_NAME);
                         }
                         if (cacheName.equals(name)) {
-                            FilePath libraryCachePath = LibraryCachingConfiguration.getGlobalLibrariesCacheDir()
-                                    .child(libraryNamePath.getName().replace("-name.txt", ""));
                             if (forceDelete) {
                                 LOGGER.log(Level.FINER, "Force deleting cache for {0}", name);
-                                libraryCachePath.deleteRecursive();
-                                libraryNamePath.delete();
+                                libraryCachePath.delete();
                             } else {
                                 LOGGER.log(Level.FINER, "Safe deleting cache for {0}", name);
                                 ReentrantReadWriteLock retrieveLock = LibraryAdder.getReadWriteLockFor(libraryCachePath.getName());
                                 if (retrieveLock.writeLock().tryLock(10, TimeUnit.SECONDS)) {
                                     try {
-                                        libraryCachePath.deleteRecursive();
-                                        libraryNamePath.delete();
+                                        libraryCachePath.delete();
                                     } finally {
                                         retrieveLock.writeLock().unlock();
                                     }

src/main/java/org/jenkinsci/plugins/workflow/libs/LibraryRetriever.java

@@ -39,12 +39,20 @@
 import hudson.util.io.ArchiverFactory;
 import java.io.IOException;
 import java.io.OutputStream;
+import java.util.jar.Attributes;
+import java.util.jar.JarFile;
+import java.util.jar.Manifest;
 
 /**
  * A way in which a library can be physically obtained for use in a build.
  */
 public abstract class LibraryRetriever extends AbstractDescribableImpl<LibraryRetriever> implements ExtensionPoint {
 
+    /**
+     * JAR manifest attribute giving original library name.
+     */
+    static final String ATTR_LIBRARY_NAME = "Jenkins-Library-Name";
+
     /**
      * Obtains library sources.
      * @param name the {@link LibraryConfiguration#getName}
@@ -60,7 +68,7 @@ public void retrieveJar(@NonNull String name, @NonNull String version, boolean c
             FilePath tmp = target.sibling(target.getBaseName() + "-checkout");
             try {
                 retrieve(name, version, changelog, tmp, run, listener);
-                dir2Jar(tmp, target);
+                dir2Jar(name, tmp, target);
             } finally {
                 tmp.deleteRecursive();
                 WorkspaceList.tempDir(tmp).deleteRecursive();
@@ -74,28 +82,35 @@ public void retrieveJar(@NonNull String name, @NonNull String version, boolean c
      * Translates a historical directory with {@code src/} and/or {@code vars/} and/or {@code resources/} subdirectories
      * into a JAR file with Groovy in classpath orientation and {@code resources/} as a ZIP folder.
      */
-    static void dir2Jar(@NonNull FilePath dir, @NonNull FilePath jar) throws IOException, InterruptedException {
+    static void dir2Jar(@NonNull String name, @NonNull FilePath dir, @NonNull FilePath jar) throws IOException, InterruptedException {
         // TODO do this more efficiently by packing JAR directly
-        FilePath tmp2 = jar.withSuffix(".tmp2");
-        tmp2.mkdirs();
+        FilePath tmp = jar.sibling(jar.getBaseName() + "-repack");
+        tmp.mkdirs();
         try {
             FilePath src = dir.child("src");
             if (src.isDirectory()) {
-                src.moveAllChildrenTo(tmp2);
+                src.moveAllChildrenTo(tmp);
             }
             FilePath vars = dir.child("vars");
             if (vars.isDirectory()) {
-                vars.moveAllChildrenTo(tmp2);
+                vars.moveAllChildrenTo(tmp);
             }
             FilePath resources = dir.child("resources");
             if (resources.isDirectory()) {
-                resources.renameTo(tmp2.child("resources"));
+                resources.renameTo(tmp.child("resources"));
+            }
+            try (OutputStream os = tmp.child(JarFile.MANIFEST_NAME).write()) {
+                Manifest m = new Manifest();
+                m.getMainAttributes().put(Attributes.Name.MANIFEST_VERSION, "1.0");
+                // Informational debugging aid, since the hex JAR basename will be meaningless:
+                m.getMainAttributes().putValue(ATTR_LIBRARY_NAME, name);
+                m.write(os);
             }
             try (OutputStream os = jar.write()) {
-                tmp2.archive(ArchiverFactory.ZIP, os, "**");
+                tmp.archive(ArchiverFactory.ZIP, os, "**");
             }
         } finally {
-            tmp2.deleteRecursive();
+            tmp.deleteRecursive();
         }
     }
 

src/main/java/org/jenkinsci/plugins/workflow/libs/SCMSourceRetriever.java

@@ -151,7 +151,7 @@ public String getLibraryPath() {
             if (changelog) {
                 listener.getLogger().println("WARNING: ignoring request to compute changelog in clone mode");
             }
-            doClone(scm.build(revision.getHead(), revision), libraryPath, target, run, listener);
+            doClone(name, scm.build(revision.getHead(), revision), libraryPath, target, run, listener);
         } else {
             doRetrieve(name, changelog, scm.build(revision.getHead(), revision), libraryPath, target, run, listener);
         }
@@ -228,7 +228,7 @@ static void doRetrieve(String name, boolean changelog, @NonNull SCM scm, String
             }
             // Cannot add WorkspaceActionImpl to private CpsFlowExecution.flowStartNodeActions; do we care?
             // Copy sources with relevant files from the checkout:
-            LibraryRetriever.dir2Jar(lease.path.child(libraryPath), target);
+            LibraryRetriever.dir2Jar(name, lease.path.child(libraryPath), target);
         }
     }
 
@@ -240,7 +240,7 @@ private static String getFilePathSuffix() {
     /**
      * Similar to {@link #doRetrieve} but used in {@link #clone} mode.
      */
-    private static void doClone(@NonNull SCM scm, String libraryPath, FilePath target, Run<?, ?> run, TaskListener listener) throws Exception {
+    private static void doClone(@NonNull String name, @NonNull SCM scm, String libraryPath, FilePath target, Run<?, ?> run, TaskListener listener) throws Exception {
         // TODO merge into doRetrieve
         SCMStep delegate = new GenericSCMStep(scm);
         delegate.setPoll(false);
@@ -261,7 +261,7 @@ private static void doClone(@NonNull SCM scm, String libraryPath, FilePath targe
                 root = tmp.child(libraryPath);
             }
             // TODO handle INCLUDE_SRC_TEST_IN_LIBRARIES
-            LibraryRetriever.dir2Jar(root, target);
+            LibraryRetriever.dir2Jar(name, root, target);
         } finally {
             tmp.deleteRecursive();
             WorkspaceList.tempDir(tmp).deleteRecursive();

src/test/java/org/jenkinsci/plugins/workflow/libs/LibraryCachingCleanupTest.java

@@ -39,7 +39,6 @@
 
 import static org.hamcrest.MatcherAssert.assertThat;
 import static org.hamcrest.Matchers.not;
-import static org.hamcrest.io.FileMatchers.anExistingDirectory;
 import static org.hamcrest.io.FileMatchers.anExistingFile;
 
 public class LibraryCachingCleanupTest {
@@ -67,28 +66,16 @@ public void smokes() throws Throwable {
         WorkflowRun b = r.buildAndAssertSuccess(p);
         LibrariesAction action = b.getAction(LibrariesAction.class);
         LibraryRecord record = action.getLibraries().get(0);
-        FilePath cache = LibraryCachingConfiguration.getGlobalLibrariesCacheDir().child(record.getDirectoryName());
-        assertThat(new File(cache.getRemote()), anExistingDirectory());
+        FilePath cache = LibraryCachingConfiguration.getGlobalLibrariesCacheDir().child(record.getDirectoryName() + ".jar");
+        assertThat(new File(cache.getRemote()), anExistingFile());
         // Run LibraryCachingCleanup and show that cache is not deleted.
         ExtensionList.lookupSingleton(LibraryCachingCleanup.class).execute(StreamTaskListener.fromStderr());
-        assertThat(new File(cache.getRemote()), anExistingDirectory());
-        assertThat(new File(cache.withSuffix("-name.txt").getRemote()), anExistingFile());
+        assertThat(new File(cache.getRemote()), anExistingFile());
         // Run LibraryCachingCleanup after modifying LAST_READ_FILE to be an old date and and show that cache is deleted.
         long oldMillis = ZonedDateTime.now().minusDays(LibraryCachingCleanup.EXPIRE_AFTER_READ_DAYS + 1).toInstant().toEpochMilli();
-        cache.child(LibraryCachingConfiguration.LAST_READ_FILE).touch(oldMillis);
+        cache.sibling(cache.getBaseName() + "." + LibraryCachingConfiguration.LAST_READ_FILE).touch(oldMillis);
         ExtensionList.lookupSingleton(LibraryCachingCleanup.class).execute(StreamTaskListener.fromStderr());
-        assertThat(new File(cache.getRemote()), not(anExistingDirectory()));
-        assertThat(new File(cache.withSuffix("-name.txt").getRemote()), not(anExistingDirectory()));
-    }
-
-    @Test
-    public void preSecurity2586() throws Throwable {
-        FilePath cache = LibraryCachingConfiguration.getGlobalLibrariesCacheDir().child("name").child("version");
-        cache.mkdirs();
-        cache.child(LibraryCachingConfiguration.LAST_READ_FILE).touch(System.currentTimeMillis());
-        ExtensionList.lookupSingleton(LibraryCachingCleanup.class).execute(StreamTaskListener.fromStderr());
-        assertThat(new File(cache.getRemote()), not(anExistingDirectory()));
-        assertThat(new File(cache.getParent().getRemote()), not(anExistingDirectory()));
+        assertThat(new File(cache.getRemote()), not(anExistingFile()));
     }
 
 }

src/test/java/org/jenkinsci/plugins/workflow/libs/LibraryCachingConfigurationTest.java

@@ -175,11 +175,9 @@ public void clearCache() throws Exception {
         LibraryRecord record = action.getLibraries().get(0);
         FilePath cache = LibraryCachingConfiguration.getGlobalLibrariesCacheDir().child(record.getDirectoryName());
         assertThat(new File(cache.getRemote()), anExistingDirectory());
-        assertThat(new File(cache.withSuffix("-name.txt").getRemote()), anExistingFile());
         // Clear the cache. TODO: Would be more realistic to set up security and use WebClient.
         ExtensionList.lookupSingleton(LibraryCachingConfiguration.DescriptorImpl.class).doClearCache("library", false);
         assertThat(new File(cache.getRemote()), not(anExistingDirectory()));
-        assertThat(new File(cache.withSuffix("-name.txt").getRemote()), not(anExistingFile()));
     }
 
 }

src/test/java/org/jenkinsci/plugins/workflow/libs/LibraryRetrieverTest.java

@@ -60,12 +60,13 @@ private void assertDir2Jar(Set<String> inputs, Set<String> outputs) throws Excep
             dir.child(input).write("xxx", null);
         }
         FilePath jar = work.child("x.jar");
-        LibraryRetriever.dir2Jar(dir, jar);
+        LibraryRetriever.dir2Jar("mylib", dir, jar);
         Set<String> actualOutputs = new TreeSet<>();
         try (JarFile jf = new JarFile(jar.getRemote())) {
+            assertThat(jf.getManifest().getMainAttributes().getValue(LibraryRetriever.ATTR_LIBRARY_NAME), is("mylib"));
             jf.stream().forEach(e -> {
                 String name = e.getName();
-                if (!name.endsWith("/")) {
+                if (!name.endsWith("/") && !name.startsWith("META-INF/")) {
                     actualOutputs.add(name);
                 }
             });

src/test/java/org/jenkinsci/plugins/workflow/libs/SCMSourceRetrieverTest.java

@@ -79,7 +79,7 @@
 import org.jvnet.hudson.test.WithoutJenkins;
 
 import static org.hamcrest.MatcherAssert.assertThat;
-import static org.hamcrest.Matchers.arrayContainingInAnyOrder;
+import static org.hamcrest.Matchers.arrayContaining;
 import static org.hamcrest.Matchers.equalTo;
 import static org.hamcrest.Matchers.matchesPattern;
 import static org.hamcrest.Matchers.nullValue;
@@ -392,7 +392,7 @@ public static class BasicSCMSource extends SCMSource {
         r.assertLogContains("something special", b);
         r.assertLogContains("Using shallow clone with depth 1", b);
         // Fails to reproduce presence of *.jar.tmp@tmp; probably specific to use of GIT_ASKPASS:
-        assertThat(new File(b.getRootDir(), "libs").list(), arrayContainingInAnyOrder(matchesPattern("[0-9a-f]{64}[.]jar"), matchesPattern("[0-9a-f]{64}-name[.]txt")));
+        assertThat(new File(b.getRootDir(), "libs").list(), arrayContaining(matchesPattern("[0-9a-f]{64}[.]jar")));
     }
 
     @Test public void cloneModeLibraryPath() throws Exception {