Require Jenkins 2.479.3 or newer and Jakarta EE 9 (#345)

Author: strangelookingnerd

Diff for: pom.xml

@@ -4,7 +4,7 @@
   <parent>
     <groupId>org.jenkins-ci.plugins</groupId>
     <artifactId>plugin</artifactId>
-    <version>4.88</version>
+    <version>5.9</version>
     <relativePath />
   </parent>
   <groupId>com.datapipe.jenkins.plugins</groupId>
@@ -14,8 +14,8 @@
   <properties>
     <changelist>9999-SNAPSHOT</changelist>
     <!-- https://www.jenkins.io/doc/developer/plugin-development/choosing-jenkins-baseline/ -->
-    <jenkins.baseline>2.452</jenkins.baseline>
-    <jenkins.version>${jenkins.baseline}.4</jenkins.version>
+    <jenkins.baseline>2.479</jenkins.baseline>
+    <jenkins.version>${jenkins.baseline}.3</jenkins.version>
     <hpi.compatibleSinceVersion>2.0.0</hpi.compatibleSinceVersion>
     <gitHubRepo>jenkinsci/${project.artifactId}</gitHubRepo>
   </properties>
@@ -29,7 +29,7 @@
   <licenses>
     <license>
       <name>MIT License</name>
-      <url>http://opensource.org/licenses/MIT</url>
+      <url>https://opensource.org/licenses/MIT</url>
     </license>
   </licenses>
   <developers>
@@ -78,12 +78,12 @@
         <plugin>
           <groupId>org.apache.maven.plugins</groupId>
           <artifactId>maven-checkstyle-plugin</artifactId>
-          <version>3.5.0</version>
+          <version>3.6.0</version>
           <dependencies>
             <dependency>
               <groupId>com.puppycrawl.tools</groupId>
               <artifactId>checkstyle</artifactId>
-              <version>10.18.1</version>
+              <version>10.23.0</version>
             </dependency>
           </dependencies>
         </plugin>
@@ -221,7 +221,7 @@
       <dependency>
         <groupId>io.jenkins.tools.bom</groupId>
         <artifactId>bom-${jenkins.baseline}.x</artifactId>
-        <version>3387.v0f2773fa_3200</version>
+        <version>4545.v56392b_7ca_7b_a_</version>
         <scope>import</scope>
         <type>pom</type>
       </dependency>

Diff for: src/main/java/com/datapipe/jenkins/vault/VaultAccessor.java

@@ -25,6 +25,7 @@
 import io.github.jopenlibs.vault.response.VaultResponse;
 import io.github.jopenlibs.vault.rest.RestResponse;
 import java.io.PrintStream;
+import java.io.Serial;
 import java.io.Serializable;
 import java.nio.charset.StandardCharsets;
 import java.util.Arrays;
@@ -40,6 +41,7 @@
 
 public class VaultAccessor implements Serializable {
 
+    @Serial
     private static final long serialVersionUID = 1L;
 
     private VaultConfig config;

Diff for: src/main/java/com/datapipe/jenkins/vault/VaultBindingStep.java

@@ -36,11 +36,10 @@
 import hudson.model.TaskListener;
 import hudson.util.Secret;
 import java.io.IOException;
+import java.io.Serial;
 import java.util.ArrayList;
-import java.util.Arrays;
 import java.util.Collections;
 import java.util.HashMap;
-import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
@@ -85,6 +84,7 @@ public StepExecution start(StepContext context) throws Exception {
 
     protected static class Execution extends GeneralNonBlockingStepExecution {
 
+        @Serial
         private static final long serialVersionUID = 1;
 
         private transient VaultBindingStep step;
@@ -115,8 +115,7 @@ private void doStart() throws Exception {
                 .retrieveVaultSecrets(run, listener.getLogger(), envVars, vaultAccessor,
                     step.getConfiguration(), step.getVaultSecrets());
 
-            List<String> secretValues = new ArrayList<>();
-            secretValues.addAll(overrides.values());
+            List<String> secretValues = new ArrayList<>(overrides.values());
 
             getContext().newBodyInvoker()
                 .withContext(EnvironmentExpander.merge(getContext().get(EnvironmentExpander.class),
@@ -131,9 +130,10 @@ private void doStart() throws Exception {
 
     private static final class Overrider extends EnvironmentExpander {
 
+        @Serial
         private static final long serialVersionUID = 1;
 
-        private final Map<String, Secret> overrides = new HashMap<String, Secret>();
+        private final Map<String, Secret> overrides = new HashMap<>();
 
         Overrider(Map<String, String> overrides) {
             for (Map.Entry<String, String> override : overrides.entrySet()) {
@@ -167,9 +167,7 @@ public static final class DescriptorImpl extends StepDescriptor {
 
         @Override
         public Set<? extends Class<?>> getRequiredContext() {
-            return Collections
-                .unmodifiableSet(
-                    new HashSet<>(Arrays.asList(TaskListener.class, Run.class, EnvVars.class)));
+            return Set.of(TaskListener.class, Run.class, EnvVars.class);
         }
 
         @Override

Diff for: src/main/java/com/datapipe/jenkins/vault/configuration/GlobalVaultConfiguration.java

@@ -10,7 +10,7 @@
 import net.sf.json.JSONObject;
 import org.jenkinsci.Symbol;
 import org.kohsuke.stapler.DataBoundSetter;
-import org.kohsuke.stapler.StaplerRequest;
+import org.kohsuke.stapler.StaplerRequest2;
 
 @Extension
 @Symbol("hashicorpVault")
@@ -31,7 +31,7 @@ public VaultConfiguration getConfiguration() {
     }
 
     @Override
-    public boolean configure(StaplerRequest req, JSONObject json) throws FormException {
+    public boolean configure(StaplerRequest2 req, JSONObject json) throws FormException {
         req.bindJSON(this, json);
         return true;
     }

Diff for: src/main/java/com/datapipe/jenkins/vault/credentials/VaultAppRoleCredential.java

@@ -9,6 +9,7 @@
 import hudson.util.Secret;
 import io.github.jopenlibs.vault.VaultException;
 import io.github.jopenlibs.vault.api.Auth;
+import java.io.Serial;
 import org.apache.commons.lang.StringUtils;
 import org.kohsuke.stapler.DataBoundConstructor;
 
@@ -68,6 +69,7 @@ public String getDisplayName() {
 
     }
 
+    @Serial
     protected Object readResolve() {
         if (StringUtils.isBlank(path)) {
             path = "approle";

Diff for: src/main/java/com/datapipe/jenkins/vault/credentials/VaultCredentialsProvider.java

@@ -16,10 +16,9 @@
 import hudson.model.ItemGroup;
 import hudson.security.ACL;
 import java.util.ArrayList;
-import java.util.Collections;
 import java.util.List;
 import jenkins.model.Jenkins;
-import org.acegisecurity.Authentication;
+import org.springframework.security.core.Authentication;
 
 /**
  * This class provides the credentials that we need to authenticate against Vault
@@ -32,58 +31,52 @@
 public class VaultCredentialsProvider extends CredentialsProvider {
 
     @Override
-    public <C extends Credentials> List<C> getCredentials(Class<C> type, ItemGroup itemGroup, Authentication authentication) {
-        return getCredentials(type, itemGroup, authentication, Collections.emptyList());
-    }
-
     @NonNull
-    @Override
-    public <C extends Credentials> List<C> getCredentials(@NonNull Class<C> type,
-                                                          @Nullable ItemGroup itemGroup,
-                                                          @Nullable Authentication authentication,
-                                                          @NonNull List<DomainRequirement> domainRequirements) {
+    public <C extends Credentials> List<C> getCredentialsInItemGroup(@NonNull Class<C> type,
+        @Nullable ItemGroup itemGroup,
+        @Nullable Authentication authentication,
+        @NonNull List<DomainRequirement> domainRequirements) {
         CredentialsMatcher matcher = (type != VaultCredential.class ?
-                                        CredentialsMatchers.instanceOf(AbstractVaultBaseStandardCredentials.class) :
-                                        CredentialsMatchers.always());
-        List<C> creds = new ArrayList<C>();
-        if (ACL.SYSTEM.equals(authentication)) {
-            for (ItemGroup g = itemGroup; g instanceof AbstractFolder; g = (AbstractFolder.class.cast(g)).getParent()) {
+            CredentialsMatchers.instanceOf(AbstractVaultBaseStandardCredentials.class) :
+            CredentialsMatchers.always());
+        List<C> creds = new ArrayList<>();
+        if (ACL.SYSTEM2.equals(authentication)) {
+            for (ItemGroup<?> g = itemGroup; g instanceof AbstractFolder; g = ((AbstractFolder<?>) g).getParent()) {
                 FolderCredentialsProperty property = ((AbstractFolder<?>) g).getProperties()
-                                                                           .get(FolderCredentialsProperty.class);
+                    .get(FolderCredentialsProperty.class);
                 if (property == null) {
                     continue;
                 }
 
                 List<C> folderCreds = DomainCredentials.getCredentials(
-                                                    property.getDomainCredentialsMap(),
-                                                    type,
-                                                    domainRequirements,
-                                                    matcher
-                                                );
+                    property.getDomainCredentialsMap(),
+                    type,
+                    domainRequirements,
+                    matcher
+                );
 
                 if (type != VaultCredential.class) {
                     for (C c : folderCreds) {
-                        ((AbstractVaultBaseStandardCredentials)c).setContext(g);
+                        ((AbstractVaultBaseStandardCredentials) c).setContext(g);
                     }
                 }
 
                 creds.addAll(folderCreds);
             }
 
             List<C> globalCreds = DomainCredentials.getCredentials(
-                                                SystemCredentialsProvider.getInstance().getDomainCredentialsMap(),
-                                                type,
-                                                domainRequirements,
-                                                matcher
-                                            );
+                SystemCredentialsProvider.getInstance().getDomainCredentialsMap(),
+                type,
+                domainRequirements,
+                matcher
+            );
             if (type != VaultCredential.class) {
                 for (C c : globalCreds) {
-                    ((AbstractVaultBaseStandardCredentials)c).setContext(Jenkins.get());
+                    ((AbstractVaultBaseStandardCredentials) c).setContext(Jenkins.get());
                 }
             }
             creds.addAll(globalCreds);
         }
-
         return creds;
     }
 }

Diff for: src/main/java/com/datapipe/jenkins/vault/credentials/common/VaultCertificateCredentialsBinding.java

@@ -55,7 +55,7 @@ public MultiEnvironment bind(@NonNull Run<?, ?> build, FilePath workspace, Launc
         FilePath keyStoreFile = keyStoreDir.getDirPath().child(String.format("keystore-%s", this.keyStoreVariable));
         credentials.write(keyStoreFile);
 
-        Map<String, String> map = new HashMap<String, String>();
+        Map<String, String> map = new HashMap<>();
         map.put(this.keyStoreVariable, keyStoreFile.getRemote());
         map.put(this.passwordVariable, credentials.getPassword().getPlainText());
         return new MultiEnvironment(map);
@@ -71,7 +71,7 @@ public String getPasswordVariable() {
 
     @Override
     public Set<String> variables() {
-        Set<String> variables = new HashSet<String>();
+        Set<String> variables = new HashSet<>();
         variables.add(this.keyStoreVariable);
         variables.add(this.passwordVariable);
         return variables;

Diff for: src/main/java/com/datapipe/jenkins/vault/credentials/common/VaultFileCredentialBinding.java

@@ -2,7 +2,7 @@
 
 import hudson.Extension;
 import hudson.FilePath;
-import java.io.IOException;;
+import java.io.IOException;
 import org.jenkinsci.Symbol;
 import org.jenkinsci.plugins.credentialsbinding.BindingDescriptor;
 import org.jenkinsci.plugins.credentialsbinding.impl.AbstractOnDiskBinding;

Diff for: src/main/java/com/datapipe/jenkins/vault/credentials/common/VaultFileCredentialImpl.java

@@ -9,6 +9,7 @@
 import hudson.util.ListBoxModel;
 import java.io.ByteArrayInputStream;
 import java.io.InputStream;
+import java.io.Serial;
 import java.nio.charset.StandardCharsets;
 import java.util.Map;
 import java.util.UUID;
@@ -28,6 +29,7 @@
 
 public class VaultFileCredentialImpl extends AbstractVaultBaseStandardCredentials implements VaultFileCredential {
 
+    @Serial
     private static final long serialVersionUID = 1L;
 
     private String fileName;

Diff for: src/main/java/com/datapipe/jenkins/vault/credentials/common/VaultHelper.java

@@ -3,7 +3,6 @@
 import com.cloudbees.plugins.credentials.CredentialsMatchers;
 import com.cloudbees.plugins.credentials.CredentialsProvider;
 import com.cloudbees.plugins.credentials.CredentialsUnavailableException;
-import com.cloudbees.plugins.credentials.domains.DomainRequirement;
 import com.cloudbees.plugins.credentials.matchers.IdMatcher;
 import com.datapipe.jenkins.vault.VaultAccessor;
 import com.datapipe.jenkins.vault.configuration.VaultConfigResolver;
@@ -121,7 +120,7 @@ private static VaultCredential retrieveVaultCredentials(String id, ItemGroup<Ite
             .lookupCredentials(VaultCredential.class,
                 itemGroup,
                 ACL.SYSTEM,
-                Collections.<DomainRequirement>emptyList());
+                Collections.emptyList());
         VaultCredential credential = CredentialsMatchers
             .firstOrNull(credentials, new IdMatcher(id));
 

Diff for: src/main/java/com/datapipe/jenkins/vault/credentials/common/VaultStringCredentialImpl.java

@@ -9,6 +9,7 @@
 import hudson.util.FormValidation;
 import hudson.util.ListBoxModel;
 import hudson.util.Secret;
+import java.io.Serial;
 import jenkins.model.Jenkins;
 import org.kohsuke.stapler.AncestorInPath;
 import org.kohsuke.stapler.DataBoundConstructor;
@@ -23,6 +24,7 @@ public class VaultStringCredentialImpl extends AbstractVaultBaseStandardCredenti
 
     public static final String DEFAULT_VAULT_KEY = "secret";
 
+    @Serial
     private static final long serialVersionUID = 1L;
 
     private String vaultKey;

Diff for: src/main/java/com/datapipe/jenkins/vault/credentials/common/VaultUsernamePasswordCredentialBinding.java

@@ -49,7 +49,7 @@ public MultiEnvironment bind(@NonNull Run<?, ?> build, FilePath workspace, Launc
         TaskListener listener)
         throws IOException, InterruptedException {
         VaultUsernamePasswordCredential credentials = this.getCredentials(build);
-        Map<String, String> map = new HashMap<String, String>();
+        Map<String, String> map = new HashMap<>();
         map.put(this.usernameVariable, credentials.getUsername());
         map.put(this.passwordVariable, credentials.getPassword().getPlainText());
         return new MultiEnvironment(map);
@@ -65,7 +65,7 @@ public String getPasswordVariable() {
 
     @Override
     public Set<String> variables() {
-        Set<String> variables = new HashSet<String>();
+        Set<String> variables = new HashSet<>();
         variables.add(this.usernameVariable);
         variables.add(this.passwordVariable);
         return variables;

Diff for: src/main/java/com/datapipe/jenkins/vault/jcasc/secrets/VaultSecretSource.java

@@ -65,9 +65,8 @@ private void configureVault() {
 
         // Parse variables
         Optional<String> vaultEngineVersionOpt = getVariable(CASC_VAULT_ENGINE_VERSION);
-        Optional<String> vaultUrl = getVariable(CASC_VAULT_AGENT_ADDR)
-            .map(Optional::of)
-            .orElseGet(() -> getVariable(CASC_VAULT_URL));
+        Optional<String> vaultUrl = getVariable(CASC_VAULT_AGENT_ADDR).or(
+            () -> getVariable(CASC_VAULT_URL));
         Optional<String> vaultNamespace = getVariable(CASC_VAULT_NAMESPACE);
         Optional<String> vaultPrefixPath = getVariable(CASC_VAULT_PREFIX_PATH);
         Optional<String[]> vaultPaths = getCommaSeparatedVariables(CASC_VAULT_PATHS);
@@ -76,7 +75,7 @@ private void configureVault() {
                 new Object[]{CASC_VAULT_PATH, CASC_VAULT_PATHS}));
 
         // Check mandatory variables are set
-        if (!vaultUrl.isPresent() || !vaultPaths.isPresent()) return;
+        if (vaultUrl.isEmpty() || vaultPaths.isEmpty()) return;
 
         if (getVariable(CASC_VAULT_AGENT_ADDR).isPresent()) usingVaultAgent = true;
 
@@ -186,7 +185,7 @@ private void readSecretsFromVault() {
                 // Parse secrets
                 for (String vaultPath : vaultPathsOpt.get()) {
                     Map<String, String> nextSecrets = vault.logical().read(vaultPath).getData();
-                    Map<String, String> nextSecretsFullPath = new HashMap<String, String>();
+                    Map<String, String> nextSecretsFullPath = new HashMap<>();
                     // create item where key is full path to secret
                     for (Map.Entry<String, String> secretEntry : nextSecrets.entrySet()) {
                         nextSecretsFullPath.put(vaultPath + "/" + secretEntry.getKey(), secretEntry.getValue());

Diff for: src/main/java/com/datapipe/jenkins/vault/log/MaskingConsoleLogFilter.java

@@ -4,6 +4,7 @@
 import hudson.model.Run;
 import java.io.IOException;
 import java.io.OutputStream;
+import java.io.Serial;
 import java.io.Serializable;
 import java.util.ArrayList;
 import java.util.List;
@@ -16,6 +17,7 @@
 public class MaskingConsoleLogFilter extends ConsoleLogFilter
     implements Serializable {
 
+    @Serial
     private static final long serialVersionUID = 1L;
 
     private final String charsetName;