cicd/sonarqube-scan-action
1
0
Fork 0
mirror of https://github.com/SonarSource/sonarqube-scan-action.git synced 2026-05-18 17:30:17 +03:00
Code Issues Packages Projects Releases Wiki Activity

NO-JIRA Mask proxy URL and deduplicate test helper

Browse Source 
- Register HTTPS_PROXY as a secret via core.setSecret so embedded
  credentials (e.g. http://user:pass@proxy:8080) cannot leak to CI
  logs, and drop the URL from the info message.
- Hoist clearProxyEnv()/proxyVars to the outer describe scope in the
  GPG verification tests (Sonar S4144).

dist/ regenerated; this also drops stale chunk files that were no
longer emitted by the current rollup config.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Julien HENRY
2026-05-18 14:39:23 +02:00
parent 305fabb1f1
commit 2575ba4966
11 changed files with 24 additions and 57817 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/main/__tests__/gpg-verification-mocked.test.js
+8 -16
View File
@@ -38,6 +38,14 @@ function createTrackedGpgHome(tempDirs) {
describe("gpg-verification with mocked exec", () => {
let tempDirs = [];
const proxyVars = ["HTTPS_PROXY", "https_proxy", "HTTP_PROXY", "http_proxy"];
function clearProxyEnv() {
for (const v of proxyVars) {
delete process.env[v];
}
}
afterEach(() => {
// Clean up temporary directories
tempDirs.forEach((dir) => {
@@ -485,14 +493,6 @@ describe("gpg-verification with mocked exec", () => {
});
describe("getProxyFromEnv", () => {
const proxyVars = ["HTTPS_PROXY", "https_proxy", "HTTP_PROXY", "http_proxy"];
function clearProxyEnv() {
for (const v of proxyVars) {
delete process.env[v];
}
}
afterEach(() => {
clearProxyEnv();
});
@@ -536,14 +536,6 @@ describe("gpg-verification with mocked exec", () => {
});
describe("tryImportKey with proxy", () => {
const proxyVars = ["HTTPS_PROXY", "https_proxy", "HTTP_PROXY", "http_proxy"];
function clearProxyEnv() {
for (const v of proxyVars) {
delete process.env[v];
}
}
afterEach(() => {
clearProxyEnv();
});
src/main/gpg-verification.js
+5 -1
View File
@@ -151,7 +151,11 @@ async function tryImportKey(gpgHome, keyFingerprint, keyserver) {
const proxyUrl = getProxyFromEnv();
if (proxyUrl) {
core.info(`Using proxy for keyserver access: ${proxyUrl}`);
// The URL may carry credentials (e.g. http://user:pass@proxy:8080).
// Register it as a secret so future logging (here or downstream) is
// automatically redacted
core.setSecret(proxyUrl);
core.info("Using HTTPS_PROXY for keyserver access");
}
await exec.exec(