jenkinsci · timja · Aug 21, 2024 · Aug 14, 2024 · Aug 21, 2024 · Aug 21, 2024
@@ -18,7 +18,7 @@
 
   <properties>
     <changelist>999999-SNAPSHOT</changelist>
-    <jenkins.version>2.361.4</jenkins.version>
+    <jenkins.version>2.440.3</jenkins.version>
     <useBeta>true</useBeta>
   </properties>
 
@@ -41,11 +41,17 @@
     <dependencies>
       <dependency>
         <groupId>io.jenkins.tools.bom</groupId>
-        <artifactId>bom-2.361.x</artifactId>
-        <version>2102.v854b_fec19c92</version>
+        <artifactId>bom-2.440.x</artifactId>
+        <version>3276.vcd71db_867fb_2</version>
         <scope>import</scope>
         <type>pom</type>
       </dependency>
+      <dependency>
+        <!-- TODO remove when available in bom-2.440.x -->
+        <groupId>org.jenkins-ci.plugins</groupId>
+        <artifactId>github-branch-source</artifactId>
+        <version>1797.v86fdb_4d57d43</version>
+      </dependency>
     </dependencies>
   </dependencyManagement>
 

@@ -8,7 +8,6 @@
 import edu.hm.hafner.util.FilteredLog;
 import edu.umd.cs.findbugs.annotations.CheckForNull;
 
-import org.jenkinsci.plugins.github_branch_source.GitHubAppCredentials;
 import hudson.model.Job;
 import hudson.model.Run;
 

@@ -11,6 +11,7 @@
 import org.apache.commons.lang3.StringUtils;
 
 import edu.hm.hafner.util.VisibleForTesting;
+import edu.umd.cs.findbugs.annotations.Nullable;
 
 import org.kohsuke.github.GHCheckRun;
 import org.kohsuke.github.GHCheckRunBuilder;
@@ -35,6 +36,9 @@ public class GitHubChecksPublisher extends ChecksPublisher {
     private final PluginLogger buildLogger;
     private final String gitHubUrl;
 
+    @Nullable
+    private StandardUsernameCredentials credentials;
+
     /**
      * Creates a new instance of GitHubChecksPublisher.
      *
@@ -63,9 +67,8 @@ public GitHubChecksPublisher(final GitHubChecksContext context, final PluginLogg
     @Override
     public void publish(final ChecksDetails details) {
         try {
-            StandardUsernameCredentials credentials = context.getCredentials();
             // Prevent publication with unsupported credential types
-            switch (credentials.getClass().getSimpleName()) {
+            switch (getCredentials().getClass().getSimpleName()) {
                 case "GitHubAppCredentials":
                 case "VaultUsernamePasswordCredentialImpl":
                     break;
@@ -74,12 +77,12 @@ public void publish(final ChecksDetails details) {
             }
 
             String apiUri = null;
-            if (credentials instanceof GitHubAppCredentials) {
-                apiUri = ((GitHubAppCredentials) credentials).getApiUri();
+            if (getCredentials() instanceof GitHubAppCredentials) {
+                apiUri = ((GitHubAppCredentials) getCredentials()).getApiUri();
             }
 
             GitHub gitHub = Connector.connect(StringUtils.defaultIfBlank(apiUri, gitHubUrl),
-                    credentials);
+                    getCredentials());
 
             GitHubChecksDetails gitHubDetails = new GitHubChecksDetails(details);
 
@@ -124,12 +127,27 @@ GHCheckRunBuilder getUpdater(final GitHub github, final GitHubChecksDetails deta
     @VisibleForTesting
     GHCheckRunBuilder getCreator(final GitHub gitHub, final GitHubChecksDetails details) throws IOException {
         GHCheckRunBuilder builder = gitHub.getRepository(context.getRepository())
-                .createCheckRun(details.getName(), context.getHeadSha())
-                .withStartedAt(details.getStartedAt().orElse(Date.from(Instant.now())));
+            .createCheckRun(details.getName(), context.getHeadSha())
+            .withStartedAt(details.getStartedAt().orElse(Date.from(Instant.now())));
 
         return applyDetails(builder, details);
     }
 
+    @VisibleForTesting
+    StandardUsernameCredentials getCredentials() {
+        if (credentials == null) {
+            credentials = context.getCredentials();
+            if (credentials instanceof GitHubAppCredentials) {
+                final var gitHubAppCredentials = (GitHubAppCredentials) credentials;
+                if (context instanceof GitHubSCMSourceChecksContext) {
+                    final var gitHubSCMSourceChecksContext = (GitHubSCMSourceChecksContext) context;
+                    credentials = gitHubAppCredentials.withOwner(gitHubSCMSourceChecksContext.getOwner());
+                }
+            }
+        }
+        return credentials;
+    }
+
     private GHCheckRunBuilder applyDetails(final GHCheckRunBuilder builder, final GitHubChecksDetails details) {
         builder
                 .withStatus(details.getStatus())

@@ -66,6 +66,10 @@ public String getRepository() {
         }
     }
 
+    String getOwner() {
+        return Optional.ofNullable(resolveSource()).map(GitHubSCMSource::getRepoOwner).orElse(null);
+    }
+
     @Override
     public boolean isValid(final FilteredLog logger) {
         logger.logError("Trying to resolve checks parameters from GitHub SCM...");

@@ -66,6 +66,9 @@
 
 import static com.fasterxml.jackson.annotation.JsonAutoDetect.Visibility.*;
 import static org.assertj.core.api.Assertions.assertThat;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.anyString;
+import static org.mockito.ArgumentMatchers.eq;
 import static org.mockito.Mockito.*;
 
 /**
@@ -325,6 +328,15 @@ public void testChecksPublisherUpdatesCorrectly() throws Exception {
                     "https://github.example.com/"
             );
 
+            // Check that the owner is passed from context to credentials
+            if (context instanceof GitHubSCMSourceChecksContext) {
+                var credentials = publisher.getCredentials();
+                if (credentials instanceof GitHubAppCredentials) {
+                    var gitHubAppCredentials = (GitHubAppCredentials) credentials;
+                    assertThat(gitHubAppCredentials.getOwner()).isEqualTo("XiongKezhi");
+                }
+            }
+
             assertThat(context.getId(checksName1)).isNotPresent();
             assertThat(context.getId(checksName2)).isNotPresent();