Branch: refs/heads/master Home: https://github.com/jenkinsci/jenkins Commit: c8156d41f2e6abf52b41669287e9ab771080b8e4 https://github.com/jenkinsci/jenkins/commit/c8156d41f2e6abf52b41669287e9ab771080b8e4 Author: Mark Waite <mark.earl.wa...@gmail.com> Date: 2024-01-01 (Mon, 01 Jan 2024)
Changed paths: M core/src/main/java/hudson/FilePath.java M core/src/test/java/hudson/FilePathTest.java Log Message: ----------- [JENKINS-72469] Avoid repeated tool downloads from misconfigured HTTP servers (#8814) * [JENKINS-72469] Avoid repeated tool downloads from misconfigured HTTP servers The Azul Systems content delivery network stopped providing the last-modified header in their URL responses. They only provide the ETag header. Add ETag support to the Jenkins FilePath URL download method so that if ETag is provided, we use the ETag value. If last-modified is provided and matches, we continue to honor it as well. https://issues.jenkins.io/browse/JENKINS-72469 has more details. https://community.jenkins.io/t/job-stuck-on-unpacking-global-jdk-tool/11272 also includes more details. Testing done * Automated test added to FilePathTest for code changes on the controller. The automated test confirms that even without a last-modified value, the later downloads are skipped if a matching ETag is received. The automated test also confirms that download is skipped if OK is received with a matching ETag. No automated test was added to confirm download on the agent because that path is not tested by any of the other test automation of this class. * Interactive test with the Azul Systems JDK installer on the controller. I created a tool installer for the Azul JDK. I verified that before this change it was downloaded each time the job was run. I verified that after the change it was downloaded only once. * Interactive test with the Azul Systems JDK installer on an agent. I created a tool installer for the Azul JDK. I verified that before this change it was downloaded each time the job was run. I verified that after the change it was downloaded only once. * Interactive test on the controller with a file download from an NGINX web server confirmed that the tool is downloaded once and then later runs of the job did not download the file again. * Use equals instead of contains to check ETag Don't risk that a substring of an earlier ETag might cause a later ETag to incorrectly assume it does not need to download a modified installer. * Use weak comparison for ETag values https://httpwg.org/specs/rfc9110.html#field.etag describes weak comparison cases and notes that content providers may provide weak or strong entity tags. Updated code to correctly compare weak and strong entity tags. Also improves the null checks based on the suggestions from @mawinter69 in https://github.com/jenkinsci/jenkins/pull/8814#discussion_r1438909824 * Test comparison of weak and strong validators * Do not duplicate test args, more readable * Use better variable names in test Cover more branches in the equalEtags method as well * Fix variable declaration order -- You received this message because you are subscribed to the Google Groups "Jenkins Commits" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-commits+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-commits/jenkinsci/jenkins/push/refs/heads/master/3597db-c8156d%40github.com.