[JENKINS-76027] Allow Bitbucket build status to be customised

Restrict BitbucketAuthenticatedClient to perform call only to the configured server to avoid security issue calling any endpoint using the configured credentials.
Simplify extensions points interfaces removing those informations now shipped with the authenticated client.

Author: nfalco79

src/main/java/com/cloudbees/jenkins/plugins/bitbucket/api/BitbucketAuthenticatedClient.java

@@ -38,12 +38,62 @@
  */
 public interface BitbucketAuthenticatedClient extends AutoCloseable {
 
+    /**
+     * The owner of the repository where register the webhook.
+     */
+    @NonNull
+    String getRepositoryOwner();
+
+    /**
+     * Name of the repository where register the webhook.
+     */
+    @CheckForNull
+    String getRepositoryName();
+
+    /**
+     * Perform an HTTP POST to the configured endpoint.
+     * <p>
+     * Request will be sent as JSON
+     *
+     * @param path to call, it will prepend with the server URL
+     * @param payload to send
+     * @return the JSON string of the response
+     * @throws IOException in case of connection failures
+     */
     String post(@NonNull String path, @CheckForNull String payload) throws IOException;
 
+    /**
+     * Perform an HTTP PUT to the configured endpoint.
+     * <p>
+     * Request will be sent as JSON
+     *
+     * @param path to call, it will prepend with the server URL
+     * @param payload to send
+     * @return the JSON string of the response
+     * @throws IOException in case of connection failures
+     */
     String put(@NonNull String path, @CheckForNull String payload) throws IOException;
 
+    /**
+     * Perform an HTTP DELETE to the configured endpoint.
+     * <p>
+     * Request will be sent as JSON
+     *
+     * @param path to call, it will prepend with the server URL
+     * @return the JSON string of the response
+     * @throws IOException in case of connection failures
+     */
     String delete(@NonNull String path) throws IOException;
 
+    /**
+     * Perform an HTTP GET to the configured endpoint.
+     * <p>
+     * Request will be sent as JSON
+     *
+     * @param path to call, it will prepend with the server URL
+     * @return the JSON string of the response
+     * @throws IOException in case of connection failures
+     */
     @NonNull
     String get(@NonNull String path) throws IOException;
 

src/main/java/com/cloudbees/jenkins/plugins/bitbucket/api/BitbucketBuildStatus.java

@@ -23,11 +23,13 @@
  */
 package com.cloudbees.jenkins.plugins.bitbucket.api;
 
+import com.cloudbees.jenkins.plugins.bitbucket.api.buildstatus.BitbucketBuildStatusCustomizer;
 import com.fasterxml.jackson.annotation.JsonAnyGetter;
 import com.fasterxml.jackson.annotation.JsonIgnore;
 import com.fasterxml.jackson.annotation.JsonValue;
 import edu.umd.cs.findbugs.annotations.NonNull;
 import edu.umd.cs.findbugs.annotations.Nullable;
+import java.util.Collections;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.Objects;
@@ -235,13 +237,52 @@ public String getParent() {
         return parent;
     }
 
+    /**
+     * This represent additional informations contributed by
+     * {@link BitbucketBuildStatusCustomizer}s.
+     * <p>
+     * The content of this map will be serialised in the root of the sent
+     * payload.
+     * <p>
+     * For example:
+     *
+     * <pre>
+     * buildStatus.addOptionalData("testResults", new TestResult(1, 2, 3));
+     * buildStatus.addOptionalData("optX", true);
+     * </pre>
+     *
+     * Will be serialised as:
+     *
+     * <pre>
+     * {
+     *     "description": "The build is in progress..."
+     *     ...
+     *     "testResult": {
+     *         "successful": 5,
+     *         "failed": 2,
+     *         "skipped": 1
+     *     },
+     *     "optX": true
+     * }
+     * </pre>
+     *
+     * @return an unmodifiable map of extra informations
+     */
     @JsonAnyGetter
     public Map<String, Object> getOptionalData() {
-        return optionalData;
+        return Collections.unmodifiableMap(optionalData);
     }
 
-    public void setOptionalData(Map<String, Object> optionalData) {
-        this.optionalData = optionalData == null ? new HashMap<>() : new HashMap<>(optionalData);
+    /**
+     * Add a single entry key value to the payload to send.
+     *
+     * @param key attribute of build status, refer to the Bitbucket API
+     * @param optionalData value associate to the given key
+     * @see https://developer.atlassian.com/cloud/bitbucket/rest/api-group-commit-statuses/#api-repositories-workspace-repo-slug-commit-commit-statuses-build-post
+     * @see https://developer.atlassian.com/server/bitbucket/rest/v906/api-group-builds-and-deployments/#api-api-latest-projects-projectkey-repos-repositoryslug-commits-commitid-builds-post
+     */
+    public void addOptionalData(String key, Object optionalData) {
+        this.optionalData.put(key, optionalData);
     }
 
     @Override

src/main/java/com/cloudbees/jenkins/plugins/bitbucket/api/buildstatus/BitbucketBuildStatusCustomizer.java

@@ -90,7 +90,7 @@ default Collection<Class<? extends SCMSourceTrait>> supportedTraits() {
      *
      * @param traits to apply if supported too
      */
-    default void withTrais(List<SCMSourceTrait> traits) {
+    default void withTraits(List<SCMSourceTrait> traits) {
         supportedTraits().forEach(traitClass -> {
             SCMSourceTrait trait = SCMTrait.find(traits, traitClass);
             if (trait != null) {

src/main/java/com/cloudbees/jenkins/plugins/bitbucket/api/buildstatus/BitbucketBuildStatusNotifier.java

@@ -41,26 +41,5 @@ public interface BitbucketBuildStatusNotifier extends ExtensionPoint {
      */
     boolean isApplicable(@NonNull EndpointType type);
 
-    /**
-     * The owner of the repository where register the webhook.
-     *
-     * @param repositoryOwner name
-     */
-    void setRepositoryOwner(@NonNull String repositoryOwner);
-
-    /**
-     * Name of the repository where register the webhook.
-     *
-     * @param repositoryName
-     */
-    void setRepositoryName(@NonNull String repositoryName);
-
-    /**
-     * The base URL of endpoint of the Bitbucket host.
-     *
-     * @param serverURL the base of the endpoint to call.
-     */
-    void setServerURL(@NonNull String serverURL);
-
     void sendBuildStatus(@NonNull BitbucketBuildStatus status, @NonNull BitbucketAuthenticatedClient client) throws IOException;
 }

src/main/java/com/cloudbees/jenkins/plugins/bitbucket/api/webhook/BitbucketWebhookManager.java

@@ -25,6 +25,7 @@
 
 import com.cloudbees.jenkins.plugins.bitbucket.api.BitbucketAuthenticatedClient;
 import com.cloudbees.jenkins.plugins.bitbucket.api.BitbucketWebHook;
+import com.cloudbees.jenkins.plugins.bitbucket.api.endpoint.BitbucketEndpoint;
 import edu.umd.cs.findbugs.annotations.NonNull;
 import hudson.ExtensionPoint;
 import java.io.IOException;
@@ -48,27 +49,6 @@
 @Restricted(Beta.class)
 public interface BitbucketWebhookManager extends ExtensionPoint {
 
-    /**
-     * The owner of the repository where register the webhook.
-     *
-     * @param repositoryOwner name
-     */
-    void setRepositoryOwner(@NonNull String repositoryOwner);
-
-    /**
-     * Name of the repository where register the webhook.
-     *
-     * @param repositoryName
-     */
-    void setRepositoryName(@NonNull String repositoryName);
-
-    /**
-     * The base URL of endpoint of the Bitbucket host.
-     *
-     * @param serverURL the base of the endpoint to call.
-     */
-    void setServerURL(@NonNull String serverURL);
-
     /**
      * The callback URL where send event payload.
      * <p>
@@ -78,8 +58,10 @@ public interface BitbucketWebhookManager extends ExtensionPoint {
      * endpoint to process own events.
      *
      * @param callbackURL used to send webhook payload.
+     * @param endpoint this webhook is registered for, it could be used to
+     *        retrieve additional information to compose the callbackURL
      */
-    void setCallbackURL(@NonNull String callbackURL);
+    void setCallbackURL(@NonNull String callbackURL, @NonNull BitbucketEndpoint endpoint);
 
     /**
      * The configuration that returned this implementation class.
@@ -115,7 +97,7 @@ default void apply(SCMSourceTrait trait) {}
      *
      * @param traits to apply if supported too
      */
-    default void withTrais(List<SCMSourceTrait> traits) {
+    default void withTraits(List<SCMSourceTrait> traits) {
         supportedTraits().forEach(traitClass -> {
             SCMSourceTrait trait = SCMTrait.find(traits, traitClass);
             if (trait != null) {

src/main/java/com/cloudbees/jenkins/plugins/bitbucket/client/BitbucketCloudApiClient.java

@@ -528,8 +528,6 @@ public List<BitbucketCloudWebhook> getWebHooks() throws IOException {
     @Override
     public void postBuildStatus(@NonNull BitbucketBuildStatus status) throws IOException {
         CloudBuildStatusNotifier notifier = new CloudBuildStatusNotifier();
-        notifier.setRepositoryName(repositoryName);
-        notifier.setRepositoryOwner(owner);
         notifier.sendBuildStatus(status, adapt(BitbucketAuthenticatedClient.class));
     }
 
@@ -679,6 +677,12 @@ protected HttpHost getHost() {
         return API_HOST;
     }
 
+    @NonNull
+    @Override
+    protected String getBaseURL() {
+        return "https://api.bitbucket.org";
+    }
+
     @NonNull
     @Override
     protected CloseableHttpClient getClient() {

src/main/java/com/cloudbees/jenkins/plugins/bitbucket/hooks/WebhookAutoRegisterListener.java

@@ -187,17 +187,14 @@ private BitbucketWebhookManager buildWebhookManager(BitbucketSCMSource source, B
         BitbucketWebhookManager manager = ExtensionList.lookupFirst(webhookConfig.getManager());
         // setup manager with base required information
         manager.apply(webhookConfig);
-        manager.setServerURL(endpoint.getServerURL());
-        manager.setRepositoryOwner(source.getRepoOwner());
-        manager.setRepositoryName(source.getRepository());
 
         String callbackRootURL = getCallbackRootURL(webhookConfig);
         // this is the base callback URL that webhook usually should call to be processed
         String callbackURL = callbackRootURL + BitbucketSCMSourcePushHookReceiver.FULL_PATH;
-        manager.setCallbackURL(callbackURL);
+        manager.setCallbackURL(callbackURL, endpoint);
 
         // setup traits extra informations
-        manager.withTrais(source.getTraits());
+        manager.withTraits(source.getTraits());
         return manager;
     }
 

src/main/java/com/cloudbees/jenkins/plugins/bitbucket/impl/buildstatus/CloudBuildStatusNotifier.java

@@ -37,33 +37,16 @@
 
 @Extension
 public class CloudBuildStatusNotifier implements BitbucketBuildStatusNotifier {
-    private static final String COMMIT_BUILD_STATUS_URL = "https://api.bitbucket.org/2.0/repositories{/owner,repo}/commit/{hash}/statuses/build";
-
-    private String repositoryOwner;
-    private String repositoryName;
-
-    @Override
-    public void setRepositoryOwner(@NonNull String repositoryOwner) {
-        this.repositoryOwner = repositoryOwner;
-    }
-
-    @Override
-    public void setRepositoryName(@NonNull String repositoryName) {
-        this.repositoryName = repositoryName;
-    }
-
-    @Override
-    public void setServerURL(@NonNull String serverURL) {
-    }
+    private static final String COMMIT_BUILD_STATUS_URL = "/2.0/repositories{/owner,repo}/commit/{hash}/statuses/build";
 
     @Override
     public void sendBuildStatus(@NonNull BitbucketBuildStatus status, @NonNull BitbucketAuthenticatedClient client) throws IOException {
         BitbucketBuildStatus newStatus = new BitbucketBuildStatus(status);
         newStatus.setName(abbreviate(newStatus.getName(), 255));
 
         String url = UriTemplate.fromTemplate(COMMIT_BUILD_STATUS_URL)
-                .set("owner", repositoryOwner)
-                .set("repo", repositoryName)
+                .set("owner", client.getRepositoryOwner())
+                .set("repo", client.getRepositoryName())
                 .set("hash", newStatus.getHash())
                 .expand();
         client.post(url, JsonParser.toString(newStatus));

src/main/java/com/cloudbees/jenkins/plugins/bitbucket/impl/buildstatus/ServerBuildStatusNotifier.java

@@ -43,25 +43,6 @@
 public class ServerBuildStatusNotifier implements BitbucketBuildStatusNotifier {
     private static final String API_COMMIT_STATUS_PATH = "/rest/api/1.0/projects/{owner}/repos/{repo}/commits/{hash}/builds";
 
-    private String repositoryOwner;
-    private String repositoryName;
-    private String serverURL;
-
-    @Override
-    public void setRepositoryOwner(@NonNull String repositoryOwner) {
-        this.repositoryOwner = repositoryOwner;
-    }
-
-    @Override
-    public void setRepositoryName(@NonNull String repositoryName) {
-        this.repositoryName = repositoryName;
-    }
-
-    @Override
-    public void setServerURL(@NonNull String serverURL) {
-        this.serverURL = serverURL;
-    }
-
     @Override
     public void sendBuildStatus(@NonNull BitbucketBuildStatus status, @NonNull BitbucketAuthenticatedClient client) throws IOException {
         BitbucketServerBuildStatus newStatus = new BitbucketServerBuildStatus(status);
@@ -72,15 +53,14 @@ public void sendBuildStatus(@NonNull BitbucketBuildStatus status, @NonNull Bitbu
             newStatus.setKey(substring(key, 0, 255 - 33) + '/' + DigestUtils.md5Hex(key));
         }
 
-        String url = UriTemplate.fromTemplate(this.serverURL + API_COMMIT_STATUS_PATH)
-                .set("owner", repositoryOwner)
-                .set("repo", repositoryName)
+        String url = UriTemplate.fromTemplate(API_COMMIT_STATUS_PATH)
+                .set("owner", client.getRepositoryOwner())
+                .set("repo", client.getRepositoryName())
                 .set("hash", newStatus.getHash())
                 .expand();
         client.post(url, JsonParser.toString(newStatus));
     }
 
-
     @Override
     public boolean isApplicable(@NonNull EndpointType type) {
         return type == EndpointType.SERVER;