Bump testcontainers from 1.16.2 to 1.17.2

.github/dependabot.yml

@@ -3,4 +3,8 @@ updates:
   - package-ecosystem: "maven"
     directory: "/"
     schedule:
-      interval: "weekly"
+      interval: "daily"
+  - package-ecosystem: "github-actions"
+    directory: /
+    schedule:
+      interval: "daily"

.github/release-drafter.yml

@@ -1,6 +1,4 @@
 # https://github.com/jenkinsci/.github/blob/master/.github/release-drafter.adoc
+# https://www.jenkins.io/doc/developer/publishing/releasing-cd/#release-notes
 _extends: .github
-# Semantic versioning is used d=for this plugin: https://semver.org/
-version-template: $MAJOR.$MINOR.$PATCH
-tag-template: ssh-slaves-$NEXT_PATCH_VERSION
-name-template: $NEXT_PATCH_VERSION
+

.github/workflows/cd.yaml

@@ -0,0 +1,59 @@
+# Note: additional setup is required, see https://www.jenkins.io/redirect/continuous-delivery-of-plugins
+
+name: cd
+on:
+  workflow_dispatch:
+  check_run:
+    types:
+      - completed
+
+jobs:
+  validate:
+    runs-on: ubuntu-latest
+    outputs:
+      should_release: ${{ steps.verify-ci-status.outputs.result == 'success' && steps.interesting-categories.outputs.interesting == 'true' }}
+    steps:
+      - name: Verify CI status
+        uses: jenkins-infra/verify-ci-status-action@v1.2.0
+        id: verify-ci-status
+        with:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          output_result: true
+
+      - name: Release Drafter
+        uses: release-drafter/release-drafter@v5
+        if: steps.verify-ci-status.outputs.result == 'success'
+        with:
+          name: next
+          tag: next
+          version: next
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Check interesting categories
+        uses: jenkins-infra/interesting-category-action@v1.1.0
+        id: interesting-categories
+        if: steps.verify-ci-status.outputs.result == 'success'
+        with:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+  release:
+    runs-on: ubuntu-latest
+    needs: [validate]
+    if: needs.validate.outputs.should_release == 'true'
+    steps:
+      - name: Check out
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      - name: Set up JDK 8
+        uses: actions/setup-java@v3
+        with:
+          distribution: 'adopt'
+          java-version: 8
+      - name: Release
+        uses: jenkins-infra/jenkins-maven-cd-action@v1.3.0
+        with:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          MAVEN_USERNAME: ${{ secrets.MAVEN_USERNAME }}
+          MAVEN_TOKEN: ${{ secrets.MAVEN_TOKEN }}

.github/workflows/jenkins-security-scan.yml

@@ -0,0 +1,16 @@
+name: Jenkins Security Scan
+on:
+  push:
+    branches:
+      - main
+# see https://github.com/jenkins-infra/jenkins-security-scan/issues/3      
+#  pull_request:
+#    types: [ opened, synchronize, reopened ]
+  workflow_dispatch:
+
+jobs:
+  security-scan:
+    uses: jenkins-infra/jenkins-security-scan/.github/workflows/jenkins-security-scan.yaml@v1
+    with:
+      java-cache: '' # Optionally enable use of a build dependency cache. Specify 'maven' or 'gradle' as appropriate.
+      java-version: 11 # What version of Java to set up for the build.

.mvn/extensions.xml

@@ -2,6 +2,6 @@
   <extension>
     <groupId>io.jenkins.tools.incrementals</groupId>
     <artifactId>git-changelist-maven-extension</artifactId>
-    <version>1.2</version>
+    <version>1.3</version>
   </extension>
 </extensions>

.mvn/maven.config

@@ -1,2 +1,3 @@
 -Pconsume-incrementals
 -Pmight-produce-incrementals
+-Dchangelist.format=%d.v%s

doc/CONFIGURE.md

@@ -226,13 +226,16 @@ See [SSH Build Agents and Cygwin](https://wiki.jenkins.io/display/JENKINS/SSH+sl
 
 ### Launch Windows agents using Microsoft OpenSSH
 
-The current version of the plugin does not run directly on PowerShell, you have to use prefix and suffix settings to trick the command and make it works, Windows 10 machines can run as SSH agents with the Microsoft OpenSSH server by using:
+The current version of the plugin does not run when Powershell is the default shell for the agent system. To connect to the agent you have to use prefix and suffix settings to trick the command and make it work, Windows 10/11 machines can run as SSH agents with the Microsoft OpenSSH server by using:
 
 **Prefix Start Agent Command**
 
 ```
 powershell -Command "cd C:\J\S ; C:\J\S\jdk\bin\java.exe -jar remoting.jar" ; exit 0 ; rem '
 ```
+
+`C:\J\S` is the path to the agent work directory on the agent system. If java is in a different directory, you will need to specify that directory instead of `C:\J\S\jdk\bin`.
+
 **Suffix Start Agent Command**
 
 ```

pom.xml

@@ -5,11 +5,11 @@
   <parent>
     <groupId>org.jenkins-ci.plugins</groupId>
     <artifactId>plugin</artifactId>
-    <version>4.31</version>
+    <version>4.40</version>
   </parent>
 
   <artifactId>ssh-slaves</artifactId>
-  <version>${revision}${changelist}</version>
+  <version>${revision}.${changelist}</version>
   <packaging>hpi</packaging>
 
   <name>SSH Build Agents plugin</name>
@@ -25,9 +25,9 @@
   </licenses>
 
   <properties>
-    <revision>1.33.1</revision>
-    <changelist>-SNAPSHOT</changelist>
-    <jenkins.version>2.289.1</jenkins.version>
+    <revision>1</revision>
+    <changelist>999999-SNAPSHOT</changelist>
+    <jenkins.version>2.319.1</jenkins.version>
     <java.level>8</java.level>
     <hpi.compatibleSinceVersion>1.31.0</hpi.compatibleSinceVersion>
   </properties>
@@ -102,19 +102,15 @@
     <dependencies>
       <dependency>
         <groupId>io.jenkins.tools.bom</groupId>
-        <artifactId>bom-2.277.x</artifactId>
-        <version>961.vf0c9f6f59827</version>
+        <artifactId>bom-2.319.x</artifactId>
+        <version>1342.v729ca_3818e88</version>
         <type>pom</type>
         <scope>import</scope>
       </dependency>
       <dependency>
         <groupId>org.jenkins-ci.plugins</groupId>
         <artifactId>jackson2-api</artifactId>
       </dependency>
-      <dependency>
-        <groupId>org.slf4j</groupId>
-        <artifactId>slf4j-api</artifactId>
-      </dependency>
     </dependencies>
   </dependencyManagement>
 
@@ -134,7 +130,7 @@
     <dependency>
       <groupId>org.jenkins-ci.modules</groupId>
       <artifactId>sshd</artifactId>
-      <version>3.1.0</version>
+      <version>3.236.ved5e1b_cb_50b_2</version>
       <scope>test</scope>
     </dependency>
     <dependency>
@@ -162,7 +158,7 @@
     <dependency>
       <groupId>org.testcontainers</groupId>
       <artifactId>testcontainers</artifactId>
-      <version>1.16.2</version>
+      <version>1.17.2</version>
       <scope>test</scope>
       <exclusions>
         <exclusion>

src/main/java/hudson/plugins/sshslaves/SSHLauncher.java

@@ -419,60 +419,58 @@ public void launch(final SlaveComputer computer, final TaskListener listener) th
             launcherExecutorService = Executors.newSingleThreadExecutor(
                     new NamingThreadFactory(Executors.defaultThreadFactory(), "SSHLauncher.launch for '" + computer.getName() + "' node"));
             Set<Callable<Boolean>> callables = new HashSet<>();
-            callables.add(new Callable<Boolean>() {
-                public Boolean call() throws InterruptedException {
-                    Boolean rval = Boolean.FALSE;
-                    try {
-                        String[] preferredKeyAlgorithms = getSshHostKeyVerificationStrategyDefaulted().getPreferredKeyAlgorithms(computer);
-                        if (preferredKeyAlgorithms != null && preferredKeyAlgorithms.length > 0) { // JENKINS-44832
-                            connection.setServerHostKeyAlgorithms(preferredKeyAlgorithms);
-                        } else {
-                            listener.getLogger().println("Warning: no key algorithms provided; JENKINS-42959 disabled");
-                        }
-
-                        listener.getLogger().println(logConfiguration());
-
-                        openConnection(listener, computer);
-
-                        verifyNoHeaderJunk(listener);
-                        reportEnvironment(listener);
-
-                        final String workingDirectory = getWorkingDirectory(computer);
-                        if (workingDirectory == null) {
-                            listener.error("Cannot get the working directory for " + computer);
-                            return Boolean.FALSE;
-                        }
-
-                        String java = null;
-                        if (StringUtils.isNotBlank(javaPath)) {
-                            java = expandExpression(computer, javaPath);
-                        } else {
-                          checkJavaIsInPath(listener);
-                          //FIXME deprecated on 2020-12-10, it will removed after 2021-09-01
-                            JavaVersionChecker javaVersionChecker = new JavaVersionChecker(computer, listener, getJvmOptions(),
-                                    connection);
-                            java = javaVersionChecker.resolveJava();
-                        }
-
-                        copyAgentJar(listener, workingDirectory);
-
-                        startAgent(computer, listener, java, workingDirectory);
-
-                        PluginImpl.register(connection);
-                        rval = Boolean.TRUE;
-                    } catch (RuntimeException|Error e) {
-                        String msg = Messages.SSHLauncher_UnexpectedError();
-                        if(StringUtils.isNotBlank(e.getMessage())){
-                            msg = e.getMessage();
-                        }
-                        e.printStackTrace(listener.error(msg));
-                    } catch (AbortException e) {
-                        listener.getLogger().println(e.getMessage());
-                    } catch (IOException e) {
-                        e.printStackTrace(listener.getLogger());
-                    } finally {
-                        return rval;
+            callables.add(() -> {
+                Boolean rval = Boolean.FALSE;
+                try {
+                    String[] preferredKeyAlgorithms = getSshHostKeyVerificationStrategyDefaulted().getPreferredKeyAlgorithms(computer);
+                    if (preferredKeyAlgorithms != null && preferredKeyAlgorithms.length > 0) { // JENKINS-44832
+                        connection.setServerHostKeyAlgorithms(preferredKeyAlgorithms);
+                    } else {
+                        listener.getLogger().println("Warning: no key algorithms provided; JENKINS-42959 disabled");
+                    }
+
+                    listener.getLogger().println(logConfiguration());
+
+                    openConnection(listener, computer);
+
+                    verifyNoHeaderJunk(listener);
+                    reportEnvironment(listener);
+
+                    final String workingDirectory = getWorkingDirectory(computer);
+                    if (workingDirectory == null) {
+                        listener.error("Cannot get the working directory for " + computer);
+                        return Boolean.FALSE;
+                    }
+
+                    String java = null;
+                    if (StringUtils.isNotBlank(javaPath)) {
+                        java = expandExpression(computer, javaPath);
+                    } else {
+                      checkJavaIsInPath(listener);
+                      //FIXME deprecated on 2020-12-10, it will removed after 2021-09-01
+                        JavaVersionChecker javaVersionChecker = new JavaVersionChecker(computer, listener, getJvmOptions(),
+                                connection);
+                        java = javaVersionChecker.resolveJava();
+                    }
+
+                    copyAgentJar(listener, workingDirectory);
+
+                    startAgent(computer, listener, java, workingDirectory);
+
+                    PluginImpl.register(connection);
+                    rval = Boolean.TRUE;
+                } catch (RuntimeException|Error e) {
+                    String msg = Messages.SSHLauncher_UnexpectedError();
+                    if(StringUtils.isNotBlank(e.getMessage())){
+                        msg = e.getMessage();
                     }
+                    e.printStackTrace(listener.error(msg));
+                } catch (AbortException e) {
+                    listener.getLogger().println(e.getMessage());
+                } catch (IOException e) {
+                    e.printStackTrace(listener.getLogger());
+                } finally {
+                    return rval;
                 }
             });
 

src/main/java/hudson/plugins/sshslaves/verifiers/MissingVerificationStrategyAdministrativeMonitor.java

@@ -65,6 +65,11 @@ public String getDisplayName() {
     }
 
     public String getAgentNames() {
-      return agentNames != null ? agentNames.toString() : "";
+        return agentNames != null ? agentNames.toString() : "";
+    }
+
+    @Override
+    public boolean isSecurity() {
+        return true;
     }
 }

src/test/java/hudson/plugins/sshslaves/SSHLauncherTest.java

@@ -76,6 +76,7 @@
 import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertNotSame;
+import static org.junit.Assert.assertThrows;
 import static org.junit.Assert.assertTrue;
 import static org.junit.Assert.fail;
 
@@ -154,12 +155,7 @@ private static boolean checkSupported(final String testVersionOutput) throws IOE
   }
 
   private static void assertNotSupported(final String testVersionOutput) throws AssertionError {
-    try {
-      checkSupported(testVersionOutput);
-      fail("Expected version " + testVersionOutput + " to be not supported, but it is supported");
-    } catch (IOException e) {
-      // expected
-    }
+    assertThrows(IOException.class, () -> checkSupported(testVersionOutput));
   }
 
   private void checkRoundTrip(String host) throws Exception {
@@ -400,7 +396,7 @@ public void getMd5Hash() {
     try {
       byte[] bytes = "Leave me alone!".getBytes();
       String result = SSHLauncher.getMd5Hash(bytes);
-      assertTrue("1EB226C8E950BAC1494BE197E84A264C".equals(result));
+      assertEquals("1EB226C8E950BAC1494BE197E84A264C", result);
     } catch (Exception e) {
       e.printStackTrace();
     }
@@ -420,7 +416,7 @@ public void readInputStreamIntoByteArrayAndClose() {
       byte[] bytes = SSHLauncher.readInputStreamIntoByteArrayAndClose(inputStream);
       assertNotNull(bytes);
       assertTrue(bytes.length > 0);
-      assertTrue("Don't change me or add newlines!".equals(new String(bytes)));
+      assertEquals("Don't change me or add newlines!", new String(bytes));
 
     } catch (Exception e) {
       e.printStackTrace();

src/test/java/hudson/plugins/sshslaves/agents/AgentDSAConnectionTest.java

@@ -11,12 +11,14 @@
 import hudson.plugins.sshslaves.categories.AgentSSHTest;
 import hudson.plugins.sshslaves.categories.SSHKeyAuthenticationTest;
 import static org.junit.Assert.assertTrue;
+import org.junit.Ignore;
 
 /**
  * Connect to a remote SSH Agent
  *
  * @author Kuisathaverat
  */
+@Ignore("Only for manual test.")
 @Category({ AgentSSHTest.class, SSHKeyAuthenticationTest.class})
 public class AgentDSAConnectionTest extends AgentConnectionBase {
   public static final String SSH_AGENT_NAME = "ssh-agent-dsa";

src/test/java/hudson/plugins/sshslaves/agents/AgentECDHSha2Nistp256ConnectionTest.java

@@ -11,12 +11,14 @@
 import hudson.plugins.sshslaves.categories.AgentSSHTest;
 import hudson.plugins.sshslaves.categories.SSHKexTest;
 import static org.junit.Assert.assertTrue;
+import org.junit.Ignore;
 
 /**
  * Connect to a remote SSH Agent
  *
  * @author Kuisathaverat
  */
+@Ignore("Only for manual test.")
 @Category({ AgentSSHTest.class, SSHKexTest.class})
 public class AgentECDHSha2Nistp256ConnectionTest extends AgentConnectionBase {
   public static final String SSH_AGENT_NAME = "ssh-agent-ecdh-sha2-nistp256";