Introduce PDSSafeProcessEnvironmentAccess #4209

- the new environment access handles null keys and null values and
  skips put operation in these cases + does log warnings
- improved PDSKeyToEnvConverter + existing test

Author: de-jcup

sechub-pds/src/main/java/com/mercedesbenz/sechub/pds/execution/PDSExecutionEnvironmentService.java

@@ -6,7 +6,6 @@
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
-import java.util.Map.Entry;
 import java.util.Set;
 import java.util.UUID;
 
@@ -70,7 +69,7 @@ public void initProcessBuilderEnvironmentMap(UUID pdsJobUUID, PDSJobConfiguratio
 
     private void calculateAndSetupEnvironment(UUID pdsJobUUID, PDSJobConfiguration config, ProcessBuilder builder, PDSProductSetup productSetup) {
         /* now init environment map */
-        Map<String, String> environment = initCleanEnvironment(productSetup, builder);
+        PDSSafeProcessEnvironmentAccess environment = initCleanEnvironment(productSetup, builder);
 
         addPdsJobRelatedVariables(pdsJobUUID, environment);
         addPdsExecutorJobParameters(productSetup, config, environment);
@@ -81,55 +80,57 @@ private void calculateAndSetupEnvironment(UUID pdsJobUUID, PDSJobConfiguration c
         LOG.debug("Initialized environment variables for script of pds job: {} with: {}", pdsJobUUID, environment);
     }
 
-    private Map<String, String> initCleanEnvironment(PDSProductSetup productSetup, ProcessBuilder builder) {
+    private PDSSafeProcessEnvironmentAccess initCleanEnvironment(PDSProductSetup productSetup, ProcessBuilder builder) {
         Map<String, String> environment = builder.environment();
 
         Set<String> pdsScriptEnvWhitelist = productSetup.getEnvWhitelist();
         LOG.debug("PDS script environment variable white list: '{}'", pdsScriptEnvWhitelist);
 
         environmentCleaner.clean(environment, pdsScriptEnvWhitelist);
 
-        return environment;
+        PDSSafeProcessEnvironmentAccess result = new PDSSafeProcessEnvironmentAccess(builder.environment());
+
+        return result;
 
     }
 
-    private void addPdsJobRelatedVariables(UUID pdsJobUUID, Map<String, String> map) {
+    private void addPdsJobRelatedVariables(UUID pdsJobUUID, PDSSafeProcessEnvironmentAccess envAccess) {
         WorkspaceLocationData locationData = workspaceService.createLocationData(pdsJobUUID);
 
-        map.put(PDS_JOB_WORKSPACE_LOCATION, locationData.getWorkspaceLocation());
-        map.put(PDS_JOB_RESULT_FILE, locationData.getResultFileLocation());
-        map.put(PDS_JOB_USER_MESSAGES_FOLDER, locationData.getUserMessagesLocation());
-        map.put(PDS_JOB_EVENTS_FOLDER, locationData.getEventsLocation());
-        map.put(PDS_JOB_METADATA_FILE, locationData.getMetaDataFileLocation());
-        map.put(PDS_JOB_UUID, pdsJobUUID.toString());
-        map.put(PDS_JOB_SOURCECODE_ZIP_FILE, locationData.getSourceCodeZipFileLocation());
-        map.put(PDS_JOB_BINARIES_TAR_FILE, locationData.getBinariesTarFileLocation());
+        envAccess.put(PDS_JOB_WORKSPACE_LOCATION, locationData.getWorkspaceLocation());
+        envAccess.put(PDS_JOB_RESULT_FILE, locationData.getResultFileLocation());
+        envAccess.put(PDS_JOB_USER_MESSAGES_FOLDER, locationData.getUserMessagesLocation());
+        envAccess.put(PDS_JOB_EVENTS_FOLDER, locationData.getEventsLocation());
+        envAccess.put(PDS_JOB_METADATA_FILE, locationData.getMetaDataFileLocation());
+        envAccess.put(PDS_JOB_UUID, pdsJobUUID.toString());
+        envAccess.put(PDS_JOB_SOURCECODE_ZIP_FILE, locationData.getSourceCodeZipFileLocation());
+        envAccess.put(PDS_JOB_BINARIES_TAR_FILE, locationData.getBinariesTarFileLocation());
 
         String extractedAssetsLocation = locationData.getExtractedAssetsLocation();
 
-        map.put(PDS_JOB_EXTRACTED_ASSETS_FOLDER, extractedAssetsLocation);
+        envAccess.put(PDS_JOB_EXTRACTED_ASSETS_FOLDER, extractedAssetsLocation);
 
         String extractedSourcesLocation = locationData.getExtractedSourcesLocation();
 
-        map.put(PDS_JOB_SOURCECODE_UNZIPPED_FOLDER, extractedSourcesLocation);
-        map.put(PDS_JOB_EXTRACTED_SOURCES_FOLDER, extractedSourcesLocation);
+        envAccess.put(PDS_JOB_SOURCECODE_UNZIPPED_FOLDER, extractedSourcesLocation);
+        envAccess.put(PDS_JOB_EXTRACTED_SOURCES_FOLDER, extractedSourcesLocation);
 
         String extractedBinariesLocation = locationData.getExtractedBinariesLocation();
-        map.put(PDS_JOB_EXTRACTED_BINARIES_FOLDER, extractedBinariesLocation);
+        envAccess.put(PDS_JOB_EXTRACTED_BINARIES_FOLDER, extractedBinariesLocation);
 
-        map.put(PDS_JOB_HAS_EXTRACTED_SOURCES, "" + workspaceService.hasExtractedSources(pdsJobUUID));
-        map.put(PDS_JOB_HAS_EXTRACTED_BINARIES, "" + workspaceService.hasExtractedBinaries(pdsJobUUID));
+        envAccess.put(PDS_JOB_HAS_EXTRACTED_SOURCES, "" + workspaceService.hasExtractedSources(pdsJobUUID));
+        envAccess.put(PDS_JOB_HAS_EXTRACTED_BINARIES, "" + workspaceService.hasExtractedBinaries(pdsJobUUID));
 
     }
 
-    private void addPdsExecutorJobParameters(PDSProductSetup productSetup, PDSJobConfiguration config, Map<String, String> map) {
+    private void addPdsExecutorJobParameters(PDSProductSetup productSetup, PDSJobConfiguration config, PDSSafeProcessEnvironmentAccess envAccess) {
 
         List<PDSExecutionParameterEntry> jobParams = config.getParameters();
         for (PDSExecutionParameterEntry jobParam : jobParams) {
-            addJobParamDataWhenAccepted(productSetup, jobParam, map);
+            addJobParamDataWhenAccepted(productSetup, jobParam, envAccess);
         }
 
-        addDefaultsForMissingParameters(productSetup, map);
+        addDefaultsForMissingParameters(productSetup, envAccess);
 
     }
 
@@ -138,50 +139,51 @@ private void addPdsExecutorJobParameters(PDSProductSetup productSetup, PDSJobCon
      * of process builder: This map does throw an exception in this case (index of
      * problems)
      */
-    private void replaceNullValuesWithEmptyStrings(Map<String, String> map) {
+    private void replaceNullValuesWithEmptyStrings(PDSSafeProcessEnvironmentAccess envAccess) {
 
         List<String> keysForEntriesWithNullValue = new ArrayList<>();
 
-        for (Entry<String, String> entry : map.entrySet()) {
-            if (entry.getValue() == null) {
-                keysForEntriesWithNullValue.add(entry.getKey());
+        for (String key : envAccess.getKeys()) {
+            String value = envAccess.get(key);
+            if (value == null) {
+                keysForEntriesWithNullValue.add(key);
             }
         }
 
         for (String keyForEntryWithNullValue : keysForEntriesWithNullValue) {
-            map.put(keyForEntryWithNullValue, "");
+            envAccess.put(keyForEntryWithNullValue, "");
 
             LOG.warn("Replaced null value for key: {} with empty string", keyForEntryWithNullValue);
         }
 
     }
 
-    private void addDefaultsForMissingParameters(PDSProductSetup productSetup, Map<String, String> map) {
+    private void addDefaultsForMissingParameters(PDSProductSetup productSetup, PDSSafeProcessEnvironmentAccess envAccess) {
         PDSProductParameterSetup parameters = productSetup.getParameters();
 
-        addDefaultsForMissingParametersInList(parameters.getMandatory(), map);
-        addDefaultsForMissingParametersInList(parameters.getOptional(), map);
+        addDefaultsForMissingParametersInList(parameters.getMandatory(), envAccess);
+        addDefaultsForMissingParametersInList(parameters.getOptional(), envAccess);
     }
 
-    private void addDefaultsForMissingParametersInList(List<PDSProductParameterDefinition> parameterDefinitions, Map<String, String> map) {
+    private void addDefaultsForMissingParametersInList(List<PDSProductParameterDefinition> parameterDefinitions, PDSSafeProcessEnvironmentAccess envAccess) {
 
         for (PDSProductParameterDefinition parameterDefinition : parameterDefinitions) {
             if (!parameterDefinition.hasDefault()) {
                 continue;
             }
             String envVariableName = converter.convertKeyToEnv(parameterDefinition.getKey());
 
-            String value = map.get(envVariableName);
+            String value = envAccess.get(envVariableName);
 
             if (value == null) {
-                map.put(envVariableName, parameterDefinition.getDefault());
+                envAccess.put(envVariableName, parameterDefinition.getDefault());
             }
         }
 
     }
 
-    private void addSecHubJobUUIDAsEnvironmentEntry(PDSJobConfiguration config, Map<String, String> map) {
-        map.put(PDSLauncherScriptEnvironmentConstants.SECHUB_JOB_UUID, fetchSecHubJobUUIDasString(config));
+    private void addSecHubJobUUIDAsEnvironmentEntry(PDSJobConfiguration config, PDSSafeProcessEnvironmentAccess envAccess) {
+        envAccess.put(PDSLauncherScriptEnvironmentConstants.SECHUB_JOB_UUID, fetchSecHubJobUUIDasString(config));
     }
 
     private String fetchSecHubJobUUIDasString(PDSJobConfiguration pdsJobConfiguration) {
@@ -193,7 +195,7 @@ private String fetchSecHubJobUUIDasString(PDSJobConfiguration pdsJobConfiguratio
         return sechubJobUUID.toString();
     }
 
-    private void addJobParamDataWhenAccepted(PDSProductSetup productSetup, PDSExecutionParameterEntry jobParam, Map<String, String> map) {
+    private void addJobParamDataWhenAccepted(PDSProductSetup productSetup, PDSExecutionParameterEntry jobParam, PDSSafeProcessEnvironmentAccess envAccess) {
         PDSProductParameterSetup params = productSetup.getParameters();
 
         boolean acceptedParameter = false;
@@ -214,7 +216,7 @@ private void addJobParamDataWhenAccepted(PDSProductSetup productSetup, PDSExecut
 
         if (acceptedParameter) {
             String envVariableName = converter.convertKeyToEnv(jobParam.getKey());
-            map.put(envVariableName, jobParam.getValue());
+            envAccess.put(envVariableName, jobParam.getValue());
         } else {
             if (wellknown) {
                 LOG.debug("Wellknown parameter found - but not available inside script: {}", jobParam.getKey());

sechub-pds/src/main/java/com/mercedesbenz/sechub/pds/execution/PDSKeyToEnvConverter.java

@@ -6,14 +6,33 @@
 import org.springframework.stereotype.Component;
 
 @Component
+/**
+ * This class provides functionality to convert keys to environment variable
+ * format. It replaces dots with underscores and converts the string to
+ * uppercase. Additionally, it removes any hyphens from the key.
+ */
 public class PDSKeyToEnvConverter {
 
     private static final Pattern P = Pattern.compile("\\.");
 
+    /**
+     * Converts the given key to an environment variable format. The conversion
+     * process includes replacing dots with underscores, converting to uppercase,
+     * and removing hyphens.
+     *
+     * @param key the key to be converted. If the key is <code>null</code>,
+     *            <code>null</code> is returned.
+     * @return the converted key in environment variable format, or
+     *         <code>null</code> if the input key is <code>null</code>.
+     */
     public String convertKeyToEnv(String key) {
         if (key == null) {
             return null;
         }
-        return P.matcher(key).replaceAll("_").toUpperCase();
+        String result = P.matcher(key).replaceAll("_").toUpperCase();
+        if (result.indexOf('-') != -1) {
+            result = result.replaceAll("-", "");
+        }
+        return result;
     }
 }

sechub-pds/src/main/java/com/mercedesbenz/sechub/pds/execution/PDSSafeProcessEnvironmentAccess.java

@@ -0,0 +1,53 @@
+// SPDX-License-Identifier: MIT
+package com.mercedesbenz.sechub.pds.execution;
+
+import static java.util.Objects.*;
+
+import java.util.Map;
+import java.util.Set;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * This class provides safe access to process environment variables.
+ */
+public class PDSSafeProcessEnvironmentAccess {
+
+    private static final Logger logger = LoggerFactory.getLogger(PDSSafeProcessEnvironmentAccess.class);
+
+    private Map<String, String> environment;
+
+    public PDSSafeProcessEnvironmentAccess(Map<String, String> environment) {
+        this.environment = requireNonNull(environment, "Parameter 'environment' may not be null!");
+    }
+
+    /**
+     * Set environment value for given key.
+     *
+     * @param key   the key for the environment map. Operation will be skipped, if
+     *              key is <code>null</code>
+     * @param value the value for the environment map. Operation will be skipped, if
+     *              value is <code>null</code>
+     */
+    public void put(String key, String value) {
+        if (key == null) {
+            logger.warn("null key detected, skip put operation");
+            return;
+        }
+        if (value == null) {
+            logger.warn("null value for key '" + key + "' detected, skip put operation");
+            return;
+        }
+        environment.put(key, value);
+    }
+
+    public Set<String> getKeys() {
+        return environment.keySet();
+    }
+
+    public String get(String key) {
+        return environment.get(key);
+    }
+
+}

sechub-pds/src/test/java/com/mercedesbenz/sechub/pds/execution/PDSKeyToEnvConverterTest.java

@@ -1,38 +1,48 @@
 // SPDX-License-Identifier: MIT
 package com.mercedesbenz.sechub.pds.execution;
 
-import static org.junit.Assert.*;
+import static org.assertj.core.api.Assertions.*;
 
-import org.junit.Before;
-import org.junit.Test;
+import java.util.stream.Stream;
+
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.extension.ExtensionContext;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.Arguments;
+import org.junit.jupiter.params.provider.ArgumentsProvider;
+import org.junit.jupiter.params.provider.ArgumentsSource;
 
 public class PDSKeyToEnvConverterTest {
 
     private PDSKeyToEnvConverter converterToTest;
 
-    @Before
-    public void before() throws Exception {
+    @BeforeEach
+    public void beforeEach() throws Exception {
         converterToTest = new PDSKeyToEnvConverter();
-    }
-
-    @Test
-    public void abc_DOT_def_DOT_ghi_is_converted_to_ABC_DEF_GHI() {
-        assertEquals("ABC_DEF_GHI", converterToTest.convertKeyToEnv("abc.def.ghi"));
-    }
 
-    @Test
-    public void empty_keeps_empty() {
-        assertEquals("", converterToTest.convertKeyToEnv(""));
     }
 
-    @Test
-    public void null_keeps_null() {
-        assertEquals(null, converterToTest.convertKeyToEnv(null));
+    @ParameterizedTest
+    @ArgumentsSource(ConverterArgumentsProvider.class)
+    void convertKeyToEnv_converts_origin_to_expected_result(String origin, String expectedResult) {
+        assertThat(converterToTest.convertKeyToEnv(origin)).isEqualTo(expectedResult);
     }
 
-    @Test
-    public void abc_becomes_ABC() {
-        assertEquals("ABC", converterToTest.convertKeyToEnv("abc"));
+    private static class ConverterArgumentsProvider implements ArgumentsProvider {
+        /* @formatter:off */
+        @Override
+        public Stream<? extends Arguments> provideArguments(ExtensionContext extensionContext) throws Exception {
+            return Stream.of(
+                      /* origin, expectedResult */
+              Arguments.of("abc", "ABC"),
+              Arguments.of("abc.def.ghi", "ABC_DEF_GHI"),
+              Arguments.of("pds.config.filefilter.EXCLUDES", "PDS_CONFIG_FILEFILTER_EXCLUDES"),
+              Arguments.of("pds.Config.Product.timeout.minutes", "PDS_CONFIG_PRODUCT_TIMEOUT_MINUTES"),
+              Arguments.of("all-hypens.are.re-moved", "ALLHYPHENS_ARE_REMOVED"),
+              Arguments.of(null, null),
+		      Arguments.of("", ""));
+        }
+        /* @formatter:on*/
     }
 
 }