jfrog
Issue in artifact cleanup plugin while passing the parameter "repo" instead of "repos"
When executing the artifactCleanup plugin through the rest call we have an option to pass the parameters, one of the parameters is "repos" which is used to specify which repository the clean up action needs to run in. This works fine, however if we specify the parameter as "repo" instead of "repos" then during execution we see that the repository value is taken as null and the cleanup plugin gets executed across all the repositories. This causes cleanup and loss of data on all the repositories.
Here is an example:
Attempt 1:
In the URL I have added the variable "repos" in the REST call as shown below:
curl -X POST -v -u admin:Password1 "http://localhost:8081/artifactory/api/plugins/execute/cleanup?params=timeUnit=minute;timeInterval=1;repos=yum-test-rhel8-gcc8;dryRun=true"
Here are the repository/files that got set up for deletion:
2021-06-16T00:18:00.300Z [jfrt ] [INFO ] [4f3698e4c3debe0c] [artifactCleanup:160 ] [http-nio-8081-exec-4] - Starting artifact cleanup for repositories [yum-test-rhel8-gcc8], until 1 minutes ago with pacing interval 0 ms, dryrun: true, disablePropertiesSupport: false
Only the files in repository yum-test-rhel8-gcc8 get cleaned up.
Attempt 2:
In the URL I have added the variable "repo" in the REST call as shown below:
curl -X POST -v -u admin:Password1 "http://localhost:8081/artifactory/api/plugins/execute/cleanup?params=timeUnit=minute;timeInterval=1;repo=yum-crabel-test-rhel8-gcc8;dryRun=true"
Here are the files that got set up for deletion:
2021-06-16T00:19:05.052Z [jfrt ] [INFO ] [c8b112780dd598d7] [artifactCleanup:160 ] [http-nio-8081-exec-2] - Starting artifact cleanup for repositories null, until 1 minutes ago with pacing interval 0 ms, dryrun: true, disablePropertiesSupport: false 2021-06-16T00:19:05.053Z [jfrt ] [INFO ] [c8b112780dd598d7] [artifactCleanup:173 ] [http-nio-8081-exec-2] - Removing all artifacts not downloaded since 2021/06/16 00:18 2021-06-16T00:19:05.058Z [jfrt ] [INFO ] [c8b112780dd598d7] [artifactCleanup:207 ] [http-nio-8081-exec-2] - Found chocolatey:test.Choco.0.0.4.nupkg, 1/9 total 19071 bytes
We see that it receives null as the parameter and the package test.Choco.0.0.4.nupkg from repository chocolatey gets deleted.
If the property is not correct then we should get an error and instead the cleanup action should not be handled for all the repositories.
There is already an open PR for this issue (https://github.com/jfrog/artifactory-user-plugins/pull/366).
The reason you see the behavior that you describe is that you provide a parameter which does not exist. The script then uses the default value:
def repos = params['repos'] as String[]
You can fix it by copying the edit to your own local version, so the above line becomes:
def repos = params['repos'] ? params['repos'] as String[] : ["__none__"].
In this case, if the repos argument is missing, it will not cleanup all your repos. I'd recommend running stuff like this in a sandbox environment prior to a production environment.
I hope this helps you out.
Expect more of these particularities as you use these plugins. JFrog does little to no work on this github repository which is evident from the open PRs and lack of response to issues.
As an example, in the version of this plugin, that we use we added:
if (!repos){
def errorMessage = "Input argument 'Repos' most be defined"
log.error errorMessage
throw new CancelException(errorMessage, 400)
}
To be completely sure that we get it if Repos is not defined.