From fd94a43f9ccdf028418668b48bf61a1a90ec00a6 Mon Sep 17 00:00:00 2001
From: even <827656971@qq.com>
Date: Wed, 21 May 2025 20:30:35 +0800
Subject: [PATCH] =?UTF-8?q?http=20=E8=AF=B7=E6=B1=82=E4=BF=AE=E6=94=B9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
modules/module-ci-process-biz/pom.xml | 5 +++
.../ci/process/engine/worker/HttpWorker.java | 42 +++++++++++--------
.../process/engine/worker/ScaSbomWorker.java | 6 +--
3 files changed, 33 insertions(+), 20 deletions(-)
diff --git a/modules/module-ci-process-biz/pom.xml b/modules/module-ci-process-biz/pom.xml
index 12740281..20cdb7f5 100644
--- a/modules/module-ci-process-biz/pom.xml
+++ b/modules/module-ci-process-biz/pom.xml
@@ -58,6 +58,11 @@
winrm4j
0.12.0
+
+ org.apache.httpcomponents.client5
+ httpclient5
+ 5.2.1
+
diff --git a/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/engine/worker/HttpWorker.java b/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/engine/worker/HttpWorker.java
index b5972dff..d7fac015 100644
--- a/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/engine/worker/HttpWorker.java
+++ b/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/engine/worker/HttpWorker.java
@@ -1,10 +1,13 @@
package cd.casic.ci.process.engine.worker;
-import org.apache.http.conn.ssl.NoopHostnameVerifier;
-import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
-import org.apache.http.impl.client.CloseableHttpClient;
-import org.apache.http.impl.client.HttpClients;
-import org.apache.http.ssl.SSLContextBuilder;
+
+import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
+import org.apache.hc.client5.http.impl.classic.HttpClients;
+import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManagerBuilder;
+import org.apache.hc.client5.http.ssl.NoopHostnameVerifier;
+import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactoryBuilder;
+import org.apache.hc.core5.ssl.SSLContextBuilder;
+import org.apache.hc.core5.ssl.TrustStrategy;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
import org.springframework.web.client.RestTemplate;
@@ -12,6 +15,7 @@ import javax.net.ssl.SSLContext;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
+import java.security.cert.X509Certificate;
/**
* @author HopeLi
@@ -21,23 +25,27 @@ import java.security.NoSuchAlgorithmException;
* @Description:
*/
public abstract class HttpWorker extends BaseWorker{
- public static RestTemplate getRestTemplateWithoutSANCheck() throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException {
- // 创建一个信任所有证书的 SSL 上下文
- SSLContext sslContext = new SSLContextBuilder()
- .loadTrustMaterial(null, new TrustSelfSignedStrategy())
+ public static RestTemplate getRestTemplateWithoutSANCheck() throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, KeyStoreException {
+ // 创建信任所有证书的SSL上下文
+ SSLContext sslContext = SSLContextBuilder.create()
+ .loadTrustMaterial(null, (TrustStrategy) (chain, authType) -> true)
.build();
- // 创建一个不验证主机名的主机名验证器
+ // 配置连接工厂
CloseableHttpClient httpClient = HttpClients.custom()
- .setSSLContext(sslContext)
- .setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE)
+ .setConnectionManager(
+ PoolingHttpClientConnectionManagerBuilder.create()
+ .setSSLSocketFactory(SSLConnectionSocketFactoryBuilder.create()
+ .setSslContext(sslContext)
+ .setHostnameVerifier(NoopHostnameVerifier.INSTANCE)
+ .build())
+ .build())
.build();
- // 创建一个自定义的请求工厂
- HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory();
- requestFactory.setHttpClient(httpClient);
-
- return new RestTemplate(requestFactory);
+ // 创建RestTemplate
+ HttpComponentsClientHttpRequestFactory factory =
+ new HttpComponentsClientHttpRequestFactory(httpClient);
+ return new RestTemplate(factory);
}
public static void main(String[] args) {
diff --git a/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/engine/worker/ScaSbomWorker.java b/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/engine/worker/ScaSbomWorker.java
index 5bb3d0e1..88ff7492 100644
--- a/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/engine/worker/ScaSbomWorker.java
+++ b/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/engine/worker/ScaSbomWorker.java
@@ -41,7 +41,7 @@ import java.util.*;
*/
@Slf4j
@Plugin(taskType = "ScaSbom")
-public class ScaSbomWorker extends BaseWorker{
+public class ScaSbomWorker extends HttpWorker{
private static final int POLLING_INTERVAL = 5000; // 轮询间隔,单位:毫秒
private static final int MAX_POLLING_TIMES = 100; // 最大退出次数
@@ -78,7 +78,7 @@ public class ScaSbomWorker extends BaseWorker{
PipPipeline pipeline = pipelineService.getById(pipelineId);
//根据目标id查询目标信息
if (StringUtils.isEmpty(pipeline.getTargetVersionId())){
- throw new ServiceException(GlobalErrorCodeConstants.INTERNAL_SERVER_ERROR.getCode(),"目标文件不存在")
+ throw new ServiceException(GlobalErrorCodeConstants.INTERNAL_SERVER_ERROR.getCode(),"目标文件不存在");
}
TargetVersion targetVersion = targetVersionService.getById(pipeline.getTargetVersionId());
filePath = targetVersion.getFilePath();
@@ -95,7 +95,7 @@ public class ScaSbomWorker extends BaseWorker{
handleUpload(workerParam, contextDef, pipTask.getTaskProperties(), file);
}catch (Exception e){
- throw new ServiceException(GlobalErrorCodeConstants.INTERNAL_SERVER_ERROR.getCode(),"SCA-SBOM节点执行失败")
+ throw new ServiceException(GlobalErrorCodeConstants.INTERNAL_SERVER_ERROR.getCode(),"SCA-SBOM节点执行失败");
}
}