From 219bf2fad9293e6f2073d6d1fb576278c480b656 Mon Sep 17 00:00:00 2001
From: Guilherme Andrade <guilherme.andrade@miniclip.com>
Date: Thu, 27 Oct 2022 13:46:35 +0100
Subject: [PATCH 1/3] Fix cross-account deploys restricted by `externalId`

It's possible to restrict these in the cross-account IAM role policy[1].

Up until the present fix, however, the current implementation doesn't cover
that use case as expected:
* a new `AWSCodeDeployPublisher` instance receives the `externalId` through its
  constructor and saves it[2]
* when using `"iamRoleArn"` as credentials, the instance will retrieve
  `externalId` from the `descriptor`[3]
* but the descriptor instance initializes its own `externalId` randomly[4]

[1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html
[2]: https://github.com/awslabs/aws-codedeploy-plugin/blob/40d7b24c95edef27f2879037ae1add30fc3f3831/src/main/java/com/amazonaws/codedeploy/AWSCodeDeployPublisher.java#L108-L130
[3]: https://github.com/awslabs/aws-codedeploy-plugin/blob/40d7b24c95edef27f2879037ae1add30fc3f3831/src/main/java/com/amazonaws/codedeploy/AWSCodeDeployPublisher.java#L204-L207
[4]: https://github.com/awslabs/aws-codedeploy-plugin/blob/40d7b24c95edef27f2879037ae1add30fc3f3831/src/main/java/com/amazonaws/codedeploy/AWSCodeDeployPublisher.java#L460-L464
---
 .../java/com/amazonaws/codedeploy/AWSCodeDeployPublisher.java   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/com/amazonaws/codedeploy/AWSCodeDeployPublisher.java b/src/main/java/com/amazonaws/codedeploy/AWSCodeDeployPublisher.java
index e39fe9e..cd738b1 100644
--- a/src/main/java/com/amazonaws/codedeploy/AWSCodeDeployPublisher.java
+++ b/src/main/java/com/amazonaws/codedeploy/AWSCodeDeployPublisher.java
@@ -219,7 +219,7 @@ public void perform(@Nonnull Run<?,?> build, @Nonnull FilePath workspace, @Nonnu
             aws = AWSClients.fromIAMRole(
                 this.region,
                 this.iamRoleArn,
-                this.getDescriptor().getExternalId(),
+                this.externalId,
                 this.proxyHost,
                 this.proxyPort);
         }

From 426c9621a856c5a233669fe8e2d268d141a5246b Mon Sep 17 00:00:00 2001
From: Guilherme Andrade <guilherme.andrade@miniclip.com>
Date: Thu, 27 Oct 2022 14:05:51 +0100
Subject: [PATCH 2/3] Support building with recent versions of maven

It blocks non-https mirrors:
* https://help.mulesoft.com/s/article/Maven-error-when-building-application-Blocked-Mirror-for-repositories
---
 pom.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pom.xml b/pom.xml
index 18e77ff..4b8fd53 100644
--- a/pom.xml
+++ b/pom.xml
@@ -40,7 +40,7 @@
   <repositories>
     <repository>
       <id>repo.jenkins-ci.org</id>
-      <url>http://repo.jenkins-ci.org/public/</url>
+      <url>https://repo.jenkins-ci.org/public/</url>
     </repository>
   </repositories>
 
@@ -61,7 +61,7 @@
   <pluginRepositories>
     <pluginRepository>
       <id>repo.jenkins-ci.org</id>
-      <url>http://repo.jenkins-ci.org/public/</url>
+      <url>https://repo.jenkins-ci.org/public/</url>
     </pluginRepository>
   </pluginRepositories>
 

From 4d2349d78c65cca37c8677524eefc8bc3bfeaf4d Mon Sep 17 00:00:00 2001
From: Guilherme Andrade <guilherme.andrade@miniclip.com>
Date: Thu, 27 Oct 2022 14:52:46 +0100
Subject: [PATCH 3/3] Be able to generate documentation with Java 17

By Java 17 the `<tt>` HTML tag has been deprecated, presumably because
it switched to HTML5 (?).
---
 .../java/com/amazonaws/codedeploy/AWSCodeDeployPublisher.java   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/com/amazonaws/codedeploy/AWSCodeDeployPublisher.java b/src/main/java/com/amazonaws/codedeploy/AWSCodeDeployPublisher.java
index cd738b1..ab9e951 100644
--- a/src/main/java/com/amazonaws/codedeploy/AWSCodeDeployPublisher.java
+++ b/src/main/java/com/amazonaws/codedeploy/AWSCodeDeployPublisher.java
@@ -523,7 +523,7 @@ public BuildStepMonitor getRequiredMonitorService() {
      * Descriptor for {@link AWSCodeDeployPublisher}. Used as a singleton.
      * The class is marked as public so that it can be accessed from views.
      *
-     * See <tt>src/main/resources/com/amazonaws/codedeploy/AWSCodeDeployPublisher/*.jelly</tt>
+     * See <code>src/main/resources/com/amazonaws/codedeploy/AWSCodeDeployPublisher/*.jelly</code>
      * for the actual HTML fragment for the configuration screen.
      */
     @Extension // This indicates to Jenkins that this is an implementation of an extension point.