Pick up jenkinsci/scm-api-plugin#180

Author: jglick

pom.xml

@@ -76,6 +76,11 @@ THE SOFTWARE.
                 <scope>import</scope>
                 <type>pom</type>
             </dependency>
+            <dependency>
+                <groupId>org.jenkins-ci.plugins</groupId>
+                <artifactId>scm-api</artifactId>
+                <version>633.v23a_a_dee2b_2cf</version> <!-- TODO https://github.com/jenkinsci/scm-api-plugin/pull/180 -->
+            </dependency>
         </dependencies>
     </dependencyManagement>
     <dependencies>

src/main/java/org/jenkinsci/plugins/workflow/multibranch/ReadTrustedStep.java

@@ -177,7 +177,7 @@ public static class Execution extends AbstractSynchronousNonBlockingStepExecutio
                 }
                 build.addAction(new SCMRevisionAction(scmSource, tip));
             }
-            SCMRevision trusted = SCMBinder.getTrustedRevision(scmSource, tip, listener, build);
+            SCMRevision trusted = scmSource.getTrustedRevisionForBuild(tip, listener, build);
             boolean trustCheck = !tip.equals(trusted);
             String untrustedFile = null;
             String content;

src/main/java/org/jenkinsci/plugins/workflow/multibranch/SCMBinder.java

@@ -29,23 +29,16 @@
 import hudson.Extension;
 import hudson.Functions;
 import hudson.model.Action;
-import hudson.model.Cause;
 import hudson.model.Descriptor;
 import hudson.model.DescriptorVisibilityFilter;
 import hudson.model.ItemGroup;
 import hudson.model.Queue;
 import hudson.model.Result;
-import hudson.model.Run;
 import hudson.model.TaskListener;
 import hudson.scm.SCM;
-import hudson.triggers.SCMTrigger;
-import hudson.triggers.TimerTrigger;
 import java.io.IOException;
 import java.util.List;
-import java.util.Set;
 import jenkins.branch.Branch;
-import jenkins.branch.BranchEventCause;
-import jenkins.branch.BranchIndexingCause;
 import jenkins.scm.api.SCMFileSystem;
 import jenkins.scm.api.SCMHead;
 import jenkins.scm.api.SCMRevision;
@@ -54,7 +47,6 @@
 import jenkins.util.SystemProperties;
 import org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition;
 import org.jenkinsci.plugins.workflow.cps.CpsScmFlowDefinition;
-import org.jenkinsci.plugins.workflow.cps.replay.ReplayCause;
 import org.jenkinsci.plugins.workflow.flow.FlowDefinition;
 import org.jenkinsci.plugins.workflow.flow.FlowDefinitionDescriptor;
 import org.jenkinsci.plugins.workflow.flow.FlowExecution;
@@ -111,7 +103,7 @@ public SCMBinder(String scriptPath) {
         SCM scm;
         if (tip != null) {
             build.addAction(new SCMRevisionAction(scmSource, tip));
-            SCMRevision rev = getTrustedRevision(scmSource, tip, listener, build);
+            SCMRevision rev = scmSource.getTrustedRevisionForBuild(tip, listener, build);
             try (SCMFileSystem fs = USE_HEAVYWEIGHT_CHECKOUT ? null : SCMFileSystem.of(scmSource, head, rev)) {
                 if (fs != null) { // JENKINS-33273
                     String script = null;
@@ -153,24 +145,6 @@ public SCMBinder(String scriptPath) {
         return new CpsScmFlowDefinition(scm, scriptPath).create(handle, listener, actions);
     }
 
-    private static Set<Class<? extends Cause>> passiveCauses = Set.of(
-        BranchIndexingCause.class,
-        BranchEventCause.class,
-        SCMTrigger.SCMTriggerCause.class,
-        TimerTrigger.TimerTriggerCause.class);
-    /**
-     * Like {@link SCMSource#getTrustedRevision} but only for builds with known passive triggers such as {@link BranchIndexingCause}.
-     * Other causes such as {@link Cause.UserIdCause} or {@link ReplayCause} or {@code CheckRunGHEventSubscriber.GitHubChecksRerunActionCause}
-     * are assumed trusted and so the tip revision is returned as is without consulting the SCM.
-     */
-    static SCMRevision getTrustedRevision(SCMSource source, SCMRevision revision, TaskListener listener, Run<?, ?> build) throws IOException, InterruptedException {
-        if (build.getCauses().stream().anyMatch(c -> passiveCauses.stream().anyMatch(t -> t.isInstance(c)))) {
-            return source.getTrustedRevision(revision, listener);
-        } else {
-            return revision;
-        }
-    }
-
     @Extension public static class DescriptorImpl extends FlowDefinitionDescriptor {
 
         @NonNull