build(deps): bump docker/setup-qemu-action from 3 to 4

Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 3 to 4. - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](https://github.com/docker/setup-qemu-action/compare/v3...v4) --- updated-dependencies: - dependency-name: docker/setup-qemu-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
2026-06-16 14:49:16 +08:00 · 2026-03-09 08:44:34 +00:00
10 changed files with 143 additions and 233 deletions
@@ -10,11 +10,6 @@ on:
    branches:
      - "master"

-permissions:
-  contents: read
-  packages: write
-  security-events: write
-
 jobs:
  build-docker:
    runs-on: ubuntu-latest
@@ -23,7 +18,6 @@ jobs:
        uses: actions/setup-go@v6
        with:
          go-version: "^1"
-          check-latest: true
      - name: Checkout repository
        uses: actions/checkout@v6
        with:
@@ -38,10 +32,10 @@ jobs:
        uses: docker/setup-qemu-action@v4

      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v4
+        uses: docker/setup-buildx-action@v3

      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v4
+        uses: docker/login-action@v3
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
@@ -49,7 +43,7 @@ jobs:

      - name: Docker meta
        id: docker-meta
-        uses: docker/metadata-action@v6
+        uses: docker/metadata-action@v5
        with:
          images: |
            ghcr.io/${{ github.repository }}
@@ -59,33 +53,8 @@ jobs:
            type=semver,pattern={{major}}.{{minor}}
            type=semver,pattern={{major}}

-      - name: Build image for scanning
-        uses: docker/build-push-action@v7
-        with:
-          context: .
-          file: docker/Dockerfile
-          platforms: linux/amd64
-          push: false
-          load: true
-          tags: drone-jenkins:scan
-
-      - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@v0.36.0
-        with:
-          image-ref: "drone-jenkins:scan"
-          format: "sarif"
-          output: "trivy-image-results.sarif"
-          severity: "CRITICAL,HIGH"
-          exit-code: '1'
-      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v4
-        if: always()
-        with:
-          sarif_file: "trivy-image-results.sarif"
-          category: "trivy-docker-image"
-
      - name: Build and push
-        uses: docker/build-push-action@v7
+        uses: docker/build-push-action@v6
        with:
          context: .
          platforms: linux/amd64,linux/arm64
@@ -23,7 +23,7 @@ jobs:
          check-latest: true

      - name: Run GoReleaser
-        uses: goreleaser/goreleaser-action@v7
+        uses: goreleaser/goreleaser-action@v6
        with:
          # either 'goreleaser' (default) or 'goreleaser-pro'
          distribution: goreleaser
@@ -12,14 +12,13 @@ jobs:
        uses: actions/setup-go@v6
        with:
          go-version: "stable"
-          check-latest: true
      - name: Checkout repository
        uses: actions/checkout@v6

      - name: Setup golangci-lint
        uses: golangci/golangci-lint-action@v9
        with:
-          version: v2.12
+          version: v2.6
          args: --verbose

      - uses: hadolint/hadolint-action@v3.3.0
@@ -31,7 +30,7 @@ jobs:
    strategy:
      matrix:
        os: [ubuntu-latest]
-        go: ["1.25", "1.26"]
+        go: ["1.25"]
        include:
          - os: ubuntu-latest
            go-build: ~/.cache/go-build
@@ -45,7 +44,6 @@ jobs:
        uses: actions/setup-go@v6
        with:
          go-version: ${{ matrix.go }}
-          check-latest: true

      - name: Checkout Code
        uses: actions/checkout@v6
@@ -65,6 +63,6 @@ jobs:
          go test -race -cover -coverprofile=coverage.out ./...

      - name: Upload coverage to Codecov
-        uses: codecov/codecov-action@v7
+        uses: codecov/codecov-action@v5
        with:
          flags: ${{ matrix.os }},go-${{ matrix.go }}
@@ -10,76 +10,47 @@ on:
  schedule:
    # Run daily at 00:00 UTC
    - cron: "0 0 * * *"
-  workflow_dispatch:
+  workflow_dispatch: # Allow manual trigger

 permissions:
  contents: read
-  security-events: write
+  security-events: write # Required for uploading SARIF results

 jobs:
-  trivy-repo-scan:
-    name: Trivy Repository Scan
+  trivy-scan:
+    name: Trivy Security Scan
    runs-on: ubuntu-latest
    steps:
-      - name: Checkout repository
+      - name: Checkout code
        uses: actions/checkout@v6
+        with:
+          fetch-depth: 0

-      - name: Run Trivy vulnerability scanner (repo)
-        uses: aquasecurity/trivy-action@v0.36.0
+      - name: Run Trivy vulnerability scanner (source code)
+        uses: aquasecurity/trivy-action@0.33.1
        with:
          scan-type: "fs"
          scan-ref: "."
+          scanners: "vuln,secret,misconfig"
          format: "sarif"
-          output: "trivy-repo-results.sarif"
-          severity: "CRITICAL,HIGH"
+          output: "trivy-results.sarif"
+          severity: "CRITICAL,HIGH,MEDIUM"
+          ignore-unfixed: true

-      - name: Upload Trivy scan results to GitHub Security tab
+      - name: Upload Trivy results to GitHub Security tab
        uses: github/codeql-action/upload-sarif@v4
        if: always()
        with:
-          sarif_file: "trivy-repo-results.sarif"
+          sarif_file: "trivy-results.sarif"

-  trivy-image-scan:
-    name: Trivy Image Scan
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v6
-
-      - name: Setup go
-        uses: actions/setup-go@v6
-        with:
-          go-version-file: go.mod
-          check-latest: true
-
-      - name: Build binary
-        run: |
-          make build_linux_amd64
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v4
-
-      - name: Build Docker image for scanning
-        uses: docker/build-push-action@v7
-        with:
-          context: .
-          file: docker/Dockerfile
-          platforms: linux/amd64
-          push: false
-          load: true
-          tags: drone-jenkins:scan
-
-      - name: Run Trivy vulnerability scanner (image)
-        uses: aquasecurity/trivy-action@v0.36.0
-        with:
-          image-ref: "drone-jenkins:scan"
-          format: "sarif"
-          output: "trivy-image-results.sarif"
-          severity: "CRITICAL,HIGH"
-
-      - name: Upload Trivy image scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v4
+      - name: Run Trivy scanner (table output for logs)
+        uses: aquasecurity/trivy-action@0.33.1
        if: always()
        with:
-          sarif_file: "trivy-image-results.sarif"
-          category: "trivy-image"
+          scan-type: "fs"
+          scan-ref: "."
+          scanners: "vuln,secret,misconfig"
+          format: "table"
+          severity: "CRITICAL,HIGH,MEDIUM"
+          ignore-unfixed: true
+          exit-code: "1"
@@ -1,6 +1,6 @@
 module github.com/appleboy/drone-jenkins

-go 1.25.10
+go 1.24.0

 require (
 	github.com/appleboy/com v1.1.1
@@ -19,8 +19,6 @@ import (
 	"github.com/yassinebenaid/godump"
 )

-const tokenParam = "token"
-
 type (
 	// Auth contain username and token
 	Auth struct {
@@ -489,14 +487,14 @@ func (jenkins *Jenkins) trigger(ctx context.Context, job string, params url.Valu
 		if params == nil {
 			params = url.Values{}
 		}
-		params.Set(tokenParam, jenkins.Token)
+		params.Set("token", jenkins.Token)
 	}

 	var urlPath string
 	// Check if params contains build parameters (excluding 'token')
 	hasBuildParams := false
 	for key := range params {
-		if key != tokenParam {
+		if key != "token" {
 			hasBuildParams = true
 			break
 		}
@@ -526,7 +524,7 @@ func (jenkins *Jenkins) trigger(ctx context.Context, job string, params url.Valu
 			// Create a copy of params with masked token for display
 			displayParams := url.Values{}
 			for key, values := range params {
-				if key == tokenParam {
+				if key == "token" {
 					// Mask token values for security
 					displayParams[key] = []string{"***MASKED***"}
 				} else {
@@ -22,7 +22,7 @@ func TestParseJobPath(t *testing.T) {
 	jenkins, err := NewJenkins(
 		context.Background(),
 		auth,
-		testExampleURL,
+		"http://example.com",
 		"",
 		false,
 		"",
@@ -38,8 +38,8 @@ func TestParseJobPath(t *testing.T) {

 func TestUnSupportProtocol(t *testing.T) {
 	auth := &Auth{
-		Username: testUserFoo,
-		Token:    testUserBar,
+		Username: "foo",
+		Token:    "bar",
 	}
 	jenkins, err := NewJenkins(context.Background(), auth, "example.com", "", false, "", false)
 	assert.NoError(t, err)
@@ -60,8 +60,8 @@ func TestTriggerBuild(t *testing.T) {
 	defer server.Close()

 	auth := &Auth{
-		Username: testUserFoo,
-		Token:    testUserBar,
+		Username: "foo",
+		Token:    "bar",
 	}
 	jenkins, err := NewJenkins(
 		context.Background(),
@@ -129,8 +129,8 @@ func TestPostAndGetLocation(t *testing.T) {
 			defer server.Close()

 			auth := &Auth{
-				Username: testUserName,
-				Token:    testUserName,
+				Username: "test",
+				Token:    "test",
 			}
 			jenkins, err := NewJenkins(context.Background(), auth, server.URL, "", false, "", false)
 			assert.NoError(t, err)
@@ -206,8 +206,8 @@ func TestGetQueueItem(t *testing.T) {
 			defer server.Close()

 			auth := &Auth{
-				Username: testUserName,
-				Token:    testUserName,
+				Username: "test",
+				Token:    "test",
 			}
 			jenkins, err := NewJenkins(context.Background(), auth, server.URL, "", false, "", false)
 			assert.NoError(t, err)
@@ -242,7 +242,7 @@ func TestGetBuildInfo(t *testing.T) {
 	}{
 		{
 			name:        "build in progress",
-			jobName:     testJobName,
+			jobName:     "test-job",
 			buildNumber: 123,
 			responseBody: `{"number":123,"building":true,"duration":0,"result":null,` +
 				`"url":"http://jenkins.example.com/job/test-job/123/"}`,
@@ -253,7 +253,7 @@ func TestGetBuildInfo(t *testing.T) {
 		},
 		{
 			name:        "build completed successfully",
-			jobName:     testJobName,
+			jobName:     "test-job",
 			buildNumber: 124,
 			responseBody: `{"number":124,"building":false,"duration":5000,"result":"SUCCESS",` +
 				`"url":"http://jenkins.example.com/job/test-job/124/"}`,
@@ -264,7 +264,7 @@ func TestGetBuildInfo(t *testing.T) {
 		},
 		{
 			name:        "build failed",
-			jobName:     testJobName,
+			jobName:     "test-job",
 			buildNumber: 125,
 			responseBody: `{"number":125,"building":false,"duration":3000,"result":"FAILURE",` +
 				`"url":"http://jenkins.example.com/job/test-job/125/"}`,
@@ -275,7 +275,7 @@ func TestGetBuildInfo(t *testing.T) {
 		},
 		{
 			name:           "build not found",
-			jobName:        testJobName,
+			jobName:        "test-job",
 			buildNumber:    999,
 			responseBody:   "Not Found",
 			responseStatus: http.StatusNotFound,
@@ -295,8 +295,8 @@ func TestGetBuildInfo(t *testing.T) {
 			defer server.Close()

 			auth := &Auth{
-				Username: testUserName,
-				Token:    testUserName,
+				Username: "test",
+				Token:    "test",
 			}
 			jenkins, err := NewJenkins(context.Background(), auth, server.URL, "", false, "", false)
 			assert.NoError(t, err)
@@ -347,26 +347,22 @@ func TestWaitForCompletion(t *testing.T) {
 						[]byte(`{"number":456,"building":true,"duration":0,"result":null}`),
 					)
 				} else {
-					_, _ = w.Write(
-						[]byte(
-							`{"number":456,"building":false,"duration":5000,"result":"SUCCESS"}`,
-						),
-					)
+					_, _ = w.Write([]byte(`{"number":456,"building":false,"duration":5000,"result":"SUCCESS"}`))
 				}
 			}
 		}))
 		defer server.Close()

 		auth := &Auth{
-			Username: testUserName,
-			Token:    testUserName,
+			Username: "test",
+			Token:    "test",
 		}
 		jenkins, err := NewJenkins(context.Background(), auth, server.URL, "", false, "", false)
 		assert.NoError(t, err)

 		buildInfo, err := jenkins.waitForCompletion(
 			context.Background(),
-			testJobName,
+			"test-job",
 			queueID,
 			100*time.Millisecond,
 			5*time.Second,
@@ -392,15 +388,15 @@ func TestWaitForCompletion(t *testing.T) {
 		defer server.Close()

 		auth := &Auth{
-			Username: testUserName,
-			Token:    testUserName,
+			Username: "test",
+			Token:    "test",
 		}
 		jenkins, err := NewJenkins(context.Background(), auth, server.URL, "", false, "", false)
 		assert.NoError(t, err)

 		buildInfo, err := jenkins.waitForCompletion(
 			context.Background(),
-			testJobName,
+			"test-job",
 			queueID,
 			50*time.Millisecond,
 			200*time.Millisecond,
@@ -434,15 +430,15 @@ func TestWaitForCompletion(t *testing.T) {
 		defer server.Close()

 		auth := &Auth{
-			Username: testUserName,
-			Token:    testUserName,
+			Username: "test",
+			Token:    "test",
 		}
 		jenkins, err := NewJenkins(context.Background(), auth, server.URL, "", false, "", false)
 		assert.NoError(t, err)

 		buildInfo, err := jenkins.waitForCompletion(
 			context.Background(),
-			testJobName,
+			"test-job",
 			queueID,
 			50*time.Millisecond,
 			200*time.Millisecond,
@@ -474,26 +470,22 @@ func TestWaitForCompletion(t *testing.T) {
 						[]byte(`{"number":456,"building":true,"duration":0,"result":null}`),
 					)
 				} else {
-					_, _ = w.Write(
-						[]byte(
-							`{"number":456,"building":false,"duration":3000,"result":"FAILURE"}`,
-						),
-					)
+					_, _ = w.Write([]byte(`{"number":456,"building":false,"duration":3000,"result":"FAILURE"}`))
 				}
 			}
 		}))
 		defer server.Close()

 		auth := &Auth{
-			Username: testUserName,
-			Token:    testUserName,
+			Username: "test",
+			Token:    "test",
 		}
 		jenkins, err := NewJenkins(context.Background(), auth, server.URL, "", false, "", false)
 		assert.NoError(t, err)

 		buildInfo, err := jenkins.waitForCompletion(
 			context.Background(),
-			testJobName,
+			"test-job",
 			queueID,
 			50*time.Millisecond,
 			5*time.Second,
@@ -626,8 +618,8 @@ func TestLoadCACert(t *testing.T) {
 func TestNewJenkinsWithCACert(t *testing.T) {
 	t.Run("with valid CA certificate", func(t *testing.T) {
 		auth := &Auth{
-			Username: testUserName,
-			Token:    testUserName,
+			Username: "test",
+			Token:    "test",
 		}
 		jenkins, err := NewJenkins(
 			context.Background(),
@@ -650,8 +642,8 @@ func TestNewJenkinsWithCACert(t *testing.T) {
 		assert.NoError(t, err)

 		auth := &Auth{
-			Username: testUserName,
-			Token:    testUserName,
+			Username: "test",
+			Token:    "test",
 		}
 		jenkins, err := NewJenkins(
 			context.Background(),
@@ -668,8 +660,8 @@ func TestNewJenkinsWithCACert(t *testing.T) {

 	t.Run("with invalid CA certificate content", func(t *testing.T) {
 		auth := &Auth{
-			Username: testUserName,
-			Token:    testUserName,
+			Username: "test",
+			Token:    "test",
 		}
 		jenkins, err := NewJenkins(
 			context.Background(),
@@ -687,8 +679,8 @@ func TestNewJenkinsWithCACert(t *testing.T) {

 	t.Run("with invalid PEM format", func(t *testing.T) {
 		auth := &Auth{
-			Username: testUserName,
-			Token:    testUserName,
+			Username: "test",
+			Token:    "test",
 		}
 		invalidPEM := "-----BEGIN CERTIFICATE-----\ninvalid-base64-data\n-----END CERTIFICATE-----"
 		jenkins, err := NewJenkins(
@@ -707,8 +699,8 @@ func TestNewJenkinsWithCACert(t *testing.T) {

 	t.Run("with nonexistent file path", func(t *testing.T) {
 		auth := &Auth{
-			Username: testUserName,
-			Token:    testUserName,
+			Username: "test",
+			Token:    "test",
 		}
 		jenkins, err := NewJenkins(
 			context.Background(),
@@ -726,8 +718,8 @@ func TestNewJenkinsWithCACert(t *testing.T) {

 	t.Run("insecure flag takes precedence over CA cert", func(t *testing.T) {
 		auth := &Auth{
-			Username: testUserName,
-			Token:    testUserName,
+			Username: "test",
+			Token:    "test",
 		}
 		// When insecure is true, CA cert should be ignored
 		jenkins, err := NewJenkins(
@@ -745,8 +737,8 @@ func TestNewJenkinsWithCACert(t *testing.T) {

 	t.Run("without CA certificate uses default client", func(t *testing.T) {
 		auth := &Auth{
-			Username: testUserName,
-			Token:    testUserName,
+			Username: "test",
+			Token:    "test",
 		}
 		jenkins, err := NewJenkins(
 			context.Background(),
@@ -71,7 +71,7 @@ func main() {
 			EnvVars: []string{"PLUGIN_USER", "JENKINS_USER", "INPUT_USER"},
 		},
 		&cli.StringFlag{
-			Name:    tokenParam,
+			Name:    "token",
 			Aliases: []string{"t"},
 			Usage:   "jenkins API token for authentication",
 			EnvVars: []string{"PLUGIN_TOKEN", "JENKINS_TOKEN", "INPUT_TOKEN"},
@@ -175,7 +175,7 @@ func run(c *cli.Context) error {
 	}

 	// Validate authentication: either (user + token) or remote-token must be provided
-	hasUserAuth := c.String("user") != "" && c.String(tokenParam) != ""
+	hasUserAuth := c.String("user") != "" && c.String("token") != ""
 	hasRemoteToken := c.String("remote-token") != ""

 	if !hasUserAuth && !hasRemoteToken {
@@ -185,7 +185,7 @@ func run(c *cli.Context) error {
 	plugin := Plugin{
 		BaseURL:      c.String("host"),
 		Username:     c.String("user"),
-		Token:        c.String(tokenParam),
+		Token:        c.String("token"),
 		RemoteToken:  c.String("remote-token"),
 		Job:          c.StringSlice("job"),
 		Insecure:     c.Bool("insecure"),
@@ -34,53 +34,53 @@ func TestValidateConfig(t *testing.T) {
 		{
 			name: "missing authentication",
 			plugin: Plugin{
-				BaseURL: testExampleURL,
+				BaseURL: "http://example.com",
 			},
 			wantError: true,
-			errorMsg:  testAuthRequiredErr,
+			errorMsg:  "authentication required",
 		},
 		{
 			name: "missing token (only username)",
 			plugin: Plugin{
-				BaseURL:  testExampleURL,
-				Username: testUserFoo,
+				BaseURL:  "http://example.com",
+				Username: "foo",
 			},
 			wantError: true,
-			errorMsg:  testAuthRequiredErr,
+			errorMsg:  "authentication required",
 		},
 		{
 			name: "missing username (only token)",
 			plugin: Plugin{
-				BaseURL: testExampleURL,
-				Token:   testUserBar,
+				BaseURL: "http://example.com",
+				Token:   "bar",
 			},
 			wantError: true,
-			errorMsg:  testAuthRequiredErr,
+			errorMsg:  "authentication required",
 		},
 		{
 			name: "user and token auth",
 			plugin: Plugin{
-				BaseURL:  testExampleURL,
-				Username: testUserFoo,
-				Token:    testUserBar,
+				BaseURL:  "http://example.com",
+				Username: "foo",
+				Token:    "bar",
 			},
 			wantError: false,
 		},
 		{
 			name: "remote token auth",
 			plugin: Plugin{
-				BaseURL:     testExampleURL,
-				RemoteToken: testRemoteTokenValue,
+				BaseURL:     "http://example.com",
+				RemoteToken: "remote-token-123",
 			},
 			wantError: false,
 		},
 		{
 			name: "both auth methods",
 			plugin: Plugin{
-				BaseURL:     testExampleURL,
-				Username:    testUserFoo,
-				Token:       testUserBar,
-				RemoteToken: testRemoteTokenValue,
+				BaseURL:     "http://example.com",
+				Username:    "foo",
+				Token:       "bar",
+				RemoteToken: "remote-token-123",
 			},
 			wantError: false,
 		},
@@ -118,7 +118,7 @@ func TestTrimWhitespaceFromSlice(t *testing.T) {
 		},
 		{
 			name:     "all whitespace",
-			input:    []string{testWhitespaceVal, "\t", "\n"},
+			input:    []string{"   ", "\t", "\n"},
 			expected: []string{},
 		},
 		{
@@ -129,12 +129,12 @@ func TestTrimWhitespaceFromSlice(t *testing.T) {
 		{
 			name:     "trim surrounding whitespace",
 			input:    []string{"  foo  ", " bar ", "baz"},
-			expected: []string{testUserFoo, testUserBar, "baz"},
+			expected: []string{"foo", "bar", "baz"},
 		},
 		{
 			name:     "mixed empty and valid",
-			input:    []string{"", testValidStr, "", "also-valid", ""},
-			expected: []string{testValidStr, "also-valid"},
+			input:    []string{"", "valid", "", "also-valid", ""},
+			expected: []string{"valid", "also-valid"},
 		},
 	}

@@ -157,29 +157,29 @@ func TestParseParameters(t *testing.T) {
 			name:  "valid parameters",
 			input: "key1=value1\nkey2=value2",
 			expected: url.Values{
-				testParamKey1: []string{testParamValue1},
-				testParamKey2: []string{testParamValue2},
+				"key1": []string{"value1"},
+				"key2": []string{"value2"},
 			},
 		},
 		{
 			name:  "parameter with multiple equals signs",
 			input: "key=value=with=equals",
 			expected: url.Values{
-				testParamKey: []string{"value=with=equals"},
+				"key": []string{"value=with=equals"},
 			},
 		},
 		{
 			name:  "parameter with spaces in value",
 			input: "key=value with spaces",
 			expected: url.Values{
-				testParamKey: []string{"value with spaces"},
+				"key": []string{"value with spaces"},
 			},
 		},
 		{
 			name:  "parameter with empty value",
 			input: "key=",
 			expected: url.Values{
-				testParamKey: []string{""},
+				"key": []string{""},
 			},
 		},
 		{
@@ -196,15 +196,15 @@ func TestParseParameters(t *testing.T) {
 			name:  "mixed valid and invalid",
 			input: "valid=yes\ninvalid\nalso=valid",
 			expected: url.Values{
-				testValidStr: []string{"yes"},
-				"also":       []string{testValidStr},
+				"valid": []string{"yes"},
+				"also":  []string{"valid"},
 			},
 		},
 		{
 			name:  "key with surrounding whitespace",
 			input: "  key  =value",
 			expected: url.Values{
-				testParamKey: []string{"value"},
+				"key": []string{"value"},
 			},
 		},
 		{
@@ -216,16 +216,16 @@ func TestParseParameters(t *testing.T) {
 			name:  "multiple empty lines",
 			input: "key1=value1\n\n\nkey2=value2",
 			expected: url.Values{
-				testParamKey1: []string{testParamValue1},
-				testParamKey2: []string{testParamValue2},
+				"key1": []string{"value1"},
+				"key2": []string{"value2"},
 			},
 		},
 		{
 			name:  "lines with whitespace only",
 			input: "key1=value1\n   \n\t\nkey2=value2",
 			expected: url.Values{
-				testParamKey1: []string{testParamValue1},
-				testParamKey2: []string{testParamValue2},
+				"key1": []string{"value1"},
+				"key2": []string{"value2"},
 			},
 		},
 	}
@@ -252,28 +252,28 @@ func TestExecMissingConfig(t *testing.T) {
 // TestExecMissingJenkinsUsername tests Exec with missing username
 func TestExecMissingJenkinsUsername(t *testing.T) {
 	plugin := Plugin{
-		BaseURL: testExampleURL,
+		BaseURL: "http://example.com",
 	}

 	err := plugin.Exec(context.Background())

 	assert.Error(t, err)
 	assert.Contains(t, err.Error(), "configuration error")
-	assert.Contains(t, err.Error(), testAuthRequiredErr)
+	assert.Contains(t, err.Error(), "authentication required")
 }

 // TestExecMissingJenkinsToken tests Exec with missing token
 func TestExecMissingJenkinsToken(t *testing.T) {
 	plugin := Plugin{
-		BaseURL:  testExampleURL,
-		Username: testUserFoo,
+		BaseURL:  "http://example.com",
+		Username: "foo",
 	}

 	err := plugin.Exec(context.Background())

 	assert.Error(t, err)
 	assert.Contains(t, err.Error(), "configuration error")
-	assert.Contains(t, err.Error(), testAuthRequiredErr)
+	assert.Contains(t, err.Error(), "authentication required")
 }

 // TestExecMissingJenkinsJob tests Exec with missing or empty job list
@@ -288,7 +288,7 @@ func TestExecMissingJenkinsJob(t *testing.T) {
 		},
 		{
 			name: "only whitespace jobs",
-			jobs: []string{testWhitespaceVal, "\t", "\n"},
+			jobs: []string{"   ", "\t", "\n"},
 		},
 		{
 			name: "nil jobs",
@@ -299,9 +299,9 @@ func TestExecMissingJenkinsJob(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			plugin := Plugin{
-				BaseURL:  testExampleURL,
-				Username: testUserFoo,
-				Token:    testUserBar,
+				BaseURL:  "http://example.com",
+				Username: "foo",
+				Token:    "bar",
 				Job:      tt.jobs,
 			}

@@ -326,8 +326,8 @@ func TestExecTriggerBuild(t *testing.T) {

 	plugin := Plugin{
 		BaseURL:  server.URL,
-		Username: testUserFoo,
-		Token:    testUserBar,
+		Username: "foo",
+		Token:    "bar",
 		Job:      []string{"drone-jenkins"},
 	}

@@ -353,8 +353,8 @@ func TestExecTriggerMultipleJobs(t *testing.T) {

 	plugin := Plugin{
 		BaseURL:  server.URL,
-		Username: testUserFoo,
-		Token:    testUserBar,
+		Username: "foo",
+		Token:    "bar",
 		Job:      []string{"job1", "job2", "job3"},
 	}

@@ -377,8 +377,8 @@ func TestExecWithParameters(t *testing.T) {

 	plugin := Plugin{
 		BaseURL:    server.URL,
-		Username:   testUserFoo,
-		Token:      testUserBar,
+		Username:   "foo",
+		Token:      "bar",
 		Job:        []string{"parameterized-job"},
 		Parameters: "branch=main\nenvironment=production",
 	}
@@ -403,16 +403,16 @@ func TestExecWithRemoteToken(t *testing.T) {

 	plugin := Plugin{
 		BaseURL:     server.URL,
-		Username:    testUserFoo,
-		Token:       testUserBar,
-		RemoteToken: testRemoteTokenValue,
+		Username:    "foo",
+		Token:       "bar",
+		RemoteToken: "remote-token-123",
 		Job:         []string{"secure-job"},
 	}

 	err := plugin.Exec(context.Background())

 	assert.NoError(t, err)
-	assert.Equal(t, testRemoteTokenValue, receivedToken)
+	assert.Equal(t, "remote-token-123", receivedToken)
 }

 // TestExecWithJobsContainingWhitespace tests job list with whitespace
@@ -432,9 +432,9 @@ func TestExecWithJobsContainingWhitespace(t *testing.T) {

 	plugin := Plugin{
 		BaseURL:  server.URL,
-		Username: testUserFoo,
-		Token:    testUserBar,
-		Job:      []string{"  job1  ", "job2", testWhitespaceVal, "job3"},
+		Username: "foo",
+		Token:    "bar",
+		Job:      []string{"  job1  ", "job2", "   ", "job3"},
 	}

 	err := plugin.Exec(context.Background())
@@ -467,9 +467,9 @@ func TestExecWithWaitSuccess(t *testing.T) {

 	plugin := Plugin{
 		BaseURL:  server.URL,
-		Username: testUserFoo,
-		Token:    testUserBar,
-		Job:      []string{testJobName},
+		Username: "foo",
+		Token:    "bar",
+		Job:      []string{"test-job"},
 		Wait:     true,
 	}

@@ -501,9 +501,9 @@ func TestExecWithWaitFailure(t *testing.T) {

 	plugin := Plugin{
 		BaseURL:  server.URL,
-		Username: testUserFoo,
-		Token:    testUserBar,
-		Job:      []string{testJobName},
+		Username: "foo",
+		Token:    "bar",
+		Job:      []string{"test-job"},
 		Wait:     true,
 	}

@@ -1,18 +0,0 @@
-package main
-
-const (
-	testUserFoo          = "foo"
-	testUserBar          = "bar"
-	testUserName         = "test"
-	testJobName          = "test-job"
-	testExampleURL       = "http://example.com"
-	testAuthRequiredErr  = "authentication required"
-	testRemoteTokenValue = "remote-token-123"
-	testWhitespaceVal    = "   "
-	testValidStr         = "valid"
-	testParamKey         = "key"
-	testParamKey1        = "key1"
-	testParamKey2        = "key2"
-	testParamValue1      = "value1"
-	testParamValue2      = "value2"
-)