Code Review / dcaegen2 / services.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Fix BBS-EP security vulnerabilities
[dcaegen2/services.git] / components / bbs-event-processor / pom.xml
diff --git a/components/bbs-event-processor/pom.xml b/components/bbs-event-processor/pom.xml
index a4a0ffd..fd9b6d0 100644 (file)
--- a/components/bbs-event-processor/pom.xml
+++ b/components/bbs-event-processor/pom.xml
@@ -3,17 +3,17 @@
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
-    
+
     <parent>
         <groupId>org.onap.oparent</groupId>
         <artifactId>oparent</artifactId>
-        <version>1.2.3</version>
+        <version>2.0.0</version>
     </parent>
 
     <groupId>org.onap.dcaegen2.services.components</groupId>
     <artifactId>bbs-event-processor</artifactId>
-    <version>1.0.0-SNAPSHOT</version>
-    
+    <version>2.0.1-SNAPSHOT</version>
+
     <name>dcaegen2-services-bbs-event-processor</name>
     <description>BBS Re-Registration and CPE Authentication Handler</description>
     <packaging>jar</packaging>
@@ -26,23 +26,24 @@
     </licenses>
 
     <properties>
-        <java.version>8</java.version>
-        <immutables.version>2.7.5</immutables.version>
-        <spring-boot.version>2.1.3.RELEASE</spring-boot.version>
-        <tomcat.version>8.5.32</tomcat.version>
-        <slf4j.version>1.7.25</slf4j.version>
+        <java.version>11</java.version>
+        <immutables.version>2.8.3</immutables.version>
+        <spring-boot.version>2.2.9.RELEASE</spring-boot.version>
         <junit-platform.version>1.1.0</junit-platform.version>
         <jacoco.version>0.8.2</jacoco.version>
-        <dcae.sdk.version>1.1.4</dcae.sdk.version>
-        <wiremock.version>2.21.0</wiremock.version>
-        <springfox-swagger.version>2.8.0</springfox-swagger.version>
+        <dcae.sdk.version>1.4.1</dcae.sdk.version>
+        <wiremock.version>2.24.0</wiremock.version>
+        <jaxb.api.version>2.3.0</jaxb.api.version>
+        <springfox-swagger.version>3.0.0</springfox-swagger.version>
         <maven.build.timestamp.format>yyyyMMdd'T'HHmmss</maven.build.timestamp.format>
         <bbs-event-processor.main.class>org.onap.bbs.event.processor.Application</bbs-event-processor.main.class>
         <dependency.dir.name>libs</dependency.dir.name>
         <dependency.dir.location>${project.build.directory}/${dependency.dir.name}</dependency.dir.location>
-        <docker.artifact.dir>/opt</docker.artifact.dir>
         <docker.image.name>onap/${project.groupId}.${project.artifactId}</docker.image.name>
         <maven.build.timestamp.format>yyyyMMdd'T'HHmmss</maven.build.timestamp.format>
+        <sonar.coverage.jacoco.xmlReportPaths>
+            ${project.reporting.outputDirectory}/jacoco-ut/jacoco.xml
+        </sonar.coverage.jacoco.xmlReportPaths>
     </properties>
 
     <dependencyManagement>
@@ -59,7 +60,7 @@
             </dependency>
             <dependency>
                 <groupId>org.onap.dcaegen2.services.sdk.rest.services</groupId>
-                <artifactId>common-dependency</artifactId>
+                <artifactId>http-client</artifactId>
                 <version>${dcae.sdk.version}</version>
             </dependency>
             <dependency>
@@ -94,6 +95,11 @@
                 <artifactId>wiremock-jre8</artifactId>
                 <version>${wiremock.version}</version>
             </dependency>
+            <dependency>
+                <groupId>javax.xml.bind</groupId>
+                <artifactId>jaxb-api</artifactId>
+                <version>${jaxb.api.version}</version>
+            </dependency>
         </dependencies>
     </dependencyManagement>
 
@@ -108,7 +114,7 @@
         </dependency>
         <dependency>
             <groupId>org.onap.dcaegen2.services.sdk.rest.services</groupId>
-            <artifactId>common-dependency</artifactId>
+            <artifactId>http-client</artifactId>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
@@ -167,6 +173,10 @@
             <artifactId>jackson-datatype-jsr310</artifactId>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <groupId>javax.xml.bind</groupId>
+            <artifactId>jaxb-api</artifactId>
+        </dependency>
         <dependency>
             <groupId>com.github.tomakehurst</groupId>
             <artifactId>wiremock-jre8</artifactId>
@@ -221,9 +231,6 @@
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
                     <artifactId>maven-deploy-plugin</artifactId>
-                    <configuration>
-                        <skip>true</skip>
-                    </configuration>
                 </plugin>
                 <plugin>
                     <groupId>org.springframework.boot</groupId>
@@ -249,8 +256,8 @@
                 </plugin>
                 <plugin>
                     <groupId>com.spotify</groupId>
-                    <artifactId>docker-maven-plugin</artifactId>
-                    <version>1.2.0</version>
+                    <artifactId>dockerfile-maven-plugin</artifactId>
+                    <version>1.4.10</version>
                 </plugin>
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
@@ -323,72 +330,63 @@
             </plugin>
             <plugin>
                 <groupId>com.spotify</groupId>
-                <artifactId>docker-maven-plugin</artifactId>
+                <artifactId>dockerfile-maven-plugin</artifactId>
                 <configuration>
-                    <serverId>${onap.nexus.dockerregistry.daily}</serverId>
-                    <imageName>${docker.image.name}</imageName>
-                    <imageTags>
-                        <tag>latest</tag>
-                    </imageTags>
-                    <baseImage>openjdk:${java.version}-jre-alpine</baseImage>
-                    <workdir>${docker.artifact.dir}</workdir>
-                    <resources>
-                        <resource>
-                            <directory>${dependency.dir.location}</directory>
-                            <targetPath>${dependency.dir.name}</targetPath>
-                        </resource>
-                        <resource>
-                            <directory>${project.build.directory}</directory>
-                            <include>${project.build.finalName}.jar</include>
-                        </resource>
-                    </resources>
-                    <exposes>
-                        <expose>8100</expose>
-                    </exposes>
-                    <entryPoint>["java", "-jar", "${project.build.finalName}.jar"]</entryPoint>
+                    <contextDirectory>${project.basedir}</contextDirectory>
+                    <repository>${docker.image.name}</repository>
+                    <tag>latest</tag>
+                    <buildArgs>
+                        <PROJECT_BUILD_DIR_NAME>target</PROJECT_BUILD_DIR_NAME>
+                        <DEPENDENCIES_DIR>${dependency.dir.name}</DEPENDENCIES_DIR>
+                        <DOCKER_ARTIFACT_DIR>/opt</DOCKER_ARTIFACT_DIR>
+                        <FINAL_JAR>${project.build.finalName}.jar</FINAL_JAR>
+                    </buildArgs>
                 </configuration>
                 <executions>
                     <execution>
                         <id>build-bbs-event-processor-image</id>
-                        <phase>deploy</phase>
+                        <phase>package</phase>
                         <goals>
                             <goal>build</goal>
                         </goals>
                     </execution>
                     <execution>
                         <id>tag-and-push-image-latest</id>
-                        <phase>deploy</phase>
+                        <phase>package</phase>
                         <goals>
                             <goal>tag</goal>
+                            <goal>push</goal>
                         </goals>
                         <configuration>
-                            <image>${docker.image.name}:latest</image>
-                            <newName>${onap.nexus.dockerregistry.daily}/${docker.image.name}:latest</newName>
-                            <pushImage>true</pushImage>
+                            <repository>${onap.nexus.dockerregistry.daily}/${docker.image.name}</repository>
+                            <tag>latest</tag>
+                            <useMavenSettingsForAuth>true</useMavenSettingsForAuth>
                         </configuration>
                     </execution>
                     <execution>
                         <id>tag-and-push-image-with-version</id>
-                        <phase>deploy</phase>
+                        <phase>package</phase>
                         <goals>
                             <goal>tag</goal>
+                            <goal>push</goal>
                         </goals>
                         <configuration>
-                            <image>${docker.image.name}:latest</image>
-                            <newName>${onap.nexus.dockerregistry.daily}/${docker.image.name}:${project.version}</newName>
-                            <pushImage>true</pushImage>
+                            <repository>${onap.nexus.dockerregistry.daily}/${docker.image.name}</repository>
+                            <tag>${project.version}</tag>
+                            <useMavenSettingsForAuth>true</useMavenSettingsForAuth>
                         </configuration>
                     </execution>
                     <execution>
                         <id>tag-and-push-image-with-version-and-date</id>
-                        <phase>deploy</phase>
+                        <phase>package</phase>
                         <goals>
                             <goal>tag</goal>
+                            <goal>push</goal>
                         </goals>
                         <configuration>
-                            <image>${docker.image.name}:latest</image>
-                            <newName>${onap.nexus.dockerregistry.daily}/${docker.image.name}:${project.version}-${maven.build.timestamp}Z</newName>
-                            <pushImage>true</pushImage>
+                            <repository>${onap.nexus.dockerregistry.daily}/${docker.image.name}</repository>
+                            <tag>${project.version}-${maven.build.timestamp}Z</tag>
+                            <useMavenSettingsForAuth>true</useMavenSettingsForAuth>
                         </configuration>
                     </execution>
                 </executions>