From: amshegokar Date: Mon, 15 Oct 2018 11:33:16 +0000 (+0530) Subject: Address critical vulnerability for Mapper X-Git-Tag: 1.0.0~21 X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=5ac0bcd19f06b601c2e913bf83a7359e7135fddb;p=dcaegen2%2Fservices%2Fmapper.git Address critical vulnerability for Mapper added Recommended version and readme file correction Change-Id: I675637ef0d0b1515e0d7783abb94c120ffb029a2 Issue-ID: DCAEGEN2-871 Signed-off-by: amshegokar --- diff --git a/UniversalVesAdapter/README.md b/UniversalVesAdapter/README.md index 33d41c8..60b1503 100644 --- a/UniversalVesAdapter/README.md +++ b/UniversalVesAdapter/README.md @@ -72,8 +72,6 @@ General flow goes like this - Here entry point will be depending on the deployment type, Getting configuration from docker env var or from CBS configures a bunch of things and starts the application in a separate process -### Release images -For R1 - image/version pushed to nexus3 ``` nexus3.onap.org:10003/snapshots/onap/org.onap.dcaegen2.services.mapper.vesadapter.universalvesadaptor latest @@ -95,7 +93,7 @@ STEPS FOR SETUP/TEST sudo docker run -d -p 8085:8085/tcp -e URL_JDBC=jdbc:postgresql://10.53.172.138:5432/postgres -e JDBC_USERNAME=postgres -e JDBC_PASSWORD=root -e DMAAPHOST=10.53.172.156 -e CONSUL_HOST=10.53.172.109 -e HOSTNAME=static-dcaegen2-services-mua -e MR_DEFAULT_PORT_NUMBER=3904 -e CONFIG_BINDING_SERVICE=config_binding_service nexus3.onap.org:10003/onap/org.onap.dcaegen2.services.mapper.vesadapter.universalvesadaptor:latest -3) Go inside container and tail /opt/app/VESCollector/logs/vesadaper.log +3) Go inside container and tail /opt/app/VESAdapter/logs/vesadaper.log 4) Post SNMP event JSON to DMaaP Topic ONAP-COLLECTOR-SNMPTRAP 5) Subscribe to DMaaP topic unauthenticated.SEC_FAULT_OUTPUT you will get process VES JSON to this topic. ``` diff --git a/UniversalVesAdapter/pom.xml b/UniversalVesAdapter/pom.xml index 8bb683d..cff2fd0 100644 --- a/UniversalVesAdapter/pom.xml +++ b/UniversalVesAdapter/pom.xml @@ -86,8 +86,17 @@ javax.servlet servlet-api + + ognl + ognl + + + ognl + ognl + 3.1.12 + org.onap.dmaap.messagerouter.dmaapclient dmaapClient diff --git a/UniversalVesAdapter/src/main/java/org/onap/universalvesadapter/service/VESAdapterInitializer.java b/UniversalVesAdapter/src/main/java/org/onap/universalvesadapter/service/VESAdapterInitializer.java index 82cee66..a91e5c6 100644 --- a/UniversalVesAdapter/src/main/java/org/onap/universalvesadapter/service/VESAdapterInitializer.java +++ b/UniversalVesAdapter/src/main/java/org/onap/universalvesadapter/service/VESAdapterInitializer.java @@ -232,7 +232,7 @@ public class VESAdapterInitializer implements CommandLineRunner, Ordered { try (Connection con = DriverManager.getConnection(dBurl, user, pwd)) { LOGGER.info("Postgresql Connection successful..."); - LOGGER.debug("1Connection object:"+con.toString()); + LOGGER.debug("Connection object:"+con.toString()); //creating table if not exist PreparedStatement pstmt11=con.prepareStatement("CREATE TABLE IF NOT EXISTS public."+MappingFileTableName+"\r\n" + "(\r\n" + diff --git a/snmpmapper/README.md b/snmpmapper/README.md index f5ab564..584f8a5 100644 --- a/snmpmapper/README.md +++ b/snmpmapper/README.md @@ -60,9 +60,5 @@ Dockerfile bin lib logs - lib contains all libraries that are pulled into the app during maven build - logs contains application logs - -### Release images -For R1 - image/version pushed to nexus3 - ```nexus3.onap.org:10003/snapshots/onap/org.onap.dcaegen2.services.mapper.vesadapter.snmpmapper:latest ```