From b992a32981f459249634daa1dfdeb26b060a4e80 Mon Sep 17 00:00:00 2001 From: "chandana.g.n" Date: Wed, 9 Oct 2024 13:17:38 +0000 Subject: [PATCH] Updated to Java-17 - Updated parent project and fixed security vulnerabilities Issue-ID: CCSDK-4059 Change-Id: Ie02ae86a578dd7732b7a71b6a9e9d3a5997c17b3 Signed-off-by: chandana.g.n --- .../blueprint-model/archetype-blueprint/pom.xml | 2 +- .../test-blueprint-kotlin-parent/pom.xml | 5 ++ ms/blueprintsprocessor/application/pom.xml | 38 +++++++++++++++ .../application/src/main/docker/Dockerfile | 4 +- .../src/main/resources/application-dev.properties | 4 +- ms/blueprintsprocessor/functions/pom.xml | 16 +++++++ .../restconf/executor/RestconfExecutor.kt | 3 ++ .../functions/restful-executor/pom.xml | 1 + .../core/scripts/BluePrintCompileService.kt | 2 +- .../core/service/BluePrintWorkflowService.kt | 1 + .../blueprints/blueprint-validation/pom.xml | 1 + .../modules/commons/dmaap-lib/pom.xml | 5 ++ .../modules/commons/message-lib/pom.xml | 6 +++ ms/blueprintsprocessor/modules/commons/pom.xml | 10 ++++ .../modules/commons/rest-lib/pom.xml | 10 ++++ .../modules/commons/ssh-lib/pom.xml | 15 ++++++ .../modules/inbounds/configs-api/pom.xml | 1 + .../configuration/HealthCheckProperties.kt | 7 +++ ms/blueprintsprocessor/modules/inbounds/pom.xml | 1 + .../modules/inbounds/resource-api/pom.xml | 1 + .../modules/inbounds/selfservice-api/pom.xml | 16 +++++++ .../modules/inbounds/workflow-api/pom.xml | 1 + ms/blueprintsprocessor/parent/pom.xml | 10 +++- ms/pom.xml | 13 +++++ ms/sdclistener/application/pom.xml | 1 + ms/sdclistener/parent/pom.xml | 31 ++++++++++-- pom.xml | 56 +++++++++++++++++----- 27 files changed, 239 insertions(+), 22 deletions(-) diff --git a/components/model-catalog/blueprint-model/archetype-blueprint/pom.xml b/components/model-catalog/blueprint-model/archetype-blueprint/pom.xml index 4e651a192..48f005094 100644 --- a/components/model-catalog/blueprint-model/archetype-blueprint/pom.xml +++ b/components/model-catalog/blueprint-model/archetype-blueprint/pom.xml @@ -15,7 +15,7 @@ ~ limitations under the License. --> - + 4.0.0 org.onap.ccsdk.cds.components.cba diff --git a/components/model-catalog/blueprint-model/test-blueprint-kotlin-parent/pom.xml b/components/model-catalog/blueprint-model/test-blueprint-kotlin-parent/pom.xml index c9fe99ced..4ab771148 100644 --- a/components/model-catalog/blueprint-model/test-blueprint-kotlin-parent/pom.xml +++ b/components/model-catalog/blueprint-model/test-blueprint-kotlin-parent/pom.xml @@ -35,6 +35,11 @@ blueprintsprocessor-application ${project.parent.version} + + org.eclipse.jetty.http2 + http2-common + 11.0.20 + org.springframework.boot spring-boot-starter-test diff --git a/ms/blueprintsprocessor/application/pom.xml b/ms/blueprintsprocessor/application/pom.xml index c44111daa..44c3c764b 100755 --- a/ms/blueprintsprocessor/application/pom.xml +++ b/ms/blueprintsprocessor/application/pom.xml @@ -49,6 +49,16 @@ + + org.springframework.security + spring-security-core + 6.3.0 + + + org.eclipse.jetty.http2 + http2-common + 11.0.20 + org.springframework.boot spring-boot-starter-security @@ -166,6 +176,11 @@ org.yaml snakeyaml + + org.scala-lang + scala-library + 2.13.9 + com.nhaarman.mockitokotlin2 mockito-kotlin @@ -192,11 +207,34 @@ wiremock-jre8 2.35.1 test + + + commons-fileupload + commons-fileupload + + + ch.qos.logback logback-classic + 1.2.13 + + + org.springframework.kafka + spring-kafka + 2.9.13 + + + org.bitbucket.b_c + jose4j + 0.9.4 + + + org.apache.zookeeper + zookeeper + 3.9.2 diff --git a/ms/blueprintsprocessor/application/src/main/docker/Dockerfile b/ms/blueprintsprocessor/application/src/main/docker/Dockerfile index 9bb56acc8..2bbcda976 100755 --- a/ms/blueprintsprocessor/application/src/main/docker/Dockerfile +++ b/ms/blueprintsprocessor/application/src/main/docker/Dockerfile @@ -1,6 +1,6 @@ # Prepare stage for multistage image build ## START OF STAGE0 ## -FROM onap/ccsdk-alpine-j17-image:1.5.1 AS stage0 +FROM onap/ccsdk-alpine-j17-image:1.6.2 AS stage0 USER root # add entrypoint @@ -22,7 +22,7 @@ RUN tar -xzf /source.tar.gz -C /tmp \ ## This will create actual image -FROM onap/ccsdk-alpine-j17-image:1.5.1 +FROM onap/ccsdk-alpine-j17-image:1.6.2 USER root COPY --from=stage0 /opt /opt diff --git a/ms/blueprintsprocessor/application/src/main/resources/application-dev.properties b/ms/blueprintsprocessor/application/src/main/resources/application-dev.properties index e20e2649d..29ea46adf 100755 --- a/ms/blueprintsprocessor/application/src/main/resources/application-dev.properties +++ b/ms/blueprintsprocessor/application/src/main/resources/application-dev.properties @@ -75,7 +75,7 @@ blueprintsprocessor.grpcclient.py-executor.trustCertCollection=src/main/resource # db -blueprintsprocessor.db.url=jdbc:mysql://localhost:3306/sdnctl +blueprintsprocessor.db.url=jdbc:mariadb://localhost:3306/sdnctl blueprintsprocessor.db.username=sdnctl blueprintsprocessor.db.password=sdnctl blueprintsprocessor.db.driverClassName=org.mariadb.jdbc.Driver @@ -86,7 +86,7 @@ blueprintsprocessor.db.hibernateDialect=org.hibernate.dialect.MySQL5InnoDBDialec # processor-db endpoint blueprintsprocessor.db.processor-db.type=maria-db -blueprintsprocessor.db.processor-db.url=jdbc:mysql://localhost:3306/sdnctl +blueprintsprocessor.db.processor-db.url=jdbc:mariadb://localhost:3306/sdnctl blueprintsprocessor.db.processor-db.username=root blueprintsprocessor.db.processor-db.password=secretpassword diff --git a/ms/blueprintsprocessor/functions/pom.xml b/ms/blueprintsprocessor/functions/pom.xml index 7f8186298..7bb4ae068 100755 --- a/ms/blueprintsprocessor/functions/pom.xml +++ b/ms/blueprintsprocessor/functions/pom.xml @@ -65,6 +65,17 @@ org.mock-server mockserver-netty test + + + commons-collections + commons-collections + + + + + org.springframework.kafka + spring-kafka + 2.9.13 org.powermock @@ -86,6 +97,11 @@ junit-vintage-engine test + + com.nimbusds + nimbus-jose-jwt + 9.37.2 + org.jetbrains.kotlin kotlin-test-junit diff --git a/ms/blueprintsprocessor/functions/restconf-executor/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/functions/restconf/executor/RestconfExecutor.kt b/ms/blueprintsprocessor/functions/restconf-executor/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/functions/restconf/executor/RestconfExecutor.kt index 4b9333544..86e4058f2 100644 --- a/ms/blueprintsprocessor/functions/restconf-executor/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/functions/restconf/executor/RestconfExecutor.kt +++ b/ms/blueprintsprocessor/functions/restconf-executor/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/functions/restconf/executor/RestconfExecutor.kt @@ -192,6 +192,9 @@ open class Execute : AbstractScriptComponentFunction() { action.get(ACTION_PAYLOAD) ?: throw BluePrintProcessorException("Failed to load action $actionType payload.") } + RestconfRequestType.GET, RestconfRequestType.DELETE -> { + // No payload required for GET or DELETE + } } } } diff --git a/ms/blueprintsprocessor/functions/restful-executor/pom.xml b/ms/blueprintsprocessor/functions/restful-executor/pom.xml index 2c93853f5..c779869b8 100644 --- a/ms/blueprintsprocessor/functions/restful-executor/pom.xml +++ b/ms/blueprintsprocessor/functions/restful-executor/pom.xml @@ -47,6 +47,7 @@ org.springframework spring-web + 5.3.39 com.h2database diff --git a/ms/blueprintsprocessor/modules/blueprints/blueprint-core/src/main/kotlin/org/onap/ccsdk/cds/controllerblueprints/core/scripts/BluePrintCompileService.kt b/ms/blueprintsprocessor/modules/blueprints/blueprint-core/src/main/kotlin/org/onap/ccsdk/cds/controllerblueprints/core/scripts/BluePrintCompileService.kt index b093e8e47..34c62c629 100644 --- a/ms/blueprintsprocessor/modules/blueprints/blueprint-core/src/main/kotlin/org/onap/ccsdk/cds/controllerblueprints/core/scripts/BluePrintCompileService.kt +++ b/ms/blueprintsprocessor/modules/blueprints/blueprint-core/src/main/kotlin/org/onap/ccsdk/cds/controllerblueprints/core/scripts/BluePrintCompileService.kt @@ -95,7 +95,7 @@ open class BluePrintCompileService { add("-d") add(compiledJarFile.absolutePath) add("-jvm-target") - add("11") + add("17") } val deferredCompile = async { val k2jvmCompiler = K2JVMCompiler() diff --git a/ms/blueprintsprocessor/modules/blueprints/blueprint-core/src/main/kotlin/org/onap/ccsdk/cds/controllerblueprints/core/service/BluePrintWorkflowService.kt b/ms/blueprintsprocessor/modules/blueprints/blueprint-core/src/main/kotlin/org/onap/ccsdk/cds/controllerblueprints/core/service/BluePrintWorkflowService.kt index f3e4e59aa..15f0504bc 100644 --- a/ms/blueprintsprocessor/modules/blueprints/blueprint-core/src/main/kotlin/org/onap/ccsdk/cds/controllerblueprints/core/service/BluePrintWorkflowService.kt +++ b/ms/blueprintsprocessor/modules/blueprints/blueprint-core/src/main/kotlin/org/onap/ccsdk/cds/controllerblueprints/core/service/BluePrintWorkflowService.kt @@ -347,6 +347,7 @@ abstract class AbstractBluePrintWorkFlowService : CoroutineScope, BlueP } } } + else -> log.info("Handling other types of Message") } } } diff --git a/ms/blueprintsprocessor/modules/blueprints/blueprint-validation/pom.xml b/ms/blueprintsprocessor/modules/blueprints/blueprint-validation/pom.xml index b8fad8be1..710a4a449 100644 --- a/ms/blueprintsprocessor/modules/blueprints/blueprint-validation/pom.xml +++ b/ms/blueprintsprocessor/modules/blueprints/blueprint-validation/pom.xml @@ -35,6 +35,7 @@ org.springframework spring-core + 6.0.0 org.springframework diff --git a/ms/blueprintsprocessor/modules/commons/dmaap-lib/pom.xml b/ms/blueprintsprocessor/modules/commons/dmaap-lib/pom.xml index 5215c834e..6c6116dd0 100644 --- a/ms/blueprintsprocessor/modules/commons/dmaap-lib/pom.xml +++ b/ms/blueprintsprocessor/modules/commons/dmaap-lib/pom.xml @@ -60,6 +60,11 @@ org.springframework.boot spring-boot-starter-test test + + + org.json + json + 20231013 org.junit.vintage diff --git a/ms/blueprintsprocessor/modules/commons/message-lib/pom.xml b/ms/blueprintsprocessor/modules/commons/message-lib/pom.xml index 40092b881..d971dae82 100644 --- a/ms/blueprintsprocessor/modules/commons/message-lib/pom.xml +++ b/ms/blueprintsprocessor/modules/commons/message-lib/pom.xml @@ -37,10 +37,16 @@ org.onap.ccsdk.cds.blueprintsprocessor.modules processor-core + + + org.scala-lang + scala-library + 2.13.9 org.springframework.kafka spring-kafka + 2.9.13 org.apache.kafka diff --git a/ms/blueprintsprocessor/modules/commons/pom.xml b/ms/blueprintsprocessor/modules/commons/pom.xml index 3291b02ad..4eba5949d 100755 --- a/ms/blueprintsprocessor/modules/commons/pom.xml +++ b/ms/blueprintsprocessor/modules/commons/pom.xml @@ -79,6 +79,16 @@ kotlin-test-junit test + + org.springframework.kafka + spring-kafka + 2.9.13 + + + org.bitbucket.b_c + jose4j + 0.9.4 + org.jetbrains.kotlinx kotlinx-coroutines-test diff --git a/ms/blueprintsprocessor/modules/commons/rest-lib/pom.xml b/ms/blueprintsprocessor/modules/commons/rest-lib/pom.xml index 16c48701d..74680ae14 100644 --- a/ms/blueprintsprocessor/modules/commons/rest-lib/pom.xml +++ b/ms/blueprintsprocessor/modules/commons/rest-lib/pom.xml @@ -53,6 +53,7 @@ org.springframework spring-web + 5.3.39 org.springframework.boot @@ -64,5 +65,14 @@ spring-boot-starter-security test + + org.springframework.security + spring-security-core + 6.3.0 + + + org.jetbrains.kotlin + kotlin-compiler-embeddable + diff --git a/ms/blueprintsprocessor/modules/commons/ssh-lib/pom.xml b/ms/blueprintsprocessor/modules/commons/ssh-lib/pom.xml index 3fcfc7a18..002faa648 100644 --- a/ms/blueprintsprocessor/modules/commons/ssh-lib/pom.xml +++ b/ms/blueprintsprocessor/modules/commons/ssh-lib/pom.xml @@ -43,5 +43,20 @@ org.apache.sshd sshd-core + + org.bitbucket.b_c + jose4j + 0.9.4 + + + org.apache.zookeeper + zookeeper + 3.9.2 + + + org.scala-lang + scala-library + 2.13.9 + diff --git a/ms/blueprintsprocessor/modules/inbounds/configs-api/pom.xml b/ms/blueprintsprocessor/modules/inbounds/configs-api/pom.xml index 64e32ac43..82d0bfe81 100644 --- a/ms/blueprintsprocessor/modules/inbounds/configs-api/pom.xml +++ b/ms/blueprintsprocessor/modules/inbounds/configs-api/pom.xml @@ -38,6 +38,7 @@ org.springframework.security spring-security-core + 6.3.0 org.onap.ccsdk.cds.blueprintsprocessor.modules diff --git a/ms/blueprintsprocessor/modules/inbounds/health-api-common/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/healthapi/configuration/HealthCheckProperties.kt b/ms/blueprintsprocessor/modules/inbounds/health-api-common/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/healthapi/configuration/HealthCheckProperties.kt index c1532cd35..dfbacdbd3 100644 --- a/ms/blueprintsprocessor/modules/inbounds/health-api-common/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/healthapi/configuration/HealthCheckProperties.kt +++ b/ms/blueprintsprocessor/modules/inbounds/health-api-common/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/healthapi/configuration/HealthCheckProperties.kt @@ -77,6 +77,13 @@ open class HealthCheckProperties { } private fun getServiceEndpoint(serviceEndpointInfo: List): ServiceEndpoint { + // Ensure the list has at least 2 elements + if (serviceEndpointInfo.size < 2) { + // Use default values if the list is too short + return ServiceEndpoint("", "") + } + + // Safely access elements assuming the list has at least 2 elements return ServiceEndpoint( removeSpecialCharacter(serviceEndpointInfo[0]), removeSpecialCharacter(serviceEndpointInfo[1]) ) diff --git a/ms/blueprintsprocessor/modules/inbounds/pom.xml b/ms/blueprintsprocessor/modules/inbounds/pom.xml index 3afd50c11..ac73ca9ad 100644 --- a/ms/blueprintsprocessor/modules/inbounds/pom.xml +++ b/ms/blueprintsprocessor/modules/inbounds/pom.xml @@ -44,6 +44,7 @@ org.springframework.security spring-security-core + 6.3.0 org.onap.ccsdk.cds.blueprintsprocessor.modules diff --git a/ms/blueprintsprocessor/modules/inbounds/resource-api/pom.xml b/ms/blueprintsprocessor/modules/inbounds/resource-api/pom.xml index 4eceb43a5..0f763faf5 100644 --- a/ms/blueprintsprocessor/modules/inbounds/resource-api/pom.xml +++ b/ms/blueprintsprocessor/modules/inbounds/resource-api/pom.xml @@ -34,6 +34,7 @@ org.springframework.security spring-security-core + 6.3.0 org.onap.ccsdk.cds.blueprintsprocessor.modules diff --git a/ms/blueprintsprocessor/modules/inbounds/selfservice-api/pom.xml b/ms/blueprintsprocessor/modules/inbounds/selfservice-api/pom.xml index 2fa80ef9a..ddc3e19cf 100755 --- a/ms/blueprintsprocessor/modules/inbounds/selfservice-api/pom.xml +++ b/ms/blueprintsprocessor/modules/inbounds/selfservice-api/pom.xml @@ -63,6 +63,7 @@ org.springframework.kafka spring-kafka + 2.9.13 org.slf4j @@ -70,6 +71,21 @@ + + org.bitbucket.b_c + jose4j + 0.9.4 + + + org.apache.zookeeper + zookeeper + 3.9.2 + + + org.scala-lang + scala-library + 2.13.9 + org.springframework.kafka spring-kafka-test diff --git a/ms/blueprintsprocessor/modules/inbounds/workflow-api/pom.xml b/ms/blueprintsprocessor/modules/inbounds/workflow-api/pom.xml index 5ca29b78c..b956ff9f6 100644 --- a/ms/blueprintsprocessor/modules/inbounds/workflow-api/pom.xml +++ b/ms/blueprintsprocessor/modules/inbounds/workflow-api/pom.xml @@ -34,6 +34,7 @@ org.springframework.security spring-security-core + 6.3.0 org.onap.ccsdk.cds.blueprintsprocessor.modules diff --git a/ms/blueprintsprocessor/parent/pom.xml b/ms/blueprintsprocessor/parent/pom.xml index 3d13447eb..1c0ba32ff 100755 --- a/ms/blueprintsprocessor/parent/pom.xml +++ b/ms/blueprintsprocessor/parent/pom.xml @@ -55,7 +55,7 @@ 2.4.9 2.8.0 - 1.21 + 1.24.0 4.4 @@ -220,6 +220,12 @@ ${hazelcast.version} + + org.springframework.security + spring-security-core + 6.3.0 + + org.apache.sshd @@ -240,7 +246,7 @@ org.apache.kafka kafka-clients - ${kafka.version} + 3.8.0 org.apache.kafka diff --git a/ms/pom.xml b/ms/pom.xml index d13a2931b..d99558b62 100644 --- a/ms/pom.xml +++ b/ms/pom.xml @@ -39,6 +39,19 @@ sdclistener + + + org.apache.commons + commons-text + 1.10.0 + + + org.springframework.kafka + spring-kafka + 2.9.13 + + + diff --git a/ms/sdclistener/application/pom.xml b/ms/sdclistener/application/pom.xml index 54a9e959e..7cc3b6e63 100644 --- a/ms/sdclistener/application/pom.xml +++ b/ms/sdclistener/application/pom.xml @@ -128,6 +128,7 @@ ch.qos.logback logback-classic + 1.2.13 com.github.stefanbirkner diff --git a/ms/sdclistener/parent/pom.xml b/ms/sdclistener/parent/pom.xml index e3182923a..a1a0335d9 100755 --- a/ms/sdclistener/parent/pom.xml +++ b/ms/sdclistener/parent/pom.xml @@ -76,9 +76,14 @@ org.apache.commons commons-compress - 1.21 + 1.24.0 - + + org.springframework.security + spring-security-core + 6.3.0 + + com.google.guava guava ${guava.version} @@ -165,7 +170,27 @@ org.apache.kafka kafka-clients - ${kafka.version} + 3.8.0 + + + org.json + json + 20231013 + + + org.springframework.kafka + spring-kafka + 2.9.13 + + + org.apache.commons + commons-text + 1.10.0 + + + org.jetbrains.kotlin + kotlin-compiler-embeddable + 1.7.0 diff --git a/pom.xml b/pom.xml index d63614c26..d30c8e22a 100644 --- a/pom.xml +++ b/pom.xml @@ -22,8 +22,8 @@ limitations under the License. org.onap.ccsdk.parent - spring-boot-27-starter-parent - 2.8.0 + spring-boot-27-jdk-17-starter-parent + 2.8.0-SNAPSHOT @@ -56,13 +56,13 @@ limitations under the License. **/*.java,**/*.kt ${project.reporting.outputDirectory}/jacoco-ut/jacoco.xml - 0.8.7 + 0.8.12 false true - 11 + 17 3.0.0-M5 3.0.0-M5 @@ -78,19 +78,53 @@ limitations under the License. ${project.version} 1.7.0 - 1.6.21 - 1.6.4 + 1.7.0 + 1.7.0 1.11.0 - 4.5.13 + 4.5.14 1.29.0 - 2.0.50.Final - 3.10.0 - 3.16.3 - 1.12.8 + 2.0.66.Final + 3.21.7 + 3.21.7 + 1.13.12 + + + ch.qos.logback + logback-classic + 1.2.13 + + + com.squareup.okio + okio + 3.4.0 + + + org.yaml + snakeyaml + 2.0 + + + org.xerial.snappy + snappy-java + 1.1.10.4 + + + org.apache.kafka + kafka-clients + 3.8.0 + + + org.jsoup + jsoup + 1.15.3 + + + + -- 2.16.6