From 0afd0dd2f1fa4435fa730a287e68fec4f271e617 Mon Sep 17 00:00:00 2001 From: Sunil Unnava Date: Tue, 27 Feb 2018 03:39:09 -0500 Subject: [PATCH] Security issues fixes Issue-ID: DMAAP-205 Change-Id: I26dd72a7c1d0c366974983b263cc2d44b4c5cafa Signed-off-by: Sunil Unnava --- pom.xml | 516 +++++++++++++++++++++++++++++------------------------ version.properties | 2 +- 2 files changed, 283 insertions(+), 235 deletions(-) diff --git a/pom.xml b/pom.xml index c79d947..e5fbc61 100644 --- a/pom.xml +++ b/pom.xml @@ -1,241 +1,289 @@ - - 4.0.0 - org.onap.dmaap.dbcapi - dbcapi - ${artifact.version} - dmaap-dbcapi - - org.onap.oparent - oparent - 0.1.1 - - - - dbcapi - - - src/main/java/org/onap/dmaap/dbcapi/logging - - - src/main/resources - - - - - - com.github.kongchen - swagger-maven-plugin - 3.1.5 - - - - false - - org.onap.dmaap.dbcapi.resources - - - http - https - - www.[host]:[port] - /webapi - - DMaaP Bus Controller REST API - 1.1.0 - -provides an API for OpenDCAE components which need to provision underlying DMaaP technologies (Data Router and Message Router). Primary clients for this API are anticipated to be the OpenDCAE Controller, OpenDCAE Orchestrator, OpenDCAE Inventory and the ECOMP Portal. + + 4.0.0 + org.onap.dmaap.dbcapi + dbcapi + ${artifact.version} + dmaap-dbcapi + + org.onap.oparent + oparent + 0.1.1 + + + + dbcapi + + + src/main/java/org/onap/dmaap/dbcapi/logging + + + src/main/resources + + + + + + com.github.kongchen + swagger-maven-plugin + 3.1.5 + + + + false + + org.onap.dmaap.dbcapi.resources + + + http + https + + www.[host]:[port] + /webapi + + DMaaP Bus Controller REST API + 1.1.0 + + provides an API for OpenDCAE components which need to provision + underlying DMaaP technologies (Data Router and Message Router). + Primary clients for this API are anticipated to be the OpenDCAE + Controller, OpenDCAE Orchestrator, OpenDCAE Inventory and the + ECOMP Portal. -Objects managed by DMaaP are deployed in a dcaeLocation which is a unique identifier for an OpenStack tenant for a dcaeLayer, opendcae-central (aka ecomp) or opendcae-local-ntc (aka edge). + Objects managed by DMaaP are deployed in a dcaeLocation which is a + unique identifier for an OpenStack tenant for a dcaeLayer, + opendcae-central (aka ecomp) or opendcae-local-ntc (aka edge). -A dcaeEnvironment (e.g. FTL or prod) has a single DMaaP. A DMaaP is managed by a one or more stateless DMaaP Bus Controller(s), though Bus Controller relies on PGaaS for persistence. Each DMaaP has a single instance of Data Router, which has 1 or more DR_Nodes deployed at each dcaeLocation. DR Clients of type DR_Pub generally publish to a DR_Node that is local to its dcaeLocation. Routing for a Feed is determined by the dcaelocation of its DR_Sub clients. + A dcaeEnvironment (e.g. FTL or prod) has a single DMaaP. A + DMaaP is managed by a one or more stateless DMaaP Bus + Controller(s), though Bus Controller relies on PGaaS for + persistence. Each DMaaP has a single instance of Data Router, + which has 1 or more DR_Nodes deployed at each dcaeLocation. DR + Clients of type DR_Pub generally publish to a DR_Node that is + local to its dcaeLocation. Routing for a Feed is determined by + the dcaelocation of its DR_Sub clients. -A DMaaP may have many Message Router instances. Each instance is deployed as an MR_Cluster. One MR_Cluster is deployed at each dcaeLocation. MR_Clients generally communicate to the MR_Cluster at the same dcaeLocation. Replication of messages between MR_Clusters is accomplished by MR Bridge, which is provioned by DMaaP Bus Controller based on Topic attributes. + A DMaaP may have many Message Router instances. Each instance is + deployed as an MR_Cluster. One MR_Cluster is deployed at each + dcaeLocation. MR_Clients generally communicate to the + MR_Cluster at the same dcaeLocation. Replication of messages + between MR_Clusters is accomplished by MR Bridge, which is + provioned by DMaaP Bus Controller based on Topic attributes. -Therefore, the role of DMaaP Bus Controller is to support other DCAE infrastructure components to dynamically provision DMaaP services on behalf of DMaaP clients, and to assist in any management or discovery activity of its clients. + Therefore, the role of DMaaP Bus Controller is to support other + DCAE infrastructure components to dynamically provision DMaaP + services on behalf of DMaaP clients, and to assist in any + management or discovery activity of its clients. -A convention of this API is to return JSON responses per OpenStack style. - - - http://www.apache.org/licenses/LICENSE-2.0 - - - http://www.onap.org - - - http://www.apache.org/licenses/LICENSE-2.0 - Licensed under the Apache License, Version 2.0 - - - target/generated-sources/ - - - - - - compile - - generate - - - - - - - - - - - org.eclipse.m2e - lifecycle-mapping - 1.0.0 - - - - - - org.apache.maven.plugins - maven-dependency-plugin - [2.10,) - - copy-dependencies - - - - - - - - - - - - - - - - - - org.glassfish.jersey - jersey-bom - ${jersey.version} - pom - import - - - - - - io.swagger - swagger-core - 1.5.13 - - - io.swagger - swagger-jersey2-jaxrs - 1.5.13 - - - io.swagger - swagger-annotations - 1.5.13 - - - org.glassfish.jersey.containers - jersey-container-servlet-core - - - - - org.glassfish.jersey.media - jersey-media-moxy - - - log4j - log4j - 1.2.17 - - - org.eclipse.jetty - jetty-server - ${jettyVersion} - - - org.eclipse.jetty - jetty-servlet - ${jettyVersion} - compile - - - org.eclipse.jetty - jetty-servlets - ${jettyVersion} - compile - - - - com.googlecode.json-simple - json-simple - 1.1.1 - - - commons-codec - commons-codec - 1.6 - - - - org.postgresql - postgresql - 9.4.1208.jre7 - - - com.att.eelf - eelf-core - ${eelf.version} - - - org.slf4j - slf4j-api - 1.7.22 - - - - - - org.apache.maven.plugins - maven-javadoc-plugin - 2.10.4 - - false - org.umlgraph.doclet.UmlGraphDoc - - org.umlgraph - umlgraph - 5.6 - - -views - true - - - - - - 2.16 - UTF-8 - 9.3.7.v20160115 - 0.0.1 - 1.0.1-SNAPSHOT - - 0.7.7.201606060606 - 3.2 - jacoco - - target/code-coverage/jacoco-ut.exec - target/code-coverage/jacoco-it.exec - - **/gen/**,**/generated-sources/**,**/yang-gen**,**/pax/** - - Data Movement as a Platform (DMaaP) Bus Controller provides a REST API for other DCAE infrastructure components to provision DMaaP resources. A DMaaP resource is a Data Router Feed or a Message Router Topic, and their associated publishers and subscribers. + A convention of this API is to return JSON responses per + OpenStack style. + + + http://www.apache.org/licenses/LICENSE-2.0 + + + http://www.onap.org + + + http://www.apache.org/licenses/LICENSE-2.0 + Licensed under the Apache License, Version 2.0 + + + target/generated-sources/ + + + + + + compile + + generate + + + + + + + + + + + org.eclipse.m2e + lifecycle-mapping + 1.0.0 + + + + + + org.apache.maven.plugins + maven-dependency-plugin + [2.10,) + + copy-dependencies + + + + + + + + + + + + + + + + + org.glassfish.jersey + jersey-bom + ${jersey.version} + pom + import + + + + + + com.fasterxml.jackson.core + jackson-annotations + 2.8.9 + + + com.fasterxml.jackson.core + jackson-databind + 2.8.9 + + + com.fasterxml.jackson.dataformat + jackson-dataformat-yaml + 2.8.9 + + + ch.qos.logback + logback-core + 1.2.0 + + + ch.qos.logback + logback-classic + 1.2.0 + + + io.swagger + swagger-core + 1.5.13 + + + io.swagger + swagger-jersey2-jaxrs + 1.5.13 + + + io.swagger + swagger-annotations + 1.5.13 + + + org.glassfish.jersey.containers + jersey-container-servlet-core + + + + + org.glassfish.jersey.media + jersey-media-moxy + + + log4j + log4j + 1.2.17 + + + org.eclipse.jetty + jetty-server + ${jettyVersion} + + + org.eclipse.jetty + jetty-servlet + ${jettyVersion} + compile + + + org.eclipse.jetty + jetty-servlets + ${jettyVersion} + compile + + + + com.googlecode.json-simple + json-simple + 1.1.1 + + + commons-codec + commons-codec + 1.6 + + + + org.postgresql + postgresql + 9.4.1208.jre7 + + + com.att.eelf + eelf-core + ${eelf.version} + + + org.slf4j + slf4j-api + 1.7.22 + + + + + + org.apache.maven.plugins + maven-javadoc-plugin + 2.10.4 + + false + org.umlgraph.doclet.UmlGraphDoc + + org.umlgraph + umlgraph + 5.6 + + -views + true + + + + + + 2.16 + UTF-8 + 9.3.9.v20160517 + 0.0.1 + 1.0.2-SNAPSHOT + + 0.7.7.201606060606 + 3.2 + jacoco + + target/code-coverage/jacoco-ut.exec + target/code-coverage/jacoco-it.exec + + **/gen/**,**/generated-sources/**,**/yang-gen**,**/pax/** + + Data Movement as a Platform (DMaaP) Bus Controller provides a REST API for other DCAE infrastructure components to provision DMaaP resources. A DMaaP resource is a Data Router Feed or a Message Router Topic, and their associated publishers and subscribers. diff --git a/version.properties b/version.properties index 71c1fed..f94c740 100644 --- a/version.properties +++ b/version.properties @@ -27,7 +27,7 @@ major=1 minor=0 -patch=1 +patch=2 base_version=${major}.${minor}.${patch} # Release must be completed with git revision # in Jenkins -- 2.16.6