From: tang peng Date: Fri, 14 Aug 2020 02:50:12 +0000 (+0000) Subject: Merge "Tried to Fix Some Vulnerability Issues" X-Git-Tag: 1.2.8~8 X-Git-Url: https://gerrit.onap.org/r/gitweb?p=holmes%2Frule-management.git;a=commitdiff_plain;h=c9741cd13332a64a2aec32b72bd81f90c456107d;hp=a041fdb31505fc086e9416126e43f03e7cd50442 Merge "Tried to Fix Some Vulnerability Issues" --- diff --git a/pom.xml b/pom.xml index 07b5f60..cb7bf34 100644 --- a/pom.xml +++ b/pom.xml @@ -14,7 +14,8 @@ ~ See the License for the specific language governing permissions and ~ limitations under the License. --> - + 4.0.0 org.onap.oparent @@ -45,8 +46,8 @@ ${project.artifactId}-${project.version} 2.0.7 - 2.0.9 - 2.30.1 + 2.0.10 + 2.31 0.8.5 1.7.25 @@ -59,6 +60,18 @@ + + + + org.glassfish.jersey + jersey-bom + ${jersey.version} + pom + import + + + + ch.qos.logback @@ -90,6 +103,10 @@ org.eclipse.jetty jetty-server + + org.checkerframework + checker-qual + @@ -100,7 +117,7 @@ org.onap.holmes.common holmes-actions - 1.2.13 + 1.3.0 org.glassfish.jersey.containers @@ -155,7 +172,7 @@ org.postgresql postgresql - 42.2.5 + 42.2.13 junit @@ -183,7 +200,7 @@ io.swagger swagger-jersey2-jaxrs - 1.5.3 + 1.6.1 com.fasterxml.jackson.core @@ -205,6 +222,14 @@ org.glassfish.jersey.containers jersey-container-servlet-core + + com.fasterxml.jackson.jaxrs + jackson-jaxrs-json-provider + + + com.fasterxml.jackson.jaxrs + jackson-datatype-joda + provided @@ -295,7 +320,6 @@ org.glassfish.jersey.core jersey-server - ${jersey.version} javax.validation @@ -306,17 +330,56 @@ org.glassfish.jersey.core jersey-client - ${jersey.version} org.glassfish.jersey.core jersey-common - ${jersey.version} + + + javax.annotation + javax.annotation-api + 1.3.2 + + + javax.xml.bind + jaxb-api + 2.4.0-b180725.0427 + + + org.glassfish.jaxb + jaxb-runtime + 2.4.0-b180725.0644 + + org.apache.maven.plugins + maven-compiler-plugin + 3.8.0 + + 11 + + + + + + + + + + + + + + + + + + + + org.jacoco jacoco-maven-plugin diff --git a/rulemgt-standalone/src/main/assembly/bin/run.sh b/rulemgt-standalone/src/main/assembly/bin/run.sh index fbc7e21..85e7fcc 100644 --- a/rulemgt-standalone/src/main/assembly/bin/run.sh +++ b/rulemgt-standalone/src/main/assembly/bin/run.sh @@ -25,7 +25,7 @@ JAVA="$JAVA_HOME/bin/java" echo @JAVA@ $JAVA main_path=$RUNHOME/.. cd $main_path -JAVA_OPTS="-Xms50m -Xmx128m" +JAVA_OPTS="-Xms256m -Xmx1g" port=9201 #JAVA_OPTS="$JAVA_OPTS -Xdebug -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,address=*:$port,server=y,suspend=n" echo @JAVA_OPTS@ $JAVA_OPTS diff --git a/rulemgt-standalone/src/main/assembly/conf/rulemgt.yml b/rulemgt-standalone/src/main/assembly/conf/rulemgt.yml index 26a94e8..ca857a1 100644 --- a/rulemgt-standalone/src/main/assembly/conf/rulemgt.yml +++ b/rulemgt-standalone/src/main/assembly/conf/rulemgt.yml @@ -15,7 +15,7 @@ server: connector: type: https port: 9101 - keyStorePath: /home/holmes/conf/holmes.keystore + keyStorePath: /opt/onap/conf/holmes.keystore keyStorePassword: holmes validateCerts: false validatePeers: false diff --git a/rulemgt/src/main/java/org/onap/holmes/rulemgt/RuleActiveApp.java b/rulemgt/src/main/java/org/onap/holmes/rulemgt/RuleActiveApp.java index 21855f8..c839b5a 100644 --- a/rulemgt/src/main/java/org/onap/holmes/rulemgt/RuleActiveApp.java +++ b/rulemgt/src/main/java/org/onap/holmes/rulemgt/RuleActiveApp.java @@ -51,7 +51,6 @@ public class RuleActiveApp extends IOCApplication { public void run(RuleAppConfig configuration, Environment environment) throws Exception { super.run(configuration, environment); - environment.jersey().register(new RuleMgtResources()); try { new MSBRegisterUtil().register2Msb(createMicroServiceInfo()); } catch (CorrelationException e) { diff --git a/rulemgt/src/main/java/org/onap/holmes/rulemgt/msb/MsbQuery.java b/rulemgt/src/main/java/org/onap/holmes/rulemgt/msb/MsbQuery.java index 51ed0f2..df0783d 100644 --- a/rulemgt/src/main/java/org/onap/holmes/rulemgt/msb/MsbQuery.java +++ b/rulemgt/src/main/java/org/onap/holmes/rulemgt/msb/MsbQuery.java @@ -1,5 +1,5 @@ /** - * Copyright 2017 ZTE Corporation. + * Copyright 2017-2020 ZTE Corporation. *

* Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,73 +15,55 @@ */ package org.onap.holmes.rulemgt.msb; -import lombok.extern.slf4j.Slf4j; -import org.glassfish.hk2.api.ServiceLocator; import org.onap.holmes.common.dropwizard.ioc.utils.ServiceLocatorHolder; -import org.onap.holmes.rulemgt.send.RuleAllocator; import org.onap.holmes.rulemgt.send.Ip4AddingRule; -import org.onap.holmes.rulemgt.wrapper.RuleMgtWrapper; +import org.onap.holmes.rulemgt.send.RuleAllocator; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import java.util.List; import java.util.Timer; import java.util.TimerTask; +import static java.util.concurrent.TimeUnit.SECONDS; -@Slf4j public class MsbQuery { - private RuleAllocator ruleAllocator; - + static final private Logger log = LoggerFactory.getLogger(MsbQuery.class); + final private RuleAllocator ruleAllocator; private Ip4AddingRule ip4AddingRule; - private EngineInsQueryTool engineInsQueryTool; - private RuleMgtWrapper ruleMgtWrapper; - - private List timerIpList; - public MsbQuery() { ruleAllocator = new RuleAllocator(); - - ServiceLocator locator = ServiceLocatorHolder.getLocator(); - ip4AddingRule = locator.getService(Ip4AddingRule.class); - engineInsQueryTool = locator.getService(EngineInsQueryTool.class); - ruleMgtWrapper = locator.getService(RuleMgtWrapper.class); + ip4AddingRule = ServiceLocatorHolder.getLocator().getService(Ip4AddingRule.class); + engineInsQueryTool = ServiceLocatorHolder.getLocator().getService(EngineInsQueryTool.class); } public void startTimer() { try { - timer(); + new Timer().schedule(new TimerTask() { + + public void run() { + try { + List timerIpList = engineInsQueryTool.getInstanceList(); + log.info(String.format("There are %d engine instance(s) running currently.", timerIpList.size())); + + ip4AddingRule.setIpList(timerIpList); + ruleAllocator.allocateRules(timerIpList); + } catch (Exception e) { + log.error("The timing query engine instance failed ", e); + } + } + + }, SECONDS.toMillis(10), SECONDS.toMillis(30)); } catch (Exception e) { log.error("MSBQuery startTimer timer task failed !" + e.getMessage(), e); try { - Thread.sleep(30000); + SECONDS.sleep(30); } catch (InterruptedException e1) { Thread.currentThread().interrupt(); } } - - - } - - public void timer() throws Exception { - Timer timer = new Timer(); - timer.schedule(new TimerTask() { - - public void run() { - try { - timerIpList = engineInsQueryTool.getInstanceList(); - log.info(String.format("There are %d engine instance(s) running currently.", timerIpList.size())); - - ip4AddingRule.setIpList(timerIpList); - ruleAllocator.allocateRules(timerIpList); - } catch (Exception e) { - log.error("The timing query engine instance failed ", e); - } - } - - }, 10000, 30000); - } - } diff --git a/rulemgt/src/main/java/org/onap/holmes/rulemgt/resources/RuleMgtResources.java b/rulemgt/src/main/java/org/onap/holmes/rulemgt/resources/RuleMgtResources.java index 8e5b7a0..445c2f9 100644 --- a/rulemgt/src/main/java/org/onap/holmes/rulemgt/resources/RuleMgtResources.java +++ b/rulemgt/src/main/java/org/onap/holmes/rulemgt/resources/RuleMgtResources.java @@ -1,5 +1,5 @@ /** - * Copyright 2017 ZTE Corporation. + * Copyright 2017-2020 ZTE Corporation. * * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except * in compliance with the License. You may obtain a copy of the License at @@ -18,19 +18,6 @@ import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.SwaggerDefinition; -import java.util.Locale; -import javax.inject.Inject; -import javax.servlet.http.HttpServletRequest; -import javax.ws.rs.DELETE; -import javax.ws.rs.GET; -import javax.ws.rs.POST; -import javax.ws.rs.PUT; -import javax.ws.rs.Path; -import javax.ws.rs.PathParam; -import javax.ws.rs.Produces; -import javax.ws.rs.QueryParam; -import javax.ws.rs.core.Context; -import javax.ws.rs.core.MediaType; import lombok.extern.slf4j.Slf4j; import org.jvnet.hk2.annotations.Service; import org.onap.holmes.common.exception.CorrelationException; @@ -47,6 +34,13 @@ import org.onap.holmes.rulemgt.bean.response.RuleQueryListResponse; import org.onap.holmes.rulemgt.constant.RuleMgtConstant; import org.onap.holmes.rulemgt.wrapper.RuleMgtWrapper; +import javax.inject.Inject; +import javax.servlet.http.HttpServletRequest; +import javax.ws.rs.*; +import javax.ws.rs.core.Context; +import javax.ws.rs.core.MediaType; +import java.util.Locale; + @Service @SwaggerDefinition @Path("/rule") diff --git a/rulemgt/src/test/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineServiceTest.java b/rulemgt/src/test/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineServiceTest.java index 82e51a5..91be5d3 100644 --- a/rulemgt/src/test/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineServiceTest.java +++ b/rulemgt/src/test/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineServiceTest.java @@ -1,12 +1,12 @@ /** * Copyright 2017 ZTE Corporation. - * + *

* Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * + *

+ * http://www.apache.org/licenses/LICENSE-2.0 + *

* Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -18,10 +18,6 @@ package org.onap.holmes.rulemgt.bolt.enginebolt; -import static org.hamcrest.MatcherAssert.assertThat; -import static org.hamcrest.Matchers.equalTo; - -import java.util.HashMap; import org.apache.http.HttpResponse; import org.apache.http.client.methods.CloseableHttpResponse; import org.apache.http.impl.client.CloseableHttpClient; @@ -30,22 +26,28 @@ import org.junit.Before; import org.junit.Rule; import org.junit.Test; import org.junit.rules.ExpectedException; +import org.junit.runner.RunWith; import org.onap.holmes.common.utils.HttpsUtils; import org.onap.holmes.rulemgt.bean.request.CorrelationDeployRule4Engine; import org.powermock.api.easymock.PowerMock; import org.powermock.core.classloader.annotations.PowerMockIgnore; import org.powermock.core.classloader.annotations.PrepareForTest; +import org.powermock.modules.junit4.PowerMockRunner; import org.powermock.modules.junit4.rule.PowerMockRule; import org.powermock.reflect.Whitebox; +import java.util.HashMap; + +import static org.hamcrest.MatcherAssert.assertThat; +import static org.hamcrest.Matchers.equalTo; + @PrepareForTest({HttpClients.class, CloseableHttpClient.class, HttpsUtils.class}) @PowerMockIgnore("javax.net.ssl.*") +@RunWith(PowerMockRunner.class) public class EngineServiceTest { @Rule public ExpectedException thrown = ExpectedException.none(); - @Rule - public PowerMockRule powerMockRule = new PowerMockRule(); private EngineService engineService; private HttpResponse httpResponseMock; private CloseableHttpClient closeableHttpClient; diff --git a/rulemgt/src/test/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineWrapperTest.java b/rulemgt/src/test/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineWrapperTest.java index 0664db7..0dd2fbd 100644 --- a/rulemgt/src/test/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineWrapperTest.java +++ b/rulemgt/src/test/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineWrapperTest.java @@ -17,9 +17,6 @@ package org.onap.holmes.rulemgt.bolt.enginebolt; -import static org.hamcrest.MatcherAssert.assertThat; -import static org.hamcrest.Matchers.equalTo; - import org.apache.http.HttpResponse; import org.apache.http.StatusLine; import org.easymock.EasyMock; @@ -28,16 +25,18 @@ import org.junit.Rule; import org.junit.Test; import org.junit.rules.ExpectedException; import org.junit.runner.RunWith; +import org.onap.holmes.common.exception.CorrelationException; import org.onap.holmes.common.utils.HttpsUtils; import org.onap.holmes.rulemgt.bean.request.CorrelationCheckRule4Engine; import org.onap.holmes.rulemgt.bean.request.CorrelationDeployRule4Engine; -import org.onap.holmes.common.exception.CorrelationException; import org.powermock.api.easymock.PowerMock; -import org.powermock.api.mockito.PowerMockito; import org.powermock.core.classloader.annotations.PrepareForTest; import org.powermock.modules.junit4.PowerMockRunner; import org.powermock.reflect.Whitebox; +import static org.hamcrest.MatcherAssert.assertThat; +import static org.hamcrest.Matchers.equalTo; + @PrepareForTest({EngineWrapper.class, EngineService.class, HttpsUtils.class, HttpResponse.class, StatusLine.class}) @RunWith(PowerMockRunner.class) @@ -97,7 +96,7 @@ public class EngineWrapperTest { public void deployEngine_parse_content_exception() throws Exception { PowerMock.resetAll(); String content = ""; - PowerMockito.mockStatic(HttpsUtils.class); + PowerMock.mockStatic(HttpsUtils.class); thrown.expect(CorrelationException.class); thrown.expectMessage( "Failed to parse the value returned by the engine management service."); @@ -107,7 +106,7 @@ public class EngineWrapperTest { .andReturn(httpResponse); EasyMock.expect(httpResponse.getStatusLine()).andReturn(statusLineMock); EasyMock.expect(statusLineMock.getStatusCode()).andReturn(200); - PowerMockito.when(HttpsUtils.extractResponseEntity(httpResponse)).thenReturn(content); + EasyMock.expect(HttpsUtils.extractResponseEntity(httpResponse)).andReturn(content); PowerMock.replayAll(); engineWrapper.deployEngine(new CorrelationDeployRule4Engine(),"10.96.33.34"); @@ -119,14 +118,14 @@ public class EngineWrapperTest { public void deployEngine_success() throws Exception { PowerMock.resetAll(); String content = "{\"packageName\":\"test\"}"; - PowerMockito.mockStatic(HttpsUtils.class); + PowerMock.mockStatic(HttpsUtils.class); EasyMock.expect( engineServiceMock.deploy(EasyMock.anyObject(CorrelationDeployRule4Engine.class), EasyMock.anyObject(String.class))) .andReturn(httpResponse); EasyMock.expect(httpResponse.getStatusLine()).andReturn(statusLineMock); EasyMock.expect(statusLineMock.getStatusCode()).andReturn(200); - PowerMockito.when(HttpsUtils.extractResponseEntity(httpResponse)).thenReturn(content); + EasyMock.expect(HttpsUtils.extractResponseEntity(httpResponse)).andReturn(content); PowerMock.replayAll(); String result = engineWrapper.deployEngine(new CorrelationDeployRule4Engine(),"10.96.33.34"); diff --git a/rulemgt/src/test/java/org/onap/holmes/rulemgt/wrapper/RuleMgtWrapperTest.java b/rulemgt/src/test/java/org/onap/holmes/rulemgt/wrapper/RuleMgtWrapperTest.java index 90384ce..7033aff 100644 --- a/rulemgt/src/test/java/org/onap/holmes/rulemgt/wrapper/RuleMgtWrapperTest.java +++ b/rulemgt/src/test/java/org/onap/holmes/rulemgt/wrapper/RuleMgtWrapperTest.java @@ -22,6 +22,7 @@ import org.junit.Before; import org.junit.Rule; import org.junit.Test; import org.junit.rules.ExpectedException; +import org.junit.runner.RunWith; import org.onap.holmes.common.api.entity.CorrelationRule; import org.onap.holmes.common.exception.CorrelationException; import org.onap.holmes.common.utils.DbDaoUtil; @@ -33,7 +34,7 @@ import org.onap.holmes.rulemgt.db.CorrelationRuleDao; import org.onap.holmes.rulemgt.db.CorrelationRuleQueryDao; import org.onap.holmes.rulemgt.send.Ip4AddingRule; import org.powermock.api.easymock.PowerMock; -import org.powermock.modules.junit4.rule.PowerMockRule; +import org.powermock.modules.junit4.PowerMockRunner; import org.powermock.reflect.Whitebox; import java.util.ArrayList; @@ -44,12 +45,11 @@ import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.equalTo; import static org.hamcrest.Matchers.is; +@RunWith(PowerMockRunner.class) public class RuleMgtWrapperTest { @Rule public ExpectedException thrown = ExpectedException.none(); - @Rule - public PowerMockRule powerMockRule = new PowerMockRule(); private RuleMgtWrapper ruleMgtWrapper;