diff --git a/.github/workflows/dockerhub-release.yaml b/.github/workflows/dockerhub-release.yaml index f874986a..1cf4d057 100644 --- a/.github/workflows/dockerhub-release.yaml +++ b/.github/workflows/dockerhub-release.yaml @@ -17,7 +17,7 @@ jobs: name: Retag and push image runs-on: ubuntu-latest environment: rc - if: github.event.pull_request.base.ref == 'master' || github.event.pull_request.base.ref == 'main' + if: github.event.review.state == 'approved' && (github.event.pull_request.base.ref == 'master' || github.event.pull_request.base.ref == 'main') steps: - name: Checkout uses: actions/checkout@v3 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 8cfaa291..915170cd 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -11,7 +11,7 @@ on: env: GH_USER_NAME: github.actor - RELEASE_VERSION: 5.11.1 + RELEASE_VERSION: 5.11.3 jobs: release: diff --git a/Dockerfile b/Dockerfile index 6c79cec7..630ae6d3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM --platform=$BUILDPLATFORM gradle:6.8.3-jdk11 AS build +FROM --platform=$BUILDPLATFORM gradle:8.10.0-jdk11-alpine AS build ARG RELEASE_MODE ARG APP_VERSION WORKDIR /usr/app @@ -10,13 +10,13 @@ RUN if [ "${RELEASE_MODE}" = true ]; then \ else gradle build --no-build-cache --exclude-task test -Dorg.gradle.project.version=${APP_VERSION}; fi # For ARM build use flag: `--platform linux/arm64` -FROM --platform=$BUILDPLATFORM amazoncorretto:11.0.20 -LABEL version=${APP_VERSION} description="EPAM ReportPortal. Auth Service" maintainer="Andrei Varabyeu , Hleb Kanonik " +FROM --platform=$BUILDPLATFORM amazoncorretto:11.0.24 ARG APP_VERSION=${APP_VERSION} +LABEL version=${APP_VERSION} description="EPAM ReportPortal. Auth Service" maintainer="Andrei Varabyeu , Hleb Kanonik " ENV APP_DIR=/usr/app ENV JAVA_OPTS="-Xmx1g -XX:+UseG1GC -XX:InitiatingHeapOccupancyPercent=70 -Djava.security.egd=file:/dev/./urandom" WORKDIR $APP_DIR COPY --from=build $APP_DIR/build/libs/service-authorization-*exec.jar . VOLUME ["/tmp"] EXPOSE 8080 -ENTRYPOINT exec java ${JAVA_OPTS} -jar ${APP_DIR}/service-authorization-*exec.jar +ENTRYPOINT ["sh", "-c", "java ${JAVA_OPTS} -jar ${APP_DIR}/service-authorization-*exec.jar"] diff --git a/build.gradle b/build.gradle index 5d21d78d..35cb098f 100644 --- a/build.gradle +++ b/build.gradle @@ -6,7 +6,7 @@ plugins { } apply from: 'project-properties.gradle' -apply from: "$scriptsUrl/build-docker.gradle" +//apply from: "$scriptsUrl/build-docker.gradle" apply from: "$scriptsUrl/build-info.gradle" apply from: "$scriptsUrl/build-commons.gradle" //apply from: "$scriptsUrl/build-quality.gradle" @@ -15,12 +15,12 @@ apply from: "$scriptsUrl/signing.gradle" repositories { mavenCentral { url "https://repo1.maven.org/maven2" } - if (!releaseMode) { maven { url 'https://jitpack.io' } } } +ext['spring-boot.version'] = '2.5.15' //https://nvd.nist.gov/vuln/detail/CVE-2020-10683 (dom4j 2.1.3 version dependency) AND https://nvd.nist.gov/vuln/detail/CVE-2019-14900 ext['hibernate.version'] = '5.4.18.Final' //https://nvd.nist.gov/vuln/detail/CVE-2020-10693 @@ -52,12 +52,10 @@ dependencies { implementation 'org.apache.tomcat.embed:tomcat-embed-core:9.0.86' implementation 'org.apache.tomcat.embed:tomcat-embed-el:9.0.86' implementation 'org.apache.tomcat.embed:tomcat-embed-websocket:9.0.86' - //Fix CVE-2020-15522 - implementation 'org.bouncycastle:bcprov-jdk15on:1.69' //Fix CVE-2015-7501, CVE-2015-4852 implementation 'org.apache.commons:commons-collections4:4.4' //Fix CVE-2018-10237 - implementation 'com.google.guava:guava:31.1-jre' + implementation 'com.google.guava:guava:33.3.0-jre' //Fix CVE-2020-13956 implementation 'org.apache.httpcomponents:httpclient:4.5.14' //Fix CVE-2022-40152 @@ -70,26 +68,27 @@ dependencies { //Fix CVE-2023-34050 implementation 'org.springframework.amqp:spring-amqp:2.4.17' //Fix CVE-2023-40827, CVE-2023-40828, CVE-2023-40826 - implementation 'org.springframework:spring-webmvc:5.3.33' - implementation 'org.springframework:spring-web:5.3.33' + implementation 'org.springframework:spring-webmvc:5.3.39' + implementation 'org.springframework:spring-web:5.3.39' ///// Security //https://nvd.nist.gov/vuln/detail/CVE-2020-5407 AND https://nvd.nist.gov/vuln/detail/CVE-2020-5408 - implementation 'org.springframework.security:spring-security-core:5.8.5' - implementation 'org.springframework.security:spring-security-config:5.8.5' - implementation 'org.springframework.security:spring-security-web:5.8.5' - // - + implementation 'org.springframework.security:spring-security-core:5.8.14' + implementation 'org.springframework.security:spring-security-config:5.8.14' + implementation 'org.springframework.security:spring-security-web:5.8.14' implementation 'org.springframework.security:spring-security-oauth2-client' //Fix CVE-2023-1370 implementation 'net.minidev:json-smart:2.4.10' //Fix CVE-2022-22969 implementation 'org.springframework.security.oauth:spring-security-oauth2:2.5.2.RELEASE' - implementation 'org.springframework.security:spring-security-jwt:1.0.11.RELEASE' + implementation 'org.springframework.security:spring-security-jwt:1.1.1.RELEASE' + //Fix CVE-2020-15522 in org.springframework.security:spring-security-jwt:1.1.1.RELEASE + implementation 'org.bouncycastle:bcprov-jdk15on:1.70' implementation 'org.springframework.security:spring-security-ldap' // TODO: consider migration to spring-security-saml2-service-provider implementation 'org.springframework.security.extensions:spring-security-saml2-core:2.0.0.M31' -// Temporary fix of https://nvd.nist.gov/vuln/detail/CVE-2019-12400 + implementation 'commons-collections:commons-collections:3.2.2' + //Temporary fix of https://nvd.nist.gov/vuln/detail/CVE-2019-12400 implementation 'org.apache.santuario:xmlsec:3.0.3' //Fix CVE-2015-7501, CVE-2015-4852 implementation 'org.apache.commons:commons-collections4:4.4' @@ -104,10 +103,11 @@ dependencies { implementation 'io.springfox:springfox-swagger2' implementation 'org.apache.commons:commons-compress:1.26.0' implementation 'org.cryptacular:cryptacular:1.1.4' - // TODO: snakeyaml 2.0 supported by Spring Boot 3 only - implementation 'org.yaml:snakeyaml:1.33' + // TODO: snakeyaml 2.0 supported by Spring Boot 2.7 and 3.X only + // We don't user application.yml, so it's safe to use 2.2 + implementation 'org.yaml:snakeyaml:2.2' implementation 'org.hibernate:hibernate-core:5.4.24.Final' - implementation 'org.springframework:spring-core:5.3.30' + implementation 'org.springframework:spring-core:5.3.39' implementation "com.rabbitmq:http-client:5.2.0" // Lombok diff --git a/gradle.properties b/gradle.properties index f0f30d46..01f5a56c 100644 --- a/gradle.properties +++ b/gradle.properties @@ -1,4 +1,4 @@ -version=5.11.2 +version=5.11.3 description=Unified Authorization Trap for all ReportPortal's Services dockerPrepareEnvironment= dockerJavaOpts=-Xmx512m -XX:+UseG1GC -XX:InitiatingHeapOccupancyPercent=70 -Djava.security.egd=file:/dev/./urandom diff --git a/gradle/wrapper/gradle-wrapper.jar b/gradle/wrapper/gradle-wrapper.jar index e708b1c0..a4b76b95 100755 Binary files a/gradle/wrapper/gradle-wrapper.jar and b/gradle/wrapper/gradle-wrapper.jar differ diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties index da9702f9..9355b415 100755 --- a/gradle/wrapper/gradle-wrapper.properties +++ b/gradle/wrapper/gradle-wrapper.properties @@ -1,5 +1,7 @@ distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-6.8-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-8.10-bin.zip +networkTimeout=10000 +validateDistributionUrl=true zipStoreBase=GRADLE_USER_HOME zipStorePath=wrapper/dists diff --git a/gradlew b/gradlew index 4f906e0c..f5feea6d 100755 --- a/gradlew +++ b/gradlew @@ -1,7 +1,7 @@ -#!/usr/bin/env sh +#!/bin/sh # -# Copyright 2015 the original author or authors. +# Copyright © 2015-2021 the original authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,69 +15,104 @@ # See the License for the specific language governing permissions and # limitations under the License. # +# SPDX-License-Identifier: Apache-2.0 +# ############################################################################## -## -## Gradle start up script for UN*X -## +# +# Gradle start up script for POSIX generated by Gradle. +# +# Important for running: +# +# (1) You need a POSIX-compliant shell to run this script. If your /bin/sh is +# noncompliant, but you have some other compliant shell such as ksh or +# bash, then to run this script, type that shell name before the whole +# command line, like: +# +# ksh Gradle +# +# Busybox and similar reduced shells will NOT work, because this script +# requires all of these POSIX shell features: +# * functions; +# * expansions «$var», «${var}», «${var:-default}», «${var+SET}», +# «${var#prefix}», «${var%suffix}», and «$( cmd )»; +# * compound commands having a testable exit status, especially «case»; +# * various built-in commands including «command», «set», and «ulimit». +# +# Important for patching: +# +# (2) This script targets any POSIX shell, so it avoids extensions provided +# by Bash, Ksh, etc; in particular arrays are avoided. +# +# The "traditional" practice of packing multiple parameters into a +# space-separated string is a well documented source of bugs and security +# problems, so this is (mostly) avoided, by progressively accumulating +# options in "$@", and eventually passing that to Java. +# +# Where the inherited environment variables (DEFAULT_JVM_OPTS, JAVA_OPTS, +# and GRADLE_OPTS) rely on word-splitting, this is performed explicitly; +# see the in-line comments for details. +# +# There are tweaks for specific operating systems such as AIX, CygWin, +# Darwin, MinGW, and NonStop. +# +# (3) This script is generated from the Groovy template +# https://github.com/gradle/gradle/blob/HEAD/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt +# within the Gradle project. +# +# You can find Gradle at https://github.com/gradle/gradle/. +# ############################################################################## # Attempt to set APP_HOME + # Resolve links: $0 may be a link -PRG="$0" -# Need this for relative symlinks. -while [ -h "$PRG" ] ; do - ls=`ls -ld "$PRG"` - link=`expr "$ls" : '.*-> \(.*\)$'` - if expr "$link" : '/.*' > /dev/null; then - PRG="$link" - else - PRG=`dirname "$PRG"`"/$link" - fi +app_path=$0 + +# Need this for daisy-chained symlinks. +while + APP_HOME=${app_path%"${app_path##*/}"} # leaves a trailing /; empty if no leading path + [ -h "$app_path" ] +do + ls=$( ls -ld "$app_path" ) + link=${ls#*' -> '} + case $link in #( + /*) app_path=$link ;; #( + *) app_path=$APP_HOME$link ;; + esac done -SAVED="`pwd`" -cd "`dirname \"$PRG\"`/" >/dev/null -APP_HOME="`pwd -P`" -cd "$SAVED" >/dev/null -APP_NAME="Gradle" -APP_BASE_NAME=`basename "$0"` - -# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. -DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"' +# This is normally unused +# shellcheck disable=SC2034 +APP_BASE_NAME=${0##*/} +# Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036) +APP_HOME=$( cd -P "${APP_HOME:-./}" > /dev/null && printf '%s +' "$PWD" ) || exit # Use the maximum available, or set MAX_FD != -1 to use that value. -MAX_FD="maximum" +MAX_FD=maximum warn () { echo "$*" -} +} >&2 die () { echo echo "$*" echo exit 1 -} +} >&2 # OS specific support (must be 'true' or 'false'). cygwin=false msys=false darwin=false nonstop=false -case "`uname`" in - CYGWIN* ) - cygwin=true - ;; - Darwin* ) - darwin=true - ;; - MINGW* ) - msys=true - ;; - NONSTOP* ) - nonstop=true - ;; +case "$( uname )" in #( + CYGWIN* ) cygwin=true ;; #( + Darwin* ) darwin=true ;; #( + MSYS* | MINGW* ) msys=true ;; #( + NONSTOP* ) nonstop=true ;; esac CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar @@ -87,9 +122,9 @@ CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar if [ -n "$JAVA_HOME" ] ; then if [ -x "$JAVA_HOME/jre/sh/java" ] ; then # IBM's JDK on AIX uses strange locations for the executables - JAVACMD="$JAVA_HOME/jre/sh/java" + JAVACMD=$JAVA_HOME/jre/sh/java else - JAVACMD="$JAVA_HOME/bin/java" + JAVACMD=$JAVA_HOME/bin/java fi if [ ! -x "$JAVACMD" ] ; then die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME @@ -98,88 +133,120 @@ Please set the JAVA_HOME variable in your environment to match the location of your Java installation." fi else - JAVACMD="java" - which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. + JAVACMD=java + if ! command -v java >/dev/null 2>&1 + then + die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. Please set the JAVA_HOME variable in your environment to match the location of your Java installation." + fi fi # Increase the maximum file descriptors if we can. -if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then - MAX_FD_LIMIT=`ulimit -H -n` - if [ $? -eq 0 ] ; then - if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then - MAX_FD="$MAX_FD_LIMIT" - fi - ulimit -n $MAX_FD - if [ $? -ne 0 ] ; then - warn "Could not set maximum file descriptor limit: $MAX_FD" - fi - else - warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT" - fi +if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then + case $MAX_FD in #( + max*) + # In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked. + # shellcheck disable=SC2039,SC3045 + MAX_FD=$( ulimit -H -n ) || + warn "Could not query maximum file descriptor limit" + esac + case $MAX_FD in #( + '' | soft) :;; #( + *) + # In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked. + # shellcheck disable=SC2039,SC3045 + ulimit -n "$MAX_FD" || + warn "Could not set maximum file descriptor limit to $MAX_FD" + esac fi -# For Darwin, add options to specify how the application appears in the dock -if $darwin; then - GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\"" -fi +# Collect all arguments for the java command, stacking in reverse order: +# * args from the command line +# * the main class name +# * -classpath +# * -D...appname settings +# * --module-path (only if needed) +# * DEFAULT_JVM_OPTS, JAVA_OPTS, and GRADLE_OPTS environment variables. # For Cygwin or MSYS, switch paths to Windows format before running java -if [ "$cygwin" = "true" -o "$msys" = "true" ] ; then - APP_HOME=`cygpath --path --mixed "$APP_HOME"` - CLASSPATH=`cygpath --path --mixed "$CLASSPATH"` - - JAVACMD=`cygpath --unix "$JAVACMD"` - - # We build the pattern for arguments to be converted via cygpath - ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null` - SEP="" - for dir in $ROOTDIRSRAW ; do - ROOTDIRS="$ROOTDIRS$SEP$dir" - SEP="|" - done - OURCYGPATTERN="(^($ROOTDIRS))" - # Add a user-defined pattern to the cygpath arguments - if [ "$GRADLE_CYGPATTERN" != "" ] ; then - OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)" - fi +if "$cygwin" || "$msys" ; then + APP_HOME=$( cygpath --path --mixed "$APP_HOME" ) + CLASSPATH=$( cygpath --path --mixed "$CLASSPATH" ) + + JAVACMD=$( cygpath --unix "$JAVACMD" ) + # Now convert the arguments - kludge to limit ourselves to /bin/sh - i=0 - for arg in "$@" ; do - CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -` - CHECK2=`echo "$arg"|egrep -c "^-"` ### Determine if an option - - if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then ### Added a condition - eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"` - else - eval `echo args$i`="\"$arg\"" + for arg do + if + case $arg in #( + -*) false ;; # don't mess with options #( + /?*) t=${arg#/} t=/${t%%/*} # looks like a POSIX filepath + [ -e "$t" ] ;; #( + *) false ;; + esac + then + arg=$( cygpath --path --ignore --mixed "$arg" ) fi - i=`expr $i + 1` + # Roll the args list around exactly as many times as the number of + # args, so each arg winds up back in the position where it started, but + # possibly modified. + # + # NB: a `for` loop captures its iteration list before it begins, so + # changing the positional parameters here affects neither the number of + # iterations, nor the values presented in `arg`. + shift # remove old arg + set -- "$@" "$arg" # push replacement arg done - case $i in - 0) set -- ;; - 1) set -- "$args0" ;; - 2) set -- "$args0" "$args1" ;; - 3) set -- "$args0" "$args1" "$args2" ;; - 4) set -- "$args0" "$args1" "$args2" "$args3" ;; - 5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;; - 6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;; - 7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;; - 8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;; - 9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;; - esac fi -# Escape application args -save () { - for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done - echo " " -} -APP_ARGS=`save "$@"` -# Collect all arguments for the java command, following the shell quoting and substitution rules -eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS" +# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"' + +# Collect all arguments for the java command: +# * DEFAULT_JVM_OPTS, JAVA_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments, +# and any embedded shellness will be escaped. +# * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be +# treated as '${Hostname}' itself on the command line. + +set -- \ + "-Dorg.gradle.appname=$APP_BASE_NAME" \ + -classpath "$CLASSPATH" \ + org.gradle.wrapper.GradleWrapperMain \ + "$@" + +# Stop when "xargs" is not available. +if ! command -v xargs >/dev/null 2>&1 +then + die "xargs is not available" +fi + +# Use "xargs" to parse quoted args. +# +# With -n1 it outputs one arg per line, with the quotes and backslashes removed. +# +# In Bash we could simply go: +# +# readarray ARGS < <( xargs -n1 <<<"$var" ) && +# set -- "${ARGS[@]}" "$@" +# +# but POSIX shell has neither arrays nor command substitution, so instead we +# post-process each arg (as a line of input to sed) to backslash-escape any +# character that might be a shell metacharacter, then use eval to reverse +# that process (while maintaining the separation between arguments), and wrap +# the whole thing up as a single "set" statement. +# +# This will of course break if any of these variables contains a newline or +# an unmatched quote. +# + +eval "set -- $( + printf '%s\n' "$DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS" | + xargs -n1 | + sed ' s~[^-[:alnum:]+,./:=@_]~\\&~g; ' | + tr '\n' ' ' + )" '"$@"' exec "$JAVACMD" "$@" diff --git a/gradlew.bat b/gradlew.bat index ac1b06f9..9b42019c 100755 --- a/gradlew.bat +++ b/gradlew.bat @@ -13,8 +13,10 @@ @rem See the License for the specific language governing permissions and @rem limitations under the License. @rem +@rem SPDX-License-Identifier: Apache-2.0 +@rem -@if "%DEBUG%" == "" @echo off +@if "%DEBUG%"=="" @echo off @rem ########################################################################## @rem @rem Gradle startup script for Windows @@ -25,7 +27,8 @@ if "%OS%"=="Windows_NT" setlocal set DIRNAME=%~dp0 -if "%DIRNAME%" == "" set DIRNAME=. +if "%DIRNAME%"=="" set DIRNAME=. +@rem This is normally unused set APP_BASE_NAME=%~n0 set APP_HOME=%DIRNAME% @@ -40,13 +43,13 @@ if defined JAVA_HOME goto findJavaFromJavaHome set JAVA_EXE=java.exe %JAVA_EXE% -version >NUL 2>&1 -if "%ERRORLEVEL%" == "0" goto execute +if %ERRORLEVEL% equ 0 goto execute -echo. -echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. -echo. -echo Please set the JAVA_HOME variable in your environment to match the -echo location of your Java installation. +echo. 1>&2 +echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 1>&2 +echo. 1>&2 +echo Please set the JAVA_HOME variable in your environment to match the 1>&2 +echo location of your Java installation. 1>&2 goto fail @@ -56,11 +59,11 @@ set JAVA_EXE=%JAVA_HOME%/bin/java.exe if exist "%JAVA_EXE%" goto execute -echo. -echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% -echo. -echo Please set the JAVA_HOME variable in your environment to match the -echo location of your Java installation. +echo. 1>&2 +echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 1>&2 +echo. 1>&2 +echo Please set the JAVA_HOME variable in your environment to match the 1>&2 +echo location of your Java installation. 1>&2 goto fail @@ -75,13 +78,15 @@ set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar :end @rem End local scope for the variables with windows NT shell -if "%ERRORLEVEL%"=="0" goto mainEnd +if %ERRORLEVEL% equ 0 goto mainEnd :fail rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of rem the _cmd.exe /c_ return code! -if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1 -exit /b 1 +set EXIT_CODE=%ERRORLEVEL% +if %EXIT_CODE% equ 0 set EXIT_CODE=1 +if not ""=="%GRADLE_EXIT_CONSOLE%" exit %EXIT_CODE% +exit /b %EXIT_CODE% :mainEnd if "%OS%"=="Windows_NT" endlocal diff --git a/project-properties.gradle b/project-properties.gradle index 700f43a2..c19c3a48 100755 --- a/project-properties.gradle +++ b/project-properties.gradle @@ -7,10 +7,10 @@ project.ext { publishRepo = "https://maven.pkg.github.com/reportportal/service-authorization" dependencyRepos = ["commons-dao", "commons-rules", "commons-model", "commons-bom"] releaseMode = project.hasProperty("releaseMode") - scriptsUrl = commonScriptsUrl + (releaseMode ? '5.10.0' : 'master') + scriptsUrl = commonScriptsUrl + (releaseMode ? '5.11.0' : 'develop') isDebugMode = System.getProperty("DEBUG", "false") == "true" } wrapper { - gradleVersion = '6.8' + gradleVersion = '8.10' } diff --git a/src/main/resources/application-dev-mac.yaml b/src/main/resources/application-dev-mac.yaml.bkp similarity index 100% rename from src/main/resources/application-dev-mac.yaml rename to src/main/resources/application-dev-mac.yaml.bkp diff --git a/src/main/resources/application-dev.yaml b/src/main/resources/application-dev.yaml.bkp similarity index 100% rename from src/main/resources/application-dev.yaml rename to src/main/resources/application-dev.yaml.bkp diff --git a/src/main/resources/application-file-logging.yaml b/src/main/resources/application-file-logging.yaml.bkp similarity index 100% rename from src/main/resources/application-file-logging.yaml rename to src/main/resources/application-file-logging.yaml.bkp diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index ce46928c..2f9c0706 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -9,4 +9,84 @@ rp.feature.flags= datastore.thumbnail.attachment.width=\${rp.binarystore.thumbnail.attachment.width:80} datastore.thumbnail.attachment.height=\${rp.binarystore.thumbnail.attachment.height:60} datastore.thumbnail.avatar.width=\${rp.binarystore.thumbnail.avatar.width:40} -datastore.thumbnail.avatar.height=\${rp.binarystore.thumbnail.avatar.height:60} \ No newline at end of file +datastore.thumbnail.avatar.height=\${rp.binarystore.thumbnail.avatar.height:60} + +# Application.yaml configuration +# Server configuration +server.port=9999 +server.forward-headers-strategy=NATIVE +server.servlet.context-path=/ + +# Spring configuration +spring.application.name=uat +spring.jackson.default-property-inclusion=non_null +spring.session.store-type=jdbc +spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.PostgreSQL95Dialect +spring.jpa.properties.hibernate.jdbc.lob.non_contextual_creation=true +spring.jpa.generate-ddl=false +spring.jpa.hibernate.ddl-auto=none +spring.profiles.active=\${rp.profiles:default} +spring.web.locale=en_US +spring.web.locale-resolver=fixed + +# Logging configuration +logging.level.org.springframework.security=debug +logging.level.org.hibernate=info +logging.level.org.hibernate.stat=info +logging.level.org.springframework.web.bind=fatal + +# OpenAPI documentation configuration +springfox.documentation.swagger.v2.path=/api-docs + +# Custom reportportal configuration +rp.datasource.type=com.zaxxer.hikari.HikariDataSource +rp.datasource.driverClassName=org.postgresql.Driver +rp.datasource.jdbcUrl=\${rp.db.url} +rp.datasource.username=\${rp.db.user} +rp.datasource.password=\${rp.db.pass} +rp.datasource.maximumPoolSize=27 + +rp.db.url=jdbc:postgresql://\${rp.db.host}:\${rp.db.port}/\${rp.db.name} +rp.db.name=reportportal +rp.db.host=postgres +rp.db.port=5432 +rp.db.user= +rp.db.pass= + +rp.jwt.signing-key= +rp.jwt.token.validity-period=\${rp.session.live} + +rp.session.live=86400 + +rp.saml.session-live=4320 + +rp.auth.saml.base-path= +rp.auth.saml.entity-id=report.portal.sp.id +rp.auth.saml.key-password=password +rp.auth.saml.key-alias=report-portal-sp +rp.auth.saml.session-live=\${rp.saml.session-live} +rp.auth.saml.key-store=saml/keystore.jks +rp.auth.saml.key-store-password=password +rp.auth.saml.network-connection-timeout=5000 +rp.auth.saml.network-read-timeout=10000 +rp.auth.saml.signed-requests=false +rp.auth.saml.active-key-name=sp-signing-key +rp.auth.saml.prefix=saml/sp + +rp.amqp.addresses=amqp://\${rp.amqp.user}:\${rp.amqp.pass}@\${rp.amqp.host}:\${rp.amqp.port} +rp.amqp.base-vhost=/ +rp.amqp.host=rabbitmq +rp.amqp.port=5672 +rp.amqp.user= +rp.amqp.pass= + +# ReportPortal file storage configuration +datastore.path=/data/storage +datastore.type:=minio +datastore.endpoint= http://play.min.io +datastore.accessKey= +datastore.secretKey= +datastore.bucketPrefix= prj- +datastore.bucketPostfix= +datastore.defaultBucketName= rp-bucket +datastore.region=us-west-1 diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml.bkp similarity index 98% rename from src/main/resources/application.yaml rename to src/main/resources/application.yaml.bkp index c010dea0..49781a75 100644 --- a/src/main/resources/application.yaml +++ b/src/main/resources/application.yaml.bkp @@ -1,8 +1,8 @@ server: port: 9999 - use-forward-headers: true servlet: context-path: / + forward-headers-strategy: native spring: application: name: uat