Merge pull request #3164 from liuliaozhong/3.6.x_issue_2865

feat: 修复第三方组件安全漏洞 #2865

src/backend/job-crontab/boot-job-crontab/src/main/resources/quartz.properties

@@ -47,7 +47,7 @@ org.quartz.threadPool.threadCount=50
 #Configure JobStore
 #==============================================================
 #持久化方式配置
-org.quartz.jobStore.class=org.quartz.impl.jdbcjobstore.JobStoreTX
+org.quartz.jobStore.class=org.springframework.scheduling.quartz.LocalDataSourceJobStore
 #持久化方式配置数据驱动，MySQL数据库
 org.quartz.jobStore.driverDelegateClass=org.quartz.impl.jdbcjobstore.StdJDBCDelegate
 #quartz相关数据表前缀名
@@ -59,26 +59,6 @@ org.quartz.jobStore.clusterCheckinInterval=20000
 #配置是否使用
 org.quartz.jobStore.useProperties=true
 org.quartz.jobStore.selectWithLockSQL=SELECT * FROM {0}LOCKS WHERE LOCK_NAME \= ? FOR UPDATE
-org.quartz.jobStore.dataSource=myDS
-#==============================================================
-#Configure DataSource
-#==============================================================
-org.quartz.dataSource.myDS.driver=io.opentelemetry.instrumentation.jdbc.OpenTelemetryDriver
-org.quartz.dataSource.myDS.URL=${job.crontab.db.url}
-org.quartz.dataSource.myDS.user=${job.crontab.db.user}
-org.quartz.dataSource.myDS.password=${job.crontab.db.password}
-org.quartz.dataSource.myDS.maxConnections=30
-# Enable HikariCP DB conn Pool
-org.quartz.dataSource.myDS.provider=hikaricp
-# Custom hikaricp config properties. You can add more based on their docs:
-# https://github.com/brettwooldridge/HikariCP#configuration-knobs-baby
-org.quartz.dataSource.myDS.maximumPoolSize=10
-org.quartz.dataSource.myDS.connectionTestQuery=SELECT 1
-org.quartz.dataSource.myDS.validationTimeout=5000
-org.quartz.dataSource.myDS.idleTimeout=0
-#==============================================================
-#==============================================================
-# Configure quartz db
 #==============================================================
 #Skip Check Update
 #update:true

support-files/kubernetes/charts/bk-job/templates/job-crontab/configmap.yaml

@@ -50,6 +50,9 @@ data:
             max-wait: 1ms
           shutdown-timeout: 100ms
       quartz:
+        job-store-type: jdbc
+        jdbc:
+          initialize-schema: never
         thread-pool:
           thread-name-prefix: QuartzThreadPoolTaskExecutor-
           thread-priority: 5
@@ -81,16 +84,6 @@ data:
       ConnectTimeout: 10000
       eureka:
         enabled: false
-    job:
-      crontab:
-        db:
-          url: {{ include "job.jdbcMysqlScheme" . }}://{{- include "job.mariadb.host" . }}:{{- include "job.mariadb.port" . }}/job_crontab?useUnicode=true&characterEncoding=UTF-8&zeroDateTimeBehavior=convertToNull
-          username: {{ include "job.mariadb.username" . }}
-          {{ if .Values.externalMariaDB.existingPasswordSecret }}
-          password: {{ .Values.externalMariaDB.existingPasswordKey | default "mariadb-password" | printf "${%s}" }}
-          {{- else -}}
-          password: ${mariadb-password}
-          {{- end }}
     notification-policy:
       failed:
         start:

support-files/templates/#etc#job#job-crontab#job-crontab.yml

@@ -52,6 +52,11 @@ spring:
         max-wait: 1ms
       shutdown-timeout: 100ms
   quartz:
+    # 使用数据库存储
+    job-store-type : jdbc
+    jdbc :
+      # 是否自动使用 SQL 初始化 Quartz 表结构。这里设置成 never ，手动创建表结构
+      initialize-schema : never
     thread-pool:
       thread-name-prefix: QuartzThreadPoolTaskExecutor-
       thread-priority: 5
@@ -83,13 +88,6 @@ ribbon:
   ConnectTimeout: 10000
   eureka:
     enabled: false
-job:
-  crontab:
-    db:
-      url: jdbc:otel:mysql://__BK_JOB_CRONTAB_MYSQL_HOST__:__BK_JOB_CRONTAB_MYSQL_PORT__/job_crontab?useUnicode=true&characterEncoding=UTF-8&zeroDateTimeBehavior=convertToNull
-      username: __BK_JOB_CRONTAB_MYSQL_USERNAME__
-      password: __BK_JOB_CRONTAB_MYSQL_PASSWORD__
-
 # 连续启动失败通知策略：默认 从第一次失败开始，连续失败每5次通知第一次 begin = 1；frequency = 5；totalTimes = -1
 notification-policy:
   failed: