From 0161a95fa2a703534b0718b3ef3a8d59414e037a Mon Sep 17 00:00:00 2001 From: "fiodar.rekish" Date: Mon, 24 Oct 2022 12:04:44 +0400 Subject: [PATCH 1/8] [TH2-4347] dependencies update --- .github/workflows/dev-docker-publish.yml | 40 ++-------------- build.gradle | 60 ++++++++++++++++++------ 2 files changed, 50 insertions(+), 50 deletions(-) diff --git a/.github/workflows/dev-docker-publish.yml b/.github/workflows/dev-docker-publish.yml index 22def07..3ebf7d3 100644 --- a/.github/workflows/dev-docker-publish.yml +++ b/.github/workflows/dev-docker-publish.yml @@ -10,39 +10,7 @@ on: - README.md jobs: - build: - runs-on: ubuntu-20.04 - steps: - - uses: actions/checkout@v2 -# Prepare custom build version - - name: Get branch name - id: branch - run: echo ::set-output name=branch_name::${GITHUB_REF#refs/*/} - - name: Get release_version - id: ver - uses: christian-draeger/read-properties@1.0.1 - with: - path: gradle.properties - property: release_version - - name: Build custom release version - id: release_ver - run: echo ::set-output name=value::"${{ steps.ver.outputs.value }}-${{ steps.branch.outputs.branch_name }}-${{ github.run_id }}" - - name: Show custom release version - run: echo ${{ steps.release_ver.outputs.value }} -# Build and publish image - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 - - uses: docker/login-action@v1 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.CR_PAT }} - - run: echo "::set-output name=REPOSITORY_NAME::$(echo '${{ github.repository }}' | awk -F '/' '{print $2}')" - id: meta - - name: Build and push - id: docker_build - uses: docker/build-push-action@v2 - with: - push: true - tags: ghcr.io/${{ github.repository }}:${{ steps.release_ver.outputs.value }} - labels: com.exactpro.th2.${{ steps.meta.outputs.REPOSITORY_NAME }}=${{ steps.ver.outputs.value }} + build-job: + uses: th2-net/.github/.github/workflows/dev-java-docker-publish.yml@main + secrets: + CR_PAT: ${{ secrets.CR_PAT }} \ No newline at end of file diff --git a/build.gradle b/build.gradle index 7e90ed1..50a1a12 100644 --- a/build.gradle +++ b/build.gradle @@ -1,12 +1,24 @@ plugins { id 'com.palantir.docker' version '0.25.0' - id 'org.jetbrains.kotlin.jvm' version '1.5.30' + id 'org.jetbrains.kotlin.jvm' version '1.6.21' id 'application' + id "org.owasp.dependencycheck" version "7.3.0" +} + +dependencyCheck { + format='HTML' + failBuildOnCVSS=5 } ext { sharedDir = file("${project.rootDir}/shared") - sailfishVersion = '3.2.1741' +} + +ext.excludeSailfish = { rcd -> + rcd.excludeModule("com.exactpro.sf", "sailfish-core") + rcd.excludeModule("com.exactpro.sf", "sailfish-common") + rcd.excludeModule("com.exactpro.sf", "sailfish-rest-api-client") + rcd.excludeModule("com.exactpro.sf", "service-http") } group = 'com.exactpro.th2' @@ -17,19 +29,44 @@ repositories { name 'MavenLocal' url sharedDir } - - mavenCentral() maven { name 'Sonatype_snapshots' url 'https://s01.oss.sonatype.org/content/repositories/snapshots/' + content { + excludeSailfish(it) + } + } + // ignoreGradleMetadataRedirection is used for sonatype because + // Sailfish dependencies have constrains that interfere with our BOM + // so we exclude Gradle metadata for this repositories. + // We've checked these versions - they are compatible and safe to use + maven { + name 'Sonatype_snapshots' + url 'https://s01.oss.sonatype.org/content/repositories/snapshots/' + metadataSources { + mavenPom() + artifact() + ignoreGradleMetadataRedirection() + } } - maven { name 'Sonatype_releases' url 'https://s01.oss.sonatype.org/content/repositories/releases/' + content { + excludeSailfish(it) + } } - + maven { + name 'Sonatype_releases' + url 'https://s01.oss.sonatype.org/content/repositories/releases/' + metadataSources { + mavenPom() + artifact() + ignoreGradleMetadataRedirection() + } + } + mavenCentral() mavenLocal() configurations.all { @@ -64,20 +101,15 @@ compileTestKotlin { } dependencies { - api platform('com.exactpro.th2:bom:3.0.0') + api platform('com.exactpro.th2:bom:4.0.2') - implementation 'com.exactpro.th2:common:3.33.0' - implementation "com.exactpro.th2:sailfish-utils:3.8.0" - - implementation "org.slf4j:slf4j-log4j12" - implementation "org.slf4j:slf4j-api" + implementation 'com.exactpro.th2:common:3.41.1' + implementation 'com.exactpro.th2:sailfish-utils:3.13.0' implementation group: 'io.reactivex.rxjava3', name: 'rxjava', version: '3.0.4' implementation 'io.prometheus:simpleclient' - implementation("com.exactpro.sf:sailfish-core:${sailfishVersion}") - testImplementation 'org.junit.jupiter:junit-jupiter:5.7.1' } From 95a38f2bcaf96803f2f82ad07b0c34142c1faef9 Mon Sep 17 00:00:00 2001 From: "fiodar.rekish" Date: Tue, 24 Jan 2023 13:57:40 +0400 Subject: [PATCH 2/8] common update, added reusable workflow with vulnerabilities scanning --- .github/workflows/dev-docker-publish.yml | 7 +++-- .github/workflows/docker-publish.yml | 40 +++++++----------------- build.gradle | 6 ++-- 3 files changed, 20 insertions(+), 33 deletions(-) diff --git a/.github/workflows/dev-docker-publish.yml b/.github/workflows/dev-docker-publish.yml index 3ebf7d3..6f77755 100644 --- a/.github/workflows/dev-docker-publish.yml +++ b/.github/workflows/dev-docker-publish.yml @@ -11,6 +11,9 @@ on: jobs: build-job: - uses: th2-net/.github/.github/workflows/dev-java-docker-publish.yml@main + uses: th2-net/.github/.github/workflows/compound-java-dev.yml@main + with: + build-target: 'Docker' + docker-username: ${{ github.actor }} secrets: - CR_PAT: ${{ secrets.CR_PAT }} \ No newline at end of file + docker-password: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 9274060..291d3ff 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -3,33 +3,17 @@ name: Build and publish Docker distributions to Github Container Registry ghcr.i on: push: branches: - - master - - version-* + - master + - version-* + paths: + - gradle.properties +# - package_info.json jobs: - build: - runs-on: ubuntu-20.04 - steps: - - uses: actions/checkout@v2 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 - - uses: docker/login-action@v1 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.CR_PAT }} - - run: echo "::set-output name=REPOSITORY_NAME::$(echo '${{ github.repository }}' | awk -F '/' '{print $2}')" - id: meta - - name: Read version from gradle.properties - id: read_property - uses: christian-draeger/read-properties@1.0.1 - with: - path: ./gradle.properties - property: release_version - - name: Build and push - id: docker_build - uses: docker/build-push-action@v2 - with: - push: true - tags: ghcr.io/${{ github.repository }}:${{ steps.read_property.outputs.value }} - labels: com.exactpro.th2.${{ steps.meta.outputs.REPOSITORY_NAME }}=${{ steps.read_property.outputs.value }} + build-job: + uses: th2-net/.github/.github/workflows/compound-java.yml@main + with: + build-target: 'Docker' + docker-username: ${{ github.actor }} + secrets: + docker-password: ${{ secrets.GITHUB_TOKEN }} diff --git a/build.gradle b/build.gradle index 50a1a12..795d65d 100644 --- a/build.gradle +++ b/build.gradle @@ -2,7 +2,7 @@ plugins { id 'com.palantir.docker' version '0.25.0' id 'org.jetbrains.kotlin.jvm' version '1.6.21' id 'application' - id "org.owasp.dependencycheck" version "7.3.0" + id "org.owasp.dependencycheck" version "7.4.4" } dependencyCheck { @@ -101,9 +101,9 @@ compileTestKotlin { } dependencies { - api platform('com.exactpro.th2:bom:4.0.2') + api platform('com.exactpro.th2:bom:4.1.0') - implementation 'com.exactpro.th2:common:3.41.1' + implementation 'com.exactpro.th2:common:3.44.0' implementation 'com.exactpro.th2:sailfish-utils:3.13.0' implementation group: 'io.reactivex.rxjava3', name: 'rxjava', version: '3.0.4' From c95b69774b984e84015e551a286208d72be6b41a Mon Sep 17 00:00:00 2001 From: "fiodar.rekish" Date: Wed, 25 Jan 2023 13:10:30 +0400 Subject: [PATCH 3/8] sailfish utils update --- build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.gradle b/build.gradle index 795d65d..45cd275 100644 --- a/build.gradle +++ b/build.gradle @@ -104,7 +104,7 @@ dependencies { api platform('com.exactpro.th2:bom:4.1.0') implementation 'com.exactpro.th2:common:3.44.0' - implementation 'com.exactpro.th2:sailfish-utils:3.13.0' + implementation 'com.exactpro.th2:sailfish-utils:3.14.0-th2-4347-vulnerabilities-4004340199-afa2a0e-SNAPSHOT' implementation group: 'io.reactivex.rxjava3', name: 'rxjava', version: '3.0.4' From 12b7000a71d24d55a5257b37846d25989c9f912d Mon Sep 17 00:00:00 2001 From: "fiodar.rekish" Date: Wed, 25 Jan 2023 15:16:38 +0400 Subject: [PATCH 4/8] jackson databind version rewrite --- build.gradle | 2 ++ 1 file changed, 2 insertions(+) diff --git a/build.gradle b/build.gradle index 45cd275..d795ced 100644 --- a/build.gradle +++ b/build.gradle @@ -106,6 +106,8 @@ dependencies { implementation 'com.exactpro.th2:common:3.44.0' implementation 'com.exactpro.th2:sailfish-utils:3.14.0-th2-4347-vulnerabilities-4004340199-afa2a0e-SNAPSHOT' + implementation 'com.fasterxml.jackson.core:jackson-databind:2.14.0' + implementation group: 'io.reactivex.rxjava3', name: 'rxjava', version: '3.0.4' implementation 'io.prometheus:simpleclient' From 328f8da6ac95d56fb4a039d1712caa48ea6b0438 Mon Sep 17 00:00:00 2001 From: "fiodar.rekish" Date: Wed, 25 Jan 2023 17:56:33 +0400 Subject: [PATCH 5/8] jackson update --- build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.gradle b/build.gradle index d795ced..f4fa769 100644 --- a/build.gradle +++ b/build.gradle @@ -106,7 +106,7 @@ dependencies { implementation 'com.exactpro.th2:common:3.44.0' implementation 'com.exactpro.th2:sailfish-utils:3.14.0-th2-4347-vulnerabilities-4004340199-afa2a0e-SNAPSHOT' - implementation 'com.fasterxml.jackson.core:jackson-databind:2.14.0' + implementation 'com.fasterxml.jackson.core:jackson-databind:2.14.1' implementation group: 'io.reactivex.rxjava3', name: 'rxjava', version: '3.0.4' From 28df300a9c96a27933254113898ec55f47e0176f Mon Sep 17 00:00:00 2001 From: "fiodar.rekish" Date: Thu, 26 Jan 2023 16:26:01 +0400 Subject: [PATCH 6/8] sailfish utils update, version bump --- README.md | 8 +++++++- build.gradle | 5 +---- gradle.properties | 2 +- 3 files changed, 9 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 3e2e403..ec0f3db 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# Connect (3.10.1) +# Connect (3.11.0) The "Connect" component is responsible for the communication with a target system. This component implements the logic of the interaction protocol, receiving and sending messages from and to the system, respectively. @@ -119,6 +119,12 @@ spec: ## Release notes +### 3.11.0 + ++ Updated `sailfish-core` version from `3.2.1741` to `3.3.54` ++ Updated `common` from `3.33.0` to `3.44.0` ++ Updated `kotlin` form `1.5.30` to `1.6.21` + ### 3.10.1 + Update `sailfish-core` version from `3.2.1674` to `3.2.1741` diff --git a/build.gradle b/build.gradle index f4fa769..3997124 100644 --- a/build.gradle +++ b/build.gradle @@ -7,7 +7,6 @@ plugins { dependencyCheck { format='HTML' - failBuildOnCVSS=5 } ext { @@ -104,9 +103,7 @@ dependencies { api platform('com.exactpro.th2:bom:4.1.0') implementation 'com.exactpro.th2:common:3.44.0' - implementation 'com.exactpro.th2:sailfish-utils:3.14.0-th2-4347-vulnerabilities-4004340199-afa2a0e-SNAPSHOT' - - implementation 'com.fasterxml.jackson.core:jackson-databind:2.14.1' + implementation 'com.exactpro.th2:sailfish-utils:3.14.0' implementation group: 'io.reactivex.rxjava3', name: 'rxjava', version: '3.0.4' diff --git a/gradle.properties b/gradle.properties index 45efc1f..b39c5da 100644 --- a/gradle.properties +++ b/gradle.properties @@ -1 +1 @@ -release_version = 3.10.1 \ No newline at end of file +release_version = 3.11.0 \ No newline at end of file From 4ead790d40d34882055d7c16840abc4a5018bdb1 Mon Sep 17 00:00:00 2001 From: "fiodar.rekish" Date: Thu, 26 Jan 2023 22:03:51 +0400 Subject: [PATCH 7/8] renamed project to conn-sailfish, removed sharedDir --- .gitlab-ci.yml | 2 +- README.md | 1 + build.gradle | 9 +++------ settings.gradle | 2 +- 4 files changed, 6 insertions(+), 8 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 93a6257..79f5f34 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,5 +1,5 @@ variables: - APP_NAME: "th2-conn" + APP_NAME: "th2-conn-sailfish" include: - project: "vivarium/th2/pipelines" diff --git a/README.md b/README.md index ec0f3db..762c024 100644 --- a/README.md +++ b/README.md @@ -124,6 +124,7 @@ spec: + Updated `sailfish-core` version from `3.2.1741` to `3.3.54` + Updated `common` from `3.33.0` to `3.44.0` + Updated `kotlin` form `1.5.30` to `1.6.21` ++ Renamed project to `conn-sailfish` ### 3.10.1 diff --git a/build.gradle b/build.gradle index 3997124..f9a438e 100644 --- a/build.gradle +++ b/build.gradle @@ -10,7 +10,7 @@ dependencyCheck { } ext { - sharedDir = file("${project.rootDir}/shared") + sailfishVersion = '3.3.54' } ext.excludeSailfish = { rcd -> @@ -24,11 +24,6 @@ group = 'com.exactpro.th2' version = release_version repositories { - maven { - name 'MavenLocal' - url sharedDir - } - maven { name 'Sonatype_snapshots' url 'https://s01.oss.sonatype.org/content/repositories/snapshots/' @@ -109,6 +104,8 @@ dependencies { implementation 'io.prometheus:simpleclient' + implementation("com.exactpro.sf:sailfish-core:${sailfishVersion}") + testImplementation 'org.junit.jupiter:junit-jupiter:5.7.1' } diff --git a/settings.gradle b/settings.gradle index 44dcd88..1db886a 100644 --- a/settings.gradle +++ b/settings.gradle @@ -1 +1 @@ -rootProject.name = 'conn' \ No newline at end of file +rootProject.name = 'conn-sailfish' \ No newline at end of file From ea14fda92b4cd39350eb6a07aabac7b96a1c601a Mon Sep 17 00:00:00 2001 From: Nikita Smirnov <46124551+Nikita-Smirnov-Exactpro@users.noreply.github.com> Date: Fri, 25 Aug 2023 10:00:40 +0000 Subject: [PATCH 8/8] [TS-1623] Updated sailfish to 3.3.132 (#181) --- README.md | 5 ++++- build.gradle | 2 +- gradle.properties | 2 +- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 762c024..94a3cc5 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# Connect (3.11.0) +# Connect (3.11.1) The "Connect" component is responsible for the communication with a target system. This component implements the logic of the interaction protocol, receiving and sending messages from and to the system, respectively. @@ -119,6 +119,9 @@ spec: ## Release notes +### 3.11.1 ++ Updated `sailfish-core` version from `3.3.54` to `3.3.132` + ### 3.11.0 + Updated `sailfish-core` version from `3.2.1741` to `3.3.54` diff --git a/build.gradle b/build.gradle index f9a438e..bac1a9b 100644 --- a/build.gradle +++ b/build.gradle @@ -10,7 +10,7 @@ dependencyCheck { } ext { - sailfishVersion = '3.3.54' + sailfishVersion = '3.3.132' } ext.excludeSailfish = { rcd -> diff --git a/gradle.properties b/gradle.properties index b39c5da..9e655ad 100644 --- a/gradle.properties +++ b/gradle.properties @@ -1 +1 @@ -release_version = 3.11.0 \ No newline at end of file +release_version = 3.11.1 \ No newline at end of file