Legal merge requestshttps://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests2024-02-08T13:07:29Zhttps://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/477Improve Code Coverage % for Legal-core2024-02-08T13:07:29ZThulasi Dass SubramanianImprove Code Coverage % for Legal-core# Description:
* Issue Reference: https://community.opengroup.org/osdu/platform/ci-cd-pipelines/-/issues/40
* Added `junit-vintage-engine` dependency to fix the legal-core test execution and jacoco report generation
* Added **missing te...# Description:
* Issue Reference: https://community.opengroup.org/osdu/platform/ci-cd-pipelines/-/issues/40
* Added `junit-vintage-engine` dependency to fix the legal-core test execution and jacoco report generation
* Added **missing test** case scenarios/branches for many `units`
* Created new **Test class** for `InfoController`, `Country`, `GlobalOtherExceptionMapper`, `LegalTagRepositoryFactoryImpl`, `DefaultRule`, `ExpiredContractRule`, `RulesetProvider`
* Added **'jacoco-maven-plugin'** configuration exclusion list `[SwaggerDoc class & GlobalErrorHandler (hidden) controller]`
* Added `lombok.config` to exclude Lombok generated methods from coverage
* refactored the existing test cases naming conventions(`should_when`)
* formatted the test cases w.r.t `Arrange Act Assert [AAA] pattern`
* Core Code Coverage Job [added](https://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/jobs/2369751) and Latest Code Coverage [Report](https://osdu.pages.opengroup.org/-/platform/security-and-compliance/legal/-/jobs/2369751/artifacts/legal-core/target/site/jacoco/index.html)M22 - Release 0.25Thulasi Dass SubramanianThulasi Dass Subramanianhttps://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/472Bugfix Country Mauritania was spelled Mauretania2023-12-19T12:30:22ZShane HutchinsBugfix Country Mauritania was spelled MauretaniaBugfix Country Mauritania was spelled Mauretania.
https://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/issues/45Bugfix Country Mauritania was spelled Mauretania.
https://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/issues/45M22 - Release 0.25Shane HutchinsShane Hutchinshttps://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/471[GONRG-7838] Extend legal bootstrap to all partitions2023-11-14T09:07:31ZAleksandr Primachenko [EPAM / GCP][GONRG-7838] Extend legal bootstrap to all partitions## All Submissions:
-------------------------------------
* [YES/NO] I have added an explanation of what changes in this merge do and why we should include it?
* [YES/NO] I have updated the documentation accordingly.
* [YES/NO/NA] I have...## All Submissions:
-------------------------------------
* [YES/NO] I have added an explanation of what changes in this merge do and why we should include it?
* [YES/NO] I have updated the documentation accordingly.
* [YES/NO/NA] I have added tests to cover my changes.
* [YES/NO/NA] All new and existing tests passed.
* [YES/NO/NA] My code follows the code style of this project.
* [YES/NO/NA] I ran lint checks locally prior to submission.
## What is the current behavior?
-------------------------------------
<!-- Please describe the current behavior that you are modifying, or link to a relevant issue. -->
Issue: Remember to link the workitem to this pull request.
## What is the new behavior?
-------------------------------------
<!-- Please describe the behavior or changes that are being added by this PR. -->
-
-
-
## Does this introduce a breaking change?
-------------------------------------
- [YES/NO]
<!-- If this introduces a breaking change, please describe the impact and migration path for existing applications below. -->
## Any relevant logs, error output, etc?
-------------------------------------
(If it’s long, please paste to https://ghostbin.com/ and insert the link here.)
## Other information
-------------------------------------
<!-- Any other information that is important to this PR such as screenshots of how the component looks before and after the change. -->M22 - Release 0.25Shane HutchinsShane Hutchinshttps://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/470Solxget/vulnerabilities2023-11-13T16:39:36ZSolomon AyalewSolxget/vulnerabilities## All Submissions:
-------------------------------------
* [YES] I have added an explanation of what changes in this merge do and why we should include it?
* [NO] I have updated the documentation accordingly.
* [NA] I have added tests t...## All Submissions:
-------------------------------------
* [YES] I have added an explanation of what changes in this merge do and why we should include it?
* [NO] I have updated the documentation accordingly.
* [NA] I have added tests to cover my changes.
* [YES] All new and existing tests passed.
* [YES] My code follows the code style of this project.
* [NO] I ran lint checks locally prior to submission.
## What is the current behavior?
-------------------------------------
* Update dependency versions to mitigate vulnerabilities
* Consume the latest version of os-core-common which uses Spring-boot version 2.7.17
* Cleanup duplicate version numbers declared in pom file dependencies
* Remove version numbers defined that downgrade the default version in pom file dependencies
* Remove duplicate dependency pulling
Issue: https://community.opengroup.org/osdu/platform/security-and-compliance/home/-/issues/160
## What is the new behavior?
-------------------------------------
same as old
## Does this introduce a breaking change?
-------------------------------------
- [YES]
## Any relevant logs, error output, etc?
-------------------------------------
(If it’s long, please paste to https://ghostbin.com/ and insert the link here.)
## Other information
-------------------------------------M22 - Release 0.25https://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/468Improve Code Coverage % for Azure2023-12-11T10:47:46ZThulasi Dass SubramanianImprove Code Coverage % for Azure# Description:
- Issue Reference: https://community.opengroup.org/osdu/platform/ci-cd-pipelines/-/issues/40
- Added **missing test** case scenarios/branches for `LegalTagPublisherImpl`
- Created new **Test class** for `StorageReaderImp...# Description:
- Issue Reference: https://community.opengroup.org/osdu/platform/ci-cd-pipelines/-/issues/40
- Added **missing test** case scenarios/branches for `LegalTagPublisherImpl`
- Created new **Test class** for `StorageReaderImpl, StorageReaderFactoryImpl`
- Added **'jacoco-maven-plugin'** configuration exclusion list `[SpringBootApplication class & Configuration classes/packages]`
- refactored the existing test cases naming conventions(`should_when`)
- formatted the test cases w.r.t `Arrange Act Assert [AAA] pattern`
- Azure Code Coverage Report [**Current MR**](https://osdu.pages.opengroup.org/-/platform/security-and-compliance/legal/-/jobs/2346646/artifacts/provider/legal-azure/target/site/jacoco/index.html) vs [**master**](https://osdu.pages.opengroup.org/-/platform/security-and-compliance/legal/-/jobs/2322997/artifacts/provider/legal-azure/target/site/jacoco/index.html)M22 - Release 0.25Thulasi Dass SubramanianThulasi Dass Subramanianhttps://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/467Removed a creation bucket and file (GONRG-7773)2023-10-20T08:37:06ZRiabokon Stanislav(EPAM)[GCP]Removed a creation bucket and file (GONRG-7773)Removed a creation bucket and file.Removed a creation bucket and file.M22 - Release 0.25Riabokon Stanislav(EPAM)[GCP]Riabokon Stanislav(EPAM)[GCP]https://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/466Cherry-pick 'Upgrade First Party Library Dependencies for Release 0.24' into ...2023-10-19T06:31:46ZSrinivasan NarayananCherry-pick 'Upgrade First Party Library Dependencies for Release 0.24' into release/0.24**Original MR**: !464
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporati...**Original MR**: !464
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporating all changes in the default branch.
These MRs must be approved by the PMC before they are merged, since they alter the scope of the release.
To see more details about the change itself, look at the Original MR listed above.
#### Skipped Pipeline
Normally, pipelines are not executed on the cherry pick branch/MR prior to merging.
This optimization is accepted because the code was tested when it merged into the default branch, and will be tested again in the release branch prior to tagging.
However, if anybody feels that the MR requires further scrutiny -- whether because it had conflicts in the cherry-picking, it interfaces with some drastically altered logic between the branches, or any other reason -- we can run the pipeline here prior to merging.
#### If There's Reason to Run a Pipeline
If you want to see a pipeline result before this merges, first add a comment explaining why you'd like to see the pipeline results so the PMC and others know your thinking.
Then, mark the MR as a Draft MR (using the vertical ellipsis above, choose 'Mark as Draft').
This prevents the MR from being approved & merged accidentally by a busy release coordinator who didn't see your comment.
Finally, if you are a maintainer on the project, launch a pipeline on this branch.
Since this branch is a protected branch and the MR has ~no-detached-pipeline set, all integration tests will run and there's no need for any `trusted-*` branches.
[Launch a Pipeline for this Branch](https://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/pipelines/new?ref=cherry-pick-for-464)M21 - Release 0.24David Diederichd.diederich@opengroup.orgChad LeongSrinivasan NarayananDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/465Update pom.xml2023-10-16T08:20:21ZNikhil Singh[MicroSoft]Update pom.xml## All Submissions:
-------------------------------------
* [YES/NO] I have added an explanation of what changes in this merge do and why we should include it?
* [YES/NO] I have updated the documentation accordingly.
* [YES/NO/NA] I have...## All Submissions:
-------------------------------------
* [YES/NO] I have added an explanation of what changes in this merge do and why we should include it?
* [YES/NO] I have updated the documentation accordingly.
* [YES/NO/NA] I have added tests to cover my changes.
* [YES/NO/NA] All new and existing tests passed.
* [YES/NO/NA] My code follows the code style of this project.
* [YES/NO/NA] I ran lint checks locally prior to submission.
## What is the current behavior?
-------------------------------------
<!-- Please describe the current behavior that you are modifying, or link to a relevant issue. -->
Issue: Remember to link the workitem to this pull request.
## What is the new behavior?
-------------------------------------
<!-- Please describe the behavior or changes that are being added by this PR. -->
-
-
-
## Does this introduce a breaking change?
-------------------------------------
- [YES/NO]
<!-- If this introduces a breaking change, please describe the impact and migration path for existing applications below. -->
## Any relevant logs, error output, etc?
-------------------------------------
(If it’s long, please paste to https://ghostbin.com/ and insert the link here.)
## Other information
-------------------------------------
<!-- Any other information that is important to this PR such as screenshots of how the component looks before and after the change. -->Nikhil Singh[MicroSoft]Nikhil Singh[MicroSoft]https://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/464Upgrade First Party Library Dependencies for Release 0.242023-10-19T06:01:14ZDavid Diederichd.diederich@opengroup.orgUpgrade First Party Library Dependencies for Release 0.24This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep the OSDU projects utilizing the latest available code to ensure widespread usage and stability.
However, any...This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep the OSDU projects utilizing the latest available code to ensure widespread usage and stability.
However, any library that is older than the previous release will be left as-is, since the upgrade is likely to be more complicated.
Furthermore, the upgrade should only be merged in the CI pipeline reports success.
If this MR has failed, we can spend a little time investigating to see if a trivial upgrade could achieve compatiblity to the new library.
But significant upgrade efforts should not occur on this MR, as part of the release tagging process.
Instead, significant work should be scheduled for a subsequent milestone.
### Dependency Information Before the Upgrade
```
Branch: master
SHA: fa1b2ad0d0890f3597e1bdfa2bb3f044aecd68ae
Maven: 0.24.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------------------------------- | ---------------- | ------------------------------ |
| core-lib-azure | 0.24.0-rc2 | 0.16.0 |
| core-lib-gc | 0.23.1 | |
| os-core-lib-aws | 0.24.0 | 0.24.0 |
| obm | 0.23.0 | |
| oqm | 0.23.0 | |
| os-core-common | 0.23.3 | 0.24.0, 0.16.0, 0.23.3, 0.23.0 |
| os-core-lib-ibm | 0.23.0 | 0.23.0 |
| osm | 0.23.0 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.14.0, 2.13.4.2 | 2.13.2.2, 2.10.3 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1 | 2.17.2, 2.13.3, 2.11.2 |
| (3rd Party) org.apache.logging.log4j.log4j-core | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-jul | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-slf4j-impl | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1 | 2.17.2, 2.11.2, 2.13.3 |
| (3rd Party) org.yaml.snakeyaml | 2.0 | 1.30, 1.27, 2.0 |
### Dependency Information After the Upgrade
```
Branch: dependency-upgrade
SHA: 4da0c85f4a4712bdb9eb60ef4043d1044bbc767c
Maven: 0.24.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------------------------------- | ---------------- | ---------------------- |
| core-lib-azure | 0.24.0 | 0.16.0 |
| core-lib-gc | 0.24.0 | |
| os-core-lib-aws | 0.24.0 | 0.24.0 |
| obm | 0.24.0 | |
| oqm | 0.24.0 | |
| os-core-common | 0.24.0 | 0.24.0, 0.16.0 |
| os-core-lib-ibm | 0.24.0 | 0.24.0 |
| osm | 0.24.0 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.14.0, 2.13.4.2 | 2.13.2.2, 2.10.3 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1 | 2.17.2, 2.13.3, 2.11.2 |
| (3rd Party) org.apache.logging.log4j.log4j-core | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-jul | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-slf4j-impl | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1 | 2.17.2, 2.11.2, 2.13.3 |
| (3rd Party) org.yaml.snakeyaml | 2.0 | 1.30, 1.27, 2.0 |M21 - Release 0.24https://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/463Update FOSSA NOTICE2023-10-14T00:44:55ZDavid Diederichd.diederich@opengroup.orgUpdate FOSSA NOTICEThis MR updates the attribution file for the project (also known as the `NOTICE` file).
It is important to keep this up to date to satisfy legal requirements of dependency licenses.
We use FOSSA as the tool to scan for and detect these ...This MR updates the attribution file for the project (also known as the `NOTICE` file).
It is important to keep this up to date to satisfy legal requirements of dependency licenses.
We use FOSSA as the tool to scan for and detect these changes.M21 - Release 0.24https://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/462Remove SNAPSHOT dependencies2023-10-13T22:43:32ZDavid Diederichd.diederich@opengroup.orgRemove SNAPSHOT dependenciesThis automated MR removes usage of `SNAPSHOT` versions in the first party library dependencies.
Since `SNAPSHOT` dependencies change frequently -- by their nature -- usage of them across projects is dangerous and should be avoided.
### ...This automated MR removes usage of `SNAPSHOT` versions in the first party library dependencies.
Since `SNAPSHOT` dependencies change frequently -- by their nature -- usage of them across projects is dangerous and should be avoided.
### Dependency Information Before the Upgrade
```
Branch: master
SHA: 00356dafc023a42364d9bed1bb7020fb8d7ff9fe
Maven: 0.24.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------------------------------- | ---------------- | ---------------------- |
| core-lib-azure | 0.24.0-rc2 | 0.16.0 |
| core-lib-gc | 0.23.1 | |
| os-core-lib-aws | 0.24.0-SNAPSHOT | 0.23.0 |
| obm | 0.23.0 | |
| oqm | 0.23.0 | |
| os-core-common | 0.23.3 | 0.23.0, 0.16.0, 0.23.3 |
| os-core-lib-ibm | 0.23.0 | 0.23.0 |
| osm | 0.23.0 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.14.0, 2.13.4.2 | 2.13.2.2, 2.10.3 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1 | 2.17.2, 2.13.3, 2.11.2 |
| (3rd Party) org.apache.logging.log4j.log4j-core | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-jul | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-slf4j-impl | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1 | 2.17.2, 2.11.2, 2.13.3 |
| (3rd Party) org.yaml.snakeyaml | 2.0 | 1.30, 1.27, 2.0 |
### Dependency Information After the Upgrade
```
Branch: dependency-upgrade
SHA: b1d77bcf02281bbfd90a695e8ddaaffe13662a06
Maven: 0.24.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------------------------------- | ---------------- | ------------------------------ |
| core-lib-azure | 0.24.0-rc2 | 0.16.0 |
| core-lib-gc | 0.23.1 | |
| os-core-lib-aws | 0.24.0 | 0.24.0 |
| obm | 0.23.0 | |
| oqm | 0.23.0 | |
| os-core-common | 0.23.3 | 0.24.0, 0.16.0, 0.23.3, 0.23.0 |
| os-core-lib-ibm | 0.23.0 | 0.23.0 |
| osm | 0.23.0 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.14.0, 2.13.4.2 | 2.13.2.2, 2.10.3 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1 | 2.17.2, 2.13.3, 2.11.2 |
| (3rd Party) org.apache.logging.log4j.log4j-core | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-jul | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-slf4j-impl | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1 | 2.17.2, 2.11.2, 2.13.3 |
| (3rd Party) org.yaml.snakeyaml | 2.0 | 1.30, 1.27, 2.0 |M21 - Release 0.24https://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/460[GONRG-7917] added replicas variable in helm2023-10-12T13:22:30ZAleksandr Primachenko [EPAM / GCP][GONRG-7917] added replicas variable in helm## All Submissions:
-------------------------------------
* [YES/NO] I have added an explanation of what changes in this merge do and why we should include it?
* [YES/NO] I have updated the documentation accordingly.
* [YES/NO/NA] I have...## All Submissions:
-------------------------------------
* [YES/NO] I have added an explanation of what changes in this merge do and why we should include it?
* [YES/NO] I have updated the documentation accordingly.
* [YES/NO/NA] I have added tests to cover my changes.
* [YES/NO/NA] All new and existing tests passed.
* [YES/NO/NA] My code follows the code style of this project.
* [YES/NO/NA] I ran lint checks locally prior to submission.
## What is the current behavior?
-------------------------------------
<!-- Please describe the current behavior that you are modifying, or link to a relevant issue. -->
Issue: Remember to link the workitem to this pull request.
## What is the new behavior?
-------------------------------------
<!-- Please describe the behavior or changes that are being added by this PR. -->
-
-
-
## Does this introduce a breaking change?
-------------------------------------
- [YES/NO]
<!-- If this introduces a breaking change, please describe the impact and migration path for existing applications below. -->
## Any relevant logs, error output, etc?
-------------------------------------
(If it’s long, please paste to https://ghostbin.com/ and insert the link here.)
## Other information
-------------------------------------
<!-- Any other information that is important to this PR such as screenshots of how the component looks before and after the change. -->M21 - Release 0.24Aleksandr Primachenko [EPAM / GCP]Aleksandr Primachenko [EPAM / GCP]https://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/458fix plexus version2023-10-12T18:47:17ZNathan Strelserfix plexus version## All Submissions:
-------------------------------------
* [YES/NO] I have added an explanation of what changes in this merge do and why we should include it?
* [YES/NO] I have updated the documentation accordingly.
* [YES/NO/NA] I have...## All Submissions:
-------------------------------------
* [YES/NO] I have added an explanation of what changes in this merge do and why we should include it?
* [YES/NO] I have updated the documentation accordingly.
* [YES/NO/NA] I have added tests to cover my changes.
* [YES/NO/NA] All new and existing tests passed.
* [YES/NO/NA] My code follows the code style of this project.
* [YES/NO/NA] I ran lint checks locally prior to submission.
## What is the current behavior?
-------------------------------------
<!-- Please describe the current behavior that you are modifying, or link to a relevant issue. -->
Issue: Remember to link the workitem to this pull request.
## What is the new behavior?
-------------------------------------
<!-- Please describe the behavior or changes that are being added by this PR. -->
-
-
-
## Does this introduce a breaking change?
-------------------------------------
- [YES/NO]
<!-- If this introduces a breaking change, please describe the impact and migration path for existing applications below. -->
## Any relevant logs, error output, etc?
-------------------------------------
(If it’s long, please paste to https://ghostbin.com/ and insert the link here.)
## Other information
-------------------------------------
<!-- Any other information that is important to this PR such as screenshots of how the component looks before and after the change. -->Nathan StrelserNathan Strelserhttps://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/457merge code to gitlab2023-10-12T10:18:01ZYunhua Koglinmerge code to gitlab## All Submissions:
-------------------------------------
* [YES] I have added an explanation of what changes in this merge do and why we should include it?
* [YES] I have updated the documentation accordingly.
* [YES] I have added tests...## All Submissions:
-------------------------------------
* [YES] I have added an explanation of what changes in this merge do and why we should include it?
* [YES] I have updated the documentation accordingly.
* [YES] I have added tests to cover my changes.
* [YES] All new and existing tests passed.
* [YES] My code follows the code style of this project.
* [YES] I ran lint checks locally prior to submission.
## What is the current behavior?
-------------------------------------
<!-- Please describe the current behavior that you are modifying, or link to a relevant issue. -->
add unit tests for aws
## What is the new behavior?
-------------------------------------
<!-- Please describe the behavior or changes that are being added by this PR. -->
-
-
-
## Does this introduce a breaking change?
-------------------------------------
- [YES/NO]
<!-- If this introduces a breaking change, please describe the impact and migration path for existing applications below. -->
## Any relevant logs, error output, etc?
-------------------------------------
(If it’s long, please paste to https://ghostbin.com/ and insert the link here.)
## Other information
-------------------------------------
<!-- Any other information that is important to this PR such as screenshots of how the component looks before and after the change. -->M21 - Release 0.24Yunhua KoglinDerek HudsonYunhua Koglinhttps://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/455Legal community implementation plus Pluggable Drivers2023-10-18T11:52:25ZRustam Lotsmanenko (EPAM)rustam_lotsmanenko@epam.comLegal community implementation plus Pluggable Drivers# Description:
Link to story: https://gitlab.opengroup.org/osdu/pmc/community-implementation/-/issues/25 <br/>
More details about the solution: https://community.opengroup.org/osdu/documentation/-/wikis/Pluggable-approach-for-Mappers-and...# Description:
Link to story: https://gitlab.opengroup.org/osdu/pmc/community-implementation/-/issues/25 <br/>
More details about the solution: https://community.opengroup.org/osdu/documentation/-/wikis/Pluggable-approach-for-Mappers-and-Drivers
As a part of the community implementation solution Legal-GC module was refactored to the Legal-Core-Plus module, in addition new pluggable approach for Drivers was used.
## What is the current behavior?
- We do not have the core-plus module.
- Drivers not pluggable, all dependencies bounded during the compile step.
## What is the new behavior?
- We have the core-plus module.
- Drivers are pluggable and could be attached to service during image build, not compile.
Key components of pluggable configuration:
1. Add spring boot loader to service dependencies to **core-plus** service pom.xml, in this MR this dependency was added to **legal-core-plus pom.xml**
~~~
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-loader</artifactId>
<version>2.7.15</version>
</dependency>
~~~
2. Update service configuration to use Properties launcher from spring boot loader as the main class, in the same **legal-core-plus pom.xml**:
~~~
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
...
<configuration>
<classifier>spring-boot</classifier>
<mainClass>
org.springframework.boot.loader.PropertiesLauncher
</mainClass>
</configuration>
...
~~~
2. Download plugin artifacts(jar files) before building a Docker image or running it locally. The location could be any, the only requirement is to be accessible for running env or Docker image build:
~~~
- mvn dependency:copy -DrepoUrl=$OSM_PACKAGE_REGISTRY_URL -Dartifact="org.opengroup.osdu:os-osm-postgres:$OSM_VERSION:jar:plugin" -Dtransitive=false -DoutputDirectory="./tmp"
- mvn dependency:copy -DrepoUrl=$OBM_PACKAGE_REGISTRY_URL -Dartifact="org.opengroup.osdu:os-obm-minio:$OBM_VERSION:jar:plugin" -Dtransitive=false -DoutputDirectory="./tmp"
- mvn dependency:copy -DrepoUrl=$OQM_PACKAGE_REGISRTY_URL -Dartifact="org.opengroup.osdu:os-oqm-rabbitmq:$OQM_VERSION:jar:plugin" -Dtransitive=false -DoutputDirectory="./tmp"
~~~
3. Copy plugin jars into the Docker image:
~~~
COPY tmp/os-oqm-rabbitmq-*.jar plugins/oqm-rabbitmq.jar
COPY tmp/os-obm-minio-*.jar plugins/osm-minio.jar
COPY tmp/os-osm-postgres-*.jar plugins/osm-postgres.jar
~~~
4. Bundle service with plugins using run args, point to the directory with plugins, and point to the original main class:
~~~
java ...
...
-Dloader.path=plugins/ \
-Dloader.main=org.opengroup.osdu.legal.LegalApplication \
-jar /app/legal-${PROVIDER_NAME}.jar
~~~
5. Args could be provided as IDE configuration if running locally, it should be an absolute path then.
~~~
<option name="VM_PARAMETERS" value="-Dloader.path=/Users/projects/Legal/plugin-download-path... -Dloader.debug=true -Dloader.main=org.opengroup.osdu.legal.LegalApplication --add-opens java.base/java.lang=ALL-UNNAMED --add-opens java.base/java.lang.reflect=ALL-UNNAMED" />
~~~
# How to test:
Via integration tests.
# Changes include:
- [x] Refactor (a non-breaking change that improves code maintainability).
- [ ] Bugfix (a non-breaking change that solves an issue).
- [x] New feature (a non-breaking change that adds functionality).
- [ ] Breaking change (a change that is not backward-compatible and/or changes current functionality).
# Changes in:
- [x] Common code
# Dev Checklist:
- [ ] Added Unit Tests, wherever applicable.
- [x] Updated the Readme, if applicable.
- [x] Existing Tests pass
- [x] Verified functionality locally
- [x] Self Reviewed my code for formatting and complex business logic.
# Other comments:
Any comments to approvers hereM22 - Release 0.25Rustam Lotsmanenko (EPAM)rustam_lotsmanenko@epam.comRustam Lotsmanenko (EPAM)rustam_lotsmanenko@epam.comhttps://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/454Fixed endpoint 'api/legal/v1/legaltags/id' (GONRG-7836)2024-01-25T11:41:54ZRiabokon Stanislav(EPAM)[GCP]Fixed endpoint 'api/legal/v1/legaltags/id' (GONRG-7836)## Type of change
- [X] Bug Fix
- [ ] Feature
https://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/issues/50
## Does this introduce a change in the core logic?
- [YES]
## Does this introduce a change in the c...## Type of change
- [X] Bug Fix
- [ ] Feature
https://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/issues/50
## Does this introduce a change in the core logic?
- [YES]
## Does this introduce a change in the cloud provider implementation, if so which cloud?
- [x] AWS
- [x] Azure
- [x] GCP
- [x] IBM
- [x] Common Code
## Does this introduce a breaking change?
- [YES]M21 - Release 0.24Riabokon Stanislav(EPAM)[GCP]Riabokon Stanislav(EPAM)[GCP]https://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/453Full Upgrade of First Party Library Dependencies2023-10-03T14:55:58ZChad LeongFull Upgrade of First Party Library DependenciesThis generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep all dependent libraries up to date.
This upgrade can be merged immediately without further approval if the C...This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep all dependent libraries up to date.
This upgrade can be merged immediately without further approval if the CI pipeline reports success.
If this MR has failed, we need to work with the maintainers and affected provider teams to find a solution.
### Dependency Information Before the Upgrade
```
Branch: master
SHA: 61ac1c717995e74327c5ccaf71a31067062648b0
Maven: 0.24.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------------------------------- | ---------------- | ---------------------- |
| core-lib-azure | 0.24.0-rc2 | 0.16.0 |
| core-lib-gc | 0.23.0 | |
| os-core-lib-aws | 0.23.0 | 0.23.0 |
| obm | 0.23.0 | |
| oqm | 0.23.0 | |
| os-core-common | 0.23.1 | 0.23.0, 0.16.0, 0.23.1 |
| os-core-lib-ibm | 0.17.0-rc4 | 0.16.0 |
| osm | 0.23.0 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.14.0, 2.13.4.2 | 2.13.2.2, 2.10.3 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1 | 2.17.2, 2.13.3, 2.11.2 |
| (3rd Party) org.apache.logging.log4j.log4j-core | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-jul | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-slf4j-impl | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1 | 2.17.2, 2.11.2, 2.13.3 |
| (3rd Party) org.yaml.snakeyaml | 2.0 | 1.30, 1.27 |
### Dependency Information After the Upgrade
```
Branch: dependency-upgrade-3
SHA: 84e598dcf21091ebfa8979775e85e2220a27bde2
Maven: 0.24.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------------------------------- | ---------------- | ---------------------- |
| core-lib-azure | 0.24.0-rc2 | 0.16.0 |
| core-lib-gc | 0.23.1 | |
| os-core-lib-aws | 0.23.0 | 0.23.0 |
| obm | 0.23.0 | |
| oqm | 0.23.0 | |
| os-core-common | 0.23.3 | 0.23.0, 0.16.0, 0.23.3 |
| os-core-lib-ibm | 0.23.0 | 0.23.0 |
| osm | 0.23.0 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.14.0, 2.13.4.2 | 2.13.2.2, 2.10.3 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1 | 2.17.2, 2.13.3, 2.11.2 |
| (3rd Party) org.apache.logging.log4j.log4j-core | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-jul | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-slf4j-impl | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1 | 2.17.2, 2.11.2, 2.13.3 |
| (3rd Party) org.yaml.snakeyaml | 2.0 | 1.30, 1.27, 2.0 |M21 - Release 0.24https://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/452Gonrg 7828 add healthcheck for legal service2023-10-03T08:29:33ZSiarhei Poliak [EPAM / GCP]Gonrg 7828 add healthcheck for legal service## All Submissions:
-------------------------------------
* [YES] I have added an explanation of what changes in this merge do and why we should include it?
* [NO] I have updated the documentation accordingly.
* [YES] I have added tests ...## All Submissions:
-------------------------------------
* [YES] I have added an explanation of what changes in this merge do and why we should include it?
* [NO] I have updated the documentation accordingly.
* [YES] I have added tests to cover my changes.
* [YES] All new and existing tests passed.
* [YES] My code follows the code style of this project.
* [NA] I ran lint checks locally prior to submission.
## What is the current behavior?
-------------------------------------
<!-- Please describe the current behavior that you are modifying, or link to a relevant issue. -->
Issue: Remember to link the workitem to this pull request.
There is no health check
## What is the new behavior?
-------------------------------------
<!-- Please describe the behavior or changes that are being added by this PR. -->
- add `livenessCheck` in Deployment
-
-
## Does this introduce a breaking change?
-------------------------------------
- [NO]
<!-- If this introduces a breaking change, please describe the impact and migration path for existing applications below. -->
## Any relevant logs, error output, etc?
-------------------------------------
(If it’s long, please paste to https://ghostbin.com/ and insert the link here.)
## Other information
-------------------------------------
<!-- Any other information that is important to this PR such as screenshots of how the component looks before and after the change. -->M21 - Release 0.24https://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/451Refactored POM for fixing vulnerabilities.2023-09-27T20:23:47ZMarija DukicRefactored POM for fixing vulnerabilities.This change will bring in the vulnerability fixes to bring M18 into compliance.This change will bring in the vulnerability fixes to bring M18 into compliance.Marija DukicMarija Dukichttps://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/450Remediate [guava,netty-handler,woodstox-core] dependencies vulnerabilities an...2023-09-27T10:49:11ZThulasi Dass SubramanianRemediate [guava,netty-handler,woodstox-core] dependencies vulnerabilities and cleanup 'documentdb-bulkexecutor'# Change details
* excluded unused dependency `documentdb-bulkexecutor`
* upgrade `io.netty:netty-bom` version to `4.1.98.Final`
* upgrade `woodstox-core` to `6.4.0`
# Changes in:
* [ ] GCP
* [x] Azure
* [ ] AWS
* [ ] IBM# Change details
* excluded unused dependency `documentdb-bulkexecutor`
* upgrade `io.netty:netty-bom` version to `4.1.98.Final`
* upgrade `woodstox-core` to `6.4.0`
# Changes in:
* [ ] GCP
* [x] Azure
* [ ] AWS
* [ ] IBMM21 - Release 0.24Thulasi Dass SubramanianThulasi Dass Subramanian