Partition merge requestshttps://community.opengroup.org/osdu/platform/system/partition/-/merge_requests2024-03-27T14:05:47Zhttps://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/534AWS - Define the log level for http.wire to avoid logging of credentials in t...2024-03-27T14:05:47ZGuillaume CailletAWS - Define the log level for http.wire to avoid logging of credentials in the Pipeline logs## Type of change
- [X] Bug Fix
- [ ] Feature
**Please provide link to gitlab issue or ADR(Architecture Decision Record)**
## Does this introduce a change in the core logic?
- [NO]
## Does this introduce a change in the cloud provi...## Type of change
- [X] Bug Fix
- [ ] Feature
**Please provide link to gitlab issue or ADR(Architecture Decision Record)**
## Does this introduce a change in the core logic?
- [NO]
## Does this introduce a change in the cloud provider implementation, if so which cloud?
- [X] AWS
- [ ] Azure
- [ ] Google Cloud
- [ ] IBM
## Does this introduce a breaking change?
- [NO]
## What is the current behavior?
## What is the new/expected behavior?
AWS Change only.
Integrations tests logs are too verbose and dump the raw http requests, with their payload.
This could lead to leaked credentials.M23 - Release 0.26Guillaume CailletGuillaume Caillethttps://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/530disable mongodb on aws2024-03-18T14:53:14ZYunhua Koglindisable mongodb on awsM23 - Release 0.26Yunhua KoglinYunhua Koglinhttps://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/520Fix code smell : fix potential null pointer exception2024-03-04T18:13:26ZSolomon AyalewFix code smell : fix potential null pointer exceptionM23 - Release 0.26https://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/516Update os-core-lib-aws2024-03-19T17:12:08ZRucha DeshpandeUpdate os-core-lib-awsUpdate os-core-lib-awsUpdate os-core-lib-awsM23 - Release 0.26https://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/502Cherry-pick 'Full Upgrade of First Party Library Dependencies for Release 0.2...2023-12-16T10:25:20ZDavid Diederichd.diederich@opengroup.orgCherry-pick 'Full Upgrade of First Party Library Dependencies for Release 0.25' into release/0.25**Original MR**: !500
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporati...**Original MR**: !500
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporating all changes in the default branch.
These MRs must be approved by the PMC before they are merged, since they alter the scope of the release.
To see more details about the change itself, look at the Original MR listed above.
#### Skipped Pipeline
Normally, pipelines are not executed on the cherry pick branch/MR prior to merging.
This optimization is accepted because the code was tested when it merged into the default branch, and will be tested again in the release branch prior to tagging.
However, if anybody feels that the MR requires further scrutiny -- whether because it had conflicts in the cherry-picking, it interfaces with some drastically altered logic between the branches, or any other reason -- we can run the pipeline here prior to merging.
#### If There's Reason to Run a Pipeline
If you want to see a pipeline result before this merges, first add a comment explaining why you'd like to see the pipeline results so the PMC and others know your thinking.
Then, mark the MR as a Draft MR (using the vertical ellipsis above, choose 'Mark as Draft').
This prevents the MR from being approved & merged accidentally by a busy release coordinator who didn't see your comment.
Finally, if you are a maintainer on the project, launch a pipeline on this branch.
Since this branch is a protected branch and the MR has ~no-detached-pipeline set, all integration tests will run and there's no need for any `trusted-*` branches.
[Launch a Pipeline for this Branch](https://community.opengroup.org/osdu/platform/system/partition/-/pipelines/new?ref=cherry-pick-for-500)M22 - Release 0.25David Diederichd.diederich@opengroup.orgChad LeongSrinivasan NarayananDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/500Full Upgrade of First Party Library Dependencies for Release 0.252023-12-15T19:39:14ZDavid Diederichd.diederich@opengroup.orgFull Upgrade of First Party Library Dependencies for Release 0.25This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to try to fully upgrade all dependent libraries to see if the latest code will work.
It is expected that these will ...This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to try to fully upgrade all dependent libraries to see if the latest code will work.
It is expected that these will often fail, since the upgrades were previously rejected for failing pipelines and have not been directly addressed yet.
This upgrade should only be merged in the CI pipeline reports success.
If this MR has failed, we can spend a little time investigating to see if a trivial upgrade could achieve compatiblity to the new library.
But significant upgrade efforts should not occur on this MR, as part of the release tagging process.
Instead, significant work should be scheduled for a subsequent milestone.
This MR may co-exist with a separate, smaller upgrade MR.
If both pass, this one should be used instead.
### Dependency Information Before the Upgrade
```
Branch: master
SHA: 69782ed1c7a0d25c7b894686e4444686b04f41e4
Maven: 0.26.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| --------------------------------------------------- | -------------- | -------------- |
| core-lib-azure | 0.25.0-rc2 | |
| core-lib-gc | 0.24.0 | 0.24.0 |
| os-core-lib-aws | 0.25.0-rc3 | 0.25.0-rc3 |
| os-core-common | 0.25.0-rc2 | 0.24.0 |
| os-core-lib-ibm | 0.24.0 | 0.24.0 |
| os-osm-core | 0.25.0-rc2 | |
| osm | 0.24.0 | |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1, 2.17.2 | 2.17.2, 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1, 2.17.2 | 2.17.2, 2.13.3 |
| (3rd Party) org.yaml.snakeyaml | 2.0 | 1.30, 2.0 |
### Dependency Information After the Upgrade
```
Branch: dependency-upgrade
SHA: 70ab71deaf4cc479921c75061493c3e3aa0ea65e
Maven: 0.26.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| --------------------------------------------------- | -------------- | -------------- |
| core-lib-azure | 0.25.0 | |
| core-lib-gc | 0.25.0 | 0.25.0 |
| os-core-lib-aws | 0.25.0 | 0.25.0 |
| os-core-common | 0.25.0 | 0.25.0 |
| os-core-lib-ibm | 0.25.0 | 0.25.0 |
| osm | 0.25.0 | |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1, 2.17.2 | 2.17.2, 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1, 2.17.2 | 2.17.2, 2.13.3 |
| (3rd Party) org.yaml.snakeyaml | 2.0 | 1.30, 2.0 |M22 - Release 0.25https://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/499Cherry-pick '[MSCOSDU-1865] fix: Upgrade json,netty-http, reactor-netty-http'...2023-12-12T19:24:15ZDavid Diederichd.diederich@opengroup.orgCherry-pick '[MSCOSDU-1865] fix: Upgrade json,netty-http, reactor-netty-http' into release/0.25**Original MR**: !498
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporati...**Original MR**: !498
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporating all changes in the default branch.
These MRs must be approved by the PMC before they are merged, since they alter the scope of the release.
To see more details about the change itself, look at the Original MR listed above.
#### Skipped Pipeline
Normally, pipelines are not executed on the cherry pick branch/MR prior to merging.
This optimization is accepted because the code was tested when it merged into the default branch, and will be tested again in the release branch prior to tagging.
However, if anybody feels that the MR requires further scrutiny -- whether because it had conflicts in the cherry-picking, it interfaces with some drastically altered logic between the branches, or any other reason -- we can run the pipeline here prior to merging.
#### If There's Reason to Run a Pipeline
If you want to see a pipeline result before this merges, first add a comment explaining why you'd like to see the pipeline results so the PMC and others know your thinking.
Then, mark the MR as a Draft MR (using the vertical ellipsis above, choose 'Mark as Draft').
This prevents the MR from being approved & merged accidentally by a busy release coordinator who didn't see your comment.
Finally, if you are a maintainer on the project, launch a pipeline on this branch.
Since this branch is a protected branch and the MR has ~no-detached-pipeline set, all integration tests will run and there's no need for any `trusted-*` branches.
[Launch a Pipeline for this Branch](https://community.opengroup.org/osdu/platform/system/partition/-/pipelines/new?ref=cherry-pick-for-498)M22 - Release 0.25David Diederichd.diederich@opengroup.orgChad LeongSrinivasan NarayananDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/498[MSCOSDU-1865] fix: Upgrade json,netty-http, reactor-netty-http2023-12-12T17:30:06ZThulasi Dass Subramanian[MSCOSDU-1865] fix: Upgrade json,netty-http, reactor-netty-http# Change details
#### For Azure only
* upgraded `core-lib-azure` to `0.25.0-rc2` to remediate `org.json:json` vulnerability
* upgrade `reactor-netty-http` version to `1.1.13`
#### For Common Core
* upgrade `io.netty:netty-bom` version to...# Change details
#### For Azure only
* upgraded `core-lib-azure` to `0.25.0-rc2` to remediate `org.json:json` vulnerability
* upgrade `reactor-netty-http` version to `1.1.13`
#### For Common Core
* upgrade `io.netty:netty-bom` version to `4.1.101.Final`
* upgrade `snakeyaml` version to `2.0`
# Changes in:
* [x] GCP
* [x] Azure
* [x] AWS
* [x] IBMM22 - Release 0.25Thulasi Dass SubramanianThulasi Dass Subramanianhttps://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/494update os-core-lib version2023-12-05T23:46:21ZYunhua Koglinupdate os-core-lib versionAdded in a lot of AWS CSP-specific Unit Testing, enabled Unit Testing for AWS and Core, and fixed a failing Core Unit Test.Added in a lot of AWS CSP-specific Unit Testing, enabled Unit Testing for AWS and Core, and fixed a failing Core Unit Test.M22 - Release 0.25Yunhua KoglinYunhua Koglinhttps://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/487Update os-core-common version2023-11-29T16:59:58ZSolomon AyalewUpdate os-core-common version* Update dependency versions to mitigate vulnerabilities
* Consume the latest version of os-core-common which uses Spring-boot version 2.7.17
* Cleanup duplicate version numbers declared in pom file dependencies
* Remove version numbers ...* Update dependency versions to mitigate vulnerabilities
* Consume the latest version of os-core-common which uses Spring-boot version 2.7.17
* Cleanup duplicate version numbers declared in pom file dependencies
* Remove version numbers defined that downgrade the default version in pom file dependenciesM22 - Release 0.25https://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/486WIP AWS - Merge from dev2023-11-27T19:21:38ZGuillaume CailletWIP AWS - Merge from devMostly AWS change.
The only common change is an upgrade on the `spring-webmvc` and `openapi` version to fix some CVEs.
Remaining changes:
- Add/update missing License headers on AWS files
- Upgrade several libraries used in AWS to solve...Mostly AWS change.
The only common change is an upgrade on the `spring-webmvc` and `openapi` version to fix some CVEs.
Remaining changes:
- Add/update missing License headers on AWS files
- Upgrade several libraries used in AWS to solve CVE
- Add additional AWS integration testsM22 - Release 0.25Guillaume CailletGuillaume Caillethttps://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/478Add healthcheck for partition service (GONRG-7908)2023-11-10T10:37:43ZRiabokon Stanislav(EPAM)[GCP]Add healthcheck for partition service (GONRG-7908)## Type of change
- [X] Bug Fix
- [ ] Feature
https://community.opengroup.org/osdu/platform/system/partition/-/issues/35
## Does this introduce a change in the core logic?
- [YES]
## Does this introduce a change in the cloud provider...## Type of change
- [X] Bug Fix
- [ ] Feature
https://community.opengroup.org/osdu/platform/system/partition/-/issues/35
## Does this introduce a change in the core logic?
- [YES]
## Does this introduce a change in the cloud provider implementation, if so which cloud?
- [x] AWS
- [x] Azure
- [x] Google Cloud
- [x] IBM
## Does this introduce a breaking change?
- [NO]
## What is the current behavior?
## What is the new/expected behavior?
Added /liveness_check. Added int tests. Updated swagger doc.
## Have you added/updated Unit Tests and Integration Tests?
YESM22 - Release 0.25Riabokon Stanislav(EPAM)[GCP]Riabokon Stanislav(EPAM)[GCP]https://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/471Cherry-pick 'Upgrade First Party Library Dependencies for Release 0.24' into ...2023-10-19T06:31:20ZSrinivasan NarayananCherry-pick 'Upgrade First Party Library Dependencies for Release 0.24' into release/0.24**Original MR**: !464
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporati...**Original MR**: !464
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporating all changes in the default branch.
These MRs must be approved by the PMC before they are merged, since they alter the scope of the release.
To see more details about the change itself, look at the Original MR listed above.
#### Skipped Pipeline
Normally, pipelines are not executed on the cherry pick branch/MR prior to merging.
This optimization is accepted because the code was tested when it merged into the default branch, and will be tested again in the release branch prior to tagging.
However, if anybody feels that the MR requires further scrutiny -- whether because it had conflicts in the cherry-picking, it interfaces with some drastically altered logic between the branches, or any other reason -- we can run the pipeline here prior to merging.
#### If There's Reason to Run a Pipeline
If you want to see a pipeline result before this merges, first add a comment explaining why you'd like to see the pipeline results so the PMC and others know your thinking.
Then, mark the MR as a Draft MR (using the vertical ellipsis above, choose 'Mark as Draft').
This prevents the MR from being approved & merged accidentally by a busy release coordinator who didn't see your comment.
Finally, if you are a maintainer on the project, launch a pipeline on this branch.
Since this branch is a protected branch and the MR has ~no-detached-pipeline set, all integration tests will run and there's no need for any `trusted-*` branches.
[Launch a Pipeline for this Branch](https://community.opengroup.org/osdu/platform/system/partition/-/pipelines/new?ref=cherry-pick-for-464)M21 - Release 0.24David Diederichd.diederich@opengroup.orgChad LeongSrinivasan NarayananDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/464Upgrade First Party Library Dependencies for Release 0.242023-10-19T05:59:51ZDavid Diederichd.diederich@opengroup.orgUpgrade First Party Library Dependencies for Release 0.24This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep the OSDU projects utilizing the latest available code to ensure widespread usage and stability.
However, any...This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep the OSDU projects utilizing the latest available code to ensure widespread usage and stability.
However, any library that is older than the previous release will be left as-is, since the upgrade is likely to be more complicated.
Furthermore, the upgrade should only be merged in the CI pipeline reports success.
If this MR has failed, we can spend a little time investigating to see if a trivial upgrade could achieve compatiblity to the new library.
But significant upgrade efforts should not occur on this MR, as part of the release tagging process.
Instead, significant work should be scheduled for a subsequent milestone.
### Dependency Information Before the Upgrade
```
Branch: master
SHA: 673927187d8265c475aa1d02970c417ed8dcf69f
Maven: 0.24.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| --------------------------------------------------- | --------------- | -------------- |
| core-lib-azure | 0.23.2 | |
| core-lib-gc | 0.23.1 | 0.23.1 |
| os-core-lib-aws | 0.23.0 | 0.23.0 |
| os-core-common | 0.23.3 | 0.23.0, 0.23.3 |
| os-core-lib-ibm | 0.23.0 | 0.23.0 |
| core | 0.24.0-rc7 | |
| postgres | 0.24.0-rc7 | |
| osm | 0.23.0 | |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1, 2.17.2 | 2.17.2, 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1, 2.17.2 | 2.17.2, 2.13.3 |
| (3rd Party) org.yaml.snakeyaml | 2.0, 1.33, 1.30 | 1.30, 2.0 |
```
Critical: Found Vulnerable Snake YAML dependency (<2.0)
├─ _Root_
│ ├─ org.opengroup.osdu.partition-ibm == 0.24.0-SNAPSHOT
│ │ └─ org.yaml.snakeyaml == 1.33
│ ├─ org.opengroup.osdu.partition-gc == 0.24.0-SNAPSHOT
│ │ └─ org.springframework.boot.spring-boot-starter-security == 2.7.10
│ │ └─ org.springframework.boot.spring-boot-starter == 2.7.10
│ │ └─ org.yaml.snakeyaml == 1.30
│ └─ org.opengroup.osdu.partition-core-plus == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.os-osm.postgres == 0.24.0-rc7
│ └─ org.springframework.boot.spring-boot-starter-web == 2.7.10
│ └─ org.springframework.boot.spring-boot-starter == 2.7.10
│ └─ org.yaml.snakeyaml == 1.30
└─ testing/
├─ org.opengroup.osdu.partition.partition-test-aws == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.core.aws.os-core-lib-aws == 0.23.0
│ └─ org.springframework.boot.spring-boot-starter-web == 2.7.7
│ └─ org.springframework.boot.spring-boot-starter == 2.7.7
│ └─ org.yaml.snakeyaml == 1.30
└─ org.opengroup.osdu.partition.partition-test-gc == 0.24.0-SNAPSHOT
└─ org.opengroup.osdu.core-lib-gc == 0.23.1
└─ org.opengroup.osdu.os-core-common == 0.23.3
└─ org.springframework.boot.spring-boot-starter-web == 2.7.7
└─ org.springframework.boot.spring-boot-starter == 2.7.7
└─ org.yaml.snakeyaml == 1.30
```
### Dependency Information After the Upgrade
```
Branch: dependency-upgrade
SHA: e581f161ee987adc0c1e91e8c9dcc50c45ae185a
Maven: 0.24.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| --------------------------------------------------- | --------------- | -------------- |
| core-lib-azure | 0.24.0 | |
| core-lib-gc | 0.24.0 | 0.24.0 |
| os-core-lib-aws | 0.24.0 | 0.24.0 |
| os-core-common | 0.24.0 | 0.24.0 |
| os-core-lib-ibm | 0.24.0 | 0.24.0 |
| postgres | 0.24.0 | |
| osm | 0.24.0 | |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1, 2.17.2 | 2.17.2, 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1, 2.17.2 | 2.17.2, 2.13.3 |
| (3rd Party) org.yaml.snakeyaml | 2.0, 1.33, 1.30 | 1.30, 2.0 |
```
Critical: Found Vulnerable Snake YAML dependency (<2.0)
├─ _Root_
│ ├─ org.opengroup.osdu.partition-ibm == 0.24.0-SNAPSHOT
│ │ └─ org.yaml.snakeyaml == 1.33
│ ├─ org.opengroup.osdu.partition-gc == 0.24.0-SNAPSHOT
│ │ └─ org.springframework.boot.spring-boot-starter-security == 2.7.10
│ │ └─ org.springframework.boot.spring-boot-starter == 2.7.10
│ │ └─ org.yaml.snakeyaml == 1.30
│ └─ org.opengroup.osdu.partition-core-plus == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.partition-core == 0.24.0-SNAPSHOT
│ └─ org.springframework.boot.spring-boot-starter-web == 2.7.10
│ └─ org.springframework.boot.spring-boot-starter == 2.7.10
│ └─ org.yaml.snakeyaml == 1.30
└─ testing/
├─ org.opengroup.osdu.partition.partition-test-aws == 0.24.0-SNAPSHOT
│ └─ org.opengroup.osdu.core.aws.os-core-lib-aws == 0.24.0
│ └─ org.springframework.boot.spring-boot-starter-web == 2.7.7
│ └─ org.springframework.boot.spring-boot-starter == 2.7.7
│ └─ org.yaml.snakeyaml == 1.30
└─ org.opengroup.osdu.partition.partition-test-gc == 0.24.0-SNAPSHOT
└─ org.opengroup.osdu.core-lib-gc == 0.24.0
└─ org.opengroup.osdu.os-core-common == 0.24.0
└─ org.springframework.boot.spring-boot-starter-web == 2.7.7
└─ org.springframework.boot.spring-boot-starter == 2.7.7
└─ org.yaml.snakeyaml == 1.30
```M21 - Release 0.24https://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/460add unit tests2023-10-12T10:21:06ZYunhua Koglinadd unit testsadd unit tests for aws implementationadd unit tests for aws implementationM21 - Release 0.24Yunhua KoglinDerek HudsonYunhua Koglinhttps://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/425AWS Merge Dev Into Master2023-08-18T19:51:08ZGuillaume CailletAWS Merge Dev Into MasterM20 - Release 0.23Guillaume CailletGuillaume Caillethttps://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/417Fix MongoDB java17 tests2023-07-20T14:11:52ZAleh Shubko [EPAM]Fix MongoDB java17 testsFix test running image for java 17Fix test running image for java 17M20 - Release 0.23Aleh Shubko [EPAM]Aleh Shubko [EPAM]https://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/416MongoDB add ci-cd2023-07-19T15:36:00ZAleh Shubko [EPAM]MongoDB add ci-cdAdd ci-cd for MongoDB envAdd ci-cd for MongoDB envM20 - Release 0.23Madalyn MarabellaMadalyn Marabellahttps://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/411aws-sync-dev-to-master2023-07-06T14:30:15ZLong Chengaws-sync-dev-to-masteradding useragent changesadding useragent changesM19 - Release 0.22Long ChengLong Chenghttps://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/394Fixing variable for aws2023-05-19T21:55:29ZAbhay JoshiFixing variable for aws(cherry picked from commit ace3bd26f255cd6e82c012e6f06bf991ae0de13d)(cherry picked from commit ace3bd26f255cd6e82c012e6f06bf991ae0de13d)M18 - Release 0.21Abhay JoshiYong ZengMadalyn MarabellaAbhay Joshi