CRS Catalog merge requestshttps://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/merge_requests2023-05-12T16:33:50Zhttps://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/merge_requests/272Merge useragent changes2023-05-12T16:33:50ZMadalyn MarabellaMerge useragent changesadding useragent changesadding useragent changesM18 - Release 0.21Madalyn MarabellaMadalyn Marabellahttps://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/merge_requests/302jackson databind upgrade2023-10-09T06:18:49Zsagar thapajackson databind upgrade# Issue links:
https://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/security/vulnerabilities/24305 - AWS
https://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/security/vulne...# Issue links:
https://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/security/vulnerabilities/24305 - AWS
https://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/security/vulnerabilities/24310 - AWS
https://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/security/vulnerabilities/24316 - Azure
https://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/security/vulnerabilities/24313 - Azure
https://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/security/vulnerabilities/26286 - Google Cloud
https://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/security/vulnerabilities/26268 - Google Cloud
https://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/security/vulnerabilities/24311 - IBM
https://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/security/vulnerabilities/24309 - IBM
## jackson-databind upgrade affects following cloud provider.
- [x] AWS
- [x] Azure
- [x] Google Cloud
- [x] IBMThulasi Dass SubramanianThulasi Dass Subramanianhttps://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/merge_requests/342Fix integration tests when existing records are in the system2024-02-09T16:11:07ZGuillaume CailletFix integration tests when existing records are in the systemFix the failing tests on AWS master: https://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/pipelines/241629
The common code for 2 tests was always checking **only** the first record, but if there was pre-e...Fix the failing tests on AWS master: https://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/pipelines/241629
The common code for 2 tests was always checking **only** the first record, but if there was pre-existing data in the system, there would be more data sent by the CRS API.M23 - Release 0.26Guillaume CailletGuillaume Caillethttps://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/merge_requests/341Use query by cursor in integration tests to fix issue when more than 1000 rec...2024-02-07T13:18:11ZGuillaume CailletUse query by cursor in integration tests to fix issue when more than 1000 records are in the systemThis fix #83
Please note that AWS tests are still failing, but this is a pre-requisite.This fix #83
Please note that AWS tests are still failing, but this is a pre-requisite.M23 - Release 0.26Guillaume CailletGuillaume Caillethttps://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/merge_requests/340Upgrade to Java 172024-01-25T13:47:34ZSolomon AyalewUpgrade to Java 17Upgrade to Java 17Upgrade to Java 17M23 - Release 0.26https://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/merge_requests/332Cherry-pick '[MSCOSDU-1927] fix: Upgrade spring-security-bom version' into re...2023-12-19T10:30:56ZChad LeongCherry-pick '[MSCOSDU-1927] fix: Upgrade spring-security-bom version' into release/0.25**Original MR**: !331
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporati...**Original MR**: !331
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporating all changes in the default branch.
These MRs must be approved by the PMC before they are merged, since they alter the scope of the release.
To see more details about the change itself, look at the Original MR listed above.
#### Skipped Pipeline
Normally, pipelines are not executed on the cherry pick branch/MR prior to merging.
This optimization is accepted because the code was tested when it merged into the default branch, and will be tested again in the release branch prior to tagging.
However, if anybody feels that the MR requires further scrutiny -- whether because it had conflicts in the cherry-picking, it interfaces with some drastically altered logic between the branches, or any other reason -- we can run the pipeline here prior to merging.
#### If There's Reason to Run a Pipeline
If you want to see a pipeline result before this merges, first add a comment explaining why you'd like to see the pipeline results so the PMC and others know your thinking.
Then, mark the MR as a Draft MR (using the vertical ellipsis above, choose 'Mark as Draft').
This prevents the MR from being approved & merged accidentally by a busy release coordinator who didn't see your comment.
Finally, if you are a maintainer on the project, launch a pipeline on this branch.
Since this branch is a protected branch and the MR has ~no-detached-pipeline set, all integration tests will run and there's no need for any `trusted-*` branches.
[Launch a Pipeline for this Branch](https://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/pipelines/new?ref=cherry-pick-for-331)M22 - Release 0.25David Diederichd.diederich@opengroup.orgChad LeongSrinivasan NarayananDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/merge_requests/331[MSCOSDU-1927] fix: Upgrade spring-security-bom version2023-12-19T09:53:49ZThulasi Dass Subramanian[MSCOSDU-1927] fix: Upgrade spring-security-bom version## Details
* Issue Reference: https://community.opengroup.org/osdu/platform/security-and-compliance/home/-/issues/185
* Fix CVE-2023-34034
* Upgrade `spring-security-core`, `spring-security-config` related dependencies to `5.8.8` version...## Details
* Issue Reference: https://community.opengroup.org/osdu/platform/security-and-compliance/home/-/issues/185
* Fix CVE-2023-34034
* Upgrade `spring-security-core`, `spring-security-config` related dependencies to `5.8.8` version
# Changes in:
* [ ] GCP
* [x] Azure
* [x] AWS
* [x] IBMM22 - Release 0.25Thulasi Dass SubramanianThulasi Dass Subramanianhttps://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/merge_requests/330Cherry-pick 'Full Upgrade of First Party Library Dependencies for Release 0.2...2023-12-18T12:31:10ZChad LeongCherry-pick 'Full Upgrade of First Party Library Dependencies for Release 0.25' into release/0.25**Original MR**: !327
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporati...**Original MR**: !327
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporating all changes in the default branch.
These MRs must be approved by the PMC before they are merged, since they alter the scope of the release.
To see more details about the change itself, look at the Original MR listed above.
#### Skipped Pipeline
Normally, pipelines are not executed on the cherry pick branch/MR prior to merging.
This optimization is accepted because the code was tested when it merged into the default branch, and will be tested again in the release branch prior to tagging.
However, if anybody feels that the MR requires further scrutiny -- whether because it had conflicts in the cherry-picking, it interfaces with some drastically altered logic between the branches, or any other reason -- we can run the pipeline here prior to merging.
#### If There's Reason to Run a Pipeline
If you want to see a pipeline result before this merges, first add a comment explaining why you'd like to see the pipeline results so the PMC and others know your thinking.
Then, mark the MR as a Draft MR (using the vertical ellipsis above, choose 'Mark as Draft').
This prevents the MR from being approved & merged accidentally by a busy release coordinator who didn't see your comment.
Finally, if you are a maintainer on the project, launch a pipeline on this branch.
Since this branch is a protected branch and the MR has ~no-detached-pipeline set, all integration tests will run and there's no need for any `trusted-*` branches.
[Launch a Pipeline for this Branch](https://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/pipelines/new?ref=cherry-pick-for-327)M22 - Release 0.25David Diederichd.diederich@opengroup.orgChad LeongSrinivasan NarayananDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/merge_requests/329Upgrade Spring-security-core version for AWS2023-12-15T13:27:02ZSolomon AyalewUpgrade Spring-security-core version for AWSAdded the following dependancy to force upgrade the version. the rest is formatting change.
```
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security...Added the following dependancy to force upgrade the version. the rest is formatting change.
```
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>5.8.2</version>
</dependency>
</dependencies>
</dependencyManagement>
```M22 - Release 0.25https://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/merge_requests/327Full Upgrade of First Party Library Dependencies for Release 0.252023-12-18T12:29:03ZDavid Diederichd.diederich@opengroup.orgFull Upgrade of First Party Library Dependencies for Release 0.25This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to try to fully upgrade all dependent libraries to see if the latest code will work.
It is expected that these will ...This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to try to fully upgrade all dependent libraries to see if the latest code will work.
It is expected that these will often fail, since the upgrades were previously rejected for failing pipelines and have not been directly addressed yet.
This upgrade should only be merged in the CI pipeline reports success.
If this MR has failed, we can spend a little time investigating to see if a trivial upgrade could achieve compatiblity to the new library.
But significant upgrade efforts should not occur on this MR, as part of the release tagging process.
Instead, significant work should be scheduled for a subsequent milestone.
This MR may co-exist with a separate, smaller upgrade MR.
If both pass, this one should be used instead.
### Dependency Information Before the Upgrade
```
WARNING: The requested image's platform (linux/amd64) does not match the detected host platform (linux/arm64/v8) and no specific platform was requested
Branch: master
SHA: 4acfdc9f6d702f41572bf39733eaae9965cafd81
Maven: 0.26.0-SNAPSHOT
```
| Maven Dependencies | _Root_ |
| ------------------ | ------ |
| core-lib-azure | 0.24.0 |
| os-core-common | 0.24.0 |
| os-core-lib-ibm | 0.24.0 |
### Dependency Information After the Upgrade
```
WARNING: The requested image's platform (linux/amd64) does not match the detected host platform (linux/arm64/v8) and no specific platform was requested
Branch: dependency-upgrade
SHA: d57db8c4f9c666b4649ad077034c7e17a8a2888a
Maven: 0.26.0-SNAPSHOT
```
| Maven Dependencies | _Root_ |
| ------------------ | ------ |
| core-lib-azure | 0.25.0 |
| os-core-common | 0.25.0 |
| os-core-lib-ibm | 0.25.0 |M22 - Release 0.25https://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/merge_requests/324AWS - Merge from dev2023-11-27T19:09:48ZGuillaume CailletAWS - Merge from devAWS only
- Add or update License header
- Upgrade AWS deps to fix CVE
- Upgrade buildspecAWS only
- Add or update License header
- Upgrade AWS deps to fix CVE
- Upgrade buildspecM22 - Release 0.25Guillaume CailletGuillaume Caillethttps://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/merge_requests/316mege to gitlab2023-10-12T16:11:00ZYunhua Koglinmege to gitlabM21 - Release 0.24Yunhua KoglinYunhua Koglinhttps://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/merge_requests/314fix jackson-databind-vulnerability2023-10-09T06:18:28ZVidyaDharani Lokamfix jackson-databind-vulnerability# Change details
* upgrade `jackson-databind` to `2.15.2`
# Changes in:
* [x] GCP
* [ ] Azure
* [x] AWS
* [x] IBM# Change details
* upgrade `jackson-databind` to `2.15.2`
# Changes in:
* [x] GCP
* [ ] Azure
* [x] AWS
* [x] IBMM21 - Release 0.24VidyaDharani LokamVidyaDharani Lokamhttps://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/merge_requests/303AWS sync dev to master2023-08-19T17:03:07ZLong ChengAWS sync dev to masterAWS sync dev to masterAWS sync dev to masterM20 - Release 0.23Long ChengLong Chenghttps://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/merge_requests/276Fixing variable for aws2023-05-19T21:50:13ZAbhay JoshiFixing variable for aws(cherry picked from commit 711bada60b0ebeeded3d5ac19e85cd730a0f5ac6)(cherry picked from commit 711bada60b0ebeeded3d5ac19e85cd730a0f5ac6)M18 - Release 0.21Abhay JoshiYong ZengMadalyn MarabellaAbhay Joshihttps://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/merge_requests/273adding useragent changes2023-05-12T17:42:48ZMadalyn Marabellaadding useragent changesM18 - Release 0.21Abhay JoshiAbhay Joshihttps://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/merge_requests/265M18 service and CICD updates2023-05-09T19:59:28ZLong ChengM18 service and CICD updatesAWS code changes only
commit a001921a
Author: Abhay <bios@amazon.com>
Date: Tue Mar 21 2023 08:38:19 GMT-0700 (Pacific Daylight Time)
removing old ssl stuff
commit 663f62f4
Author: Abhay <bios@amazon.com>
Date: Tue Mar 21 20...AWS code changes only
commit a001921a
Author: Abhay <bios@amazon.com>
Date: Tue Mar 21 2023 08:38:19 GMT-0700 (Pacific Daylight Time)
removing old ssl stuff
commit 663f62f4
Author: Abhay <bios@amazon.com>
Date: Tue Mar 21 2023 07:28:24 GMT-0700 (Pacific Daylight Time)
Renaming variable
commit 4d73a4b0
Author: Abhay <bios@amazon.com>
Date: Mon Mar 20 2023 10:38:46 GMT-0700 (Pacific Daylight Time)
adding changes for rootFilesystemM18 - Release 0.21Long ChengLong Chenghttps://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/merge_requests/263Set FailOnError to false2023-05-03T19:24:27ZYash DholakiaSet FailOnError to falseSet FailOnError to false so build does not fail when dependency-check-maven fails.Set FailOnError to false so build does not fail when dependency-check-maven fails.M18 - Release 0.21Yash DholakiaYash Dholakiahttps://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/merge_requests/259Cherry-pick 'Upgrading snakeyaml' into release/0.202023-04-11T09:35:40ZDavid Diederichd.diederich@opengroup.orgCherry-pick 'Upgrading snakeyaml' into release/0.20**Original MR**: !256
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporati...**Original MR**: !256
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporating all changes in the default branch.
These MRs must be approved by the PMC before they are merged, since they alter the scope of the release.
To see more details about the change itself, look at the Original MR listed above.
#### Skipped Pipeline
Normally, pipelines are not executed on the cherry pick branch/MR prior to merging.
This optimization is accepted because the code was tested when it merged into the default branch, and will be tested again in the release branch prior to tagging.
However, if anybody feels that the MR requires further scrutiny -- whether because it had conflicts in the cherry-picking, it interfaces with some drastically altered logic between the branches, or any other reason -- we can run the pipeline here prior to merging.
#### If There's Reason to Run a Pipeline
If you want to see a pipeline result before this merges, first add a comment explaining why you'd like to see the pipeline results so the PMC and others know your thinking.
Then, mark the MR as a Draft MR (using the vertical ellipsis above, choose 'Mark as Draft').
This prevents the MR from being approved & merged accidentally by a busy release coordinator who didn't see your comment.
Finally, if you are a maintainer on the project, launch a pipeline on this branch.
Since this branch is a protected branch and the MR has ~no-detached-pipeline set, all integration tests will run and there's no need for any `trusted-*` branches.
[Launch a Pipeline for this Branch](https://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/pipelines/new?ref=cherry-pick-for-256)M17 - Release 0.20David Diederichd.diederich@opengroup.orgChad LeongSrinivasan NarayananDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service/-/merge_requests/257ReadOnlyRootFileSystem changes on AWS2023-04-07T18:25:32ZAbhay JoshiReadOnlyRootFileSystem changes on AWScommit a001921a
Author: Abhay <bios@amazon.com>
Date: Tue Mar 21 2023 08:38:19 GMT-0700 (Pacific Daylight Time)
removing old ssl stuff
commit 663f62f4
Author: Abhay <bios@amazon.com>
Date: Tue Mar 21 2023 07:28:24 GMT-0700 (Pacific...commit a001921a
Author: Abhay <bios@amazon.com>
Date: Tue Mar 21 2023 08:38:19 GMT-0700 (Pacific Daylight Time)
removing old ssl stuff
commit 663f62f4
Author: Abhay <bios@amazon.com>
Date: Tue Mar 21 2023 07:28:24 GMT-0700 (Pacific Daylight Time)
Renaming variable
commit 4d73a4b0
Author: Abhay <bios@amazon.com>
Date: Mon Mar 20 2023 10:38:46 GMT-0700 (Pacific Daylight Time)
adding changes for rootFilesystem
(cherry picked from commit f53bd6495a6fd8d742b18f34cc48ec3f47e739f2)M18 - Release 0.21Okoun-Ola Fabien HouetoAbhay JoshiOkoun-Ola Fabien Houeto