Schema merge requestshttps://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests2023-02-17T07:09:15Zhttps://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/453Cherry-pick 'OSDU Data Definition M16 deliverables' into release/0.192023-02-17T07:09:15ZDavid Diederichd.diederich@opengroup.orgCherry-pick 'OSDU Data Definition M16 deliverables' into release/0.19**Original MR**: !443
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporati...**Original MR**: !443
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporating all changes in the default branch.
These MRs must be approved by the PMC before they are merged, since they alter the scope of the release.
To see more details about the change itself, look at the Original MR listed above.
#### Skipped Pipeline
Normally, pipelines are not executed on the cherry pick branch/MR prior to merging.
This optimization is accepted because the code was tested when it merged into the default branch, and will be tested again in the release branch prior to tagging.
However, if anybody feels that the MR requires further scrutiny -- whether because it had conflicts in the cherry-picking, it interfaces with some drastically altered logic between the branches, or any other reason -- we can run the pipeline here prior to merging.
#### If There's Reason to Run a Pipeline
If you want to see a pipeline result before this merges, first add a comment explaining why you'd like to see the pipeline results so the PMC and others know your thinking.
Then, mark the MR as a Draft MR (using the vertical ellipsis above, choose 'Mark as Draft').
This prevents the MR from being approved & merged accidentally by a busy release coordinator who didn't see your comment.
Finally, if you are a maintainer on the project, launch a pipeline on this branch.
Since this branch is a protected branch and the MR has ~no-detached-pipeline set, all integration tests will run and there's no need for any `trusted-*` branches.
[Launch a Pipeline for this Branch](https://community.opengroup.org/osdu/platform/system/schema-service/-/pipelines/new?ref=cherry-pick-for-443)M16 - Release 0.19David Diederichd.diederich@opengroup.orgChad LeongSrinivasan NarayananDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/451Cherry-pick 'adding support for EKS 1.23' into release/0.192023-02-11T01:57:18ZMarc Burnie [AWS]Cherry-pick 'adding support for EKS 1.23' into release/0.19Adding support for EKS 1.23
Original MR: osdu/platform/system/schema-service!448
(cherry picked from commit 7d0a638c0896523be79a8fca8db917717ef9068a)
Only AWS Helm Chart changesAdding support for EKS 1.23
Original MR: osdu/platform/system/schema-service!448
(cherry picked from commit 7d0a638c0896523be79a8fca8db917717ef9068a)
Only AWS Helm Chart changesM16 - Release 0.19David Diederichd.diederich@opengroup.orgMarc Burnie [AWS]David Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/448Adding support for EKS 1.232023-02-10T21:13:23ZMarc Burnie [AWS]Adding support for EKS 1.23M16 - Release 0.19Marc Burnie [AWS]Marc Burnie [AWS]https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/446Upgrade First Party Library Dependencies for Release 0.192023-02-18T07:31:16ZDavid Diederichd.diederich@opengroup.orgUpgrade First Party Library Dependencies for Release 0.19This automated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep the OSDU projects utilizing the latest available code to ensure widespread usage and stability.
However, any...This automated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep the OSDU projects utilizing the latest available code to ensure widespread usage and stability.
However, any library that is older than the previous release will be left as-is, since the upgrade is likely to be more complicated.
Furthermore, the upgrade should only be merged in the CI pipeline reports success.
If this MR has failed, we can spend a little time investigating to see if a trivial upgrade could achieve compatiblity to the new library.
But significant upgrade efforts should not occur on this MR, as part of the release tagging process.
Instead, significant work should be scheduled for a subsequent milestone.
### Dependency Information Before the Upgrade
```
Branch: master
SHA: b29fbf84bb1738d962beb67ed5161be35aa3bc2f
Maven: 0.20.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------------------------------- | ------------------ | ---------------- |
| core-lib-azure | 0.14.0-rc2 | 0.6.1 |
| core-lib-gcp | 0.19.0-rc3 | |
| os-core-lib-aws | 0.19.0-rc3 | 0.13.0, 0.3.16 |
| obm | 0.18.0 | |
| oqm | 0.18.0 | |
| os-core-common | 0.19.0-rc6 | 0.19.0-rc6 |
| os-core-lib-ibm | 0.16.0-rc1 | 0.15.2, 0.7.0 |
| osm | 0.18.0 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.13.4.2, 2.13.2.2 | 2.13.2.2, 2.11.3 |
| (3rd Party) net.minidev.json-smart | 2.4.7 | 2.3 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-core | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-jul | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-slf4j-impl | 2.17.1 | 2.13.3 |
| (3rd Party) org.springframework.spring-webflux | 5.3.12 | |
| (3rd Party) org.springframework.spring-webmvc | 5.3.24, 5.3.22 | 5.3.24 |
```
Warning: Found Vulnerable Spring WebFlux dependency (<5.2.20 || >=5.3.0 <5.3.18)
└─ _Root_
└─ org.opengroup.osdu.os-schema-azure == 0.20.0-SNAPSHOT
└─ org.springframework.boot.spring-boot-starter-webflux == 2.6.6
└─ org.springframework.spring-webflux == 5.3.12
```
### Dependency Information After the Upgrade
```
Branch: dependency-upgrade-2
SHA: c8e331f48846edd46e987726b2466b25d9fafb7e
Maven: 0.20.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------------------------------- | ------------------ | ---------------- |
| core-lib-azure | 0.14.0-rc2 | 0.6.1 |
| core-lib-gcp | 0.19.0 | |
| os-core-lib-aws | 0.19.0 | 0.13.0, 0.3.16 |
| obm | 0.19.0 | |
| oqm | 0.19.0 | |
| os-core-common | 0.19.0 | 0.19.0 |
| os-core-lib-ibm | 0.16.0-rc1 | 0.15.2, 0.7.0 |
| osm | 0.19.0 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.13.4.2, 2.13.2.2 | 2.13.2.2, 2.11.3 |
| (3rd Party) net.minidev.json-smart | 2.4.7 | 2.3 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-core | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-jul | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-slf4j-impl | 2.17.1 | 2.13.3 |
| (3rd Party) org.springframework.spring-webflux | 5.3.12 | |
| (3rd Party) org.springframework.spring-webmvc | 5.3.24, 5.3.22 | 5.3.24 |
```
Warning: Found Vulnerable Spring WebFlux dependency (<5.2.20 || >=5.3.0 <5.3.18)
└─ _Root_
└─ org.opengroup.osdu.os-schema-azure == 0.20.0-SNAPSHOT
└─ org.springframework.boot.spring-boot-starter-webflux == 2.6.6
└─ org.springframework.spring-webflux == 5.3.12
```M16 - Release 0.19https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/445Cherry-pick 'Add missing attributes to schema changed event' into release/0.192023-02-11T02:06:13ZDavid Diederichd.diederich@opengroup.orgCherry-pick 'Add missing attributes to schema changed event' into release/0.19**Original MR**: !442
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporati...**Original MR**: !442
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporating all changes in the default branch.
These MRs must be approved by the PMC before they are merged, since they alter the scope of the release.
To see more details about the change itself, look at the Original MR listed above.
#### Skipped Pipeline
Normally, pipelines are not executed on the cherry pick branch/MR prior to merging.
This optimization is accepted because the code was tested when it merged into the default branch, and will be tested again in the release branch prior to tagging.
However, if anybody feels that the MR requires further scrutiny -- whether because it had conflicts in the cherry-picking, it interfaces with some drastically altered logic between the branches, or any other reason -- we can run the pipeline here prior to merging.
#### If There's Reason to Run a Pipeline
If you want to see a pipeline result before this merges, first add a comment explaining why you'd like to see the pipeline results so the PMC and others know your thinking.
Then, mark the MR as a Draft MR (using the vertical ellipsis above, choose 'Mark as Draft').
This prevents the MR from being approved & merged accidentally by a busy release coordinator who didn't see your comment.
Finally, if you are a maintainer on the project, launch a pipeline on this branch.
Since this branch is a protected branch and the MR has ~no-detached-pipeline set, all integration tests will run and there's no need for any `trusted-*` branches.
[Launch a Pipeline for this Branch](https://community.opengroup.org/osdu/platform/system/schema-service/-/pipelines/new?ref=cherry-pick-for-442)M16 - Release 0.19David Diederichd.diederich@opengroup.orgChad LeongSrinivasan NarayananDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/443OSDU Data Definition M16 deliverables2023-02-15T22:14:41ZThomas Gehrmann [slb]OSDU Data Definition M16 deliverablesOSDU Data Definition M16 deliverables: 21 new schemas/schema versions with updated load_sequence.
**_No code change, only adding new schema registration resources for M16, approved by Data Definition._**
Closes #122OSDU Data Definition M16 deliverables: 21 new schemas/schema versions with updated load_sequence.
**_No code change, only adding new schema registration resources for M16, approved by Data Definition._**
Closes #122M16 - Release 0.19Paresh BehedeParesh Behedehttps://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/442Add missing attributes to schema changed event2023-02-07T23:51:49ZRustam Lotsmanenko (EPAM)rustam_lotsmanenko@epam.comAdd missing attributes to schema changed eventM16 - Release 0.19Rustam Lotsmanenko (EPAM)rustam_lotsmanenko@epam.comRustam Lotsmanenko (EPAM)rustam_lotsmanenko@epam.comhttps://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/441Update core common lib version and fix vulnerable libs2023-07-25T07:11:24ZManish JangidUpdate core common lib version and fix vulnerable libs* Updating versions of vulnerable libraries
- https://community.opengroup.org/osdu/platform/security-and-compliance/home/-/issues/120
- https://community.opengroup.org/osdu/platform/security-and-compliance/home/-/issues/121
- https...* Updating versions of vulnerable libraries
- https://community.opengroup.org/osdu/platform/security-and-compliance/home/-/issues/120
- https://community.opengroup.org/osdu/platform/security-and-compliance/home/-/issues/121
- https://community.opengroup.org/osdu/platform/security-and-compliance/home/-/issues/123
- https://community.opengroup.org/osdu/platform/security-and-compliance/home/-/issues/124
- https://community.opengroup.org/osdu/platform/security-and-compliance/home/-/issues/125
- https://community.opengroup.org/osdu/platform/security-and-compliance/home/-/issues/130
* Using latest version of core common lib which has Spring boot 2.7.7
* Migration from Springfox to springdoc-openapi. Related ISSUE: https://community.opengroup.org/osdu/platform/system/indexer-service/-/issues/74M16 - Release 0.19https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/439Upgrade python2023-03-23T19:00:45ZXiangliang MengUpgrade pythonM16 - Release 0.19Okoun-Ola Fabien HouetoXiangliang MengAbhishek PatilOkoun-Ola Fabien Houetohttps://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/433Removed audience property (GONRG-6246)2023-01-11T14:32:36ZMykhailo Vinnichuk [EPAM / GCP]Removed audience property (GONRG-6246)M16 - Release 0.19Mykhailo Vinnichuk [EPAM / GCP]Mykhailo Vinnichuk [EPAM / GCP]https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/432fixing dependency check2023-01-09T16:51:25ZMarc Burnie [AWS]fixing dependency checkM16 - Release 0.19Marc Burnie [AWS]Marc Burnie [AWS]https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/431temporarily bypass maven dependency check2023-01-07T05:28:05ZMorris Estepatemporarily bypass maven dependency checkM16 - Release 0.19Morris EstepaMorris Estepahttps://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/430GONRG-5894-gc-rename2023-08-18T21:55:11ZAliaksandr Ramanovich (EPAM)GONRG-5894-gc-renameGONRG-5894 - google cloud rebrandingGONRG-5894 - google cloud rebrandingM16 - Release 0.19Aliaksandr Ramanovich (EPAM)Aliaksandr Ramanovich (EPAM)https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/429Added system schemas publishing2023-01-10T14:49:35ZYurii Ruban [EPAM / GCP]Added system schemas publishing# Description:
Added system schemas publishing
# How to test:
1. Check messaging variable in service (expected true)
2. Create schema and system schema using API schema service
3. Check message in RabbitMQ or Pub/Sub. Topic name is s...# Description:
Added system schemas publishing
# How to test:
1. Check messaging variable in service (expected true)
2. Create schema and system schema using API schema service
3. Check message in RabbitMQ or Pub/Sub. Topic name is schema schanged.
# Changes include:
- [ ] New feature (a non-breaking change that adds functionality).
# Changes in:
- [x] GCPM16 - Release 0.19Riabokon Stanislav(EPAM)[GCP]Riabokon Stanislav(EPAM)[GCP]https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/428[GONRG-6178] Decrease ISTIO requests and limits2023-01-12T23:53:23ZOleksandr Kosse (EPAM)[GONRG-6178] Decrease ISTIO requests and limitsDecrease ISTIO requests and limits for schema serviceDecrease ISTIO requests and limits for schema serviceM16 - Release 0.19https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/427Fix spring-boot-starter vulnerability2023-03-30T08:07:20ZThulasi Dass SubramanianFix spring-boot-starter vulnerability- fixed spring-boot-starter web & webflux vulnerabilities- fixed spring-boot-starter web & webflux vulnerabilitiesM16 - Release 0.19Thulasi Dass SubramanianThulasi Dass Subramanianhttps://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/424Merge GC helms for schema service2023-01-12T23:53:23ZOleh Miniailov [EPAM / GCP]Merge GC helms for schema serviceM16 - Release 0.19https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/422jar type vulnerability fix for schema-service2022-12-28T06:00:29ZPintu Guptajar type vulnerability fix for schema-serviceThe following jar cve has been fix in this MR :
| cve | link |
|------------------|-------------------------------------------------|
| CVE-2022-42003 | https://nvd.nist.gov/vuln...The following jar cve has been fix in this MR :
| cve | link |
|------------------|-------------------------------------------------|
| CVE-2022-42003 | https://nvd.nist.gov/vuln/detail/CVE-2022-42003 |
| CVE-2022-42004 | https://nvd.nist.gov/vuln/detail/CVE-2022-42004 |
| CVE-2022-22965 | https://nvd.nist.gov/vuln/detail/CVE-2022-22965 |
| PRISMA-2022-0239 | https://github.com/square/okhttp/issues/6738 |
| CVE-2022-22965 | https://nvd.nist.gov/vuln/detail/CVE-2022-22965 |
| CVE-2022-23181 | https://nvd.nist.gov/vuln/detail/CVE-2022-23181 |
| CVE-2022-42252 | https://nvd.nist.gov/vuln/detail/CVE-2022-42252 |
| CVE-2022-25857 | https://nvd.nist.gov/vuln/detail/CVE-2022-25857 |M16 - Release 0.19Pintu GuptaPintu Guptahttps://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/337Optimizing schema logs2023-02-04T05:35:13ZAbhishek Kumar (SLB)Optimizing schema logsM16 - Release 0.19Abhishek Kumar (SLB)Abhishek Kumar (SLB)https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/476Update NOTICE, remove snapshot2023-04-13T20:28:10ZChad LeongUpdate NOTICE, remove snapshotUpdate FOSSA notice, remove SNAPSHOT dependenciesUpdate FOSSA notice, remove SNAPSHOT dependenciesM17 - Release 0.20