Schema merge requestshttps://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests2023-10-20T06:18:18Zhttps://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/574changes in IBM bootstrap.sh to fix bootstrap issue2023-10-20T06:18:18ZIsha Kumarichanges in IBM bootstrap.sh to fix bootstrap issue changes in IBM bootstrap.sh to fix bootstrap issue changes in IBM bootstrap.sh to fix bootstrap issueM21 - Release 0.24Isha KumariIsha Kumarihttps://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/576Full Upgrade of First Party Library Dependencies2023-10-20T06:14:15ZChad LeongFull Upgrade of First Party Library DependenciesThis generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep all dependent libraries up to date.
This upgrade can be merged immediately without further approval if the C...This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep all dependent libraries up to date.
This upgrade can be merged immediately without further approval if the CI pipeline reports success.
If this MR has failed, we need to work with the maintainers and affected provider teams to find a solution.
### Dependency Information Before the Upgrade
```
Branch: master
SHA: 92b85a2e4e045465725c62a5f57a1febd5b63e34
Maven: 0.25.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------ | -------------- | -------- |
| core-lib-azure | 0.23.2 | 0.23.2 |
| core-lib-gc | 0.24.0 | |
| os-core-lib-aws | 0.24.0 | 0.24.0 |
| obm | 0.24.0 | |
| oqm | 0.24.0 | |
| os-core-common | 0.24.0, 0.23.3 | 0.23.3 |
| os-core-lib-ibm | 0.23.0 | 0.23.0 |
| osm | 0.24.0 | |
### Dependency Information After the Upgrade
```
Branch: dependency-upgrade
SHA: f137cd3257b3b0b9f8bb987496667c99c2107ce7
Maven: 0.25.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------ | ------ | -------- |
| core-lib-azure | 0.24.0 | 0.24.0 |
| core-lib-gc | 0.24.0 | |
| os-core-lib-aws | 0.24.0 | 0.24.0 |
| obm | 0.24.0 | |
| oqm | 0.24.0 | |
| os-core-common | 0.24.0 | 0.24.0 |
| os-core-lib-ibm | 0.24.0 | 0.24.0 |
| osm | 0.24.0 | |M21 - Release 0.24https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/565Full Upgrade of First Party Library Dependencies2023-10-20T06:02:21ZChad LeongFull Upgrade of First Party Library DependenciesThis generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep all dependent libraries up to date.
This upgrade can be merged immediately without further approval if the C...This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep all dependent libraries up to date.
This upgrade can be merged immediately without further approval if the CI pipeline reports success.
If this MR has failed, we need to work with the maintainers and affected provider teams to find a solution.
### Dependency Information Before the Upgrade
```
Branch: master
SHA: 5ed6d24f617dd2084df7aab051a79b9a5782d25a
Maven: 0.24.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ----------------------------------------------------- | ------------------ | -------- |
| core-lib-azure | 0.14.0-rc2 | 0.6.1 |
| core-lib-gc | 0.23.0 | |
| os-core-lib-aws | 0.23.0 | 0.23.0 |
| obm | 0.23.0 | |
| oqm | 0.23.0 | |
| os-core-common | 0.23.1, 0.19.0-rc6 | 0.3.23 |
| os-core-lib-ibm | 0.16.0-rc1 | 0.15.2 |
| osm | 0.23.0 | |
| (3rd Party) net.minidev.json-smart | 2.4.9 | 2.3 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1, 2.17.2 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-core | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-jul | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-slf4j-impl | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1, 2.17.2 | 2.13.3 |
| (3rd Party) org.springframework.spring-webflux | 5.3.12 | |
| (3rd Party) org.yaml.snakeyaml | 2.0 | 1.26 |
```
Critical: Found Vulnerable Spring WebFlux dependency (<5.2.20 || >=5.3.0 <5.3.18)
└─ _Root_
└─ org.opengroup.osdu.os-schema-azure == 0.24.0-SNAPSHOT
└─ org.springframework.boot.spring-boot-starter-webflux == 2.6.6
└─ org.springframework.spring-webflux == 5.3.12
```
### Dependency Information After the Upgrade
```
Branch: dependency-upgrade
SHA: aaff88afa15981fea0a0d875b4815115f16e1696
Maven: 0.24.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------ | ------ | -------- |
| core-lib-azure | 0.23.2 | 0.23.2 |
| core-lib-gc | 0.23.1 | |
| os-core-lib-aws | 0.23.0 | 0.23.0 |
| obm | 0.23.0 | |
| oqm | 0.23.0 | |
| os-core-common | 0.23.3 | 0.23.3 |
| os-core-lib-ibm | 0.23.0 | 0.23.0 |
| osm | 0.23.0 | |M21 - Release 0.24Chad LeongChad Leonghttps://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/577Draft: [GONRG-7849] Test the system partition pipeline2023-10-19T12:30:27ZDanylo Vanin (EPAM)Draft: [GONRG-7849] Test the system partition pipelineDanylo Vanin (EPAM)Danylo Vanin (EPAM)https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/571merge aws schema2023-10-18T09:19:10ZYunhua Koglinmerge aws schemaM21 - Release 0.24Yunhua KoglinYunhua Koglinhttps://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/575delta changes for schema2023-10-17T21:40:04ZNathan Strelserdelta changes for schemaNathan StrelserNathan Strelserhttps://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/573Cherry-pick 'Upgrade First Party Library Dependencies for Release 0.24' into ...2023-10-17T11:33:01ZSrinivasan NarayananCherry-pick 'Upgrade First Party Library Dependencies for Release 0.24' into release/0.24**Original MR**: !572
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporati...**Original MR**: !572
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporating all changes in the default branch.
These MRs must be approved by the PMC before they are merged, since they alter the scope of the release.
To see more details about the change itself, look at the Original MR listed above.
#### Skipped Pipeline
Normally, pipelines are not executed on the cherry pick branch/MR prior to merging.
This optimization is accepted because the code was tested when it merged into the default branch, and will be tested again in the release branch prior to tagging.
However, if anybody feels that the MR requires further scrutiny -- whether because it had conflicts in the cherry-picking, it interfaces with some drastically altered logic between the branches, or any other reason -- we can run the pipeline here prior to merging.
#### If There's Reason to Run a Pipeline
If you want to see a pipeline result before this merges, first add a comment explaining why you'd like to see the pipeline results so the PMC and others know your thinking.
Then, mark the MR as a Draft MR (using the vertical ellipsis above, choose 'Mark as Draft').
This prevents the MR from being approved & merged accidentally by a busy release coordinator who didn't see your comment.
Finally, if you are a maintainer on the project, launch a pipeline on this branch.
Since this branch is a protected branch and the MR has ~no-detached-pipeline set, all integration tests will run and there's no need for any `trusted-*` branches.
[Launch a Pipeline for this Branch](https://community.opengroup.org/osdu/platform/system/schema-service/-/pipelines/new?ref=cherry-pick-for-572)M21 - Release 0.24David Diederichd.diederich@opengroup.orgChad LeongSrinivasan NarayananDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/572Upgrade First Party Library Dependencies for Release 0.242023-10-17T10:09:55ZDavid Diederichd.diederich@opengroup.orgUpgrade First Party Library Dependencies for Release 0.24This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep the OSDU projects utilizing the latest available code to ensure widespread usage and stability.
However, any...This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep the OSDU projects utilizing the latest available code to ensure widespread usage and stability.
However, any library that is older than the previous release will be left as-is, since the upgrade is likely to be more complicated.
Furthermore, the upgrade should only be merged in the CI pipeline reports success.
If this MR has failed, we can spend a little time investigating to see if a trivial upgrade could achieve compatiblity to the new library.
But significant upgrade efforts should not occur on this MR, as part of the release tagging process.
Instead, significant work should be scheduled for a subsequent milestone.
### Dependency Information Before the Upgrade
```
Branch: master
SHA: 2490db5f7ab9fd45c02bbefe86bbcd65d7e5cc35
Maven: 0.24.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ----------------------------------------------------- | ------------------ | -------- |
| core-lib-azure | 0.14.0-rc2 | 0.6.1 |
| core-lib-gc | 0.23.0 | |
| os-core-lib-aws | 0.23.0 | 0.23.0 |
| obm | 0.23.0 | |
| oqm | 0.23.0 | |
| os-core-common | 0.23.1, 0.19.0-rc6 | 0.3.23 |
| os-core-lib-ibm | 0.16.0-rc1 | 0.15.2 |
| osm | 0.23.0 | |
| (3rd Party) net.minidev.json-smart | 2.4.9 | 2.3 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1, 2.17.2 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-core | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-jul | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-slf4j-impl | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1, 2.17.2 | 2.13.3 |
| (3rd Party) org.springframework.spring-webflux | 5.3.12 | |
| (3rd Party) org.yaml.snakeyaml | 2.0 | 1.26 |
```
Critical: Found Vulnerable Spring WebFlux dependency (<5.2.20 || >=5.3.0 <5.3.18)
└─ _Root_
└─ org.opengroup.osdu.os-schema-azure == 0.24.0-SNAPSHOT
└─ org.springframework.boot.spring-boot-starter-webflux == 2.6.6
└─ org.springframework.spring-webflux == 5.3.12
```
### Dependency Information After the Upgrade
```
Branch: dependency-upgrade-2
SHA: c5fbaae37ac192de847fee2c799272dc0858ed9d
Maven: 0.24.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ----------------------------------------------------- | ------------------ | -------- |
| core-lib-azure | 0.14.0-rc2 | 0.6.1 |
| core-lib-gc | 0.24.0 | |
| os-core-lib-aws | 0.24.0 | 0.24.0 |
| obm | 0.24.0 | |
| oqm | 0.24.0 | |
| os-core-common | 0.24.0, 0.19.0-rc6 | 0.3.23 |
| os-core-lib-ibm | 0.16.0-rc1 | 0.15.2 |
| osm | 0.24.0 | |
| (3rd Party) net.minidev.json-smart | 2.4.9 | 2.3 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1, 2.17.2 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-core | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-jul | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-slf4j-impl | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1, 2.17.2 | 2.13.3 |
| (3rd Party) org.springframework.spring-webflux | 5.3.12 | |
| (3rd Party) org.yaml.snakeyaml | 2.0 | 1.26 |
```
Critical: Found Vulnerable Spring WebFlux dependency (<5.2.20 || >=5.3.0 <5.3.18)
└─ _Root_
└─ org.opengroup.osdu.os-schema-azure == 0.24.0-SNAPSHOT
└─ org.springframework.boot.spring-boot-starter-webflux == 2.6.6
└─ org.springframework.spring-webflux == 5.3.12
```M21 - Release 0.24https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/570[GONRG-7917] added replicas variable in helm2023-10-13T10:53:30ZAleksandr Primachenko [EPAM / GCP][GONRG-7917] added replicas variable in helmM21 - Release 0.24Aleksandr Primachenko [EPAM / GCP]Aleksandr Primachenko [EPAM / GCP]https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/567Resolve "OSDU-DD-Delivery-M21 (v0.24.0)"2023-10-13T09:51:40ZChad LeongResolve "OSDU-DD-Delivery-M21 (v0.24.0)"Resources to bootstrap M21 v0.24.0 schemas provided by OSDU Data Definitions.
Now with incremental load_sequences for each milestone ([example M21](https://community.opengroup.org/osdu/platform/system/schema-service/-/blob/017a117d44f4f...Resources to bootstrap M21 v0.24.0 schemas provided by OSDU Data Definitions.
Now with incremental load_sequences for each milestone ([example M21](https://community.opengroup.org/osdu/platform/system/schema-service/-/blob/017a117d44f4f492fa8a58614c3c093b94c570e3/deployments/shared-schemas/osdu/_IncrementalLoadSequences/v0.24.0_load_sequence.json)). The [conventional load_sequence.1.0.0 is delivered updated as usual](https://community.opengroup.org/osdu/platform/system/schema-service/-/blob/017a117d44f4f492fa8a58614c3c093b94c570e3/deployments/shared-schemas/osdu/load_sequence.1.0.0.json).
DD schema repo commit SHA [9dbd128af59d446ff6624a9a084a2dc5db910a3f](https://gitlab.opengroup.org/osdu/subcommittees/data-def/work-products/schema/-/tree/9dbd128af59d446ff6624a9a084a2dc5db910a3f).
Closes #138M21 - Release 0.24Thomas Gehrmann [slb]Thomas Gehrmann [slb]https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/566fix jackson-databind vulnerability2023-10-12T10:32:55ZVidyaDharani Lokamfix jackson-databind vulnerability# Change details
* upgrade `jackson-databind` to `2.15.2`
# Changes in:
* [ ] GCP
* [ ] Azure
* [x] AWS
* [ ] IBM
* [x] Common code# Change details
* upgrade `jackson-databind` to `2.15.2`
# Changes in:
* [ ] GCP
* [ ] Azure
* [x] AWS
* [ ] IBM
* [x] Common codeM21 - Release 0.24VidyaDharani LokamVidyaDharani Lokamhttps://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/569merge code to gitlab2023-10-12T10:21:48ZYunhua Koglinmerge code to gitlabM21 - Release 0.24Derek HudsonDerek Hudsonhttps://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/463Draft: Fixed vulnerabilities for S360-vulnerabilities in Schema service2023-10-11T16:21:10ZAbhiram BondadaDraft: Fixed vulnerabilities for S360-vulnerabilities in Schema servicehttps://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/462Draft: Fixed S360 Vulnerabilities in Schema service2023-10-11T16:21:07ZAbhiram BondadaDraft: Fixed S360 Vulnerabilities in Schema service(cherry picked from commit b726d1d2d85230dd495ad1a858ee06b6ad5c414c)(cherry picked from commit b726d1d2d85230dd495ad1a858ee06b6ad5c414c)https://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/568[Azure] Update MessagePublisher 'publishMessage' parameters2023-10-11T09:40:25ZThulasi Dass Subramanian[Azure] Update MessagePublisher 'publishMessage' parameters- Fixed MessagePublisher 'publishMessage' parameters due to core-lib-azure version upgrades
- upgraded `azure-core` related dependencies in Azure testing module- Fixed MessagePublisher 'publishMessage' parameters due to core-lib-azure version upgrades
- upgraded `azure-core` related dependencies in Azure testing moduleM21 - Release 0.24Thulasi Dass SubramanianThulasi Dass Subramanianhttps://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/564fix azure jackson-databind vulnerability2023-10-04T09:04:34ZVidyaDharani Lokamfix azure jackson-databind vulnerability# Change details
* upgrade `jackson-databind` to `2.15.2`
# Changes in:
* [ ] GCP
* [x] Azure
* [ ] AWS
* [ ] IBM# Change details
* upgrade `jackson-databind` to `2.15.2`
# Changes in:
* [ ] GCP
* [x] Azure
* [ ] AWS
* [ ] IBMM21 - Release 0.24VidyaDharani LokamVidyaDharani Lokamhttps://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/562Fix integration tests execution in azure2023-09-29T07:19:32Zsaketh somarajuFix integration tests execution in azure- Previously integration test job logs are output to the job log which caused issues with limitation of job log that could be captured.
- This MR captures the log to a file for azure integration test and produces as an artifact instead o...- Previously integration test job logs are output to the job log which caused issues with limitation of job log that could be captured.
- This MR captures the log to a file for azure integration test and produces as an artifact instead of logging in the job log
- Tested with [2255165](https://community.opengroup.org/osdu/platform/system/schema-service/-/jobs/2255165)M21 - Release 0.24saketh somarajusaketh somarajuhttps://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/561fix azure vulnerabilities2023-09-27T14:24:42ZVidyaDharani Lokamfix azure vulnerabilities# Change details
* upgrade `woodstox-core` to `6.4.0`
* excluded unused dependency `documentdb-bulkexecutor`
* upgrade `guava` version to `32.1.2-jre`
* upgrade `io.netty:netty-bom` version to `4.1.98.Final`
* upgrade `reactor-netty` ve...# Change details
* upgrade `woodstox-core` to `6.4.0`
* excluded unused dependency `documentdb-bulkexecutor`
* upgrade `guava` version to `32.1.2-jre`
* upgrade `io.netty:netty-bom` version to `4.1.98.Final`
* upgrade `reactor-netty` version to `1.1.10`
# Changes in:
* [ ] GCP
* [x] Azure
* [ ] AWS
* [ ] IBMM21 - Release 0.24VidyaDharani LokamVidyaDharani Lokamhttps://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/560Draft: vulnerability fixes2023-09-26T16:16:55ZVidyaDharani LokamDraft: vulnerability fixesM21 - Release 0.24VidyaDharani LokamVidyaDharani Lokamhttps://community.opengroup.org/osdu/platform/system/schema-service/-/merge_requests/556Draft: Introduce variable for java version2023-09-21T04:57:25Zsaketh somarajuDraft: Introduce variable for java version* This MR introduces a variable to manage java version in azure ci-cd job and removes redundant `azure_test` inheritance
* This change would help in configuring azure integration test seamlessly* This MR introduces a variable to manage java version in azure ci-cd job and removes redundant `azure_test` inheritance
* This change would help in configuring azure integration test seamlesslyM21 - Release 0.24saketh somarajusaketh somaraju