Storage merge requestshttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests2023-09-15T14:01:13Zhttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/765Introduce variable for java 17 version2023-09-15T14:01:13Zsaketh somarajuIntroduce variable for java 17 version* This MR introduces a variable to manage java version in azure ci-cd pipeline
* This change would help in configuring azure integration test seamlessly* This MR introduces a variable to manage java version in azure ci-cd pipeline
* This change would help in configuring azure integration test seamlesslyM21 - Release 0.24saketh somarajusaketh somarajuhttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/764Updated bucket naming (GONRG-7650)2023-09-11T09:54:58ZRiabokon Stanislav(EPAM)[GCP]Updated bucket naming (GONRG-7650)## Type of change
- [x] Bug Fix
- [ ] Feature
## Does this introduce a change in the core logic?
- [NO]
## Does this introduce a change in the cloud provider implementation, if so which cloud?
- [ ] AWS
- [ ] Azure
- [X] GC
- [ ] IBM...## Type of change
- [x] Bug Fix
- [ ] Feature
## Does this introduce a change in the core logic?
- [NO]
## Does this introduce a change in the cloud provider implementation, if so which cloud?
- [ ] AWS
- [ ] Azure
- [X] GC
- [ ] IBM
## Does this introduce a breaking change?
- [NO]
Added a logic to get a storage bucket name from Partition Service.M21 - Release 0.24Riabokon Stanislav(EPAM)[GCP]Riabokon Stanislav(EPAM)[GCP]https://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/763Fixing vulnerabilities in Storage Service2023-09-12T18:03:11ZDaniel SchollFixing vulnerabilities in Storage ServiceThis change cleans up the POM file and fixes vulnerabilities in the service.This change cleans up the POM file and fixes vulnerabilities in the service.Daniel SchollDaniel Schollhttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/762Vulnerability fixes2023-09-08T20:30:13ZNathan StrelserVulnerability fixes# Merge request template# Merge request templateNathan StrelserNathan Strelserhttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/761Remediate guava, netty-handler vulnerabilities in Azure2023-09-07T07:37:45ZThulasi Dass SubramanianRemediate guava, netty-handler vulnerabilities in Azure# Change details
* upgrade `OS Core Lib Azure` `v0.24.0-rc2` version for `guava` `32.1.2-jre` dependency
* upgrade `io.netty:netty-bom` version to `4.1.96.Final`
# Changes in:
* [ ] GCP
* [x] Azure
* [ ] AWS
* [ ] IBM# Change details
* upgrade `OS Core Lib Azure` `v0.24.0-rc2` version for `guava` `32.1.2-jre` dependency
* upgrade `io.netty:netty-bom` version to `4.1.96.Final`
# Changes in:
* [ ] GCP
* [x] Azure
* [ ] AWS
* [ ] IBMM21 - Release 0.24Thulasi Dass SubramanianThulasi Dass Subramanianhttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/760Vulnerability fixes2023-09-08T19:32:34ZNathan StrelserVulnerability fixes# Merge request template# Merge request templateNathan StrelserNathan Strelserhttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/759Cherry-pick 'Upgrade First Party Library Dependencies for Release 0.23' into ...2023-09-05T19:38:46ZDavid Diederichd.diederich@opengroup.orgCherry-pick 'Upgrade First Party Library Dependencies for Release 0.23' into release/0.23**Original MR**: !754
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporati...**Original MR**: !754
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporating all changes in the default branch.
These MRs must be approved by the PMC before they are merged, since they alter the scope of the release.
To see more details about the change itself, look at the Original MR listed above.
#### Skipped Pipeline
Normally, pipelines are not executed on the cherry pick branch/MR prior to merging.
This optimization is accepted because the code was tested when it merged into the default branch, and will be tested again in the release branch prior to tagging.
However, if anybody feels that the MR requires further scrutiny -- whether because it had conflicts in the cherry-picking, it interfaces with some drastically altered logic between the branches, or any other reason -- we can run the pipeline here prior to merging.
#### If There's Reason to Run a Pipeline
If you want to see a pipeline result before this merges, first add a comment explaining why you'd like to see the pipeline results so the PMC and others know your thinking.
Then, mark the MR as a Draft MR (using the vertical ellipsis above, choose 'Mark as Draft').
This prevents the MR from being approved & merged accidentally by a busy release coordinator who didn't see your comment.
Finally, if you are a maintainer on the project, launch a pipeline on this branch.
Since this branch is a protected branch and the MR has ~no-detached-pipeline set, all integration tests will run and there's no need for any `trusted-*` branches.
[Launch a Pipeline for this Branch](https://community.opengroup.org/osdu/platform/system/storage/-/pipelines/new?ref=cherry-pick-for-754)M20 - Release 0.23David Diederichd.diederich@opengroup.orgChad LeongSrinivasan NarayananDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/758Cherry-pick 'GONRG-7648: add variable' into release/0.232023-09-04T13:41:04ZSrinivasan NarayananCherry-pick 'GONRG-7648: add variable' into release/0.23**Original MR**: !756
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporati...**Original MR**: !756
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporating all changes in the default branch.
These MRs must be approved by the PMC before they are merged, since they alter the scope of the release.
To see more details about the change itself, look at the Original MR listed above.
#### Skipped Pipeline
Normally, pipelines are not executed on the cherry pick branch/MR prior to merging.
This optimization is accepted because the code was tested when it merged into the default branch, and will be tested again in the release branch prior to tagging.
However, if anybody feels that the MR requires further scrutiny -- whether because it had conflicts in the cherry-picking, it interfaces with some drastically altered logic between the branches, or any other reason -- we can run the pipeline here prior to merging.
#### If There's Reason to Run a Pipeline
If you want to see a pipeline result before this merges, first add a comment explaining why you'd like to see the pipeline results so the PMC and others know your thinking.
Then, mark the MR as a Draft MR (using the vertical ellipsis above, choose 'Mark as Draft').
This prevents the MR from being approved & merged accidentally by a busy release coordinator who didn't see your comment.
Finally, if you are a maintainer on the project, launch a pipeline on this branch.
Since this branch is a protected branch and the MR has ~no-detached-pipeline set, all integration tests will run and there's no need for any `trusted-*` branches.
[Launch a Pipeline for this Branch](https://community.opengroup.org/osdu/platform/system/storage/-/pipelines/new?ref=cherry-pick-for-756)M20 - Release 0.23David Diederichd.diederich@opengroup.orgChad LeongSrinivasan NarayananDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/757Merge branch 'gc-add-variable' into 'master'2023-09-04T13:41:04ZYauheni Rykhter (EPAM)Merge branch 'gc-add-variable' into 'master'M20 - Release 0.23Yauheni Rykhter (EPAM)Yauheni Rykhter (EPAM)https://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/756GONRG-7648: add variable2023-09-01T11:38:21ZYauheni Rykhter (EPAM)GONRG-7648: add variableM20 - Release 0.23Yauheni Rykhter (EPAM)Yauheni Rykhter (EPAM)https://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/755Revert netty version change and netty-handler2023-08-31T20:46:26ZDaniel CarpenterRevert netty version change and netty-handlerDaniel CarpenterDaniel Carpenterhttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/754Upgrade First Party Library Dependencies for Release 0.232023-09-05T19:13:45ZDavid Diederichd.diederich@opengroup.orgUpgrade First Party Library Dependencies for Release 0.23This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep the OSDU projects utilizing the latest available code to ensure widespread usage and stability.
However, any...This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep the OSDU projects utilizing the latest available code to ensure widespread usage and stability.
However, any library that is older than the previous release will be left as-is, since the upgrade is likely to be more complicated.
Furthermore, the upgrade should only be merged in the CI pipeline reports success.
If this MR has failed, we can spend a little time investigating to see if a trivial upgrade could achieve compatiblity to the new library.
But significant upgrade efforts should not occur on this MR, as part of the release tagging process.
Instead, significant work should be scheduled for a subsequent milestone.
### Dependency Information Before the Upgrade
```
Branch: master
SHA: 685287159547727688468cc2eb1a0e4008832118
Maven: 0.24.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------------------------------- | ---------- | -------------------------- |
| core-lib-azure | 0.22.0 | |
| core-lib-gc | 0.21.0-rc4 | |
| os-core-lib-aws | 0.23.0-rc2 | 0.21.0-rc5 |
| obm | 0.21.0-rc2 | |
| oqm | 0.21.0-rc5 | |
| os-core-common | 0.23.0-rc1 | 0.22.0, 0.13.0, 0.18.0-rc3 |
| os-core-lib-ibm | 0.17.0-rc4 | 0.17.0-rc4 |
| osm | 0.21.0-rc3 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.14.0 | 2.8.1, 2.13.2.2 |
| (3rd Party) org.yaml.snakeyaml | 2.0 | 1.30, 1.27 |
### Dependency Information After the Upgrade
```
Branch: dependency-upgrade
SHA: c108d06e33103a589f579f400b7fd126968eacfc
Maven: 0.24.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------------------------------- | ---------- | -------------------------- |
| core-lib-azure | 0.24.0-rc1 | |
| core-lib-gc | 0.21.0-rc4 | |
| os-core-lib-aws | 0.23.0 | 0.21.0-rc5 |
| obm | 0.21.0-rc2 | |
| oqm | 0.21.0-rc5 | |
| os-core-common | 0.23.1 | 0.23.1, 0.13.0, 0.18.0-rc3 |
| os-core-lib-ibm | 0.17.0-rc4 | 0.17.0-rc4 |
| osm | 0.21.0-rc3 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.14.0 | 2.8.1, 2.13.2.2 |
| (3rd Party) org.yaml.snakeyaml | 2.0 | 1.30, 1.27 |M20 - Release 0.23https://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/753Regressed Netty2023-09-14T14:21:41ZDaniel SchollRegressed Netty# Merge request template# Merge request templatehttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/752Regressed Netty vulnerability2023-08-30T21:40:58ZDaniel SchollRegressed Netty vulnerability# Merge request template# Merge request templatehttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/751Adding the correlationId appended by a random uuid as the messageId in Record...2024-01-29T13:30:53ZSabarish K R EAdding the correlationId appended by a random uuid as the messageId in RecordChangedMessages, to enable traceabilityAdding the correlationId appended by a random uuid as the messageId in RecordChangedMessages, to enable traceabilityAdding the correlationId appended by a random uuid as the messageId in RecordChangedMessages, to enable traceabilityhttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/750Cherrypick/m16 to m182023-09-08T19:26:48ZMahsa HanifiCherrypick/m16 to m18# Merge request template# Merge request templateMahsa HanifiMahsa Hanifihttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/749AWS sync dev to master2023-08-22T15:52:43ZLong ChengAWS sync dev to master# Merge request template# Merge request templateM20 - Release 0.23Long ChengLong Chenghttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/748AWS jdk17 update for Storage2023-08-22T15:02:28ZLong ChengAWS jdk17 update for Storage# Merge request template# Merge request templateM20 - Release 0.23Long ChengLong Chenghttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/747AWS Merge Dev Into Master2023-08-18T22:31:34ZGuillaume CailletAWS Merge Dev Into MasterM20 - Release 0.23Guillaume CailletGuillaume Caillethttps://community.opengroup.org/osdu/platform/system/storage/-/merge_requests/746M16 update vulnerable packages2023-08-29T14:39:54ZBhawan PanesarM16 update vulnerable packages# Merge request template
CVEs
Guava: https://github.com/advisories/GHSA-7g45-4rm6-3mm3
Netty: https://github.com/advisories/GHSA-6mjq-h674-j845
SnakeYaml: https://github.com/advisories/GHSA-mjmj-j48q-9wg2
Verified by `mvn clean depen...# Merge request template
CVEs
Guava: https://github.com/advisories/GHSA-7g45-4rm6-3mm3
Netty: https://github.com/advisories/GHSA-6mjq-h674-j845
SnakeYaml: https://github.com/advisories/GHSA-mjmj-j48q-9wg2
Verified by `mvn clean dependency:tree`Bhawan PanesarBhawan Panesar