From a2febef18d8065da4fe674f9f7162351326dbaa9 Mon Sep 17 00:00:00 2001
From: Gretchen-z <68681408+Gretchen-z@users.noreply.github.com>
Date: Thu, 27 Jun 2024 12:04:42 +0300
Subject: [PATCH] Bump SB3 and java 21 (#51)
* Bump SB3 and java 21
* Bump
service-parent-pom 3.0.1
bouncer-proto 1.55-ef7403f
damsel 1.639-4856124
* Delete exclusions on dev.vality.geck, delete wiremock
---
.github/workflows/build.yml | 2 +-
.github/workflows/deploy.yml | 2 +-
pom.xml | 72 +++++++++----------
.../vality/wachter/client/WachterClient.java | 2 +-
.../vality/wachter/config/SecurityConfig.java | 45 ++++++------
.../dev/vality/wachter/config/WebConfig.java | 10 +--
.../properties/HttpClientProperties.java | 2 +-
.../config/properties/KeycloakProperties.java | 2 +-
.../wachter/controller/WachterController.java | 2 +-
.../vality/wachter/mapper/ServiceMapper.java | 2 +-
.../wachter/service/WachterService.java | 2 +-
src/main/resources/application.yml | 7 +-
12 files changed, 70 insertions(+), 80 deletions(-)
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index fb5e7ed..7afe4a5 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -7,4 +7,4 @@ on:
jobs:
build:
- uses: valitydev/base-workflow/.github/workflows/maven-service-build.yml@v1
+ uses: valitydev/base-workflow/.github/workflows/maven-service-build.yml@v3
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index b08508e..811a76f 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -12,7 +12,7 @@ env:
jobs:
deploy:
- uses: valitydev/base-workflow/.github/workflows/maven-service-deploy.yml@v1
+ uses: valitydev/base-workflow/.github/workflows/maven-service-deploy.yml@v3
secrets:
github-token: ${{ secrets.GITHUB_TOKEN }}
mm-webhook-url: ${{ secrets.MATTERMOST_WEBHOOK_URL }}
diff --git a/pom.xml b/pom.xml
index d00ce31..3006300 100644
--- a/pom.xml
+++ b/pom.xml
@@ -7,7 +7,7 @@
dev.vality
service-parent-pom
- 1.0.17
+ 3.0.1
wachter
@@ -16,7 +16,7 @@
UTF-8
UTF-8
- 15
+ 21
8022
8023
${server.port} ${management.port}
@@ -35,11 +35,12 @@
dev.vality
shared-resources
+ ${shared-resources.version}
dev.vality
bouncer-proto
- 1.43-2c07755
+ 1.55-ef7403f
dev.vality.geck
@@ -48,7 +49,7 @@
dev.vality
damsel
- 1.597-bfedcb9
+ 1.639-4856124
@@ -64,33 +65,23 @@
org.springframework.security
spring-security-web
+
+ org.springframework.boot
+ spring-boot-starter-oauth2-client
+
+
+ org.springframework.boot
+ spring-boot-starter-oauth2-resource-server
+
org.keycloak
- keycloak-admin-client
- 18.0.0
-
-
- org.jboss.resteasy
- resteasy-client
-
-
- org.jboss.resteasy
- resteasy-multipart-provider
-
-
- org.jboss.resteasy
- resteasy-jackson2-provider
-
-
- org.jboss.resteasy
- resteasy-jaxb-provider
-
-
+ keycloak-spring-boot-starter
+ 24.0.5
org.keycloak
keycloak-spring-security-adapter
- 18.0.0
+ 24.0.5
org.bouncycastle
@@ -133,21 +124,21 @@
provided
- javax.servlet
- javax.servlet-api
+ jakarta.servlet
+ jakarta.servlet-api
- javax.annotation
- javax.annotation-api
+ jakarta.annotation
+ jakarta.annotation-api
- javax.validation
- validation-api
+ jakarta.validation
+ jakarta.validation-api
provided
- javax.xml.bind
- jaxb-api
+ jakarta.xml.bind
+ jakarta.xml.bind-api
org.bouncycastle
@@ -167,16 +158,10 @@
0.9.1
test
-
- com.github.tomakehurst
- wiremock-jre8-standalone
- 2.33.2
- test
-
org.springframework.cloud
spring-cloud-contract-wiremock
- 3.1.1
+ 4.1.0
test
@@ -234,6 +219,13 @@
+
+ org.apache.maven.plugins
+ maven-surefire-plugin
+
+ true
+
+
diff --git a/src/main/java/dev/vality/wachter/client/WachterClient.java b/src/main/java/dev/vality/wachter/client/WachterClient.java
index 027300f..0b65728 100644
--- a/src/main/java/dev/vality/wachter/client/WachterClient.java
+++ b/src/main/java/dev/vality/wachter/client/WachterClient.java
@@ -8,7 +8,7 @@ import org.apache.http.client.methods.HttpPost;
import org.apache.http.entity.ByteArrayEntity;
import org.springframework.stereotype.Service;
-import javax.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletRequest;
import java.util.HashMap;
import java.util.Map;
import java.util.Optional;
diff --git a/src/main/java/dev/vality/wachter/config/SecurityConfig.java b/src/main/java/dev/vality/wachter/config/SecurityConfig.java
index 9034757..8556026 100644
--- a/src/main/java/dev/vality/wachter/config/SecurityConfig.java
+++ b/src/main/java/dev/vality/wachter/config/SecurityConfig.java
@@ -1,57 +1,54 @@
package dev.vality.wachter.config;
import org.keycloak.adapters.springsecurity.KeycloakSecurityComponents;
-import org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter;
-import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.FilterType;
import org.springframework.http.HttpMethod;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
-import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.session.NullAuthenticatedSessionStrategy;
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+import static org.springframework.security.config.Customizer.withDefaults;
+
+
@Configuration
-@EnableWebSecurity
@ComponentScan(
basePackageClasses = KeycloakSecurityComponents.class,
excludeFilters = @ComponentScan.Filter(
type = FilterType.REGEX,
pattern = "org.keycloak.adapters.springsecurity.management.HttpSessionManager"))
-@EnableGlobalMethodSecurity(prePostEnabled = true, proxyTargetClass = true)
+@EnableMethodSecurity(proxyTargetClass = true)
@ConditionalOnProperty(value = "auth.enabled", havingValue = "true")
-public class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter {
+public class SecurityConfig {
@Bean
- @Override
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
return new NullAuthenticatedSessionStrategy();
}
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- super.configure(http);
- http.cors().and()
- .csrf().disable()
- .authorizeRequests()
- .antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
- .antMatchers(HttpMethod.GET, "/**/health/liveness").permitAll()
- .antMatchers(HttpMethod.GET, "/**/health/readiness").permitAll()
- .antMatchers(HttpMethod.GET, "/**/actuator/prometheus").permitAll()
- .anyRequest().authenticated();
- }
+ @Bean
+ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+ http.csrf(csrf -> csrf.disable())
+ .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+ .authorizeHttpRequests(auth -> auth.requestMatchers(HttpMethod.OPTIONS, "/**").permitAll()
+ .requestMatchers(HttpMethod.GET, "/**/health/liveness").permitAll()
+ .requestMatchers(HttpMethod.GET, "/**/health/readiness").permitAll()
+ .requestMatchers(HttpMethod.GET, "/**/actuator/prometheus").permitAll()
+ .anyRequest().authenticated())
+ .oauth2Login(withDefaults())
+ .oauth2Client(withDefaults())
+ .oauth2ResourceServer(withDefaults());
- @Autowired
- public void configureGlobal(AuthenticationManagerBuilder auth) {
- auth.authenticationProvider(keycloakAuthenticationProvider());
+ return http.build();
}
@Bean
diff --git a/src/main/java/dev/vality/wachter/config/WebConfig.java b/src/main/java/dev/vality/wachter/config/WebConfig.java
index 9c40859..7cf13ef 100644
--- a/src/main/java/dev/vality/wachter/config/WebConfig.java
+++ b/src/main/java/dev/vality/wachter/config/WebConfig.java
@@ -14,11 +14,11 @@ import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.filter.OncePerRequestFilter;
-import javax.servlet.Filter;
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.Filter;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.security.Principal;
import java.time.Instant;
diff --git a/src/main/java/dev/vality/wachter/config/properties/HttpClientProperties.java b/src/main/java/dev/vality/wachter/config/properties/HttpClientProperties.java
index 90a3a9f..40463dd 100644
--- a/src/main/java/dev/vality/wachter/config/properties/HttpClientProperties.java
+++ b/src/main/java/dev/vality/wachter/config/properties/HttpClientProperties.java
@@ -6,7 +6,7 @@ import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Configuration;
import org.springframework.validation.annotation.Validated;
-import javax.validation.constraints.NotNull;
+import jakarta.validation.constraints.NotNull;
@Getter
@Setter
diff --git a/src/main/java/dev/vality/wachter/config/properties/KeycloakProperties.java b/src/main/java/dev/vality/wachter/config/properties/KeycloakProperties.java
index f7a2dc3..85f14d8 100644
--- a/src/main/java/dev/vality/wachter/config/properties/KeycloakProperties.java
+++ b/src/main/java/dev/vality/wachter/config/properties/KeycloakProperties.java
@@ -6,7 +6,7 @@ import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.stereotype.Component;
import org.springframework.validation.annotation.Validated;
-import javax.validation.constraints.NotEmpty;
+import jakarta.validation.constraints.NotEmpty;
@Getter
@Setter
diff --git a/src/main/java/dev/vality/wachter/controller/WachterController.java b/src/main/java/dev/vality/wachter/controller/WachterController.java
index e423415..268e3e1 100644
--- a/src/main/java/dev/vality/wachter/controller/WachterController.java
+++ b/src/main/java/dev/vality/wachter/controller/WachterController.java
@@ -6,7 +6,7 @@ import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
-import javax.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletRequest;
@RestController
diff --git a/src/main/java/dev/vality/wachter/mapper/ServiceMapper.java b/src/main/java/dev/vality/wachter/mapper/ServiceMapper.java
index 1f5b8b6..2cd9966 100644
--- a/src/main/java/dev/vality/wachter/mapper/ServiceMapper.java
+++ b/src/main/java/dev/vality/wachter/mapper/ServiceMapper.java
@@ -5,7 +5,7 @@ import dev.vality.wachter.exeptions.WachterException;
import lombok.RequiredArgsConstructor;
import org.springframework.stereotype.Component;
-import javax.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletRequest;
@Component
@RequiredArgsConstructor
diff --git a/src/main/java/dev/vality/wachter/service/WachterService.java b/src/main/java/dev/vality/wachter/service/WachterService.java
index 6fa58b9..1a0bc91 100644
--- a/src/main/java/dev/vality/wachter/service/WachterService.java
+++ b/src/main/java/dev/vality/wachter/service/WachterService.java
@@ -9,7 +9,7 @@ import lombok.SneakyThrows;
import org.apache.tomcat.util.http.fileupload.IOUtils;
import org.springframework.stereotype.Service;
-import javax.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletRequest;
import java.io.ByteArrayOutputStream;
import java.util.ArrayList;
import java.util.List;
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
index c109cf8..32e0cab 100644
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -8,9 +8,6 @@ management:
metrics:
tags:
application: '@project.name@'
- export:
- prometheus:
- enabled: true
endpoint:
health:
show-details: always
@@ -22,6 +19,10 @@ management:
web:
exposure:
include: health,info,prometheus
+ prometheus:
+ metrics:
+ export:
+ enabled: true
spring:
application: