Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Resolve Technical Debt- Upgrade from JDK-8 to JDK21 and Spring Boot from 2.3.12.RELEASE to 3.3.2 #346

Open
wants to merge 45 commits into
base: main
Choose a base branch
from
Open

Resolve Technical Debt- Upgrade from JDK-8 to JDK21 and Spring Boot from 2.3.12.RELEASE to 3.3.2 #346

wants to merge 45 commits into from

Conversation

gmkumar2005
Copy link

@gmkumar2005 gmkumar2005 commented Sep 3, 2024
edited
Loading

RFC: Resolve Technical Debt of JDK and Spring Boot in Sunbird-RC-core #1053

This PR has changes needed to address the technical debt described in #1053

Following is the summary of changes

  1. JDK upgraded to LTS version 21
  2. Spring boot upgrade to latest version 3.3.2
  3. POM dependencies simplified. Dependencies like Lombok are pre-defined in spring-boot-starter
  4. Version numbers are configured in the parent pom for consistency
  5. javax package replaced with jakarata
  6. Junit test case refactored to work with Junit5
  7. Removed RegistryTestSuite which has dependency on non-standard test environment which is not compatible with junit5
  8. MessageProtos generated with latest protoc
  9. profiles tag in application.yml changed to work with spring 3.3.2
  10. Fixed cyclic dependencies
  11. Fixed classes and test cases which are broken after version upgrades
  12. Upgraded to version 2.0.4-SNAPSHOT
  13. Fixed github actions

@gmkumar2005
Dependency analysis
40cded4
@gmkumar2005
pojos upgraded to spring-boot-332 and jdk21
13e0d1d
@gmkumar2005
middleware-commons upgraded. Test and lombok dependencies moved to pa…
1484069 
…rent
@gmkumar2005
Replaced javax with jakarta in pojos and middleware-commons, standard…
7b14a33 
…ized version numbers. Fixed few code quality issues.
@gmkumar2005
Replaced javax with jakarta in middleware-bom > Authorization. Disabl…
60d4b69 
…ed unwanted test case.
@gmkumar2005
Replaced javax with jakarta in middleware-bom > Authorization. Disabl…
034f31b 
…ed unwanted test case.
@gmkumar2005
auth0 and identity provider migrated
2b532eb
@gmkumar2005
generic-iam migrated
c292ad8
@gmkumar2005
keycloak migrated
16af6d7
@gmkumar2005
validation migrated
9b20895
@gmkumar2005
elastic-search migrated
ad8a5e9
@gmkumar2005
elastic-search migrated
c573e3f
@gmkumar2005
workflow migrated
2d04a74
@gmkumar2005
validators migrated
659f85c
@gmkumar2005
apitest migrated
efdbd40
@gmkumar2005
view-templates migrated
6412994
@gmkumar2005
registry-interceptor migrated
06f6d72
@gmkumar2005
actor and actors migrated
43c99e0
@gmkumar2005
boosted versions fixed compile issues in registry. Test case migrated…
02feeb9 
… to junit5
@gmkumar2005
182 passing
a60fccc
@gmkumar2005
243 passing
524a9b0
@gmkumar2005
245 passing
9c6beee
@gmkumar2005
250 passing
13d2a28
@gmkumar2005
255 passing
adf1732
@gmkumar2005
255 passing
507e2ff
@gmkumar2005
claims all passing
fafe79f
@gmkumar2005
api test upgraded
0e47539
@gmkumar2005
fixed maven install
440ebe8
@gmkumar2005
Fixed cyclic dependencies, boosted few versions, added packaging mave…
f3a97f9 
…n plugin
@gmkumar2005
Updated janusgraph. Added source levels
d930cdb
amarts
amarts reviewed Sep 11, 2024
View reviewed changes
Copy link

@amarts amarts left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@gmkumar2005
Copy link
Author

Fixed all functional test scenarios with sync scope in karate-test-cases

github-advanced-security[bot]
github-advanced-security bot found potential problems Oct 3, 2024
View reviewed changes
...eware/authorization/src/main/java/dev/sunbirdrc/registry/authorization/SchemaAuthFilter.java
.anyMatch(requestUri::matches)) {
servletRequest.getRequestDispatcher(((HttpServletRequest) servletRequest).getServletPath()).forward(servletRequest, servletResponse);
servletRequest.getRequestDispatcher(servletRequest.getServletPath()).forward(servletRequest, servletResponse);

Check failure

Code scanning / CodeQL

URL forward from a remote source High

Untrusted URL forward depends on a
user-provided value
Loading
.
...eware/authorization/src/main/java/dev/sunbirdrc/registry/authorization/SchemaAuthFilter.java
.map(d -> String.format("/api/v1/%s([^/]+)?(((\\?)|(\\%s)).*)?", d, "%3F"))
.anyMatch(requestUri::matches)) {
logger.debug("Forwarded NON Invite and Anonymous to : {} anonymousSchemas {} ", servletRequest.getServletPath(), anonymousSchemas);
servletRequest.getRequestDispatcher(servletRequest.getServletPath()).forward(servletRequest, servletResponse);

Check failure

Code scanning / CodeQL

URL forward from a remote source High

Untrusted URL forward depends on a
user-provided value
Loading
.
...dleware/authorization/src/main/java/dev/sunbirdrc/registry/authorization/SecurityConfig.java
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
Map<String, AuthenticationManager> authenticationManagers = new HashMap<>();
oAuth2Configuration.getResources().forEach(issuer -> addManager(authenticationManagers, issuer));
http.csrf(AbstractHttpConfigurer::disable)

Check failure

Code scanning / CodeQL

Disabled Spring CSRF protection High

CSRF vulnerability due to protection being disabled.
@gmkumar2005
Copy link
Author

The build is failing because the projects under services did not receive JDK upgrade.
The pipeline has to be refactored in a way that it will use JDK11 for projects under services and JDk21 for projects under java folder.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@amarts amarts amarts left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@gmkumar2005 @amarts