diff options
author | Dan Timoney <dtimoney@att.com> | 2021-12-16 16:25:49 -0500 |
---|---|---|
committer | Dan Timoney <dtimoney@att.com> | 2021-12-16 21:26:34 +0000 |
commit | 3006f3a36ff67a0dfb4e50577be48883c80eeab6 (patch) | |
tree | 2b1a2a9695598de3b00ca63b8cdd0ee7c1f824da | |
parent | b0ef9ef7ad29dfa57b0ab65b62cbbb69e14c535e (diff) |
Patch OpenDaylight to upgrade to latest pax-logging package
Patch OpenDaylight to replace the shipped version of pax-logging -
which includes log4j-core v2.14.1 - with the latest version, which
includes log4j-core v2.16.0
Issue-ID: CCSDK-3556
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: I6728d686f74c9d4b277e388bac62cfa56c23392e
4 files changed, 144 insertions, 0 deletions
diff --git a/opendaylight/silicon/silicon-alpine/pom.xml b/opendaylight/silicon/silicon-alpine/pom.xml index 7b85371e..029bc829 100644 --- a/opendaylight/silicon/silicon-alpine/pom.xml +++ b/opendaylight/silicon/silicon-alpine/pom.xml @@ -22,6 +22,9 @@ <odl.karaf.artifactId>onap-karaf</odl.karaf.artifactId> <odl.shiro.version>0.13.5</odl.shiro.version> <odl.ops4j.version>7.3.16</odl.ops4j.version> + <odl.pax.logging.version>2.0.9</odl.pax.logging.version> + <patch.pax.logging.version>2.0.12</patch.pax.logging.version> + <odl.karaf.framework.version>4.3.2</odl.karaf.framework.version> <odl.netconf.version>1.13.4</odl.netconf.version> </properties> @@ -112,6 +115,22 @@ <destFileName>sal-netconf-connector-${odl.netconf.version}.jar</destFileName> <excludes>*</excludes> </artifactItem> + <artifactItem> + <groupId>org.ops4j.pax.logging</groupId> + <artifactId>pax-logging-log4j2</artifactId> + <version>${patch.pax.logging.version}</version> + <outputDirectory>${project.build.directory}/docker-stage/system/org/ops4j/pax/logging/pax-logging-log4j2/${patch.pax.logging.version}</outputDirectory> + <destFileName>pax-logging-log4j2-${patch.pax.logging.version}.jar</destFileName> + <excludes>*</excludes> + </artifactItem> + <artifactItem> + <groupId>org.ops4j.pax.logging</groupId> + <artifactId>pax-logging-api</artifactId> + <version>${patch.pax.logging.version}</version> + <outputDirectory>${project.build.directory}/docker-stage/system/org/ops4j/pax/logging/pax-logging-api/${patch.pax.logging.version}</outputDirectory> + <destFileName>pax-logging-api-${patch.pax.logging.version}.jar</destFileName> + <excludes>*</excludes> + </artifactItem> </artifactItems> <overWriteReleases>false</overWriteReleases> <overWriteSnapshots>true</overWriteSnapshots> @@ -151,6 +170,26 @@ </resources> </configuration> </execution> + <execution> + <id>copy-karaf-framework-features</id> + <goals> + <goal>copy-resources</goal> + </goals><!-- here the phase you need --> + <phase>validate</phase> + <configuration> + <outputDirectory>${basedir}/target/docker-stage</outputDirectory> + <resources> + <resource> + <directory>src/main/resources</directory> + <includes> + <include>framework-${odl.karaf.framework.version}-features.xml</include> + <include>startup.properties</include> + </includes> + <filtering>false</filtering> + </resource> + </resources> + </configuration> + </execution> </executions> </plugin> diff --git a/opendaylight/silicon/silicon-alpine/src/main/docker/Dockerfile b/opendaylight/silicon/silicon-alpine/src/main/docker/Dockerfile index 978a0919..b5b3c6da 100644 --- a/opendaylight/silicon/silicon-alpine/src/main/docker/Dockerfile +++ b/opendaylight/silicon/silicon-alpine/src/main/docker/Dockerfile @@ -27,6 +27,13 @@ COPY system $ODL_HOME/system #COPY configure_cluster.sh configure-cluster-ipdetect.sh custom_shard_config.txt set_persistence.sh $ODL_HOME/bin/ #RUN chmod 755 $ODL_HOME/bin/configure_cluster.sh $ODL_HOME/bin/configure-cluster-ipdetect.sh $ODL_HOME/bin/set_persistence.sh $ODL_HOME/bin/custom_shard_config.txt + +# Remove vulnerable version of ops4j logging +COPY framework-${odl.karaf.framework.version}-features.xml $ODL_HOME/system/org/apache/karaf/features/framework/${odl.karaf.framework.version}/framework-${odl.karaf.framework.version}-features.xml +COPY startup.properties $ODL_HOME/etc/startup.properties +RUN rm -rf $ODL_HOME/system/org/ops4j/pax/logging/pax-logging-log4j2/${odl.pax.logging.version} +RUN rm -rf $ODL_HOME/system/org/ops4j/pax/logging/pax-logging-api/${odl.pax.logging.version} + # Changing ownership and permission of /opt RUN chown -R odl:odl /opt && chmod -R 755 /opt diff --git a/opendaylight/silicon/silicon-alpine/src/main/resources/framework-4.3.2-features.xml b/opendaylight/silicon/silicon-alpine/src/main/resources/framework-4.3.2-features.xml new file mode 100755 index 00000000..1f283cb1 --- /dev/null +++ b/opendaylight/silicon/silicon-alpine/src/main/resources/framework-4.3.2-features.xml @@ -0,0 +1,74 @@ +<?xml version="1.0" encoding="UTF-8" standalone="yes"?> +<!-- + + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<features name="framework-4.3.2" xmlns="http://karaf.apache.org/xmlns/features/v1.3.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://karaf.apache.org/xmlns/features/v1.3.0 http://karaf.apache.org/xmlns/features/v1.3.0"> + + <!-- This file is not used in the assembly., This file is used by the karaf-maven-plugin to generate a "final" feature.xml + including the correct start-level for the generation of the startup.propertie file --> + + <feature version="4.3.2" description="Karaf core feature" name="framework" hidden="true"> + <!-- persistent wiring extension --> + <bundle start-level="1">mvn:org.apache.karaf.features/org.apache.karaf.features.extension/4.3.2</bundle> + <!-- mvn: url handlers --> + <bundle start-level="5">mvn:org.ops4j.pax.url/pax-url-aether/2.6.7</bundle> + <!-- logging --> + <bundle start-level="8">mvn:org.ops4j.pax.logging/pax-logging-api/2.0.12</bundle> + <bundle start-level="8">mvn:org.ops4j.pax.logging/pax-logging-log4j2/2.0.12</bundle> + <bundle start-level="8">mvn:org.fusesource.jansi/jansi/1.18</bundle> + <!-- config admin --> + <bundle start-level="9">mvn:org.osgi/org.osgi.util.function/1.1.0</bundle> + <bundle start-level="9">mvn:org.osgi/org.osgi.util.promise/1.1.1</bundle> + <bundle start-level="9">mvn:org.apache.felix/org.apache.felix.coordinator/1.0.2</bundle> + <bundle start-level="9">mvn:org.apache.felix/org.apache.felix.converter/1.0.14</bundle> + <bundle start-level="10">mvn:org.apache.felix/org.apache.felix.configadmin/1.9.22</bundle> + <bundle start-level="11">mvn:org.apache.felix/org.apache.felix.configadmin.plugin.interpolation/1.1.2</bundle> + <bundle start-level="11">mvn:org.apache.felix/org.apache.felix.cm.json/1.0.6</bundle> + <bundle start-level="11">mvn:org.apache.sling/org.apache.sling.commons.johnzon/1.2.6</bundle> + <bundle start-level="11">mvn:org.apache.felix/org.apache.felix.configurator/1.0.14</bundle> + <!-- file install --> + <bundle start-level="12">mvn:org.apache.felix/org.apache.felix.fileinstall/3.6.8</bundle> + <!-- features service --> + <bundle start-level="15">mvn:org.apache.karaf.features/org.apache.karaf.features.core/4.3.2</bundle> + <bundle dependency="true" start-level="30">mvn:org.apache.servicemix.specs/org.apache.servicemix.specs.jaxb-api-2.2/2.9.0</bundle> + </feature> + + <feature version="4.3.2" description="Karaf core feature" name="framework-logback" hidden="true"> + <!-- persistent wiring extension --> + <bundle start-level="1">mvn:org.apache.karaf.features/org.apache.karaf.features.extension/4.3.2</bundle> + <!-- mvn: url handlers --> + <bundle start-level="5">mvn:org.ops4j.pax.url/pax-url-aether/2.6.7</bundle> + <!-- logging --> + <bundle start-level="8">mvn:org.ops4j.pax.logging/pax-logging-api/2.0.9</bundle> + <bundle start-level="8">mvn:org.ops4j.pax.logging/pax-logging-logback/2.0.9</bundle> + <!-- config admin --> + <bundle start-level="9">mvn:org.osgi/org.osgi.util.function/1.1.0</bundle> + <bundle start-level="9">mvn:org.osgi/org.osgi.util.promise/1.1.1</bundle> + <bundle start-level="9">mvn:org.apache.felix/org.apache.felix.coordinator/1.0.2</bundle> + <bundle start-level="9">mvn:org.apache.felix/org.apache.felix.converter/1.0.14</bundle> + <bundle start-level="10">mvn:org.apache.felix/org.apache.felix.configadmin/1.9.22</bundle> + <bundle start-level="11">mvn:org.apache.felix/org.apache.felix.configadmin.plugin.interpolation/1.1.2</bundle> + <bundle start-level="11">mvn:org.apache.felix/org.apache.felix.cm.json/1.0.6</bundle> + <bundle start-level="11">mvn:org.apache.sling/org.apache.sling.commons.johnzon/1.2.6</bundle> + <bundle start-level="11">mvn:org.apache.felix/org.apache.felix.configurator/1.0.14</bundle> + <!-- file install --> + <bundle start-level="12">mvn:org.apache.felix/org.apache.felix.fileinstall/3.6.8</bundle> + <!-- features service --> + <bundle start-level="15">mvn:org.apache.karaf.features/org.apache.karaf.features.core/4.3.2</bundle> + </feature> + +</features> diff --git a/opendaylight/silicon/silicon-alpine/src/main/resources/startup.properties b/opendaylight/silicon/silicon-alpine/src/main/resources/startup.properties new file mode 100755 index 00000000..59ab975e --- /dev/null +++ b/opendaylight/silicon/silicon-alpine/src/main/resources/startup.properties @@ -0,0 +1,24 @@ +# Bundles to be started on startup, with startlevel +mvn\:org.apache.karaf.features/org.apache.karaf.features.extension/4.3.2 = 1 +mvn\:org.ops4j.pax.url/pax-url-aether/2.6.7 = 5 +mvn\:org.ops4j.pax.logging/pax-logging-api/2.0.12 = 8 +mvn\:org.ops4j.pax.logging/pax-logging-log4j2/2.0.12 = 8 +mvn\:org.fusesource.jansi/jansi/1.18 = 8 +mvn\:org.osgi/org.osgi.util.promise/1.1.1 = 9 +mvn\:org.apache.felix/org.apache.felix.coordinator/1.0.2 = 9 +mvn\:org.apache.felix/org.apache.felix.converter/1.0.14 = 9 +mvn\:org.osgi/org.osgi.util.function/1.1.0 = 9 +mvn\:org.apache.felix/org.apache.felix.configadmin/1.9.22 = 10 +mvn\:org.apache.felix/org.apache.felix.configadmin.plugin.interpolation/1.1.2 = 11 +mvn\:org.apache.felix/org.apache.felix.configurator/1.0.14 = 11 +mvn\:org.apache.sling/org.apache.sling.commons.johnzon/1.2.6 = 11 +mvn\:org.apache.felix/org.apache.felix.cm.json/1.0.6 = 11 +mvn\:org.apache.felix/org.apache.felix.fileinstall/3.6.8 = 12 +mvn\:org.apache.karaf.features/org.apache.karaf.features.core/4.3.2 = 15 +# The following are added by opendaylight-karaf-resources +mvn\:org.osgi/org.osgi.service.event/1.4.0 = 7 +mvn\:org.apache.felix/org.apache.felix.metatype/1.2.4 = 8 +mvn\:org.opendaylight.odlparent/bcprov-framework-ext/8.1.3 = 14 +mvn\:org.opendaylight.odlparent/bcpkix-framework-ext/8.1.3 = 14 +mvn\:org.opendaylight.odlparent/logging-markers/8.1.3 = 14 +mvn\:org.apache.aries.blueprint/org.apache.aries.blueprint.core.compatibility/1.0.0 = 14 |