From 8e54aa2d90a9ae32952e16471993604be0029e95 Mon Sep 17 00:00:00 2001
From: Kasperki <pawel.kasperkiewicz@nokia.com>
Date: Thu, 11 Aug 2022 18:00:59 +0200
Subject: Fix PRH Vulnerabilities

- Update DCAE SDK version from 1.8.8 to 1.8.10
- Update Spring Boot version from 2.5.9 to 2.7.2
- Update Spring Cloud version from 2020.0.5 to 2021.0.3
- Change Swagger from springfox to springdoc-openapi-ui

Issue-ID: DCAEGEN2-3219
Signed-off-by: Pawel <pawel.kasperkiewicz@nokia.com>
Change-Id: I5d6abe7840b90f273de87bb64d0840f93ed5739d
---
 Changelog.md                                       |  5 ++
 pom.xml                                            | 19 ++---
 prh-app-server/pom.xml                             |  7 +-
 .../services/prh/configuration/SwaggerConfig.java  | 82 ----------------------
 prh-commons/pom.xml                                |  6 +-
 version.properties                                 |  2 +-
 6 files changed, 25 insertions(+), 96 deletions(-)
 delete mode 100644 prh-app-server/src/main/java/org/onap/dcaegen2/services/prh/configuration/SwaggerConfig.java

diff --git a/Changelog.md b/Changelog.md
index 78d659ce..32897296 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -4,6 +4,11 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/)
 and this project adheres to [Semantic Versioning](http://semver.org/).
 
+## [1.8.1] - 2022/08/11
+### Changed
+- [DCAEGEN2-3219] dcaegen2-services-prh vulnerability update
+
+
 ## [1.8.0] - 2022/02/14
 ### Changed
 - Update DCAE SDK version from 1.8.7 to 1.8.8
diff --git a/pom.xml b/pom.xml
index 409197e5..cfb60f44 100644
--- a/pom.xml
+++ b/pom.xml
@@ -33,7 +33,7 @@
 
   <groupId>org.onap.dcaegen2.services</groupId>
   <artifactId>prh</artifactId>
-  <version>1.8.0-SNAPSHOT</version>
+  <version>1.8.1-SNAPSHOT</version>
 
   <name>dcaegen2-services-prh</name>
   <description>PNF Registration Handler</description>
@@ -48,15 +48,16 @@
 
   <properties>
     <java.version>11</java.version>
-    <spring-boot.version>2.5.9</spring-boot.version>
-    <spring-cloud.version>2020.0.5</spring-cloud.version>
+    <spring-boot.version>2.7.2</spring-boot.version>
+    <spring-cloud.version>2021.0.3</spring-cloud.version>
     <springfox.version>3.0.0</springfox.version>
     <immutables.version>2.7.5</immutables.version>
-    <sdk.version>1.8.8</sdk.version>
+    <sdk.version>1.8.10</sdk.version>
     <guava.version>29.0-jre</guava.version>
     <sonar.coverage.jacoco.xmlReportPaths>
       ${project.reporting.outputDirectory}/jacoco-ut/jacoco.xml
     </sonar.coverage.jacoco.xmlReportPaths>
+    <springdoc-openapi-ui.version>1.6.9</springdoc-openapi-ui.version>
   </properties>
 
   <modules>
@@ -173,9 +174,9 @@
         <scope>import</scope>
       </dependency>
       <dependency>
-        <groupId>io.springfox</groupId>
-        <artifactId>springfox-boot-starter</artifactId>
-        <version>${springfox.version}</version>
+        <groupId>org.springdoc</groupId>
+        <artifactId>springdoc-openapi-ui</artifactId>
+        <version>${springdoc-openapi-ui.version}</version>
       </dependency>
       <dependency>
         <groupId>org.immutables</groupId>
@@ -188,9 +189,9 @@
         <version>${immutables.version}</version>
       </dependency>
       <dependency>
-	<groupId>com.google.guava</groupId>
+        <groupId>com.google.guava</groupId>
         <artifactId>guava</artifactId>
-	<version>${guava.version}</version>
+        <version>${guava.version}</version>
       </dependency>
     </dependencies>
   </dependencyManagement>
diff --git a/prh-app-server/pom.xml b/prh-app-server/pom.xml
index e92515be..62e19dce 100644
--- a/prh-app-server/pom.xml
+++ b/prh-app-server/pom.xml
@@ -27,7 +27,7 @@
   <parent>
     <groupId>org.onap.dcaegen2.services</groupId>
     <artifactId>prh</artifactId>
-    <version>1.8.0-SNAPSHOT</version>
+    <version>1.8.1-SNAPSHOT</version>
   </parent>
 
   <groupId>org.onap.dcaegen2.services.prh</groupId>
@@ -47,6 +47,7 @@
     <docker.user.name>prh</docker.user.name>
     <docker.user.dir>/home/${docker.user.name}</docker.user.dir>
     <docker.user.id>1414</docker.user.id>
+    <onap-gerrit-review>-changelog-missing</onap-gerrit-review>
   </properties>
 
   <build>
@@ -234,8 +235,8 @@
       <artifactId>spring-boot-starter-webflux</artifactId>
     </dependency>
     <dependency>
-      <groupId>io.springfox</groupId>
-      <artifactId>springfox-boot-starter</artifactId>
+      <groupId>org.springdoc</groupId>
+      <artifactId>springdoc-openapi-ui</artifactId>
     </dependency>
     <dependency>
       <groupId>io.projectreactor</groupId>
diff --git a/prh-app-server/src/main/java/org/onap/dcaegen2/services/prh/configuration/SwaggerConfig.java b/prh-app-server/src/main/java/org/onap/dcaegen2/services/prh/configuration/SwaggerConfig.java
deleted file mode 100644
index 4039f698..00000000
--- a/prh-app-server/src/main/java/org/onap/dcaegen2/services/prh/configuration/SwaggerConfig.java
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * ============LICENSE_START=======================================================
- * PNF-REGISTRATION-HANDLER
- * ================================================================================
- * Copyright (C) 2018-2020 NOKIA Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.dcaegen2.services.prh.configuration;
-
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Profile;
-import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
-import org.springframework.web.servlet.config.annotation.WebMvcConfigurationSupport;
-import springfox.documentation.builders.ApiInfoBuilder;
-import springfox.documentation.builders.PathSelectors;
-import springfox.documentation.builders.RequestHandlerSelectors;
-import springfox.documentation.service.ApiInfo;
-import springfox.documentation.spi.DocumentationType;
-import springfox.documentation.spring.web.plugins.Docket;
-import springfox.documentation.swagger2.annotations.EnableSwagger2;
-
-
-@Configuration
-@Profile("prod")
-public class SwaggerConfig extends WebMvcConfigurationSupport {
-
-    private static final String PACKAGE_PATH = "org.onap.dcaegen2.services.prh";
-    private static final String API_TITLE = "PRH app server";
-    private static final String DESCRIPTION = "This page lists all the rest apis for PRH app server.";
-    private static final String VERSION = "1.0";
-    private static final String RESOURCES_PATH = "classpath:/META-INF/resources/";
-    private static final String WEBJARS_PATH = RESOURCES_PATH + "webjars/";
-    private static final String SWAGGER_UI = "swagger-ui.html";
-    private static final String WEBJARS = "/webjars/**";
-
-    /**
-     * Swagger configuration function for hosting it next to spring http website.
-     *
-     * @return Docket
-     */
-    @Bean
-    public Docket api() {
-        return new Docket(DocumentationType.SWAGGER_2)
-            .apiInfo(apiInfo())
-            .select()
-            .apis(RequestHandlerSelectors.basePackage(PACKAGE_PATH))
-            .paths(PathSelectors.any())
-            .build();
-    }
-
-    private ApiInfo apiInfo() {
-        return new ApiInfoBuilder()
-            .title(API_TITLE)
-            .description(DESCRIPTION)
-            .version(VERSION)
-            .build();
-    }
-
-
-    @Override
-    protected void addResourceHandlers(ResourceHandlerRegistry registry) {
-        registry.addResourceHandler(SWAGGER_UI)
-            .addResourceLocations(RESOURCES_PATH);
-
-        registry.addResourceHandler(WEBJARS)
-            .addResourceLocations(WEBJARS_PATH);
-    }
-}
diff --git a/prh-commons/pom.xml b/prh-commons/pom.xml
index e5ac281e..a3ffd405 100644
--- a/prh-commons/pom.xml
+++ b/prh-commons/pom.xml
@@ -27,13 +27,17 @@
   <parent>
     <groupId>org.onap.dcaegen2.services</groupId>
     <artifactId>prh</artifactId>
-    <version>1.8.0-SNAPSHOT</version>
+    <version>1.8.1-SNAPSHOT</version>
   </parent>
 
   <groupId>org.onap.dcaegen2.services.prh</groupId>
   <artifactId>prh-commons</artifactId>
   <packaging>jar</packaging>
 
+  <properties>
+    <onap-gerrit-review>-changelog-missing</onap-gerrit-review>
+  </properties>
+
   <dependencies>
     <dependency>
       <groupId>org.onap.dcaegen2.services.sdk.rest.services</groupId>
diff --git a/version.properties b/version.properties
index 6db90f27..dfe1ef3c 100644
--- a/version.properties
+++ b/version.properties
@@ -1,6 +1,6 @@
 major=1
 minor=8
-patch=0
+patch=1
 base_version=${major}.${minor}.${patch}
 release_version=${base_version}
 snapshot_version=${base_version}-SNAPSHOT
-- 
cgit 1.2.3-korg