diff options
author | GuangrongFu <fu.guangrong@zte.com.cn> | 2020-08-14 09:15:57 +0800 |
---|---|---|
committer | GuangrongFu <fu.guangrong@zte.com.cn> | 2020-08-14 09:15:57 +0800 |
commit | ce764eb74e8c3cb143ddb31cce8b0af785d1b8a2 (patch) | |
tree | 6cfcd449af3a6100a8cd6a27fb3012b2169681ea | |
parent | 3151df6463e77aba7f0234a1604b2839450bbc3f (diff) |
Tried to Fix Some Vulnerability Issues
Change-Id: I240abe1ccb8c50d10069c083a0e6ceb0f5bf49c0
Issue-ID: HOLMES-345
Signed-off-by: GuangrongFu <fu.guangrong@zte.com.cn>
9 files changed, 130 insertions, 91 deletions
@@ -14,7 +14,8 @@ ~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.onap.oparent</groupId>
@@ -45,8 +46,8 @@ <bundle.name>${project.artifactId}-${project.version}</bundle.name>
<powermock.version>2.0.7</powermock.version>
- <dropwizard.version>2.0.9</dropwizard.version>
- <jersey.version>2.30.1</jersey.version>
+ <dropwizard.version>2.0.10</dropwizard.version>
+ <jersey.version>2.31</jersey.version>
<jacoco.version>0.8.5</jacoco.version>
<slf4j.version>1.7.25</slf4j.version>
@@ -59,6 +60,18 @@ </sonar.coverage.jacoco.xmlReportPaths>
</properties>
+ <dependencyManagement>
+ <dependencies>
+ <dependency>
+ <groupId>org.glassfish.jersey</groupId>
+ <artifactId>jersey-bom</artifactId>
+ <version>${jersey.version}</version>
+ <type>pom</type>
+ <scope>import</scope>
+ </dependency>
+ </dependencies>
+ </dependencyManagement>
+
<dependencies>
<dependency>
<groupId>ch.qos.logback</groupId>
@@ -90,6 +103,10 @@ <groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-server</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>org.checkerframework</groupId>
+ <artifactId>checker-qual</artifactId>
+ </exclusion>
</exclusions>
</dependency>
<dependency>
@@ -100,7 +117,7 @@ <dependency>
<groupId>org.onap.holmes.common</groupId>
<artifactId>holmes-actions</artifactId>
- <version>1.2.13</version>
+ <version>1.3.0</version>
<exclusions>
<exclusion>
<groupId>org.glassfish.jersey.containers</groupId>
@@ -155,7 +172,7 @@ <dependency>
<groupId>org.postgresql</groupId>
<artifactId>postgresql</artifactId>
- <version>42.2.5</version>
+ <version>42.2.13</version>
</dependency>
<dependency>
<groupId>junit</groupId>
@@ -183,7 +200,7 @@ <dependency>
<groupId>io.swagger</groupId>
<artifactId>swagger-jersey2-jaxrs</artifactId>
- <version>1.5.3</version>
+ <version>1.6.1</version>
<exclusions>
<exclusion>
<groupId>com.fasterxml.jackson.core</groupId>
@@ -205,6 +222,14 @@ <groupId>org.glassfish.jersey.containers</groupId>
<artifactId>jersey-container-servlet-core</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>com.fasterxml.jackson.jaxrs</groupId>
+ <artifactId>jackson-jaxrs-json-provider</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>com.fasterxml.jackson.jaxrs</groupId>
+ <artifactId>jackson-datatype-joda</artifactId>
+ </exclusion>
</exclusions>
<scope>provided</scope>
</dependency>
@@ -295,7 +320,6 @@ <dependency>
<groupId>org.glassfish.jersey.core</groupId>
<artifactId>jersey-server</artifactId>
- <version>${jersey.version}</version>
<exclusions>
<exclusion>
<groupId>javax.validation</groupId>
@@ -306,18 +330,57 @@ <dependency>
<groupId>org.glassfish.jersey.core</groupId>
<artifactId>jersey-client</artifactId>
- <version>${jersey.version}</version>
</dependency>
<dependency>
<groupId>org.glassfish.jersey.core</groupId>
<artifactId>jersey-common</artifactId>
- <version>${jersey.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>javax.annotation</groupId>
+ <artifactId>javax.annotation-api</artifactId>
+ <version>1.3.2</version>
+ </dependency>
+ <dependency>
+ <groupId>javax.xml.bind</groupId>
+ <artifactId>jaxb-api</artifactId>
+ <version>2.4.0-b180725.0427</version>
+ </dependency>
+ <dependency>
+ <groupId>org.glassfish.jaxb</groupId>
+ <artifactId>jaxb-runtime</artifactId>
+ <version>2.4.0-b180725.0644</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-compiler-plugin</artifactId>
+ <version>3.8.0</version>
+ <configuration>
+ <release>11</release>
+ </configuration>
+ </plugin>
+<!-- <plugin>-->
+<!-- <groupId>org.apache.maven.plugins</groupId>-->
+<!-- <artifactId>maven-enforcer-plugin</artifactId>-->
+<!-- <version>1.4.1</version>-->
+<!-- <executions>-->
+<!-- <execution>-->
+<!-- <id>enforce</id>-->
+<!-- <configuration>-->
+<!-- <rules>-->
+<!-- <dependencyConvergence/>-->
+<!-- </rules>-->
+<!-- </configuration>-->
+<!-- <goals>-->
+<!-- <goal>enforce</goal>-->
+<!-- </goals>-->
+<!-- </execution>-->
+<!-- </executions>-->
+<!-- </plugin>-->
+ <plugin>
<groupId>org.jacoco</groupId>
<artifactId>jacoco-maven-plugin</artifactId>
<version>${jacoco.version}</version>
diff --git a/rulemgt-standalone/src/main/assembly/bin/run.sh b/rulemgt-standalone/src/main/assembly/bin/run.sh index fbc7e21..85e7fcc 100644 --- a/rulemgt-standalone/src/main/assembly/bin/run.sh +++ b/rulemgt-standalone/src/main/assembly/bin/run.sh @@ -25,7 +25,7 @@ JAVA="$JAVA_HOME/bin/java" echo @JAVA@ $JAVA main_path=$RUNHOME/.. cd $main_path -JAVA_OPTS="-Xms50m -Xmx128m" +JAVA_OPTS="-Xms256m -Xmx1g" port=9201 #JAVA_OPTS="$JAVA_OPTS -Xdebug -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,address=*:$port,server=y,suspend=n" echo @JAVA_OPTS@ $JAVA_OPTS diff --git a/rulemgt-standalone/src/main/assembly/conf/rulemgt.yml b/rulemgt-standalone/src/main/assembly/conf/rulemgt.yml index 26a94e8..ca857a1 100644 --- a/rulemgt-standalone/src/main/assembly/conf/rulemgt.yml +++ b/rulemgt-standalone/src/main/assembly/conf/rulemgt.yml @@ -15,7 +15,7 @@ server: connector: type: https port: 9101 - keyStorePath: /home/holmes/conf/holmes.keystore + keyStorePath: /opt/onap/conf/holmes.keystore keyStorePassword: holmes validateCerts: false validatePeers: false diff --git a/rulemgt/src/main/java/org/onap/holmes/rulemgt/RuleActiveApp.java b/rulemgt/src/main/java/org/onap/holmes/rulemgt/RuleActiveApp.java index 21855f8..c839b5a 100644 --- a/rulemgt/src/main/java/org/onap/holmes/rulemgt/RuleActiveApp.java +++ b/rulemgt/src/main/java/org/onap/holmes/rulemgt/RuleActiveApp.java @@ -51,7 +51,6 @@ public class RuleActiveApp extends IOCApplication<RuleAppConfig> { public void run(RuleAppConfig configuration, Environment environment) throws Exception { super.run(configuration, environment); - environment.jersey().register(new RuleMgtResources()); try { new MSBRegisterUtil().register2Msb(createMicroServiceInfo()); } catch (CorrelationException e) { diff --git a/rulemgt/src/main/java/org/onap/holmes/rulemgt/msb/MsbQuery.java b/rulemgt/src/main/java/org/onap/holmes/rulemgt/msb/MsbQuery.java index 51ed0f2..df0783d 100644 --- a/rulemgt/src/main/java/org/onap/holmes/rulemgt/msb/MsbQuery.java +++ b/rulemgt/src/main/java/org/onap/holmes/rulemgt/msb/MsbQuery.java @@ -1,5 +1,5 @@ /** - * Copyright 2017 ZTE Corporation. + * Copyright 2017-2020 ZTE Corporation. * <p> * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,73 +15,55 @@ */ package org.onap.holmes.rulemgt.msb; -import lombok.extern.slf4j.Slf4j; -import org.glassfish.hk2.api.ServiceLocator; import org.onap.holmes.common.dropwizard.ioc.utils.ServiceLocatorHolder; -import org.onap.holmes.rulemgt.send.RuleAllocator; import org.onap.holmes.rulemgt.send.Ip4AddingRule; -import org.onap.holmes.rulemgt.wrapper.RuleMgtWrapper; +import org.onap.holmes.rulemgt.send.RuleAllocator; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import java.util.List; import java.util.Timer; import java.util.TimerTask; +import static java.util.concurrent.TimeUnit.SECONDS; -@Slf4j public class MsbQuery { - private RuleAllocator ruleAllocator; - + static final private Logger log = LoggerFactory.getLogger(MsbQuery.class); + final private RuleAllocator ruleAllocator; private Ip4AddingRule ip4AddingRule; - private EngineInsQueryTool engineInsQueryTool; - private RuleMgtWrapper ruleMgtWrapper; - - private List<String> timerIpList; - public MsbQuery() { ruleAllocator = new RuleAllocator(); - - ServiceLocator locator = ServiceLocatorHolder.getLocator(); - ip4AddingRule = locator.getService(Ip4AddingRule.class); - engineInsQueryTool = locator.getService(EngineInsQueryTool.class); - ruleMgtWrapper = locator.getService(RuleMgtWrapper.class); + ip4AddingRule = ServiceLocatorHolder.getLocator().getService(Ip4AddingRule.class); + engineInsQueryTool = ServiceLocatorHolder.getLocator().getService(EngineInsQueryTool.class); } public void startTimer() { try { - timer(); + new Timer().schedule(new TimerTask() { + + public void run() { + try { + List<String> timerIpList = engineInsQueryTool.getInstanceList(); + log.info(String.format("There are %d engine instance(s) running currently.", timerIpList.size())); + + ip4AddingRule.setIpList(timerIpList); + ruleAllocator.allocateRules(timerIpList); + } catch (Exception e) { + log.error("The timing query engine instance failed ", e); + } + } + + }, SECONDS.toMillis(10), SECONDS.toMillis(30)); } catch (Exception e) { log.error("MSBQuery startTimer timer task failed !" + e.getMessage(), e); try { - Thread.sleep(30000); + SECONDS.sleep(30); } catch (InterruptedException e1) { Thread.currentThread().interrupt(); } } - - - } - - public void timer() throws Exception { - Timer timer = new Timer(); - timer.schedule(new TimerTask() { - - public void run() { - try { - timerIpList = engineInsQueryTool.getInstanceList(); - log.info(String.format("There are %d engine instance(s) running currently.", timerIpList.size())); - - ip4AddingRule.setIpList(timerIpList); - ruleAllocator.allocateRules(timerIpList); - } catch (Exception e) { - log.error("The timing query engine instance failed ", e); - } - } - - }, 10000, 30000); - } - } diff --git a/rulemgt/src/main/java/org/onap/holmes/rulemgt/resources/RuleMgtResources.java b/rulemgt/src/main/java/org/onap/holmes/rulemgt/resources/RuleMgtResources.java index 8e5b7a0..445c2f9 100644 --- a/rulemgt/src/main/java/org/onap/holmes/rulemgt/resources/RuleMgtResources.java +++ b/rulemgt/src/main/java/org/onap/holmes/rulemgt/resources/RuleMgtResources.java @@ -1,5 +1,5 @@ /**
- * Copyright 2017 ZTE Corporation.
+ * Copyright 2017-2020 ZTE Corporation.
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
* in compliance with the License. You may obtain a copy of the License at
@@ -18,19 +18,6 @@ import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import io.swagger.annotations.SwaggerDefinition;
-import java.util.Locale;
-import javax.inject.Inject;
-import javax.servlet.http.HttpServletRequest;
-import javax.ws.rs.DELETE;
-import javax.ws.rs.GET;
-import javax.ws.rs.POST;
-import javax.ws.rs.PUT;
-import javax.ws.rs.Path;
-import javax.ws.rs.PathParam;
-import javax.ws.rs.Produces;
-import javax.ws.rs.QueryParam;
-import javax.ws.rs.core.Context;
-import javax.ws.rs.core.MediaType;
import lombok.extern.slf4j.Slf4j;
import org.jvnet.hk2.annotations.Service;
import org.onap.holmes.common.exception.CorrelationException;
@@ -47,6 +34,13 @@ import org.onap.holmes.rulemgt.bean.response.RuleQueryListResponse; import org.onap.holmes.rulemgt.constant.RuleMgtConstant;
import org.onap.holmes.rulemgt.wrapper.RuleMgtWrapper;
+import javax.inject.Inject;
+import javax.servlet.http.HttpServletRequest;
+import javax.ws.rs.*;
+import javax.ws.rs.core.Context;
+import javax.ws.rs.core.MediaType;
+import java.util.Locale;
+
@Service
@SwaggerDefinition
@Path("/rule")
diff --git a/rulemgt/src/test/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineServiceTest.java b/rulemgt/src/test/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineServiceTest.java index 82e51a5..91be5d3 100644 --- a/rulemgt/src/test/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineServiceTest.java +++ b/rulemgt/src/test/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineServiceTest.java @@ -1,12 +1,12 @@ /**
* Copyright 2017 ZTE Corporation.
- *
+ * <p>
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
+ * <p>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p>
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -18,10 +18,6 @@ package org.onap.holmes.rulemgt.bolt.enginebolt;
-import static org.hamcrest.MatcherAssert.assertThat;
-import static org.hamcrest.Matchers.equalTo;
-
-import java.util.HashMap;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.impl.client.CloseableHttpClient;
@@ -30,22 +26,28 @@ import org.junit.Before; import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
+import org.junit.runner.RunWith;
import org.onap.holmes.common.utils.HttpsUtils;
import org.onap.holmes.rulemgt.bean.request.CorrelationDeployRule4Engine;
import org.powermock.api.easymock.PowerMock;
import org.powermock.core.classloader.annotations.PowerMockIgnore;
import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.powermock.modules.junit4.PowerMockRunner;
import org.powermock.modules.junit4.rule.PowerMockRule;
import org.powermock.reflect.Whitebox;
+import java.util.HashMap;
+
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.hamcrest.Matchers.equalTo;
+
@PrepareForTest({HttpClients.class, CloseableHttpClient.class, HttpsUtils.class})
@PowerMockIgnore("javax.net.ssl.*")
+@RunWith(PowerMockRunner.class)
public class EngineServiceTest {
@Rule
public ExpectedException thrown = ExpectedException.none();
- @Rule
- public PowerMockRule powerMockRule = new PowerMockRule();
private EngineService engineService;
private HttpResponse httpResponseMock;
private CloseableHttpClient closeableHttpClient;
diff --git a/rulemgt/src/test/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineWrapperTest.java b/rulemgt/src/test/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineWrapperTest.java index 0664db7..0dd2fbd 100644 --- a/rulemgt/src/test/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineWrapperTest.java +++ b/rulemgt/src/test/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineWrapperTest.java @@ -17,9 +17,6 @@ package org.onap.holmes.rulemgt.bolt.enginebolt;
-import static org.hamcrest.MatcherAssert.assertThat;
-import static org.hamcrest.Matchers.equalTo;
-
import org.apache.http.HttpResponse;
import org.apache.http.StatusLine;
import org.easymock.EasyMock;
@@ -28,16 +25,18 @@ import org.junit.Rule; import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.junit.runner.RunWith;
+import org.onap.holmes.common.exception.CorrelationException;
import org.onap.holmes.common.utils.HttpsUtils;
import org.onap.holmes.rulemgt.bean.request.CorrelationCheckRule4Engine;
import org.onap.holmes.rulemgt.bean.request.CorrelationDeployRule4Engine;
-import org.onap.holmes.common.exception.CorrelationException;
import org.powermock.api.easymock.PowerMock;
-import org.powermock.api.mockito.PowerMockito;
import org.powermock.core.classloader.annotations.PrepareForTest;
import org.powermock.modules.junit4.PowerMockRunner;
import org.powermock.reflect.Whitebox;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.hamcrest.Matchers.equalTo;
+
@PrepareForTest({EngineWrapper.class, EngineService.class, HttpsUtils.class, HttpResponse.class,
StatusLine.class})
@RunWith(PowerMockRunner.class)
@@ -97,7 +96,7 @@ public class EngineWrapperTest { public void deployEngine_parse_content_exception() throws Exception {
PowerMock.resetAll();
String content = "";
- PowerMockito.mockStatic(HttpsUtils.class);
+ PowerMock.mockStatic(HttpsUtils.class);
thrown.expect(CorrelationException.class);
thrown.expectMessage(
"Failed to parse the value returned by the engine management service.");
@@ -107,7 +106,7 @@ public class EngineWrapperTest { .andReturn(httpResponse);
EasyMock.expect(httpResponse.getStatusLine()).andReturn(statusLineMock);
EasyMock.expect(statusLineMock.getStatusCode()).andReturn(200);
- PowerMockito.when(HttpsUtils.extractResponseEntity(httpResponse)).thenReturn(content);
+ EasyMock.expect(HttpsUtils.extractResponseEntity(httpResponse)).andReturn(content);
PowerMock.replayAll();
engineWrapper.deployEngine(new CorrelationDeployRule4Engine(),"10.96.33.34");
@@ -119,14 +118,14 @@ public class EngineWrapperTest { public void deployEngine_success() throws Exception {
PowerMock.resetAll();
String content = "{\"packageName\":\"test\"}";
- PowerMockito.mockStatic(HttpsUtils.class);
+ PowerMock.mockStatic(HttpsUtils.class);
EasyMock.expect(
engineServiceMock.deploy(EasyMock.anyObject(CorrelationDeployRule4Engine.class),
EasyMock.anyObject(String.class)))
.andReturn(httpResponse);
EasyMock.expect(httpResponse.getStatusLine()).andReturn(statusLineMock);
EasyMock.expect(statusLineMock.getStatusCode()).andReturn(200);
- PowerMockito.when(HttpsUtils.extractResponseEntity(httpResponse)).thenReturn(content);
+ EasyMock.expect(HttpsUtils.extractResponseEntity(httpResponse)).andReturn(content);
PowerMock.replayAll();
String result = engineWrapper.deployEngine(new CorrelationDeployRule4Engine(),"10.96.33.34");
diff --git a/rulemgt/src/test/java/org/onap/holmes/rulemgt/wrapper/RuleMgtWrapperTest.java b/rulemgt/src/test/java/org/onap/holmes/rulemgt/wrapper/RuleMgtWrapperTest.java index 90384ce..7033aff 100644 --- a/rulemgt/src/test/java/org/onap/holmes/rulemgt/wrapper/RuleMgtWrapperTest.java +++ b/rulemgt/src/test/java/org/onap/holmes/rulemgt/wrapper/RuleMgtWrapperTest.java @@ -22,6 +22,7 @@ import org.junit.Before; import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
+import org.junit.runner.RunWith;
import org.onap.holmes.common.api.entity.CorrelationRule;
import org.onap.holmes.common.exception.CorrelationException;
import org.onap.holmes.common.utils.DbDaoUtil;
@@ -33,7 +34,7 @@ import org.onap.holmes.rulemgt.db.CorrelationRuleDao; import org.onap.holmes.rulemgt.db.CorrelationRuleQueryDao;
import org.onap.holmes.rulemgt.send.Ip4AddingRule;
import org.powermock.api.easymock.PowerMock;
-import org.powermock.modules.junit4.rule.PowerMockRule;
+import org.powermock.modules.junit4.PowerMockRunner;
import org.powermock.reflect.Whitebox;
import java.util.ArrayList;
@@ -44,12 +45,11 @@ import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.equalTo;
import static org.hamcrest.Matchers.is;
+@RunWith(PowerMockRunner.class)
public class RuleMgtWrapperTest {
@Rule
public ExpectedException thrown = ExpectedException.none();
- @Rule
- public PowerMockRule powerMockRule = new PowerMockRule();
private RuleMgtWrapper ruleMgtWrapper;
|