summaryrefslogtreecommitdiffstats
path: root/policy-endpoints/src
AgeCommit message (Collapse)AuthorFilesLines
2023-09-29Fix security vulnerabilitiesadheli.tavares7-297/+270
- iq nexus vulnerabilities - sonar security hotspots and code smell Issue-ID: POLICY-4761 Issue-ID: POLICY-4833 Change-Id: Iab2e07d2ee7b90031bc5a30210ce7d3f5a47b3fd Signed-off-by: adheli.tavares <adheli.tavares@est.tech>
2023-09-21Java 17 Upgradeadheli.tavares31-154/+183
Issue-ID: POLICY-4668 Change-Id: If4e79224de61d66d7514f3abbd7b8bee1c3d5681 Signed-off-by: adheli.tavares <adheli.tavares@est.tech>
2023-03-14Upgrade Jetty and Jerseyliamfallon11-64/+91
The new version of Jetty and Jersey brings in Server Name Checking, which must be eiter enabled or disabled. Also, the bug in Swagger that drags in JUnit 5 with a non "test" scope is worked around by excluding the junit 5 dependencies. Issue-ID: POLICY-4474 Change-Id: Ib5ba23616c8d3cb011c5055a49c9cb325c9fd667 Signed-off-by: liamfallon <liam.fallon@est.tech>
2023-03-10Reverted call to ServerConnectorsaul.gill1-6/+6
Version rollback in parent repo caused an error here Constructor used had to be reverted Issue-ID: POLICY-4474 Change-Id: Ifaee86b127aaad5f27beb2e99cd5930f97f179de Signed-off-by: saul.gill <saul.gill@est.tech>
2023-02-27Fixed sonar issues in policy-commonSuresh Charan2-30/+23
Reduced technical debt by fixing sonar issues Issue-ID: POLICY-4536 Change-Id: I9f8366ea49ab4e5541d64db2fe1f6e8f138ce763 Signed-off-by: Suresh Charan <suresh.charan@bell.ca>
2023-02-20Clean up dependencies for London Releaseliamfallon1-6/+6
Issue-ID: POLICY-4482 Change-Id: Ibc0833313bf8eb5330c414ff00a31313500959e6 Signed-off-by: liamfallon <liam.fallon@est.tech>
2023-01-31Upgrade and clean up dependenciesliamfallon6-19/+12
- Upgrade Hibernate - Upgrade Mockito - Upgrade Mockserver - Remove Powermock (no longer supported) and replace with spring-test ReflectionTestUtils - Upgrade Spring Framework - Add spring-security to allow authentication on unit tests using MockMVC Minor clean-up - Replace deprecated authorization configuraiton on spring boot applications with SecurityFilterChain bean - Change @LocalPort include on tests to use test include rather than runtime include - Remove unused imports - Remove unused constants and variables - Add deprecation annotations where required Issue-ID: POLICY-4482 Change-Id: Iec5ba1283acd506c9f3c7fe7b5d7858db6abbaa7 Signed-off-by: liamfallon <liam.fallon@est.tech>
2022-09-21Publish and Subscribe to Kafka topicSirisha_Manchikanti16-52/+540
Issue-ID: POLICY-4134 Signed-off-by: Sirisha_Manchikanti <sirisha.manchikanti@est.tech> Change-Id: Idefa5b6f3cb702a4b478b76570717e73214d235a
2022-07-22Introduce Custom Kafka End pointSirisha_Manchikanti25-2/+1532
Issue-ID: POLICY-4133 Signed-off-by: Sirisha_Manchikanti <sirisha.manchikanti@est.tech> Change-Id: I2745f3af97e9bb83d94c5cb6d29dfd452d315506
2021-08-23Support multiple filters in RestServerJim Hahn2-8/+58
Added an API to RestServer so that multiple Filters may be provided. Issue-ID: POLICY-3531 Change-Id: I21f474c01d58237c744d1d70f5b39c2c90fdb401 Signed-off-by: Jim Hahn <jrh3@att.com>
2021-08-23Disable prometheus by default in policy/commona.sreekumar1-1/+1
Change-Id: I30acac6ea84bfb032994e81a93f38443818a0d1a Issue-ID: POLICY-3538 Signed-off-by: a.sreekumar <ajith.sreekumar@bell.ca>
2021-08-18Add topic checkerJim Hahn2-1/+380
Added a method to check the readiness of a bidirectional topic. Issue-ID: POLICY-3531 Change-Id: I2fefae7ba1ea5ed9ed33140717d05828e6dec94d Signed-off-by: Jim Hahn <jrh3@att.com>
2021-08-18Integrating prometheus with Policy componentsa.sreekumar12-41/+272
With this change, all PF components can export prometheus metrics by default. The prometheus metrics servlet will be running on /metrics servletPath.. If the metrics shouldn't be exported, just add a flag "promethus": false in the restServerParameters of default configuration file. This brings up prometheus servlet on /metrics servletPath. Also as part of standard servlet support, "servletUriPath" and "servletClass" are 2 other fields added to RestServerParameters which can be used to add standard servlets. This can be revisited later if needed. Basically, any servlet can be added by passing these fields, for example, to add prometheus metrics servlet on /test/metrics, add the below to restServerParameters: "servletUriPath": "/test/metrics", "servletClass": "io.prometheus.client.exporter.MetricsServlet" In addition, we can later go to individual components and add more metrics, say for e.g., deployedPoliciesCounter/undeployedPoliciesCounter etc on PAP, executedEvents/failedEvents etc on PDP and so on. This will look something like below, for e.g. in policy-pap component: io.prometheus.client.Counter counter = Counter.build() .name("policies_deployed_total") .help("Number of policies deployed.").register() Whenever a policy is deployed, just call counter.inc() Usage of code like above in the individual component will expose such data as well as part of the exposed metrics. Change-Id: Id667f27b15c012398421ba657b5324cc1d82cf1f Issue-ID: POLICY-3524 Signed-off-by: a.sreekumar <ajith.sreekumar@bell.ca> Signed-off-by: jhh <jorge.hernandez-herrero@att.com> Signed-off-by: a.sreekumar <ajith.sreekumar@bell.ca>
2021-07-02Merge "Use UUID for topic consumer instance"Jim Hahn2-11/+36
2021-07-02Wait after fetch exception on topicJim Hahn2-10/+52
When dmaap is inaccessible for some reason, the topic source frequently enters a fast fail loop, rapidly filling up the log. Modified the code to wait the configured fetchTimeout when this occurs. With any luck, this will also fix the sporadic kubernetes crash-fail loops sometimes seen with the xacml-pdp pod. Modified to limit how long it will sleep after a failure, regardless of the fetchTimeout that was specified. Issue-ID: POLICY-3457 Change-Id: I88e360fb1d31197b46f4959e5ea0ea2d741ad25c Signed-off-by: Jim Hahn <jrh3@att.com>
2021-07-01Use UUID for topic consumer instanceJim Hahn2-11/+36
Modified the code so that if the consumer group is defined, but the consumer instance is not, then policy-endpoints will generate a UUID for the consumer instance. Made the logic a little more straight-forward in response to a review comment. Issue-ID: POLICY-3405 Change-Id: If74440bdb01525bc463a28e5b8a9a2eca89a855a Signed-off-by: Jim Hahn <jrh3@att.com>
2021-06-29Address sonars in commonJim Hahn1-1/+2
Fixed: - use "var" - duplicate code block Issue-ID: POLICY-3284 Change-Id: I8cd7f2588353a2e7702c90d37d7b9f972634dca9 Signed-off-by: Jim Hahn <jrh3@att.com>
2021-06-22Move Validators and RestClientParameters in policy-commonFrancescoFioraEst1-0/+56
Issue-ID: POLICY-3402 Change-Id: I7479027e3ea1e960266264c2d13cd69e2103710b Signed-off-by: FrancescoFioraEst <francesco.fiora@est.tech>
2021-06-18Merge "Fix new checkstyle issues in policy-common"Jim Hahn2-3/+4
2021-06-18Fix new checkstyle issues in policy-commonJim Hahn2-3/+4
The new version of checkstyle identified new issues. Fixed those. Issue-ID: POLICY-3284 Change-Id: I2a8bf2b460fda7972ce573f14df5af52d46c9993 Signed-off-by: Jim Hahn <jrh3@att.com>
2021-06-17Use lombok in policy-endpointsJim Hahn24-399/+104
Issue-ID: POLICY-3394 Change-Id: I8dfb0814d5cc544b2c334dc11a3e69ef407f163f Signed-off-by: Jim Hahn <jrh3@att.com>
2021-05-24Merge "Enhance toString methods in factory classes"Jim Hahn15-113/+38
2021-05-21Fix sonar duplicate code issueJim Hahn2-50/+109
Issue-ID: POLICY-3284 Change-Id: I78c3a8ac92e18e2b0088eb07e27a4e97866d6182 Signed-off-by: Jim Hahn <jrh3@att.com>
2021-05-21Enhance toString methods in factory classesJim Hahn15-113/+38
The factory classes in policy-endpoints have toString() methods that return "[]" for their list contents. Updated the code to provide a list of the keys rather than just an empty list. Also replaced some toString() methods with lombok. Also replace StringBuilder with concatenation in some cases. Issue-ID: POLICY-3298 Change-Id: I64fca21a4b009f7e09fcc482b5d156753fb7e680 Signed-off-by: Jim Hahn <jrh3@att.com>
2021-05-07Change java.util.regex to re2jJim Hahn10-10/+10
Sonar complains about java.util.regex. Thought I used re2j when creating all of the patterns, but apparently not. Fixed that oversight. Issue-ID: POLICY-3284 Change-Id: Idbec112ab0d4c3b477ce357f8a556d95e4dea083 Signed-off-by: Jim Hahn <jrh3@att.com>
2021-05-06Fix sonars in policy-commonJim Hahn25-113/+134
Fixed sonars: - use "var" instead of actual type name - re-interrupt threads - use rej2 split() instead of String split() Issue-ID: POLICY-3285 Change-Id: I82261e0b8a53ee5c5264556fbf5cec37454f014e Signed-off-by: Jim Hahn <jrh3@att.com>
2021-04-29Remove GroupValidationResultJim Hahn4-22/+22
Removed GroupValidationResult, replacing it with BeanValidationResult. Modified the ParameterGroup subclasses to use BeanValidator, adding annotations where needed to trigger the validations that had been automatically performed by GroupValidationResult. Added Size annotation, used to verify minimum lengths of maps and collections. Added ClassName annotation, used to verify that a property contains the name of a class that is actually in the classpath. Added another addResult() method to make it easier when replacing calls to GroupValidationResult setResult() method with BeanValidationResult. Issue-ID: POLICY-2059 Change-Id: Id4da24886908723006624c5d53edeb034102299d Signed-off-by: Jim Hahn <jrh3@att.com>
2021-03-25Use self-signed-cert property for HTTP clientsJim Hahn1-5/+4
Currently, the HttpClient code sets self-signed-certs to true whenever https is specified. This is insecure. Modified the code to set the value based on the property, defaulting to false. Issue-ID: POLICY-3145 Change-Id: Ie88cf2411ae44a7c53bc8943f615a74c5b87d1aa Signed-off-by: Jim Hahn <jrh3@att.com>
2021-02-11Fix sonars from depeendency upgradeJim Hahn1-3/+3
The dependency upgrades in policy-parent caused some new sonars. In particular, initMocks() has been deprecated - replaced with calls to the Mockito Runner. Issue-ID: POLICY-2914 Change-Id: Iaf10f676c380adb9785e836cb15792596b378e4e Signed-off-by: Jim Hahn <jrh3@att.com>
2021-02-10More sonar issues in commonJim Hahn3-32/+29
Addressed the issues: - use of eq() in verify() - remove @NamedQueries - use computeIfAbsent() Issue-ID: POLICY-2914 Change-Id: I265bc98f0f326e7b4ce86c25e68fc4859bd7fb02 Signed-off-by: Jim Hahn <jrh3@att.com>
2020-12-04Fixing sonar issues in policy-commona.sreekumar10-18/+28
Change-Id: I4dce0dbdf71d01fbb59e9bf861d1af1ab49e5ae7 Issue-ID: POLICY-2914 Signed-off-by: a.sreekumar <ajith.sreekumar@bell.ca>
2020-10-29Remove server-side filtering from policy-endpointsJim Hahn5-163/+6
ONAP DMaaP Message Router no longer supports server-side filtering. Removed it from policy-endpoints. Issue-ID: POLICY-2881 Change-Id: I08157f7699608af63992dec78a61c5f9c55037b9 Signed-off-by: Jim Hahn <jrh3@att.com>
2020-09-28New sonars in policy-commonJim Hahn2-5/+27
Addressed the following sonars: - too many assertions in a test case - use parameterized test method Disabled production sonars for util-test, as the entire module is only used for testing other modules. Issue-ID: POLICY-2650-sonar Change-Id: If49775a6c95855dcd9601ee0d833bb00741b1550 Signed-off-by: Jim Hahn <jrh3@att.com>
2020-07-20Remove jackson from policy-commonJim Hahn8-246/+2
Issue-ID: POLICY-1528 Change-Id: Ic4b9314a770e53cefb93776bfede35591363690e Signed-off-by: Jim Hahn <jrh3@att.com>
2020-06-29Fix issues in common for new sonar rulesJim Hahn4-8/+11
Addressed issues reported due to updates to the sonar rules: - invoke only one method in a junit lambda - complete the assertion - add DOCTYPE to html Issue-ID: POLICY-2650 Change-Id: Ib8b8a2e4736cc23849c0f7aef972ffa3365a3e00 Signed-off-by: Jim Hahn <jrh3@att.com>
2020-06-25Merge "Fix deprecated method in policy-common"Pamela Dragosh1-2/+3
2020-06-25Fix Junit failed after AAF version change 2.1.21Utkarsh Jauhari1-0/+7
Issue-ID: POLICY-2623 Signed-off-by: Utkarsh Jauhari <uj426b@att.com> Change-Id: I86c5b6efac8f62dd0d4ba576d8ec49cfa63a58bb
2020-06-24Fix deprecated method in policy-commonJim Hahn1-2/+3
Probably due to a jar update, some methods are now deprecated. Fixed them. Issue-ID: POLICY-2650 Change-Id: I48aabd4552faaf88671dfbe6556dc739a8c94809 Signed-off-by: Jim Hahn <jrh3@att.com>
2020-06-18Changes for checkstyle 8.32liamfallon4-6/+6
Issue-ID: POLICY-2188 Change-Id: I00843c61a6567001fc35c3ebb77b6843a1eb7da2 Signed-off-by: liamfallon <liam.fallon@est.tech>
2020-06-17Cleanup various sonar issues in policy-commonJim Hahn16-48/+39
Addressed the following issues: - unused imports - unused method parameters - use assertEquals, assertSame instead of assertTrue - provide the parametrized type for this generic Also fixed some checkstyle issues: - removed blank lines between "import" groups Issue-ID: POLICY-2650 Change-Id: I004bb650ac10c49ccd0fc405f6959896fec39f9b Signed-off-by: Jim Hahn <jrh3@att.com>
2020-06-02Code changes for dmaap-client upgradeJim Hahn1-4/+11
Issue-ID: POLICY-1996 Change-Id: Id8a3acf9406c6acada4c3ffee679f2baf819cded Signed-off-by: Jim Hahn <jrh3@att.com>
2020-05-27Make GSON the default serializerJim Hahn2-6/+8
The default serialization provider for HttpClient and HttpServletServer was Jackson. Modified to use GSON instead. Issue-ID: POLICY-1526 Change-Id: Ic6282d119fa63d12470903a4f1eb4da3afd6efe7 Signed-off-by: Jim Hahn <jrh3@att.com>
2020-04-06More sonar issues in commonJim Hahn1-5/+6
Fixed additional sonar issues: - infinit loop; while the issue is bogus, it was easy enough to modify the code to satisfy sonar - doesn't like "volatile"; again, the issue is bogus, but easy enough to modify the code Disabled a couple of sonars in NetworkUtil, as they are not actually an issue. Issue-ID: POLICY-2305 Change-Id: I5500183e3fe4060696994cff55bdae4ba7e138c7 Signed-off-by: Jim Hahn <jrh3@att.com>
2020-04-06Address sonar issues in commonJim Hahn16-73/+95
Addressed the following sonar issues: - missing assertion in junit test case - disable sonars about setAccessible() as it's required for jackson emulation - sleep in junit - don't use wild-cards (e.g., "*") with java.util Pattern - use re2j instead of java.util Pattern - use String methods (e.g., startsWith()) - duplicate method bodies - duplicate code in Coder classes - string concatenation in logger calls - UTF-8 encoding - return primitive instead of boxed primitive - add assertion to tests - renamed support methods from doTestXxx to verifyXxx - cognitive complexity - use AtomicRef instead of volatile - use specific Functionals (e.g., IntConsumer) - function always returns the same value - serializable vs transient Issue-ID: POLICY-2305 Change-Id: I08eb7aa495a80bdc1d26827ba17a7946c83b9828 Signed-off-by: Jim Hahn <jrh3@att.com>
2020-03-27More sonar issues cleanupPamela Dragosh2-10/+6
Either log or rethrow Use boolean expression Add at least one test Remove commented out code Issue-ID: POLICY-2204 Change-Id: I4fdf31aea75303e4f49d25198eb3b12341995bfe Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2020-03-24Sonar and eclipse warnings commonPamela Dragosh1-3/+1
Unused imports Not enough arguments Issue-ID: POLICY-2204 Change-Id: I6405cb697ea976096b1276e2291b1c73617d33b5 Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2020-03-12Move code from drools-apps to commonJim Hahn2-2/+2
Extracted code from ControlLoopUtils to create a new class in common, PropertyObjectUtils. Fixed a deprecated method invocation in a junit. Fixed an object casting (i.e., sonar) issue in SCO. Issue-ID: POLICY-2305 Signed-off-by: Jim Hahn <jrh3@att.com> Change-Id: I331a47297f67097ea6986be125ef93cd1954b5ff
2020-03-04SONAR: Resolving server hostnames should be verifiedChris Ramstad1-1/+7
Per Jorge Hernandez, we don't want to fix this as it falls under the selfSignedCert clause which is used in testing and non-production environments. Marking as //NOSONAR Issue-ID: POLICY-2389 Signed-off-by: Chris Ramstad <cramstad@ciena.com> Change-Id: Iaf47e19dc8450607b1dc3aa260370e9c0d7d491d
2020-03-03Merge "Add JettyStaticResourceServer to policy-endpoints"Ram Krishna Verma9-76/+348
2020-03-03Merge "BidirectionalTopic should use plain TopicSink"Jim Hahn2-23/+14