Fix Sonar findings (#2630)

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>

.github/dependabot.yml

@@ -16,7 +16,7 @@ updates:
       interval: "daily"
   # Enable version updates for github actions
   - package-ecosystem: "github-actions"
-    directory: "/.3rd-party"
+    directory: "/"
     # Check daily
     schedule:
       interval: "daily"

hawkbit-mgmt/hawkbit-mgmt-resource/src/test/java/org/eclipse/hawkbit/mgmt/rest/resource/MgmtSoftwareModuleResourceTest.java

@@ -1539,10 +1539,6 @@ class MgmtSoftwareModuleResourceTest extends AbstractManagementApiIntegrationTes
         // hashes
         final DbArtifactHash hash = artifact.getHashes();
         assertThat(hash.getSha1()).as("Wrong sha1 hash").isEqualTo(HashGeneratorUtils.generateSHA1(random));
-        // sha1 hashes are not used via loaded artifact
-//        assertThat(hash.getMd5()).as("Wrong md5 hash").isEqualTo(HashGeneratorUtils.generateMD5(random));
-//        assertThat(hash.getSha256()).as("Wrong sha256 hash").isEqualTo(HashGeneratorUtils.generateSHA256(random));
-
         // metadata
         assertThat(softwareModuleManagement.find(sm.getId()).orElseThrow().getArtifacts().get(0).getFilename())
                 .as("wrong metadata of the filename").isEqualTo("origFilename");

hawkbit-repository/hawkbit-repository-jpa/src/test/java/org/eclipse/hawkbit/repository/jpa/AbstractJpaIntegrationTest.java

@@ -83,10 +83,6 @@ public abstract class AbstractJpaIntegrationTest extends AbstractIntegrationTest
     protected static final String NOT_EXIST_ID = "12345678990";
     protected static final long NOT_EXIST_IDL = Long.parseLong(NOT_EXIST_ID);
 
-    private static final List<String> REPOSITORY_AND_TARGET_PERMISSIONS = List.of(SpPermission.READ_REPOSITORY, SpPermission.CREATE_REPOSITORY,
-            SpPermission.UPDATE_REPOSITORY, SpPermission.DELETE_REPOSITORY, SpPermission.READ_TARGET, SpPermission.CREATE_TARGET,
-            SpPermission.UPDATE_TARGET, SpPermission.DELETE_TARGET);
-
     @Autowired
     protected TargetRepository targetRepository;
     @Autowired

hawkbit-repository/hawkbit-repository-jpa/src/test/java/org/eclipse/hawkbit/repository/jpa/acm/DistributionSetAccessControllerTest.java

@@ -246,14 +246,14 @@ class DistributionSetAccessControllerTest extends AbstractJpaIntegrationTest {
                 UPDATE_DISTRIBUTION_SET + "/id==" + permitted.getId(),
                 // read / update target needed to update target filter query
                 READ_TARGET, UPDATE_TARGET), () -> {
-//            assertThat(targetFilterQueryManagement
-//                    .updateAutoAssignDS(new AutoAssignDistributionSetUpdate(targetFilterQuery.getId()).ds(permitted.getId())
-//                            .actionType(Action.ActionType.FORCED).confirmationRequired(false))
-//                    .getAutoAssignDistributionSet().getId()).isEqualTo(permitted.getId());
-//            targetFilterQueryManagement
-//                    .updateAutoAssignDS(new AutoAssignDistributionSetUpdate(targetFilterQuery.getId())
-//                            .ds(readOnly.getId()).actionType(Action.ActionType.FORCED).confirmationRequired(false))
-//                    .getAutoAssignDistributionSet().getId();
+            assertThat(targetFilterQueryManagement
+                    .updateAutoAssignDS(new AutoAssignDistributionSetUpdate(targetFilterQuery.getId()).ds(permitted.getId())
+                            .actionType(Action.ActionType.FORCED).confirmationRequired(false))
+                    .getAutoAssignDistributionSet().getId()).isEqualTo(permitted.getId());
+            targetFilterQueryManagement
+                    .updateAutoAssignDS(new AutoAssignDistributionSetUpdate(targetFilterQuery.getId())
+                            .ds(readOnly.getId()).actionType(Action.ActionType.FORCED).confirmationRequired(false))
+                    .getAutoAssignDistributionSet().getId();
             final AutoAssignDistributionSetUpdate autoAssignDistributionSetUpdate =
                     new AutoAssignDistributionSetUpdate(targetFilterQuery.getId())
                             .ds(hidden.getId()).actionType(Action.ActionType.FORCED).confirmationRequired(false);

hawkbit-repository/hawkbit-repository-jpa/src/test/java/org/eclipse/hawkbit/repository/jpa/management/ArtifactManagementTest.java

@@ -133,10 +133,8 @@ class ArtifactManagementTest extends AbstractJpaIntegrationTest {
             final DbArtifact dbArtifact = artifactManagement.loadArtifactBinary(
                     HashGeneratorUtils.generateSHA1(randomBytes), sm.getId(), sm.isEncrypted());
             final DbArtifactHash hash = dbArtifact.getHashes();
+            // md5 and sha256 are kept in local artifact db and should not be provided by "load", test only sha1
             assertThat(hash.getSha1()).isEqualTo(HashGeneratorUtils.generateSHA1(randomBytes));
-            // md5 and sha256 are kept in local artifact db and should not be provided by "load"
-//            assertThat(hash.getMd5()).isEqualTo(HashGeneratorUtils.generateMD5(randomBytes));
-//            assertThat(hash.getSha256()).isEqualTo(HashGeneratorUtils.generateSHA256(randomBytes));
 
             assertThat(artifactRepository.findAll()).hasSize(4);
             assertThat(softwareModuleRepository.findAll()).hasSize(3);