lingwei.kong/hawkbit
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
3,991 Commits 1 Branch 0 Tags
000dd97bbc4f8de40e2e38af8f7bdeb31c5be22c
Commit Graph

3991 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Avgustin Marinov
000dd97bbc Bump some action versions (#3023) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-04-16 09:37:36 +03:00
Avgustin Marinov
82ee1cc4e6 Fix sonar findings on 21 style (#3020) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-04-15 16:57:10 +03:00
Avgustin Marinov
643e96b7b1 Add explicit codeql workflow (#3019) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-04-15 16:01:23 +03:00
Avgustin Marinov
8a078f8ee7 Fix requireJavaVersion -> 21 (#3018) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-04-15 15:42:05 +03:00
Avgustin Marinov
aca64df61c Bump JDK requirements to 21 (#3017) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-04-15 15:17:53 +03:00
Avgustin Marinov
8015b0e3f1 Fix sonar findings (2) (#3016) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-04-15 14:39:28 +03:00
Avgustin Marinov
a00374f455 Fix sonar findings (#3015) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-04-15 13:14:31 +03:00
dependabot[bot]
0a0ab18fa2 Bump org.bouncycastle:bcpkix-jdk18on from 1.83 to 1.84 (#3013) 
Bumps [org.bouncycastle:bcpkix-jdk18on](https://github.com/bcgit/bc-java) from 1.83 to 1.84.
- [Changelog](https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html)
- [Commits](https://github.com/bcgit/bc-java/commits)

---
updated-dependencies:
- dependency-name: org.bouncycastle:bcpkix-jdk18on
  dependency-version: '1.84'
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-15 09:17:13 +03:00
Avgustin Marinov
1be473b22c [#2845] Bump Spring boot to 4.x (#2941) 
Notes:
1. (!) Eclipselink shall be migrated to 5.0 (in 4.0.8 there are incompatible classes, e.g EJBQueryImpl doesn't implement some newer methods). In the moment is with beta (5.0.0-B12) - JUST for testing!
2. (!) Ethlo plugin doesn't work with Eclipselink 5.0, it builds with Eclipselink 4.0.8 (could be a problem)
3. Dependencies - new starters, test starters changes, some dependencies refactoring
4. Auto-configs split - package changes, some properties classes changes
5. Spring nullable org.springframework.lang.Nullable/NonNull are depecated and replaced with jspcify -> org.jspecify.annotations.Nullable/NonNull (NullMarked)
6. Lombok config - adding lombok.addNullAnnotations=jspecify - to do not mess annotations
7. Distributed lock table changes - SP_LOCK table db migration
8. Spring Retry replaced with Spring Core Retry - does repace retry in hawkbit
9. Specifications -> added Update/Delete(/Predicate) Specifications and JpaSpecificationExecutor changed
10. HawkbitBaseRepositoryFactoryBean modified to register properly
11. Jackson - 2 -> 3, package migrations, finals are not deserialized by default(enable finals deserialization, consider make non-final), too ‘smart’ tries to set complex objects instead of using non args constructor (-> @JsonIgnore), some other default configs made

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-04-14 11:31:41 +03:00
dependabot[bot]
23cd368e00 Bump actions/cache from 5.0.4 to 5.0.5 (#3012) 
Bumps [actions/cache](https://github.com/actions/cache) from 5.0.4 to 5.0.5.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v5.0.4...v5.0.5)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-version: 5.0.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-14 11:01:13 +03:00
Stanislav Trailov
f6cb143283 Fix force quit actions to explicitly handle 0 active actions (#3004) 
* Fix force quit actions to explicitly handle 0 active actions

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* Fix dynamic rollout behaviour when using Postgres

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

---------

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>
 2026-04-09 10:44:06 +03:00
Stanislav Trailov
f9bb49d33e Remove table alias on SET when stopping rollouts (#3002) 
Signed-off-by: strailov <Stanislav.Trailov@bosch.io>
 2026-04-07 16:56:55 +03:00
Avgustin Marinov
dd593677fd Fix stop rollout when using PosgreSQL (2) (#3000) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-04-07 09:59:34 +03:00
dependabot[bot]
0431936cca Bump docker/login-action from 4.0.0 to 4.1.0 (#2994) 
Bumps [docker/login-action](https://github.com/docker/login-action) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v4.0.0...v4.1.0)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-version: 4.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-07 08:25:20 +03:00
Stanislav Trailov
5498a79534 Fix stop rollout when using PostgreSQL (#2996) 
Signed-off-by: strailov <Stanislav.Trailov@bosch.io>
 2026-04-07 08:23:31 +03:00
Stanislav Trailov
951a89823f Fix/vulnerability build (#2998) 
* Fix vulnerability build

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* add scans dir before scanning

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

---------

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>
 2026-04-06 19:31:34 +03:00
Stanislav Trailov
82a3cfe1f4 Fix vulnerability build (#2997) 
Signed-off-by: strailov <Stanislav.Trailov@bosch.io>
 2026-04-06 18:48:20 +03:00
Stanislav Trailov
273abebf9b Migrate trivy scan to trivy-action (#2992) 
* Migrate trivy scan to trivy-action

* Revert to hard versions approach, but not only with major ref

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

---------

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>
 2026-04-03 10:44:46 +03:00
Avgustin Marinov
0e13ef6e5d Update checkmark symbol in SECURITY.md 2026-03-31 10:06:55 +03:00
Avgustin Marinov
3185468143 Add supported version for Eclipse hawkBit 2026-03-31 10:04:33 +03:00
Denislav Prinov
62c2b2e1b9 Add overview documentation image (#2988) 
Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com>
 2026-03-30 16:12:40 +03:00
Stanislav Trailov
6a1120bbd3 Try to fix dash licence tool in release pipeline (#2987) 
Signed-off-by: strailov <Stanislav.Trailov@bosch.io>
 2026-03-30 14:23:40 +03:00
Stanislav Trailov
e9acb301f2 fix flaky controller management test (#2986) 
Signed-off-by: strailov <Stanislav.Trailov@bosch.io>
 2026-03-30 11:24:17 +03:00
github-actions[bot]
7b11e80f28 [Release] Automated commit of .3rd-party/DEPENDENCIES changes 2026-03-30 07:01:23 +00:00
github-actions[bot]
ea816398ee [Release] Automated commit of .3rd-party/DEPENDENCIES changes 2026-03-30 03:08:34 +00:00
Stanislav Trailov
ba3a08e560 Add Target Poll Event in Service Events (#2981) 
* Add Target Poll Event in Service Events

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* Target poll event to service event

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

---------

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>
 2026-03-27 10:18:37 +02:00
Avgustin Marinov
5aafdaca6f Bump spring to 3.5.13 (#2985) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-03-27 10:04:46 +02:00
dependabot[bot]
6610a94675 Bump org.springframework.ai:spring-ai-bom from 1.1.3 to 1.1.4 (#2984) 
Bumps [org.springframework.ai:spring-ai-bom](https://github.com/spring-projects/spring-ai) from 1.1.3 to 1.1.4.
- [Release notes](https://github.com/spring-projects/spring-ai/releases)
- [Commits](https://github.com/spring-projects/spring-ai/compare/v1.1.3...v1.1.4)

---
updated-dependencies:
- dependency-name: org.springframework.ai:spring-ai-bom
  dependency-version: 1.1.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-27 09:12:43 +02:00
Denislav Prinov
17ac0ac569 Merge pull request #2978 from boschglobal/docs-update 
Make app-name link to landing page and change the start page to what-…
 2026-03-25 17:45:33 +02:00
Desislava Marinova
055d73c1fe Make app-name link to landing page and change the start page to what-is-hawkbit.md 2026-03-25 17:43:15 +02:00
Stanislav Trailov
f2615fe812 Modify TargetPollEvent to be per batch update (not per target) (#2965) 
* Modify TargetPollEvent to be per batch update (not per target)

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* Get use of remote event's timestame for targetPollEvent

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* Revert "Get use of remote event's timestame for targetPollEvent"

This reverts commit 27e3b740e2bb0b02cad1d5a6137db7928901f069.

---------

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>
 2026-03-25 09:29:23 +02:00
dependabot[bot]
05058b9827 Bump com.rabbitmq:http-client from 5.4.0 to 5.5.0 (#2974) 
Bumps [com.rabbitmq:http-client](https://github.com/rabbitmq/hop) from 5.4.0 to 5.5.0.
- [Release notes](https://github.com/rabbitmq/hop/releases)
- [Commits](https://github.com/rabbitmq/hop/compare/v5.4.0...v5.5.0)

---
updated-dependencies:
- dependency-name: com.rabbitmq:http-client
  dependency-version: 5.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-25 08:50:55 +02:00
Desislava Marinova
fc443b2fbb Update sidebar app name and images size and alignment (#2973) 2026-03-24 16:06:39 +02:00
Stanislav Trailov
4375cd0887 Increase TTL & refresh for DistributedLockTest (#2972) 
Signed-off-by: strailov <Stanislav.Trailov@bosch.io>
 2026-03-24 11:00:55 +02:00
Desislava Marinova
b8d3b139b0 Remove old logo from root directory (#2968) 2026-03-24 08:39:29 +02:00
Desislava Marinova
b961ae133f Docs theme updates (#2971) 
* Update architecture diagram and theme colors

* Update state and proxy diagrams
 2026-03-24 08:30:57 +02:00
Avgustin Marinov
2f2a52485a Bump Springdoc OpenAPI to 2.8.16 (#2969) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-03-23 15:38:01 +02:00
Desislava Marinova
634a578e97 Update hawkBit Documentation Theme (#2967) 2026-03-23 12:04:59 +02:00
Desislava Marinova
4954a7d488 Update hawkBit Documentation Theme (#2966) 2026-03-23 10:29:22 +02:00
Vasil Ilchev
dc8567caec DMF RabbitMQ Auto declare option (#2960) 
* DMF RabbitMQ Auto declare option

* Fix missing needed amqproperties. Moved AmqpDeadletterProperties as well, not used anymore in main config
Separate amqp declaration configuration.
 2026-03-23 09:59:04 +02:00
dependabot[bot]
b1134be641 Bump org.springframework.ai:spring-ai-bom from 1.1.2 to 1.1.3 (#2958) 
Bumps [org.springframework.ai:spring-ai-bom](https://github.com/spring-projects/spring-ai) from 1.1.2 to 1.1.3.
- [Release notes](https://github.com/spring-projects/spring-ai/releases)
- [Commits](https://github.com/spring-projects/spring-ai/compare/v1.1.2...v1.1.3)

---
updated-dependencies:
- dependency-name: org.springframework.ai:spring-ai-bom
  dependency-version: 1.1.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-23 08:50:14 +02:00
dependabot[bot]
d7dfb1e510 Bump io.github.openfeign:feign-hc5 from 13.9.3 to 13.11 (#2959) 
Bumps [io.github.openfeign:feign-hc5](https://github.com/openfeign/feign) from 13.9.3 to 13.11.
- [Release notes](https://github.com/openfeign/feign/releases)
- [Changelog](https://github.com/OpenFeign/feign/blob/master/CHANGELOG.md)
- [Commits](https://github.com/openfeign/feign/compare/13.9.3...13.11)

---
updated-dependencies:
- dependency-name: io.github.openfeign:feign-hc5
  dependency-version: '13.11'
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-23 08:38:33 +02:00
dependabot[bot]
9b954b32b3 Bump com.diffplug.spotless:spotless-maven-plugin from 3.3.0 to 3.4.0 (#2963) 
Bumps [com.diffplug.spotless:spotless-maven-plugin](https://github.com/diffplug/spotless) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/diffplug/spotless/releases)
- [Changelog](https://github.com/diffplug/spotless/blob/main/CHANGES.md)
- [Commits](https://github.com/diffplug/spotless/compare/lib/3.3.0...maven/3.4.0)

---
updated-dependencies:
- dependency-name: com.diffplug.spotless:spotless-maven-plugin
  dependency-version: 3.4.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-23 08:37:50 +02:00
Avgustin Marinov
383c6f54fc Bump Spring to 3.5.12 (#2964) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-03-20 08:38:30 +02:00
Avgustin Marinov
43f72a3376 Refer repo.eclipse.org new Nexus3 dash repo directly (#2956) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-03-17 10:22:19 +02:00
Avgustin Marinov
011d7f567e Refactor header authority controller authentication (#2954) 
1. (breaking changes) hawkbit.server.ddi.security.rp.cnHeader and sslIssuerHashHeader are renamed to controllerIdHeader and authorityHeader correspondingly.
2. (breaking changes) their default values are changed: X-Ssl-Client-Cn -> X-Controller-Id and X-Ssl-Issuer-Hash-%d -> X-Authority
3. Now the authority header configuration is not a string forma but just a string. The implemenation checks for this header as comma or ; separated list or seeks for header iteration <authority_header>-%d (iteration starts from 0 or 1
4. Doc fixed
5. As there are breaking changes configuration changes may be needed: a) with changing the hawkbit.server.ddi.security.rp you could turn back the previous default headers (note X-Ssl-Issuer-Hash-%d shall now be X-Ssl-Issuer-Hash), or b) you may change the headers sent by the reverse proxy

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-03-12 10:36:37 +02:00
Avgustin Marinov
a1608cce19 Remove DB migrations up to 1.0.0 baseline (#2953) 
For the existing DBs the 0.10.0 release shall be applied before hawkbit 1.0.0!

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-03-09 16:58:31 +02:00
dependabot[bot]
a752c72c01 Bump docker/login-action from 3 to 4 (#2950) 
Bumps [docker/login-action](https://github.com/docker/login-action) from 3 to 4.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v3...v4)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-09 16:43:35 +02:00
dependabot[bot]
2925d7977b Bump io.github.openfeign:feign-hc5 from 13.9.1 to 13.9.3 (#2949) 
Bumps [io.github.openfeign:feign-hc5](https://github.com/openfeign/feign) from 13.9.1 to 13.9.3.
- [Release notes](https://github.com/openfeign/feign/releases)
- [Changelog](https://github.com/OpenFeign/feign/blob/master/CHANGELOG.md)
- [Commits](https://github.com/openfeign/feign/compare/13.9.1...13.9.3)

---
updated-dependencies:
- dependency-name: io.github.openfeign:feign-hc5
  dependency-version: 13.9.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-09 16:43:01 +02:00
dependabot[bot]
84ee461f16 Bump com.diffplug.spotless:spotless-maven-plugin from 3.2.1 to 3.3.0 (#2947) 
Bumps [com.diffplug.spotless:spotless-maven-plugin](https://github.com/diffplug/spotless) from 3.2.1 to 3.3.0.
- [Release notes](https://github.com/diffplug/spotless/releases)
- [Changelog](https://github.com/diffplug/spotless/blob/main/CHANGES.md)
- [Commits](https://github.com/diffplug/spotless/compare/maven/3.2.1...lib/3.3.0)

---
updated-dependencies:
- dependency-name: com.diffplug.spotless:spotless-maven-plugin
  dependency-version: 3.3.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-09 16:42:32 +02:00