hawkbit

Author	SHA1	Message	Date
Avgustin Marinov	acff82f60f	Small security improvements (#1412 ) Typos fixed Disables empty string gateway token for sure. Test if the gateway token is not empty string ecplicitly. Empty string is the default value and if accepted could be a security vulnerability (e.g. enabling gateway token authentication and using empty string as token). According to https://datatracker.ietf.org/doc/html/rfc7230#section-3.2.4 the header value shall not have trailing spaces and the http server shall already have trimmed them. So if execution passes start with "GatewayToken " then token shall not be empty. But but let's check anyway In UI first set key then enable the gateway token authentication. Otherwise the key might be left empty (default). This however shall not be really problem since (because of token trimming) the empty token will be rejected anyway. Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2023-08-16 14:25:17 +03:00
Denislav Prinov	a5dba29e74	Full representation with filtration (#1415 ) * fixed RSQL filtration while loading full representation of a Rollout Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> * Added tests Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> * review findings Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> --------- Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com>	2023-08-16 11:09:46 +03:00
Avgustin Marinov	4590d004f9	Fix doc builds on windows (#1409 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2023-08-03 16:27:51 +03:00
Stanislav Trailov	b35f45aabc	Upgrade nexus maven plugin to 1.6.13 (#1408 ) Signed-off-by: Stanislav Trailov <Stanislav.Trailov@bosch.io>	2023-08-03 12:28:08 +03:00
Avgustin Marinov	06f8535386	Fixed some CI flows & checks (#1405 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2023-08-02 11:51:56 +03:00
Denislav Prinov	fb30999d73	Batch system config update (#1402 ) * Added an endpoint for batch update of system configurations Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> * batch db save Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> * Review changes and added tests Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> * Evict cache only if transaction is commited - such as @CacheEvict Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> * refactoring Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> * Using AfterTransactionCommitExecutor for cache eviction Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> * Change request body Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> --------- Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com>	2023-08-02 11:15:27 +03:00
Avgustin Marinov	1dc1bdbe94	Upgrade Spring and docker image (#1401 ) Spring -> 2.7.17 base docker image -> 17.0.8_7-jre-alpine Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2023-08-01 09:46:44 +03:00
Avgustin Marinov	1aa1f02649	Doc - add Actions API (#1404 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2023-07-28 14:05:32 +02:00
Avgustin Marinov	db571be81c	Fixing missing API doc (#1403 ) fixed by adding ``` [markup] [markup.goldmark] [markup.goldmark.renderer] unsafe = true ``` otherwise hugo removes raw html (as the iframes) + links points to concrete html files	2023-07-28 10:16:54 +02:00
Stanislav Trailov	b28e232fce	change eclipse.org to eclipse.dev (#1391 ) Signed-off-by: Stanislav Trailov <Stanislav.Trailov@bosch.io>	2023-07-20 11:16:36 +03:00
Stanislav Trailov	60fbabbc62	fix sonar finding (#1398 ) Signed-off-by: Stanislav Trailov <Stanislav.Trailov@bosch.io>	2023-07-17 17:12:21 +03:00
Denislav Prinov	71740ccdda	Changed the structure of the response body for Distribution statistics (#1397 ) * changed the structure of the response body Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> * Fixed tests Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> * refactoring Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> --------- Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com>	2023-07-17 13:46:52 +03:00
Avgustin Marinov	56ea5b15c9	[#1383 ] Spring Boot 3 Migration / Step 1 (#1384 ) 1. PagingAndSortingRepository doesn't extend CrudRepository anymore. For all extending that interface repositories CrudRepository super interface shall be now declared (https://spring.io/blog/2022/02/22/announcing-listcrudrepository-friends-for-spring-data-3-0 - ``` The popular PagingAndSortingRepository used to extend from CrudRepository, but it no longer does. This lets you combine it with either CrudRepository or ListCrudRepository or a base interface of your own creation. This means you now have to explicitly extend from a CRUD fragment, even when you already extend from PagingAndSortingRepository. ``` ) 2. org.eclipse.hawkbit.autoconfigure.mgmt.ui -> move in hawkbit-ui (to be ready for removal), anyway - it's a better location for ui related configs 3. extends WebMvcConfigurerAdapter -> implements WebMvcConfigurer 4. remove WebSecurityConfigurerAdapter -> https://docs.spring.io/spring-security/reference/5.8/migration/servlet/config.html#_stop_using_websecurityconfigureradapter, https://spring.io/blog/2022/02/21/spring-security-without-the-websecurityconfigureradapter and add @Order to the bean reg!! 5. Use configurers (the other will be deprecated / removed), e.d: http.csrf().disable() -> http.csrf(AbstractHttpConfigurer::disable) 6. configure(final AuthenticationManagerBuilder auth) -> put in httpsecurity config - http.getSharedObject(AuthenticationManagerBuilder.class).... (https://www.baeldung.com/spring-security-authentication-provider) 7. configure(final WebSecurity webSecurity) -> ``` @Bean public WebSecurityCustomizer webSecurityCustomizer() { return (web) -> web.ignoring().antMatchers("/documentation/", "/VAADIN/", "/.", "/docs/**"); } ``` (https://spring.io/blog/2022/02/21/spring-security-without-the-websecurityconfigureradapter) 8. AuthenticationManager authenticationManagerBean() -> ``` @Bean AuthenticationManager authenticationManager(final AuthenticationConfiguration authenticationConfiguration) throws Exception { return authenticationConfiguration.getAuthenticationManager(); } ``` (https://backendstory.com/spring-security-how-to-replace-websecurityconfigureradapter/) 9. WebMvcAutoConfiguration could be removed - it uses deprectated methods, and sets properties that are same by default - hence - not neeeded (https://github.com/spring-projects/spring-framework/issues/23915#issuecomment-563987147) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2023-07-17 10:36:26 +03:00
Melchior Moos	bcc2616e73	Do not retry AMQP messages which violates a quota (#1392 )	2023-07-13 14:00:21 +03:00
Michael Herdt	160e44f0ef	Extend get module artifacts API by download URL (#1390 ) * Introduce request parameter to request download URLs when retrieving list of artifacts for a specific software module. * Fix DDI integration test by aligning download path to new config * Make use of mgmt representation mode in sw-module mgmt api * Changed path * refactor test names	2023-07-12 16:50:59 +03:00
Stanislav Trailov	593a0bb146	Expose approval remark and decided by in rollout mgmt API (#1389 ) Signed-off-by: Stanislav Trailov <Stanislav.Trailov@bosch.io>	2023-07-11 08:59:12 +03:00
Denislav Prinov	3402808ee9	Add statistics for Distribution Set (#1388 ) * Add Statistics for Rollouts and Actions count by Status for a Distribution Set Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> * remove unused imports Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> * Refactoring and additional statistics for auto assignments Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> * Fixed review findings and added tests Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> * Added tests for the Management API Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> * Remove unused imports Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> * refactoring Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> --------- Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com>	2023-07-11 08:58:52 +03:00
Denislav Prinov	2fe73ee40c	Filter Distribution Sets by assigned Software Modules (#1386 ) * Filter Distribution Sets by assigned Software Modules Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> * Fixed tests Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> --------- Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com>	2023-07-10 15:19:08 +03:00
Stanislav Trailov	5edd9fdf76	Target type unnasign when updating target (#1385 ) * Add main logic Signed-off-by: Stanislav Trailov <Stanislav.Trailov@bosch.io> * Add unit test and fix docu tests Signed-off-by: Stanislav Trailov <Stanislav.Trailov@bosch.io> * Remove unused imports Signed-off-by: Stanislav Trailov <Stanislav.Trailov@bosch.io> --------- Signed-off-by: Stanislav Trailov <Stanislav.Trailov@bosch.io>	2023-07-10 15:10:19 +03:00
Stanislav Trailov	a8d5a15a1c	Fix some sonar findings Fix some sonar findings	2023-06-30 09:52:54 +03:00
Marinov Avgustin	ad3404c93d	Fix some sonar findings Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2023-06-30 09:29:13 +03:00
Stanislav Trailov	150de47983	Switch to Tomcat [#1378] Switch to Tomcat	2023-06-29 15:31:53 +03:00
Stanislav Trailov	909aa14629	Additional tag filtering by target ID and Distribution Set ID Additional tag filtering by target ID and Distribution Set ID	2023-06-29 15:23:57 +03:00
Stanislav Trailov	99a0da1c2f	Apply changes from review Signed-off-by: Stanislav Trailov <Stanislav.Trailov@bosch.io>	2023-06-29 14:38:12 +03:00
Stanislav Trailov	407ff7a3e5	More refactoring Signed-off-by: Stanislav Trailov <Stanislav.Trailov@bosch.io>	2023-06-29 13:09:32 +03:00
Stanislav Trailov	8bbe6df72a	Add comment in test for specific query parameter usage Signed-off-by: Stanislav Trailov <Stanislav.Trailov@bosch.io>	2023-06-29 12:41:49 +03:00
Stanislav Trailov	52d671bdc5	Add some useful comments Signed-off-by: Stanislav Trailov <Stanislav.Trailov@bosch.io>	2023-06-29 12:31:25 +03:00
Stanislav Trailov	0d4f67e345	Small refactoring + additional classes Signed-off-by: Stanislav Trailov <Stanislav.Trailov@bosch.io>	2023-06-29 12:29:40 +03:00
Stanislav Trailov	e7226e3933	Additional target filtering by target and DS ids Signed-off-by: Stanislav Trailov <Stanislav.Trailov@bosch.io>	2023-06-29 12:24:18 +03:00
Stanislav Trailov	e81c68e9b0	Extend the Rollout filtration fields with status and Distribution set Extend the Rollout filtration fields with status and Distribution set	2023-06-29 11:13:39 +03:00
Denislav Prinov	9bf2612c7d	Extend the Rollout filtration fields with status and Distribution set Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com>	2023-06-29 08:40:22 +03:00
Marinov Avgustin	649c714006	[#1378 ] Switch to Tomcat switch hawkBit web server to Tomcat (was Jetty) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2023-06-28 16:23:39 +03:00
Stanislav Trailov	db542497ea	Update misc dependencies versions Update misc dependencies versions remove org.bsc.maven:maven-processor-plugin awaitility removal of awaitility Duration class fixed	2023-06-28 14:07:48 +03:00
Marinov Avgustin	8047ceac03	Update misc dependencies versions + remove org.bsc.maven:maven-processor-plugin + awaitility removal of awaitility Duration class fixed Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2023-06-28 13:06:48 +03:00
Stanislav Trailov	5a5c615cac	Added support for cdn download url for mgmt API and tests Added support for cdn download url for mgmt API and tests	2023-06-22 15:50:13 +03:00
Sebastian Firsching	450bfda31e	Adapt rest docs tests Signed-off-by: Sebastian Firsching <sebastian.firsching@bosch-si.com>	2023-06-21 16:20:34 +02:00
Sebastian Firsching	bdcb361ae5	Introduce useArtifactUrlHandler parameter Signed-off-by: Sebastian Firsching <sebastian.firsching@bosch-si.com>	2023-06-20 12:42:50 +02:00
Sebastian Firsching	41922bfa0c	Adapt rel value in properties files Signed-off-by: Sebastian Firsching <sebastian.firsching@bosch-si.com>	2023-06-20 09:08:05 +02:00
Sebastian Firsching	154875818c	Add all artifactUrls to the Mgmt API response Signed-off-by: Sebastian Firsching <sebastian.firsching@bosch-si.com>	2023-06-20 07:58:04 +02:00
Shruthi Manavalli Ramanna	80c471cf80	Added documentation test changes as well Signed-off-by: Shruthi Manavalli Ramanna <shruthimanavalli.ramanna@bosch-si.com>	2023-06-06 10:42:39 +02:00
Avgustin Marinov	eb8d559780	Docker version upgrated to java 17 (#1371 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2023-06-06 10:25:46 +02:00
Stanislav Trailov	3c815ed2d0	openjdk 11 to 17 (#1368 ) * openjdk 11 to 17 spring-security-core from 5.7.7 to 5.7.8 Signed-off-by: Stanislav Trailov <stanislav.trailov@bosch.io> * Bump spring boot to 2.7.12 Signed-off-by: Stanislav Trailov <stanislav.trailov@bosch.io> * deprecated circleci image to cimg Signed-off-by: Stanislav Trailov <stanislav.trailov@bosch.io> * Migrate spring boot parent to 2.7.12 Signed-off-by: Stanislav Trailov <stanislav.trailov@bosch.io> --------- Signed-off-by: Stanislav Trailov <stanislav.trailov@bosch.io>	2023-06-06 09:23:17 +02:00
Shruthi Manavalli Ramanna	0759fd80b0	Added support for cdn download url for mgmt API and tests Signed-off-by: Shruthi Manavalli Ramanna <shruthimanavalli.ramanna@bosch-si.com>	2023-06-02 19:09:31 +02:00
Stanislav Trailov	f0db69473c	Enforce decoding in authentication check (#1362 ) * Enforce decoding in authentication check +Enforce decoding of controllerId when authentication is performed for the reverse proxy use case * Remove unused imports Signed-off-by: Stanislav Trailov <stanislav.trailov@bosch.io> * Switch approach to decode retrieved values from map Signed-off-by: Stanislav Trailov <stanislav.trailov@bosch.io> * Remove unused imports Signed-off-by: Stanislav Trailov <stanislav.trailov@bosch.io> * Style improve Signed-off-by: Stanislav Trailov <stanislav.trailov@bosch.io> * Move logic to separate class Signed-off-by: Stanislav Trailov <stanislav.trailov@bosch.io> * Remove TODO comment Signed-off-by: Stanislav Trailov <stanislav.trailov@bosch.io> * Hide public constructor in Util class Signed-off-by: Stanislav Trailov <stanislav.trailov@bosch.io> --------- Signed-off-by: Stanislav Trailov <stanislav.trailov@bosch.io>	2023-06-01 09:11:39 +02:00
Stefan Behl	43b54b4c36	Fixed Dockerfile for 0.3.0M8-mysql (#1357 )	2023-04-26 09:38:20 +02:00
Jeroen Laverman	e6b9d5e77f	add zephyr-rtos and chirp stack to clients (#1356 )	2023-04-25 14:28:22 +02:00
Jeroen Laverman	85df6127d3	Update website for 0.3.0M8 (#1355 ) * update release notes * change Bosch.IO to Bosch Digital * Remove IoT Permissions integration * Add features from 0.3.0M8	2023-04-25 09:34:46 +02:00
Stefan Behl	a097638d2b	Adding Dockerfiles for 0.3.0M8 (#1353 )	2023-04-20 17:21:47 +02:00
Stefan Behl	328ded7406	Fix RSQLUtilityTest (#1351 )	2023-04-20 08:48:39 +02:00
Stefan Behl	5d0a9c0f1d	Remove dependency net._01001111:jlorem (#1350 ) * Remove dependency jlorem * Minor optimization * Minor optimization	2023-04-19 15:22:06 +02:00

1 2 3 4 5 ...

2581 Commits