Notes:
1. (!) Eclipselink shall be migrated to 5.0 (in 4.0.8 there are incompatible classes, e.g EJBQueryImpl doesn't implement some newer methods). In the moment is with beta (5.0.0-B12) - JUST for testing!
2. (!) Ethlo plugin doesn't work with Eclipselink 5.0, it builds with Eclipselink 4.0.8 (could be a problem)
3. Dependencies - new starters, test starters changes, some dependencies refactoring
4. Auto-configs split - package changes, some properties classes changes
5. Spring nullable org.springframework.lang.Nullable/NonNull are depecated and replaced with jspcify -> org.jspecify.annotations.Nullable/NonNull (NullMarked)
6. Lombok config - adding lombok.addNullAnnotations=jspecify - to do not mess annotations
7. Distributed lock table changes - SP_LOCK table db migration
8. Spring Retry replaced with Spring Core Retry - does repace retry in hawkbit
9. Specifications -> added Update/Delete(/Predicate) Specifications and JpaSpecificationExecutor changed
10. HawkbitBaseRepositoryFactoryBean modified to register properly
11. Jackson - 2 -> 3, package migrations, finals are not deserialized by default(enable finals deserialization, consider make non-final), too ‘smart’ tries to set complex objects instead of using non args constructor (-> @JsonIgnore), some other default configs made
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
* Modify TargetPollEvent to be per batch update (not per target)
Signed-off-by: strailov <Stanislav.Trailov@bosch.io>
* Get use of remote event's timestame for targetPollEvent
Signed-off-by: strailov <Stanislav.Trailov@bosch.io>
* Revert "Get use of remote event's timestame for targetPollEvent"
This reverts commit 27e3b740e2bb0b02cad1d5a6137db7928901f069.
---------
Signed-off-by: strailov <Stanislav.Trailov@bosch.io>
1. (breaking changes) hawkbit.server.ddi.security.rp.cnHeader and sslIssuerHashHeader are renamed to controllerIdHeader and authorityHeader correspondingly.
2. (breaking changes) their default values are changed: X-Ssl-Client-Cn -> X-Controller-Id and X-Ssl-Issuer-Hash-%d -> X-Authority
3. Now the authority header configuration is not a string forma but just a string. The implemenation checks for this header as comma or ; separated list or seeks for header iteration <authority_header>-%d (iteration starts from 0 or 1
4. Doc fixed
5. As there are breaking changes configuration changes may be needed: a) with changing the hawkbit.server.ddi.security.rp you could turn back the previous default headers (note X-Ssl-Issuer-Hash-%d shall now be X-Ssl-Issuer-Hash), or b) you may change the headers sent by the reverse proxy
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
* Tenant Configuration values varchar to text - support bigger values for configs
access_control_context varchar to text - support bigger values for configs
* Add size constraint in App for Tenant 'conf.value' and rollout/target_filter_query 'access_control_context
* add explicitly not null constraint for clarity
* Fix some compile warnings
* Some classes made final
* JPA entities made not serializable
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
* Refactor hawkbit core and security
* improve access to the base core features - static
* thus easiear access
* and less boilerplate passing of instances
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
* Refactor context classes
* make JSON context serialization default
* AccessContext
* Split hawkbit-security-core to other modules and remove it
---------
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
* ActionFields.DETAILSTATUS removed and replaces with STATUS (so status is with changed semantic - not active but real status)
* MgmtAction.detailStatus removed and replaced with status (so status is with changed semantic - not active but real status)
* MgmtTargetTagRestApi.assignTargetsPut removed - use POST method
* ActionStatusFields.REPORTEDAT deprecation removed - it is a synonym of CREATEDAT but is part of timestamp/reported aspect while createdat is part of creted at/by
* MgmtDistributionSetRequestBodyPost.os/runtime/application is removed
and
* ActionStatusFields.TIMESTAMPT added
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
The PollingTime now supports all RSQL filters that doesn't contain '->'
For duration HH:mm:ss and ISO-8601 is supported
For deviation 0-99% are suppported (as before)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
* TenantAwareCacheManager define CacheEvictEvent which could be used to evict entities in general way
* JpaTenantConfigurationManagement start using genera cache approach
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
* actions.cleanup.onQuotaHit.percent -> action.cleanup.onQuotaHit.percent
* action.cleanup.enabled - removed - instead enabled / disable <=> expire < / >= 0
* action.cleanup.actionExpiry -> action.cleanup.auto.expiry and action.cleanup.auto.status - so both are under action.cleanup.auto, and differentiate from on quota hit
* auto db convert of props with one backward incompatibility - if you had action.cleanup.enabled=true and not set action.cleanup.actionExpiry (assuming default 30 days) - auto cleanup will be disabled
you should set action.cleanup.auto.expiry=2592000000 in order to get the old behavior
* Note that if you have configured global action cleanup the properties are changed also this config you shall change manually
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
* added static usage of cache in order access it easier
* added mandatory (in hawkbit-core) registration - always tenant aware caches shall be used - hawkbit depends on it
* added per cache and tenant name configuration
* (not really realted to caches) but in order to be easier evicted entities after commit handlers are now statically accessed
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
* add `min artifacts` requirement on the Software Module Type level for Software Module completeness
* removed `complete` Distribution Set property from DB - calculated runtime
* Distribution Set and Software Module completeness is calcualted on demand in memory (TODO: implement cache)
* locking of Software Module now requires the software module to be `completed`
* removed 'complete' search field for DistributionSet type. Still keep (DEPRECATED) limited support for search with 'complete' -
only on the first level of expression and with AND. I.e. complete==true, complete==false and id=in=(1, 3) is suppoted,
while complete==false or id=in=(1, 3) and id=in(1, 3) and (type==os and complete==true) are not
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
* add option for parser replacement - so, one could replace the query language and don't use RSQL
* add easy way to modify query root Node
* add easy Node modification utilities
* code refactored and naming more 'QL' than 'RSQL' oriented
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
* Remove _REPOSITORY_ permissions -> replaced with _SOFTWARE_MODULE_, _SOFTWARE_MODULE_TYPE_, _DISTRIBUTION_SET_, _DISTRIBUTION_SET_TYPE_ permissions
* Still kept _ROLE_REPOSITORY_ADMIN_ role granting all repository fine-graned permissions
* Added dedicated _TARGET_TYPE_ permission set - the _TARGET_ permissions just grant _READ_TARGET_TYPE_ (analogically _SOFTWARE_MODULE_ permissions grant _READ_SOFTWARE_MODULE_TYPE_ and _DISTRIBUTION_SET_ grants _READ_DISTRIBUTON_SET_TYPE_
* Hierarcy is not configurable - could be completely replaced by setting spring application property org.eclipse.hawkbit.hierarchy or could be extended by adding rules using org.eclipse.hawkbit.hierarchy.ext
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
keeps backward compatibility by being able to fallback to JAVA_SERIALIZATION
+ fix DMF messages with status code
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
