hawkbit

Author	SHA1	Message	Date
Avgustin Marinov	b702ea41d1	Implement Action Access Control (#2687 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-09-23 13:31:17 +03:00
Avgustin Marinov	9ab0a8628e	First level suppor for RsqlQueryFields shortcut support (#2686 ) * now it is possible to have a showrtcut for a sub attributes (i.e. calling it directly with enum name, e.g. type -> type.key) with directly specifying the defaultSubEntityAttribute * no need to have single sub attribute in order to have a default sub attribute * added TYPE search field for TargetFields (sinonim of targettype) * targettype is deprecated - to be decided if and when to be removed * returned back "type" direct search (with meaning type.key) for DistributionSet and SoftwareModule as non-depricated * add serche with "type" as type.key for Target Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-09-23 10:56:26 +03:00
dependabot[bot]	d98ab779a2	Bump org.codehaus.mojo:flatten-maven-plugin from 1.7.2 to 1.7.3 (#2685 ) Bumps [org.codehaus.mojo:flatten-maven-plugin](https://github.com/mojohaus/flatten-maven-plugin) from 1.7.2 to 1.7.3. - [Release notes](https://github.com/mojohaus/flatten-maven-plugin/releases) - [Commits](https://github.com/mojohaus/flatten-maven-plugin/compare/1.7.2...1.7.3) --- updated-dependencies: - dependency-name: org.codehaus.mojo:flatten-maven-plugin dependency-version: 1.7.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-09-23 08:50:23 +03:00
Avgustin Marinov	117f2bf683	Fix Sonar Findings (#2683 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-09-19 16:01:57 +03:00
Avgustin Marinov	8bdcc51985	Add actions contxt management (#2680 ) * based on TARGET permissions - action is accessible iff it its target is accessible * add some more (id) serch fields * (backward incompatible) software module search supports now search by name (type.name) and the old search by type (indead by type key) is now with type.key Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-09-19 15:47:20 +03:00
Avgustin Marinov	dce133dfae	Add some id based searches and software module search by type (#2681 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-09-19 15:45:43 +03:00
Avgustin Marinov	e19b11290d	Fix Sonar Findings (#2679 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-09-19 10:25:18 +03:00
Avgustin Marinov	5fecfbffc9	Bump Spring Boot to 3.5.6 (#2678 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-09-18 17:01:29 +03:00
Avgustin Marinov	7980b5defb	Remove Java security context serialization (#2677 ) Remove Java security context serialization - it is replaced by JSON security context serialization (optimized as size). Backward incompatible change. Java security context serialization was not used in default hawkbit runtime out of the box. So, it's assumed none uses it. Anyway, if anyone has enabled it, he could, in order to keep backward compatibility, get the java security context serialization from the previous hawkbit releases/commits and register it again as a spring bean in his hawkbit extension. Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-09-18 14:46:51 +03:00
Avgustin Marinov	4444fc92bc	Finalize and polish fine-grained permission (Follow up) (#2676 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-09-18 12:02:40 +03:00
Florian Kromer	a71bc924d0	docs: fix architecture overview reference (#2670 )	2025-09-18 09:20:56 +03:00
dependabot[bot]	5e3fa0be10	Bump org.bouncycastle:bcpkix-jdk18on from 1.81 to 1.82 (#2675 ) Bumps [org.bouncycastle:bcpkix-jdk18on](https://github.com/bcgit/bc-java) from 1.81 to 1.82. - [Changelog](https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html) - [Commits](https://github.com/bcgit/bc-java/commits) --- updated-dependencies: - dependency-name: org.bouncycastle:bcpkix-jdk18on dependency-version: '1.82' dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-09-18 09:17:47 +03:00
dependabot[bot]	c1f2fd75fc	Bump vaadin.version from 24.8.7 to 24.9.0 (#2673 ) Bumps `vaadin.version` from 24.8.7 to 24.9.0. Updates `com.vaadin:vaadin-bom` from 24.8.7 to 24.9.0 Updates `com.vaadin:vaadin-maven-plugin` from 24.8.7 to 24.9.0 - [Release notes](https://github.com/vaadin/platform/releases) - [Commits](https://github.com/vaadin/platform/compare/24.8.7...24.9.0) --- updated-dependencies: - dependency-name: com.vaadin:vaadin-bom dependency-version: 24.9.0 dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: com.vaadin:vaadin-maven-plugin dependency-version: 24.9.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-09-18 09:17:26 +03:00
dependabot[bot]	f8aee3b2eb	Bump maven.surefire.plugin.version from 3.5.3 to 3.5.4 (#2668 ) Bumps `maven.surefire.plugin.version` from 3.5.3 to 3.5.4. Updates `org.apache.maven.plugins:maven-surefire-plugin` from 3.5.3 to 3.5.4 - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](https://github.com/apache/maven-surefire/compare/surefire-3.5.3...surefire-3.5.4) Updates `org.apache.maven.plugins:maven-surefire-report-plugin` from 3.5.3 to 3.5.4 - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](https://github.com/apache/maven-surefire/compare/surefire-3.5.3...surefire-3.5.4) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-surefire-plugin dependency-version: 3.5.4 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.apache.maven.plugins:maven-surefire-report-plugin dependency-version: 3.5.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-09-18 09:16:21 +03:00
Stanislav Trailov	2f2f0d68e1	Fix Simple UI Login (#2674 ) Signed-off-by: strailov <Stanislav.Trailov@bosch.io>	2025-09-17 16:11:00 +03:00
Florian Kromer	ade9904d21	fix: maxAssingments required property in MgmtSoftwareModuleTypeRequestBodyPost (#2671 ) resolves #2669	2025-09-16 10:51:29 +03:00
Vasil Ilchev	5deb519e7c	Fix X_DistributionSet IMPLY_READ DISTRIBUTION_SET_TYPE (#2666 ) Co-authored-by: vasilchev <vasil.ilchev@bosch.com>	2025-09-15 19:09:44 +03:00
Vasil Ilchev	2cffd89d15	Fix permission length permit (32chars) on SOFTWARE_MODULE_DOWNLOAD_AR… (#2665 ) * Fix permission length permit (32chars) on SOFTWARE_MODULE_DOWNLOAD_ARTIFACT -> SM_DOWNLOAD_ARTIFACT Fix missing DISTRIBUTION_SET imply read DISTRIBUTION_SET_TYPE * change to SOFTWARE_MODULE_DOWNLOAD as more intuitive --------- Co-authored-by: vasilchev <vasil.ilchev@bosch.com>	2025-09-15 14:58:44 +03:00
Vasil Ilchev	20768a550c	Sync property naming convention (#2664 ) Co-authored-by: vasilchev <vasil.ilchev@bosch.com>	2025-09-10 14:55:51 +03:00
Avgustin Marinov	2d45e2a76c	Fix Json serializer defaults (#2663 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-09-10 10:56:19 +03:00
Avgustin Marinov	6e334d4888	Add support for "username" to be set as auditor (#2661 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-09-09 17:05:05 +03:00
Avgustin Marinov	ae3a004da0	Finalize and polish fine-grained permission (#2660 ) * Remove _REPOSITORY_ permissions -> replaced with _SOFTWARE_MODULE_, _SOFTWARE_MODULE_TYPE_, _DISTRIBUTION_SET_, _DISTRIBUTION_SET_TYPE_ permissions * Still kept _ROLE_REPOSITORY_ADMIN_ role granting all repository fine-graned permissions * Added dedicated _TARGET_TYPE_ permission set - the _TARGET_ permissions just grant _READ_TARGET_TYPE_ (analogically _SOFTWARE_MODULE_ permissions grant _READ_SOFTWARE_MODULE_TYPE_ and _DISTRIBUTION_SET_ grants _READ_DISTRIBUTON_SET_TYPE_ * Hierarcy is not configurable - could be completely replaced by setting spring application property org.eclipse.hawkbit.hierarchy or could be extended by adding rules using org.eclipse.hawkbit.hierarchy.ext Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-09-09 15:42:11 +03:00
Mohamed Zenadi	f2e6344775	simple-ui: fix NPE on filters (#2635 ) * simple-ui: fix NPE on filters * simple-ui: fix NPE on filters	2025-09-09 15:03:05 +03:00
Avgustin Marinov	dd5f12d8c5	Fix MgmtTargetTypeResourceTest.getTargetTypesWithoutPermission (#2659 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-09-09 09:23:09 +03:00
dependabot[bot]	1bbeb37b0e	Bump org.springdoc:springdoc-openapi-starter-webmvc-ui (#2658 ) Bumps [org.springdoc:springdoc-openapi-starter-webmvc-ui](https://github.com/springdoc/springdoc-openapi) from 2.8.12 to 2.8.13. - [Release notes](https://github.com/springdoc/springdoc-openapi/releases) - [Changelog](https://github.com/springdoc/springdoc-openapi/blob/main/CHANGELOG.md) - [Commits](https://github.com/springdoc/springdoc-openapi/compare/v2.8.12...v2.8.13) --- updated-dependencies: - dependency-name: org.springdoc:springdoc-openapi-starter-webmvc-ui dependency-version: 2.8.13 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-09-09 09:21:59 +03:00
Avgustin Marinov	eee2830369	Order all permissions/roles in CRUD fashion (#2656 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-09-05 16:39:09 +03:00
Avgustin Marinov	d622faf14f	Add in hierarcy rules that RPOSITORY permissions imply TARGET_TYPE (#2655 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-09-05 16:29:28 +03:00
Avgustin Marinov	c31e5b1265	Define auditor aware principal (#2654 ) Allowing for cusomising auditor by extenders Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-09-05 16:07:46 +03:00
Avgustin Marinov	1f71e01318	Implement JSON security context serializer (new default) - smaller info and human readable (#2652 ) keeps backward compatibility by being able to fallback to JAVA_SERIALIZATION + fix DMF messages with status code Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-09-05 13:35:45 +03:00
dependabot[bot]	e37fe75f15	Bump actions/stale from 9 to 10 (#2651 ) Bumps [actions/stale](https://github.com/actions/stale) from 9 to 10. - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/stale/compare/v9...v10) --- updated-dependencies: - dependency-name: actions/stale dependency-version: '10' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-09-05 11:11:32 +03:00
Mohamed Zenadi	4b6b1753fb	simple-ui: improve the oidc id token refresh (#2534 ) * simple-ui: improve the oidc id token refresh * make sure we get the latest context after refresh * further simplification of the method * remove principal oidc check * remove relying on previous oidcuser, as the infinite loop was fixed on spring security * simplify the granted authorities fetch * rollback some changes to simplify review * lint	2025-09-05 11:08:25 +03:00
Avgustin Marinov	9b121b3431	Fix TENANT_CONFIGURATION > READ_GATEWAY_SECURITY_TOKEN imply (#2650 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-09-04 16:09:17 +03:00
Avgustin Marinov	2c995b3665	Add fine grained sm/ds type permission (#2649 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-09-04 15:05:32 +03:00
Avgustin Marinov	2e97d67489	Small Artifact storage refactoring (#2648 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-09-03 17:05:59 +03:00
Avgustin Marinov	59cb320fcc	Get rid of artifactRepository naming of ArtifactStorage (#2645 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-09-03 11:55:14 +03:00
Avgustin Marinov	0e5f1d6526	Fix ArtifactStorage availability in tests (#2644 ) After renaming of LocalArtifactRepository to ArtifactRepository Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-09-03 09:29:37 +03:00
Avgustin Marinov	93f7e51565	Rename LocalArtifactRepository to ArtifactRepository (#2643 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-09-03 08:53:11 +03:00
dependabot[bot]	01d3127cdc	Bump org.springdoc:springdoc-openapi-starter-webmvc-ui (#2641 ) Bumps [org.springdoc:springdoc-openapi-starter-webmvc-ui](https://github.com/springdoc/springdoc-openapi) from 2.8.11 to 2.8.12. - [Release notes](https://github.com/springdoc/springdoc-openapi/releases) - [Changelog](https://github.com/springdoc/springdoc-openapi/blob/main/CHANGELOG.md) - [Commits](https://github.com/springdoc/springdoc-openapi/compare/v2.8.11...v2.8.12) --- updated-dependencies: - dependency-name: org.springdoc:springdoc-openapi-starter-webmvc-ui dependency-version: 2.8.12 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-09-02 16:08:41 +03:00
Avgustin Marinov	2a636328a0	20250828 cleanup (#2639 ) * Cleanup * Refactor artifact management	2025-09-02 16:08:14 +03:00
Avgustin Marinov	4f0a8893c7	Abstract RepositoryManagement test (#2631 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-08-28 12:58:53 +03:00
Avgustin Marinov	42b0bc06a9	Fix Sonar findings (#2630 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-08-26 09:32:43 +03:00
Avgustin Marinov	5874632ca7	Add GitHub actions upgrade via dependabot (#2629 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-08-26 09:05:27 +03:00
dependabot[bot]	5f9b957840	Bump org.jsoup:jsoup from 1.21.1 to 1.21.2 (#2628 ) Bumps [org.jsoup:jsoup](https://github.com/jhy/jsoup) from 1.21.1 to 1.21.2. - [Release notes](https://github.com/jhy/jsoup/releases) - [Changelog](https://github.com/jhy/jsoup/blob/master/CHANGES.md) - [Commits](https://github.com/jhy/jsoup/compare/jsoup-1.21.1...jsoup-1.21.2) --- updated-dependencies: - dependency-name: org.jsoup:jsoup dependency-version: 1.21.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-08-26 08:33:03 +03:00
dependabot[bot]	400102cc85	Bump org.springdoc:springdoc-openapi-starter-webmvc-ui (#2627 ) Bumps [org.springdoc:springdoc-openapi-starter-webmvc-ui](https://github.com/springdoc/springdoc-openapi) from 2.8.10 to 2.8.11. - [Release notes](https://github.com/springdoc/springdoc-openapi/releases) - [Changelog](https://github.com/springdoc/springdoc-openapi/blob/main/CHANGELOG.md) - [Commits](https://github.com/springdoc/springdoc-openapi/compare/v2.8.10...v2.8.11) --- updated-dependencies: - dependency-name: org.springdoc:springdoc-openapi-starter-webmvc-ui dependency-version: 2.8.11 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-08-26 08:32:42 +03:00
dependabot[bot]	4af9e9787f	Bump vaadin.version from 24.8.6 to 24.8.7 (#2626 ) Bumps `vaadin.version` from 24.8.6 to 24.8.7. Updates `com.vaadin:vaadin-bom` from 24.8.6 to 24.8.7 Updates `com.vaadin:vaadin-maven-plugin` from 24.8.6 to 24.8.7 - [Release notes](https://github.com/vaadin/platform/releases) - [Commits](https://github.com/vaadin/platform/compare/24.8.6...24.8.7) --- updated-dependencies: - dependency-name: com.vaadin:vaadin-bom dependency-version: 24.8.7 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: com.vaadin:vaadin-maven-plugin dependency-version: 24.8.7 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-08-26 08:32:11 +03:00
Avgustin Marinov	53e30dd180	Upgrade github actions versions (#2622 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-08-25 16:45:59 +03:00
Avgustin Marinov	b5a2d39518	Bump Spring Boot to 3.5.5 (#2621 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-08-25 15:50:15 +03:00
Vasil Ilchev	8a2257c1f6	Remove obsolete *ManagementSecuritiyTest classes with manual method tests in favor of new dynamic ManagementSecurityTest (#2620 ) Co-authored-by: vasilchev <vasil.ilchev@bosch.com>	2025-08-25 15:24:10 +03:00
dependabot[bot]	fe68229758	Bump org.springdoc:springdoc-openapi-starter-webmvc-ui (#2615 ) Bumps [org.springdoc:springdoc-openapi-starter-webmvc-ui](https://github.com/springdoc/springdoc-openapi) from 2.8.9 to 2.8.10. - [Release notes](https://github.com/springdoc/springdoc-openapi/releases) - [Changelog](https://github.com/springdoc/springdoc-openapi/blob/main/CHANGELOG.md) - [Commits](https://github.com/springdoc/springdoc-openapi/compare/v2.8.9...v2.8.10) --- updated-dependencies: - dependency-name: org.springdoc:springdoc-openapi-starter-webmvc-ui dependency-version: 2.8.10 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-08-25 09:31:39 +03:00
Stanislav Trailov	26c8116fe8	Fix file upload buffering in hawkbit sdk (#2610 ) Signed-off-by: strailov <Stanislav.Trailov@bosch.io>	2025-08-16 09:04:49 +03:00

1 2 3 4 5 ...

3710 Commits