lingwei.kong/hawkbit
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
4,043 Commits 1 Branch 0 Tags
d6fcbac04757c44fb9ad68e11318103bc1ef5fa5
Commit Graph

502 Commits

Author SHA1 Message Date
Vasil Ilchev
2a4c12fd29 Fix/exception mapper (#3083) 
* Added mapping for OptimisticLockingFailureException in ExceptionMapper for proper propagation

Signed-off-by: vasilchev <vasil.ilchev@bosch.com>

* Added ExceptionMapperTest

Signed-off-by: vasilchev <vasil.ilchev@bosch.com>

---------

Signed-off-by: vasilchev <vasil.ilchev@bosch.com>
 2026-05-18 09:22:49 +03:00
Avgustin Marinov
37559cdedc Cleanup/fix jackson 2 -> 3 migration (#3024) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-04-16 13:29:26 +03:00
Avgustin Marinov
1be473b22c [#2845] Bump Spring boot to 4.x (#2941) 
Notes:
1. (!) Eclipselink shall be migrated to 5.0 (in 4.0.8 there are incompatible classes, e.g EJBQueryImpl doesn't implement some newer methods). In the moment is with beta (5.0.0-B12) - JUST for testing!
2. (!) Ethlo plugin doesn't work with Eclipselink 5.0, it builds with Eclipselink 4.0.8 (could be a problem)
3. Dependencies - new starters, test starters changes, some dependencies refactoring
4. Auto-configs split - package changes, some properties classes changes
5. Spring nullable org.springframework.lang.Nullable/NonNull are depecated and replaced with jspcify -> org.jspecify.annotations.Nullable/NonNull (NullMarked)
6. Lombok config - adding lombok.addNullAnnotations=jspecify - to do not mess annotations
7. Distributed lock table changes - SP_LOCK table db migration
8. Spring Retry replaced with Spring Core Retry - does repace retry in hawkbit
9. Specifications -> added Update/Delete(/Predicate) Specifications and JpaSpecificationExecutor changed
10. HawkbitBaseRepositoryFactoryBean modified to register properly
11. Jackson - 2 -> 3, package migrations, finals are not deserialized by default(enable finals deserialization, consider make non-final), too ‘smart’ tries to set complex objects instead of using non args constructor (-> @JsonIgnore), some other default configs made

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-04-14 11:31:41 +03:00
Stanislav Trailov
ba3a08e560 Add Target Poll Event in Service Events (#2981) 
* Add Target Poll Event in Service Events

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* Target poll event to service event

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

---------

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>
 2026-03-27 10:18:37 +02:00
Stanislav Trailov
f2615fe812 Modify TargetPollEvent to be per batch update (not per target) (#2965) 
* Modify TargetPollEvent to be per batch update (not per target)

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* Get use of remote event's timestame for targetPollEvent

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* Revert "Get use of remote event's timestame for targetPollEvent"

This reverts commit 27e3b740e2bb0b02cad1d5a6137db7928901f069.

---------

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>
 2026-03-25 09:29:23 +02:00
Avgustin Marinov
011d7f567e Refactor header authority controller authentication (#2954) 
1. (breaking changes) hawkbit.server.ddi.security.rp.cnHeader and sslIssuerHashHeader are renamed to controllerIdHeader and authorityHeader correspondingly.
2. (breaking changes) their default values are changed: X-Ssl-Client-Cn -> X-Controller-Id and X-Ssl-Issuer-Hash-%d -> X-Authority
3. Now the authority header configuration is not a string forma but just a string. The implemenation checks for this header as comma or ; separated list or seeks for header iteration <authority_header>-%d (iteration starts from 0 or 1
4. Doc fixed
5. As there are breaking changes configuration changes may be needed: a) with changing the hawkbit.server.ddi.security.rp you could turn back the previous default headers (note X-Ssl-Issuer-Hash-%d shall now be X-Ssl-Issuer-Hash), or b) you may change the headers sent by the reverse proxy

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-03-12 10:36:37 +02:00
Avgustin Marinov
b38df5b512 WithUser refactoring (#2944) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-02-27 14:30:52 +02:00
Vasil Ilchev
937195af1e Tenant Configuration values varchar to text - support bigger values f… (#2938) 
* Tenant Configuration values varchar to text - support bigger values for configs
access_control_context varchar to text - support bigger values for configs

* Add size constraint in App for Tenant 'conf.value' and rollout/target_filter_query 'access_control_context

* add explicitly not null constraint for clarity
 2026-02-26 12:15:43 +02:00
Avgustin Marinov
56da119979 Remove SYSTEM_ADMIN (#2936) 
Not needed. Overlaping with system role. Could be added on top of others if needed

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-02-25 14:00:25 +02:00
Avgustin Marinov
62c76311e5 Fix some compile warnings (#2919) 
* Fix some compile warnings
* Some classes made final
* JPA entities made not serializable

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-02-11 14:05:46 +02:00
Avgustin Marinov
87c4cd8cd1 Remove not used WeightValidationHelper (#2916) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-02-10 12:50:31 +02:00
Stanislav Trailov
c33156b134 Multi-Asssignments feature removal (#2893) 
* Multi-Asssignments feature removal

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* fix some sonar findings

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* fixes after review

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

---------

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>
 2026-02-04 16:59:09 +02:00
Avgustin Marinov
d9e52cb542 Fix #2880 findings (#2887) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2026-01-23 10:15:45 +02:00
Vasil Ilchev
0083d5538a Introduce Pause Success Action (#2867) 
* Introduce Pause Success Action

Signed-off-by: vasilchev <vasil.ilchev@bosch.com>

* Instead of overriding SuccessAction, trigger next group from resume rollout
Fix Rollout Mgmt Resource to accept new Pause Action

Signed-off-by: vasilchev <vasil.ilchev@bosch.com>

* Review findings

Signed-off-by: vasilchev <vasil.ilchev@bosch.com>

* Remove unused import

---------

Signed-off-by: vasilchev <vasil.ilchev@bosch.com>
 2026-01-13 11:20:21 +02:00
Stanislav Trailov
3bc8a91883 Fix tenant scope on retrieval of target groups (#2847) 
* Fix tenant scope on retrieval of target groups

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* fix build

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

---------

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>
 2025-12-10 09:37:38 +02:00
Avgustin Marinov
904c8b180d Align rollouts and autoassign metrics (#2844) 
* Refactor auto-assign locking and metrics
* Align rollouts and autoassign metrics

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-12-03 12:34:40 +02:00
Avgustin Marinov
29da04f6da Remove unnecessary API module dependencies (#2842) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-12-02 13:53:36 +02:00
Avgustin Marinov
b8a05e3cbf Refactor tenant configuration management (#2840) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-11-28 15:37:12 +02:00
Avgustin Marinov
42384b7e31 Add AccessContext.asTenant and use where possible (#2838) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-11-27 16:27:56 +02:00
Avgustin Marinov
f6f62db0ad Refactor hawkbit core and security (#2833) 
* Refactor hawkbit core and security

* improve access to the base core features - static
* thus easiear access
* and less boilerplate passing of instances

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>

* Refactor context classes

* make JSON context serialization default

* AccessContext

* Split hawkbit-security-core to other modules and remove it

---------

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-11-27 13:07:49 +02:00
Avgustin Marinov
80165de06a [#2746] Add required annotations to MgmtRolloutRestRequestBodyPost (#2818) 
+ amountGroups made optional with default value 1 group

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-11-18 14:25:32 +02:00
Avgustin Marinov
fb69372ed5 Remove commons-text dependency (#2817) 
And thus fix vulnerability that it brings. Also decrease dependencies.

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-11-18 13:27:14 +02:00
Avgustin Marinov
20bb41c51c Move rollout executor related target management methods in executor (#2812) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-11-18 08:44:35 +02:00
Avgustin Marinov
c5ea265e0f Extract QL support in a top level module (#2808) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-11-14 14:19:36 +02:00
Avgustin Marinov
7e4cc45315 Refactor maven modules (#2806) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-11-13 17:24:27 +02:00
Avgustin Marinov
62139055b0 Remove deprecated (#2800) 
* ActionFields.DETAILSTATUS removed and replaces with STATUS (so status is with changed semantic - not active but real status)
* MgmtAction.detailStatus removed and replaced with status (so status is with changed semantic - not active but real status)
* MgmtTargetTagRestApi.assignTargetsPut removed - use POST method
* ActionStatusFields.REPORTEDAT deprecation removed - it is a synonym of CREATEDAT but is part of timestamp/reported aspect while createdat is part of creted at/by
* MgmtDistributionSetRequestBodyPost.os/runtime/application is removed

and

* ActionStatusFields.TIMESTAMPT added

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-11-13 13:39:03 +02:00
Avgustin Marinov
7e20900175 Fix polling interval validation error message (#2798) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-11-11 12:16:49 +02:00
Avgustin Marinov
5751ed504c Fix PollingTime parsing to support comma in RSQL (#2791) 
The PollingTime now supports all RSQL filters that doesn't contain '->'
For duration HH:mm:ss and ISO-8601 is supported
For deviation 0-99% are suppported (as before)

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-11-03 16:05:22 +02:00
Avgustin Marinov
b658f95466 Rename ACTION_PURGE_PERCENTAGE_ON_QUOTA_HIT to ACTION_CLEANUP_ON_QUOTA_HIT_PERCENTAGE - to match real value (#2787) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-10-29 08:44:54 +02:00
Avgustin Marinov
aff871f988 Add cache for SoftwareModule, DistributionSet and Target types (#2784) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-10-28 15:38:59 +02:00
Avgustin Marinov
d488ad6b5f Refactor caches (#2775) (#2777) 
* TenantAwareCacheManager define CacheEvictEvent which could be used to evict entities in general way
* JpaTenantConfigurationManagement start using genera cache approach

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-10-28 14:13:53 +02:00
Avgustin Marinov
64bdced682 Tune/fix action cleanup tenant properties (#2782) 
* actions.cleanup.onQuotaHit.percent -> action.cleanup.onQuotaHit.percent
* action.cleanup.enabled - removed - instead enabled / disable <=> expire < / >= 0
* action.cleanup.actionExpiry -> action.cleanup.auto.expiry and action.cleanup.auto.status - so both are under action.cleanup.auto, and differentiate from on quota hit
* auto db convert of props with one backward incompatibility - if you had action.cleanup.enabled=true and not set action.cleanup.actionExpiry (assuming default 30 days) - auto cleanup will be disabled
  you should set action.cleanup.auto.expiry=2592000000 in order to get the old behavior
* Note that if you have configured global action cleanup the properties are changed also this config you shall change manually

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-10-28 12:40:37 +02:00
Avgustin Marinov
98daa696de Refactor caches (#2775) 
* added static usage of cache in order access it easier
* added mandatory (in hawkbit-core) registration - always tenant aware caches shall be used - hawkbit depends on it
* added per cache and tenant name configuration
* (not really realted to caches) but in order to be easier evicted entities after commit handlers are now statically accessed

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-10-24 16:42:40 +03:00
Stanislav Trailov
1b62bee92f Add update repositopry permission to handleMaxAssignmentsExceeded in deployment management (#2768) 
* Action history cleanup/purge initial

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* apply changes after review

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* fix hibernate build by annotating delete methods with transactional annotation

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* changes after review and new test cases for new requirements

* accept 0 for keep last

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* Fix ManagementSecurityTest

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* apply object utils check

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* fix for oldestAction deletion

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* remove unused comment

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* rename action ids variable

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* Fix access control handling

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>

* Add update repositopry permission to handleMaxAssignmentsExceeded in deployment management

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

---------

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
Co-authored-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-10-22 14:54:40 +03:00
Avgustin Marinov
8a36ba6203 Fix action delete access control - to require only target update (not delete also) (#2767) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-10-22 13:33:56 +03:00
Avgustin Marinov
3caa9d9eda Switch completely to locked for checking if DS could be functionally modified (#2766) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-10-22 11:46:36 +03:00
Avgustin Marinov
e154e1b18a [#2429] Add completeness property for software modules (#2765) 
* add `min artifacts` requirement on the Software Module Type level for Software Module completeness
* removed `complete` Distribution Set property from DB - calculated runtime
* Distribution Set and Software Module completeness is calcualted on demand in memory (TODO: implement cache)
* locking of Software Module now requires the software module to be `completed`
* removed 'complete' search field for DistributionSet type. Still keep (DEPRECATED) limited support for search with 'complete' -
  only on the first level of expression and with AND. I.e. complete==true, complete==false and id=in=(1, 3) is suppoted,
  while complete==false or id=in=(1, 3) and id=in(1, 3) and (type==os and complete==true) are not

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-10-22 09:57:45 +03:00
Stanislav Trailov
f1c3d0175e Action history cleanup/purge initial (#2728) 
* Action history cleanup/purge initial

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* apply changes after review

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* fix hibernate build by annotating delete methods with transactional annotation

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* changes after review and new test cases for new requirements

* accept 0 for keep last

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* Fix ManagementSecurityTest

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* apply object utils check

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* fix for oldestAction deletion

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* remove unused comment

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* rename action ids variable

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* Fix access control handling

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>

---------

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
Co-authored-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-10-21 10:34:58 +03:00
Avgustin Marinov
04cd9fb30d Refactor TenantAware - remove TenantRunner and replace with standard Runnable / Callable (#2755) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-10-14 16:36:42 +03:00
Avgustin Marinov
3447ac3b1b Fix system context resolving in ACM (#2737) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-10-10 12:02:16 +03:00
Avgustin Marinov
e7d9ee7990 Add Target(Type)Management tests (#2735) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-10-10 08:36:08 +03:00
Avgustin Marinov
e23d2aa920 Add DeploymentManagement ACM test (#2726) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-10-08 11:07:15 +03:00
Avgustin Marinov
ccecf9b8d6 Rename READ_SOFTWARE_MODULE_DOWNLOAD to READ_SOFTWARE_MODULE_ARTIFACT (#2710) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-09-30 16:13:41 +03:00
Avgustin Marinov
1919af4a9d Remove VirtualPropertyReplacer (#2701) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-09-26 17:17:38 +03:00
Avgustin Marinov
4434484d35 Deprecate VirtualPropertyReplacer (#2697) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-09-26 14:56:32 +03:00
Avgustin Marinov
b181b66ee5 Extend Query Langage Support (#2696) 
* add option for parser replacement - so, one could replace the query language and don't use RSQL
* add easy way to modify query root Node 
* add easy Node modification utilities
* code refactored and naming more 'QL' than 'RSQL' oriented

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-09-26 14:19:25 +03:00
Avgustin Marinov
c906c2f2eb Type Access Controllers enabled by default if AC is enabled (#2694) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-09-25 16:53:19 +03:00
Avgustin Marinov
4444fc92bc Finalize and polish fine-grained permission (Follow up) (#2676) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-09-18 12:02:40 +03:00
Avgustin Marinov
ae3a004da0 Finalize and polish fine-grained permission (#2660) 
* Remove _REPOSITORY_ permissions -> replaced with _SOFTWARE_MODULE_, _SOFTWARE_MODULE_TYPE_, _DISTRIBUTION_SET_, _DISTRIBUTION_SET_TYPE_ permissions
* Still kept _ROLE_REPOSITORY_ADMIN_ role granting all repository fine-graned permissions
* Added dedicated _TARGET_TYPE_ permission set - the _TARGET_ permissions just grant _READ_TARGET_TYPE_ (analogically _SOFTWARE_MODULE_ permissions grant _READ_SOFTWARE_MODULE_TYPE_ and _DISTRIBUTION_SET_ grants _READ_DISTRIBUTON_SET_TYPE_
* Hierarcy is not configurable - could be completely replaced by setting spring application property org.eclipse.hawkbit.hierarchy or could be extended by adding rules using org.eclipse.hawkbit.hierarchy.ext

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-09-09 15:42:11 +03:00
Avgustin Marinov
1f71e01318 Implement JSON security context serializer (new default) - smaller info and human readable (#2652) 
keeps backward compatibility by being able to fallback to JAVA_SERIALIZATION

+ fix DMF messages with status code

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-09-05 13:35:45 +03:00