Files

Avgustin Marinov 011d7f567e Refactor header authority controller authentication (#2954 )

1. (breaking changes) hawkbit.server.ddi.security.rp.cnHeader and sslIssuerHashHeader are renamed to controllerIdHeader and authorityHeader correspondingly.
2. (breaking changes) their default values are changed: X-Ssl-Client-Cn -> X-Controller-Id and X-Ssl-Issuer-Hash-%d -> X-Authority
3. Now the authority header configuration is not a string forma but just a string. The implemenation checks for this header as comma or ; separated list or seeks for header iteration <authority_header>-%d (iteration starts from 0 or 1
4. Doc fixed
5. As there are breaking changes configuration changes may be needed: a) with changing the hawkbit.server.ddi.security.rp you could turn back the previous default headers (note X-Ssl-Issuer-Hash-%d shall now be X-Ssl-Issuer-Hash), or b) you may change the headers sent by the reverse proxy

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>

2026-03-12 10:36:37 +02:00

src

Refactor header authority controller authentication (#2954 )

2026-03-12 10:36:37 +02:00

pom.xml

Bump spring-boot to 3.5.0 (#2418 )

2025-06-11 08:52:10 +03:00

README.md

Fix/db refactoring rename (#2365 )

2025-04-25 16:08:23 +03:00

README.md

hawkBit JPA Initializer & Migrator

A standalone tool for validating and migrating the database to the current hawkBit schema. It is used to validate, initialize or migrate the database to the current hawkBit schema.

Configuration

Could be configured with hawkbit.db.<key> or <spring.database.<key>_ environment or system properties, with keys:

mode - migrate or validate (default)
url - database url
username - database user - shall have the necessary permissions
password - database user's password
sql-migration-suffixes - flyway 'sqlMigrationSuffixes' if not the default ones (<upper case database (mariadb -> mysql)>.sql)

Where:

Environment properties takes precedence over the system properties
The hawkbit.db.<key> properties take precedence over the spring.database.<key> properties

There are two modes:

migrate - migrate the database, only when started with parameter with key mode (environment or system property)
validate - validate the database, default, only validates db and throws org.flywaydb.core.api.exception.FlywayValidateException if not in sync

Note: could also be configured using default flyway env properties

Usage

The module builds executable jar with all dependencies - hawkbit-repository-jpa-init-<revision>.jar. It could be configured with environment properties and run as an executable jar:

# sets the mode - default if validate
export hawkbit_db_mode=migrate 
# sets the database url - default is local h2
export hawkbit_db_url=jdbc:mariadb://localhost:3306/hawkbit
# sets the database user - default is h2 default root - sa
export hawkbit_db_username=root
# sets the database user's password - default is empty
#export hawkbit_db_password=

# run executable jar
java -jar target/hawkbit-repository-jpa-init-0-SNAPSHOT.jar

It could also be configured using system properties and run as a java main class:

java -classpath target/hawkbit-repository-jpa-init-0-SNAPSHOT.jar \
  -Dhawkbit.db.mode=migrate \
  -Dhawkbit.db.url=jdbc:mariadb://localhost:3306/hawkbit \
  -Dhawkbit.db.username=root \
  -Dhawkbit.db.password= \
  org.eclipse.hawkbit.repository.jpa.init.HawkbitFlywayDbInit

Purpose and usecases

If you want to do db management separately from the running services - i.e. not in mgmt-server or monolith (for instance) servers but only occasionally and on real updates, or you like to validate a database according to a hawkbit db schema version you could:

set spring.flyway.enabled=false in the hawkbit services (or do not pack the hawkbit-repository-jpa-flyway module into the hawkbit services)
use the tool to do the db management (e.g. in some pipelines)