diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index eac2ff9c41..744e6343f7 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -25,7 +25,7 @@ jobs: uses: docker/setup-buildx-action@v2 - uses: actions/setup-java@v2 with: - java-version: 11 + java-version: 17 distribution: 'zulu' cache: 'gradle' - name: Prepare build variables diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 4a86f9c25a..32bf993bfb 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -19,7 +19,7 @@ jobs: uses: docker/setup-buildx-action@v2 - uses: actions/setup-java@v2 with: - java-version: 11 + java-version: 17 distribution: 'zulu' cache: 'gradle' - name: Prepare build variables diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index baf5f14280..c9e5235d93 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -23,7 +23,7 @@ jobs: uses: docker/setup-buildx-action@v2 - uses: actions/setup-java@v2 with: - java-version: 11 + java-version: 17 distribution: 'zulu' cache: 'gradle' - name: Assemble release info diff --git a/Build-push.sh b/Build-push.sh index 1a7621acef..4c79fbb405 100644 --- a/Build-push.sh +++ b/Build-push.sh @@ -5,12 +5,12 @@ git --version docker --version # To Run Gradale Build need to have Java Vesion 1.11.+ -export JAVA_HOME=/usr/lib/jvm/java-11-openjdk-amd64 +export JAVA_HOME=/usr/lib/jvm/java-17-openjdk-amd64 # Setting JAVA_HOME to System PATH export PATH=$PATH:$JAVA_HOME -# Get the Shorter format of Git-SHA +# Get the Shorter format of Git-SHA export GITHASH=`git rev-parse --short HEAD` # Get the BUILD Date @@ -19,7 +19,7 @@ export BUILDDATE=`date -u +"%Y%m%d%H%M"` # For Assiging the Gradle Resources export GRADLE_OPTS="-Xmx6g -Xms6g" -# The Current Build ID +# The Current Build ID echo "Build id is --------------------- $BUILD_ID" # Gradle command to Produce the Dependant targetfiles for Docker build @@ -29,29 +29,29 @@ cp docker/custom-plugin.json custom-plugin.json # Assigning Rhel Image Name according to Quay.io Details IMAGENAME="quay.io/opsmxpublic/ubi8-oes-gate:${GITHASH}-${BUILD_NUMBER}" - + # Assigning Rhel Image Name according to Docker.io Details - RELEASE_IMAGENAME="opsmx11/ubi8-oes-gate:${GITHASH}-${BUILD_NUMBER}" + RELEASE_IMAGENAME="opsmx11/ubi8-oes-gate:${GITHASH}-${BUILD_NUMBER}" + - # To Build Docker image with Given Docker File - docker build -t $IMAGENAME . -f ${DOCKERFILE_PATH} --no-cache --build-arg CUSTOMPLUGIN_RELEASEVERSION=${CUSTOMPLUGIN_RELEASEVERSION} - + docker build -t $IMAGENAME . -f ${DOCKERFILE_PATH} --no-cache --build-arg CUSTOMPLUGIN_RELEASEVERSION=${CUSTOMPLUGIN_RELEASEVERSION} + # Create new Image Tag for Docker.io with the previous Build docker tag $IMAGENAME $RELEASE_IMAGENAME - + # Quay.io login docker login -u $quay_user -p $quay_pass quay.io - + # To Push the Docker image into Quay.io docker push $IMAGENAME # Docker.io login docker login -u $docker_user -p $docker_pass docker.io - + # To Push the Docker image into Quay.io docker push $RELEASE_IMAGENAME - + echo "Gate: ${IMAGENAME}" # Quay Image Name as Artifact diff --git a/Dockerfile b/Dockerfile index d9fd206517..8cc6588b0a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,11 +1,11 @@ FROM registry.access.redhat.com/ubi8/ubi:8.3 MAINTAINER sig-platform@spinnaker.io COPY ./gate-web/build/install/gate /opt/gate -RUN yum -y install java-11-openjdk-headless.x86_64 wget vim curl net-tools nettle +RUN yum -y install java-17-openjdk-headless.x86_64 wget vim curl net-tools nettle RUN yum -y update RUN adduser spinnaker -RUN mkdir -p /opt/gate/plugins && mkdir -p /opt/spinnaker/plugins -####adding customplugin zip +RUN mkdir -p /opt/gate/plugins && mkdir -p /opt/spinnaker/plugins +####adding customplugin zip ARG CUSTOMPLUGIN_RELEASEVERSION ENV CUSTOMPLUGIN_RELEASEVERSION=$CUSTOMPLUGIN_RELEASEVERSION COPY custom-plugin.json /opt/spinnaker/plugins/plugins.json @@ -16,7 +16,7 @@ RUN wget -O VerificationPlugin-v1.0.1-SNAPSHOT.zip -c https://github.com/OpsMx/C RUN mv VerificationPlugin-v1.0.1-SNAPSHOT.zip /opt/spinnaker/plugins/ \ && mv TestVerificationPlugin-v1.0.1-SNAPSHOT.zip /opt/spinnaker/plugins/ \ && mv policyPlugin-v1.0.1-SNAPSHOT.zip /opt/spinnaker/plugins/ \ - && mv ApprovalStagePlugin-v1.0.1-SNAPSHOT.zip /opt/spinnaker/plugins/ + && mv ApprovalStagePlugin-v1.0.1-SNAPSHOT.zip /opt/spinnaker/plugins/ RUN sed -i 's/"VERIFICATION_SHASUM"/'\""$(sha512sum /opt/spinnaker/plugins/VerificationPlugin-v1.0.1-SNAPSHOT.zip | awk '{print $1}')"\"'/g' /opt/spinnaker/plugins/plugins.json \ && sed -i 's/"TESTVERIFICATION_SHASUM"/'\""$(sha512sum /opt/spinnaker/plugins/TestVerificationPlugin-v1.0.1-SNAPSHOT.zip | awk '{print $1}')"\"'/g' /opt/spinnaker/plugins/plugins.json \ diff --git a/build.gradle b/build.gradle index 72bea9538d..c029a20195 100644 --- a/build.gradle +++ b/build.gradle @@ -7,21 +7,33 @@ plugins { allprojects { apply plugin: 'io.spinnaker.project' + repositories { + mavenLocal() + mavenCentral() + } + tasks.withType( Copy).all { + duplicatesStrategy 'exclude' + } group = "io.spinnaker.gate" - if (name != "gate-bom") { - apply plugin: 'java-library' - apply plugin: 'groovy' + if ([korkVersion, fiatVersion].find { it.endsWith('-SNAPSHOT') }) { repositories { mavenLocal() maven{ url "https://nexus.opsmx.net/repository/maven-snapshots/" + credentials { + username = "NEXUS_USERNAME" + password = "NEXUS_PASSWORD" + } } } } + if (name != "gate-bom" && name != "gate-api") { + apply plugin: 'java-library' + apply plugin: 'groovy' repositories { maven { url 'https://build.shibboleth.net/nexus/content/repositories/releases/' } @@ -36,44 +48,49 @@ allprojects { compileOnly "org.projectlombok:lombok" annotationProcessor "org.projectlombok:lombok" testAnnotationProcessor "org.projectlombok:lombok" - compile("org.springframework.cloud:spring-cloud-starter-vault-config") - compile("io.micrometer:micrometer-registry-prometheus") - - implementation "org.codehaus.groovy:groovy" - implementation "net.logstash.logback:logstash-logback-encoder" + implementation "org.apache.groovy:groovy:4.0.9" + implementation "net.logstash.logback:logstash-logback-encoder:4.11" implementation "org.jetbrains.kotlin:kotlin-reflect" + implementation "org.springframework.security.oauth.boot:spring-security-oauth2-autoconfigure:2.6.0" testImplementation "org.spockframework:spock-core" testImplementation "org.spockframework:spock-spring" testImplementation "org.springframework.boot:spring-boot-starter-test" testImplementation "org.hamcrest:hamcrest-core" - testRuntimeOnly "cglib:cglib-nodep" - testRuntimeOnly "org.junit.vintage:junit-vintage-engine" + testRuntimeOnly "cglib:cglib-nodep:3.3.0" testRuntimeOnly "org.objenesis:objenesis" } + java { + sourceCompatibility = JavaVersion.VERSION_17 + targetCompatibility = JavaVersion.VERSION_17 + } + configurations.all { - exclude group: 'javax.servlet', module: 'servlet-api' exclude group: 'javax.servlet', module: 'javax.servlet-api' - resolutionStrategy.eachDependency { DependencyResolveDetails details -> - if (details.requested.group == 'org.apache.logging.log4j') { - details.useVersion '2.17.1' - } - } + // exclude group: 'javax.servlet', module: 'servlet-api' } - tasks.withType(JavaExec) { - if (System.getProperty('DEBUG', 'false') == 'true') { - jvmArgs '-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=8184' - } + } + + tasks.withType(JavaExec) { + if (System.getProperty('DEBUG', 'false') == 'true') { + jvmArgs '-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=8184' } + } - test { - testLogging { - exceptionFormat = 'full' + test { + testLogging { + exceptionFormat = 'full' + afterSuite { desc, result -> + if (!desc.parent) { + println "Results: ${result.resultType} (${result.testCount} tests, ${result.successfulTestCount} successes, ${result.failedTestCount} failures, ${result.skippedTestCount} skipped)" + println "Report file: ${reports.html.entryPoint}" + } } } + useJUnitPlatform() } } diff --git a/docker/ubi8/Dockerfile b/docker/ubi8/Dockerfile index ce82bb0a27..f7acc4b11b 100644 --- a/docker/ubi8/Dockerfile +++ b/docker/ubi8/Dockerfile @@ -1,11 +1,11 @@ FROM registry.access.redhat.com/ubi8/ubi:8.3 MAINTAINER sig-platform@spinnaker.io COPY ./gate-web/build/install/gate /opt/gate -RUN yum -y install java-11-openjdk-headless.x86_64 wget vim curl net-tools nettle tzdata-java +RUN yum -y install java-17-openjdk-headless.x86_64 wget vim curl net-tools nettle tzdata-java RUN yum -y update RUN adduser spinnaker -RUN mkdir -p /opt/gate/plugins && mkdir -p /opt/spinnaker/plugins -####adding customplugin zip +RUN mkdir -p /opt/gate/plugins && mkdir -p /opt/spinnaker/plugins +####adding customplugin zip ARG CUSTOMPLUGIN_RELEASEVERSION ENV CUSTOMPLUGIN_RELEASEVERSION=$CUSTOMPLUGIN_RELEASEVERSION COPY custom-plugin.json /opt/spinnaker/plugins/plugins.json @@ -16,8 +16,8 @@ RUN wget -O VerificationPlugin-v1.0.1-SNAPSHOT.zip -c https://github.com/OpsMx/C RUN mv VerificationPlugin-v1.0.1-SNAPSHOT.zip /opt/spinnaker/plugins/ \ && mv TestVerificationPlugin-v1.0.1-SNAPSHOT.zip /opt/spinnaker/plugins/ \ && mv policyPlugin-v1.0.1-SNAPSHOT.zip /opt/spinnaker/plugins/ \ - && mv ApprovalStagePlugin-v1.0.1-SNAPSHOT.zip /opt/spinnaker/plugins/ - + && mv ApprovalStagePlugin-v1.0.1-SNAPSHOT.zip /opt/spinnaker/plugins/ + RUN sed -i 's/"VERIFICATION_SHASUM"/'\""$(sha512sum /opt/spinnaker/plugins/VerificationPlugin-v1.0.1-SNAPSHOT.zip | awk '{print $1}')"\"'/g' /opt/spinnaker/plugins/plugins.json \ && sed -i 's/"TESTVERIFICATION_SHASUM"/'\""$(sha512sum /opt/spinnaker/plugins/TestVerificationPlugin-v1.0.1-SNAPSHOT.zip | awk '{print $1}')"\"'/g' /opt/spinnaker/plugins/plugins.json \ && sed -i 's/"POLICY_SHASUM"/'\""$(sha512sum /opt/spinnaker/plugins/policyPlugin-v1.0.1-SNAPSHOT.zip | awk '{print $1}')"\"'/g' /opt/spinnaker/plugins/plugins.json \ diff --git a/docker/ubi8/Gate-Dockerfile b/docker/ubi8/Gate-Dockerfile index d9fd206517..8cc6588b0a 100644 --- a/docker/ubi8/Gate-Dockerfile +++ b/docker/ubi8/Gate-Dockerfile @@ -1,11 +1,11 @@ FROM registry.access.redhat.com/ubi8/ubi:8.3 MAINTAINER sig-platform@spinnaker.io COPY ./gate-web/build/install/gate /opt/gate -RUN yum -y install java-11-openjdk-headless.x86_64 wget vim curl net-tools nettle +RUN yum -y install java-17-openjdk-headless.x86_64 wget vim curl net-tools nettle RUN yum -y update RUN adduser spinnaker -RUN mkdir -p /opt/gate/plugins && mkdir -p /opt/spinnaker/plugins -####adding customplugin zip +RUN mkdir -p /opt/gate/plugins && mkdir -p /opt/spinnaker/plugins +####adding customplugin zip ARG CUSTOMPLUGIN_RELEASEVERSION ENV CUSTOMPLUGIN_RELEASEVERSION=$CUSTOMPLUGIN_RELEASEVERSION COPY custom-plugin.json /opt/spinnaker/plugins/plugins.json @@ -16,7 +16,7 @@ RUN wget -O VerificationPlugin-v1.0.1-SNAPSHOT.zip -c https://github.com/OpsMx/C RUN mv VerificationPlugin-v1.0.1-SNAPSHOT.zip /opt/spinnaker/plugins/ \ && mv TestVerificationPlugin-v1.0.1-SNAPSHOT.zip /opt/spinnaker/plugins/ \ && mv policyPlugin-v1.0.1-SNAPSHOT.zip /opt/spinnaker/plugins/ \ - && mv ApprovalStagePlugin-v1.0.1-SNAPSHOT.zip /opt/spinnaker/plugins/ + && mv ApprovalStagePlugin-v1.0.1-SNAPSHOT.zip /opt/spinnaker/plugins/ RUN sed -i 's/"VERIFICATION_SHASUM"/'\""$(sha512sum /opt/spinnaker/plugins/VerificationPlugin-v1.0.1-SNAPSHOT.zip | awk '{print $1}')"\"'/g' /opt/spinnaker/plugins/plugins.json \ && sed -i 's/"TESTVERIFICATION_SHASUM"/'\""$(sha512sum /opt/spinnaker/plugins/TestVerificationPlugin-v1.0.1-SNAPSHOT.zip | awk '{print $1}')"\"'/g' /opt/spinnaker/plugins/plugins.json \ diff --git a/docker_build/Dockerfile.prod b/docker_build/Dockerfile.prod index 36b523b881..f54aca05e9 100644 --- a/docker_build/Dockerfile.prod +++ b/docker_build/Dockerfile.prod @@ -1,4 +1,4 @@ -FROM quay.io/opsmxpublic/ubi8-jre-11:v1 +FROM quay.io/opsmxpublic/ubi8-jre-17:v1 MAINTAINER OpsMx # Add user opsmx and create logs and spinnaker config directory @@ -6,7 +6,7 @@ RUN adduser opsmx \ && usermod -aG wheel opsmx \ && mkdir -p /opsmx/workdir/logs \ && mkdir -p /opt/spinnaker/config \ - && mkdir -p /opt/spinnaker/plugins + && mkdir -p /opt/spinnaker/plugins # Install procps(ps) RUN yum install -y wget diff --git a/docker_build/Dockerfile.rhel8-ubi8 b/docker_build/Dockerfile.rhel8-ubi8 index eca1e74331..adf575002a 100644 --- a/docker_build/Dockerfile.rhel8-ubi8 +++ b/docker_build/Dockerfile.rhel8-ubi8 @@ -1,4 +1,5 @@ -FROM registry.access.redhat.com/ubi8/ubi:latest +FROM quay.io/opsmxpublic/ubifips:8.7 +#FROM registry.access.redhat.com/ubi8/ubi-minimal:8.7 as java-base MAINTAINER OpsMx # Disable old version and uninstalling @@ -17,8 +18,8 @@ RUN adduser opsmx \ # Install procps(ps) RUN yum install -y procps nginx net-tools wget -# Install java 11 -RUN yum -y install tzdata-java java-11-openjdk-headless.x86_64 +# Install java 17 +RUN yum -y install tzdata-java java-17-openjdk-headless.x86_64 # Install ping RUN yum install -y iputils @@ -26,7 +27,7 @@ RUN yum -y update #######Gate Dependencies######### ENV WORK_DIR=/opsmx/workdir -ENV JAVA_HOME=/usr/lib/jvm/jre-11-openjdk +ENV JAVA_HOME=/usr/lib/jvm/jre-17-openjdk COPY /docker_build/run.sh /usr/local/bin/run.sh RUN chmod +x /usr/local/bin/run.sh COPY /docker_build/gate.yml /opt/spinnaker/config/ diff --git a/gate-api-tck/gate-api-tck.gradle b/gate-api-tck/gate-api-tck.gradle index 35e8d220a0..95bb140807 100644 --- a/gate-api-tck/gate-api-tck.gradle +++ b/gate-api-tck/gate-api-tck.gradle @@ -5,5 +5,6 @@ dependencies { implementation(project(":gate-web")) api("org.springframework.boot:spring-boot-starter-test") - api("dev.minutest:minutest") + api("dev.minutest:minutest:1.13.0") + api("io.mockk:mockk:1.10.5") } diff --git a/gate-basic/src/main/java/com/netflix/spinnaker/gate/security/basic/BasicAuthConfig.java b/gate-basic/src/main/java/com/netflix/spinnaker/gate/security/basic/BasicAuthConfig.java index fc77f5a8c0..ba98fc123f 100644 --- a/gate-basic/src/main/java/com/netflix/spinnaker/gate/security/basic/BasicAuthConfig.java +++ b/gate-basic/src/main/java/com/netflix/spinnaker/gate/security/basic/BasicAuthConfig.java @@ -26,13 +26,13 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; +import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.authentication.AuthenticationServiceException; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint; import org.springframework.session.web.http.DefaultCookieSerializer; @@ -41,7 +41,7 @@ @SpinnakerAuthConfig @EnableWebSecurity @Slf4j -public class BasicAuthConfig extends WebSecurityConfigurerAdapter { +public class BasicAuthConfig { private final AuthConfig authConfig; @@ -90,18 +90,14 @@ public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception auth.authenticationProvider(authProvider); } - @Override - protected void configure(HttpSecurity http) throws Exception { + @Bean + public SecurityFilterChain configure(HttpSecurity http) throws Exception { defaultCookieSerializer.setSameSite(null); http.formLogin() .and() .httpBasic() .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/login")); authConfig.configure(http); - } - - @Override - public void configure(WebSecurity web) throws Exception { - authConfig.configure(web); + return http.build(); } } diff --git a/gate-basic/src/main/java/com/netflix/spinnaker/gate/security/basic/BasicAuthProvider.java b/gate-basic/src/main/java/com/netflix/spinnaker/gate/security/basic/BasicAuthProvider.java index 90d92c2aa3..5c609ca47f 100644 --- a/gate-basic/src/main/java/com/netflix/spinnaker/gate/security/basic/BasicAuthProvider.java +++ b/gate-basic/src/main/java/com/netflix/spinnaker/gate/security/basic/BasicAuthProvider.java @@ -22,6 +22,7 @@ import java.util.Collections; import java.util.List; import java.util.stream.Collectors; +import lombok.Setter; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Value; import org.springframework.security.authentication.AuthenticationProvider; @@ -40,9 +41,10 @@ public class BasicAuthProvider implements AuthenticationProvider { @Value("${services.platform.enabled:false}") private boolean isPlatformEnabled; - private List roles; - private String name; - private String password; + + @Setter private List roles; + @Setter private String name; + @Setter private String password; public BasicAuthProvider( PermissionService permissionService, OesAuthorizationService oesAuthorizationService) { @@ -74,10 +76,10 @@ public Authentication authenticate(Authentication authentication) throws Authent roles.stream().map(role -> new SimpleGrantedAuthority(role)).collect(Collectors.toList()); // Updating roles in fiat service permissionService.loginWithRoles(name, roles); - log.info("Platform service enabled value :{}",isPlatformEnabled); + log.info("Platform service enabled value :{}", isPlatformEnabled); // Updating roles in platform service - if(isPlatformEnabled){ - oesAuthorizationService.cacheUserGroups(roles, name); + if (isPlatformEnabled) { + oesAuthorizationService.cacheUserGroups(roles, name); } } @@ -88,16 +90,4 @@ public Authentication authenticate(Authentication authentication) throws Authent public boolean supports(Class authentication) { return authentication == UsernamePasswordAuthenticationToken.class; } - - public void setRoles(List roles) { - this.roles = roles; - } - - public void setName(String name) { - this.name = name; - } - - public void setPassword(String password) { - this.password = password; - } } diff --git a/gate-core/gate-core.gradle b/gate-core/gate-core.gradle index 2426e502ec..5d54d34aee 100644 --- a/gate-core/gate-core.gradle +++ b/gate-core/gate-core.gradle @@ -19,17 +19,17 @@ dependencies { api "org.springframework.boot:spring-boot-starter-actuator" api "org.springframework.boot:spring-boot-starter-security" api "org.springframework.boot:spring-boot-starter-thymeleaf" - api "com.squareup.retrofit:retrofit" + api "com.squareup.retrofit:retrofit:1.9.0" //Spinnaker GATE change start implementation "io.spinnaker.kork:kork-plugins" //Spinnaker GATE change end implementation "com.jakewharton.retrofit:retrofit1-okhttp3-client:1.1.0" - implementation "com.squareup.retrofit:converter-jackson" + implementation "com.squareup.retrofit:converter-jackson:1.9.0" implementation "com.squareup.okhttp:okhttp" - implementation "com.squareup.okhttp:okhttp-urlconnection" - implementation "com.squareup.okhttp:okhttp-apache" + implementation "com.squareup.okhttp:okhttp-urlconnection:2.7.5" + implementation "com.squareup.okhttp:okhttp-apache:2.7.5" implementation "io.spinnaker.fiat:fiat-api:$fiatVersion" implementation "io.spinnaker.fiat:fiat-core:$fiatVersion" @@ -50,8 +50,11 @@ dependencies { implementation "com.github.ben-manes.caffeine:guava" implementation "org.apache.commons:commons-lang3" implementation group: 'io.jsonwebtoken', name: 'jjwt', version: '0.9.1' - implementation group: 'org.springframework.cloud', name: 'spring-cloud-starter-openfeign', version: '2.2.4.RELEASE' - compile group: 'org.springframework.retry', name: 'spring-retry', version: '1.2.2.RELEASE' + implementation('org.springframework.cloud:spring-cloud-starter-openfeign:4.0.2') { + exclude group: 'commons-fileupload', module: 'commons-fileupload' + } + implementation 'commons-fileupload:commons-fileupload:1.5' + implementation group: 'org.springframework.retry', name: 'spring-retry', version: '2.0.5' } sourceSets { diff --git a/gate-core/src/main/groovy/com/netflix/spinnaker/gate/config/AuthConfig.groovy b/gate-core/src/main/groovy/com/netflix/spinnaker/gate/config/AuthConfig.groovy index 0e8c34e282..ca5843653c 100644 --- a/gate-core/src/main/groovy/com/netflix/spinnaker/gate/config/AuthConfig.groovy +++ b/gate-core/src/main/groovy/com/netflix/spinnaker/gate/config/AuthConfig.groovy @@ -41,10 +41,10 @@ import org.springframework.security.web.authentication.logout.LogoutSuccessHandl import org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler import org.springframework.stereotype.Component -import javax.servlet.Filter -import javax.servlet.ServletException -import javax.servlet.http.HttpServletRequest -import javax.servlet.http.HttpServletResponse +import jakarta.servlet.Filter +import jakarta.servlet.ServletException +import jakarta.servlet.http.HttpServletRequest +import jakarta.servlet.http.HttpServletResponse @Slf4j @Configuration @@ -100,247 +100,235 @@ class AuthConfig { void configure(HttpSecurity http) throws Exception { // @formatter:off if(isAgentAPIUnauthenticatedAccessEnabled && isSpinnakerWebhooksUnauthenticatedAccessEnabled){ - http - .requestMatcher(requestMatcherProvider.requestMatcher()) - .authorizeRequests() - .antMatchers("/error").permitAll() - .antMatchers('/favicon.ico').permitAll() - .antMatchers("/resources/**").permitAll() - .antMatchers("/images/**").permitAll() - .antMatchers("/js/**").permitAll() - .antMatchers("/fonts/**").permitAll() - .antMatchers("/css/**").permitAll() - .antMatchers('/**/favicon.ico').permitAll() - .antMatchers(HttpMethod.OPTIONS, "/**").permitAll() - .antMatchers(PermissionRevokingLogoutSuccessHandler.LOGGED_OUT_URL).permitAll() - .antMatchers('/auth/user').permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/registerCanary').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/api/v2/autopilot/canaries/{id}').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/api/v1/autopilot/canaries/{id}').permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/api/v1/registerCanary').permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/api/v2/registerCanary').permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/api/v3/registerCanary').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/canaries/{id}').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v1/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v2/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v4/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v5/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.GET,'/visibilityservice/v2/approvalGateInstances/{id}/status').permitAll() - .antMatchers(HttpMethod.GET,'/visibilityservice/v1/approvalGateInstances/{id}/status').permitAll() - .antMatchers(HttpMethod.PUT,'/visibilityservice/v1/approvalGateInstances/{id}/spinnakerReview').permitAll() - .antMatchers(HttpMethod.POST,'/oes/echo').permitAll() - .antMatchers(HttpMethod.POST,'/oes/echo/').permitAll() - .antMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data').permitAll() - .antMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data/').permitAll() - .antMatchers(HttpMethod.POST,'/v1/data/**').permitAll() - .antMatchers(HttpMethod.POST,'/v1/staticPolicy/eval').permitAll() - .antMatchers(HttpMethod.POST,'/v1/staticPolicy/eval/').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/mgmt/**').permitAll() - .antMatchers(HttpMethod.POST,'/datasource/cache/save').permitAll() - .antMatchers(HttpMethod.DELETE,'/datasource/cache/evict').permitAll() - .antMatchers('/plugins/deck/**').permitAll() - .antMatchers(HttpMethod.POST, '/webhooks/**').permitAll() - .antMatchers(HttpMethod.POST, '/notifications/callbacks/**').permitAll() - .antMatchers(HttpMethod.POST, '/managed/notifications/callbacks/**').permitAll() - .antMatchers(HttpMethod.GET, '/oes/accountsConfig/v2/agents/apple/automation').permitAll() - .antMatchers(HttpMethod.POST, '/oes/accountsConfig/v1/agents/apple/automation').permitAll() - .antMatchers(HttpMethod.GET, '/oes/accountsConfig/v1/agents/{agentName}/manifest/apple/automation').permitAll() - .antMatchers(HttpMethod.GET, '/oes/accountsConfig/v2/spinnaker/cloudProviderAccount/apple/automation').permitAll() - .antMatchers(HttpMethod.GET, '/oes/accountsConfig/v2/spinnaker/cloudProviderAccount/{agentName}/{accountName}/apple/automation').permitAll() - .antMatchers(HttpMethod.POST, '/oes/accountsConfig/v2/spinnaker/cloudProviderAccount/apple/automation').permitAll() - .antMatchers(HttpMethod.GET, '/oes/accountsConfig/v3/spinnaker/apple/automation').permitAll() - .antMatchers(HttpMethod.GET, '/dashboardservice/v4/getAllDatasources/apple/automation').permitAll() - .antMatchers(HttpMethod.GET, '/dashboardservice/v5/agents/{agentName}/accounts/{accountName}/accountType/{accountType}/apple/automation').permitAll() - .antMatchers(HttpMethod.POST, '/dashboardservice/v4/datasource/apple/automation').permitAll() - .antMatchers(HttpMethod.GET, '/platformservice/v6/applications/{applicationname}/pipeline/{pipelineName}/reference/{ref}/gates/{gatesName}').permitAll() - .antMatchers(HttpMethod.GET, '/platformservice/v1/applications/{applicationName}/pipelines/{pipelineName}').permitAll() - .antMatchers(HttpMethod.POST, '/dashboardservice/v4/pipelines/{pipelineId}/gates').permitAll() - .antMatchers(HttpMethod.PUT, '/platformservice/v6/usergroups/permissions/users/{username}/resources/{resourceId}').permitAll() - .antMatchers(HttpMethod.PUT, '/visibilityservice/v4/approvalGates/{id}/connector').permitAll() - .antMatchers(HttpMethod.PUT, '/dashboardservice/v4/pipelines/{pipelineId}/gates/{gateId}').permitAll() - .antMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents').permitAll() - .antMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents/').permitAll() - .antMatchers('/health').permitAll() - .antMatchers('/prometheus').permitAll() - .antMatchers('/info').permitAll() - .antMatchers('/metrics').permitAll() - .antMatchers('/**').authenticated() + http.authorizeHttpRequests((authz) -> + authz + .requestMatchers("/error", "/favicon.ico", "/resources/**", "/images/**", "/js/**", "/fonts/**", "/css/**", "/**/favicon.ico", "/auth/user", "/health", "/aop-prometheus").permitAll() + .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll() + .requestMatchers(PermissionRevokingLogoutSuccessHandler.LOGGED_OUT_URL).permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/registerCanary').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/api/v2/autopilot/canaries/{id}').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/api/v1/autopilot/canaries/{id}').permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/api/v1/registerCanary').permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/api/v2/registerCanary').permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/api/v3/registerCanary').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/canaries/{id}').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v1/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v2/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v4/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v5/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.GET,'/visibilityservice/v2/approvalGateInstances/{id}/status').permitAll() + .requestMatchers(HttpMethod.GET,'/visibilityservice/v1/approvalGateInstances/{id}/status').permitAll() + .requestMatchers(HttpMethod.PUT,'/visibilityservice/v1/approvalGateInstances/{id}/spinnakerReview').permitAll() + .requestMatchers(HttpMethod.POST,'/oes/echo').permitAll() + .requestMatchers(HttpMethod.POST,'/oes/echo/').permitAll() + .requestMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data').permitAll() + .requestMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data/').permitAll() + .requestMatchers(HttpMethod.POST,'/v1/data/**').permitAll() + .requestMatchers(HttpMethod.POST,'/v1/staticPolicy/eval').permitAll() + .requestMatchers(HttpMethod.POST,'/v1/staticPolicy/eval/').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/mgmt/**').permitAll() + .requestMatchers(HttpMethod.POST,'/datasource/cache/save').permitAll() + .requestMatchers(HttpMethod.DELETE,'/datasource/cache/evict').permitAll() + .requestMatchers('/plugins/deck/**').permitAll() + .requestMatchers(HttpMethod.POST, '/webhooks/**').permitAll() + .requestMatchers(HttpMethod.POST, '/notifications/callbacks/**').permitAll() + .requestMatchers(HttpMethod.POST, '/managed/notifications/callbacks/**').permitAll() + .requestMatchers(HttpMethod.GET, '/oes/accountsConfig/v2/agents/apple/automation').permitAll() + .requestMatchers(HttpMethod.POST, '/oes/accountsConfig/v1/agents/apple/automation').permitAll() + .requestMatchers(HttpMethod.GET, '/oes/accountsConfig/v1/agents/{agentName}/manifest/apple/automation').permitAll() + .requestMatchers(HttpMethod.GET, '/oes/accountsConfig/v2/spinnaker/cloudProviderAccount/apple/automation').permitAll() + .requestMatchers(HttpMethod.GET, '/oes/accountsConfig/v2/spinnaker/cloudProviderAccount/{agentName}/{accountName}/apple/automation').permitAll() + .requestMatchers(HttpMethod.POST, '/oes/accountsConfig/v2/spinnaker/cloudProviderAccount/apple/automation').permitAll() + .requestMatchers(HttpMethod.GET, '/oes/accountsConfig/v3/spinnaker/apple/automation').permitAll() + .requestMatchers(HttpMethod.GET, '/dashboardservice/v4/getAllDatasources/apple/automation').permitAll() + .requestMatchers(HttpMethod.GET, '/dashboardservice/v5/agents/{agentName}/accounts/{accountName}/accountType/{accountType}/apple/automation').permitAll() + .requestMatchers(HttpMethod.POST, '/dashboardservice/v4/datasource/apple/automation').permitAll() + .requestMatchers(HttpMethod.GET, '/platformservice/v6/applications/{applicationname}/pipeline/{pipelineName}/reference/{ref}/gates/{gatesName}').permitAll() + .requestMatchers(HttpMethod.GET, '/platformservice/v1/applications/{applicationName}/pipelines/{pipelineName}').permitAll() + .requestMatchers(HttpMethod.POST, '/dashboardservice/v4/pipelines/{pipelineId}/gates').permitAll() + .requestMatchers(HttpMethod.PUT, '/platformservice/v6/usergroups/permissions/users/{username}/resources/{resourceId}').permitAll() + .requestMatchers(HttpMethod.PUT, '/visibilityservice/v4/approvalGates/{id}/connector').permitAll() + .requestMatchers(HttpMethod.PUT, '/dashboardservice/v4/pipelines/{pipelineId}/gates/{gateId}').permitAll() + .requestMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents').permitAll() + .requestMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents/').permitAll() + .requestMatchers('/prometheus').permitAll() + .requestMatchers('/info').permitAll() + .requestMatchers('/metrics').permitAll() + .requestMatchers('/**').authenticated()) }else if(isAgentAPIUnauthenticatedAccessEnabled){ http - .requestMatcher(requestMatcherProvider.requestMatcher()) - .authorizeRequests() - .antMatchers("/error").permitAll() - .antMatchers('/favicon.ico').permitAll() - .antMatchers("/resources/**").permitAll() - .antMatchers("/images/**").permitAll() - .antMatchers("/js/**").permitAll() - .antMatchers("/fonts/**").permitAll() - .antMatchers("/css/**").permitAll() - .antMatchers('/**/favicon.ico').permitAll() - .antMatchers(HttpMethod.OPTIONS, "/**").permitAll() - .antMatchers(PermissionRevokingLogoutSuccessHandler.LOGGED_OUT_URL).permitAll() - .antMatchers('/auth/user').permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/registerCanary').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/api/v2/autopilot/canaries/{id}').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/api/v1/autopilot/canaries/{id}').permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/api/v1/registerCanary').permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/api/v2/registerCanary').permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/api/v3/registerCanary').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/canaries/{id}').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v1/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v2/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v4/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v5/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.GET,'/visibilityservice/v2/approvalGateInstances/{id}/status').permitAll() - .antMatchers(HttpMethod.GET,'/visibilityservice/v1/approvalGateInstances/{id}/status').permitAll() - .antMatchers(HttpMethod.PUT,'/visibilityservice/v1/approvalGateInstances/{id}/spinnakerReview').permitAll() - .antMatchers(HttpMethod.POST,'/oes/echo').permitAll() - .antMatchers(HttpMethod.POST,'/oes/echo/').permitAll() - .antMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data').permitAll() - .antMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data/').permitAll() - .antMatchers(HttpMethod.POST,'/v1/data/**').permitAll() - .antMatchers(HttpMethod.POST,'/v1/staticPolicy/eval').permitAll() - .antMatchers(HttpMethod.POST,'/v1/staticPolicy/eval/').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/mgmt/**').permitAll() - .antMatchers(HttpMethod.POST,'/datasource/cache/save').permitAll() - .antMatchers(HttpMethod.DELETE,'/datasource/cache/evict').permitAll() - .antMatchers('/plugins/deck/**').permitAll() - .antMatchers(HttpMethod.POST, '/notifications/callbacks/**').permitAll() - .antMatchers(HttpMethod.POST, '/managed/notifications/callbacks/**').permitAll() - .antMatchers(HttpMethod.GET, '/oes/accountsConfig/v2/agents/apple/automation').permitAll() - .antMatchers(HttpMethod.POST, '/oes/accountsConfig/v1/agents/apple/automation').permitAll() - .antMatchers(HttpMethod.GET, '/oes/accountsConfig/v1/agents/{agentName}/manifest/apple/automation').permitAll() - .antMatchers(HttpMethod.GET, '/oes/accountsConfig/v2/spinnaker/cloudProviderAccount/apple/automation').permitAll() - .antMatchers(HttpMethod.GET, '/oes/accountsConfig/v2/spinnaker/cloudProviderAccount/{agentName}/{accountName}/apple/automation').permitAll() - .antMatchers(HttpMethod.POST, '/oes/accountsConfig/v2/spinnaker/cloudProviderAccount/apple/automation').permitAll() - .antMatchers(HttpMethod.GET, '/oes/accountsConfig/v3/spinnaker/apple/automation').permitAll() - .antMatchers(HttpMethod.GET, '/dashboardservice/v4/getAllDatasources/apple/automation').permitAll() - .antMatchers(HttpMethod.GET, '/dashboardservice/v5/agents/{agentName}/accounts/{accountName}/accountType/{accountType}/apple/automation').permitAll() - .antMatchers(HttpMethod.POST, '/dashboardservice/v4/datasource/apple/automation').permitAll() - .antMatchers(HttpMethod.GET, '/platformservice/v6/applications/{applicationname}/pipeline/{pipelineName}/reference/{ref}/gates/{gatesName}').permitAll() - .antMatchers(HttpMethod.GET, '/platformservice/v1/applications/{applicationName}/pipelines/{pipelineName}').permitAll() - .antMatchers(HttpMethod.POST, '/dashboardservice/v4/pipelines/{pipelineId}/gates').permitAll() - .antMatchers(HttpMethod.PUT, '/platformservice/v6/usergroups/permissions/users/{username}/resources/{resourceId}').permitAll() - .antMatchers(HttpMethod.PUT, '/visibilityservice/v4/approvalGates/{id}/connector').permitAll() - .antMatchers(HttpMethod.PUT, '/dashboardservice/v4/pipelines/{pipelineId}/gates/{gateId}').permitAll() - .antMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents').permitAll() - .antMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents/').permitAll() - .antMatchers('/health').permitAll() - .antMatchers('/prometheus').permitAll() - .antMatchers('/info').permitAll() - .antMatchers('/metrics').permitAll() - .antMatchers('/**').authenticated() + http.authorizeHttpRequests((authz) -> + authz + .requestMatchers("/error").permitAll() + .requestMatchers('/favicon.ico').permitAll() + .requestMatchers("/resources/**").permitAll() + .requestMatchers("/images/**").permitAll() + .requestMatchers("/js/**").permitAll() + .requestMatchers("/fonts/**").permitAll() + .requestMatchers("/css/**").permitAll() + .requestMatchers('/**/favicon.ico').permitAll() + .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll() + .requestMatchers(PermissionRevokingLogoutSuccessHandler.LOGGED_OUT_URL).permitAll() + .requestMatchers('/auth/user').permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/registerCanary').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/api/v2/autopilot/canaries/{id}').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/api/v1/autopilot/canaries/{id}').permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/api/v1/registerCanary').permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/api/v2/registerCanary').permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/api/v3/registerCanary').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/canaries/{id}').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v1/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v2/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v4/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v5/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.GET,'/visibilityservice/v2/approvalGateInstances/{id}/status').permitAll() + .requestMatchers(HttpMethod.GET,'/visibilityservice/v1/approvalGateInstances/{id}/status').permitAll() + .requestMatchers(HttpMethod.PUT,'/visibilityservice/v1/approvalGateInstances/{id}/spinnakerReview').permitAll() + .requestMatchers(HttpMethod.POST,'/oes/echo').permitAll() + .requestMatchers(HttpMethod.POST,'/oes/echo/').permitAll() + .requestMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data').permitAll() + .requestMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data/').permitAll() + .requestMatchers(HttpMethod.POST,'/v1/data/**').permitAll() + .requestMatchers(HttpMethod.POST,'/v1/staticPolicy/eval').permitAll() + .requestMatchers(HttpMethod.POST,'/v1/staticPolicy/eval/').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/mgmt/**').permitAll() + .requestMatchers(HttpMethod.POST,'/datasource/cache/save').permitAll() + .requestMatchers(HttpMethod.DELETE,'/datasource/cache/evict').permitAll() + .requestMatchers('/plugins/deck/**').permitAll() + .requestMatchers(HttpMethod.POST, '/notifications/callbacks/**').permitAll() + .requestMatchers(HttpMethod.POST, '/managed/notifications/callbacks/**').permitAll() + .requestMatchers(HttpMethod.GET, '/oes/accountsConfig/v2/agents/apple/automation').permitAll() + .requestMatchers(HttpMethod.POST, '/oes/accountsConfig/v1/agents/apple/automation').permitAll() + .requestMatchers(HttpMethod.GET, '/oes/accountsConfig/v1/agents/{agentName}/manifest/apple/automation').permitAll() + .requestMatchers(HttpMethod.GET, '/oes/accountsConfig/v2/spinnaker/cloudProviderAccount/apple/automation').permitAll() + .requestMatchers(HttpMethod.GET, '/oes/accountsConfig/v2/spinnaker/cloudProviderAccount/{agentName}/{accountName}/apple/automation').permitAll() + .requestMatchers(HttpMethod.POST, '/oes/accountsConfig/v2/spinnaker/cloudProviderAccount/apple/automation').permitAll() + .requestMatchers(HttpMethod.GET, '/oes/accountsConfig/v3/spinnaker/apple/automation').permitAll() + .requestMatchers(HttpMethod.GET, '/dashboardservice/v4/getAllDatasources/apple/automation').permitAll() + .requestMatchers(HttpMethod.GET, '/dashboardservice/v5/agents/{agentName}/accounts/{accountName}/accountType/{accountType}/apple/automation').permitAll() + .requestMatchers(HttpMethod.POST, '/dashboardservice/v4/datasource/apple/automation').permitAll() + .requestMatchers(HttpMethod.GET, '/platformservice/v6/applications/{applicationname}/pipeline/{pipelineName}/reference/{ref}/gates/{gatesName}').permitAll() + .requestMatchers(HttpMethod.GET, '/platformservice/v1/applications/{applicationName}/pipelines/{pipelineName}').permitAll() + .requestMatchers(HttpMethod.POST, '/dashboardservice/v4/pipelines/{pipelineId}/gates').permitAll() + .requestMatchers(HttpMethod.PUT, '/platformservice/v6/usergroups/permissions/users/{username}/resources/{resourceId}').permitAll() + .requestMatchers(HttpMethod.PUT, '/visibilityservice/v4/approvalGates/{id}/connector').permitAll() + .requestMatchers(HttpMethod.PUT, '/dashboardservice/v4/pipelines/{pipelineId}/gates/{gateId}').permitAll() + .requestMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents').permitAll() + .requestMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents/').permitAll() + .requestMatchers('/health').permitAll() + .requestMatchers('/prometheus').permitAll() + .requestMatchers('/info').permitAll() + .requestMatchers('/metrics').permitAll() + .requestMatchers('/**').authenticated()) }else if(isSpinnakerWebhooksUnauthenticatedAccessEnabled){ - http - .requestMatcher(requestMatcherProvider.requestMatcher()) - .authorizeRequests() - .antMatchers("/error").permitAll() - .antMatchers('/favicon.ico').permitAll() - .antMatchers("/resources/**").permitAll() - .antMatchers("/images/**").permitAll() - .antMatchers("/js/**").permitAll() - .antMatchers("/fonts/**").permitAll() - .antMatchers("/css/**").permitAll() - .antMatchers('/**/favicon.ico').permitAll() - .antMatchers(HttpMethod.OPTIONS, "/**").permitAll() - .antMatchers(PermissionRevokingLogoutSuccessHandler.LOGGED_OUT_URL).permitAll() - .antMatchers('/auth/user').permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/registerCanary').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/api/v2/autopilot/canaries/{id}').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/api/v1/autopilot/canaries/{id}').permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/api/v1/registerCanary').permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/api/v2/registerCanary').permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/api/v3/registerCanary').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/canaries/{id}').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v1/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v2/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v4/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v5/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.GET,'/visibilityservice/v2/approvalGateInstances/{id}/status').permitAll() - .antMatchers(HttpMethod.GET,'/visibilityservice/v1/approvalGateInstances/{id}/status').permitAll() - .antMatchers(HttpMethod.PUT,'/visibilityservice/v1/approvalGateInstances/{id}/spinnakerReview').permitAll() - .antMatchers(HttpMethod.GET, '/platformservice/v6/applications/{applicationname}/pipeline/{pipelineName}/reference/{ref}/gates/{gatesName}').permitAll() - .antMatchers(HttpMethod.POST,'/oes/echo').permitAll() - .antMatchers(HttpMethod.POST,'/oes/echo/').permitAll() - .antMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data').permitAll() - .antMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data/').permitAll() - .antMatchers(HttpMethod.POST,'/v1/data/**').permitAll() - .antMatchers(HttpMethod.POST,'/v1/staticPolicy/eval').permitAll() - .antMatchers(HttpMethod.POST,'/v1/staticPolicy/eval/').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/mgmt/**').permitAll() - .antMatchers(HttpMethod.POST,'/datasource/cache/save').permitAll() - .antMatchers(HttpMethod.DELETE,'/datasource/cache/evict').permitAll() - .antMatchers('/plugins/deck/**').permitAll() - .antMatchers(HttpMethod.POST, '/webhooks/**').permitAll() - .antMatchers(HttpMethod.POST, '/notifications/callbacks/**').permitAll() - .antMatchers(HttpMethod.POST, '/managed/notifications/callbacks/**').permitAll() - .antMatchers(HttpMethod.GET, '/platformservice/v1/applications/{applicationName}/pipelines/{pipelineName}').permitAll() - .antMatchers(HttpMethod.POST, '/dashboardservice/v4/pipelines/{pipelineId}/gates').permitAll() - .antMatchers(HttpMethod.PUT, '/platformservice/v6/usergroups/permissions/users/{username}/resources/{resourceId}').permitAll() - .antMatchers(HttpMethod.PUT, '/visibilityservice/v4/approvalGates/{id}/connector').permitAll() - .antMatchers(HttpMethod.PUT, '/dashboardservice/v4/pipelines/{pipelineId}/gates/{gateId}').permitAll() - .antMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents').permitAll() - .antMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents/').permitAll() - .antMatchers('/health').permitAll() - .antMatchers('/prometheus').permitAll() - .antMatchers('/info').permitAll() - .antMatchers('/metrics').permitAll() - .antMatchers('/**').authenticated() + http.authorizeHttpRequests((authz) -> + authz + .requestMatchers("/error").permitAll() + .requestMatchers('/favicon.ico').permitAll() + .requestMatchers("/resources/**").permitAll() + .requestMatchers("/images/**").permitAll() + .requestMatchers("/js/**").permitAll() + .requestMatchers("/fonts/**").permitAll() + .requestMatchers("/css/**").permitAll() + .requestMatchers('/**/favicon.ico').permitAll() + .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll() + .requestMatchers(PermissionRevokingLogoutSuccessHandler.LOGGED_OUT_URL).permitAll() + .requestMatchers('/auth/user').permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/registerCanary').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/api/v2/autopilot/canaries/{id}').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/api/v1/autopilot/canaries/{id}').permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/api/v1/registerCanary').permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/api/v2/registerCanary').permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/api/v3/registerCanary').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/canaries/{id}').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v1/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v2/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v4/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v5/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.GET,'/visibilityservice/v2/approvalGateInstances/{id}/status').permitAll() + .requestMatchers(HttpMethod.GET,'/visibilityservice/v1/approvalGateInstances/{id}/status').permitAll() + .requestMatchers(HttpMethod.PUT,'/visibilityservice/v1/approvalGateInstances/{id}/spinnakerReview').permitAll() + .requestMatchers(HttpMethod.GET, '/platformservice/v6/applications/{applicationname}/pipeline/{pipelineName}/reference/{ref}/gates/{gatesName}').permitAll() + .requestMatchers(HttpMethod.POST,'/oes/echo').permitAll() + .requestMatchers(HttpMethod.POST,'/oes/echo/').permitAll() + .requestMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data').permitAll() + .requestMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data/').permitAll() + .requestMatchers(HttpMethod.POST,'/v1/data/**').permitAll() + .requestMatchers(HttpMethod.POST,'/v1/staticPolicy/eval').permitAll() + .requestMatchers(HttpMethod.POST,'/v1/staticPolicy/eval/').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/mgmt/**').permitAll() + .requestMatchers(HttpMethod.POST,'/datasource/cache/save').permitAll() + .requestMatchers(HttpMethod.DELETE,'/datasource/cache/evict').permitAll() + .requestMatchers('/plugins/deck/**').permitAll() + .requestMatchers(HttpMethod.POST, '/webhooks/**').permitAll() + .requestMatchers(HttpMethod.POST, '/notifications/callbacks/**').permitAll() + .requestMatchers(HttpMethod.POST, '/managed/notifications/callbacks/**').permitAll() + .requestMatchers(HttpMethod.GET, '/platformservice/v1/applications/{applicationName}/pipelines/{pipelineName}').permitAll() + .requestMatchers(HttpMethod.POST, '/dashboardservice/v4/pipelines/{pipelineId}/gates').permitAll() + .requestMatchers(HttpMethod.PUT, '/platformservice/v6/usergroups/permissions/users/{username}/resources/{resourceId}').permitAll() + .requestMatchers(HttpMethod.PUT, '/visibilityservice/v4/approvalGates/{id}/connector').permitAll() + .requestMatchers(HttpMethod.PUT, '/dashboardservice/v4/pipelines/{pipelineId}/gates/{gateId}').permitAll() + .requestMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents').permitAll() + .requestMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents/').permitAll() + .requestMatchers('/health').permitAll() + .requestMatchers('/prometheus').permitAll() + .requestMatchers('/info').permitAll() + .requestMatchers('/metrics').permitAll() + .requestMatchers('/**').authenticated()) }else{ - http - .requestMatcher(requestMatcherProvider.requestMatcher()) - .authorizeRequests() - .antMatchers("/error").permitAll() - .antMatchers('/favicon.ico').permitAll() - .antMatchers("/resources/**").permitAll() - .antMatchers("/images/**").permitAll() - .antMatchers("/js/**").permitAll() - .antMatchers("/fonts/**").permitAll() - .antMatchers("/css/**").permitAll() - .antMatchers('/**/favicon.ico').permitAll() - .antMatchers(HttpMethod.OPTIONS, "/**").permitAll() - .antMatchers(PermissionRevokingLogoutSuccessHandler.LOGGED_OUT_URL).permitAll() - .antMatchers('/auth/user').permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/registerCanary').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/api/v2/autopilot/canaries/{id}').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/api/v1/autopilot/canaries/{id}').permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/api/v1/registerCanary').permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/api/v2/registerCanary').permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/api/v3/registerCanary').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/canaries/{id}').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v1/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v2/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v4/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v5/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.GET,'/visibilityservice/v2/approvalGateInstances/{id}/status').permitAll() - .antMatchers(HttpMethod.GET,'/visibilityservice/v1/approvalGateInstances/{id}/status').permitAll() - .antMatchers(HttpMethod.PUT,'/visibilityservice/v1/approvalGateInstances/{id}/spinnakerReview').permitAll() - .antMatchers(HttpMethod.GET, '/platformservice/v6/applications/{applicationname}/pipeline/{pipelineName}/reference/{ref}/gates/{gatesName}').permitAll() - .antMatchers(HttpMethod.POST,'/oes/echo').permitAll() - .antMatchers(HttpMethod.POST,'/oes/echo/').permitAll() - .antMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data').permitAll() - .antMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data/').permitAll() - .antMatchers(HttpMethod.POST,'/v1/data/**').permitAll() - .antMatchers(HttpMethod.POST,'/v1/staticPolicy/eval').permitAll() - .antMatchers(HttpMethod.POST,'/v1/staticPolicy/eval/').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/mgmt/**').permitAll() - .antMatchers(HttpMethod.POST,'/datasource/cache/save').permitAll() - .antMatchers(HttpMethod.DELETE,'/datasource/cache/evict').permitAll() - .antMatchers('/plugins/deck/**').permitAll() - .antMatchers(HttpMethod.POST, '/notifications/callbacks/**').permitAll() - .antMatchers(HttpMethod.POST, '/managed/notifications/callbacks/**').permitAll() - .antMatchers(HttpMethod.GET, '/platformservice/v1/applications/{applicationName}/pipelines/{pipelineName}').permitAll() - .antMatchers(HttpMethod.POST, '/dashboardservice/v4/pipelines/{pipelineId}/gates').permitAll() - .antMatchers(HttpMethod.PUT, '/platformservice/v6/usergroups/permissions/users/{username}/resources/{resourceId}').permitAll() - .antMatchers(HttpMethod.PUT, '/visibilityservice/v4/approvalGates/{id}/connector').permitAll() - .antMatchers(HttpMethod.PUT, '/dashboardservice/v4/pipelines/{pipelineId}/gates/{gateId}').permitAll() - .antMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents').permitAll() - .antMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents/').permitAll() - .antMatchers('/health').permitAll() - .antMatchers('/prometheus').permitAll() - .antMatchers('/info').permitAll() - .antMatchers('/metrics').permitAll() - .antMatchers('/**').authenticated() + http.authorizeHttpRequests((authz) -> + authz + .requestMatchers("/error").permitAll() + .requestMatchers('/favicon.ico').permitAll() + .requestMatchers("/resources/**").permitAll() + .requestMatchers("/images/**").permitAll() + .requestMatchers("/js/**").permitAll() + .requestMatchers("/fonts/**").permitAll() + .requestMatchers("/css/**").permitAll() + .requestMatchers('/**/favicon.ico').permitAll() + .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll() + .requestMatchers(PermissionRevokingLogoutSuccessHandler.LOGGED_OUT_URL).permitAll() + .requestMatchers('/auth/user').permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/registerCanary').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/api/v2/autopilot/canaries/{id}').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/api/v1/autopilot/canaries/{id}').permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/api/v1/registerCanary').permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/api/v2/registerCanary').permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/api/v3/registerCanary').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/canaries/{id}').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v1/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v2/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v4/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v5/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.GET,'/visibilityservice/v2/approvalGateInstances/{id}/status').permitAll() + .requestMatchers(HttpMethod.GET,'/visibilityservice/v1/approvalGateInstances/{id}/status').permitAll() + .requestMatchers(HttpMethod.PUT,'/visibilityservice/v1/approvalGateInstances/{id}/spinnakerReview').permitAll() + .requestMatchers(HttpMethod.GET, '/platformservice/v6/applications/{applicationname}/pipeline/{pipelineName}/reference/{ref}/gates/{gatesName}').permitAll() + .requestMatchers(HttpMethod.POST,'/oes/echo').permitAll() + .requestMatchers(HttpMethod.POST,'/oes/echo/').permitAll() + .requestMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data').permitAll() + .requestMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data/').permitAll() + .requestMatchers(HttpMethod.POST,'/v1/data/**').permitAll() + .requestMatchers(HttpMethod.POST,'/v1/staticPolicy/eval').permitAll() + .requestMatchers(HttpMethod.POST,'/v1/staticPolicy/eval/').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/mgmt/**').permitAll() + .requestMatchers(HttpMethod.POST,'/datasource/cache/save').permitAll() + .requestMatchers(HttpMethod.DELETE,'/datasource/cache/evict').permitAll() + .requestMatchers('/plugins/deck/**').permitAll() + .requestMatchers(HttpMethod.POST, '/notifications/callbacks/**').permitAll() + .requestMatchers(HttpMethod.POST, '/managed/notifications/callbacks/**').permitAll() + .requestMatchers(HttpMethod.GET, '/platformservice/v1/applications/{applicationName}/pipelines/{pipelineName}').permitAll() + .requestMatchers(HttpMethod.POST, '/dashboardservice/v4/pipelines/{pipelineId}/gates').permitAll() + .requestMatchers(HttpMethod.PUT, '/platformservice/v6/usergroups/permissions/users/{username}/resources/{resourceId}').permitAll() + .requestMatchers(HttpMethod.PUT, '/visibilityservice/v4/approvalGates/{id}/connector').permitAll() + .requestMatchers(HttpMethod.PUT, '/dashboardservice/v4/pipelines/{pipelineId}/gates/{gateId}').permitAll() + .requestMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents').permitAll() + .requestMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents/').permitAll() + .requestMatchers('/health').permitAll() + .requestMatchers('/prometheus').permitAll() + .requestMatchers('/info').permitAll() + .requestMatchers('/metrics').permitAll() + .requestMatchers('/**').authenticated()) } if (fiatSessionFilterEnabled) { @@ -358,7 +346,9 @@ class AuthConfig { } if (webhookDefaultAuthEnabled) { - http.authorizeRequests().antMatchers(HttpMethod.POST, '/webhooks/**').authenticated() + http.authorizeHttpRequests( + (requests) -> + requests.requestMatchers(HttpMethod.POST, "/webhooks/**").authenticated()); } http.headers().contentSecurityPolicy(contentSecurityPolicy) @@ -383,61 +373,62 @@ class AuthConfig { .exceptionHandling() .authenticationEntryPoint(jwtAuthenticationEntryPoint).and().sessionManagement() .sessionCreationPolicy(SessionCreationPolicy.STATELESS).and() - .authorizeRequests() - .antMatchers("/auth/login").permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/registerCanary').permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/api/v1/registerCanary').permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/api/v2/registerCanary').permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/api/v3/registerCanary').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/canaries/{id}').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/api/v2/autopilot/canaries/{id}').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/api/v1/autopilot/canaries/{id}').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v1/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v2/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v4/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v5/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.GET,'/visibilityservice/v2/approvalGateInstances/{id}/status').permitAll() - .antMatchers(HttpMethod.GET,'/visibilityservice/v1/approvalGateInstances/{id}/status').permitAll() - .antMatchers(HttpMethod.PUT,'/visibilityservice/v1/approvalGateInstances/{id}/spinnakerReview').permitAll() - .antMatchers(HttpMethod.POST,'/oes/echo').permitAll() - .antMatchers(HttpMethod.POST,'/oes/echo/').permitAll() - .antMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data').permitAll() - .antMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data/').permitAll() - .antMatchers(HttpMethod.POST,'/v1/data/**').permitAll() - .antMatchers(HttpMethod.POST,'/v1/staticPolicy/eval').permitAll() - .antMatchers(HttpMethod.POST,'/v1/staticPolicy/eval/').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/mgmt/**').permitAll() - .antMatchers(HttpMethod.POST,'/datasource/cache/save').permitAll() - .antMatchers(HttpMethod.DELETE,'/datasource/cache/evict').permitAll() - .antMatchers('/**/favicon.ico').permitAll() - .antMatchers(HttpMethod.OPTIONS, "/**").permitAll() - .antMatchers(PermissionRevokingLogoutSuccessHandler.LOGGED_OUT_URL).permitAll() - .antMatchers('/plugins/deck/**').permitAll() - .antMatchers(HttpMethod.POST, '/webhooks/**').permitAll() - .antMatchers(HttpMethod.POST, '/notifications/callbacks/**').permitAll() - .antMatchers(HttpMethod.GET, '/oes/accountsConfig/v2/agents/apple/automation').permitAll() - .antMatchers(HttpMethod.POST, '/oes/accountsConfig/v1/agents/apple/automation').permitAll() - .antMatchers(HttpMethod.GET, '/oes/accountsConfig/v1/agents/{agentName}/manifest/apple/automation').permitAll() - .antMatchers(HttpMethod.GET, '/oes/accountsConfig/v2/spinnaker/cloudProviderAccount/apple/automation').permitAll() - .antMatchers(HttpMethod.GET, '/oes/accountsConfig/v2/spinnaker/cloudProviderAccount/{agentName}/{accountName}/apple/automation').permitAll() - .antMatchers(HttpMethod.POST, '/oes/accountsConfig/v2/spinnaker/cloudProviderAccount/apple/automation').permitAll() - .antMatchers(HttpMethod.GET, '/oes/accountsConfig/v3/spinnaker/apple/automation').permitAll() - .antMatchers(HttpMethod.GET, '/dashboardservice/v4/getAllDatasources/apple/automation').permitAll() - .antMatchers(HttpMethod.GET, '/dashboardservice/v5/agents/{agentName}/accounts/{accountName}/accountType/{accountType}/apple/automation').permitAll() - .antMatchers(HttpMethod.POST, '/dashboardservice/v4/datasource/apple/automation').permitAll() - .antMatchers(HttpMethod.GET, '/platformservice/v6/applications/{applicationname}/pipeline/{pipelineName}/reference/{ref}/gates/{gatesName}').permitAll() - .antMatchers(HttpMethod.GET, '/platformservice/v1/applications/{applicationName}/pipelines/{pipelineName}').permitAll() - .antMatchers(HttpMethod.POST, '/dashboardservice/v4/pipelines/{pipelineId}/gates').permitAll() - .antMatchers(HttpMethod.PUT, '/platformservice/v6/usergroups/permissions/users/{username}/resources/{resourceId}').permitAll() - .antMatchers(HttpMethod.PUT, '/visibilityservice/v4/approvalGates/{id}/connector').permitAll() - .antMatchers(HttpMethod.PUT, '/dashboardservice/v4/pipelines/{pipelineId}/gates/{gateId}').permitAll() - .antMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents').permitAll() - .antMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents/').permitAll() - .antMatchers('/health').permitAll() - .antMatchers('/prometheus').permitAll() - .antMatchers('/info').permitAll() - .antMatchers('/metrics').permitAll() - .anyRequest().authenticated() + .authorizeHttpRequests((authz) -> + authz + .requestMatchers("/auth/login").permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/registerCanary').permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/api/v1/registerCanary').permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/api/v2/registerCanary').permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/api/v3/registerCanary').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/canaries/{id}').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/api/v2/autopilot/canaries/{id}').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/api/v1/autopilot/canaries/{id}').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v1/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v2/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v4/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v5/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.GET,'/visibilityservice/v2/approvalGateInstances/{id}/status').permitAll() + .requestMatchers(HttpMethod.GET,'/visibilityservice/v1/approvalGateInstances/{id}/status').permitAll() + .requestMatchers(HttpMethod.PUT,'/visibilityservice/v1/approvalGateInstances/{id}/spinnakerReview').permitAll() + .requestMatchers(HttpMethod.POST,'/oes/echo').permitAll() + .requestMatchers(HttpMethod.POST,'/oes/echo/').permitAll() + .requestMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data').permitAll() + .requestMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data/').permitAll() + .requestMatchers(HttpMethod.POST,'/v1/data/**').permitAll() + .requestMatchers(HttpMethod.POST,'/v1/staticPolicy/eval').permitAll() + .requestMatchers(HttpMethod.POST,'/v1/staticPolicy/eval/').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/mgmt/**').permitAll() + .requestMatchers(HttpMethod.POST,'/datasource/cache/save').permitAll() + .requestMatchers(HttpMethod.DELETE,'/datasource/cache/evict').permitAll() + .requestMatchers('/**/favicon.ico').permitAll() + .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll() + .requestMatchers(PermissionRevokingLogoutSuccessHandler.LOGGED_OUT_URL).permitAll() + .requestMatchers('/plugins/deck/**').permitAll() + .requestMatchers(HttpMethod.POST, '/webhooks/**').permitAll() + .requestMatchers(HttpMethod.POST, '/notifications/callbacks/**').permitAll() + .requestMatchers(HttpMethod.GET, '/oes/accountsConfig/v2/agents/apple/automation').permitAll() + .requestMatchers(HttpMethod.POST, '/oes/accountsConfig/v1/agents/apple/automation').permitAll() + .requestMatchers(HttpMethod.GET, '/oes/accountsConfig/v1/agents/{agentName}/manifest/apple/automation').permitAll() + .requestMatchers(HttpMethod.GET, '/oes/accountsConfig/v2/spinnaker/cloudProviderAccount/apple/automation').permitAll() + .requestMatchers(HttpMethod.GET, '/oes/accountsConfig/v2/spinnaker/cloudProviderAccount/{agentName}/{accountName}/apple/automation').permitAll() + .requestMatchers(HttpMethod.POST, '/oes/accountsConfig/v2/spinnaker/cloudProviderAccount/apple/automation').permitAll() + .requestMatchers(HttpMethod.GET, '/oes/accountsConfig/v3/spinnaker/apple/automation').permitAll() + .requestMatchers(HttpMethod.GET, '/dashboardservice/v4/getAllDatasources/apple/automation').permitAll() + .requestMatchers(HttpMethod.GET, '/dashboardservice/v5/agents/{agentName}/accounts/{accountName}/accountType/{accountType}/apple/automation').permitAll() + .requestMatchers(HttpMethod.POST, '/dashboardservice/v4/datasource/apple/automation').permitAll() + .requestMatchers(HttpMethod.GET, '/platformservice/v6/applications/{applicationname}/pipeline/{pipelineName}/reference/{ref}/gates/{gatesName}').permitAll() + .requestMatchers(HttpMethod.GET, '/platformservice/v1/applications/{applicationName}/pipelines/{pipelineName}').permitAll() + .requestMatchers(HttpMethod.POST, '/dashboardservice/v4/pipelines/{pipelineId}/gates').permitAll() + .requestMatchers(HttpMethod.PUT, '/platformservice/v6/usergroups/permissions/users/{username}/resources/{resourceId}').permitAll() + .requestMatchers(HttpMethod.PUT, '/visibilityservice/v4/approvalGates/{id}/connector').permitAll() + .requestMatchers(HttpMethod.PUT, '/dashboardservice/v4/pipelines/{pipelineId}/gates/{gateId}').permitAll() + .requestMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents').permitAll() + .requestMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents/').permitAll() + .requestMatchers('/health').permitAll() + .requestMatchers('/prometheus').permitAll() + .requestMatchers('/info').permitAll() + .requestMatchers('/metrics').permitAll() + .anyRequest().authenticated()) http.addFilterBefore(jwtRequestFilter, UsernamePasswordAuthenticationFilter.class); }else if(isAgentAPIUnauthenticatedAccessEnabled){ http @@ -448,60 +439,61 @@ class AuthConfig { .exceptionHandling() .authenticationEntryPoint(jwtAuthenticationEntryPoint).and().sessionManagement() .sessionCreationPolicy(SessionCreationPolicy.STATELESS).and() - .authorizeRequests() - .antMatchers("/auth/login").permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/registerCanary').permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/api/v1/registerCanary').permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/api/v2/registerCanary').permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/api/v3/registerCanary').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/canaries/{id}').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/api/v2/autopilot/canaries/{id}').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/api/v1/autopilot/canaries/{id}').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v1/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v2/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v4/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v5/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.GET,'/visibilityservice/v2/approvalGateInstances/{id}/status').permitAll() - .antMatchers(HttpMethod.GET,'/visibilityservice/v1/approvalGateInstances/{id}/status').permitAll() - .antMatchers(HttpMethod.PUT,'/visibilityservice/v1/approvalGateInstances/{id}/spinnakerReview').permitAll() - .antMatchers(HttpMethod.POST,'/oes/echo').permitAll() - .antMatchers(HttpMethod.POST,'/oes/echo/').permitAll() - .antMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data').permitAll() - .antMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data/').permitAll() - .antMatchers(HttpMethod.POST,'/v1/data/**').permitAll() - .antMatchers(HttpMethod.POST,'/v1/staticPolicy/eval').permitAll() - .antMatchers(HttpMethod.POST,'/v1/staticPolicy/eval/').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/mgmt/**').permitAll() - .antMatchers(HttpMethod.POST,'/datasource/cache/save').permitAll() - .antMatchers(HttpMethod.DELETE,'/datasource/cache/evict').permitAll() - .antMatchers('/**/favicon.ico').permitAll() - .antMatchers(HttpMethod.OPTIONS, "/**").permitAll() - .antMatchers(PermissionRevokingLogoutSuccessHandler.LOGGED_OUT_URL).permitAll() - .antMatchers('/plugins/deck/**').permitAll() - .antMatchers(HttpMethod.POST, '/notifications/callbacks/**').permitAll() - .antMatchers(HttpMethod.GET, '/oes/accountsConfig/v2/agents/apple/automation').permitAll() - .antMatchers(HttpMethod.POST, '/oes/accountsConfig/v1/agents/apple/automation').permitAll() - .antMatchers(HttpMethod.GET, '/oes/accountsConfig/v1/agents/{agentName}/manifest/apple/automation').permitAll() - .antMatchers(HttpMethod.GET, '/oes/accountsConfig/v2/spinnaker/cloudProviderAccount/apple/automation').permitAll() - .antMatchers(HttpMethod.GET, '/oes/accountsConfig/v2/spinnaker/cloudProviderAccount/{agentName}/{accountName}/apple/automation').permitAll() - .antMatchers(HttpMethod.POST, '/oes/accountsConfig/v2/spinnaker/cloudProviderAccount/apple/automation').permitAll() - .antMatchers(HttpMethod.GET, '/oes/accountsConfig/v3/spinnaker/apple/automation').permitAll() - .antMatchers(HttpMethod.GET, '/dashboardservice/v4/getAllDatasources/apple/automation').permitAll() - .antMatchers(HttpMethod.GET, '/dashboardservice/v5/agents/{agentName}/accounts/{accountName}/accountType/{accountType}/apple/automation').permitAll() - .antMatchers(HttpMethod.POST, '/dashboardservice/v4/datasource/apple/automation').permitAll() - .antMatchers(HttpMethod.GET, '/platformservice/v6/applications/{applicationname}/pipeline/{pipelineName}/reference/{ref}/gates/{gatesName}').permitAll() - .antMatchers(HttpMethod.GET, '/platformservice/v1/applications/{applicationName}/pipelines/{pipelineName}').permitAll() - .antMatchers(HttpMethod.POST, '/dashboardservice/v4/pipelines/{pipelineId}/gates').permitAll() - .antMatchers(HttpMethod.PUT, '/platformservice/v6/usergroups/permissions/users/{username}/resources/{resourceId}').permitAll() - .antMatchers(HttpMethod.PUT, '/visibilityservice/v4/approvalGates/{id}/connector').permitAll() - .antMatchers(HttpMethod.PUT, '/dashboardservice/v4/pipelines/{pipelineId}/gates/{gateId}').permitAll() - .antMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents').permitAll() - .antMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents/').permitAll() - .antMatchers('/health').permitAll() - .antMatchers('/prometheus').permitAll() - .antMatchers('/info').permitAll() - .antMatchers('/metrics').permitAll() - .anyRequest().authenticated() + .authorizeHttpRequests((authz) -> + authz + .requestMatchers("/auth/login").permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/registerCanary').permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/api/v1/registerCanary').permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/api/v2/registerCanary').permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/api/v3/registerCanary').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/canaries/{id}').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/api/v2/autopilot/canaries/{id}').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/api/v1/autopilot/canaries/{id}').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v1/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v2/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v4/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v5/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.GET,'/visibilityservice/v2/approvalGateInstances/{id}/status').permitAll() + .requestMatchers(HttpMethod.GET,'/visibilityservice/v1/approvalGateInstances/{id}/status').permitAll() + .requestMatchers(HttpMethod.PUT,'/visibilityservice/v1/approvalGateInstances/{id}/spinnakerReview').permitAll() + .requestMatchers(HttpMethod.POST,'/oes/echo').permitAll() + .requestMatchers(HttpMethod.POST,'/oes/echo/').permitAll() + .requestMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data').permitAll() + .requestMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data/').permitAll() + .requestMatchers(HttpMethod.POST,'/v1/data/**').permitAll() + .requestMatchers(HttpMethod.POST,'/v1/staticPolicy/eval').permitAll() + .requestMatchers(HttpMethod.POST,'/v1/staticPolicy/eval/').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/mgmt/**').permitAll() + .requestMatchers(HttpMethod.POST,'/datasource/cache/save').permitAll() + .requestMatchers(HttpMethod.DELETE,'/datasource/cache/evict').permitAll() + .requestMatchers('/**/favicon.ico').permitAll() + .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll() + .requestMatchers(PermissionRevokingLogoutSuccessHandler.LOGGED_OUT_URL).permitAll() + .requestMatchers('/plugins/deck/**').permitAll() + .requestMatchers(HttpMethod.POST, '/notifications/callbacks/**').permitAll() + .requestMatchers(HttpMethod.GET, '/oes/accountsConfig/v2/agents/apple/automation').permitAll() + .requestMatchers(HttpMethod.POST, '/oes/accountsConfig/v1/agents/apple/automation').permitAll() + .requestMatchers(HttpMethod.GET, '/oes/accountsConfig/v1/agents/{agentName}/manifest/apple/automation').permitAll() + .requestMatchers(HttpMethod.GET, '/oes/accountsConfig/v2/spinnaker/cloudProviderAccount/apple/automation').permitAll() + .requestMatchers(HttpMethod.GET, '/oes/accountsConfig/v2/spinnaker/cloudProviderAccount/{agentName}/{accountName}/apple/automation').permitAll() + .requestMatchers(HttpMethod.POST, '/oes/accountsConfig/v2/spinnaker/cloudProviderAccount/apple/automation').permitAll() + .requestMatchers(HttpMethod.GET, '/oes/accountsConfig/v3/spinnaker/apple/automation').permitAll() + .requestMatchers(HttpMethod.GET, '/dashboardservice/v4/getAllDatasources/apple/automation').permitAll() + .requestMatchers(HttpMethod.GET, '/dashboardservice/v5/agents/{agentName}/accounts/{accountName}/accountType/{accountType}/apple/automation').permitAll() + .requestMatchers(HttpMethod.POST, '/dashboardservice/v4/datasource/apple/automation').permitAll() + .requestMatchers(HttpMethod.GET, '/platformservice/v6/applications/{applicationname}/pipeline/{pipelineName}/reference/{ref}/gates/{gatesName}').permitAll() + .requestMatchers(HttpMethod.GET, '/platformservice/v1/applications/{applicationName}/pipelines/{pipelineName}').permitAll() + .requestMatchers(HttpMethod.POST, '/dashboardservice/v4/pipelines/{pipelineId}/gates').permitAll() + .requestMatchers(HttpMethod.PUT, '/platformservice/v6/usergroups/permissions/users/{username}/resources/{resourceId}').permitAll() + .requestMatchers(HttpMethod.PUT, '/visibilityservice/v4/approvalGates/{id}/connector').permitAll() + .requestMatchers(HttpMethod.PUT, '/dashboardservice/v4/pipelines/{pipelineId}/gates/{gateId}').permitAll() + .requestMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents').permitAll() + .requestMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents/').permitAll() + .requestMatchers('/health').permitAll() + .requestMatchers('/prometheus').permitAll() + .requestMatchers('/info').permitAll() + .requestMatchers('/metrics').permitAll() + .anyRequest().authenticated()) http.addFilterBefore(jwtRequestFilter, UsernamePasswordAuthenticationFilter.class); }else if(isSpinnakerWebhooksUnauthenticatedAccessEnabled){ http @@ -512,51 +504,52 @@ class AuthConfig { .exceptionHandling() .authenticationEntryPoint(jwtAuthenticationEntryPoint).and().sessionManagement() .sessionCreationPolicy(SessionCreationPolicy.STATELESS).and() - .authorizeRequests() - .antMatchers("/auth/login").permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/registerCanary').permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/api/v1/registerCanary').permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/api/v2/registerCanary').permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/api/v3/registerCanary').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/canaries/{id}').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/api/v2/autopilot/canaries/{id}').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/api/v1/autopilot/canaries/{id}').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v1/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v2/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v4/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v5/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.GET,'/visibilityservice/v2/approvalGateInstances/{id}/status').permitAll() - .antMatchers(HttpMethod.GET,'/visibilityservice/v1/approvalGateInstances/{id}/status').permitAll() - .antMatchers(HttpMethod.PUT,'/visibilityservice/v1/approvalGateInstances/{id}/spinnakerReview').permitAll() - .antMatchers(HttpMethod.GET, '/platformservice/v6/applications/{applicationname}/pipeline/{pipelineName}/reference/{ref}/gates/{gatesName}').permitAll() - .antMatchers(HttpMethod.GET, '/platformservice/v1/applications/{applicationName}/pipelines/{pipelineName}').permitAll() - .antMatchers(HttpMethod.POST, '/dashboardservice/v4/pipelines/{pipelineId}/gates').permitAll() - .antMatchers(HttpMethod.PUT, '/platformservice/v6/usergroups/permissions/users/{username}/resources/{resourceId}').permitAll() - .antMatchers(HttpMethod.PUT, '/visibilityservice/v4/approvalGates/{id}/connector').permitAll() - .antMatchers(HttpMethod.PUT, '/dashboardservice/v4/pipelines/{pipelineId}/gates/{gateId}').permitAll() - .antMatchers(HttpMethod.POST,'/oes/echo').permitAll() - .antMatchers(HttpMethod.POST,'/oes/echo/').permitAll() - .antMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data').permitAll() - .antMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data/').permitAll() - .antMatchers(HttpMethod.POST,'/v1/data/**').permitAll() - .antMatchers(HttpMethod.POST,'/v1/staticPolicy/eval').permitAll() - .antMatchers(HttpMethod.POST,'/v1/staticPolicy/eval/').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/mgmt/**').permitAll() - .antMatchers(HttpMethod.POST,'/datasource/cache/save').permitAll() - .antMatchers(HttpMethod.DELETE,'/datasource/cache/evict').permitAll() - .antMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents').permitAll() - .antMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents/').permitAll() - .antMatchers('/**/favicon.ico').permitAll() - .antMatchers(HttpMethod.OPTIONS, "/**").permitAll() - .antMatchers(PermissionRevokingLogoutSuccessHandler.LOGGED_OUT_URL).permitAll() - .antMatchers('/plugins/deck/**').permitAll() - .antMatchers(HttpMethod.POST, '/webhooks/**').permitAll() - .antMatchers(HttpMethod.POST, '/notifications/callbacks/**').permitAll() - .antMatchers('/health').permitAll() - .antMatchers('/prometheus').permitAll() - .antMatchers('/info').permitAll() - .antMatchers('/metrics').permitAll() - .anyRequest().authenticated() + .authorizeHttpRequests((authz) -> + authz + .requestMatchers("/auth/login").permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/registerCanary').permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/api/v1/registerCanary').permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/api/v2/registerCanary').permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/api/v3/registerCanary').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/canaries/{id}').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/api/v2/autopilot/canaries/{id}').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/api/v1/autopilot/canaries/{id}').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v1/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v2/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v4/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v5/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.GET,'/visibilityservice/v2/approvalGateInstances/{id}/status').permitAll() + .requestMatchers(HttpMethod.GET,'/visibilityservice/v1/approvalGateInstances/{id}/status').permitAll() + .requestMatchers(HttpMethod.PUT,'/visibilityservice/v1/approvalGateInstances/{id}/spinnakerReview').permitAll() + .requestMatchers(HttpMethod.GET, '/platformservice/v6/applications/{applicationname}/pipeline/{pipelineName}/reference/{ref}/gates/{gatesName}').permitAll() + .requestMatchers(HttpMethod.GET, '/platformservice/v1/applications/{applicationName}/pipelines/{pipelineName}').permitAll() + .requestMatchers(HttpMethod.POST, '/dashboardservice/v4/pipelines/{pipelineId}/gates').permitAll() + .requestMatchers(HttpMethod.PUT, '/platformservice/v6/usergroups/permissions/users/{username}/resources/{resourceId}').permitAll() + .requestMatchers(HttpMethod.PUT, '/visibilityservice/v4/approvalGates/{id}/connector').permitAll() + .requestMatchers(HttpMethod.PUT, '/dashboardservice/v4/pipelines/{pipelineId}/gates/{gateId}').permitAll() + .requestMatchers(HttpMethod.POST,'/oes/echo').permitAll() + .requestMatchers(HttpMethod.POST,'/oes/echo/').permitAll() + .requestMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data').permitAll() + .requestMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data/').permitAll() + .requestMatchers(HttpMethod.POST,'/v1/data/**').permitAll() + .requestMatchers(HttpMethod.POST,'/v1/staticPolicy/eval').permitAll() + .requestMatchers(HttpMethod.POST,'/v1/staticPolicy/eval/').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/mgmt/**').permitAll() + .requestMatchers(HttpMethod.POST,'/datasource/cache/save').permitAll() + .requestMatchers(HttpMethod.DELETE,'/datasource/cache/evict').permitAll() + .requestMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents').permitAll() + .requestMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents/').permitAll() + .requestMatchers('/**/favicon.ico').permitAll() + .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll() + .requestMatchers(PermissionRevokingLogoutSuccessHandler.LOGGED_OUT_URL).permitAll() + .requestMatchers('/plugins/deck/**').permitAll() + .requestMatchers(HttpMethod.POST, '/webhooks/**').permitAll() + .requestMatchers(HttpMethod.POST, '/notifications/callbacks/**').permitAll() + .requestMatchers('/health').permitAll() + .requestMatchers('/prometheus').permitAll() + .requestMatchers('/info').permitAll() + .requestMatchers('/metrics').permitAll() + .anyRequest().authenticated()) http.addFilterBefore(jwtRequestFilter, UsernamePasswordAuthenticationFilter.class); }else{ http @@ -567,50 +560,51 @@ class AuthConfig { .exceptionHandling() .authenticationEntryPoint(jwtAuthenticationEntryPoint).and().sessionManagement() .sessionCreationPolicy(SessionCreationPolicy.STATELESS).and() - .authorizeRequests() - .antMatchers("/auth/login").permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/registerCanary').permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/api/v1/registerCanary').permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/api/v2/registerCanary').permitAll() - .antMatchers(HttpMethod.POST,'/autopilot/api/v3/registerCanary').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/canaries/{id}').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/api/v2/autopilot/canaries/{id}').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/api/v1/autopilot/canaries/{id}').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v1/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v2/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v4/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.POST,'/visibilityservice/v5/approvalGates/{id}/trigger').permitAll() - .antMatchers(HttpMethod.GET,'/visibilityservice/v2/approvalGateInstances/{id}/status').permitAll() - .antMatchers(HttpMethod.GET,'/visibilityservice/v1/approvalGateInstances/{id}/status').permitAll() - .antMatchers(HttpMethod.PUT,'/visibilityservice/v1/approvalGateInstances/{id}/spinnakerReview').permitAll() - .antMatchers(HttpMethod.GET, '/platformservice/v6/applications/{applicationname}/pipeline/{pipelineName}/reference/{ref}/gates/{gatesName}').permitAll() - .antMatchers(HttpMethod.GET, '/platformservice/v1/applications/{applicationName}/pipelines/{pipelineName}').permitAll() - .antMatchers(HttpMethod.POST, '/dashboardservice/v4/pipelines/{pipelineId}/gates').permitAll() - .antMatchers(HttpMethod.PUT, '/platformservice/v6/usergroups/permissions/users/{username}/resources/{resourceId}').permitAll() - .antMatchers(HttpMethod.PUT, '/visibilityservice/v4/approvalGates/{id}/connector').permitAll() - .antMatchers(HttpMethod.PUT, '/dashboardservice/v4/pipelines/{pipelineId}/gates/{gateId}').permitAll() - .antMatchers(HttpMethod.POST,'/oes/echo').permitAll() - .antMatchers(HttpMethod.POST,'/oes/echo/').permitAll() - .antMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data').permitAll() - .antMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data/').permitAll() - .antMatchers(HttpMethod.POST,'/v1/data/**').permitAll() - .antMatchers(HttpMethod.POST,'/v1/staticPolicy/eval').permitAll() - .antMatchers(HttpMethod.POST,'/v1/staticPolicy/eval/').permitAll() - .antMatchers(HttpMethod.GET,'/autopilot/mgmt/**').permitAll() - .antMatchers(HttpMethod.POST,'/datasource/cache/save').permitAll() - .antMatchers(HttpMethod.DELETE,'/datasource/cache/evict').permitAll() - .antMatchers('/**/favicon.ico').permitAll() - .antMatchers(HttpMethod.OPTIONS, "/**").permitAll() - .antMatchers(PermissionRevokingLogoutSuccessHandler.LOGGED_OUT_URL).permitAll() - .antMatchers('/plugins/deck/**').permitAll() - .antMatchers(HttpMethod.POST, '/notifications/callbacks/**').permitAll() - .antMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents').permitAll() - .antMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents/').permitAll() - .antMatchers('/health').permitAll() - .antMatchers('/prometheus').permitAll() - .antMatchers('/info').permitAll() - .antMatchers('/metrics').permitAll() - .anyRequest().authenticated() + .authorizeHttpRequests((authz) -> + authz + .requestMatchers("/auth/login").permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/registerCanary').permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/api/v1/registerCanary').permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/api/v2/registerCanary').permitAll() + .requestMatchers(HttpMethod.POST,'/autopilot/api/v3/registerCanary').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/canaries/{id}').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/api/v2/autopilot/canaries/{id}').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/api/v1/autopilot/canaries/{id}').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v1/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v2/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v4/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.POST,'/visibilityservice/v5/approvalGates/{id}/trigger').permitAll() + .requestMatchers(HttpMethod.GET,'/visibilityservice/v2/approvalGateInstances/{id}/status').permitAll() + .requestMatchers(HttpMethod.GET,'/visibilityservice/v1/approvalGateInstances/{id}/status').permitAll() + .requestMatchers(HttpMethod.PUT,'/visibilityservice/v1/approvalGateInstances/{id}/spinnakerReview').permitAll() + .requestMatchers(HttpMethod.GET, '/platformservice/v6/applications/{applicationname}/pipeline/{pipelineName}/reference/{ref}/gates/{gatesName}').permitAll() + .requestMatchers(HttpMethod.GET, '/platformservice/v1/applications/{applicationName}/pipelines/{pipelineName}').permitAll() + .requestMatchers(HttpMethod.POST, '/dashboardservice/v4/pipelines/{pipelineId}/gates').permitAll() + .requestMatchers(HttpMethod.PUT, '/platformservice/v6/usergroups/permissions/users/{username}/resources/{resourceId}').permitAll() + .requestMatchers(HttpMethod.PUT, '/visibilityservice/v4/approvalGates/{id}/connector').permitAll() + .requestMatchers(HttpMethod.PUT, '/dashboardservice/v4/pipelines/{pipelineId}/gates/{gateId}').permitAll() + .requestMatchers(HttpMethod.POST,'/oes/echo').permitAll() + .requestMatchers(HttpMethod.POST,'/oes/echo/').permitAll() + .requestMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data').permitAll() + .requestMatchers(HttpMethod.POST,'/auditservice/v1/echo/events/data/').permitAll() + .requestMatchers(HttpMethod.POST,'/v1/data/**').permitAll() + .requestMatchers(HttpMethod.POST,'/v1/staticPolicy/eval').permitAll() + .requestMatchers(HttpMethod.POST,'/v1/staticPolicy/eval/').permitAll() + .requestMatchers(HttpMethod.GET,'/autopilot/mgmt/**').permitAll() + .requestMatchers(HttpMethod.POST,'/datasource/cache/save').permitAll() + .requestMatchers(HttpMethod.DELETE,'/datasource/cache/evict').permitAll() + .requestMatchers('/**/favicon.ico').permitAll() + .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll() + .requestMatchers(PermissionRevokingLogoutSuccessHandler.LOGGED_OUT_URL).permitAll() + .requestMatchers('/plugins/deck/**').permitAll() + .requestMatchers(HttpMethod.POST, '/notifications/callbacks/**').permitAll() + .requestMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents').permitAll() + .requestMatchers(HttpMethod.POST, '/ssdservice/v1/spinnakerevents/').permitAll() + .requestMatchers('/health').permitAll() + .requestMatchers('/prometheus').permitAll() + .requestMatchers('/info').permitAll() + .requestMatchers('/metrics').permitAll() + .anyRequest().authenticated()) http.addFilterBefore(jwtRequestFilter, UsernamePasswordAuthenticationFilter.class); } } diff --git a/gate-core/src/main/groovy/com/netflix/spinnaker/gate/filters/CorsFilter.groovy b/gate-core/src/main/groovy/com/netflix/spinnaker/gate/filters/CorsFilter.groovy index 67c1ab4cfd..358c09286e 100644 --- a/gate-core/src/main/groovy/com/netflix/spinnaker/gate/filters/CorsFilter.groovy +++ b/gate-core/src/main/groovy/com/netflix/spinnaker/gate/filters/CorsFilter.groovy @@ -20,14 +20,14 @@ import com.netflix.spinnaker.gate.config.Headers import groovy.util.logging.Slf4j import net.logstash.logback.argument.StructuredArguments -import javax.servlet.Filter -import javax.servlet.FilterChain -import javax.servlet.FilterConfig -import javax.servlet.ServletException -import javax.servlet.ServletRequest -import javax.servlet.ServletResponse -import javax.servlet.http.HttpServletRequest -import javax.servlet.http.HttpServletResponse +import jakarta.servlet.Filter +import jakarta.servlet.FilterChain +import jakarta.servlet.FilterConfig +import jakarta.servlet.ServletException +import jakarta.servlet.ServletRequest +import jakarta.servlet.ServletResponse +import jakarta.servlet.http.HttpServletRequest +import jakarta.servlet.http.HttpServletResponse @Slf4j class CorsFilter implements Filter { diff --git a/gate-core/src/main/groovy/com/netflix/spinnaker/gate/filters/FiatSessionFilter.groovy b/gate-core/src/main/groovy/com/netflix/spinnaker/gate/filters/FiatSessionFilter.groovy index 7e07baa48b..470c706e99 100644 --- a/gate-core/src/main/groovy/com/netflix/spinnaker/gate/filters/FiatSessionFilter.groovy +++ b/gate-core/src/main/groovy/com/netflix/spinnaker/gate/filters/FiatSessionFilter.groovy @@ -23,14 +23,14 @@ import com.netflix.spinnaker.security.AuthenticatedRequest import groovy.util.logging.Slf4j import org.springframework.security.core.context.SecurityContextHolder -import javax.servlet.Filter -import javax.servlet.FilterChain -import javax.servlet.FilterConfig -import javax.servlet.ServletException -import javax.servlet.ServletRequest -import javax.servlet.ServletResponse -import javax.servlet.http.HttpServletRequest -import javax.servlet.http.HttpSession +import jakarta.servlet.Filter +import jakarta.servlet.FilterChain +import jakarta.servlet.FilterConfig +import jakarta.servlet.ServletException +import jakarta.servlet.ServletRequest +import jakarta.servlet.ServletResponse +import jakarta.servlet.http.HttpServletRequest +import jakarta.servlet.http.HttpSession import static net.logstash.logback.argument.StructuredArguments.value diff --git a/gate-core/src/main/groovy/com/netflix/spinnaker/gate/security/RequestIdentityExtractor.java b/gate-core/src/main/groovy/com/netflix/spinnaker/gate/security/RequestIdentityExtractor.java index a8ef2874d3..bf2a0b4f15 100644 --- a/gate-core/src/main/groovy/com/netflix/spinnaker/gate/security/RequestIdentityExtractor.java +++ b/gate-core/src/main/groovy/com/netflix/spinnaker/gate/security/RequestIdentityExtractor.java @@ -1,6 +1,6 @@ package com.netflix.spinnaker.gate.security; -import javax.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletRequest; /** * An interface for inspecting an HttpRequest during filter processing where full authentication may diff --git a/gate-core/src/main/groovy/com/netflix/spinnaker/gate/security/SpringSecurityAnnotationConfig.groovy b/gate-core/src/main/groovy/com/netflix/spinnaker/gate/security/SpringSecurityAnnotationConfig.groovy index 70e8d5fe0a..bc8e4b033f 100644 --- a/gate-core/src/main/groovy/com/netflix/spinnaker/gate/security/SpringSecurityAnnotationConfig.groovy +++ b/gate-core/src/main/groovy/com/netflix/spinnaker/gate/security/SpringSecurityAnnotationConfig.groovy @@ -18,10 +18,10 @@ package com.netflix.spinnaker.gate.security import org.springframework.boot.autoconfigure.condition.ConditionalOnBean import org.springframework.context.annotation.Configuration -import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity +import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity @Configuration -@EnableGlobalMethodSecurity(prePostEnabled = true) +@EnableMethodSecurity @ConditionalOnBean(annotation = SpinnakerAuthConfig.class) class SpringSecurityAnnotationConfig { } diff --git a/gate-core/src/main/groovy/com/netflix/spinnaker/gate/security/anonymous/AnonymousConfig.groovy b/gate-core/src/main/groovy/com/netflix/spinnaker/gate/security/anonymous/AnonymousConfig.groovy index 3e073e32ac..461e009546 100644 --- a/gate-core/src/main/groovy/com/netflix/spinnaker/gate/security/anonymous/AnonymousConfig.groovy +++ b/gate-core/src/main/groovy/com/netflix/spinnaker/gate/security/anonymous/AnonymousConfig.groovy @@ -21,19 +21,18 @@ import com.netflix.spinnaker.gate.security.SpinnakerAuthConfig import com.netflix.spinnaker.gate.services.CredentialsService import com.netflix.spinnaker.security.User import groovy.util.logging.Slf4j -import org.apache.commons.lang3.exception.ExceptionUtils import org.springframework.beans.factory.annotation.Autowired import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean +import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Configuration import org.springframework.core.Ordered import org.springframework.core.annotation.Order import org.springframework.scheduling.annotation.Scheduled import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter +import org.springframework.security.web.SecurityFilterChain import java.util.concurrent.CopyOnWriteArrayList - /** * Requires auth.anonymous.enabled to be true in Fiat configs to work properly. This * is because anonymous users are a special permissions case, because the "user" doesn't actually @@ -44,7 +43,7 @@ import java.util.concurrent.CopyOnWriteArrayList @Slf4j @EnableWebSecurity @Order(Ordered.LOWEST_PRECEDENCE) -class AnonymousConfig extends WebSecurityConfigurerAdapter { +class AnonymousConfig { static String key = "spinnaker-anonymous" static String defaultEmail = "anonymous" @@ -56,18 +55,19 @@ class AnonymousConfig extends WebSecurityConfigurerAdapter { List anonymousAllowedAccounts = new CopyOnWriteArrayList<>() - void configure(HttpSecurity http) { + @Bean + SecurityFilterChain configure(HttpSecurity http) throws Exception { updateAnonymousAccounts() // Not using the ImmutableUser version in order to update allowedAccounts. def principal = new User(email: defaultEmail, allowedAccounts: anonymousAllowedAccounts) http .anonymous() - .key(key) - .principal(principal) - .and() + .key(key) + .principal(principal) + .and() .csrf() - .disable() + .disable() as SecurityFilterChain } @Scheduled(fixedDelay = 60000L) diff --git a/gate-core/src/main/groovy/com/netflix/spinnaker/gate/services/ServiceAccountFilterConfigProps.java b/gate-core/src/main/groovy/com/netflix/spinnaker/gate/services/ServiceAccountFilterConfigProps.java index a5aec0f3e4..31e6dd24ed 100644 --- a/gate-core/src/main/groovy/com/netflix/spinnaker/gate/services/ServiceAccountFilterConfigProps.java +++ b/gate-core/src/main/groovy/com/netflix/spinnaker/gate/services/ServiceAccountFilterConfigProps.java @@ -19,7 +19,6 @@ import com.netflix.spinnaker.fiat.model.Authorization; import java.util.*; import org.springframework.boot.context.properties.ConfigurationProperties; -import org.springframework.boot.context.properties.ConstructorBinding; @ConfigurationProperties("fiat.service-accounts.filter") public class ServiceAccountFilterConfigProps { @@ -29,7 +28,6 @@ public class ServiceAccountFilterConfigProps { private final boolean enabled; private final Set matchAuthorizations; - @ConstructorBinding public ServiceAccountFilterConfigProps(Boolean enabled, List matchAuthorizations) { this.enabled = enabled == null ? true : enabled; if (matchAuthorizations == null) { diff --git a/gate-core/src/main/java/com/netflix/spinnaker/gate/config/JwtAuthenticationEntryPoint.java b/gate-core/src/main/java/com/netflix/spinnaker/gate/config/JwtAuthenticationEntryPoint.java index e239ebe31d..4b726a385e 100644 --- a/gate-core/src/main/java/com/netflix/spinnaker/gate/config/JwtAuthenticationEntryPoint.java +++ b/gate-core/src/main/java/com/netflix/spinnaker/gate/config/JwtAuthenticationEntryPoint.java @@ -1,9 +1,9 @@ package com.netflix.spinnaker.gate.config; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import java.io.IOException; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import org.springframework.security.core.AuthenticationException; import org.springframework.security.web.AuthenticationEntryPoint; import org.springframework.stereotype.Component; diff --git a/gate-core/src/main/java/com/netflix/spinnaker/gate/config/JwtRequestFilter.java b/gate-core/src/main/java/com/netflix/spinnaker/gate/config/JwtRequestFilter.java index 87110e689e..976acbe2a5 100644 --- a/gate-core/src/main/java/com/netflix/spinnaker/gate/config/JwtRequestFilter.java +++ b/gate-core/src/main/java/com/netflix/spinnaker/gate/config/JwtRequestFilter.java @@ -5,11 +5,11 @@ import io.jsonwebtoken.MalformedJwtException; import io.jsonwebtoken.SignatureException; import io.jsonwebtoken.UnsupportedJwtException; +import jakarta.servlet.FilterChain; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import java.io.IOException; -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.context.SecurityContextHolder; diff --git a/gate-core/src/main/java/com/netflix/spinnaker/gate/services/TaskService.java b/gate-core/src/main/java/com/netflix/spinnaker/gate/services/TaskService.java index 275bd48f37..e9ace4bb08 100644 --- a/gate-core/src/main/java/com/netflix/spinnaker/gate/services/TaskService.java +++ b/gate-core/src/main/java/com/netflix/spinnaker/gate/services/TaskService.java @@ -141,7 +141,9 @@ public Map createAndWaitForCompletion(Map body) { taskServiceProperties.getDefaultIntervalBetweenPolls()); } - /** @deprecated This pipeline operation does not belong here. */ + /** + * @deprecated This pipeline operation does not belong here. + */ @Deprecated public Map cancelPipeline(final String id, final String reason) { return getOrcaServiceSelector().select().cancelPipeline(id, reason, false, ""); diff --git a/gate-core/src/main/java/com/netflix/spinnaker/gate/services/internal/Front50Service.java b/gate-core/src/main/java/com/netflix/spinnaker/gate/services/internal/Front50Service.java index b6c9cf1782..0481213b4a 100644 --- a/gate-core/src/main/java/com/netflix/spinnaker/gate/services/internal/Front50Service.java +++ b/gate-core/src/main/java/com/netflix/spinnaker/gate/services/internal/Front50Service.java @@ -25,124 +25,122 @@ public interface Front50Service { @GET("/credentials") - public abstract List getCredentials(); + List getCredentials(); @GET("/v2/applications?restricted=false") - public abstract List getAllApplicationsUnrestricted(); + List getAllApplicationsUnrestricted(); @GET("/v2/applications/{applicationName}") - public abstract Map getApplication(@Path("applicationName") String applicationName); + Map getApplication(@Path("applicationName") String applicationName); @GET("/v2/applications/{applicationName}/history") - public abstract List getApplicationHistory( + List getApplicationHistory( @Path("applicationName") String applicationName, @Query("limit") int limit); @GET("/pipelines") - public abstract List getAllPipelineConfigs(); + List getAllPipelineConfigs(); @GET("/pipelines/{app}") - public abstract List getPipelineConfigsForApplication( + List getPipelineConfigsForApplication( @Path("app") String app, @Query("refresh") boolean refresh); @DELETE("/pipelines/{app}/{name}") - public abstract Response deletePipelineConfig(@Path("app") String app, @Path("name") String name); + Response deletePipelineConfig(@Path("app") String app, @Path("name") String name); @POST("/pipelines") - public abstract Response savePipelineConfig(@Body Map pipelineConfig); + Response savePipelineConfig(@Body Map pipelineConfig); @POST("/pipelines/move") - public abstract Response movePipelineConfig(@Body Map moveCommand); + Response movePipelineConfig(@Body Map moveCommand); @GET("/pipelines/{pipelineConfigId}/history") - public abstract List getPipelineConfigHistory( + List getPipelineConfigHistory( @Path("pipelineConfigId") String pipelineConfigId, @Query("limit") int limit); @PUT("/pipelines/{pipelineId}") - public abstract Map updatePipeline(@Path("pipelineId") String pipelineId, @Body Map pipeline); + Map updatePipeline(@Path("pipelineId") String pipelineId, @Body Map pipeline); @GET("/strategies") - public abstract List getAllStrategyConfigs(); + List getAllStrategyConfigs(); @GET("/strategies/{app}") - public abstract List getStrategyConfigs(@Path("app") String app); + List getStrategyConfigs(@Path("app") String app); @DELETE("/strategies/{app}/{name}") - public abstract Response deleteStrategyConfig(@Path("app") String app, @Path("name") String name); + Response deleteStrategyConfig(@Path("app") String app, @Path("name") String name); @POST("/strategies") - public abstract Response saveStrategyConfig(@Body Map strategyConfig); + Response saveStrategyConfig(@Body Map strategyConfig); @POST("/strategies/move") - public abstract Response moveStrategyConfig(@Body Map moveCommand); + Response moveStrategyConfig(@Body Map moveCommand); @GET("/strategies/{strategyConfigId}/history") - public abstract List getStrategyConfigHistory( + List getStrategyConfigHistory( @Path("strategyConfigId") String strategyConfigId, @Query("limit") int limit); @PUT("/strategies/{strategyId}") - public abstract Map updateStrategy(@Path("strategyId") String strategyId, @Body Map strategy); + Map updateStrategy(@Path("strategyId") String strategyId, @Body Map strategy); @GET("/pipelineTemplates") - public abstract List getPipelineTemplates(@Query("scopes") String... scopes); + List getPipelineTemplates(@Query("scopes") String... scopes); @GET("/pipelineTemplates/{pipelineTemplateId}") - public abstract Map getPipelineTemplate(@Path("pipelineTemplateId") String pipelineTemplateId); + Map getPipelineTemplate(@Path("pipelineTemplateId") String pipelineTemplateId); @GET("/pipelineTemplates/{pipelineTemplateId}/dependentPipelines") - public abstract List> getPipelineTemplateDependents( + List> getPipelineTemplateDependents( @Path("pipelineTemplateId") String pipelineTemplateId, @Query("recursive") boolean recursive); @GET("/v2/pipelineTemplates/{pipelineTemplateId}") - public abstract Map getV2PipelineTemplate( + Map getV2PipelineTemplate( @Path("pipelineTemplateId") String pipelineTemplateId, @Query("tag") String tag, @Query("digest") String digest); @GET("/v2/pipelineTemplates") - public abstract List getV2PipelineTemplates(@Query("scopes") String... scopes); + List getV2PipelineTemplates(@Query("scopes") String... scopes); @GET("/v2/pipelineTemplates/versions") - public abstract Map> getV2PipelineTemplatesVersions( - @Query("scopes") String... scopes); + Map> getV2PipelineTemplatesVersions(@Query("scopes") String... scopes); @GET("/v2/pipelineTemplates/{pipelineTemplateId}/dependentPipelines") - public abstract List> getV2PipelineTemplateDependents( + List> getV2PipelineTemplateDependents( @Path("pipelineTemplateId") String pipelineTemplateId); @GET("/notifications/{type}/{app}") - public abstract Map getNotificationConfigs(@Path("type") String type, @Path("app") String app); + Map getNotificationConfigs(@Path("type") String type, @Path("app") String app); @DELETE("/notifications/{type}/{app}") - public abstract Response deleteNotificationConfig( - @Path("type") String type, @Path("app") String app); + Response deleteNotificationConfig(@Path("type") String type, @Path("app") String app); @POST("/notifications/{type}/{app}") - public abstract Response saveNotificationConfig( + Response saveNotificationConfig( @Path("type") String type, @Path("app") String app, @Body Map notificationConfig); @GET("/v2/projects") - public abstract List getAllProjects(); + List getAllProjects(); @GET("/v2/projects/{projectId}") - public abstract Map getProject(@Path("projectId") String projectId); + Map getProject(@Path("projectId") String projectId); @GET("/snapshots/{id}") - public abstract Map getCurrentSnapshot(@Path("id") String id); + Map getCurrentSnapshot(@Path("id") String id); @GET("/snapshots/{id}/history") - public abstract List getSnapshotHistory(@Path("id") String id, @Query("limit") int limit); + List getSnapshotHistory(@Path("id") String id, @Query("limit") int limit); @GET("/serviceAccounts") - public abstract List getServiceAccounts(); + List getServiceAccounts(); @GET("/deliveries") - public abstract List getDeliveries(); + List getDeliveries(); @GET("/deliveries/{id}") - public abstract Map getDelivery(@Path("id") String id); + Map getDelivery(@Path("id") String id); @GET("/pluginInfo") - public abstract List getPluginInfo(@Query("service") String service); + List getPluginInfo(@Query("service") String service); @GET("/installedPlugins") List getInstalledPlugins(); diff --git a/gate-core/src/test/groovy/com/netflix/spinnaker/gate/config/AuthConfigTest.groovy b/gate-core/src/test/groovy/com/netflix/spinnaker/gate/config/AuthConfigTest.groovy index 052ae29669..d81155fe71 100644 --- a/gate-core/src/test/groovy/com/netflix/spinnaker/gate/config/AuthConfigTest.groovy +++ b/gate-core/src/test/groovy/com/netflix/spinnaker/gate/config/AuthConfigTest.groovy @@ -19,6 +19,8 @@ import com.netflix.spinnaker.fiat.shared.FiatClientConfigurationProperties import com.netflix.spinnaker.fiat.shared.FiatPermissionEvaluator import com.netflix.spinnaker.fiat.shared.FiatStatus import org.springframework.boot.autoconfigure.security.SecurityProperties +import org.springframework.context.ApplicationContext +import org.springframework.context.support.GenericApplicationContext import org.springframework.security.config.annotation.ObjectPostProcessor import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder import org.springframework.security.config.annotation.web.builders.HttpSecurity @@ -27,6 +29,9 @@ import spock.lang.Specification import java.util.stream.Collectors class AuthConfigTest extends Specification { + + private GenericApplicationContext context = new GenericApplicationContext() + @SuppressWarnings("GroovyAccessibility") def "test webhooks are unauthenticated by default"() { given: @@ -47,13 +52,14 @@ class AuthConfigTest extends Specification { def httpSecurity = new HttpSecurity( Mock(ObjectPostProcessor), Mock(AuthenticationManagerBuilder), - new HashMap>() + getSharedObjects() ) when: authConfig.configure(httpSecurity) then: + //noinspection GrDeprecatedAPIUsage def filtered = httpSecurity.authorizeRequests().getUrlMappings() .stream() .filter({ it -> it.requestMatcher.getPattern() == "/webhooks/**" }) @@ -85,7 +91,7 @@ class AuthConfigTest extends Specification { def httpSecurity = new HttpSecurity( Mock(ObjectPostProcessor), Mock(AuthenticationManagerBuilder), - new HashMap>() + getSharedObjects() ) when: @@ -101,4 +107,11 @@ class AuthConfigTest extends Specification { .collect(Collectors.toList()) filtered.size() == 1 } + + private HashMap, Object> getSharedObjects(){ + HashMap map = new HashMap, Object>() + context.refresh() + map.put(ApplicationContext.class, context) + return map; + } } diff --git a/gate-core/src/test/java/com/netflix/spinnaker/gate/services/TaskServiceTest.java b/gate-core/src/test/java/com/netflix/spinnaker/gate/services/TaskServiceTest.java index 3e7e21bddd..abea6919be 100644 --- a/gate-core/src/test/java/com/netflix/spinnaker/gate/services/TaskServiceTest.java +++ b/gate-core/src/test/java/com/netflix/spinnaker/gate/services/TaskServiceTest.java @@ -23,14 +23,11 @@ import com.netflix.spinnaker.gate.services.internal.OrcaServiceSelector; import java.util.LinkedHashMap; import java.util.Map; -import org.junit.Test; -import org.junit.runner.RunWith; +import org.junit.jupiter.api.Test; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.test.context.SpringBootTest; import org.springframework.boot.test.mock.mockito.MockBean; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -@RunWith(SpringJUnit4ClassRunner.class) @SpringBootTest(classes = {TaskService.class, TaskServiceProperties.class}) public class TaskServiceTest { diff --git a/gate-file/src/main/groovy/com/netflix/spinnaker/gate/security/file/FileSsoConfig.groovy b/gate-file/src/main/groovy/com/netflix/spinnaker/gate/security/file/FileSsoConfig.groovy index 0043a801f4..87fd932d3a 100644 --- a/gate-file/src/main/groovy/com/netflix/spinnaker/gate/security/file/FileSsoConfig.groovy +++ b/gate-file/src/main/groovy/com/netflix/spinnaker/gate/security/file/FileSsoConfig.groovy @@ -6,12 +6,10 @@ import org.springframework.beans.factory.annotation.Autowired import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Configuration -import org.springframework.security.authentication.AuthenticationManager import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.WebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.core.userdetails.UserDetailsService import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder import org.springframework.security.crypto.password.PasswordEncoder @@ -20,7 +18,7 @@ import org.springframework.security.crypto.password.PasswordEncoder @Configuration @SpinnakerAuthConfig @EnableWebSecurity -class FileSsoConfig extends WebSecurityConfigurerAdapter { +class FileSsoConfig { @Autowired AuthConfig authConfig @@ -38,17 +36,14 @@ class FileSsoConfig extends WebSecurityConfigurerAdapter { return new BCryptPasswordEncoder(); } - @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.getDefaultUserDetailsService() } - @Override protected void configure(HttpSecurity http) throws Exception { authConfig.jwtconfigure(http) } - @Override void configure(WebSecurity web) throws Exception { authConfig.configure(web) } diff --git a/gate-iap/gate-iap.gradle b/gate-iap/gate-iap.gradle index a2fe1bd8d2..25ea2b05c2 100644 --- a/gate-iap/gate-iap.gradle +++ b/gate-iap/gate-iap.gradle @@ -1,6 +1,6 @@ dependencies { implementation project(":gate-core") - implementation 'com.nimbusds:nimbus-jose-jwt' + implementation 'com.nimbusds:nimbus-jose-jwt:+' implementation "com.github.ben-manes.caffeine:guava" implementation "io.spinnaker.kork:kork-security" implementation "io.spinnaker.fiat:fiat-api:$fiatVersion" diff --git a/gate-iap/src/main/java/com/netflix/spinnaker/gate/security/iap/IapAuthenticationFilter.java b/gate-iap/src/main/java/com/netflix/spinnaker/gate/security/iap/IapAuthenticationFilter.java index 8df3910bf5..940b14c979 100644 --- a/gate-iap/src/main/java/com/netflix/spinnaker/gate/security/iap/IapAuthenticationFilter.java +++ b/gate-iap/src/main/java/com/netflix/spinnaker/gate/security/iap/IapAuthenticationFilter.java @@ -31,6 +31,11 @@ import com.nimbusds.jose.util.Base64URL; import com.nimbusds.jwt.JWTClaimsSet; import com.nimbusds.jwt.SignedJWT; +import jakarta.servlet.FilterChain; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpSession; import java.io.IOException; import java.net.URL; import java.security.interfaces.ECPublicKey; @@ -40,11 +45,6 @@ import java.util.HashMap; import java.util.List; import java.util.Map; -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; import lombok.extern.slf4j.Slf4j; import org.springframework.scheduling.annotation.Scheduled; import org.springframework.security.core.context.SecurityContextHolder; diff --git a/gate-iap/src/main/java/com/netflix/spinnaker/gate/security/iap/IapSsoConfig.java b/gate-iap/src/main/java/com/netflix/spinnaker/gate/security/iap/IapSsoConfig.java index 1385a6da8c..3f9f333bb1 100644 --- a/gate-iap/src/main/java/com/netflix/spinnaker/gate/security/iap/IapSsoConfig.java +++ b/gate-iap/src/main/java/com/netflix/spinnaker/gate/security/iap/IapSsoConfig.java @@ -34,7 +34,6 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.web.authentication.www.BasicAuthenticationFilter; /** @@ -47,7 +46,7 @@ @EnableWebSecurity @ConditionalOnExpression("${google.iap.enabled:false}") @EnableConfigurationProperties(IapSecurityConfigProperties.class) -public class IapSsoConfig extends WebSecurityConfigurerAdapter { +public class IapSsoConfig { @Autowired AuthConfig authConfig; @@ -81,7 +80,6 @@ public static class IapSecurityConfigProperties { long expirationTimeAllowedSkew = 30000L; } - @Override public void configure(HttpSecurity http) throws Exception { log.info("IAP JWT token verification is enabled."); @@ -102,7 +100,6 @@ public void configure(HttpSecurity http) throws Exception { http.addFilterBefore(iapAuthenticationFilter(), BasicAuthenticationFilter.class); } - @Override public void configure(WebSecurity web) throws Exception { authConfig.configure(web); } diff --git a/gate-iap/src/test/groovy/com/netflix/spinnaker/gate/security/iap/IapAuthenticationFilterSpec.groovy b/gate-iap/src/test/groovy/com/netflix/spinnaker/gate/security/iap/IapAuthenticationFilterSpec.groovy index 90cbb5137b..5e9e6d4f1b 100644 --- a/gate-iap/src/test/groovy/com/netflix/spinnaker/gate/security/iap/IapAuthenticationFilterSpec.groovy +++ b/gate-iap/src/test/groovy/com/netflix/spinnaker/gate/security/iap/IapAuthenticationFilterSpec.groovy @@ -33,7 +33,7 @@ import spock.lang.Specification import spock.lang.Subject import spock.lang.Unroll -import javax.servlet.FilterChain +import jakarta.servlet.FilterChain import java.security.KeyPair import java.security.KeyPairGenerator import java.security.interfaces.ECPrivateKey diff --git a/gate-integrations-gremlin/gate-integrations-gremlin.gradle b/gate-integrations-gremlin/gate-integrations-gremlin.gradle index 24d9d5e98d..6a31ea42cd 100644 --- a/gate-integrations-gremlin/gate-integrations-gremlin.gradle +++ b/gate-integrations-gremlin/gate-integrations-gremlin.gradle @@ -5,6 +5,6 @@ dependencies { implementation "com.netflix.spectator:spectator-api" implementation "com.squareup.okhttp3:okhttp" implementation "com.squareup.retrofit:retrofit" - implementation "com.squareup.retrofit:converter-jackson" + implementation "com.squareup.retrofit:converter-jackson:1.9.0" implementation "com.jakewharton.retrofit:retrofit1-okhttp3-client:1.1.0" } diff --git a/gate-integrations-gremlin/src/main/java/com/netflix/spinnaker/gate/controllers/gremlin/GremlinController.java b/gate-integrations-gremlin/src/main/java/com/netflix/spinnaker/gate/controllers/gremlin/GremlinController.java index 74cb251e4e..897a688d3d 100644 --- a/gate-integrations-gremlin/src/main/java/com/netflix/spinnaker/gate/controllers/gremlin/GremlinController.java +++ b/gate-integrations-gremlin/src/main/java/com/netflix/spinnaker/gate/controllers/gremlin/GremlinController.java @@ -1,7 +1,7 @@ package com.netflix.spinnaker.gate.controllers.gremlin; import com.netflix.spinnaker.gate.services.gremlin.GremlinService; -import io.swagger.annotations.ApiOperation; +import io.swagger.v3.oas.annotations.Operation; import java.util.List; import java.util.Map; import org.springframework.beans.factory.annotation.Autowired; @@ -24,14 +24,14 @@ public GremlinController(GremlinService gremlinService) { this.gremlinService = gremlinService; } - @ApiOperation(value = "Retrieve a list of gremlin command templates") + @Operation(summary = "Retrieve a list of gremlin command templates") @RequestMapping(value = "/templates/command", method = RequestMethod.POST) List listCommandTemplates(@RequestBody(required = true) Map apiKeyMap) { String apiKeyValue = (String) apiKeyMap.get(APIKEY_KEY); return gremlinService.getCommandTemplates("Key " + apiKeyValue); } - @ApiOperation(value = "Retrieve a list of gremlin target templates") + @Operation(summary = "Retrieve a list of gremlin target templates") @RequestMapping(value = "/templates/target", method = RequestMethod.POST) List listTargetTemplates(@RequestBody(required = true) Map apiKeyMap) { String apiKeyValue = (String) apiKeyMap.get(APIKEY_KEY); diff --git a/gate-jenkins-script.sh b/gate-jenkins-script.sh index 01d91d37d4..03ded67e00 100644 --- a/gate-jenkins-script.sh +++ b/gate-jenkins-script.sh @@ -1,5 +1,5 @@ #!/bin/sh -export JAVA_HOME=/usr/lib/jvm/java-11-openjdk-amd64 +export JAVA_HOME=/usr/lib/jvm/java-17-openjdk-amd64 export PATH=$PATH:$JAVA_HOME #export GITHASH=`git rev-parse HEAD` @@ -18,21 +18,21 @@ echo ${CUSTOMPLUGIN_RELEASEVERSION} echo $JAVA_HOME - + git checkout master cp -R docker_build /tmp/docker_build - + cp -R jaeger /tmp/jaeger - + git checkout tags/${TAGNAME} - + cp -R /tmp/docker_build docker_build - + cp -R /tmp/jaeger jaeger - - + + # Build OES-GATE @@ -58,35 +58,35 @@ sh -c "echo gate service building..." case "${REGISTRY_USERNAME}" in opsmx11) echo "Pushing to DEVELOPMENT docker repo: ${DOCKER_HUB_USERNAME}" - + IMAGENAME="opsmx11/gate:${TAGNAME}" - + echo "Image Name:" $IMAGENAME - - + + # sudo docker build --build-arg CUSTOMPLUGIN_RELEASEVERSION=${CUSTOMPLUGIN_RELEASEVERSION} -t $IMAGENAME -f Dockerfile.rhel8-ubi8 . sudo docker build --no-cache --build-arg CUSTOMPLUGIN_RELEASEVERSION=${CUSTOMPLUGIN_RELEASEVERSION} -t $IMAGENAME -f docker_build/Dockerfile.rhel8-ubi8 . # sudo docker images ${IMAGENAME} - + # Push the image sudo docker login --username ${REGISTRY_USERNAME} --password ${REGISTRY_PASSWORD} sudo docker push $IMAGENAME - ;; + ;; ksrinimba) echo "Pushing to CUSTOMER PRODUCTION quay repo: ${REGISTRY_USERNAME}" IMAGENAME="quay.io/opsmxpublic/ubi8-gate:${TAGNAME}" - + sudo docker build --build-arg CUSTOMPLUGIN_RELEASEVERSION=${CUSTOMPLUGIN_RELEASEVERSION} -t ${IMAGENAME} -f docker_build/Dockerfile.rhel8-ubi8 . #sudo docker images ${IMAGENAME} - - # Push the image to quay + + # Push the image to quay sudo docker login quay.io --username ${REGISTRY_USERNAME} --password ${REGISTRY_PASSWORD} sudo docker push ${IMAGENAME} ;; - + *) echo "Cannot determine repository from credentials: username = ${REGISTRY_USERNAME}" exit 1 esac echo "Buildnumber": "${IMAGENAME}" > file.properties -echo "Gitcommitid": "$GIT_COMMIT_REV" >> file.properties \ No newline at end of file +echo "Gitcommitid": "$GIT_COMMIT_REV" >> file.properties diff --git a/gate-ldap/src/main/groovy/com/netflix/spinnaker/gate/security/ldap/LdapSsoConfig.groovy b/gate-ldap/src/main/groovy/com/netflix/spinnaker/gate/security/ldap/LdapSsoConfig.groovy index 596e41ef48..29e5137def 100644 --- a/gate-ldap/src/main/groovy/com/netflix/spinnaker/gate/security/ldap/LdapSsoConfig.groovy +++ b/gate-ldap/src/main/groovy/com/netflix/spinnaker/gate/security/ldap/LdapSsoConfig.groovy @@ -21,29 +21,27 @@ import com.netflix.spinnaker.gate.security.AllowedAccountsSupport import com.netflix.spinnaker.gate.security.SpinnakerAuthConfig import com.netflix.spinnaker.gate.services.PermissionService import com.netflix.spinnaker.security.User -import groovy.util.logging.Slf4j import com.opsmx.spinnaker.gate.security.ldap.RetryOnExceptionAuthManager +import groovy.util.logging.Slf4j import org.apache.commons.lang3.StringUtils import org.springframework.beans.factory.annotation.Autowired import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression -import org.springframework.boot.autoconfigure.security.SecurityProperties import org.springframework.boot.context.properties.ConfigurationProperties +import org.springframework.context.ApplicationContext import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Configuration import org.springframework.ldap.core.DirContextAdapter import org.springframework.ldap.core.DirContextOperations import org.springframework.security.authentication.AuthenticationManager import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder +import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration import org.springframework.security.config.annotation.web.builders.HttpSecurity -import org.springframework.security.config.annotation.web.builders.WebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter +import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer import org.springframework.security.core.GrantedAuthority import org.springframework.security.core.userdetails.UserDetails -import org.springframework.security.core.userdetails.UserDetailsService -import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder -import org.springframework.security.crypto.password.PasswordEncoder import org.springframework.security.ldap.userdetails.UserDetailsContextMapper +import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter import org.springframework.security.web.authentication.www.BasicAuthenticationFilter import org.springframework.session.web.http.DefaultCookieSerializer @@ -54,7 +52,10 @@ import org.springframework.stereotype.Component @Configuration @SpinnakerAuthConfig @EnableWebSecurity -class LdapSsoConfig extends WebSecurityConfigurerAdapter { +class LdapSsoConfig { + + @Autowired + ApplicationContext ctx @Autowired AuthConfig authConfig @@ -65,36 +66,14 @@ class LdapSsoConfig extends WebSecurityConfigurerAdapter { @Autowired LdapUserContextMapper ldapUserContextMapper - @Autowired - SecurityProperties securityProperties - @Autowired DefaultCookieSerializer defaultCookieSerializer - @Autowired - private UserDetailsService userDataService - @Autowired LoginProps loginProps @Autowired - public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { - auth.userDetailsService(userDataService).passwordEncoder(passwordEncoder()); - } - - @Bean - public PasswordEncoder passwordEncoder() { - return new BCryptPasswordEncoder(); - } - - @Bean - @Override - public AuthenticationManager authenticationManagerBean() throws Exception { - return super.authenticationManagerBean(); - } - - @Override - protected void configure(AuthenticationManagerBuilder auth) throws Exception { + void ldapConfigure(AuthenticationManagerBuilder auth) throws Exception { def ldapConfigurer = auth.ldapAuthentication() @@ -122,29 +101,30 @@ class LdapSsoConfig extends WebSecurityConfigurerAdapter { } } - @Override - protected void configure(HttpSecurity http) throws Exception { - if (loginProps.mode == null || loginProps.mode.equalsIgnoreCase("session")) - { - defaultCookieSerializer.setSameSite(null) - http.formLogin() + + @Bean + public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { + def authenticationManager = ctx.getBean("authenticationManager") as AuthenticationManager + defaultCookieSerializer.setSameSite(null) + http.formLogin() + if (loginProps.mode == null || loginProps.mode.equalsIgnoreCase("session")) { authConfig.configure(http) - http.addFilterBefore(new BasicAuthenticationFilter(authenticationManager()), UsernamePasswordAuthenticationFilter) - } - else if (loginProps.mode !=null && loginProps.mode.equalsIgnoreCase("token")) { + http.addFilterBefore(new BasicAuthenticationFilter(authenticationManager), UsernamePasswordAuthenticationFilter) + http.csrf().disable(); + } else if (loginProps.mode != null && loginProps.mode.equalsIgnoreCase("token")) { authConfig.jwtconfigure(http) } + return http.build() as SecurityFilterChain + } - } - - @Override - protected AuthenticationManager authenticationManager() throws Exception { - return new RetryOnExceptionAuthManager(super.authenticationManager()); + @Bean + protected AuthenticationManager authenticationManager(AuthenticationConfiguration authConfig) throws Exception { + return new RetryOnExceptionAuthManager(authConfig.getAuthenticationManager()); } - @Override - void configure(WebSecurity web) throws Exception { - authConfig.configure(web) + @Bean + public WebSecurityCustomizer webSecurityCustomizer() { + return (web) -> authConfig.configure(web) } @Component diff --git a/gate-ldap/src/test/java/com/opsmx/spinnaker/gate/security/ldap/RetryOnExceptionAuthManagerTest.java b/gate-ldap/src/test/java/com/opsmx/spinnaker/gate/security/ldap/RetryOnExceptionAuthManagerTest.java index 096c19172c..07fe32cf27 100644 --- a/gate-ldap/src/test/java/com/opsmx/spinnaker/gate/security/ldap/RetryOnExceptionAuthManagerTest.java +++ b/gate-ldap/src/test/java/com/opsmx/spinnaker/gate/security/ldap/RetryOnExceptionAuthManagerTest.java @@ -1,11 +1,11 @@ package com.opsmx.spinnaker.gate.security.ldap; +import static org.junit.jupiter.api.Assertions.assertEquals; import static org.junit.jupiter.api.Assertions.fail; import static org.mockito.Mockito.mock; -import org.junit.Assert; -import org.junit.Test; import org.junit.jupiter.api.DisplayName; +import org.junit.jupiter.api.Test; import org.mockito.Mockito; import org.springframework.ldap.UncategorizedLdapException; import org.springframework.security.authentication.AuthenticationManager; @@ -44,6 +44,6 @@ public void test2() { Authentication actual = fixture.authenticate(authentication); - Assert.assertEquals(actual, authentication); + assertEquals(actual, authentication); } } diff --git a/gate-oauth2/gate-oauth2.gradle b/gate-oauth2/gate-oauth2.gradle index 91403e7ea9..a1802339a4 100644 --- a/gate-oauth2/gate-oauth2.gradle +++ b/gate-oauth2/gate-oauth2.gradle @@ -1,10 +1,10 @@ dependencies { implementation project(":gate-core") - implementation "com.netflix.spectator:spectator-api" + implementation "com.netflix.spectator:spectator-api:1.5.4" implementation "io.spinnaker.fiat:fiat-api:$fiatVersion" implementation "io.spinnaker.kork:kork-exceptions" implementation "io.spinnaker.kork:kork-security" - implementation "org.codehaus.groovy:groovy-json" + implementation "org.apache.groovy:groovy-json" implementation "org.springframework.security.oauth.boot:spring-security-oauth2-autoconfigure" implementation "org.springframework.session:spring-session-core" } diff --git a/gate-oauth2/src/main/groovy/com/netflix/spinnaker/gate/security/oauth2/ExternalAuthTokenFilter.groovy b/gate-oauth2/src/main/groovy/com/netflix/spinnaker/gate/security/oauth2/ExternalAuthTokenFilter.groovy index 7e4f511e20..6227b19f1c 100644 --- a/gate-oauth2/src/main/groovy/com/netflix/spinnaker/gate/security/oauth2/ExternalAuthTokenFilter.groovy +++ b/gate-oauth2/src/main/groovy/com/netflix/spinnaker/gate/security/oauth2/ExternalAuthTokenFilter.groovy @@ -22,16 +22,15 @@ import org.springframework.boot.autoconfigure.security.oauth2.resource.UserInfoR import org.springframework.security.core.Authentication import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken import org.springframework.security.oauth2.common.OAuth2AccessToken -import org.springframework.security.oauth2.provider.authentication.BearerTokenExtractor import org.springframework.stereotype.Component -import javax.servlet.Filter -import javax.servlet.FilterChain -import javax.servlet.FilterConfig -import javax.servlet.ServletException -import javax.servlet.ServletRequest -import javax.servlet.ServletResponse -import javax.servlet.http.HttpServletRequest +import jakarta.servlet.Filter +import jakarta.servlet.FilterChain +import jakarta.servlet.FilterConfig +import jakarta.servlet.ServletException +import jakarta.servlet.ServletRequest +import jakarta.servlet.ServletResponse +import jakarta.servlet.http.HttpServletRequest /** * This class supports the use case of an externally provided OAuth access token, for example, a diff --git a/gate-oauth2/src/main/groovy/com/netflix/spinnaker/gate/security/oauth2/OAuth2SsoConfig.groovy b/gate-oauth2/src/main/groovy/com/netflix/spinnaker/gate/security/oauth2/OAuth2SsoConfig.groovy index af8b6c5438..9877fa0e20 100644 --- a/gate-oauth2/src/main/groovy/com/netflix/spinnaker/gate/security/oauth2/OAuth2SsoConfig.groovy +++ b/gate-oauth2/src/main/groovy/com/netflix/spinnaker/gate/security/oauth2/OAuth2SsoConfig.groovy @@ -31,10 +31,10 @@ import org.springframework.context.annotation.Primary import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.WebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.core.AuthenticationException import org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices +import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint import org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter import org.springframework.session.web.http.DefaultCookieSerializer @@ -42,8 +42,8 @@ import org.springframework.stereotype.Component import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter import org.springframework.security.web.authentication.www.BasicAuthenticationFilter -import javax.servlet.http.HttpServletRequest -import javax.servlet.http.HttpServletResponse +import jakarta.servlet.http.HttpServletRequest +import jakarta.servlet.http.HttpServletResponse @Configuration @SpinnakerAuthConfig @@ -53,7 +53,7 @@ import javax.servlet.http.HttpServletResponse // Note the 4 single-quotes below - this is a raw groovy string, because SpEL and groovy // string syntax overlap! @ConditionalOnExpression(''''${security.oauth2.client.client-id:}'!=""''') -class OAuth2SsoConfig extends WebSecurityConfigurerAdapter { +class OAuth2SsoConfig { @Autowired AuthConfig authConfig @@ -78,14 +78,14 @@ class OAuth2SsoConfig extends WebSecurityConfigurerAdapter { new SpinnakerUserInfoTokenServices() } - @Override - void configure(HttpSecurity http) throws Exception { + @Bean + SecurityFilterChain configure(HttpSecurity http) throws Exception { defaultCookieSerializer.setSameSite(null) authConfig.configure(http) http.exceptionHandling().authenticationEntryPoint(entryPoint) http.addFilterBefore(new BasicAuthenticationFilter(authenticationManager()), UsernamePasswordAuthenticationFilter) - http.addFilterBefore(externalAuthTokenFilter, AbstractPreAuthenticatedProcessingFilter.class) + http.addFilterBefore(externalAuthTokenFilter, AbstractPreAuthenticatedProcessingFilter.class) as SecurityFilterChain } void configure(WebSecurity web) throws Exception { diff --git a/gate-oauth2/src/main/java/com/netflix/spinnaker/gate/security/oauth2/BearerTokenExtractor.java b/gate-oauth2/src/main/java/com/netflix/spinnaker/gate/security/oauth2/BearerTokenExtractor.java new file mode 100644 index 0000000000..66359a6c44 --- /dev/null +++ b/gate-oauth2/src/main/java/com/netflix/spinnaker/gate/security/oauth2/BearerTokenExtractor.java @@ -0,0 +1,83 @@ +/* + * Copyright 2023 OpsMx, Inc. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.netflix.spinnaker.gate.security.oauth2; + +import jakarta.servlet.http.HttpServletRequest; +import java.util.Enumeration; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.security.core.Authentication; +import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails; +import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken; + +public class BearerTokenExtractor { + private static final Log logger = + LogFactory.getLog( + org.springframework.security.oauth2.provider.authentication.BearerTokenExtractor.class); + + public BearerTokenExtractor() {} + + public Authentication extract(HttpServletRequest request) { + String tokenValue = this.extractToken(request); + if (tokenValue != null) { + PreAuthenticatedAuthenticationToken authentication = + new PreAuthenticatedAuthenticationToken(tokenValue, ""); + return authentication; + } else { + return null; + } + } + + protected String extractToken(HttpServletRequest request) { + String token = this.extractHeaderToken(request); + if (token == null) { + logger.debug("Token not found in headers. Trying request parameters."); + token = request.getParameter("access_token"); + if (token == null) { + logger.debug("Token not found in request parameters. Not an OAuth2 request."); + } else { + request.setAttribute(OAuth2AuthenticationDetails.ACCESS_TOKEN_TYPE, "Bearer"); + } + } + + return token; + } + + protected String extractHeaderToken(HttpServletRequest request) { + Enumeration headers = request.getHeaders("Authorization"); + + String value; + do { + if (!headers.hasMoreElements()) { + return null; + } + + value = (String) headers.nextElement(); + } while (!value.toLowerCase().startsWith("Bearer".toLowerCase())); + + String authHeaderValue = value.substring("Bearer".length()).trim(); + request.setAttribute( + OAuth2AuthenticationDetails.ACCESS_TOKEN_TYPE, + value.substring(0, "Bearer".length()).trim()); + int commaIndex = authHeaderValue.indexOf(44); + if (commaIndex > 0) { + authHeaderValue = authHeaderValue.substring(0, commaIndex); + } + + return authHeaderValue; + } +} diff --git a/gate-oauth2/src/test/groovy/com/netflix/spinnaker/gate/security/oauth2/ExternalAuthTokenFilterSpec.groovy b/gate-oauth2/src/test/groovy/com/netflix/spinnaker/gate/security/oauth2/ExternalAuthTokenFilterSpec.groovy index aa700d9f3b..1614b24f85 100644 --- a/gate-oauth2/src/test/groovy/com/netflix/spinnaker/gate/security/oauth2/ExternalAuthTokenFilterSpec.groovy +++ b/gate-oauth2/src/test/groovy/com/netflix/spinnaker/gate/security/oauth2/ExternalAuthTokenFilterSpec.groovy @@ -8,7 +8,7 @@ import org.springframework.security.oauth2.client.OAuth2RestTemplate import spock.lang.Specification import spock.lang.Subject -import javax.servlet.FilterChain +import jakarta.servlet.FilterChain class ExternalAuthTokenFilterSpec extends Specification { diff --git a/gate-plugins-test/gate-plugins-test.gradle b/gate-plugins-test/gate-plugins-test.gradle index c245fc7491..10ac2d1a42 100644 --- a/gate-plugins-test/gate-plugins-test.gradle +++ b/gate-plugins-test/gate-plugins-test.gradle @@ -10,6 +10,7 @@ dependencies { testImplementation("io.spinnaker.kork:kork-plugins") testImplementation("io.spinnaker.kork:kork-plugins-tck") + testImplementation("io.mockk:mockk:1.10.5") testRuntimeOnly("org.junit.platform:junit-platform-launcher") testRuntimeOnly("org.junit.jupiter:junit-jupiter-engine") } diff --git a/gate-plugins/gate-plugins.gradle b/gate-plugins/gate-plugins.gradle index ce9da30c44..b4950a09d9 100644 --- a/gate-plugins/gate-plugins.gradle +++ b/gate-plugins/gate-plugins.gradle @@ -21,6 +21,8 @@ dependencies { implementation project(":gate-api") implementation project(":gate-core") + implementation "dev.minutest:minutest:1.13.0" + implementation "io.mockk:mockk:1.10.5" implementation "com.google.guava:guava" //OES-GATE changes start //implementation "com.netflix.spinnaker.fiat:fiat-core:$fiatVersion" @@ -38,8 +40,10 @@ dependencies { implementation "io.spinnaker.kork:kork-web" //Spinnaker changes end - implementation "io.swagger:swagger-annotations" - + implementation "io.spinnaker.kork:kork-swagger" implementation "org.springframework:spring-web" - implementation "org.pf4j:pf4j-update" + implementation "org.pf4j:pf4j-update:+" +} +test { + useJUnitPlatform() } diff --git a/gate-plugins/src/main/kotlin/com/netflix/spinnaker/gate/plugins/deck/DeckPluginsController.kt b/gate-plugins/src/main/kotlin/com/netflix/spinnaker/gate/plugins/deck/DeckPluginsController.kt index 0895aacacf..0c08b80e62 100644 --- a/gate-plugins/src/main/kotlin/com/netflix/spinnaker/gate/plugins/deck/DeckPluginsController.kt +++ b/gate-plugins/src/main/kotlin/com/netflix/spinnaker/gate/plugins/deck/DeckPluginsController.kt @@ -16,9 +16,9 @@ package com.netflix.spinnaker.gate.plugins.deck import com.netflix.spinnaker.kork.web.exceptions.NotFoundException -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import java.util.concurrent.TimeUnit -import javax.servlet.http.HttpServletResponse +import jakarta.servlet.http.HttpServletResponse import org.springframework.boot.autoconfigure.condition.ConditionalOnBean import org.springframework.http.CacheControl import org.springframework.http.HttpStatus @@ -36,13 +36,13 @@ class DeckPluginsController( private val deckPluginService: DeckPluginService ) { - @ApiOperation(value = "Retrieve a plugin manifest") + @Operation(summary = "Retrieve a plugin manifest") @GetMapping("/plugin-manifest.json") fun getPluginManifest(): List { return deckPluginService.getPluginsManifests() } - @ApiOperation(value = "Retrieve a single plugin asset by version") + @Operation(summary = "Retrieve a single plugin asset by version") @GetMapping("/{pluginId}/{pluginVersion}/{asset:.*}") fun getPluginAsset( @PathVariable pluginId: String, diff --git a/gate-plugins/src/main/kotlin/com/netflix/spinnaker/gate/plugins/web/PluginService.kt b/gate-plugins/src/main/kotlin/com/netflix/spinnaker/gate/plugins/web/PluginService.kt index dd19db4f04..e1459a09c8 100644 --- a/gate-plugins/src/main/kotlin/com/netflix/spinnaker/gate/plugins/web/PluginService.kt +++ b/gate-plugins/src/main/kotlin/com/netflix/spinnaker/gate/plugins/web/PluginService.kt @@ -55,6 +55,7 @@ class PluginService( return initiateTask("Delete Plugin info with Id: $id", listOf(jobMap)) } + @Suppress("UNCHECKED_CAST") private fun initiateTask(description: String, jobs: List>): Map { val taskMap = mapOf( Pair("description", description), diff --git a/gate-plugins/src/main/kotlin/com/netflix/spinnaker/gate/plugins/web/info/PluginInfoController.kt b/gate-plugins/src/main/kotlin/com/netflix/spinnaker/gate/plugins/web/info/PluginInfoController.kt index 8c39292223..89c59e58b6 100644 --- a/gate-plugins/src/main/kotlin/com/netflix/spinnaker/gate/plugins/web/info/PluginInfoController.kt +++ b/gate-plugins/src/main/kotlin/com/netflix/spinnaker/gate/plugins/web/info/PluginInfoController.kt @@ -19,7 +19,7 @@ import com.netflix.spinnaker.gate.plugins.web.PluginService import com.netflix.spinnaker.gate.plugins.web.SpinnakerExtensionsConfigProperties import com.netflix.spinnaker.gate.services.internal.Front50Service import com.netflix.spinnaker.kork.plugins.update.internal.SpinnakerPluginInfo -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.http.HttpStatus import org.springframework.http.MediaType import org.springframework.security.access.prepost.PreAuthorize @@ -42,7 +42,7 @@ class PluginInfoController( private val spinnakerExtensionsConfigProperties: SpinnakerExtensionsConfigProperties ) { - @ApiOperation(value = "Persist plugin metadata information") + @Operation(summary = "Persist plugin metadata information") @RequestMapping( method = [RequestMethod.POST, RequestMethod.PUT], consumes = [MediaType.APPLICATION_JSON_VALUE] @@ -52,7 +52,7 @@ class PluginInfoController( return pluginService.upsertPluginInfo(pluginInfo) } - @ApiOperation(value = "Delete plugin info with the provided Id") + @Operation(summary = "Delete plugin info with the provided Id") @PreAuthorize("hasPermission(#this.this.appName, 'APPLICATION', 'WRITE')") @RequestMapping( value = ["/{id:.+}"], @@ -64,7 +64,7 @@ class PluginInfoController( return pluginService.deletePluginInfo(id) } - @ApiOperation(value = "Get all plugin info objects") + @Operation(summary = "Get all plugin info objects") @RequestMapping(method = [RequestMethod.GET]) fun getAllPluginInfo(@RequestParam(value = "service", required = false) service: String?): List<*> { return front50Service.getPluginInfo(service) diff --git a/gate-plugins/src/main/kotlin/com/netflix/spinnaker/gate/plugins/web/installed/PluginsInstalledController.kt b/gate-plugins/src/main/kotlin/com/netflix/spinnaker/gate/plugins/web/installed/PluginsInstalledController.kt index 67049bf9a3..9527620eb8 100644 --- a/gate-plugins/src/main/kotlin/com/netflix/spinnaker/gate/plugins/web/installed/PluginsInstalledController.kt +++ b/gate-plugins/src/main/kotlin/com/netflix/spinnaker/gate/plugins/web/installed/PluginsInstalledController.kt @@ -13,7 +13,7 @@ import com.netflix.spinnaker.gate.services.internal.SwabbieService import com.netflix.spinnaker.kork.plugins.SpinnakerPluginDescriptor import com.netflix.spinnaker.kork.plugins.SpinnakerPluginManager import com.netflix.spinnaker.kork.plugins.update.SpinnakerUpdateManager -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import java.util.stream.Collectors import org.pf4j.PluginWrapper import org.slf4j.LoggerFactory @@ -43,7 +43,7 @@ class PluginsInstalledController( private val log by lazy { LoggerFactory.getLogger(javaClass) } - @ApiOperation(value = "Get all installed Spinnaker plugins") + @Operation(summary = "Get all installed Spinnaker plugins") @RequestMapping(method = [RequestMethod.GET]) fun getInstalledPlugins(@RequestParam(value = "service", required = false) service: String?): Map> { return when (service) { diff --git a/gate-plugins/src/main/kotlin/com/netflix/spinnaker/gate/plugins/web/publish/PluginPublishController.kt b/gate-plugins/src/main/kotlin/com/netflix/spinnaker/gate/plugins/web/publish/PluginPublishController.kt index 24cf4d28f0..2192aa5a86 100644 --- a/gate-plugins/src/main/kotlin/com/netflix/spinnaker/gate/plugins/web/publish/PluginPublishController.kt +++ b/gate-plugins/src/main/kotlin/com/netflix/spinnaker/gate/plugins/web/publish/PluginPublishController.kt @@ -24,21 +24,17 @@ import com.netflix.spinnaker.gate.plugins.web.PluginService import com.netflix.spinnaker.kork.exceptions.SystemException import com.netflix.spinnaker.kork.plugins.update.internal.SpinnakerPluginInfo import com.netflix.spinnaker.security.AuthenticatedRequest -import io.swagger.annotations.ApiOperation -import java.lang.String.format +import io.swagger.v3.oas.annotations.Operation import lombok.SneakyThrows -import okhttp3.MediaType +import okhttp3.MediaType.Companion.toMediaTypeOrNull import okhttp3.MultipartBody import okhttp3.OkHttpClient import okhttp3.Request -import okhttp3.RequestBody +import okhttp3.RequestBody.Companion.toRequestBody import org.springframework.http.MediaType.MULTIPART_FORM_DATA_VALUE -import org.springframework.web.bind.annotation.PathVariable -import org.springframework.web.bind.annotation.PostMapping -import org.springframework.web.bind.annotation.RequestMapping -import org.springframework.web.bind.annotation.RequestPart -import org.springframework.web.bind.annotation.RestController +import org.springframework.web.bind.annotation.* import org.springframework.web.multipart.MultipartFile +import java.lang.String.format @RestController @RequestMapping("/plugins/publish") @@ -53,7 +49,7 @@ class PluginPublishController( private val okHttpClient: OkHttpClient = okHttpClientProvider.getClient(DefaultServiceEndpoint("front50", front50Url)) @SneakyThrows - @ApiOperation(value = "Publish a plugin binary and the plugin info metadata.") + @Operation(summary = "Publish a plugin binary and the plugin info metadata.") @PostMapping("/{pluginId}/{pluginVersion}", consumes = [MULTIPART_FORM_DATA_VALUE]) fun publishPlugin( @RequestPart("plugin") body: MultipartFile, @@ -92,7 +88,7 @@ class PluginPublishController( .addFormDataPart( "plugin", format("%s-%s.zip", pluginId, pluginVersion), - RequestBody.create(MediaType.parse("application/octet-stream"), body) + body.toRequestBody("application/octet-stream".toMediaTypeOrNull(), 0, body.size) ) .build() ) @@ -100,7 +96,7 @@ class PluginPublishController( val response = okHttpClient.newCall(request).execute() if (!response.isSuccessful) { - val reason = response.body()?.string() ?: "Unknown reason: ${response.code()}" + val reason = response.body?.string() ?: "Unknown reason: ${response.code}" throw SystemException("Failed to upload plugin binary: $reason") } }.call() diff --git a/gate-proxy/gate-proxy.gradle b/gate-proxy/gate-proxy.gradle index 9507a1ccbc..0289d7a033 100644 --- a/gate-proxy/gate-proxy.gradle +++ b/gate-proxy/gate-proxy.gradle @@ -5,6 +5,8 @@ dependencies { implementation project(":gate-api") implementation project(":gate-core") + implementation "dev.minutest:minutest:1.13.0" + implementation "io.mockk:mockk:1.10.5" implementation "io.spinnaker.kork:kork-exceptions" implementation "io.spinnaker.kork:kork-web" implementation "com.squareup.retrofit:retrofit" diff --git a/gate-proxy/src/main/kotlin/com/netflix/spinnaker/gate/controllers/ApiExtensionController.kt b/gate-proxy/src/main/kotlin/com/netflix/spinnaker/gate/controllers/ApiExtensionController.kt index 9cd698c13a..ceacc42908 100644 --- a/gate-proxy/src/main/kotlin/com/netflix/spinnaker/gate/controllers/ApiExtensionController.kt +++ b/gate-proxy/src/main/kotlin/com/netflix/spinnaker/gate/controllers/ApiExtensionController.kt @@ -34,7 +34,7 @@ import org.springframework.web.bind.annotation.RequestParam import org.springframework.web.bind.annotation.RestController import java.io.IOException import java.util.stream.Collectors -import javax.servlet.http.HttpServletRequest +import jakarta.servlet.http.HttpServletRequest /** * A top-level [RestController] that exposes all api extensions under a common @@ -47,7 +47,7 @@ class ApiExtensionController @Autowired constructor(private val apiExtensionsPro init { val duplicateApiExtensionIds = apiExtensionsProvider.getIfAvailable { ArrayList() } - .groupBy { it.id().toLowerCase() } + .groupBy { it.id().lowercase() } .filter { it.value.size > 1 } .map { it.value } .flatten() diff --git a/gate-proxy/src/main/kotlin/com/netflix/spinnaker/gate/controllers/ProxyController.kt b/gate-proxy/src/main/kotlin/com/netflix/spinnaker/gate/controllers/ProxyController.kt index a6d7be313b..985a9fe618 100644 --- a/gate-proxy/src/main/kotlin/com/netflix/spinnaker/gate/controllers/ProxyController.kt +++ b/gate-proxy/src/main/kotlin/com/netflix/spinnaker/gate/controllers/ProxyController.kt @@ -30,7 +30,9 @@ import okhttp3.RequestBody import okhttp3.internal.http.HttpMethod import java.net.SocketException import java.util.stream.Collectors -import javax.servlet.http.HttpServletRequest +import jakarta.servlet.http.HttpServletRequest +import okhttp3.MediaType.Companion.toMediaTypeOrNull +import okhttp3.RequestBody.Companion.toRequestBody import org.slf4j.LoggerFactory import org.springframework.beans.factory.ObjectProvider import org.springframework.http.HttpHeaders @@ -120,7 +122,7 @@ class ProxyController( .toString() .substringAfter("/proxies/$proxyId") - val proxiedUrlBuilder = Request.Builder().url(proxyConfig.uri + proxyPath).build().url().newBuilder() + val proxiedUrlBuilder = Request.Builder().url(proxyConfig.uri + proxyPath).build().url.newBuilder() for ((key, value) in requestParams) { proxiedUrlBuilder.addQueryParameter(key, value) } @@ -134,10 +136,8 @@ class ProxyController( val method = request.method val body = if (HttpMethod.permitsRequestBody(method) && request.contentType != null) { - RequestBody.create( - okhttp3.MediaType.parse(request.contentType), - request.reader.lines().collect(Collectors.joining(System.lineSeparator())) - ) + request.reader.lines().collect(Collectors.joining(System.lineSeparator())) + .toRequestBody(request.contentType.toMediaTypeOrNull()) } else { null } @@ -145,9 +145,9 @@ class ProxyController( val response = proxy.okHttpClient.newCall( Request.Builder().url(proxiedUrl).method(method, body).build() ).execute() - statusCode = response.code() + statusCode = response.code contentType = response.header("Content-Type") ?: contentType - responseBody = response.body()?.string() ?: "" + responseBody = response.body?.string() ?: "" } catch (e: SocketException) { log.error("Exception processing proxy request", e) statusCode = HttpStatus.GATEWAY_TIMEOUT.value() @@ -165,10 +165,10 @@ class ProxyController( .withTag("statusCode", statusCode.toString()) ).increment() - val responseObj = if (responseBody.startsWith("{")) { - objectMapper.readValue(responseBody, Map::class.java) + val responseObj: Any = if (responseBody.startsWith("{")) { + objectMapper.readValue(responseBody, Map::class.java) as Map<*, *> } else if (responseBody.startsWith("[")) { - objectMapper.readValue(responseBody, Collection::class.java) + objectMapper.readValue(responseBody, Collection::class.java) as Collection<*> } else { responseBody } diff --git a/gate-saml/gate-saml.gradle b/gate-saml/gate-saml.gradle index 5c9dc672ca..d4fbe1daf8 100644 --- a/gate-saml/gate-saml.gradle +++ b/gate-saml/gate-saml.gradle @@ -4,11 +4,22 @@ dependencies{ implementation "io.spinnaker.fiat:fiat-api:$fiatVersion" implementation "io.spinnaker.kork:kork-exceptions" implementation "io.spinnaker.kork:kork-security" - implementation "com.netflix.spectator:spectator-api" + implementation "com.netflix.spectator:spectator-api:1.5.4" + implementation "org.apache.velocity:velocity-engine-core:2.3" + implementation("org.apache.santuario:xmlsec:3.0.2"){ + force(true) + } + implementation "xalan:xalan:2.7.3" + implementation "xalan:serializer:2.7.3" implementation 'org.springframework:spring-context' implementation 'org.springframework.session:spring-session-core' implementation 'org.springframework.boot:spring-boot-autoconfigure' + implementation("org.owasp.esapi:esapi:2.5.2.0") + implementation("org.bouncycastle:bcprov-ext-jdk15on:1.70") + implementation ('org.springframework.security.extensions:spring-security-saml2-core:1.0.9.RELEASE') { + exclude group: "xalan", module: "xalan:2.7.2" + } - implementation "org.springframework.security.extensions:spring-security-saml2-core" - implementation "org.springframework.security.extensions:spring-security-saml-dsl-core" + implementation "org.springframework.security.extensions:spring-security-saml-dsl-core:1.0.5.RELEASE" + implementation group: 'org.springframework.security', name: 'spring-security-saml2-service-provider', version: '6.0.2' } diff --git a/gate-saml/src/main/groovy/com/netflix/spinnaker/gate/security/saml/SamlSsoConfig.groovy b/gate-saml/src/main/groovy/com/netflix/spinnaker/gate/security/saml/SamlSsoConfig.groovy index f712d7b45e..81a7ae0464 100644 --- a/gate-saml/src/main/groovy/com/netflix/spinnaker/gate/security/saml/SamlSsoConfig.groovy +++ b/gate-saml/src/main/groovy/com/netflix/spinnaker/gate/security/saml/SamlSsoConfig.groovy @@ -24,12 +24,13 @@ import com.netflix.spinnaker.gate.security.SpinnakerAuthConfig import com.netflix.spinnaker.gate.services.PermissionService import com.netflix.spinnaker.kork.core.RetrySupport import com.netflix.spinnaker.security.User -import com.opsmx.spinnaker.gate.security.saml.SamlAuthTokenUpdateFilter import groovy.util.logging.Slf4j import org.opensaml.saml2.core.Assertion import org.opensaml.saml2.core.Attribute import org.opensaml.xml.schema.XSAny import org.opensaml.xml.schema.XSString +import org.opensaml.xml.security.BasicSecurityConfiguration +import org.opensaml.xml.signature.SignatureConstants import org.springframework.beans.factory.annotation.Autowired import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression import org.springframework.boot.autoconfigure.web.ServerProperties @@ -40,17 +41,15 @@ import org.springframework.security.authentication.BadCredentialsException import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.WebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.core.userdetails.UserDetailsService import org.springframework.security.core.userdetails.UsernameNotFoundException import org.springframework.security.extensions.saml2.config.SAMLConfigurer import org.springframework.security.saml.SAMLCredential -import org.springframework.security.saml.storage.EmptyStorageFactory import org.springframework.security.saml.userdetails.SAMLUserDetailsService import org.springframework.security.saml.websso.WebSSOProfileConsumerImpl +import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.authentication.RememberMeServices import org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices -import org.springframework.security.web.authentication.www.BasicAuthenticationFilter import org.springframework.session.web.http.DefaultCookieSerializer import org.springframework.stereotype.Component @@ -64,7 +63,7 @@ import static org.springframework.security.extensions.saml2.config.SAMLConfigure @SpinnakerAuthConfig @EnableWebSecurity @Slf4j -class SamlSsoConfig extends WebSecurityConfigurerAdapter { +class SamlSsoConfig { @Autowired ServerProperties serverProperties @@ -97,6 +96,7 @@ class SamlSsoConfig extends WebSecurityConfigurerAdapter { UserAttributeMapping userAttributeMapping = new UserAttributeMapping() long maxAuthenticationAge = 7200 + String signatureDigest = "SHA1" // SHA1 is the default registered in DefaultSecurityConfigurationBootstrap.populateSignatureParams /** * Ensure that the keystore exists and can be accessed with the given keyStorePassword and keyStoreAliasName */ @@ -121,6 +121,10 @@ class SamlSsoConfig extends WebSecurityConfigurerAdapter { } } } + // Validate signature digest algorithm + if (SignatureAlgorithms.fromName(signatureDigest) == null) { + throw new IllegalStateException("Invalid saml.signatureDigest value '${signatureDigest}'. Valid values are ${SignatureAlgorithms.values()}") + } } } @@ -136,11 +140,10 @@ class SamlSsoConfig extends WebSecurityConfigurerAdapter { @Autowired SAMLSecurityConfigProperties samlSecurityConfigProperties - @Autowired - SAMLUserDetailsService samlUserDetailsService + SAMLUserDetailsService samlUserDetailsService = samlUserDetailsService() - @Override - void configure(HttpSecurity http) { + @Bean + SecurityFilterChain configure(HttpSecurity http) throws Exception { //We need our session cookie to come across when we get redirected back from the IdP: defaultCookieSerializer.setSameSite(null) defaultCookieSerializer.setCookieName("gateCookie") @@ -160,7 +163,6 @@ class SamlSsoConfig extends WebSecurityConfigurerAdapter { .and() .webSSOProfileConsumer(getWebSSOProfileConsumerImpl()) .serviceProvider() - .storageFactory(new EmptyStorageFactory()) .entityId(samlSecurityConfigProperties.issuerId) .protocol(samlSecurityConfigProperties.redirectProtocol) .hostname(samlSecurityConfigProperties.redirectHostname ?: serverProperties?.address?.hostName) @@ -171,14 +173,27 @@ class SamlSsoConfig extends WebSecurityConfigurerAdapter { .keyname(samlSecurityConfigProperties.keyStoreAliasName) .keyPassword(samlSecurityConfigProperties.keyStorePassword) - saml.init(http) - SamlAuthTokenUpdateFilter authTokenUpdateFilter = new SamlAuthTokenUpdateFilter() - http.addFilterAfter(authTokenUpdateFilter, - BasicAuthenticationFilter.class) + initSignatureDigest() // Need to be after SAMLConfigurer initializes the global SecurityConfiguration + http.apply(saml).init(http) + return http.build() + // @formatter:on } + private void initSignatureDigest() { + def secConfig = org.opensaml.Configuration.getGlobalSecurityConfiguration() + if (secConfig != null && secConfig instanceof BasicSecurityConfiguration) { + BasicSecurityConfiguration basicSecConfig = (BasicSecurityConfiguration) secConfig + def algo = SignatureAlgorithms.fromName(samlSecurityConfigProperties.signatureDigest) + log.info("Using ${algo} digest for signing SAML messages") + basicSecConfig.registerSignatureAlgorithmURI("RSA", algo.rsaSignatureMethod) + basicSecConfig.setSignatureReferenceDigestMethod(algo.digestMethod) + } else { + log.warn("Unable to find global BasicSecurityConfiguration (found '${secConfig}'). Ignoring signatureDigest configuration value.") + } + } + void configure(WebSecurity web) throws Exception { authConfig.configure(web) } @@ -197,7 +212,6 @@ class SamlSsoConfig extends WebSecurityConfigurerAdapter { rememberMeServices } - @Bean SAMLUserDetailsService samlUserDetailsService() { // TODO(ttomsu): This is a NFLX specific user extractor. Make a more generic one? new SAMLUserDetailsService() { @@ -253,7 +267,7 @@ class SamlSsoConfig extends WebSecurityConfigurerAdapter { username, roles.size(), roles, - fiatClientConfigurationProperties.legacyFallback + fiatClientConfigurationProperties.legacyFallback,e ) id = id.withTag("success", false).withTag("fallback", fiatClientConfigurationProperties.legacyFallback) @@ -312,4 +326,25 @@ class SamlSsoConfig extends WebSecurityConfigurerAdapter { } } } + + // Available digests taken from org.opensaml.xml.signature.SignatureConstants (RSA signatures) + private enum SignatureAlgorithms { + SHA1(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1, SignatureConstants.ALGO_ID_DIGEST_SHA1), + SHA256(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256, SignatureConstants.ALGO_ID_DIGEST_SHA256), + SHA384(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA384, SignatureConstants.ALGO_ID_DIGEST_SHA384), + SHA512(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA512, SignatureConstants.ALGO_ID_DIGEST_SHA512), + RIPEMD160(SignatureConstants.ALGO_ID_SIGNATURE_RSA_RIPEMD160, SignatureConstants.ALGO_ID_DIGEST_RIPEMD160), + MD5(SignatureConstants.ALGO_ID_SIGNATURE_NOT_RECOMMENDED_RSA_MD5, SignatureConstants.ALGO_ID_DIGEST_NOT_RECOMMENDED_MD5) + + String rsaSignatureMethod + String digestMethod + SignatureAlgorithms(String rsaSignatureMethod, String digestMethod) { + this.rsaSignatureMethod = rsaSignatureMethod + this.digestMethod = digestMethod + } + + static SignatureAlgorithms fromName(String digestName) { + SignatureAlgorithms.find { it -> (it.name() == digestName.toUpperCase()) } as SignatureAlgorithms + } + } } diff --git a/gate-saml/src/main/java/com/opsmx/spinnaker/gate/security/saml/Saml2UserAttributeMapping.java b/gate-saml/src/main/java/com/opsmx/spinnaker/gate/security/saml/Saml2UserAttributeMapping.java new file mode 100644 index 0000000000..01ef40cf80 --- /dev/null +++ b/gate-saml/src/main/java/com/opsmx/spinnaker/gate/security/saml/Saml2UserAttributeMapping.java @@ -0,0 +1,44 @@ +/* + * Copyright 2023 OpsMx, Inc. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.opsmx.spinnaker.gate.security.saml; + +import java.util.List; +import lombok.Data; +import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.context.annotation.Configuration; + +@Data +@Configuration +@ConditionalOnExpression("${spring.security.saml2.enabled:false}") +@ConfigurationProperties(prefix = "spring.security.saml2.user-attribute-mapping") +public class Saml2UserAttributeMapping { + + private String firstName = "user.firstName"; + private String lastName = "user.lastName"; + private Roles roles = new Roles(); + private String email = "user.email"; + + @Data + public static class Roles { + private String attributeName = "memberOf"; + private List requiredRoles; + private boolean sortRoles = false; + private boolean forceLowercaseRoles = true; + private String rolesDelimiter; + } +} diff --git a/gate-saml/src/main/java/com/opsmx/spinnaker/gate/security/saml/Saml2UserDetails.java b/gate-saml/src/main/java/com/opsmx/spinnaker/gate/security/saml/Saml2UserDetails.java new file mode 100644 index 0000000000..efad7b8f37 --- /dev/null +++ b/gate-saml/src/main/java/com/opsmx/spinnaker/gate/security/saml/Saml2UserDetails.java @@ -0,0 +1,70 @@ +/* + * Copyright 2023 OpsMx, Inc. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.opsmx.spinnaker.gate.security.saml; + +import com.netflix.spinnaker.security.User; +import java.util.Collection; +import java.util.List; +import org.springframework.security.authentication.AbstractAuthenticationToken; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.saml2.provider.service.authentication.Saml2Authentication; + +public class Saml2UserDetails extends AbstractAuthenticationToken { + + private User user = null; + private Saml2Authentication saml2Authentication = null; + + public Saml2UserDetails(Saml2Authentication saml2Authentication, User user) { + super(user.getAuthorities()); + this.saml2Authentication = saml2Authentication; + this.user = user; + } + + @Override + public String getName() { + return this.user.getUsername(); + } + + @Override + public Collection getAuthorities() { + List authorities = (List) this.user.getAuthorities(); + return authorities; + } + + @Override + public Object getCredentials() { + return this.saml2Authentication; + } + + @Override + public Object getDetails() { + return this.user; + } + + @Override + public Object getPrincipal() { + return this.user; + } + + @Override + public boolean isAuthenticated() { + return true; + } + + @Override + public void setAuthenticated(boolean isAuthenticated) throws IllegalArgumentException {} +} diff --git a/gate-saml/src/main/java/com/opsmx/spinnaker/gate/security/saml/SamlAuthTokenUpdateFilter.java b/gate-saml/src/main/java/com/opsmx/spinnaker/gate/security/saml/SamlAuthTokenUpdateFilter.java index 1c9af92c1c..50b3255501 100644 --- a/gate-saml/src/main/java/com/opsmx/spinnaker/gate/security/saml/SamlAuthTokenUpdateFilter.java +++ b/gate-saml/src/main/java/com/opsmx/spinnaker/gate/security/saml/SamlAuthTokenUpdateFilter.java @@ -16,14 +16,14 @@ package com.opsmx.spinnaker.gate.security.saml; +import jakarta.servlet.FilterChain; +import jakarta.servlet.ServletException; +import jakarta.servlet.ServletRequest; +import jakarta.servlet.ServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpSession; import java.io.IOException; -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.providers.ExpiringUsernameAuthenticationToken; diff --git a/gate-saml/src/main/java/com/opsmx/spinnaker/gate/security/saml/SamlSecurityConfiguration.java b/gate-saml/src/main/java/com/opsmx/spinnaker/gate/security/saml/SamlSecurityConfiguration.java new file mode 100644 index 0000000000..5213afdc21 --- /dev/null +++ b/gate-saml/src/main/java/com/opsmx/spinnaker/gate/security/saml/SamlSecurityConfiguration.java @@ -0,0 +1,323 @@ +/* + * Copyright 2023 OpsMx, Inc. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.opsmx.spinnaker.gate.security.saml; + +import com.netflix.spectator.api.Registry; +import com.netflix.spinnaker.fiat.shared.FiatClientConfigurationProperties; +import com.netflix.spinnaker.gate.config.AuthConfig; +import com.netflix.spinnaker.gate.security.AllowedAccountsSupport; +import com.netflix.spinnaker.gate.security.SpinnakerAuthConfig; +import com.netflix.spinnaker.gate.services.PermissionService; +import com.netflix.spinnaker.kork.core.RetrySupport; +import com.netflix.spinnaker.security.User; +import java.net.URI; +import java.net.URISyntaxException; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; +import lombok.extern.slf4j.Slf4j; +import org.opensaml.saml.saml2.core.Assertion; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; +import org.springframework.boot.autoconfigure.security.saml2.Saml2RelyingPartyProperties; +import org.springframework.boot.autoconfigure.session.DefaultCookieSerializerCustomizer; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.core.convert.converter.Converter; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.authentication.BadCredentialsException; +import org.springframework.security.authentication.ProviderManager; +import org.springframework.security.config.Customizer; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider; +import org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticatedPrincipal; +import org.springframework.security.saml2.provider.service.authentication.Saml2Authentication; +import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository; +import org.springframework.security.saml2.provider.service.web.authentication.Saml2WebSsoAuthenticationFilter; +import org.springframework.security.web.SecurityFilterChain; +import org.springframework.security.web.authentication.RememberMeServices; +import org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices; +import org.springframework.security.web.authentication.session.ChangeSessionIdAuthenticationStrategy; +import org.springframework.security.web.context.HttpSessionSecurityContextRepository; + +@Slf4j +@Configuration +@EnableWebSecurity +@SpinnakerAuthConfig +@ConditionalOnExpression("${spring.security.saml2.enabled:false}") +public class SamlSecurityConfiguration { + + @Value("${spring.security.saml2.registration-id}") + private String registrationId; + + @Autowired private AuthConfig authConfig; + + @Autowired private Saml2UserAttributeMapping saml2UserAttributeMapping; + + @Autowired private PermissionService permissionService; + + @Autowired private Registry registry; + + private RetrySupport retrySupport = new RetrySupport(); + + @Autowired private AllowedAccountsSupport allowedAccountsSupport; + + @Autowired private FiatClientConfigurationProperties fiatClientConfigurationProperties; + + @Autowired private Saml2RelyingPartyProperties relyingPartyProperties; + + private URI acsLocation; + + private String loginProcessingUrl; + + public static final String defaultFilterUrl = + "{baseUrl}" + Saml2WebSsoAuthenticationFilter.DEFAULT_FILTER_PROCESSES_URI; + + @Bean + public UserDetailsService userDetailsService() { + return username -> { + User user = new User(); + user.setUsername(username); + return user; + }; + } + + @Bean + public RememberMeServices rememberMeServices(UserDetailsService userDetailsService) { + TokenBasedRememberMeServices rememberMeServices = + new TokenBasedRememberMeServices("password", userDetailsService); + rememberMeServices.setCookieName("cookieName"); + rememberMeServices.setParameter("rememberMe"); + return rememberMeServices; + } + + @Bean + public OpenSaml4AuthenticationProvider authenticationProvider() { + var authProvider = new OpenSaml4AuthenticationProvider(); + authProvider.setResponseAuthenticationConverter(extractUserDetails()); + return authProvider; + } + + @Bean + public ProviderManager authenticationManager( + OpenSaml4AuthenticationProvider authenticationProvider) { + return new ProviderManager(authenticationProvider); + } + + @Bean + public Saml2WebSsoAuthenticationFilter saml2WebSsoAuthenticationFilter( + RelyingPartyRegistrationRepository relyingPartyRegistrationRepository, + AuthenticationManager authenticationManager) { + log.info( + "ACS endpoint configured : {}", + relyingPartyProperties.getRegistration().get(registrationId).getAcs().getLocation()); + Saml2WebSsoAuthenticationFilter saml2WebSsoAuthenticationFilter; + if (!relyingPartyProperties + .getRegistration() + .get(registrationId) + .getAcs() + .getLocation() + .equalsIgnoreCase(defaultFilterUrl)) { + initAcsUri(); + saml2WebSsoAuthenticationFilter = + new Saml2WebSsoAuthenticationFilter( + relyingPartyRegistrationRepository, loginProcessingUrl); + } else { + saml2WebSsoAuthenticationFilter = + new Saml2WebSsoAuthenticationFilter(relyingPartyRegistrationRepository); + } + + saml2WebSsoAuthenticationFilter.setAuthenticationManager(authenticationManager); + saml2WebSsoAuthenticationFilter.setSecurityContextRepository( + new HttpSessionSecurityContextRepository()); + saml2WebSsoAuthenticationFilter.setSessionAuthenticationStrategy( + new ChangeSessionIdAuthenticationStrategy()); + + return saml2WebSsoAuthenticationFilter; + } + + private void initAcsUri() { + try { + acsLocation = + new URI( + relyingPartyProperties.getRegistration().get(registrationId).getAcs().getLocation()); + loginProcessingUrl = acsLocation.getPath().replace(registrationId, "{registrationId}"); + } catch (URISyntaxException e) { + throw new RuntimeException(e); + } catch (Exception e) { + log.error("Exception occurred while reading the ACS endpoint : ", e); + throw e; + } + } + + @Bean + public SecurityFilterChain samlFilterChain( + HttpSecurity http, + RememberMeServices rememberMeServices, + Saml2WebSsoAuthenticationFilter webSsoAuthenticationFilter, + ProviderManager authenticationManager) + throws Exception { + + log.info("Configuring SAML Security"); + + authConfig.configure(http); + + http.saml2Login( + saml2 -> { + saml2.authenticationManager(authenticationManager); + if (!relyingPartyProperties + .getRegistration() + .get(registrationId) + .getAcs() + .getLocation() + .equalsIgnoreCase(defaultFilterUrl)) { + saml2.loginProcessingUrl(loginProcessingUrl); + } + }) + .rememberMe(remember -> remember.rememberMeServices(rememberMeServices)) + .addFilter(webSsoAuthenticationFilter) + .saml2Logout(Customizer.withDefaults()); + + return http.build(); + } + + private Converter + extractUserDetails() { + + log.debug("**Extracting user details**"); + + Converter delegate = + OpenSaml4AuthenticationProvider.createDefaultResponseAuthenticationConverter(); + + return responseToken -> { + List roles = new ArrayList<>(); + log.debug("responseToken : {}", responseToken); + Saml2Authentication authentication = delegate.convert(responseToken); + Saml2AuthenticatedPrincipal principal = + (Saml2AuthenticatedPrincipal) authentication.getPrincipal(); + + log.debug("role attribute in config : {}", saml2UserAttributeMapping.getRoles()); + log.debug("firstName attribute in config : {}", saml2UserAttributeMapping.getFirstName()); + log.debug("lastName attribute in config : {}", saml2UserAttributeMapping.getLastName()); + log.debug("email attribute in config : {}", saml2UserAttributeMapping.getEmail()); + log.debug( + "rolesDelimiter in config : {}", + saml2UserAttributeMapping.getRoles().getRolesDelimiter()); + + List rolesExtractedFromIDP = + principal.getAttribute(saml2UserAttributeMapping.getRoles().getAttributeName()); + String firstName = principal.getFirstAttribute(saml2UserAttributeMapping.getFirstName()); + String lastName = principal.getFirstAttribute(saml2UserAttributeMapping.getLastName()); + String email = principal.getFirstAttribute(saml2UserAttributeMapping.getEmail()); + Assertion assertion = responseToken.getResponse().getAssertions().get(0); + String username = assertion.getSubject().getNameID().getValue(); + + if (rolesExtractedFromIDP != null) { + if (saml2UserAttributeMapping.getRoles().getRolesDelimiter() != null) { + for (String role : rolesExtractedFromIDP) { + roles.addAll( + Arrays.stream(role.split(saml2UserAttributeMapping.getRoles().getRolesDelimiter())) + .toList()); + } + } else { + roles = rolesExtractedFromIDP; + } + if (saml2UserAttributeMapping.getRoles().isForceLowercaseRoles()) { + roles = roles.stream().map(String::toLowerCase).toList(); + } + + if (saml2UserAttributeMapping.getRoles().isSortRoles()) { + roles = roles.stream().sorted().toList(); + } + if (saml2UserAttributeMapping.getRoles().getRequiredRoles() != null) { + if (!roles.containsAll(saml2UserAttributeMapping.getRoles().getRequiredRoles())) { + throw new BadCredentialsException( + String.format( + "User %s does not have all roles %s", + username, saml2UserAttributeMapping.getRoles().getRequiredRoles())); + } + } + } + + User user = new User(); + user.setRoles(roles); + user.setUsername(username); + user.setFirstName(firstName); + user.setLastName(lastName); + user.setEmail(email); + user.setAllowedAccounts(allowedAccountsSupport.filterAllowedAccounts(username, roles)); + + log.debug("username extracted from responseToken : {}", username); + log.debug("firstName extracted from responseToken : {}", firstName); + log.debug("lastName extracted from responseToken : {}", lastName); + log.debug("email extracted from responseToken : {}", email); + log.debug("roles extracted from responseToken : {}", roles); + + loginWithRoles(username, roles); + + return new Saml2UserDetails(authentication, user); + }; + } + + private void loginWithRoles(String username, List roles) { + + var id = registry.createId("fiat.login").withTag("type", "saml"); + + try { + retrySupport.retry( + () -> { + permissionService.loginWithRoles(username, roles); + return null; + }, + 5, + 2000, + Boolean.FALSE); + + log.debug( + "Successful SAML authentication (user: {}, roleCount: {}, roles: {})", + username, + roles.size(), + roles); + id = id.withTag("success", true).withTag("fallback", "none"); + } catch (Exception e) { + log.debug( + "Unsuccessful SAML authentication (user: {}, roleCount: {}, roles: {}, legacyFallback: {})", + username, + roles.size(), + roles, + fiatClientConfigurationProperties.isLegacyFallback(), + e); + id = + id.withTag("success", false) + .withTag("fallback", fiatClientConfigurationProperties.isLegacyFallback()); + + if (!fiatClientConfigurationProperties.isLegacyFallback()) { + throw e; + } + } finally { + registry.counter(id).increment(); + } + } + + @Bean + public DefaultCookieSerializerCustomizer cookieSerializerCustomizer() { + return cookieSerializer -> cookieSerializer.setSameSite(null); + } +} diff --git a/gate-saml/src/main/java/com/opsmx/spinnaker/gate/security/saml/SamlSsoEventPublishConfig.java b/gate-saml/src/main/java/com/opsmx/spinnaker/gate/security/saml/SamlSsoEventPublishConfig.java index 9e0b85a591..ebca0aeebc 100644 --- a/gate-saml/src/main/java/com/opsmx/spinnaker/gate/security/saml/SamlSsoEventPublishConfig.java +++ b/gate-saml/src/main/java/com/opsmx/spinnaker/gate/security/saml/SamlSsoEventPublishConfig.java @@ -1,8 +1,8 @@ package com.opsmx.spinnaker.gate.security.saml; +import jakarta.servlet.Filter; import java.util.ArrayList; import java.util.List; -import javax.servlet.Filter; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; @@ -16,7 +16,7 @@ import org.springframework.security.web.FilterChainProxy; import org.springframework.security.web.SecurityFilterChain; -@ConditionalOnExpression("${saml.enabled:false}") +@ConditionalOnExpression("${spring.security.saml2.enabled:false}") @Configuration @Slf4j @Order(Ordered.HIGHEST_PRECEDENCE) diff --git a/gate-web/config/gate.yml b/gate-web/config/gate.yml index 027ca0bdc5..caab8cbab7 100644 --- a/gate-web/config/gate.yml +++ b/gate-web/config/gate.yml @@ -117,8 +117,13 @@ spring.session.store-type: redis --- +#spring: +# profiles: googleOAuth spring: - profiles: googleOAuth + config: + activate: + on-profile: googleOAuth + security: contentSecurityPolicy: "object-src 'none'; script-src 'unsafe-eval' 'unsafe-inline' https: http:;" @@ -139,8 +144,12 @@ security: --- +#spring: +# profiles: azureOAuth spring: - profiles: azureOAuth + config: + activate: + on-profile: azureOAuth security: oauth2: @@ -162,8 +171,13 @@ security: --- +#spring: +# profiles: githubOAuth + spring: - profiles: githubOAuth + config: + activate: + on-profile: githubOAuth security: oauth2: diff --git a/gate-web/gate-web.gradle b/gate-web/gate-web.gradle index b9a6210bcd..d94b0ca8da 100644 --- a/gate-web/gate-web.gradle +++ b/gate-web/gate-web.gradle @@ -16,14 +16,15 @@ dependencies { implementation project(":gate-integrations-gremlin") implementation "com.squareup.retrofit:retrofit" - implementation "com.squareup.retrofit:converter-jackson" - implementation "com.jakewharton.retrofit:retrofit1-okhttp3-client" + implementation "com.squareup.retrofit:converter-jackson:1.9.0" + implementation "com.jakewharton.retrofit:retrofit1-okhttp3-client:+" implementation "com.fasterxml.jackson.dataformat:jackson-dataformat-yaml" implementation "com.fasterxml.jackson.datatype:jackson-datatype-jsr310" + implementation "com.google.guava:guava" - implementation "com.squareup.okhttp:okhttp" - implementation "com.squareup.okhttp:okhttp-urlconnection" - implementation "com.squareup.okhttp:okhttp-apache" + implementation "com.squareup.okhttp:okhttp:2.7.5" + implementation "com.squareup.okhttp:okhttp-urlconnection:2.7.5" + implementation "com.squareup.okhttp:okhttp-apache:2.7.5" implementation "io.spinnaker.fiat:fiat-core:$fiatVersion" implementation "io.spinnaker.fiat:fiat-api:$fiatVersion" @@ -31,14 +32,15 @@ dependencies { implementation "io.spinnaker.kork:kork-config" implementation "io.spinnaker.kork:kork-plugins" implementation "io.spinnaker.kork:kork-web" - implementation "com.netflix.frigga:frigga" + implementation "io.spinnaker.kork:kork-swagger" + implementation "com.netflix.frigga:frigga:+" implementation "redis.clients:jedis" implementation "com.netflix.hystrix:hystrix-core:1.5.12" implementation "commons-io:commons-io" - implementation "org.codehaus.groovy:groovy-templates" + implementation "org.apache.groovy:groovy-templates" implementation "org.springframework.session:spring-session-data-redis" - implementation "de.huxhorn.sulky:de.huxhorn.sulky.ulid" + implementation "de.huxhorn.sulky:de.huxhorn.sulky.ulid:+" implementation "org.apache.commons:commons-lang3" implementation "org.springframework:spring-web" @@ -48,16 +50,26 @@ dependencies { implementation "com.graphql-java-kickstart:graphql-spring-boot-starter:7.0.1" implementation "com.graphql-java-kickstart:graphql-java-tools:6.0.2" + implementation ("com.graphql-java:graphql-java:21.4") { + force(true) + } - implementation "io.springfox:springfox-swagger2" - + implementation "org.apache.groovy:groovy-json" implementation 'org.springframework.boot:spring-boot-starter-cache' implementation group: 'com.github.ben-manes.caffeine', name: 'caffeine', version: '2.9.2' - implementation group: 'org.springframework.cloud', name: 'spring-cloud-starter-openfeign', version: '2.2.4.RELEASE' + implementation('org.springframework.cloud:spring-cloud-starter-openfeign:4.0.2') { + exclude group: 'commons-fileupload', module: 'commons-fileupload' + } + implementation 'commons-fileupload:commons-fileupload:1.5' implementation 'org.apache.camel:camel-core:3.14.1' - implementation 'org.apache.camel:camel-rabbitmq:3.14.1' + implementation ('org.apache.camel:camel-rabbitmq:3.14.1') { + exclude group: 'com.rabbitmq', module: 'amqp-client' + } + implementation ("com.rabbitmq:amqp-client:5.18.0") { + force(true) + } implementation 'org.apache.camel:camel-jackson:3.14.1' runtimeOnly "io.spinnaker.kork:kork-runtime" @@ -68,9 +80,9 @@ dependencies { testImplementation project(":gate-ldap") // TODO: Move system tests to own module testImplementation project(":gate-basic") testImplementation project(":gate-oauth2") - testImplementation "com.squareup.okhttp:mockwebserver" + testImplementation "com.squareup.okhttp:mockwebserver:2.7.5" - testImplementation "com.squareup.retrofit:retrofit-mock" + testImplementation "com.squareup.retrofit:retrofit-mock:1.9.0" testImplementation "org.springframework.security:spring-security-test" testImplementation "org.springframework.security:spring-security-ldap" testImplementation "org.springframework.security:spring-security-oauth2-jose" @@ -90,6 +102,19 @@ configurations.all { exclude group: "org.slf4j", module: "slf4j-log4j12" } +tasks.withType( Copy).all { + duplicatesStrategy = DuplicatesStrategy.EXCLUDE +} +tasks.withType(Tar){ + duplicatesStrategy = DuplicatesStrategy.EXCLUDE +} +tasks.withType(Zip){ + duplicatesStrategy = DuplicatesStrategy.EXCLUDE +} +tasks.named('installDist') { + duplicatesStrategy = DuplicatesStrategy.EXCLUDE +} + test { //The Implementation-Version is set in the MANIFEST.MF for the JAR produced via testing so that //assertions can be made against the version (see gate-plugins-test, for example). diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/Main.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/Main.groovy index ab9c83173e..2334b14007 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/Main.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/Main.groovy @@ -22,13 +22,10 @@ import org.springframework.boot.autoconfigure.groovy.template.GroovyTemplateAuto import org.springframework.boot.autoconfigure.gson.GsonAutoConfiguration import org.springframework.boot.builder.SpringApplicationBuilder import org.springframework.boot.context.properties.EnableConfigurationProperties -import org.springframework.cache.annotation.EnableCaching -import org.springframework.context.annotation.Import import org.springframework.scheduling.annotation.EnableAsync import com.netflix.spinnaker.kork.boot.DefaultPropertiesBuilder @EnableAsync -@EnableCaching @EnableConfigurationProperties @SpringBootApplication( scanBasePackages = [ diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/config/GateConfig.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/config/GateConfig.groovy index 21d4c10589..b7442984f2 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/config/GateConfig.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/config/GateConfig.groovy @@ -20,7 +20,6 @@ import com.fasterxml.jackson.databind.DeserializationFeature import com.fasterxml.jackson.databind.ObjectMapper import com.fasterxml.jackson.dataformat.yaml.YAMLMapper import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule -import com.jakewharton.retrofit.Ok3Client import com.netflix.hystrix.strategy.concurrency.HystrixRequestContext import com.netflix.spectator.api.Registry import com.netflix.spinnaker.config.DefaultServiceEndpoint @@ -40,7 +39,6 @@ import com.netflix.spinnaker.gate.filters.RequestSheddingFilter import com.netflix.spinnaker.gate.filters.ResetAuthenticatedRequestFilter import com.netflix.spinnaker.gate.plugins.deck.DeckPluginConfiguration import com.netflix.spinnaker.gate.plugins.web.PluginWebConfiguration -import com.netflix.spinnaker.gate.retrofit.Slf4jRetrofitLogger import com.netflix.spinnaker.gate.services.EurekaLookupService import com.netflix.spinnaker.gate.services.internal.* import com.netflix.spinnaker.kork.client.ServiceClientProvider @@ -56,7 +54,6 @@ import com.opsmx.spinnaker.gate.services.OpsmxAuditClientService import com.opsmx.spinnaker.gate.services.OpsmxAuditService import groovy.transform.CompileStatic import groovy.util.logging.Slf4j -import okhttp3.OkHttpClient import org.springframework.beans.factory.annotation.Autowired import org.springframework.beans.factory.annotation.Qualifier import org.springframework.beans.factory.annotation.Value @@ -70,26 +67,25 @@ import org.springframework.context.annotation.Import import org.springframework.context.annotation.Primary import org.springframework.core.Ordered import org.springframework.http.converter.json.AbstractJackson2HttpMessageConverter +import org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler +import org.springframework.security.access.expression.method.MethodSecurityExpressionHandler import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer import org.springframework.session.data.redis.config.ConfigureRedisAction import org.springframework.session.data.redis.config.annotation.web.http.RedisHttpSessionConfiguration -import org.springframework.stereotype.Component import org.springframework.util.CollectionUtils import org.springframework.web.client.RestTemplate import redis.clients.jedis.JedisPool import retrofit.Endpoint import retrofit.RequestInterceptor -import retrofit.RestAdapter -import retrofit.converter.JacksonConverter -import javax.servlet.* -import javax.servlet.Filter + +import jakarta.servlet.* import java.util.concurrent.ExecutorService import java.util.concurrent.Executors import static retrofit.Endpoints.newFixedEndpoint @CompileStatic -@Configuration +@Configuration(enforceUniqueMethods = false) @Slf4j @EnableConfigurationProperties([FiatClientConfigurationProperties, DynamicRoutingConfigProperties]) @Import([PluginsAutoConfiguration, DeckPluginConfiguration, PluginWebConfiguration]) @@ -97,6 +93,7 @@ class GateConfig extends RedisHttpSessionConfiguration { private ServiceClientProvider serviceClientProvider + @SuppressWarnings('GrDeprecatedAPIUsage') @Value('${server.session.timeout-in-seconds:3600}') void setSessionTimeout(int maxInactiveIntervalInSeconds) { super.setMaxInactiveIntervalInSeconds(maxInactiveIntervalInSeconds) @@ -112,6 +109,7 @@ class GateConfig extends RedisHttpSessionConfiguration { this.serviceClientProvider = serviceClientProvider } + @SuppressWarnings('GrDeprecatedAPIUsage') @Autowired GateConfig(@Value('${server.session.timeout-in-seconds:3600}') int maxInactiveIntervalInSeconds) { super.setMaxInactiveIntervalInSeconds(maxInactiveIntervalInSeconds) @@ -144,13 +142,6 @@ class GateConfig extends RedisHttpSessionConfiguration { return ConfigureRedisAction.NO_OP } - @Bean - @ConnectionPostProcessor - @ConditionalOnProperty("redis.configuration.secure") - ConfigureRedisAction connectionPostProcessorConfigureRedisAction() { - return ConfigureRedisAction.NO_OP - } - @Bean ExecutorService executorService() { Executors.newCachedThreadPool() @@ -185,118 +176,110 @@ class GateConfig extends RedisHttpSessionConfiguration { } @Bean - RequestContextProvider requestContextProvider() { - return new AuthenticatedRequestContextProvider(); + static RequestContextProvider requestContextProvider() { + return new AuthenticatedRequestContextProvider() } @Bean - OrcaServiceSelector orcaServiceSelector(OkHttpClient okHttpClient, RequestContextProvider contextProvider) { - return new OrcaServiceSelector(createClientSelector("orca", OrcaService, okHttpClient), contextProvider) + OrcaServiceSelector orcaServiceSelector(RequestContextProvider contextProvider) { + return new OrcaServiceSelector(createClientSelector("orca", OrcaService), contextProvider) } @Bean @Primary - FiatService fiatService(OkHttpClient okHttpClient) { + FiatService fiatService() { // always create the fiat service even if 'services.fiat.enabled' is 'false' (it can be enabled dynamically) - createClient "fiat", FiatService, okHttpClient, null, true + createClient "fiat", FiatService, null, true } @Bean - ExtendedFiatService extendedFiatService(OkHttpClient okHttpClient) { + ExtendedFiatService extendedFiatService() { // always create the fiat service even if 'services.fiat.enabled' is 'false' (it can be enabled dynamically) - createClient "fiat", ExtendedFiatService, okHttpClient, null, true + createClient "fiat", ExtendedFiatService, null, true } @Bean @ConditionalOnProperty("services.fiat.config.dynamic-endpoints.login") - FiatService fiatLoginService(OkHttpClient okHttpClient) { + FiatService fiatLoginService() { // always create the fiat service even if 'services.fiat.enabled' is 'false' (it can be enabled dynamically) - createClient "fiat", FiatService, okHttpClient, "login", true + createClient "fiat", FiatService, "login", true } @Bean - Front50Service front50Service(OkHttpClient okHttpClient) { - createClient "front50", Front50Service, okHttpClient + Front50Service front50Service() { + createClient "front50", Front50Service } @Bean - ClouddriverService clouddriverService(OkHttpClient okHttpClient) { - createClient "clouddriver", ClouddriverService, okHttpClient + ClouddriverService clouddriverService() { + createClient "clouddriver", ClouddriverService } - @Bean - @ConditionalOnProperty("services.keel.enabled") - KeelService keelService(OkHttpClient okHttpClient) { - createClient "keel", KeelService, okHttpClient - } + @Bean + @ConditionalOnProperty("services.keel.enabled") + KeelService keelService(OkHttpClientProvider clientProvider) { + createClient "keel", KeelService + } @Bean @ConditionalOnProperty("services.opsmx.enabled") - OpsmxOesService opsmxOesService(OkHttpClient okHttpClient) { - createClient "opsmx", OpsmxOesService, okHttpClient + OpsmxOesService opsmxOesService() { + createClient "opsmx", OpsmxOesService } @Bean @ConditionalOnProperty("services.autopilot.enabled") - OpsmxAutopilotService opsmxAutopilotService(OkHttpClient okHttpClient) { - createClient "autopilot", OpsmxAutopilotService, okHttpClient + OpsmxAutopilotService opsmxAutopilotService() { + createClient "autopilot", OpsmxAutopilotService } @Bean @ConditionalOnProperty("services.platform.enabled") - OpsmxPlatformService opsmxPlatformService(OkHttpClient okHttpClient) { - createClient "platform", OpsmxPlatformService, okHttpClient + OpsmxPlatformService opsmxPlatformService() { + createClient "platform", OpsmxPlatformService } @Bean @ConditionalOnProperty("services.dashboard.enabled") - OpsmxDashboardService opsmxDashboardService(OkHttpClient okHttpClient) { - createClient "dashboard", OpsmxDashboardService, okHttpClient + OpsmxDashboardService opsmxDashboardService() { + createClient "dashboard", OpsmxDashboardService } @Bean @ConditionalOnProperty("services.visibility.enabled") - OpsmxVisibilityService opsmxVisibilityService(OkHttpClient okHttpClient) { - createClient "visibility", OpsmxVisibilityService, okHttpClient + OpsmxVisibilityService opsmxVisibilityService() { + createClient "visibility", OpsmxVisibilityService } @Bean @ConditionalOnProperty("services.auditclient.enabled") - OpsmxAuditClientService opsmxAuditClientService(OkHttpClient okHttpClient) { - createClient "auditclient", OpsmxAuditClientService, okHttpClient + OpsmxAuditClientService opsmxAuditClientService() { + createClient "auditclient", OpsmxAuditClientService } @Bean @ConditionalOnProperty("services.auditservice.enabled") - OpsmxAuditService opsmxAuditService(OkHttpClient okHttpClient) { - createClient "auditservice", OpsmxAuditService, okHttpClient + OpsmxAuditService opsmxAuditService() { + createClient "auditservice", OpsmxAuditService } @Bean @ConditionalOnProperty("services.ssdservice.enabled") - OpsmxSsdService ops(OkHttpClient okHttpClient) { - createClient "ssdservice", OpsmxSsdService, okHttpClient + OpsmxSsdService ops() { + createClient "ssdservice", OpsmxSsdService } @Bean @ConditionalOnProperty("services.ssdopsmxservice.enabled") - OpsmxSsdOpaService ssdOpa(OkHttpClient okHttpClient) { - createClient "ssdopaservice", OpsmxSsdOpaService , okHttpClient - } - - @Bean - @ConditionalOnProperty("services.keel.enabled") - KeelService keelService(OkHttpClientProvider clientProvider, OkHttpClient okHttpClient) { - createClient "keel", KeelService, okHttpClient + OpsmxSsdOpaService ssdOpa() { + createClient "ssdopaservice", OpsmxSsdOpaService } @Bean ClouddriverServiceSelector clouddriverServiceSelector(ClouddriverService defaultClouddriverService, - OkHttpClient okHttpClient, DynamicConfigService dynamicConfigService, - DynamicRoutingConfigProperties properties, RequestContextProvider contextProvider ) { if (serviceConfiguration.getService("clouddriver").getConfig().containsKey("dynamicEndpoints")) { @@ -319,30 +302,30 @@ class GateConfig extends RedisHttpSessionConfiguration { List selectors = [] endpoints.each { sourceApp, url -> - def service = buildService(okHttpClient, ClouddriverService, newFixedEndpoint(url)) + def service = buildService("clouddriver", ClouddriverService, newFixedEndpoint(url)) selectors << new ByUserOriginSelector(service, 2, ['origin': (Object) sourceApp]) } return new ClouddriverServiceSelector( - new SelectableService(selectors + defaultSelector), dynamicConfigService, contextProvider) + new SelectableService(selectors ), dynamicConfigService, contextProvider) } - SelectableService selectableService = createClientSelector("clouddriver", ClouddriverService, okHttpClient) + SelectableService selectableService = createClientSelector("clouddriver", ClouddriverService) return new ClouddriverServiceSelector(selectableService, dynamicConfigService, contextProvider) } //---- semi-optional components: @Bean @ConditionalOnProperty('services.rosco.enabled') - RoscoService roscoService(OkHttpClient okHttpClient) { - createClient "rosco", RoscoService, okHttpClient + RoscoService roscoService() { + createClient "rosco", RoscoService } @Bean @ConditionalOnProperty('services.rosco.enabled') - RoscoServiceSelector roscoServiceSelector(OkHttpClient okHttpClient, RoscoService defaultService) { + RoscoServiceSelector roscoServiceSelector(RoscoService defaultService) { return new RoscoServiceSelector( - createClientSelector("rosco", RoscoService, okHttpClient), + createClientSelector("rosco", RoscoService), defaultService ) } @@ -350,32 +333,31 @@ class GateConfig extends RedisHttpSessionConfiguration { //---- optional backend components: @Bean @ConditionalOnProperty('services.echo.enabled') - EchoService echoService(OkHttpClient okHttpClient) { - createClient "echo", EchoService, okHttpClient + EchoService echoService() { + createClient "echo", EchoService } @Bean @ConditionalOnProperty('services.igor.enabled') - IgorService igorService(OkHttpClient okHttpClient) { - createClient "igor", IgorService, okHttpClient + IgorService igorService() { + createClient "igor", IgorService } @Bean @ConditionalOnProperty('services.mine.enabled') - MineService mineService(OkHttpClient okHttpClient) { - createClient "mine", MineService, okHttpClient + MineService mineService() { + createClient "mine", MineService } -// @Bean -// @ConditionalOnProperty("services.keel.enabled") -// KeelService keelService(OkHttpClient okHttpClient) { -// createClient "keel", KeelService, okHttpClient -// } + @Bean + @ConditionalOnProperty("services.keel.enabled") + KeelService keelService() { + createClient "keel", KeelService + } @Bean @ConditionalOnProperty('services.kayenta.enabled') - KayentaService kayentaService(OkHttpClient defaultClient, - OkHttpClientConfigurationProperties props, + KayentaService kayentaService(OkHttpClientConfigurationProperties props, OkHttp3MetricsInterceptor interceptor, @Value('${services.kayenta.externalhttps:false}') boolean kayentaExternalHttps) { if (kayentaExternalHttps) { @@ -383,21 +365,20 @@ class GateConfig extends RedisHttpSessionConfiguration { noSslCustomizationProps.keyStore = null noSslCustomizationProps.trustStore = null def okHttpClient = new OkHttp3ClientConfiguration(noSslCustomizationProps, interceptor).create().build() - createClient "kayenta", KayentaService, okHttpClient + createClient "kayenta", KayentaService } else { - createClient "kayenta", KayentaService, defaultClient + createClient "kayenta", KayentaService } } @Bean @ConditionalOnProperty('services.swabbie.enabled') - SwabbieService swabbieService(OkHttpClient okHttpClient) { - createClient("swabbie", SwabbieService, okHttpClient) + SwabbieService swabbieService() { + createClient("swabbie", SwabbieService) } private T createClient(String serviceName, Class type, - OkHttpClient okHttpClient, String dynamicName = null, boolean forceEnabled = false) { Service service = serviceConfiguration.getService(serviceName) @@ -411,30 +392,21 @@ class GateConfig extends RedisHttpSessionConfiguration { Endpoint endpoint = serviceConfiguration.getServiceEndpoint(serviceName, dynamicName) - buildService(okHttpClient, type, endpoint) + buildService(serviceName, type, endpoint) } - private T buildService(OkHttpClient client, Class type, Endpoint endpoint) { + private T buildService(String serviceName, Class type, Endpoint endpoint) { // New role providers break deserialization if this is not enabled. ObjectMapper objectMapper = new ObjectMapper() .enable(DeserializationFeature.READ_UNKNOWN_ENUM_VALUES_AS_NULL) .disable(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES) .registerModule(new JavaTimeModule()) - //serviceClientProvider.getService(type, new DefaultServiceEndpoint(serviceName, endpoint.url), objectMapper) - new RestAdapter.Builder() - .setRequestInterceptor(spinnakerRequestInterceptor) - .setEndpoint(endpoint) - .setClient(new Ok3Client(client)) - .setConverter(new JacksonConverter(objectMapper)) - .setLogLevel(RestAdapter.LogLevel.valueOf(retrofitLogLevel)) - .setLog(new Slf4jRetrofitLogger(type)) - .build() - .create(type) + serviceClientProvider.getService(type, new DefaultServiceEndpoint(serviceName, endpoint.url), objectMapper) } - private SelectableService createClientSelector(String serviceName, Class type, OkHttpClient okHttpClient) { + private SelectableService createClientSelector(String serviceName, Class type) { Service service = serviceConfiguration.getService(serviceName) if (CollectionUtils.isEmpty(service?.getBaseUrls())) { throw new IllegalArgumentException("Unknown service ${serviceName} requested of type ${type}") @@ -444,7 +416,7 @@ class GateConfig extends RedisHttpSessionConfiguration { service.getBaseUrls().collect { def selector = new DefaultServiceSelector( buildService( - okHttpClient, + serviceName, type, newFixedEndpoint(it.baseUrl)), it.priority, @@ -535,15 +507,15 @@ class GateConfig extends RedisHttpSessionConfiguration { FiatClientConfigurationProperties fiatClientConfigurationProperties) { return new FiatPermissionEvaluator(registry, fiatService, fiatClientConfigurationProperties, fiatStatus) } - @Component - static class HystrixFilter implements Filter { - @Override - void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) - throws IOException, ServletException { - HystrixRequestContext.initializeContext() - chain.doFilter(request, response) - } - void init(FilterConfig filterConfig) throws ServletException {} - void destroy() {} - } + @Bean + static MethodSecurityExpressionHandler expressionHandler( + Registry registry, + FiatService fiatService, + FiatClientConfigurationProperties configProps, + FiatStatus fiatStatus) { + var expressionHandler = new DefaultMethodSecurityExpressionHandler(); + expressionHandler.setPermissionEvaluator( + new FiatPermissionEvaluator(registry, fiatService, configProps, fiatStatus)); + return expressionHandler; + } } diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/config/GateWebConfig.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/config/GateWebConfig.groovy index 8a81ee8cb5..4fb72e131d 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/config/GateWebConfig.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/config/GateWebConfig.groovy @@ -53,8 +53,8 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurer import org.springframework.web.servlet.handler.HandlerMappingIntrospector import retrofit.RetrofitError -import javax.servlet.Filter -import javax.servlet.http.HttpServletResponse +import jakarta.servlet.Filter +import jakarta.servlet.http.HttpServletResponse @Configuration @ComponentScan diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/config/RedisSecureConfig.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/config/RedisSecureConfig.java new file mode 100644 index 0000000000..a69dd4c075 --- /dev/null +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/config/RedisSecureConfig.java @@ -0,0 +1,37 @@ +/* + * Copyright 2024 OpsMx, Inc. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package com.netflix.spinnaker.gate.config; + +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.session.data.redis.config.ConfigureRedisAction; + +@Configuration +public class RedisSecureConfig { + + /** + * Always disable the ConfigureRedisAction that Spring Boot uses internally. Instead, we use one + * qualified with @ConnectionPostProcessor. See {@link + * PostConnectionConfiguringJedisConnectionFactory, GateConfig}. + */ + @Bean + @PostConnectionConfiguringJedisConnectionFactory.ConnectionPostProcessor + @ConditionalOnProperty("redis.configuration.secure") + ConfigureRedisAction connectionPostProcessorConfigureRedisAction() { + return ConfigureRedisAction.NO_OP; + } +} diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ApplicationController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ApplicationController.groovy index 9dec875f3f..36fea5e6af 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ApplicationController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ApplicationController.groovy @@ -21,8 +21,8 @@ import com.netflix.spinnaker.gate.services.ExecutionHistoryService import com.netflix.spinnaker.gate.services.TaskService import com.netflix.spinnaker.kork.web.exceptions.NotFoundException import groovy.util.logging.Slf4j -import io.swagger.annotations.ApiOperation -import io.swagger.annotations.ApiParam +import io.swagger.v3.oas.annotations.Operation +import io.swagger.v3.oas.annotations.Parameter import org.springframework.beans.factory.annotation.Autowired import org.springframework.core.env.Environment import org.springframework.http.HttpEntity @@ -59,13 +59,13 @@ class ApplicationController { @Autowired Environment environment - @ApiOperation(value = "Retrieve a list of applications", response = List.class) + @Operation(summary = "Retrieve a list of applications") @RequestMapping(method = RequestMethod.GET) @PostFilter("hasPermission(filterObject.get('name'), 'APPLICATION', 'READ')") List> getAllApplications( - @ApiParam(name = "account", required = false, value = "filters results to only include applications deployed in the specified account") + @Parameter(name = "account", required = false, description = "filters results to only include applications deployed in the specified account") @RequestParam(value = "account", required = false) String account, - @ApiParam(name = "owner", required = false, value = "filters results to only include applications owned by the specified email") + @Parameter(name = "owner", required = false, description = "filters results to only include applications owned by the specified email") @RequestParam(value = "owner", required = false) String owner) { return applicationService.getAllApplications() .findAll { @@ -82,7 +82,7 @@ class ApplicationController { } } - @ApiOperation(value = "Retrieve an application's details", response = HashMap.class) + @Operation(summary = "Retrieve an application's details") @RequestMapping(value = "/{application:.+}", method = RequestMethod.GET) Map getApplication(@PathVariable("application") String application, @RequestParam(value = "expand", defaultValue = "true") boolean expand) { def result = applicationService.getApplication(application, expand) @@ -96,14 +96,14 @@ class ApplicationController { result } - @ApiOperation(value = "Retrieve a list of an application's configuration revision history", response = List.class) + @Operation(summary = "Retrieve a list of an application's configuration revision history") @RequestMapping(value = "/{application}/history", method = RequestMethod.GET) List getApplicationHistory(@PathVariable("application") String application, @RequestParam(value = "limit", defaultValue = "20") int limit) { return applicationService.getApplicationHistory(application, limit) } - @ApiOperation(value = "Retrieve a list of an application's tasks", response = List.class) + @Operation(summary = "Retrieve a list of an application's tasks") @RequestMapping(value = "/{application}/tasks", method = RequestMethod.GET) List getTasks(@PathVariable("application") String application, @RequestParam(value = "page", required = false) Integer page, @@ -112,7 +112,7 @@ class ApplicationController { executionHistoryService.getTasks(application, page, limit, statuses) } - @ApiOperation(value = "Retrieve a list of an application's pipeline executions", response = List.class) + @Operation(summary = "Retrieve a list of an application's pipeline executions") @RequestMapping(value = "/{application}/pipelines", method = RequestMethod.GET) List getPipelines(@PathVariable("application") String application, @RequestParam(value = "limit", required = false) Integer limit, @@ -126,20 +126,20 @@ class ApplicationController { * @deprecated There is no reason to provide an app name, use PipelineController instead for pipeline operations. */ @Deprecated - @ApiOperation(value = "Cancel pipeline", response = HashMap.class) + @Operation(summary = "Cancel pipeline") @RequestMapping(value = "/{application}/pipelines/{id}/cancel", method = RequestMethod.PUT) Map cancelPipeline(@PathVariable("id") String id, @RequestParam(required = false) String reason) { taskService.cancelPipeline(id, reason) } - @ApiOperation(value = "Retrieve a list of an application's pipeline configurations", response = List.class) + @Operation(summary = "Retrieve a list of an application's pipeline configurations") @RequestMapping(value = "/{application}/pipelineConfigs", method = RequestMethod.GET) List getPipelineConfigsForApplication(@PathVariable("application") String application) { applicationService.getPipelineConfigsForApplication(application) } - @ApiOperation(value = "Retrieve a pipeline configuration", response = HashMap.class) + @Operation(summary = "Retrieve a pipeline configuration") @RequestMapping(value = "/{application}/pipelineConfigs/{pipelineName:.+}", method = RequestMethod.GET) Map getPipelineConfig( @PathVariable("application") String application, @PathVariable("pipelineName") String pipelineName) { @@ -153,13 +153,13 @@ class ApplicationController { config } - @ApiOperation(value = "Retrieve a list of an application's pipeline strategy configurations", response = List.class) + @Operation(summary = "Retrieve a list of an application's pipeline strategy configurations") @RequestMapping(value = "/{application}/strategyConfigs", method = RequestMethod.GET) List getStrategyConfigsForApplication(@PathVariable("application") String application) { applicationService.getStrategyConfigsForApplication(application) } - @ApiOperation(value = "Retrieve a pipeline strategy configuration", response = HashMap.class) + @Operation(summary = "Retrieve a pipeline strategy configuration") @RequestMapping(value = "/{application}/strategyConfigs/{strategyName}", method = RequestMethod.GET) Map getStrategyConfig(@PathVariable("application") String application, @PathVariable("strategyName") String strategyName) { @@ -177,7 +177,7 @@ class ApplicationController { * @deprecated Use PipelineController instead for pipeline operations. */ @Deprecated - @ApiOperation(value = "Invoke pipeline config", response = HttpEntity.class) + @Operation(summary = "Invoke pipeline config") @RequestMapping(value = "/{application}/pipelineConfigs/{pipelineName:.+}", method = RequestMethod.POST) HttpEntity invokePipelineConfig(@PathVariable("application") String application, @PathVariable("pipelineName") String pipelineName, @@ -190,7 +190,7 @@ class ApplicationController { * @deprecated There is no reason to provide an app name, use TaskController instead for task operations. */ @Deprecated - @ApiOperation(value = "Get task", response = HashMap.class) + @Operation(summary = "Get task") @RequestMapping(value = "/{application}/tasks/{id}", method = RequestMethod.GET) Map getTask(@PathVariable("id") String id) { taskService.getTask(id) @@ -200,7 +200,7 @@ class ApplicationController { * @deprecated There is no reason to provide an app name, use TaskController instead for task operations. */ @Deprecated - @ApiOperation(value = "Cancel task", response = HashMap.class) + @Operation(summary = "Cancel task") @RequestMapping(value = "/{application}/tasks/{id}/cancel", method = RequestMethod.PUT) Map cancelTask(@PathVariable("id") String id) { taskService.cancelTask(id) @@ -210,7 +210,7 @@ class ApplicationController { * @deprecated There is no reason to provide an app name, use TaskController instead for task operations. */ @Deprecated - @ApiOperation(value = "Get task details", response = HashMap.class) + @Operation(summary = "Get task details") @RequestMapping(value = "/{application}/tasks/{id}/details/{taskDetailsId}", method = RequestMethod.GET) Map getTaskDetails(@PathVariable("id") String id, @PathVariable("taskDetailsId") String taskDetailsId, @@ -222,7 +222,7 @@ class ApplicationController { * @deprecated There is no reason to provide an app name, use TaskController instead for task operations. */ @Deprecated - @ApiOperation(value = "Create task", response = HashMap.class) + @Operation(summary = "Create task") @RequestMapping(value = "/{application}/tasks", method = RequestMethod.POST) Map task(@PathVariable String application, @RequestBody Map map) { taskService.createAppTask(application, map) diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ArtifactController.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ArtifactController.java index b1acc70383..c773e73f0e 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ArtifactController.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ArtifactController.java @@ -17,7 +17,7 @@ package com.netflix.spinnaker.gate.controllers; import com.netflix.spinnaker.gate.services.ArtifactService; -import io.swagger.annotations.ApiOperation; +import io.swagger.v3.oas.annotations.Operation; import java.io.InputStream; import java.util.List; import java.util.Map; @@ -38,15 +38,13 @@ public class ArtifactController { @Autowired private ArtifactService artifactService; - @ApiOperation( - value = "Retrieve the list of artifact accounts configured in Clouddriver.", - response = List.class) + @Operation(summary = "Retrieve the list of artifact accounts configured in Clouddriver.") @RequestMapping(method = RequestMethod.GET, value = "/credentials") List all(@RequestHeader(value = "X-RateLimit-App", required = false) String sourceApp) { return artifactService.getArtifactCredentials(sourceApp); } - @ApiOperation(value = "Fetch the contents of an artifact", response = StreamingResponseBody.class) + @Operation(summary = "Fetch the contents of an artifact") @RequestMapping(method = RequestMethod.PUT, value = "/fetch") StreamingResponseBody fetch( @RequestBody Map artifact, @@ -58,7 +56,7 @@ StreamingResponseBody fetch( }; } - @ApiOperation(value = "Retrieve the list of artifact names that belong to chosen account") + @Operation(summary = "Retrieve the list of artifact names that belong to chosen account") @RequestMapping(value = "/account/{accountName}/names", method = RequestMethod.GET) List artifactNames( @PathVariable String accountName, @@ -67,7 +65,7 @@ List artifactNames( return artifactService.getArtifactNames(sourceApp, accountName, type); } - @ApiOperation(value = "Retrieve the list of artifact versions by account and artifact names") + @Operation(summary = "Retrieve the list of artifact versions by account and artifact names") @RequestMapping(value = "/account/{accountName}/versions", method = RequestMethod.GET) List artifactVersions( @PathVariable String accountName, @@ -77,9 +75,9 @@ List artifactVersions( return artifactService.getArtifactVersions(sourceApp, accountName, type, artifactName); } - @ApiOperation( - value = "Retrieve the available artifact versions for an artifact provider and package name", - notes = "releaseStatus is an optional comma separated list of statuses to filter on.") + @Operation( + summary = + "Retrieve the available artifact versions for an artifact provider and package name releaseStatus is an optional comma separated list of statuses to filter on.") @RequestMapping(value = "/{provider}/{packageName}", method = RequestMethod.GET) List getVersionsOfArtifactForProvider( @PathVariable String provider, @@ -88,8 +86,8 @@ List getVersionsOfArtifactForProvider( return artifactService.getVersionsOfArtifactForProvider(provider, packageName, releaseStatus); } - @ApiOperation( - value = "Retrieve the specified artifact version for an artifact provider and package name") + @Operation( + summary = "Retrieve the specified artifact version for an artifact provider and package name") @RequestMapping(value = "/{provider}/{packageName}/{version:.+}", method = RequestMethod.GET) Map getArtifact( @PathVariable String provider, diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ArtifactoryController.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ArtifactoryController.java index cec4b780ed..5892caf307 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ArtifactoryController.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ArtifactoryController.java @@ -17,7 +17,7 @@ package com.netflix.spinnaker.gate.controllers; import com.netflix.spinnaker.gate.services.internal.IgorService; -import io.swagger.annotations.ApiOperation; +import io.swagger.v3.oas.annotations.Operation; import java.util.List; import java.util.Optional; import org.springframework.beans.factory.annotation.Autowired; @@ -36,9 +36,7 @@ public ArtifactoryController(Optional igorService) { this.igorService = igorService; } - @ApiOperation( - value = "Retrieve the list of artifactory names available to triggers", - response = List.class) + @Operation(summary = "Retrieve the list of artifactory names available to triggers") @GetMapping(value = "/names") List names() { return igorService.get().getArtifactoryNames(); diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/AuthController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/AuthController.groovy index 5ba2b09dc2..a0bae61ee8 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/AuthController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/AuthController.groovy @@ -24,7 +24,9 @@ import com.netflix.spinnaker.security.AuthenticatedRequest import com.netflix.spinnaker.security.User import com.opsmx.spinnaker.gate.model.UserInfoDetailsModel import groovy.util.logging.Slf4j -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Hidden +import io.swagger.v3.oas.annotations.Operation +import io.swagger.v3.oas.annotations.Parameter import org.springframework.beans.factory.annotation.Autowired import org.springframework.beans.factory.annotation.Value import org.springframework.security.access.prepost.PreAuthorize @@ -32,9 +34,8 @@ import org.springframework.web.bind.annotation.RequestMapping import org.springframework.web.bind.annotation.RequestMethod import org.springframework.web.bind.annotation.RequestParam import org.springframework.web.bind.annotation.RestController -import springfox.documentation.annotations.ApiIgnore -import javax.servlet.http.HttpServletResponse +import jakarta.servlet.http.HttpServletResponse import java.util.regex.Pattern @Slf4j @@ -76,9 +77,9 @@ class AuthController { } } - @ApiOperation(value = "Get user", response = User.class) + @Operation(summary = "Get user") @RequestMapping(value = "/user", method = RequestMethod.GET) - User user(@ApiIgnore @SpinnakerUser User user) { + User user(@Parameter(hidden = true) @SpinnakerUser User user) { if (!user) { return user } @@ -90,9 +91,9 @@ class AuthController { return user } - @ApiOperation(value = "Get service accounts", response = List.class) + @Operation(summary = "Get service accounts") @RequestMapping(value = "/user/serviceAccounts", method = RequestMethod.GET) - List getServiceAccounts(@ApiIgnore @SpinnakerUser User user, + List getServiceAccounts(@Parameter(hidden = true) @SpinnakerUser User user, @RequestParam(name = "application", required = false) String application) { String appName = Optional.ofNullable(application) @@ -108,7 +109,7 @@ class AuthController { return permissionService.getServiceAccountsForApplication(user, appName) } - @ApiOperation(value = "Get logged out message", response = String.class) + @Operation(summary = "Get logged out message") @RequestMapping(value = "/loggedOut", method = RequestMethod.GET) String loggedOut() { return LOGOUT_MESSAGES[r.nextInt(LOGOUT_MESSAGES.size())] @@ -118,14 +119,14 @@ class AuthController { * On-demand endpoint to sync the user roles, in case * waiting for the periodic refresh won't work. */ - @ApiOperation(value = "Sync user roles") + @Operation(summary = "Sync user roles") @RequestMapping(value = "/roles/sync", method = RequestMethod.POST) @PreAuthorize("@authController.isAdmin()") void sync() { permissionService.sync() } - @ApiOperation(value = "Redirect to Deck") + @Operation(summary = "Redirect to Deck") @RequestMapping(value = "/redirect", method = RequestMethod.GET) void redirect(HttpServletResponse response, @RequestParam String to) { log.info("to url : {}", to) @@ -169,9 +170,9 @@ class AuthController { ) } - @ApiOperation(value = "Get user Details with cloudAccounts") + @Operation(summary = "Get user Details with cloudAccounts") @RequestMapping(value = "/userInfo", method = RequestMethod.GET) - Object userInfo(@ApiIgnore @SpinnakerUser User user) { + Object userInfo(@Parameter(hidden = true) @SpinnakerUser User user) { if (opsmxOesService != null) { if (!user) { throw new Exception("UnAuthorized User") diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/AwsCodeBuildController.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/AwsCodeBuildController.java index 4217d92eb0..e5e96e59f1 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/AwsCodeBuildController.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/AwsCodeBuildController.java @@ -17,7 +17,7 @@ package com.netflix.spinnaker.gate.controllers; import com.netflix.spinnaker.gate.services.internal.IgorService; -import io.swagger.annotations.ApiOperation; +import io.swagger.v3.oas.annotations.Operation; import java.util.List; import lombok.RequiredArgsConstructor; import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; @@ -31,15 +31,13 @@ public class AwsCodeBuildController { private final IgorService igorService; - @ApiOperation(value = "Retrieve the list of AWS CodeBuild accounts", response = List.class) + @Operation(summary = "Retrieve the list of AWS CodeBuild accounts") @GetMapping(value = "/accounts") List getAccounts() { return igorService.getAwsCodeBuildAccounts(); } - @ApiOperation( - value = "Retrieve the list of AWS CodeBuild projects in the account", - response = List.class) + @Operation(summary = "Retrieve the list of AWS CodeBuild projects in the account") @GetMapping(value = "/projects/{account}") List getProjects(@PathVariable String account) { return igorService.getAwsCodeBuildProjects(account); diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/BakeController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/BakeController.groovy index 1d7aaedf83..26d5bc9202 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/BakeController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/BakeController.groovy @@ -17,7 +17,7 @@ package com.netflix.spinnaker.gate.controllers import com.netflix.spinnaker.gate.services.BakeService -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Autowired import org.springframework.http.HttpStatus import org.springframework.web.bind.annotation.ExceptionHandler @@ -35,19 +35,19 @@ class BakeController { @Autowired BakeService bakeService - @ApiOperation(value = "Retrieve a list of available bakery base images, grouped by cloud provider") + @Operation(summary = "Retrieve a list of available bakery base images, grouped by cloud provider") @RequestMapping(value = "/options", method = RequestMethod.GET) def bakeOptions() { bakeService.bakeOptions() } - @ApiOperation(value = "Retrieve a list of available bakery base images for a given cloud provider") + @Operation(summary = "Retrieve a list of available bakery base images for a given cloud provider") @RequestMapping(value = "/options/{cloudProvider}", method = RequestMethod.GET) def bakeOptions(@PathVariable("cloudProvider") String cloudProvider) { bakeService.bakeOptions(cloudProvider) } - @ApiOperation(value = "Retrieve the logs for a given bake") + @Operation(summary = "Retrieve the logs for a given bake") @RequestMapping(value = "/logs/{region}/{statusId}", method = RequestMethod.GET) def lookupLogs(@PathVariable("region") String region, @PathVariable("statusId") String statusId) { diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/BatchEntityTagsController.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/BatchEntityTagsController.java index 7b1d9dc81b..1a93364507 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/BatchEntityTagsController.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/BatchEntityTagsController.java @@ -17,7 +17,7 @@ package com.netflix.spinnaker.gate.controllers; import com.netflix.spinnaker.gate.services.TaskService; -import io.swagger.annotations.ApiOperation; +import io.swagger.v3.oas.annotations.Operation; import java.util.ArrayList; import java.util.HashMap; import java.util.List; @@ -37,7 +37,7 @@ public BatchEntityTagsController(TaskService taskService) { this.taskService = taskService; } - @ApiOperation(value = "Batch update a set of entity tags.", response = HashMap.class) + @Operation(summary = "Batch update a set of entity tags.") @RequestMapping(method = RequestMethod.POST) @ResponseStatus(value = HttpStatus.ACCEPTED) public Map batchUpdate( diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/BuildController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/BuildController.groovy index c9de7d2df7..337f520a68 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/BuildController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/BuildController.groovy @@ -21,7 +21,7 @@ package com.netflix.spinnaker.gate.controllers import com.netflix.spinnaker.gate.services.BuildService import groovy.transform.CompileStatic import groovy.util.logging.Slf4j -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Autowired import org.springframework.web.bind.annotation.PathVariable import org.springframework.web.bind.annotation.RequestMapping @@ -30,7 +30,7 @@ import org.springframework.web.bind.annotation.RequestParam import org.springframework.web.bind.annotation.RestController import org.springframework.web.servlet.HandlerMapping -import javax.servlet.http.HttpServletRequest +import jakarta.servlet.http.HttpServletRequest @Slf4j @CompileStatic @@ -46,21 +46,21 @@ class BuildController { @Autowired BuildService buildService - @ApiOperation(value = "Get build masters", notes = "Deprecated, use the v3 endpoint instead", response = List.class) + @Operation(summary = "Get build masters", description = "Deprecated, use the v3 endpoint instead") @RequestMapping(value = "v2/builds", method = RequestMethod.GET) List getBuildMasters(@RequestParam(value = "type", defaultValue = "") String type) { log.debug(DEPRECATION_NOTICE_MESSAGE) buildService.getBuildMasters(type) } - @ApiOperation(value = "Get jobs for build master", notes = "Deprecated, use the v3 endpoint instead", response = List.class) + @Operation(summary = "Get jobs for build master", description = "Deprecated, use the v3 endpoint instead") @RequestMapping(value = "/v2/builds/{buildMaster}/jobs", method = RequestMethod.GET) List getJobsForBuildMaster(@PathVariable("buildMaster") String buildMaster) { log.debug(DEPRECATION_NOTICE_MESSAGE) buildService.getJobsForBuildMaster(buildMaster) } - @ApiOperation(value = "Get job config", notes = "Deprecated, use the v3 endpoint instead", response = HashMap.class) + @Operation(summary = "Get job config", description = "Deprecated, use the v3 endpoint instead") @RequestMapping(value = "/v2/builds/{buildMaster}/jobs/**", method = RequestMethod.GET) Map getJobConfig(@PathVariable("buildMaster") String buildMaster, HttpServletRequest request) { log.debug(DEPRECATION_NOTICE_MESSAGE) @@ -68,7 +68,7 @@ class BuildController { buildService.getJobConfig(buildMaster, job) } - @ApiOperation(value = "Get builds for build master", notes = "Deprecated, use the v3 endpoint instead", response = List.class) + @Operation(summary = "Get builds for build master", description = "Deprecated, use the v3 endpoint instead") @RequestMapping(value = "/v2/builds/{buildMaster}/builds/**", method = RequestMethod.GET) List getBuilds(@PathVariable("buildMaster") String buildMaster, HttpServletRequest request) { log.debug(DEPRECATION_NOTICE_MESSAGE) @@ -76,7 +76,7 @@ class BuildController { buildService.getBuilds(buildMaster, job) } - @ApiOperation(value = "Get build for build master", notes = "Deprecated, use the v3 endpoint instead", response = HashMap.class) + @Operation(summary = "Get build for build master", description = "Deprecated, use the v3 endpoint instead") @RequestMapping(value = "/v2/builds/{buildMaster}/build/{number}/**", method = RequestMethod.GET) Map getBuild(@PathVariable("buildMaster") String buildMaster, @PathVariable("number") String number, HttpServletRequest request) { log.debug(DEPRECATION_NOTICE_MESSAGE) @@ -90,33 +90,33 @@ class BuildController { * In this version, the job name is moved from a path parameter to a required query parameter wherever its used. */ - @ApiOperation(value = "Get build masters", response = List.class) + @Operation(summary = "Get build masters") @RequestMapping(value = "v3/builds", method = RequestMethod.GET) List v3GetBuildMasters(@RequestParam(value = "type", defaultValue = "") String type) { buildService.getBuildMasters(type) } - @ApiOperation(value = "Get jobs for build master", response = List.class) + @Operation(summary = "Get jobs for build master") @RequestMapping(value = "/v3/builds/{buildMaster}/jobs", method = RequestMethod.GET) List v3GetJobsForBuildMaster(@PathVariable("buildMaster") String buildMaster) { buildService.getJobsForBuildMaster(buildMaster) } - @ApiOperation(value = "Get job config", response = HashMap.class) + @Operation(summary = "Get job config") @RequestMapping(value = "/v3/builds/{buildMaster}/job", method = RequestMethod.GET) Map v3GetJobConfig(@PathVariable("buildMaster") String buildMaster, @RequestParam(value = "job", required = true) String job) { buildService.getJobConfig(buildMaster, job) } - @ApiOperation(value = "Get builds for build master", response = List.class) + @Operation(summary = "Get builds for build master") @RequestMapping(value = "/v3/builds/{buildMaster}/builds", method = RequestMethod.GET) List v3GetBuilds(@PathVariable("buildMaster") String buildMaster, @RequestParam(value = "job", required = true) String job) { buildService.getBuilds(buildMaster, job) } - @ApiOperation(value = "Get build for build master", response = HashMap.class) + @Operation(summary = "Get build for build master") @RequestMapping(value = "/v3/builds/{buildMaster}/build/{number}", method = RequestMethod.GET) Map v3GetBuild(@PathVariable("buildMaster") String buildMaster, @PathVariable("number") String number, diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/CanaryController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/CanaryController.groovy index 4ed19ccdd8..c25a3093f6 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/CanaryController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/CanaryController.groovy @@ -16,8 +16,8 @@ package com.netflix.spinnaker.gate.controllers -import javax.servlet.http.HttpServletRequest -import javax.servlet.http.HttpServletResponse +import jakarta.servlet.http.HttpServletRequest +import jakarta.servlet.http.HttpServletResponse import com.netflix.spinnaker.gate.retrofit.UpstreamBadRequest import com.netflix.spinnaker.gate.services.CanaryService import groovy.transform.CompileStatic diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/CapabilitiesController.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/CapabilitiesController.java index e1b51b6a52..bfadb70315 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/CapabilitiesController.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/CapabilitiesController.java @@ -18,7 +18,7 @@ import com.netflix.spinnaker.gate.services.internal.EchoService; import com.netflix.spinnaker.gate.services.internal.OrcaServiceSelector; -import io.swagger.annotations.ApiOperation; +import io.swagger.v3.oas.annotations.Operation; import java.util.List; import java.util.Map; import java.util.Optional; @@ -39,21 +39,19 @@ public class CapabilitiesController { this.echoService = echoService; } - @ApiOperation(value = "Retrieve the list configured deployment monitors", response = List.class) + @Operation(summary = "Retrieve the list configured deployment monitors") @GetMapping(value = "/deploymentMonitors") List getDeploymentMonitors() { return orcaService.select().getDeploymentMonitors(); } - @ApiOperation( - value = "Retrieve the SpEL expression capabilities (e.g. registered functions, etc)", - response = Map.class) + @Operation(summary = "Retrieve the SpEL expression capabilities (e.g. registered functions, etc)") @GetMapping(value = "/expressions") Map getExpressionCapabilities() { return orcaService.select().getExpressionCapabilities(); } - @ApiOperation(value = "Retrieve the current state of the quiet period", response = Map.class) + @Operation(summary = "Retrieve the current state of the quiet period") @GetMapping(value = "/quietPeriod") Map getQuietPeriodState() { return echoService.map(EchoService::getQuietPeriodState).orElse(null); diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/CertificateController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/CertificateController.groovy index 18004f9c81..7b7e2f1f38 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/CertificateController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/CertificateController.groovy @@ -17,14 +17,9 @@ package com.netflix.spinnaker.gate.controllers import com.netflix.spinnaker.gate.services.CertificateService -import com.netflix.spinnaker.gate.services.internal.ClouddriverServiceSelector -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Autowired -import org.springframework.web.bind.annotation.PathVariable -import org.springframework.web.bind.annotation.RequestHeader -import org.springframework.web.bind.annotation.RequestMapping -import org.springframework.web.bind.annotation.RequestMethod -import org.springframework.web.bind.annotation.RestController +import org.springframework.web.bind.annotation.* @RestController @RequestMapping("/certificates") @@ -33,13 +28,13 @@ class CertificateController { @Autowired CertificateService certificateService - @ApiOperation(value = "Retrieve a list of all server certificates") + @Operation(summary = "Retrieve a list of all server certificates") @RequestMapping(method = RequestMethod.GET) List all(@RequestHeader(value = "X-RateLimit-App", required = false) String sourceApp) { certificateService.getCertificates(sourceApp) } - @ApiOperation(value = "Retrieve a list of server certificates for a given cloud provider") + @Operation(summary = "Retrieve a list of server certificates for a given cloud provider") @RequestMapping(value = "/{cloudProvider}", method = RequestMethod.GET) List allByCloudProvider(@PathVariable String cloudProvider, @RequestHeader(value = "X-RateLimit-App", required = false) String sourceApp) { diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/CleanupController.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/CleanupController.java index 3fa5a19728..d0737c6c71 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/CleanupController.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/CleanupController.java @@ -17,7 +17,7 @@ package com.netflix.spinnaker.gate.controllers; import com.netflix.spinnaker.gate.services.CleanupService; -import io.swagger.annotations.ApiOperation; +import io.swagger.v3.oas.annotations.Operation; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -35,7 +35,7 @@ public CleanupController(CleanupService cleanupService) { this.cleanupService = cleanupService; } - @ApiOperation(value = "Opt out of clean up for a marked resource.", response = Map.class) + @Operation(summary = "Opt out of clean up for a marked resource.") @RequestMapping( method = RequestMethod.GET, value = "/resources/{namespace}/{resourceId}/optOut", @@ -51,7 +51,7 @@ Map optOut(@PathVariable String namespace, @PathVariable String resourceId) { namespace, resourceId, "Resource has been opted out of automated deletion."); } - @ApiOperation(value = "Get information about a marked resource.", response = Map.class) + @Operation(summary = "Get information about a marked resource.") @RequestMapping( method = RequestMethod.GET, value = "/resources/{namespace}/{resourceId}", @@ -65,7 +65,7 @@ Map getMarkedResource(@PathVariable String namespace, @PathVariable String resou return markedResource; } - @ApiOperation(value = "Get all marked resources.", response = List.class) + @Operation(summary = "Get all marked resources.") @RequestMapping( method = RequestMethod.GET, value = "/resources/marked", @@ -74,7 +74,7 @@ List getAllMarkedResources() { return cleanupService.getMarkedList(); } - @ApiOperation(value = "Get all deleted resources.", response = List.class) + @Operation(summary = "Get all deleted resources.") @RequestMapping( method = RequestMethod.GET, value = "/resources/deleted", diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ClusterController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ClusterController.groovy index f8c3b9a426..f49628b594 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ClusterController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ClusterController.groovy @@ -20,7 +20,7 @@ import com.netflix.spinnaker.gate.services.ClusterService import com.netflix.spinnaker.gate.services.LoadBalancerService import groovy.transform.CompileStatic import groovy.transform.TypeCheckingMode -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Autowired import org.springframework.web.bind.annotation.* @@ -35,14 +35,14 @@ class ClusterController { @Autowired LoadBalancerService loadBalancerService - @ApiOperation(value = "Retrieve a list of cluster names for an application, grouped by account", response = HashMap.class) + @Operation(summary = "Retrieve a list of cluster names for an application, grouped by account") @RequestMapping(method = RequestMethod.GET) Map getClusters(@PathVariable("application") String app, @RequestHeader(value = "X-RateLimit-App", required = false) String sourceApp) { clusterService.getClusters(app, sourceApp) } - @ApiOperation(value = "Retrieve a list of clusters for an account", response = List.class) + @Operation(summary = "Retrieve a list of clusters for an account") @RequestMapping(value = "/{account}", method = RequestMethod.GET) List getClusters(@PathVariable("application") String app, @PathVariable("account") String account, @@ -50,7 +50,7 @@ class ClusterController { clusterService.getClustersForAccount(app, account, sourceApp) } - @ApiOperation(value = "Retrieve a cluster's details", response = HashMap.class) + @Operation(summary = "Retrieve a cluster's details") @RequestMapping(value = "/{account}/{clusterName:.+}", method = RequestMethod.GET) Map getClusters(@PathVariable("application") String app, @PathVariable("account") String account, @@ -59,7 +59,7 @@ class ClusterController { clusterService.getCluster(app, account, clusterName, sourceApp) } - @ApiOperation(value = "Retrieve a cluster's loadbalancers", response = List.class) + @Operation(summary = "Retrieve a cluster's loadbalancers") @RequestMapping(value = "/{account}/{clusterName}/{type}/loadBalancers", method = RequestMethod.GET) List getClusterLoadBalancers(@PathVariable String applicationName, @PathVariable String account, @@ -69,7 +69,7 @@ class ClusterController { loadBalancerService.getClusterLoadBalancers(applicationName, account, type, clusterName, sourceApp) } - @ApiOperation(value = "Retrieve a list of server groups for a cluster", response = List.class) + @Operation(summary = "Retrieve a list of server groups for a cluster") @RequestMapping(value = "/{account}/{clusterName}/serverGroups", method = RequestMethod.GET) List getServerGroups(@PathVariable("application") String app, @PathVariable("account") String account, @@ -78,7 +78,7 @@ class ClusterController { clusterService.getClusterServerGroups(app, account, clusterName, sourceApp) } - @ApiOperation(value = "Retrieve a list of scaling activities for a server group", response = List.class) + @Operation(summary = "Retrieve a list of scaling activities for a server group") @RequestMapping(value = "/{account}/{clusterName}/serverGroups/{serverGroupName}/scalingActivities", method = RequestMethod.GET) List getScalingActivities(@PathVariable("application") String app, @PathVariable("account") String account, @@ -91,7 +91,7 @@ class ClusterController { } @CompileStatic(TypeCheckingMode.SKIP) - @ApiOperation(value = "Retrieve a server group's details", response = List.class) + @Operation(summary = "Retrieve a server group's details") @RequestMapping(value = "/{account}/{clusterName}/serverGroups/{serverGroupName:.+}", method = RequestMethod.GET) List getServerGroups(@PathVariable("application") String app, @PathVariable("account") String account, @@ -104,8 +104,8 @@ class ClusterController { } } - @ApiOperation(value = "Retrieve a server group that matches a target coordinate (e.g., newest, ancestor) relative to a cluster", - notes = "`scope` is either a zone or a region", response = HashMap.class) + @Operation(summary = "Retrieve a server group that matches a target coordinate (e.g., newest, ancestor) relative to a cluster", + description = "`scope` is either a zone or a region") @RequestMapping(value = "/{account:.+}/{clusterName:.+}/{cloudProvider}/{scope}/serverGroups/target/{target:.+}", method = RequestMethod.GET) Map getTargetServerGroup(@PathVariable("application") String app, @PathVariable("account") String account, diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ConcourseController.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ConcourseController.java index fc7afcec32..476c8c6406 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ConcourseController.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ConcourseController.java @@ -18,7 +18,7 @@ import com.netflix.spinnaker.gate.services.internal.IgorService; import com.netflix.spinnaker.gate.services.internal.OrcaServiceSelector; -import io.swagger.annotations.ApiOperation; +import io.swagger.v3.oas.annotations.Operation; import java.util.List; import java.util.Optional; import lombok.RequiredArgsConstructor; @@ -32,26 +32,20 @@ public class ConcourseController { private final Optional igorService; private final OrcaServiceSelector orcaService; - @ApiOperation( - value = "Retrieve the list of team names available to triggers", - response = List.class) + @Operation(summary = "Retrieve the list of team names available to triggers") @GetMapping(value = "/{buildMaster}/teams") List teams(@PathVariable("buildMaster") String buildMaster) { return igorService.get().getConcourseTeams(buildMaster); } - @ApiOperation( - value = "Retrieve the list of pipeline names for a given team available to triggers", - response = List.class) + @Operation(summary = "Retrieve the list of pipeline names for a given team available to triggers") @GetMapping(value = "/{buildMaster}/teams/{team}/pipelines") List pipelines( @PathVariable("buildMaster") String buildMaster, @PathVariable("team") String team) { return igorService.get().getConcoursePipelines(buildMaster, team); } - @ApiOperation( - value = "Retrieve the list of job names for a given pipeline available to triggers", - response = List.class) + @Operation(summary = "Retrieve the list of job names for a given pipeline available to triggers") @GetMapping(value = "/{buildMaster}/teams/{team}/pipelines/{pipeline}/jobs") List jobs( @PathVariable("buildMaster") String buildMaster, @@ -60,10 +54,9 @@ List jobs( return igorService.get().getConcourseJobs(buildMaster, team, pipeline); } - @ApiOperation( - value = - "Retrieve the list of resource names for a given pipeline available to the Concourse stage", - response = List.class) + @Operation( + summary = + "Retrieve the list of resource names for a given pipeline available to the Concourse stage") @GetMapping(value = "/{buildMaster}/teams/{team}/pipelines/{pipeline}/resources") List resources( @PathVariable("buildMaster") String buildMaster, @@ -72,8 +65,8 @@ List resources( return igorService.get().getConcourseResources(buildMaster, team, pipeline); } - @ApiOperation( - value = + @Operation( + summary = "Inform Spinnaker of the Concourse build running connected to a particular Concourse stage execution") @PostMapping("/stage/start") void stageExecution( diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/CredentialsController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/CredentialsController.groovy index 1b7093b79b..69fb682d01 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/CredentialsController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/CredentialsController.groovy @@ -26,8 +26,8 @@ import com.netflix.spinnaker.gate.services.internal.ClouddriverService.Account import com.netflix.spinnaker.gate.services.internal.ClouddriverService.AccountDetails import com.netflix.spinnaker.kork.annotations.Alpha import com.netflix.spinnaker.security.User -import io.swagger.annotations.ApiOperation -import io.swagger.annotations.ApiParam +import io.swagger.v3.oas.annotations.Operation +import io.swagger.v3.oas.annotations.Parameter import org.springframework.beans.factory.annotation.Autowired import org.springframework.web.bind.annotation.DeleteMapping import org.springframework.web.bind.annotation.GetMapping @@ -61,7 +61,7 @@ class CredentialsController { Boolean authorized } - @ApiOperation(value = "Retrieve a list of accounts") + @Operation(summary = "Retrieve a list of accounts") @RequestMapping(method = RequestMethod.GET) List getAccounts(@SpinnakerUser User user, @RequestParam(value = "expand", required = false) boolean expand) { List allAccounts = getAccountDetailsWithAuthorizedFlag(user) @@ -83,7 +83,7 @@ class CredentialsController { return allAccounts } - @ApiOperation(value = "Retrieve an account's details") + @Operation(summary = "Retrieve an account's details") @RequestMapping(value = '/{account:.+}', method = RequestMethod.GET) AccountDetails getAccount(@SpinnakerUser User user, @PathVariable("account") String account, @RequestHeader(value = "X-RateLimit-App", required = false) String sourceApp) { @@ -91,44 +91,44 @@ class CredentialsController { } @GetMapping('/type/{accountType}') - @ApiOperation('Looks up account definitions by type.') + @Operation(summary = "Looks up account definitions by type.") @Alpha List getAccountsByType( - @ApiParam(value = 'Value of the "@type" key for accounts to search for.', example = 'kubernetes') + @Parameter(name = 'Value of the "@type" key for accounts to search for.', example = 'kubernetes') @PathVariable String accountType, - @ApiParam('Maximum number of entries to return in results. Used for pagination.') + @Parameter(name = 'Maximum number of entries to return in results. Used for pagination.') @RequestParam OptionalInt limit, - @ApiParam('Account name to start account definition listing from. Used for pagination.') + @Parameter(name = 'Account name to start account definition listing from. Used for pagination.') @RequestParam Optional startingAccountName ) { clouddriverService.getAccountDefinitionsByType(accountType, limit.isPresent() ? limit.getAsInt() : null, startingAccountName.orElse(null)) } @PostMapping - @ApiOperation('Creates a new account definition.') + @Operation(summary = "Creates a new account definition.") @Alpha ClouddriverService.AccountDefinition createAccount( - @ApiParam('Account definition body including a discriminator field named "type" with the account type.') + @Parameter(name = 'Account definition body including a discriminator field named "type" with the account type.') @RequestBody ClouddriverService.AccountDefinition accountDefinition ) { clouddriverService.createAccountDefinition(accountDefinition) } @PutMapping - @ApiOperation('Updates an existing account definition.') + @Operation(summary = "Updates an existing account definition.") @Alpha ClouddriverService.AccountDefinition updateAccount( - @ApiParam('Account definition body including a discriminator field named "type" with the account type.') + @Parameter(name = 'Account definition body including a discriminator field named "type" with the account type.') @RequestBody ClouddriverService.AccountDefinition accountDefinition ) { clouddriverService.updateAccountDefinition(accountDefinition) } @DeleteMapping('/{accountName}') - @ApiOperation('Deletes an account definition by name.') + @Operation(summary = "Deletes an account definition by name.") @Alpha void deleteAccount( - @ApiParam('Name of account definition to delete.') + @Parameter(name = 'Name of account definition to delete.') @PathVariable String accountName ) { clouddriverService.deleteAccountDefinition(accountName) diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/DataController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/DataController.groovy index e03170d671..17122a3614 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/DataController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/DataController.groovy @@ -27,8 +27,8 @@ import org.springframework.web.bind.annotation.RequestParam import org.springframework.web.bind.annotation.RestController import org.springframework.web.servlet.HandlerMapping -import javax.servlet.http.HttpServletRequest -import javax.servlet.http.HttpServletResponse +import jakarta.servlet.http.HttpServletRequest +import jakarta.servlet.http.HttpServletResponse @RestController @RequestMapping(value = "/v1/data") diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/EntityTagsController.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/EntityTagsController.java index 7c34ead17a..9306ef8bc0 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/EntityTagsController.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/EntityTagsController.java @@ -19,25 +19,14 @@ import com.netflix.frigga.Names; import com.netflix.spinnaker.gate.services.EntityTagsService; import com.netflix.spinnaker.gate.services.TaskService; -import io.swagger.annotations.ApiOperation; -import io.swagger.annotations.ApiParam; -import java.util.ArrayList; -import java.util.Collection; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import javax.servlet.http.HttpServletRequest; +import io.swagger.v3.oas.annotations.Operation; +import io.swagger.v3.oas.annotations.Parameter; +import jakarta.servlet.http.HttpServletRequest; +import java.util.*; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; import org.springframework.util.AntPathMatcher; -import org.springframework.web.bind.annotation.PathVariable; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestHeader; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestMethod; -import org.springframework.web.bind.annotation.RequestParam; -import org.springframework.web.bind.annotation.ResponseStatus; -import org.springframework.web.bind.annotation.RestController; +import org.springframework.web.bind.annotation.*; import org.springframework.web.servlet.HandlerMapping; @RestController @@ -54,8 +43,9 @@ public EntityTagsController(EntityTagsService entityTagsService, TaskService tas @RequestMapping(method = RequestMethod.GET) public Collection list( - @ApiParam( - "Any parameters to filter by, passed as individual parameters. Options are: \n cloudProvider, application, entityType, entityId, idPrefix, account, region, namespace, maxResults") + @Parameter( + name = + "Any parameters to filter by, passed as individual parameters. Options are: \n cloudProvider, application, entityType, entityId, idPrefix, account, region, namespace, maxResults") @RequestParam Map allParameters, @RequestHeader(value = "X-RateLimit-App", required = false) String sourceApp) { @@ -74,9 +64,9 @@ public Map get(HttpServletRequest request) { return entityTagsService.get(id, request.getHeader("X-RateLimit-App")); } - @ApiOperation( - value = "Deletes a subset of tags for the provided tag ID", - notes = + @Operation( + summary = "Deletes a subset of tags for the provided tag ID", + description = "multiple tags can be deleted for an entity using a comma as a separator, e.g. /tag1,tag2") @RequestMapping(value = "/{id}/{tag}", method = RequestMethod.DELETE) @ResponseStatus(value = HttpStatus.ACCEPTED) diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ExecutionsController.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ExecutionsController.java index 11089bdec2..36d67c0a1f 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ExecutionsController.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ExecutionsController.java @@ -16,8 +16,8 @@ package com.netflix.spinnaker.gate.controllers; import com.netflix.spinnaker.gate.services.internal.OrcaServiceSelector; -import io.swagger.annotations.ApiOperation; -import io.swagger.annotations.ApiParam; +import io.swagger.v3.oas.annotations.Operation; +import io.swagger.v3.oas.annotations.Parameter; import java.util.Collections; import java.util.List; import org.springframework.beans.factory.annotation.Autowired; @@ -33,33 +33,33 @@ public ExecutionsController(OrcaServiceSelector orcaServiceSelector) { this.orcaServiceSelector = orcaServiceSelector; } - @ApiOperation( - value = + @Operation( + summary = "Retrieves an ad-hoc collection of executions based on a number of user-supplied parameters. Either executionIds or pipelineConfigIds must be supplied in order to return any results. If both are supplied, an exception will be thrown.") @RequestMapping(value = "/executions", method = RequestMethod.GET) List getLatestExecutionsByConfigIds( - @ApiParam( - value = + @Parameter( + name = "A comma-separated list of pipeline configuration IDs to retrieve recent executions for. Either this OR pipelineConfigIds must be supplied, but not both.") @RequestParam(value = "pipelineConfigIds", required = false) String pipelineConfigIds, - @ApiParam( - value = + @Parameter( + name = "A comma-separated list of executions to retrieve. Either this OR pipelineConfigIds must be supplied, but not both.") @RequestParam(value = "executionIds", required = false) String executionIds, - @ApiParam( - value = + @Parameter( + name = "The number of executions to return per pipeline configuration. Ignored if executionIds parameter is supplied. If this value is missing, it is defaulted to 1.") @RequestParam(value = "limit", required = false) Integer limit, - @ApiParam( - value = + @Parameter( + name = "A comma-separated list of execution statuses to filter by. Ignored if executionIds parameter is supplied. If this value is missing, it is defaulted to all statuses.") @RequestParam(value = "statuses", required = false) String statuses, - @ApiParam( - value = + @Parameter( + name = "Expands each execution object in the resulting list. If this value is missing, it is defaulted to true.") @RequestParam(value = "expand", defaultValue = "true") boolean expand) { @@ -67,40 +67,38 @@ List getLatestExecutionsByConfigIds( && (pipelineConfigIds == null || pipelineConfigIds.trim().isEmpty())) { return Collections.emptyList(); } - return orcaServiceSelector .select() .getSubsetOfExecutions(pipelineConfigIds, executionIds, limit, statuses, expand); } - @ApiOperation( - value = + @Operation( + summary = "Search for pipeline executions using a combination of criteria. The returned list is sorted by buildTime (trigger time) in reverse order so that newer executions are first in the list.") @RequestMapping( value = "/applications/{application}/executions/search", method = RequestMethod.GET) List searchForPipelineExecutionsByTrigger( - @ApiParam( - value = + @Parameter( + name = "Only includes executions that are part of this application. If this value is \"*\", results will include executions of all applications.", required = true) @PathVariable(value = "application") String application, - @ApiParam( - value = + @Parameter( + name = "Only includes executions that were triggered by a trigger with a type that is equal to a type provided in this field. The list of trigger types should be a comma-delimited string. If this value is missing, results will includes executions of all trigger types.") @RequestParam(value = "triggerTypes", required = false) String triggerTypes, - @ApiParam(value = "Only includes executions that with this pipeline name.") + @Parameter(name = "Only includes executions that with this pipeline name.") @RequestParam(value = "pipelineName", required = false) String pipelineName, - @ApiParam( - value = - "Only includes executions that were triggered by a trigger with this eventId.") + @Parameter( + name = "Only includes executions that were triggered by a trigger with this eventId.") @RequestParam(value = "eventId", required = false) String eventId, - @ApiParam( - value = + @Parameter( + name = "Only includes executions that were triggered by a trigger that matches the subset of fields provided by this value. This value should be a base64-encoded string of a JSON representation of a trigger object. The comparison succeeds if the execution trigger contains all the fields of the input trigger, the fields are of the same type, and each value of the field \"matches\". The term \"matches\" is specific for each field's type:\n" + "- For Strings: A String value in the execution's trigger matches the input trigger's String value if the former equals the latter (case-insensitive) OR if the former matches the latter as a regular expression.\n" + "- For Maps: A Map value in the execution's trigger matches the input trigger's Map value if the former contains all keys of the latter and their values match.\n" @@ -108,40 +106,40 @@ List searchForPipelineExecutionsByTrigger( + "- Every other value is compared using the Java \"equals\" method (Groovy \"==\" operator)") @RequestParam(value = "trigger", required = false) String trigger, - @ApiParam( - value = + @Parameter( + name = "Only includes executions that were built at or after the given time, represented as a Unix timestamp in ms (UTC). This value must be >= 0 and <= the value of [triggerTimeEndBoundary], if provided. If this value is missing, it is defaulted to 0.") @RequestParam(value = "triggerTimeStartBoundary", defaultValue = "0") long triggerTimeStartBoundary, - @ApiParam( - value = + @Parameter( + name = "Only includes executions that were built at or before the given time, represented as a Unix timestamp in ms (UTC). This value must be <= 9223372036854775807 (Long.MAX_VALUE) and >= the value of [triggerTimeStartBoundary], if provided. If this value is missing, it is defaulted to 9223372036854775807.") @RequestParam( value = "triggerTimeEndBoundary", defaultValue = "9223372036854775807" /* Long.MAX_VALUE */) long triggerTimeEndBoundary, - @ApiParam( - value = + @Parameter( + name = "Only includes executions with a status that is equal to a status provided in this field. The list of statuses should be given as a comma-delimited string. If this value is missing, includes executions of all statuses. Allowed statuses are: NOT_STARTED, RUNNING, PAUSED, SUSPENDED, SUCCEEDED, FAILED_CONTINUE, TERMINAL, CANCELED, REDIRECT, STOPPED, SKIPPED, BUFFERED.") @RequestParam(value = "statuses", required = false) String statuses, - @ApiParam( - value = + @Parameter( + name = "Sets the first item of the resulting list for pagination. The list is 0-indexed. This value must be >= 0. If this value is missing, it is defaulted to 0.") @RequestParam(value = "startIndex", defaultValue = "0") int startIndex, - @ApiParam( - value = + @Parameter( + name = "Sets the size of the resulting list for pagination. This value must be > 0. If this value is missing, it is defaulted to 10.") @RequestParam(value = "size", defaultValue = "10") int size, - @ApiParam( - value = + @Parameter( + name = "Reverses the resulting list before it is paginated. If this value is missing, it is defaulted to false.") @RequestParam(value = "reverse", defaultValue = "false") boolean reverse, - @ApiParam( - value = + @Parameter( + name = "Expands each execution object in the resulting list. If this value is missing, it is defaulted to false.") @RequestParam(value = "expand", defaultValue = "false") boolean expand) { diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/FirewallController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/FirewallController.groovy index 317b98dd0e..39843efcba 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/FirewallController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/FirewallController.groovy @@ -18,7 +18,7 @@ package com.netflix.spinnaker.gate.controllers import com.netflix.spinnaker.gate.services.SecurityGroupService import com.netflix.spinnaker.kork.web.exceptions.NotFoundException -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Autowired import org.springframework.web.bind.annotation.* @@ -29,7 +29,7 @@ class FirewallController { @Autowired SecurityGroupService securityGroupService - @ApiOperation(value = "Retrieve a list of firewalls, grouped by account, cloud provider, and region") + @Operation(summary = "Retrieve a list of firewalls, grouped by account, cloud provider, and region") @RequestMapping(method = RequestMethod.GET) Map all(@RequestParam(value = "id", required = false) String id, @RequestHeader(value = "X-RateLimit-App", required = false) String sourceApp) { @@ -45,7 +45,7 @@ class FirewallController { } } - @ApiOperation(value = "Retrieve a list of firewalls for a given account, grouped by region") + @Operation(summary = "Retrieve a list of firewalls for a given account, grouped by region") @RequestMapping(value = "/{account}", method = RequestMethod.GET) Map allByAccount( @PathVariable String account, @@ -54,7 +54,7 @@ class FirewallController { securityGroupService.getForAccountAndProvider(account, provider, sourceApp) } - @ApiOperation(value = "Retrieve a list of firewalls for a given account and region") + @Operation(summary = "Retrieve a list of firewalls for a given account and region") @RequestMapping(value = "/{account}/{region}", method = RequestMethod.GET) List allByAccountAndRegion( @PathVariable String account, @@ -64,7 +64,7 @@ class FirewallController { securityGroupService.getForAccountAndProviderAndRegion(account, provider, region, sourceApp) } - @ApiOperation(value = "Retrieve a firewall's details") + @Operation(summary = "Retrieve a firewall's details") @RequestMapping(value = "/{account}/{region}/{name:.+}", method = RequestMethod.GET) Map getSecurityGroup( @PathVariable String account, diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/GoogleCloudBuildController.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/GoogleCloudBuildController.java index 9f33a2d23b..1e98923468 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/GoogleCloudBuildController.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/GoogleCloudBuildController.java @@ -19,7 +19,7 @@ import com.netflix.spinnaker.gate.services.BuildService; import com.netflix.spinnaker.gate.services.internal.GoogleCloudBuildTrigger; import com.netflix.spinnaker.gate.services.internal.IgorService; -import io.swagger.annotations.ApiOperation; +import io.swagger.v3.oas.annotations.Operation; import java.util.List; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; @@ -41,15 +41,13 @@ public GoogleCloudBuildController(IgorService igorService, BuildService buildSer this.buildService = buildService; } - @ApiOperation(value = "Retrieve the list of Google Cloud Build accounts", response = List.class) + @Operation(summary = "Retrieve the list of Google Cloud Build accounts") @GetMapping(value = "/accounts") List getAccounts() { return igorService.getGoogleCloudBuildAccounts(); } - @ApiOperation( - value = "Retrieve the list of Google Cloud Build triggers for a given account", - response = List.class) + @Operation(summary = "Retrieve the list of Google Cloud Build triggers for a given account") @GetMapping(value = "/triggers/{account}") List getGoogleCloudBuildTriggers( @PathVariable("account") String account) { diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/HistoryController.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/HistoryController.java index bfd7ba5d18..34da9882c8 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/HistoryController.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/HistoryController.java @@ -2,7 +2,7 @@ import com.netflix.spinnaker.gate.services.internal.KeelService; import groovy.util.logging.Slf4j; -import io.swagger.annotations.ApiOperation; +import io.swagger.v3.oas.annotations.Operation; import java.util.List; import java.util.Map; import org.slf4j.Logger; @@ -29,7 +29,7 @@ public HistoryController(KeelService keelService) { this.keelService = keelService; } - @ApiOperation(value = "Get history for a resource", response = List.class) + @Operation(summary = "Get history for a resource") @RequestMapping(value = "/{name}", method = RequestMethod.GET) List> getHistory( @PathVariable("name") String name, diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ImageController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ImageController.groovy index 0fea979983..fcd6398303 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ImageController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ImageController.groovy @@ -18,11 +18,11 @@ package com.netflix.spinnaker.gate.controllers import com.netflix.spinnaker.gate.services.ImageService -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Autowired import org.springframework.web.bind.annotation.* -import javax.servlet.http.HttpServletRequest +import jakarta.servlet.http.HttpServletRequest @RequestMapping("/images") @RestController @@ -30,7 +30,7 @@ class ImageController { @Autowired ImageService imageService - @ApiOperation(value = "Get image details", response = List.class) + @Operation(summary = "Get image details") @RequestMapping(value = "/{account}/{region}/{imageId:.+}", method = RequestMethod.GET) List getImageDetails(@PathVariable(value = "account") String account, @PathVariable(value = "region") String region, @@ -40,9 +40,8 @@ class ImageController { imageService.getForAccountAndRegion(provider, account, region, imageId, sourceApp) } - @ApiOperation(value = "Retrieve a list of images, filtered by cloud provider, region, and account", - notes = "The query parameter `q` filters the list of images by image name", - response = List.class) + @Operation(summary = "Retrieve a list of images, filtered by cloud provider, region, and account", + description = "The query parameter `q` filters the list of images by image name") @RequestMapping(value = "/find", method = RequestMethod.GET) List findImages(@RequestParam(value = "provider", defaultValue = "aws", required = false) String provider, @RequestParam(value = "q", required = false) String query, @@ -58,7 +57,7 @@ class ImageController { imageService.search(provider, query, region, account, count, additionalFilters, httpServletRequest.getHeader("X-RateLimit-Header")) } - @ApiOperation(value = "Find tags", response = List.class) + @Operation(summary = "Find tags") @RequestMapping(value = "/tags", method = RequestMethod.GET) List findTags(@RequestParam(value = "provider", defaultValue = "aws", required = false) String provider, @RequestParam(value = "account", required = true) String account, diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/InstanceController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/InstanceController.groovy index 823e17cc6d..a0eac139a1 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/InstanceController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/InstanceController.groovy @@ -19,7 +19,7 @@ package com.netflix.spinnaker.gate.controllers import com.netflix.spinnaker.gate.services.InstanceService import groovy.transform.CompileStatic -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Autowired import org.springframework.web.bind.annotation.PathVariable import org.springframework.web.bind.annotation.RequestHeader @@ -35,7 +35,7 @@ class InstanceController { @Autowired InstanceService instanceService - @ApiOperation(value = "Retrieve an instance's details") + @Operation(summary = "Retrieve an instance's details") @RequestMapping(value = "/{account}/{region}/{instanceId:.+}", method = RequestMethod.GET) Map getInstanceDetails(@PathVariable(value = "account") String account, @PathVariable(value = "region") String region, @@ -44,7 +44,7 @@ class InstanceController { instanceService.getForAccountAndRegion(account, region, instanceId, sourceApp) } - @ApiOperation(value = "Retrieve an instance's console output") + @Operation(summary = "Retrieve an instance's console output") @RequestMapping(value = "/{account}/{region}/{instanceId}/console", method = RequestMethod.GET) Map getConsoleOutput(@PathVariable(value = "account") String account, @PathVariable(value = "region") String region, diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/JobController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/JobController.groovy index c4a080cc22..c7d84137ee 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/JobController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/JobController.groovy @@ -19,7 +19,7 @@ package com.netflix.spinnaker.gate.controllers import com.netflix.spinnaker.gate.services.JobService import groovy.transform.CompileStatic -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Autowired import org.springframework.web.bind.annotation.* @@ -29,7 +29,7 @@ class JobController { @Autowired JobService jobService - @ApiOperation(value = "Get job", response = HashMap.class) + @Operation(summary = "Get job") @RequestMapping(value = "/applications/{applicationName}/jobs/{account}/{region}/{name}", method = RequestMethod.GET) Map getJob(@PathVariable String applicationName, @PathVariable String account, @PathVariable String region, @@ -39,7 +39,7 @@ class JobController { jobService.getForApplicationAndAccountAndRegion(applicationName, account, region, name, sourceApp) } - @ApiOperation(value = "Retrieve a list of preconfigured jobs in Orca") + @Operation(summary = "Retrieve a list of preconfigured jobs in Orca") @RequestMapping(value = "/jobs/preconfigured", method = RequestMethod.GET) List preconfiguredWebhooks() { jobService.getPreconfiguredJobs() diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/LoadBalancerController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/LoadBalancerController.groovy index 727e23454f..5b068ad09a 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/LoadBalancerController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/LoadBalancerController.groovy @@ -18,7 +18,7 @@ package com.netflix.spinnaker.gate.controllers import com.netflix.spinnaker.gate.services.LoadBalancerService import groovy.transform.CompileStatic -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Autowired import org.springframework.web.bind.annotation.* @@ -29,14 +29,14 @@ class LoadBalancerController { @Autowired LoadBalancerService loadBalancerService - @ApiOperation(value = "Retrieve a list of load balancers for a given cloud provider", response = List.class) + @Operation(summary = "Retrieve a list of load balancers for a given cloud provider") @RequestMapping(value = '/loadBalancers', method = RequestMethod.GET) List getAll(@RequestParam(value = "provider", defaultValue = "aws", required = false) String provider, @RequestHeader(value = "X-RateLimit-App", required = false) String sourceApp) { loadBalancerService.getAll(provider, sourceApp) } - @ApiOperation(value = "Retrieve a load balancer for a given cloud provider", response = HashMap.class) + @Operation(summary = "Retrieve a load balancer for a given cloud provider") @RequestMapping(value = "/loadBalancers/{name:.+}", method = RequestMethod.GET) Map getLoadBalancer(@PathVariable String name, @RequestParam(value = "provider", defaultValue = "aws", required = false) String provider, @@ -44,19 +44,17 @@ class LoadBalancerController { loadBalancerService.get(name, sourceApp, provider) } - @ApiOperation(value = "Retrieve a load balancer's details as a single element list for a given account, region, cloud provider and load balancer name", - response = List.class) + @Operation(summary = "Retrieve a load balancer's details as a single element list for a given account, region, cloud provider and load balancer name") @RequestMapping(value = "/loadBalancers/{account}/{region}/{name:.+}", method = RequestMethod.GET) List getLoadBalancerDetails(@PathVariable String account, @PathVariable String region, @PathVariable String name, @RequestParam(value = "provider", defaultValue = "aws", required = false) String provider, @RequestHeader(value = "X-RateLimit-App", required = false) String sourceApp) { - loadBalancerService.getDetailsForAccountAndRegion(account, region, name, sourceApp, provider) + loadBalancerService.getDetailsForAccountAndRegion(account, region, name, sourceApp, provider) as List } - @ApiOperation(value = "Retrieve a list of load balancers for a given application", - response = List.class) + @Operation(summary = "Retrieve a list of load balancers for a given application") @RequestMapping(value = '/applications/{application}/loadBalancers', method = RequestMethod.GET) List getApplicationLoadBalancers(@PathVariable String application, @RequestHeader(value = "X-RateLimit-App", required = false) String sourceApp) { diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ManagedController.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ManagedController.java index bd43971857..a7eaaceba5 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ManagedController.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ManagedController.java @@ -18,7 +18,7 @@ import groovy.util.logging.Slf4j; import io.github.resilience4j.retry.RetryConfig; import io.github.resilience4j.retry.RetryRegistry; -import io.swagger.annotations.ApiOperation; +import io.swagger.v3.oas.annotations.Operation; import java.io.IOException; import java.nio.charset.StandardCharsets; import java.time.Duration; @@ -95,7 +95,7 @@ private void configureRetry() { .build()); } - @ApiOperation(value = "Post a graphql request", response = Map.class) + @Operation(summary = "Post a graphql request") @PostMapping( path = "/graphql", consumes = {APPLICATION_JSON_VALUE}, @@ -104,19 +104,19 @@ Map graphql(@RequestBody GraphQLRequest query) { return keelService.graphql(query); } - @ApiOperation(value = "Get a resource", response = Resource.class) + @Operation(summary = "Get a resource") @GetMapping(path = "/resources/{resourceId}") Resource getResource(@PathVariable("resourceId") String resourceId) { return keelService.getResource(resourceId); } - @ApiOperation(value = "Get a resource", response = Resource.class) + @Operation(summary = "Get a resource") @GetMapping(path = "/resources/{resourceId}.yml", produces = APPLICATION_YAML_VALUE) Resource getResourceYaml(@PathVariable("resourceId") String resourceId) { return keelService.getResourceYaml(resourceId); } - @ApiOperation(value = "Get status of a resource", response = Map.class) + @Operation(summary = "Get status of a resource") @GetMapping(path = "/resources/{resourceId}/status") Map getResourceStatus(@PathVariable("resourceId") String resourceId) { Map status = new HashMap<>(); @@ -124,7 +124,7 @@ Map getResourceStatus(@PathVariable("resourceId") String resourceId) { return status; } - @ApiOperation(value = "Ad-hoc validate and diff a resource", response = Map.class) + @Operation(summary = "Ad-hoc validate and diff a resource") @PostMapping( path = "/resources/diff", consumes = {APPLICATION_JSON_VALUE, APPLICATION_YAML_VALUE}, @@ -133,21 +133,19 @@ Map diffResource(@RequestBody Resource resource) { return keelService.diffResource(resource); } - @ApiOperation(value = "Pause management of a resource") + @Operation(summary = "Pause management of a resource") @PostMapping(path = "/resources/{resourceId}/pause") void pauseResource(@PathVariable("resourceId") String resourceId) { keelService.pauseResource(resourceId, Collections.emptyMap()); } - @ApiOperation(value = "Resume management of a resource") + @Operation(summary = "Resume management of a resource") @DeleteMapping(path = "/resources/{resourceId}/pause") void resumeResource(@PathVariable("resourceId") String resourceId) { keelService.resumeResource(resourceId); } - @ApiOperation( - value = "Generate a keel resource definition for a deployed cloud resource", - response = Resource.class) + @Operation(summary = "Generate a keel resource definition for a deployed cloud resource") @GetMapping(path = "/resources/export/{cloudProvider}/{account}/{type}/{name}") ResponseEntity exportResource( @PathVariable("cloudProvider") String cloudProvider, @@ -160,9 +158,8 @@ ResponseEntity exportResource( return new ResponseEntity<>(resource, yamlResponseHeaders, HttpStatus.OK); } - @ApiOperation( - value = "Generates an artifact definition based on the artifact used in a running cluster", - response = Map.class) + @Operation( + summary = "Generates an artifact definition based on the artifact used in a running cluster") @GetMapping(path = "/resources/export/artifact/{cloudProvider}/{account}/{clusterName}") ResponseEntity exportResource( @PathVariable("cloudProvider") String cloudProvider, @@ -172,30 +169,26 @@ ResponseEntity exportResource( return new ResponseEntity<>(artifact, yamlResponseHeaders, HttpStatus.OK); } - @ApiOperation(value = "Get a delivery config manifest", response = DeliveryConfig.class) + @Operation(summary = "Get a delivery config manifest") @GetMapping(path = "/delivery-configs/{name}") DeliveryConfig getManifest(@PathVariable("name") String name) { return keelService.getManifest(name); } - @ApiOperation(value = "Get a delivery config manifest", response = DeliveryConfig.class) + @Operation(summary = "Get a delivery config manifest") @GetMapping(path = "/delivery-configs/{name}.yml", produces = APPLICATION_YAML_VALUE) DeliveryConfig getManifestYaml(@PathVariable("name") String name) { return keelService.getManifestYaml(name); } - @ApiOperation( - value = "Get the status of each version of each artifact in each environment", - response = List.class) + @Operation(summary = "Get the status of each version of each artifact in each environment") @GetMapping(path = "/delivery-configs/{name}/artifacts") List> getManifestArtifacts(@PathVariable("name") String name) { return keelService.getManifestArtifacts(name); } @SneakyThrows - @ApiOperation( - value = "Create or update a delivery config manifest", - response = DeliveryConfig.class) + @Operation(summary = "Create or update a delivery config manifest") @PostMapping( path = "/delivery-configs", consumes = {APPLICATION_JSON_VALUE, APPLICATION_YAML_VALUE}, @@ -206,13 +199,13 @@ DeliveryConfig upsertManifest(@RequestBody DeliveryConfig manifest) { .executeCallable(() -> keelService.upsertManifest(manifest)); } - @ApiOperation(value = "Delete a delivery config manifest", response = DeliveryConfig.class) + @Operation(summary = "Delete a delivery config manifest") @DeleteMapping(path = "/delivery-configs/{name}") DeliveryConfig deleteManifest(@PathVariable("name") String name) { return keelService.deleteManifest(name); } - @ApiOperation(value = "Validate a delivery config manifest", response = Map.class) + @Operation(summary = "Validate a delivery config manifest") @PostMapping( path = "/delivery-configs/validate", consumes = {APPLICATION_JSON_VALUE, APPLICATION_YAML_VALUE}, @@ -235,7 +228,7 @@ ResponseEntity validateManifest(@RequestBody DeliveryConfig manifest) { } } - @ApiOperation(value = "Ad-hoc validate and diff a config manifest", response = Map.class) + @Operation(summary = "Ad-hoc validate and diff a config manifest") @PostMapping( path = "/delivery-configs/diff", consumes = {APPLICATION_JSON_VALUE, APPLICATION_YAML_VALUE}, @@ -244,7 +237,7 @@ List diffManifest(@RequestBody DeliveryConfig manifest) { return keelService.diffManifest(manifest); } - @ApiOperation(value = "Ad-hoc validate and diff a config manifest", response = Map.class) + @Operation(summary = "Ad-hoc validate and diff a config manifest") @GetMapping( path = "/delivery-configs/schema", produces = {APPLICATION_JSON_VALUE, APPLICATION_YAML_VALUE}) @@ -252,9 +245,7 @@ Map schema() { return keelService.schema(); } - @ApiOperation( - value = "List up-to {limit} current constraint states for an environment", - response = ConstraintState.class) + @Operation(summary = "List up-to {limit} current constraint states for an environment") @GetMapping(path = "/application/{application}/environment/{environment}/constraints") List getConstraintState( @PathVariable("application") String application, @@ -263,23 +254,19 @@ List getConstraintState( return keelService.getConstraintState(application, environment, Integer.valueOf(limit)); } - @ApiOperation( - value = "Get the delivery config associated with an application", - response = DeliveryConfig.class) + @Operation(summary = "Get the delivery config associated with an application") @GetMapping(path = "/application/{application}/config") DeliveryConfig getConfigBy(@PathVariable("application") String application) { return keelService.getConfigBy(application); } - @ApiOperation( - value = "Delete a delivery config manifest for an application", - response = DeliveryConfig.class) + @Operation(summary = "Delete a delivery config manifest for an application") @DeleteMapping(path = "/application/{application}/config") DeliveryConfig deleteManifestByApp(@PathVariable("application") String application) { return keelService.deleteManifestByAppName(application); } - @ApiOperation(value = "Update the status of an environment constraint") + @Operation(summary = "Update the status of an environment constraint") @PostMapping(path = "/application/{application}/environment/{environment}/constraint") void updateConstraintStatus( @PathVariable("application") String application, @@ -288,7 +275,7 @@ void updateConstraintStatus( keelService.updateConstraintStatus(application, environment, status); } - @ApiOperation(value = "Get managed details about an application", response = Map.class) + @Operation(summary = "Get managed details about an application") @GetMapping(path = "/application/{application}") Map getApplicationDetails( @PathVariable("application") String application, @@ -301,27 +288,27 @@ Map getApplicationDetails( application, includeDetails, entities, maxArtifactVersions); } - @ApiOperation(value = "Pause management of an entire application") + @Operation(summary = "Pause management of an entire application") @PostMapping(path = "/application/{application}/pause") void pauseApplication(@PathVariable("application") String application) { keelService.pauseApplication(application, Collections.emptyMap()); } - @ApiOperation(value = "Resume management of an entire application") + @Operation(summary = "Resume management of an entire application") @DeleteMapping(path = "/application/{application}/pause") void resumeApplication(@PathVariable("application") String application) { keelService.resumeApplication(application); } - @ApiOperation(value = "Create a pin for an artifact in an environment") + @Operation(summary = "Create a pin for an artifact in an environment") @PostMapping(path = "/application/{application}/pin") void createPin( @PathVariable("application") String application, @RequestBody EnvironmentArtifactPin pin) { keelService.pin(application, pin); } - @ApiOperation( - value = + @Operation( + summary = "Unpin one or more artifact(s) in an environment. If the `reference` parameter is specified, only " + "the corresponding artifact will be unpinned. If it's omitted, all pinned artifacts in the environment will be " + "unpinned.") @@ -333,14 +320,14 @@ void deletePin( keelService.deletePinForEnvironment(application, targetEnvironment, reference); } - @ApiOperation(value = "Veto an artifact version in an environment") + @Operation(summary = "Veto an artifact version in an environment") @PostMapping(path = "/application/{application}/veto") void veto( @PathVariable("application") String application, @RequestBody EnvironmentArtifactVeto veto) { keelService.veto(application, veto); } - @ApiOperation(value = "Remove veto of an artifact version in an environment") + @Operation(summary = "Remove veto of an artifact version in an environment") @DeleteMapping(path = "/application/{application}/veto/{targetEnvironment}/{reference}/{version}") void deleteVeto( @PathVariable("application") String application, @@ -350,21 +337,21 @@ void deleteVeto( keelService.deleteVeto(application, targetEnvironment, reference, version); } - @ApiOperation(value = "Veto an artifact version in an environment") + @Operation(summary = "Veto an artifact version in an environment") @PostMapping(path = "/application/{application}/mark/bad") void markBad( @PathVariable("application") String application, @RequestBody EnvironmentArtifactVeto veto) { keelService.markBad(application, veto); } - @ApiOperation(value = "Delete veto of an artifact version in an environment") + @Operation(summary = "Delete veto of an artifact version in an environment") @PostMapping(path = "/application/{application}/mark/good") void markGood( @PathVariable("application") String application, @RequestBody EnvironmentArtifactVeto veto) { keelService.markGood(application, veto); } - @ApiOperation(value = "Override the status of a verification") + @Operation(summary = "Override the status of a verification") @PostMapping(path = "/{application}/environment/{environment}/verifications") void overrideVerification( @PathVariable("application") String application, @@ -373,7 +360,7 @@ void overrideVerification( keelService.overrideVerification(application, environment, payload); } - @ApiOperation(value = "Retry a verification") + @Operation(summary = "Retry a verification") @PostMapping(path = "/{application}/environment/{environment}/verifications/retry") void retryVerification( @PathVariable("application") String application, @@ -392,7 +379,7 @@ ResponseEntity processNotificationCallback( return notificationService.processNotificationCallback(source, request, "keel"); } - @ApiOperation(value = "Get a report of application onboarding") + @Operation(summary = "Get a report of application onboarding") @GetMapping(path = "/reports/onboarding") ResponseEntity getOnboardingReport( @RequestHeader(value = "Accept", defaultValue = "text/html") String accept, @@ -414,7 +401,7 @@ ResponseEntity getOnboardingReport( return response; } - @ApiOperation(value = "Get a report of Managed Delivery adoption") + @Operation(summary = "Get a report of Managed Delivery adoption") @GetMapping(path = "/reports/adoption", produces = "text/html") ResponseEntity getAdoptionReport(@RequestParam Map params) throws IOException { @@ -424,7 +411,7 @@ ResponseEntity getAdoptionReport(@RequestParam Map param .body(keelResponse.getBody().in().readAllBytes()); } - @ApiOperation(value = "Get current environment details") + @Operation(summary = "Get current environment details") @GetMapping(path = "/environments/{application}", produces = MediaType.APPLICATION_JSON_VALUE) List> getEnvironments(@PathVariable String application) { return keelService.getEnvironments(application); diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/NetworkController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/NetworkController.groovy index 9f97724937..8319e7e7eb 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/NetworkController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/NetworkController.groovy @@ -17,7 +17,7 @@ package com.netflix.spinnaker.gate.controllers import com.netflix.spinnaker.gate.services.NetworkService -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Autowired import org.springframework.web.bind.annotation.PathVariable import org.springframework.web.bind.annotation.RequestHeader @@ -32,13 +32,13 @@ class NetworkController { @Autowired NetworkService networkService - @ApiOperation(value = "Retrieve a list of networks, grouped by cloud provider", response = HashMap.class) + @Operation(summary = "Retrieve a list of networks, grouped by cloud provider") @RequestMapping(method = RequestMethod.GET) Map all(@RequestHeader(value = "X-RateLimit-App", required = false) String sourceApp) { networkService.getNetworks(sourceApp) } - @ApiOperation(value = "Retrieve a list of networks for a given cloud provider", response = List.class) + @Operation(summary = "Retrieve a list of networks for a given cloud provider") @RequestMapping(value = "/{cloudProvider}", method = RequestMethod.GET) List allByCloudProvider(@PathVariable String cloudProvider, @RequestHeader(value = "X-RateLimit-App", required = false) String sourceApp) { diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/NexusController.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/NexusController.java index 28e242e16e..3d6bab5e61 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/NexusController.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/NexusController.java @@ -17,7 +17,7 @@ package com.netflix.spinnaker.gate.controllers; import com.netflix.spinnaker.gate.services.internal.IgorService; -import io.swagger.annotations.ApiOperation; +import io.swagger.v3.oas.annotations.Operation; import java.util.List; import java.util.Optional; import org.springframework.beans.factory.annotation.Autowired; @@ -36,9 +36,7 @@ public NexusController(Optional igorService) { this.igorService = igorService; } - @ApiOperation( - value = "Retrieve the list of nexus names available to triggers", - response = List.class) + @Operation(summary = "Retrieve the list of nexus names available to triggers") @GetMapping(value = "/names") List names() { return igorService.get().getNexusNames(); diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxAuthController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxAuthController.groovy index f960cf7e33..46bce7cd57 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxAuthController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxAuthController.groovy @@ -17,21 +17,21 @@ package com.netflix.spinnaker.gate.controllers import groovy.util.logging.Slf4j -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.apache.commons.lang3.exception.ExceptionUtils import org.springframework.web.bind.annotation.RequestMapping import org.springframework.web.bind.annotation.RequestMethod import org.springframework.web.bind.annotation.RequestParam import org.springframework.web.bind.annotation.RestController -import javax.servlet.http.HttpServletResponse +import jakarta.servlet.http.HttpServletResponse @Slf4j @RestController @RequestMapping("/auth") class OpsmxAuthController { - @ApiOperation(value = "Redirect to Deck") + @Operation(summary = "Redirect to Deck") @RequestMapping(value = "/redirectauto", method = RequestMethod.GET) void redirectAuto(HttpServletResponse response, @RequestParam String to) { log.info("to url : {}", to) diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxAutopilotController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxAutopilotController.groovy index 4af4136bc6..66f887758b 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxAutopilotController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxAutopilotController.groovy @@ -18,19 +18,11 @@ package com.netflix.spinnaker.gate.controllers import com.google.gson.Gson import com.google.gson.JsonSyntaxException -import com.netflix.spinnaker.gate.config.ServiceConfiguration -import com.netflix.spinnaker.gate.model.ApprovalGateTriggerResponseModel import com.netflix.spinnaker.gate.model.RegisterCanaryResponseModel import com.netflix.spinnaker.gate.services.internal.OpsmxAutopilotService -import com.netflix.spinnaker.gate.services.internal.OpsmxOesService -import com.netflix.spinnaker.security.AuthenticatedRequest import com.opsmx.spinnaker.gate.rbac.ApplicationFeatureRbac import groovy.util.logging.Slf4j -import io.swagger.annotations.ApiOperation -import okhttp3.MediaType -import okhttp3.MultipartBody -import okhttp3.OkHttpClient -import okhttp3.Request +import io.swagger.v3.oas.annotations.Operation import org.apache.commons.io.IOUtils import org.springframework.beans.factory.annotation.Autowired import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression @@ -38,11 +30,10 @@ import org.springframework.http.HttpHeaders import org.springframework.http.HttpStatus import org.springframework.http.ResponseEntity import org.springframework.web.bind.annotation.* -import org.springframework.web.multipart.MultipartFile import retrofit.client.Header import retrofit.client.Response -import javax.servlet.http.HttpServletRequest +import jakarta.servlet.http.HttpServletRequest import java.util.stream.Collectors @RequestMapping("/autopilot") @@ -74,13 +65,13 @@ class OpsmxAutopilotController { Gson gson = new Gson() - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @RequestMapping(value = "/{type}", method = RequestMethod.GET) Object getAutoResponse1(@PathVariable("type") String type) { return opsmxAutopilotService.getAutoResponse1(type) } - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @GetMapping(value = "/canaries/debugLogsData", produces = "application/zip") @ResponseBody Object downloadDebugData(@RequestParam(value = "id", required = false) Integer canaryId){ Response response = opsmxAutopilotService.downloadDebugData(canaryId) @@ -99,7 +90,7 @@ class OpsmxAutopilotController { } - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @GetMapping(value = "/canaries/clusterCompleteLog", produces = "application/zip") @ResponseBody Object downloadClusterInfo(@RequestParam(value = "canaryId", required = false) Integer canaryId, @RequestParam(value = "serviceId", required = false) Integer serviceId, @@ -123,7 +114,7 @@ class OpsmxAutopilotController { } - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @GetMapping(value = "/canaries/patternCompleteLog", produces = "application/zip") @ResponseBody Object downloadPatternCompleteLog(@RequestParam(value = "canaryId", required = false) Integer canaryId, @RequestParam(value = "serviceId", required = false) Integer serviceId, @@ -145,7 +136,7 @@ class OpsmxAutopilotController { } - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @RequestMapping(value = "/api/{version}/registerCanary", method = RequestMethod.POST) Object triggerRegisterCanary(@PathVariable("version") String version, @RequestBody(required = false) Object data, HttpServletRequest request) throws Exception { @@ -183,7 +174,7 @@ class OpsmxAutopilotController { } - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @RequestMapping(value = "/{type}/{source}", method = RequestMethod.GET) Object getAutoResponse(@PathVariable("type") String type, @PathVariable("source") String source, @RequestParam(value = "application", required = false) Integer id, @@ -245,7 +236,7 @@ class OpsmxAutopilotController { userId,logTemplateName,forceDelete,deleteAssociateRuns, event, serviceList, pipelineId, referer, testCaseId, verificationType, patternId) } - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @RequestMapping(value = "/{type}/{source}/{source1}", method = RequestMethod.GET) Object getAutoResponse4(@PathVariable("type") String type, @PathVariable("source") String source, @@ -267,7 +258,7 @@ class OpsmxAutopilotController { return opsmxAutopilotService.getAutoResponse4(type, source, source1, applicationsIds, datasourceType, canaryId, serviceId, pageNo, pageLimit, sortBy, sortOrder, applicationId, noOfDays, patternId, search,verificationType) } - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @RequestMapping(value = "/{type}/{source}/{source1}/{source2}", method = RequestMethod.GET) Object getAutoResponse5(@PathVariable("type") String type, @PathVariable("source") String source, @@ -279,7 +270,7 @@ class OpsmxAutopilotController { return opsmxAutopilotService.getAutoResponse5(type, source, source1, source2, canaryId, verificationType, permissionId) } - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @RequestMapping(value = "/{type}/{source}/{source1}/{source2}/{source3}", method = RequestMethod.GET) Object getAutoResponse6(@PathVariable("type") String type, @PathVariable("source") String source, @@ -297,7 +288,7 @@ class OpsmxAutopilotController { return opsmxAutopilotService.getAutoResponse6(type, source, source1, source2, source3,pageNo,pageLimit,noOfDays,search,verificationType,status,sortOrder) } - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @RequestMapping(value = "/{type}/{source}/{source1}/{source2}/{source3}/{source4}", method = RequestMethod.GET) Object getAutoResponse7(@PathVariable("type") String type, @PathVariable("source") String source, @@ -310,7 +301,7 @@ class OpsmxAutopilotController { return opsmxAutopilotService.getAutoResponse7(type, source, source1, source2, source3, source4, time) } - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @RequestMapping(value = "/{type}/{source}/{source1}/{source2}/{source3}/{source4}/{source5}", method = RequestMethod.GET) Object getAutoResponse8(@PathVariable("type") String type, @PathVariable("source") String source, @@ -326,7 +317,7 @@ class OpsmxAutopilotController { return opsmxAutopilotService.getAutoResponse8(type, source, source1, source2, source3, source4, source5, imageId, canaryIds, gateIds) } - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @RequestMapping(value = "/{type}/{source}/{source1}/{source2}/{source3}/{source4}/{source5}/{source6}/{source7}/{source8}", method = RequestMethod.GET) Object getAutoResponse9(@PathVariable("type") String type, @PathVariable("source") String source, @@ -342,7 +333,7 @@ class OpsmxAutopilotController { return opsmxAutopilotService.getAutoResponse9(type, source, source1, source2, source3, source4, source5, source6, source7, source8, imageId) } - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @RequestMapping(value = "/{type}/{source}/{source1}/{source2}/{source3}/{source4}/{source5}/{source6}", method = RequestMethod.GET) Object getAutoResponse10(@PathVariable("type") String type, @PathVariable("source") String source, @@ -359,14 +350,14 @@ class OpsmxAutopilotController { return opsmxAutopilotService.getAutoResponse10(type, source, source1, source2, source3, source4, source5, source6,imageId, canaryIds, gateIds) } - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @RequestMapping(value = "/{type}", method = RequestMethod.DELETE) Object deleteAutoResponse1(@PathVariable("type") String type) { return opsmxAutopilotService.deleteAutoResponse1(type) } - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @RequestMapping(value = "/{type}/{source}", method = RequestMethod.DELETE) Object deleteAutoResponse(@PathVariable("type") String type, @PathVariable("source") String source, @@ -385,7 +376,7 @@ class OpsmxAutopilotController { } - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @RequestMapping(value = "/{type}/{source}/{source1}", method = RequestMethod.DELETE) Object deleteAutoResponse3(@PathVariable("type") String type, @PathVariable("source") String source, @@ -394,7 +385,7 @@ class OpsmxAutopilotController { return opsmxAutopilotService.deleteAutoResponse3(type, source, source1) } - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @RequestMapping(value = "/{type}/{source}/{source1}/{source2}", method = RequestMethod.DELETE) Object deleteAutoResponse4(@PathVariable("type") String type, @PathVariable("source") String source, @@ -404,7 +395,7 @@ class OpsmxAutopilotController { return opsmxAutopilotService.deleteAutoResponse4(type, source, source1, source2) } - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @RequestMapping(value = "/{type}/{source}/{source1}/{source2}/{source3}", method = RequestMethod.DELETE) Object deleteAutoResponse5(@PathVariable("type") String type, @PathVariable("source") String source, @@ -415,7 +406,7 @@ class OpsmxAutopilotController { return opsmxAutopilotService.deleteAutoResponse5(type, source, source1, source2, source3) } - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @RequestMapping(value = "/{type}/{source}/{source1}/{source2}/{source3}/{source4}", method = RequestMethod.DELETE) Object deleteAutoResponse6(@PathVariable("type") String type, @PathVariable("source") String source, @@ -427,7 +418,7 @@ class OpsmxAutopilotController { return opsmxAutopilotService.deleteAutoResponse6(type, source, source1, source2, source3, source4) } - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @RequestMapping(value = "/{type}", method = RequestMethod.POST) Object postAutoResponse(@PathVariable("type") String type, @RequestBody(required = false) Object data) { @@ -435,7 +426,7 @@ class OpsmxAutopilotController { return opsmxAutopilotService.postAutoResponse(type,data) } - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @RequestMapping(value = "/{type}/{source}", method = RequestMethod.POST) Object postAutoResponse1(@PathVariable("type") String type, @PathVariable("source") String source, @@ -451,7 +442,7 @@ class OpsmxAutopilotController { return opsmxAutopilotService.postAutoResponse1(type, source, isEdit, userName, userId, canaryId, logTemplateName, serviceId, testCaseId, data) } - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @RequestMapping(value = "/{type}/{source}/{source1}", method = RequestMethod.POST) Object postAutoResponse4(@PathVariable("type") String type, @PathVariable("source") String source, @@ -461,7 +452,7 @@ class OpsmxAutopilotController { return opsmxAutopilotService.postAutoResponse4(type, source, source1, data) } - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @RequestMapping(value = "/{type}/{source}/{source1}/{source2}", method = RequestMethod.POST) Object postAutoResponse5(@PathVariable("type") String type, @PathVariable("source") String source, @@ -473,7 +464,7 @@ class OpsmxAutopilotController { return opsmxAutopilotService.postAutoResponse5(type, source, source1, source2, isEdit, data) } - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @RequestMapping(value = "/{type}/{source}/{source1}/{source2}/{source3}", method = RequestMethod.POST) Object postAutoResponse6(@PathVariable("type") String type, @PathVariable("source") String source, @@ -486,7 +477,7 @@ class OpsmxAutopilotController { return opsmxAutopilotService.postAutoResponse6(type, source, source1, source2, source3, isEdit, data) } - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @RequestMapping(value = "/{type}", method = RequestMethod.PUT) Object updateAutopilotResponse(@PathVariable("type") String type, @RequestBody(required = false) Object data) { @@ -494,7 +485,7 @@ class OpsmxAutopilotController { return opsmxAutopilotService.updateAutopilotResponse(type, data) } - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @RequestMapping(value = "/{type}/{source}", method = RequestMethod.PUT) Object updateAutopilotResponse1(@PathVariable("type") String type, @PathVariable("source") String source, @@ -503,7 +494,7 @@ class OpsmxAutopilotController { return opsmxAutopilotService.updateAutopilotResponse1(type, source, data) } - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @RequestMapping(value = "/{type}/{source}/{source1}", method = RequestMethod.PUT) Object updateAutopilotResponse2(@PathVariable("type") String type, @PathVariable("source") String source, @@ -513,7 +504,7 @@ class OpsmxAutopilotController { return opsmxAutopilotService.updateAutopilotResponse2(type, source, source1, data) } - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @RequestMapping(value = "/{type}/{source}/{source1}/{source2}", method = RequestMethod.PUT) Object updatePlatformResponse3(@PathVariable("type") String type, @PathVariable("source") String source, @@ -524,7 +515,7 @@ class OpsmxAutopilotController { return opsmxAutopilotService.updateAutopilotResponse3(type, source, source1, source2, data) } - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @RequestMapping(value = "/{type}/{source}/{source1}/{source2}/{source3}", method = RequestMethod.PUT) Object updatePlatformResponse3(@PathVariable("type") String type, @PathVariable("source") String source, @@ -536,7 +527,7 @@ class OpsmxAutopilotController { return opsmxAutopilotService.updateAutopilotResponse4(type, source, source1, source2, source3, data) } - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @RequestMapping(value = "/{type}/{source}/{source1}/{source2}/{source3}/{source4}", method = RequestMethod.PUT) Object updatePlatformResponse3(@PathVariable("type") String type, @PathVariable("source") String source, @@ -549,7 +540,7 @@ class OpsmxAutopilotController { return opsmxAutopilotService.updateAutopilotResponse5(type, source, source1, source2, source3, source4, data) } - @ApiOperation(value = "Endpoint for autopilot rest services") + @Operation(summary = "Endpoint for autopilot rest services") @RequestMapping(value = "/{type}/{source}/{source1}/{source2}/{source3}/{source4}/{source5}", method = RequestMethod.PUT) Object updatePlatformResponse4(@PathVariable("type") String type, @PathVariable("source") String source, diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxDashboardController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxDashboardController.groovy index 1662a4de37..a804e9fd51 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxDashboardController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxDashboardController.groovy @@ -22,13 +22,13 @@ import com.opsmx.spinnaker.gate.factory.dashboard.DashboardCachingServiceBeanFac import com.opsmx.spinnaker.gate.service.DashboardCachingService import com.opsmx.spinnaker.gate.util.CacheUtil import groovy.util.logging.Slf4j -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Autowired import org.springframework.beans.factory.annotation.Value import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression import org.springframework.web.bind.annotation.* -import javax.servlet.http.HttpServletRequest +import jakarta.servlet.http.HttpServletRequest @RequestMapping("/dashboardservice") @RestController @@ -60,7 +60,7 @@ class OpsmxDashboardController { @Value('${gate.installation.mode}') GateInstallationModes gateInstallationMode - @ApiOperation(value = "Endpoint for dashboard rest services") + @Operation(summary = "Endpoint for dashboard rest services") @RequestMapping(value = "/{version}/{type}", method = RequestMethod.GET) Object getDashboardResponse1(@PathVariable("version") String version, @PathVariable("type") String type, @@ -105,7 +105,7 @@ class OpsmxDashboardController { } - @ApiOperation(value = "Endpoint for dashboard rest services") + @Operation(summary = "Endpoint for dashboard rest services") @RequestMapping(value = "/{version}/{type}/{source}", method = RequestMethod.GET) Object getDashboardResponse(@PathVariable("version") String version, @PathVariable("type") String type, @@ -116,7 +116,7 @@ class OpsmxDashboardController { return opsmxDashboardService.getDashboardResponse(version, type, source,pageNo, pageLimit, search) } - @ApiOperation(value = "Endpoint for dashboard rest services") + @Operation(summary = "Endpoint for dashboard rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}", method = RequestMethod.GET) Object getDashboardResponse4(@PathVariable("version") String version, @PathVariable("type") String type, @@ -132,7 +132,7 @@ class OpsmxDashboardController { return opsmxDashboardService.getDashboardResponse4(version, type, source, source1, pageNo, pageLimit, sortBy, sortOrder, search, noOfDays) } - @ApiOperation(value = "Endpoint for dashboard rest services") + @Operation(summary = "Endpoint for dashboard rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}", method = RequestMethod.GET) Object getDashboardResponse5(@PathVariable("version") String version, @PathVariable("type") String type, @@ -148,7 +148,7 @@ class OpsmxDashboardController { return opsmxDashboardService.getDashboardResponse5(version, type, source, source1, source2, pageNo, pageLimit, sortBy, sortOrder, noOfDays) } - @ApiOperation(value = "Endpoint for dashboard rest services") + @Operation(summary = "Endpoint for dashboard rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}", method = RequestMethod.GET) Object getDashboardResponse6(@PathVariable("version") String version, @PathVariable("type") String type, @@ -161,7 +161,7 @@ class OpsmxDashboardController { return opsmxDashboardService.getDashboardResponse6(version, type, source, source1, source2, source3, noOfDays) } - @ApiOperation(value = "Endpoint for dashboard rest services") + @Operation(summary = "Endpoint for dashboard rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}/{source4}", method = RequestMethod.GET) Object getDashboardResponse7(@PathVariable("version") String version, @PathVariable("type") String type, @@ -178,7 +178,7 @@ class OpsmxDashboardController { return opsmxDashboardService.getDashboardResponse7(version, type, source, source1, source2, source3, source4, pageNo, pageLimit, sortBy, sortOrder) } - @ApiOperation(value = "Endpoint for dashboard rest services") + @Operation(summary = "Endpoint for dashboard rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}/{source4}/{source5}", method = RequestMethod.GET) Object getDashboardResponse8(@PathVariable("version") String version, @PathVariable("type") String type, @@ -192,7 +192,7 @@ class OpsmxDashboardController { return opsmxDashboardService.getDashboardResponse8(version, type, source, source1, source2, source3, source4, source5) } - @ApiOperation(value = "Endpoint for dashboard rest services") + @Operation(summary = "Endpoint for dashboard rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}/{source4}/{source5}/{source6}", method = RequestMethod.GET) Object getDashboardResponse9(@PathVariable("version") String version, @PathVariable("type") String type, @@ -208,7 +208,7 @@ class OpsmxDashboardController { } - @ApiOperation(value = "Endpoint for dashboard rest services") + @Operation(summary = "Endpoint for dashboard rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}/{source4}/{source5}/{source6}/{source7}", method = RequestMethod.GET) Object getDashboardResponse10(@PathVariable("version") String version, @PathVariable("type") String type, @@ -224,7 +224,7 @@ class OpsmxDashboardController { return opsmxDashboardService.getDashboardResponse10(version, type, source, source1, source2, source3, source4, source5, source6,source7) } - @ApiOperation(value = "Endpoint for dashboard rest services") + @Operation(summary = "Endpoint for dashboard rest services") @RequestMapping(value = "/{version}/{type}", method = RequestMethod.DELETE) Object deleteDashboardResponse(@PathVariable("version") String version, @PathVariable("type") String type) { @@ -232,7 +232,7 @@ class OpsmxDashboardController { return opsmxDashboardService.deleteDashboardResponse(version, type) } - @ApiOperation(value = "Endpoint for dashboard rest services") + @Operation(summary = "Endpoint for dashboard rest services") @RequestMapping(value = "/{version}/{type}/{source}", method = RequestMethod.DELETE) Object deleteDashboardResponse1(@PathVariable("version") String version, @PathVariable("type") String type, @@ -241,7 +241,7 @@ class OpsmxDashboardController { return opsmxDashboardService.deleteDashboardResponse1(version, type, source) } - @ApiOperation(value = "Endpoint for dashboard rest services") + @Operation(summary = "Endpoint for dashboard rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}", method = RequestMethod.DELETE) Object deleteDashboardResponse4(@PathVariable("version") String version, @PathVariable("type") String type, @@ -251,7 +251,7 @@ class OpsmxDashboardController { return opsmxDashboardService.deleteDashboardResponse4(version, type, source, source1) } - @ApiOperation(value = "Endpoint for dashboard rest services") + @Operation(summary = "Endpoint for dashboard rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}", method = RequestMethod.DELETE) Object deleteDashboardResponse5(@PathVariable("version") String version, @PathVariable("type") String type, @@ -262,7 +262,7 @@ class OpsmxDashboardController { return opsmxDashboardService.deleteDashboardResponse5(version, type, source, source1, source2) } - @ApiOperation(value = "Endpoint for dashboard rest services") + @Operation(summary = "Endpoint for dashboard rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}", method = RequestMethod.DELETE) Object deleteDashboardResponse6(@PathVariable("version") String version, @PathVariable("type") String type, @@ -274,7 +274,7 @@ class OpsmxDashboardController { return opsmxDashboardService.deleteDashboardResponse6(version, type, source, source1, source2, source3) } - @ApiOperation(value = "Endpoint for dashboard rest services") + @Operation(summary = "Endpoint for dashboard rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}/{source4}", method = RequestMethod.DELETE) Object deleteDashboardResponse7(@PathVariable("version") String version, @PathVariable("type") String type, @@ -291,7 +291,7 @@ class OpsmxDashboardController { return opsmxDashboardService.deleteDashboardResponse7(version, type, source, source1, source2, source3, source4, cookie) } - @ApiOperation(value = "Endpoint for dashboard rest services") + @Operation(summary = "Endpoint for dashboard rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}/{source4}/{source5}", method = RequestMethod.DELETE) Object deleteDashboardResponse8(@PathVariable("version") String version, @PathVariable("type") String type, @@ -304,7 +304,7 @@ class OpsmxDashboardController { return opsmxDashboardService.deleteDashboardResponse8(version, type, source, source1, source2, source3, source4, source5) } - @ApiOperation(value = "Endpoint for dashboard rest services") + @Operation(summary = "Endpoint for dashboard rest services") @RequestMapping(value = "/{version}/{type}", method = RequestMethod.POST) Object postDashboardResponse(@PathVariable("version") String version, @PathVariable("type") String type, @@ -313,7 +313,7 @@ class OpsmxDashboardController { return opsmxDashboardService.postDashboardResponse(version, type,data) } - @ApiOperation(value = "Endpoint for dashboard rest services") + @Operation(summary = "Endpoint for dashboard rest services") @RequestMapping(value = "/{version}/{type}/{source}", method = RequestMethod.POST) Object postDashboardResponse3(@PathVariable("version") String version, @PathVariable("type") String type, @@ -323,7 +323,7 @@ class OpsmxDashboardController { return opsmxDashboardService.postDashboardResponse3(version, type, source, data) } - @ApiOperation(value = "Endpoint for dashboard rest services") + @Operation(summary = "Endpoint for dashboard rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}", method = RequestMethod.POST) Object postDashboardResponse4(@PathVariable("version") String version, @PathVariable("type") String type, @@ -342,7 +342,7 @@ class OpsmxDashboardController { return opsmxDashboardService.postDashboardResponse4(version, type, source, source1, cookie, data) } - @ApiOperation(value = "Endpoint for dashboard rest services") + @Operation(summary = "Endpoint for dashboard rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}", method = RequestMethod.POST) Object postDashboardResponse5(@PathVariable("version") String version, @PathVariable("type") String type, @@ -354,7 +354,7 @@ class OpsmxDashboardController { return opsmxDashboardService.postDashboardResponse5(version, type, source, source1, source2, data) } - @ApiOperation(value = "Endpoint for dashboard rest services") + @Operation(summary = "Endpoint for dashboard rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}", method = RequestMethod.POST) Object postDashboardResponse6(@PathVariable("version") String version, @PathVariable("type") String type, @@ -367,7 +367,7 @@ class OpsmxDashboardController { return opsmxDashboardService.postDashboardResponse6(version, type, source, source1, source2, source3, data) } - @ApiOperation(value = "Endpoint for dashboard rest services") + @Operation(summary = "Endpoint for dashboard rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}/{source4}", method = RequestMethod.POST) Object postDashboardResponse7(@PathVariable("version") String version, @PathVariable("type") String type, @@ -381,7 +381,7 @@ class OpsmxDashboardController { return opsmxDashboardService.postDashboardResponse7(version, type, source, source1, source2, source3, source4, data) } - @ApiOperation(value = "Endpoint for dashboard rest services") + @Operation(summary = "Endpoint for dashboard rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}/{source4}/{source5}", method = RequestMethod.POST) Object postDashboardResponse8(@PathVariable("version") String version, @PathVariable("type") String type, @@ -396,7 +396,7 @@ class OpsmxDashboardController { return opsmxDashboardService.postDashboardResponse8(version, type, source, source1, source2, source3, source4, source5, data) } - @ApiOperation(value = "Endpoint for dashboard rest services") + @Operation(summary = "Endpoint for dashboard rest services") @RequestMapping(value = "/{version}/{type}", method = RequestMethod.PUT) Object updateDashboardResponse(@PathVariable("version") String version, @PathVariable("type") String type, @@ -405,7 +405,7 @@ class OpsmxDashboardController { return opsmxDashboardService.updateDashboardResponse(version, type, data) } - @ApiOperation(value = "Endpoint for dashboard rest services") + @Operation(summary = "Endpoint for dashboard rest services") @RequestMapping(value = "/{version}/{type}/{source}", method = RequestMethod.PUT) Object updateDashboardResponse1(@PathVariable("version") String version, @PathVariable("type") String type, @@ -415,7 +415,7 @@ class OpsmxDashboardController { return opsmxDashboardService.updateDashboardResponse1(version, type, source, data) } - @ApiOperation(value = "Endpoint for dashboard rest services") + @Operation(summary = "Endpoint for dashboard rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}", method = RequestMethod.PUT) Object updateDashboardResponse2(@PathVariable("version") String version, @PathVariable("type") String type, @@ -426,7 +426,7 @@ class OpsmxDashboardController { return opsmxDashboardService.updateDashboardResponse2(version, type, source, source1, data) } - @ApiOperation(value = "Endpoint for dashboard rest services") + @Operation(summary = "Endpoint for dashboard rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}", method = RequestMethod.PUT) Object updateDashboardResponse3(@PathVariable("version") String version, @PathVariable("type") String type, @@ -447,7 +447,7 @@ class OpsmxDashboardController { return opsmxDashboardService.updateDashboardResponse3(version, type, source, source1, source2, data, cookie) } - @ApiOperation(value = "Endpoint for dashboard rest services") + @Operation(summary = "Endpoint for dashboard rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}", method = RequestMethod.PUT) Object updateDashboardResponse4(@PathVariable("version") String version, @PathVariable("type") String type, @@ -460,7 +460,7 @@ class OpsmxDashboardController { return opsmxDashboardService.updateDashboardResponse4(version, type, source, source1, source2, source3, data) } - @ApiOperation(value = "Endpoint for dashboard rest services") + @Operation(summary = "Endpoint for dashboard rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}/{source4}", method = RequestMethod.PUT) Object updateDashboardResponse5(@PathVariable("version") String version, @PathVariable("type") String type, @@ -474,7 +474,7 @@ class OpsmxDashboardController { return opsmxDashboardService.updateDashboardResponse5(version, type, source, source1, source2, source3, source4, data) } - @ApiOperation(value = "Endpoint for dashboard rest services") + @Operation(summary = "Endpoint for dashboard rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}/{source4}/{source5}", method = RequestMethod.PUT) Object updateDashboardResponse6(@PathVariable("version") String version, @PathVariable("type") String type, diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxOesController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxOesController.groovy index fff593b999..683ad0c40f 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxOesController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxOesController.groovy @@ -16,6 +16,7 @@ package com.netflix.spinnaker.gate.controllers +import io.swagger.v3.oas.annotations.Operation import org.apache.commons.io.IOUtils import org.springframework.beans.factory.annotation.Autowired import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression @@ -31,7 +32,6 @@ import com.netflix.spinnaker.gate.exceptions.OesRequestException import com.netflix.spinnaker.security.AuthenticatedRequest import groovy.util.logging.Slf4j -import io.swagger.annotations.ApiOperation import okhttp3.Headers import okhttp3.MediaType import okhttp3.MultipartBody @@ -58,7 +58,7 @@ class OpsmxOesController { @Autowired OkHttpClient okHttpClient - @ApiOperation(value = "Endpoint for Oes rest services") + @Operation(summary = "Endpoint for Oes rest services") @RequestMapping(value = "/{source}", method = RequestMethod.POST) Object postOesResponse(@PathVariable("source") String source, @RequestBody(required = false) Object data) { @@ -66,7 +66,7 @@ class OpsmxOesController { return opsmxOesService.postOesResponse(source, data) } - @ApiOperation(value = "Endpoint for Oes rest services") + @Operation(summary = "Endpoint for Oes rest services") @RequestMapping(value = "/{type}/{source}", method = RequestMethod.GET) Object getOesResponse(@PathVariable("type") String type, @PathVariable("source") String source, @@ -83,7 +83,7 @@ class OpsmxOesController { applicationName, chartId, imageSource, accountName, startTime, endTime) } - @ApiOperation(value = "Endpoint for Oes rest services") + @Operation(summary = "Endpoint for Oes rest services") @RequestMapping(value = "/{type}/{source}/{source1}", method = RequestMethod.GET) Object getOesResponse4(@PathVariable("type") String type, @PathVariable("source") String source, @@ -92,7 +92,7 @@ class OpsmxOesController { return opsmxOesService.getOesResponse4(type, source, source1) } - @ApiOperation(value = "Endpoint for Oes rest services") + @Operation(summary = "Endpoint for Oes rest services") @RequestMapping(value = "/{type}/{source}/{source1}/{source2}", method = RequestMethod.GET) Object getOesResponse5(@PathVariable("type") String type, @PathVariable("source") String source, @@ -104,7 +104,7 @@ class OpsmxOesController { return opsmxOesService.getOesResponse5(type, source, source1, source2,isTreeView,isLatest) } - @ApiOperation(value = "Endpoint for Oes rest services") + @Operation(summary = "Endpoint for Oes rest services") @RequestMapping(value = "/{type}/{source}/{source1}/{source2}/{source3}", method = RequestMethod.GET) Object getOesResponse6(@PathVariable("type") String type, @PathVariable("source") String source, @@ -117,7 +117,7 @@ class OpsmxOesController { return opsmxOesService.getOesResponse6(type, source, source1, source2, source3,permissionId,noOfDays) } - @ApiOperation(value = "Endpoint for Oes rest services") + @Operation(summary = "Endpoint for Oes rest services") @RequestMapping(value = "/{type}/{source}/{source1}/{source2}/{source3}/{source4}", method = RequestMethod.GET) Object getOesResponse7(@PathVariable("type") String type, @PathVariable("source") String source, @@ -131,7 +131,7 @@ class OpsmxOesController { return opsmxOesService.getOesResponse7(type, source, source1, source2, source3, source4, imageId, executionId, gateIds) } - @ApiOperation(value = "Endpoint for Oes rest services") + @Operation(summary = "Endpoint for Oes rest services") @RequestMapping(value = "/{type}/{source}", method = RequestMethod.DELETE) Object deleteOesResponse(@PathVariable("type") String type, @PathVariable("source") String source, @@ -140,7 +140,7 @@ class OpsmxOesController { return opsmxOesService.deleteOesResponse(type, source, accountName) } - @ApiOperation(value = "Endpoint for Oes rest services") + @Operation(summary = "Endpoint for Oes rest services") @RequestMapping(value = "/{type}/{source}/{source1}", method = RequestMethod.DELETE) Object deleteOesResponse4(@PathVariable("type") String type, @PathVariable("source") String source, @@ -149,7 +149,7 @@ class OpsmxOesController { return opsmxOesService.deleteOesResponse4(type, source, source1) } - @ApiOperation(value = "Endpoint for Oes rest services") + @Operation(summary = "Endpoint for Oes rest services") @RequestMapping(value = "/{type}/{source}/{source1}/{source2}", method = RequestMethod.DELETE) Object deleteOesResponse5(@PathVariable("type") String type, @PathVariable("source") String source, @@ -160,7 +160,7 @@ class OpsmxOesController { return opsmxOesService.deleteOesResponse5(type, source, source1, source2, accountId) } - @ApiOperation(value = "Endpoint for Oes rest services") + @Operation(summary = "Endpoint for Oes rest services") @RequestMapping(value = "/{type}/{source}/{source1}/{source2}/{source3}", method = RequestMethod.DELETE) Object deleteOesResponse6(@PathVariable("type") String type, @PathVariable("source") String source, @@ -171,14 +171,14 @@ class OpsmxOesController { return opsmxOesService.deleteOesResponse6(type, source, source1, source2, source3) } - @ApiOperation(value = "Add or Update dynamic account configured in Spinnaker", response = String.class ) + @Operation(summary = "Add or Update dynamic account configured in Spinnaker") @RequestMapping(value = "/accountsConfig/addOrUpdateDynamicAccount", method = RequestMethod.POST) String addOrUpdateAccount(@RequestParam MultipartFile files, @RequestParam Map postData) { String filename = files ? files.getOriginalFilename() : '' return addOrUpdateDynamicAccount(files, postData.get("postData")) } - @ApiOperation(value = "Endpoint for Oes rest services") + @Operation(summary = "Endpoint for Oes rest services") @RequestMapping(value = "/{type}/{source}", method = RequestMethod.POST) Object postOesResponse(@PathVariable("type") String type, @PathVariable("source") String source, @@ -189,7 +189,7 @@ class OpsmxOesController { return opsmxOesService.postOesResponse(type, source, isTreeView, isLatest, data) } - @ApiOperation(value = "Endpoint for Oes rest services") + @Operation(summary = "Endpoint for Oes rest services") @RequestMapping(value = "/{type}/{source}/{source1}", method = RequestMethod.POST) Object postOesResponse4(@PathVariable("type") String type, @PathVariable("source") String source, @@ -199,7 +199,7 @@ class OpsmxOesController { return opsmxOesService.postOesResponse4(type, source, source1, data) } - @ApiOperation(value = "Endpoint for Oes rest services") + @Operation(summary = "Endpoint for Oes rest services") @RequestMapping(value = "/{type}/{source}/{source1}/{source2}", method = RequestMethod.POST) Object postOesResponse5(@PathVariable("type") String type, @PathVariable("source") String source, @@ -210,7 +210,7 @@ class OpsmxOesController { return opsmxOesService.postOesResponse5(type, source, source1, source2, data) } - @ApiOperation(value = "Endpoint for Oes rest services") + @Operation(summary = "Endpoint for Oes rest services") @RequestMapping(value = "/{type}/{source}/{source1}/{source2}/{source3}", method = RequestMethod.POST) Object postOesResponse6(@PathVariable("type") String type, @PathVariable("source") String source, @@ -222,7 +222,7 @@ class OpsmxOesController { return opsmxOesService.postOesResponse6(type, source, source1, source2, source3, data) } - @ApiOperation(value = "Endpoint for Oes rest services") + @Operation(summary = "Endpoint for Oes rest services") @RequestMapping(value = "/{type}/{source}", method = RequestMethod.PUT) Object updateOesResponse(@PathVariable("type") String type, @PathVariable("source") String source, @@ -231,7 +231,7 @@ class OpsmxOesController { return opsmxOesService.updateOesResponse(type, source, data) } - @ApiOperation(value = "Endpoint for Oes rest services") + @Operation(summary = "Endpoint for Oes rest services") @RequestMapping(value = "/{type}/{source}/{source1}", method = RequestMethod.PUT) Object updateOesResponse4(@PathVariable("type") String type, @PathVariable("source") String source, @@ -241,7 +241,7 @@ class OpsmxOesController { return opsmxOesService.updateOesResponse4(type, source, source1, data) } - @ApiOperation(value = "Endpoint for Oes rest services") + @Operation(summary = "Endpoint for Oes rest services") @RequestMapping(value = "/{type}/{source}/{source1}/{source2}", method = RequestMethod.PUT) Object updateOesResponse5(@PathVariable("type") String type, @PathVariable("source") String source, @@ -252,7 +252,7 @@ class OpsmxOesController { return opsmxOesService.updateOesResponse5(type, source, source1, source2, data) } - @ApiOperation(value = "Endpoint for Oes rest services") + @Operation(summary = "Endpoint for Oes rest services") @RequestMapping(value = "/{type}/{source}/{source1}/{source2}/{source3}", method = RequestMethod.PUT) Object updateOesResponse6(@PathVariable("type") String type, @PathVariable("source") String source, @@ -264,34 +264,34 @@ class OpsmxOesController { return opsmxOesService.updateOesResponse6(type, source, source1, source2, source3, data) } - @ApiOperation(value = "Add or Update dynamic account configured in Spinnaker", response = String.class ) + @Operation(summary = "Add or Update dynamic account configured in Spinnaker") @RequestMapping(value = "/accountsConfig/cloudProviders/addOrUpdateDynamicAccount", method = RequestMethod.POST) String addOrUpdateCloudProver(@RequestParam MultipartFile files, @RequestParam Map postData) { String filename = files ? files.getOriginalFilename() : '' return addOrUpdateCloudProverAccount(files, postData.get("postData")) } - @ApiOperation(value = "Add or Update Spinnaker") + @Operation(summary = "Add or Update Spinnaker") @RequestMapping(value = "/accountsConfig/spinnakerX509", method = RequestMethod.POST) Object addOrUpdateSpinnaker(@RequestParam MultipartFile files, @RequestParam Map postData) { return addOrUpdateSpinnaker(files, postData.get("postData")) } - @ApiOperation(value = "Add or Update spinnaker cloudprovider account configured in Spinnaker") + @Operation(summary = "Add or Update spinnaker cloudprovider account configured in Spinnaker") @RequestMapping(value = "/accountsConfig/spinnaker/addOrUpdateCloudProviderAccount", method = RequestMethod.POST) Object addOrUpdateSpinnakerCloudProver(@RequestParam MultipartFile files, @RequestParam Map postData) { String filename = files ? files.getOriginalFilename() : '' return addOrUpdateSpinnakerCloudProverAccount(files, postData.get("postData"), null) } - @ApiOperation(value = "Add or Update spinnaker cloudprovider account configured in Spinnaker" ) + @Operation(summary = "Add or Update spinnaker cloudprovider account configured in Spinnaker" ) @RequestMapping(value = "/accountsConfig/{version}/spinnaker/addOrUpdateCloudProviderAccount", method = RequestMethod.POST) Object addOrUpdateVersionSpinnakerCloudProver(@PathVariable("version") String version, @RequestParam MultipartFile files, @RequestParam Map postData) { String filename = files ? files.getOriginalFilename() : '' return addOrUpdateSpinnakerCloudProverAccount(files, postData.get("postData"), version) } - @ApiOperation(value = "Add or Update Spinnaker x509") + @Operation(summary = "Add or Update Spinnaker x509") @RequestMapping(value = "/accountsConfig/{version}/spinnakerX509", method = RequestMethod.POST) Object addOrUpdateSpinnakerSetupV1(@PathVariable("version") String version, @RequestParam MultipartFile files, @RequestParam Map postData) { return createOrUpdateSpinnaker(files, postData.get("postData"), version) @@ -460,7 +460,7 @@ class OpsmxOesController { return builder.build(); } - @ApiOperation(value = "download the manifest file") + @Operation(summary = "download the manifest file") @GetMapping(value = "/accountsConfig/cloudProviders/manifestfile/{agentName}", produces = "application/octet-stream") @ResponseBody Object getDownloadManifestFile(@PathVariable("agentName") String agentName){ @@ -477,7 +477,7 @@ class OpsmxOesController { } } } - @ApiOperation(value = "download the manifest file") + @Operation(summary = "download the manifest file") @GetMapping(value = "accountsConfig/agents/{agentName}/manifest", produces = "application/octet-stream") @ResponseBody Object getDownloadAgentManifestFile(@PathVariable("agentName") String agentName){ @@ -495,7 +495,7 @@ class OpsmxOesController { } } - @ApiOperation(value = "Endpoint for Oes rest services") + @Operation(summary = "Endpoint for Oes rest services") @RequestMapping(value = "/{type}/{source}/{source1}/{source2}/{source3}/{source4}/{source5}", method = RequestMethod.GET) Object getOesResponse8(@PathVariable("type") String type, @PathVariable("source") String source, @@ -510,7 +510,7 @@ class OpsmxOesController { return opsmxOesService.getOesResponse8(type, source, source1, source2, source3, source4, source5,gateIds) } - @ApiOperation(value = "Endpoint for Oes rest services") + @Operation(summary = "Endpoint for Oes rest services") @RequestMapping(value = "/{type}/{source}/{source1}/{source2}/{source3}/{source4}/{source5}/{source6}", method = RequestMethod.GET) Object getOesResponse9(@PathVariable("type") String type, @PathVariable("source") String source, @@ -524,7 +524,7 @@ class OpsmxOesController { return opsmxOesService.getOesResponse9(type, source, source1, source2, source3, source4, source5, source6) } - @ApiOperation(value = "Endpoint for Oes rest services") + @Operation(summary = "Endpoint for Oes rest services") @RequestMapping(value = "/{type}/{source}/{source1}/{source2}/{source3}/{source4}", method = RequestMethod.POST) Object postOesResponse7(@PathVariable("type") String type, @PathVariable("source") String source, @@ -537,7 +537,7 @@ class OpsmxOesController { return opsmxOesService.postOesResponse7(type, source, source1, source2, source3, source4, data) } - @ApiOperation(value = "download the manifest file") + @Operation(summary = "download the manifest file") @GetMapping(value = "/accountsConfig/{version}/agents/{agentName}/manifest/apple/automation", produces = "application/octet-stream") @ResponseBody Object downloadAgentManifestFile(@PathVariable("agentName") String agentName, diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxPlatformController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxPlatformController.groovy index f5f25d7f4f..7dca02a5a6 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxPlatformController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxPlatformController.groovy @@ -16,25 +16,24 @@ package com.netflix.spinnaker.gate.controllers -import com.netflix.spinnaker.gate.config.ServiceConfiguration + import com.netflix.spinnaker.gate.services.internal.OpsmxPlatformService import com.opsmx.spinnaker.gate.factory.platform.PlatformCachingServiceBeanFactory import com.opsmx.spinnaker.gate.service.PlatformCachingService import com.opsmx.spinnaker.gate.util.CacheUtil import groovy.util.logging.Slf4j -import io.swagger.annotations.ApiOperation -import okhttp3.OkHttpClient +import io.swagger.v3.oas.annotations.Operation +import org.apache.commons.io.IOUtils import org.springframework.beans.factory.annotation.Autowired import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression import org.springframework.http.HttpHeaders +import org.springframework.http.MediaType +import org.springframework.http.ResponseEntity import org.springframework.web.bind.annotation.* import retrofit.client.Response -import org.apache.commons.io.IOUtils -import org.springframework.http.MediaType -import javax.servlet.http.HttpServletRequest +import jakarta.servlet.http.HttpServletRequest import java.util.stream.Collectors -import org.springframework.http.ResponseEntity @RequestMapping("/platformservice") @RestController @@ -63,7 +62,7 @@ class OpsmxPlatformController { @Autowired PlatformCachingServiceBeanFactory platformCachingServiceBeanFactory - @ApiOperation(value = "Endpoint for platform rest services") + @Operation(summary = "Endpoint for platform rest services") @RequestMapping(value = "/{version}/{type}", method = RequestMethod.GET) Object getPlatformResponse1(@PathVariable("version") String version, @PathVariable("type") String type, @@ -85,7 +84,7 @@ class OpsmxPlatformController { return opsmxPlatformService.getPlatformResponse1(version, type, datasourceType, accountName, source, permission, search, username, pageNo, pageLimit, sortBy, sortOrder, applicationId, applicationName, noOfDays, filterBy, cdNames) } - @ApiOperation(value = "Endpoint for platform rest services") + @Operation(summary = "Endpoint for platform rest services") @RequestMapping(value = "/{version}/{type}/{source}", method = RequestMethod.GET) Object getPlatformResponse(@PathVariable("version") String version, @PathVariable("type") String type, @@ -95,7 +94,7 @@ class OpsmxPlatformController { @RequestParam(value = "noOfDays", required = false) Integer noOfDays) { return opsmxPlatformService.getPlatformResponse(version, type, source, source1, chartId, noOfDays) } - @ApiOperation(value = "Endpoint for platform rest services") + @Operation(summary = "Endpoint for platform rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}", method = RequestMethod.GET) Object getPlatformResponse4(@PathVariable("version") String version, @PathVariable("type") String type, @@ -125,7 +124,7 @@ class OpsmxPlatformController { return response } - @ApiOperation(value = "Endpoint for platform rest services") + @Operation(summary = "Endpoint for platform rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}", method = RequestMethod.GET) Object getPlatformResponse5(@PathVariable("version") String version, @PathVariable("type") String type, @@ -143,7 +142,7 @@ class OpsmxPlatformController { return opsmxPlatformService.getPlatformResponse5(version, type, source, source1, source2, permissionId, resourceType,featureType, gateSearch, gateName, refId, gateType) } - @ApiOperation(value = "Endpoint for platform rest services") + @Operation(summary = "Endpoint for platform rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}", method = RequestMethod.GET) Object getPlatformResponse6(@PathVariable("version") String version, @PathVariable("type") String type, @@ -155,7 +154,7 @@ class OpsmxPlatformController { return opsmxPlatformService.getPlatformResponse6(version, type, source, source1, source2, source3) } - @ApiOperation(value = "Endpoint for platform rest services") + @Operation(summary = "Endpoint for platform rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}/{source4}", method = RequestMethod.GET) Object getPlatformResponse7(@PathVariable("version") String version, @PathVariable("type") String type, @@ -167,7 +166,7 @@ class OpsmxPlatformController { return opsmxPlatformService.getPlatformResponse7(version, type, source, source1, source2, source3, source4) } - @ApiOperation(value = "Endpoint for platform rest services") + @Operation(summary = "Endpoint for platform rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}/{source4}/{source5}/{source6}", method = RequestMethod.GET) Object getPlatformResponse8(@PathVariable("version") String version, @PathVariable("type") String type, @@ -182,7 +181,7 @@ class OpsmxPlatformController { return opsmxPlatformService.getPlatformResponse8(version, type, source, source1, source2, source3, source4, source5, source6, gateType) } - @ApiOperation(value = "Endpoint for Insights controller to download csv file") + @Operation(summary = "Endpoint for Insights controller to download csv file") @GetMapping(value = "/{version}/insights/download", produces = "text/csv") Object downloadCsvFile(@PathVariable("version") String version, @RequestParam(value = "chartId", required = false) Integer chartId, @@ -203,7 +202,7 @@ class OpsmxPlatformController { } } - @ApiOperation(value = "Endpoint for platform rest services") + @Operation(summary = "Endpoint for platform rest services") @RequestMapping(value = "/{version}/{type}", method = RequestMethod.DELETE) Object deletePlatformResponse(@PathVariable("version") String version, @PathVariable("type") String type, @@ -211,7 +210,7 @@ class OpsmxPlatformController { return opsmxPlatformService.deletePlatformResponse(version, type, accountName) } - @ApiOperation(value = "Endpoint for platform rest services") + @Operation(summary = "Endpoint for platform rest services") @RequestMapping(value = "/{version}/{type}/{source}", method = RequestMethod.DELETE) Object deletePlatformResponse1(@PathVariable("version") String version, @PathVariable("type") String type, @@ -220,7 +219,7 @@ class OpsmxPlatformController { return opsmxPlatformService.deletePlatformResponse1(version, type, source) } - @ApiOperation(value = "Endpoint for platform rest services") + @Operation(summary = "Endpoint for platform rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}", method = RequestMethod.DELETE) Object deletePlatformResponse4(@PathVariable("version") String version, @PathVariable("type") String type, @@ -230,7 +229,7 @@ class OpsmxPlatformController { return opsmxPlatformService.deletePlatformResponse4(version, type, source, source1) } - @ApiOperation(value = "Endpoint for platform rest services") + @Operation(summary = "Endpoint for platform rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}", method = RequestMethod.DELETE) Object deletePlatformResponse5(@PathVariable("version") String version, @PathVariable("type") String type, @@ -243,7 +242,7 @@ class OpsmxPlatformController { return opsmxPlatformService.deletePlatformResponse5(version, type, source, source1,source2,featureType) } - @ApiOperation(value = "Endpoint for platform rest services") + @Operation(summary = "Endpoint for platform rest services") @RequestMapping(value = "/{version}/{type}", method = RequestMethod.POST) Object postPlatformResponse(@PathVariable("version") String version, @PathVariable("type") String type, @@ -252,7 +251,7 @@ class OpsmxPlatformController { return opsmxPlatformService.postPlatformResponse(version, type, data) } - @ApiOperation(value = "Endpoint for platform rest services") + @Operation(summary = "Endpoint for platform rest services") @RequestMapping(value = "/{version}/{type}/{source}", method = RequestMethod.POST) Object postPlatformResponse3(@PathVariable("version") String version, @PathVariable("type") String type, @@ -262,7 +261,7 @@ class OpsmxPlatformController { return opsmxPlatformService.postPlatformResponse3(version, type, source, data) } - @ApiOperation(value = "Endpoint for platform rest services") + @Operation(summary = "Endpoint for platform rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}", method = RequestMethod.POST) Object postPlatformResponse4(@PathVariable("version") String version, @PathVariable("type") String type, @@ -273,7 +272,7 @@ class OpsmxPlatformController { return opsmxPlatformService.postPlatformResponse4(version, type, source, source1, data) } - @ApiOperation(value = "Endpoint for platform rest services") + @Operation(summary = "Endpoint for platform rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}", method = RequestMethod.POST) Object postPlatformResponse5(@PathVariable("version") String version, @PathVariable("type") String type, @@ -285,7 +284,7 @@ class OpsmxPlatformController { return opsmxPlatformService.postPlatformResponse5(version, type, source, source1, source2, data) } - @ApiOperation(value = "Endpoint for platform rest services") + @Operation(summary = "Endpoint for platform rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}", method = RequestMethod.POST) Object postPlatformResponse6(@PathVariable("version") String version, @PathVariable("type") String type, @@ -298,7 +297,7 @@ class OpsmxPlatformController { return opsmxPlatformService.postPlatformResponse6(version, type, source, source1, source2, source3, data) } - @ApiOperation(value = "Endpoint for platform rest services") + @Operation(summary = "Endpoint for platform rest services") @RequestMapping(value = "/{version}/{type}", method = RequestMethod.PUT) Object updatePlatformResponse(@PathVariable("version") String version, @PathVariable("type") String type, @@ -307,7 +306,7 @@ class OpsmxPlatformController { return opsmxPlatformService.updatePlatformResponse(version, type, data) } - @ApiOperation(value = "Endpoint for platform rest services") + @Operation(summary = "Endpoint for platform rest services") @RequestMapping(value = "/{version}/{type}/{source}", method = RequestMethod.PUT) Object updatePlatformResponse1(@PathVariable("version") String version, @PathVariable("type") String type, @@ -317,7 +316,7 @@ class OpsmxPlatformController { return opsmxPlatformService.updatePlatformResponse1(version, type, source, data) } - @ApiOperation(value = "Endpoint for platform rest services") + @Operation(summary = "Endpoint for platform rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}", method = RequestMethod.PUT) Object updatePlatformResponse2(@PathVariable("version") String version, @PathVariable("type") String type, @@ -328,7 +327,7 @@ class OpsmxPlatformController { return opsmxPlatformService.updatePlatformResponse2(version, type, source, source1, data) } - @ApiOperation(value = "Endpoint for platform rest services") + @Operation(summary = "Endpoint for platform rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}", method = RequestMethod.PUT) Object updatePlatformResponse3(@PathVariable("version") String version, @PathVariable("type") String type, @@ -340,7 +339,7 @@ class OpsmxPlatformController { return opsmxPlatformService.updatePlatformResponse3(version, type, source, source1, source2, data) } - @ApiOperation(value = "Endpoint for platform rest services") + @Operation(summary = "Endpoint for platform rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}/{source4}", method = RequestMethod.PUT) Object updatePlatformResponse4(@PathVariable("version") String version, @PathVariable("type") String type, diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxSsdController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxSsdController.groovy index acc964902a..50ea4831d0 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxSsdController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxSsdController.groovy @@ -21,7 +21,7 @@ import com.netflix.spinnaker.gate.exceptions.OesRequestException import com.netflix.spinnaker.gate.services.internal.OpsmxSsdService import com.netflix.spinnaker.security.AuthenticatedRequest import groovy.util.logging.Slf4j -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import okhttp3.Headers import okhttp3.MultipartBody import okhttp3.OkHttpClient @@ -62,7 +62,7 @@ class OpsmxSsdController { @Autowired OkHttpClient okHttpClient - @ApiOperation(value = "Endpoint for ssd rest services") + @Operation(summary = "Endpoint for ssd rest services") @RequestMapping(value = "/{version}/{type}", method = RequestMethod.POST) Object postSsdServiceResponse(@PathVariable("version") String version, @PathVariable("type") String type, @@ -78,7 +78,7 @@ class OpsmxSsdController { return opsMxSsdService.postSsdServiceResponse(version, type, stage, policy, policyId,id,scope,appId, vulnAlert, data) } - @ApiOperation(value = "Endpoint for ssd rest services") + @Operation(summary = "Endpoint for ssd rest services") @RequestMapping(value = "/{version}/{type}/{source}", method = RequestMethod.POST) Object postSsdServiceResponse3(@PathVariable("version") String version, @PathVariable("type") String type, @@ -88,7 +88,7 @@ class OpsmxSsdController { return opsMxSsdService.postSsdServiceResponse3(version, type, source, id, data) } - @ApiOperation(value = "Add cluster details in ssd rest service") + @Operation(summary = "Add cluster details in ssd rest service") @RequestMapping(value = "/{version}/cluster", method = RequestMethod.POST) Object addClusterInSsd(@PathVariable("version") String version, @RequestParam(value = "name", required = false) String name, @@ -97,7 +97,7 @@ class OpsmxSsdController { return addCluster(file, name, account, version) } - @ApiOperation(value = "update endpoint for ssd rest services") + @Operation(summary = "update endpoint for ssd rest services") @RequestMapping(value = "/{version}/{type}", method = RequestMethod.PUT) Object updateSsdService(@PathVariable("version") String version, @PathVariable("type") String type, @@ -114,7 +114,7 @@ class OpsmxSsdController { return opsMxSsdService.updateSsdServiceResponse(version, type, stage, policy, policyId, id, scope, appId, vulnAlert, integratorType, name, data) } - @ApiOperation(value = "Update endpoint in ssd rest service") + @Operation(summary = "Update endpoint in ssd rest service") @RequestMapping(value = "/{version}/{type}/{source}", method = RequestMethod.PUT) Object updateSsdService1(@PathVariable("version") String version, @PathVariable("type") String type, @@ -124,7 +124,7 @@ class OpsmxSsdController { return opsMxSsdService.updateSsdServiceResponse1(version, type, source, integratorType, data) } - @ApiOperation(value = "Update cluster details in ssd rest service") + @Operation(summary = "Update cluster details in ssd rest service") @RequestMapping(value = "/{version}/cluster/{id}", method = RequestMethod.PUT) Object updateClusterInSsd(@PathVariable("version") String version, @PathVariable("id") String id, @@ -135,7 +135,7 @@ class OpsmxSsdController { return updateCluster(file, name, account, version, id) } - @ApiOperation(value = "Endpoint for ssd services") + @Operation(summary = "Endpoint for ssd services") @RequestMapping(value = "/{version}/{type}", method = RequestMethod.GET) Object getSsdResponse(@PathVariable("version") String version, @PathVariable("type") String type, @@ -170,7 +170,7 @@ class OpsmxSsdController { return opsMxSsdService.getSddResponse1(version, type, account, appId, image, imageTag, stage, deployedAt, appName, pageNo, pageLimit, sortBy, sortOrder, search, noOfDays, policy, typeList, alertName, id, startTime, endTime, severity, scope, current, tag, tool, tags, action, integratorType, name) } - @ApiOperation(value = "Endpoint for ssd services") + @Operation(summary = "Endpoint for ssd services") @RequestMapping(value = "/{version}/{type}/{source}", method = RequestMethod.GET) Object getSsdResponse1(@PathVariable("version") String version, @PathVariable("type") String type, @@ -207,7 +207,7 @@ class OpsmxSsdController { return opsMxSsdService.getSddResponse2(version, type, source, account, appId, image, imageTag, stage, deployedAt, appName, pageNo, pageLimit, sortBy, sortOrder, search, noOfDays, alertName, riskStatus, id, Vulnerability, Component, ComponentVersion, Image, ImageVersion, service, scope, name, value, current, integratorType, startTime, endTime) } - @ApiOperation(value = "Endpoint for ssd services") + @Operation(summary = "Endpoint for ssd services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}", method = RequestMethod.GET) Object getSsdResponse2(@PathVariable("version") String version, @PathVariable("type") String type, @@ -233,7 +233,7 @@ class OpsmxSsdController { return opsMxSsdService.getSddResponse3(version, type, source, source1,account , appId, image, imageTag, stage, deployedAt, appName, noOfDays, pageNo, pageLimit, kind, search, service,sortBy,sortOrder, id, dbomType) } - @ApiOperation(value = "Endpoint for ssd services") + @Operation(summary = "Endpoint for ssd services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}", method = RequestMethod.GET) Object getSsdResponse3(@PathVariable("version") String version, @PathVariable("type") String type, @@ -272,7 +272,7 @@ class OpsmxSsdController { return opsMxSsdService.getSddResponse4(version, type, source, source1, source2, account, appId, image, imageTag, stage, deployedAt, appName, pageNo, pageLimit, sortBy, sortOrder, search, noOfDays, id, fromImage, toImage, fromImageTag, toImageTag, fromAccount, toAccount, kind, active, Vulnerability, Component, ComponentVersion,fromApp,service,toApp, dbomType) } - @ApiOperation(value = "Endpoint for ssd services") + @Operation(summary = "Endpoint for ssd services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}", method = RequestMethod.GET) Object getSsdResponse4(@PathVariable("version") String version, @PathVariable("type") String type, @@ -286,7 +286,7 @@ class OpsmxSsdController { return opsMxSsdService.getSddResponse5(version, type, source, source1, source2, source3, appId, image, appName) } - @ApiOperation(value = "Endpoint for ssd services") + @Operation(summary = "Endpoint for ssd services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}/{source4}", method = RequestMethod.GET) Object getSsdResponse5(@PathVariable("version") String version, @PathVariable("type") String type, @@ -301,7 +301,7 @@ class OpsmxSsdController { return opsMxSsdService.getSddResponse6(version, type, source, source1, source2, source3, source4, appId, image, appName) } - @ApiOperation(value = "Endpoint for ssd services") + @Operation(summary = "Endpoint for ssd services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}/{source4}/{source5}", method = RequestMethod.GET) Object getSsdResponse6(@PathVariable("version") String version, @PathVariable("type") String type, @@ -317,7 +317,7 @@ class OpsmxSsdController { return opsMxSsdService.getSddResponse7(version, type, source, source1, source2, source3, source4, source5, appId, image, appName) } - @ApiOperation(value = "Endpoint to download csv file") + @Operation(summary = "Endpoint to download csv file") @RequestMapping(value = "/{version}/{type}/{source}/download", produces = "text/csv", method = RequestMethod.GET) Object downloadCSVFileAuditService(@PathVariable("version") String version, @PathVariable("type") String type, @@ -345,7 +345,7 @@ class OpsmxSsdController { return ResponseEntity.status(response.getStatus()).build() } - @ApiOperation(value = "Endpoint to download json file") + @Operation(summary = "Endpoint to download json file") @RequestMapping(value = "/{version}/{type}/{source}/download/json", produces = "application/json", method = RequestMethod.GET) Object downloadJsonFileSsdService(@PathVariable("version") String version, @PathVariable("type") String type, @@ -376,7 +376,7 @@ class OpsmxSsdController { return ResponseEntity.status(response.getStatus()).build() } - @ApiOperation(value = "Delete Endpoint for ssd services") + @Operation(summary = "Delete Endpoint for ssd services") @RequestMapping(value = "/{version}/{type}", method = RequestMethod.DELETE) Object deleteSsdResponse(@PathVariable("version") String version, @PathVariable("type") String type, @@ -407,7 +407,7 @@ class OpsmxSsdController { return opsMxSsdService.deleteSddResponse1(version, type, account, appId, image, imageTag, stage, deployedAt, appName, pageNo, pageLimit, sortBy, sortOrder, search, noOfDays, policy, typeList, alertName, id, startTime, endTime, severity, scope, current, tag, integratorType) } - @ApiOperation(value = "Delete Endpoint for ssd services") + @Operation(summary = "Delete Endpoint for ssd services") @RequestMapping(value = "/{version}/{type}/{source}", method = RequestMethod.DELETE) Object deleteSsdResponse1(@PathVariable("version") String version, @PathVariable("type") String type, @@ -441,7 +441,7 @@ class OpsmxSsdController { return opsMxSsdService.deleteSddResponse2(version, type, source, account, appId, image, imageTag, stage, deployedAt, appName, pageNo, pageLimit, sortBy, sortOrder, search, noOfDays, alertName, riskStatus, id, Vulnerability, Component, ComponentVersion, Image, ImageVersion, service, scope, name, value) } - @ApiOperation(value = "Delete Endpoint for ssd services") + @Operation(summary = "Delete Endpoint for ssd services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}", method = RequestMethod.DELETE) Object deleteSsdResponse2(@PathVariable("version") String version, @PathVariable("type") String type, @@ -464,7 +464,7 @@ class OpsmxSsdController { return opsMxSsdService.deleteSddResponse3(version, type, source, source1, account, appId, image, appName, noOfDays, pageNo, pageLimit, kind, search, service, sortBy, sortOrder, id, dbomType) } - @ApiOperation(value = "Delete Endpoint for ssd services") + @Operation(summary = "Delete Endpoint for ssd services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}", method = RequestMethod.DELETE) Object deleteSsdResponse3(@PathVariable("version") String version, @PathVariable("type") String type, @@ -503,7 +503,7 @@ class OpsmxSsdController { return opsMxSsdService.deleteSddResponse4(version, type, source, source1, source2, account, appId, image, imageTag, stage, deployedAt, appName, pageNo, pageLimit, sortBy, sortOrder, search, noOfDays, id, fromImage, toImage, fromImageTag, toImageTag, fromAccount, toAccount, kind, active, Vulnerability, Component, ComponentVersion, fromApp, service, toApp, dbomType) } - @ApiOperation(value = "Delete Endpoint for ssd services") + @Operation(summary = "Delete Endpoint for ssd services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}", method = RequestMethod.DELETE) Object deleteSsdResponse4(@PathVariable("version") String version, @PathVariable("type") String type, @@ -517,7 +517,7 @@ class OpsmxSsdController { return opsMxSsdService.deleteSddResponse5(version, type, source, source1, source2, source3, appId, image, appName) } - @ApiOperation(value = "Delete Endpoint for ssd services") + @Operation(summary = "Delete Endpoint for ssd services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}/{source4}", method = RequestMethod.DELETE) Object deleteSsdResponse5(@PathVariable("version") String version, @PathVariable("type") String type, @@ -532,7 +532,7 @@ class OpsmxSsdController { return opsMxSsdService.deleteSddResponse6(version, type, source, source1, source2, source3, source4, appId, image, appName) } - @ApiOperation(value = "Endpoint for ssd services") + @Operation(summary = "Endpoint for ssd services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}/{source4}/{source5}", method = RequestMethod.DELETE) Object deleteSsdResponse6(@PathVariable("version") String version, @PathVariable("type") String type, diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxSsdOpaController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxSsdOpaController.groovy index e5685177ca..c81e329bff 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxSsdOpaController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxSsdOpaController.groovy @@ -18,7 +18,7 @@ package com.netflix.spinnaker.gate.controllers import com.netflix.spinnaker.gate.services.internal.OpsmxSsdOpaService import groovy.util.logging.Slf4j -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Autowired import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression import org.springframework.web.bind.annotation.PathVariable @@ -38,7 +38,7 @@ class OpsmxSsdOpaController { - @ApiOperation(value = "Endpoint for ssd rest services") + @Operation(summary = "Endpoint for ssd rest services") @RequestMapping(value = "/api/{version}/{type}", method = RequestMethod.POST) Object postSsdOpaServiceResponse1(@PathVariable("version") String version, @PathVariable("type") String type, @@ -46,7 +46,7 @@ class OpsmxSsdOpaController { return opsmxSsdOpaService.postSsdOpaServiceResponse1(version, type, data) } - @ApiOperation(value = "Endpoint for ssd rest services") + @Operation(summary = "Endpoint for ssd rest services") @RequestMapping(value = "{source}/api/{version}/{type}", method = RequestMethod.POST) Object postSsdOpaServiceResponse(@PathVariable("version") String version, @PathVariable("type") String type, @@ -56,7 +56,7 @@ class OpsmxSsdOpaController { } - @ApiOperation(value = "Endpoint for ssd services") + @Operation(summary = "Endpoint for ssd services") @RequestMapping(value = "/api/{version}/{type}", method = RequestMethod.GET) Object getSsdOpaResponse1(@PathVariable("version") String version, @PathVariable("type") String type) { diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxVisibilityController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxVisibilityController.groovy index f5f22f5f82..37e6345180 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxVisibilityController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/OpsmxVisibilityController.groovy @@ -17,22 +17,19 @@ package com.netflix.spinnaker.gate.controllers import com.google.gson.Gson -import com.netflix.spinnaker.gate.config.ServiceConfiguration import com.netflix.spinnaker.gate.model.ApprovalGateTriggerResponseModel import com.netflix.spinnaker.gate.services.internal.OpsmxVisibilityService -import feign.Request import groovy.util.logging.Slf4j -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation +import org.apache.commons.io.IOUtils import org.springframework.beans.factory.annotation.Autowired import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression import org.springframework.http.HttpHeaders +import org.springframework.http.HttpStatus import org.springframework.http.ResponseEntity import org.springframework.web.bind.annotation.* import retrofit.client.Response -import org.apache.commons.io.IOUtils -import org.springframework.http.HttpStatus -import javax.servlet.http.HttpServletRequest import java.util.stream.Collectors @RequestMapping("/visibilityservice") @@ -61,7 +58,7 @@ class OpsmxVisibilityController { Gson gson = new Gson() - @ApiOperation(value = "Endpoint for visibility rest services") + @Operation(summary = "Endpoint for visibility rest services") @RequestMapping(value = "/{version}/approvalGates/{id}/trigger", method = RequestMethod.POST) @ResponseBody Object triggerApprovalGate(@PathVariable("version") String version, @PathVariable("id") Integer id, @@ -84,7 +81,7 @@ class OpsmxVisibilityController { } } - @ApiOperation(value = "Endpoint for visibility rest services") + @Operation(summary = "Endpoint for visibility rest services") @RequestMapping(value = "/{version}/{type}", method = RequestMethod.GET) Object getVisibilityResponse1(@PathVariable("version") String version, @PathVariable("type") String type, @@ -94,7 +91,7 @@ class OpsmxVisibilityController { return opsmxVisibilityService.getVisibilityResponse1(version, type, serviceId, images, executionId) } - @ApiOperation(value = "Endpoint for visibility rest services") + @Operation(summary = "Endpoint for visibility rest services") @RequestMapping(value = "/{version}/{type}/{source}", method = RequestMethod.GET) Object getVisibilityResponse(@PathVariable("version") String version, @PathVariable("type") String type, @@ -111,7 +108,7 @@ class OpsmxVisibilityController { return opsmxVisibilityService.getVisibilityResponse(version, type, source, source1, approvalgateinstances, approvalGateInstanceIds, noOfDays, pageNo, pageLimit, search, deploymentId, history) } - @ApiOperation(value = "Endpoint for visibility rest services") + @Operation(summary = "Endpoint for visibility rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}", method = RequestMethod.GET) Object getVisibilityResponse4(@PathVariable("version") String version, @PathVariable("type") String type, @@ -125,7 +122,7 @@ class OpsmxVisibilityController { return opsmxVisibilityService.getVisibilityResponse4(version, type, source, source1, status, images, executionId, noOfDays) } - @ApiOperation(value = "Endpoint for visibility rest services") + @Operation(summary = "Endpoint for visibility rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}", method = RequestMethod.GET) Object getVisibilityResponse5(@PathVariable("version") String version, @PathVariable("type") String type, @@ -143,7 +140,7 @@ class OpsmxVisibilityController { return opsmxVisibilityService.getVisibilityResponse5(version, type, source, source1, source2, approvalgateinstances, noOfDays, pageNo, pageLimit, search, status, sortOrder) } - @ApiOperation(value = "Endpoint for visibility rest services") + @Operation(summary = "Endpoint for visibility rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}", method = RequestMethod.GET) Object getVisibilityResponse6(@PathVariable("version") String version, @PathVariable("type") String type, @@ -155,7 +152,7 @@ class OpsmxVisibilityController { return opsmxVisibilityService.getVisibilityResponse6(version, type, source, source1, source2, source3,noOfDays) } - @ApiOperation(value = "Endpoint for visibility rest services") + @Operation(summary = "Endpoint for visibility rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}/{source4}", method = RequestMethod.GET) Object getVisibilityResponse7(@PathVariable("version") String version, @PathVariable("type") String type, @@ -168,7 +165,7 @@ class OpsmxVisibilityController { return opsmxVisibilityService.getVisibilityResponse7(version, type, source, source1, source2, source3, source4) } - @ApiOperation(value = "Endpoint for visibility rest services") + @Operation(summary = "Endpoint for visibility rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}/{source4}/{source5}", method = RequestMethod.GET) Object getVisibilityResponse8(@PathVariable("version") String version, @PathVariable("type") String type, @@ -182,7 +179,7 @@ class OpsmxVisibilityController { return opsmxVisibilityService.getVisibilityResponse8(version, type, source, source1, source2, source3, source4, source5) } - @ApiOperation(value = "Endpoint for visibility rest services") + @Operation(summary = "Endpoint for visibility rest services") @RequestMapping(value = "/{version}/{type}", method = RequestMethod.DELETE) Object deleteVisibilityResponse(@PathVariable("version") String version, @PathVariable("type") String type) { @@ -190,7 +187,7 @@ class OpsmxVisibilityController { return opsmxVisibilityService.deleteVisibilityResponse(version, type) } - @ApiOperation(value = "Endpoint for visibility rest services") + @Operation(summary = "Endpoint for visibility rest services") @RequestMapping(value = "/{version}/{type}/{source}", method = RequestMethod.DELETE) Object deleteVisibilityResponse1(@PathVariable("version") String version, @PathVariable("type") String type, @@ -199,7 +196,7 @@ class OpsmxVisibilityController { return opsmxVisibilityService.deleteVisibilityResponse1(version, type, source) } - @ApiOperation(value = "Endpoint for visibility rest services") + @Operation(summary = "Endpoint for visibility rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}", method = RequestMethod.DELETE) Object deleteVisibilityResponse4(@PathVariable("version") String version, @PathVariable("type") String type, @@ -209,7 +206,7 @@ class OpsmxVisibilityController { return opsmxVisibilityService.deleteVisibilityResponse4(version, type, source, source1, datasourceName) } - @ApiOperation(value = "Endpoint for visibility rest services") + @Operation(summary = "Endpoint for visibility rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}", method = RequestMethod.DELETE) Object deleteVisibilityResponse5(@PathVariable("version") String version, @PathVariable("type") String type, @@ -220,7 +217,7 @@ class OpsmxVisibilityController { return opsmxVisibilityService.deleteVisibilityResponse5(version, type, source, source1, source2) } - @ApiOperation(value = "Endpoint for visibility rest services") + @Operation(summary = "Endpoint for visibility rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}", method = RequestMethod.DELETE) Object deleteVisibilityResponse6(@PathVariable("version") String version, @PathVariable("type") String type, @@ -232,7 +229,7 @@ class OpsmxVisibilityController { return opsmxVisibilityService.deleteVisibilityResponse6(version, type, source, source1, source2, source3) } - @ApiOperation(value = "Endpoint for platform visibility services") + @Operation(summary = "Endpoint for platform visibility services") @RequestMapping(value = "/{version}/{type}", method = RequestMethod.POST) Object postVisibilityResponse(@PathVariable("version") String version, @PathVariable("type") String type, @@ -241,7 +238,7 @@ class OpsmxVisibilityController { return opsmxVisibilityService.postVisibilityResponse(version, type,data) } - @ApiOperation(value = "Endpoint for visibility rest services") + @Operation(summary = "Endpoint for visibility rest services") @RequestMapping(value = "/{version}/{type}/{source}", method = RequestMethod.POST) Object postVisibilityResponse3(@PathVariable("version") String version, @PathVariable("type") String type, @@ -251,7 +248,7 @@ class OpsmxVisibilityController { return opsmxVisibilityService.postVisibilityResponse3(version, type, source, data) } - @ApiOperation(value = "Endpoint for visibility rest services") + @Operation(summary = "Endpoint for visibility rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}", method = RequestMethod.POST) Object postVisibilityResponse4(@PathVariable("version") String version, @PathVariable("type") String type, @@ -262,7 +259,7 @@ class OpsmxVisibilityController { return opsmxVisibilityService.postVisibilityResponse4(version, type, source, source1, data) } - @ApiOperation(value = "Endpoint for visibility rest services") + @Operation(summary = "Endpoint for visibility rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}", method = RequestMethod.POST) Object postVisibilityResponse5(@PathVariable("version") String version, @PathVariable("type") String type, @@ -274,7 +271,7 @@ class OpsmxVisibilityController { return opsmxVisibilityService.postVisibilityResponse5(version, type, source, source1, source2, data) } - @ApiOperation(value = "Endpoint for visibility rest services") + @Operation(summary = "Endpoint for visibility rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}", method = RequestMethod.POST) Object postVisibilityResponse6(@PathVariable("version") String version, @PathVariable("type") String type, @@ -287,7 +284,7 @@ class OpsmxVisibilityController { return opsmxVisibilityService.postVisibilityResponse6(version, type, source, source1, source2, source3, data) } - @ApiOperation(value = "Endpoint for visibility rest services") + @Operation(summary = "Endpoint for visibility rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}/{source4}", method = RequestMethod.POST) Object postVisibilityResponse7(@PathVariable("version") String version, @PathVariable("type") String type, @@ -301,7 +298,7 @@ class OpsmxVisibilityController { return opsmxVisibilityService.postVisibilityResponse7(version, type, source, source1, source2, source3, source4, data) } - @ApiOperation(value = "Endpoint for visibility rest services") + @Operation(summary = "Endpoint for visibility rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}/{source4}/{source5}", method = RequestMethod.POST) Object postVisibilityResponse8(@PathVariable("version") String version, @PathVariable("type") String type, @@ -316,7 +313,7 @@ class OpsmxVisibilityController { return opsmxVisibilityService.postVisibilityResponse8(version, type, source, source1, source2, source3, source4, source5, data) } - @ApiOperation(value = "Endpoint for visibility rest services") + @Operation(summary = "Endpoint for visibility rest services") @RequestMapping(value = "/{version}/{type}", method = RequestMethod.PUT) Object updateVisibilityResponse(@PathVariable("version") String version, @PathVariable("type") String type, @@ -325,7 +322,7 @@ class OpsmxVisibilityController { return opsmxVisibilityService.updateVisibilityResponse(version, type, data) } - @ApiOperation(value = "Endpoint for visibility rest services") + @Operation(summary = "Endpoint for visibility rest services") @RequestMapping(value = "/{version}/{type}/{source}", method = RequestMethod.PUT) Object updateVisibilityResponse1(@PathVariable("version") String version, @PathVariable("type") String type, @@ -335,7 +332,7 @@ class OpsmxVisibilityController { return opsmxVisibilityService.updateVisibilityResponse1(version, type, source, data) } - @ApiOperation(value = "Endpoint for visibility rest services") + @Operation(summary = "Endpoint for visibility rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}", method = RequestMethod.PUT) Object updateVisibilityResponse2(@PathVariable("version") String version, @PathVariable("type") String type, @@ -346,7 +343,7 @@ class OpsmxVisibilityController { return opsmxVisibilityService.updateVisibilityResponse2(version, type, source, source1, data) } - @ApiOperation(value = "Endpoint for visibility rest services") + @Operation(summary = "Endpoint for visibility rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}", method = RequestMethod.PUT) Object updateVisibilityResponse3(@PathVariable("version") String version, @PathVariable("type") String type, @@ -358,7 +355,7 @@ class OpsmxVisibilityController { return opsmxVisibilityService.updateVisibilityResponse3(version, type, source, source1, source2, data) } - @ApiOperation(value = "Endpoint for visibility rest services") + @Operation(summary = "Endpoint for visibility rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}", method = RequestMethod.PUT) Object updateVisibilityResponse4(@PathVariable("version") String version, @PathVariable("type") String type, @@ -371,7 +368,7 @@ class OpsmxVisibilityController { return opsmxVisibilityService.updateVisibilityResponse4(version, type, source, source1, source2, source3, data) } - @ApiOperation(value = "Endpoint for visibility rest services") + @Operation(summary = "Endpoint for visibility rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}/{source4}", method = RequestMethod.PUT) Object updateVisibilityResponse5(@PathVariable("version") String version, @PathVariable("type") String type, @@ -385,7 +382,7 @@ class OpsmxVisibilityController { return opsmxVisibilityService.updateVisibilityResponse5(version, type, source, source1, source2, source3, source4, data) } - @ApiOperation(value = "Endpoint for visibility rest services") + @Operation(summary = "Endpoint for visibility rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}/{source4}/{source5}", method = RequestMethod.PUT) Object updateVisibilityResponse6(@PathVariable("version") String version, @PathVariable("type") String type, @@ -400,7 +397,7 @@ class OpsmxVisibilityController { return opsmxVisibilityService.updateVisibilityResponse5(version, type, source, source1, source2, source3, source4, source5, data) } - @ApiOperation(value = "Endpoint for visibility rest services") + @Operation(summary = "Endpoint for visibility rest services") @RequestMapping(value = "/{version}/approvalGateInstances/{id}/spinnakerReview", method = RequestMethod.PUT) Object updateVisibilityResponse7(@PathVariable("version") String version, @PathVariable("id") Integer id, diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/PipelineConfigController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/PipelineConfigController.groovy index 1c8bbba643..8cbd7175b8 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/PipelineConfigController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/PipelineConfigController.groovy @@ -21,7 +21,7 @@ import com.netflix.spinnaker.gate.services.internal.OrcaServiceSelector import com.netflix.spinnaker.kork.web.exceptions.NotFoundException import groovy.transform.CompileStatic import groovy.util.logging.Slf4j -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Autowired import org.springframework.web.bind.annotation.* @@ -36,20 +36,20 @@ class PipelineConfigController { @Autowired OrcaServiceSelector orcaServiceSelector - @ApiOperation(value = "Get all pipeline configs.", response = List.class) + @Operation(summary = "Get all pipeline configs.") @RequestMapping(method = RequestMethod.GET) Collection getAllPipelineConfigs() { return front50Service.getAllPipelineConfigs() } - @ApiOperation(value = "Get pipeline config history.", response = List.class) + @Operation(summary = "Get pipeline config history.") @RequestMapping(value = "/{pipelineConfigId}/history", method = RequestMethod.GET) Collection getPipelineConfigHistory(@PathVariable("pipelineConfigId") String pipelineConfigId, @RequestParam(value = "limit", defaultValue = "20") int limit) { return front50Service.getPipelineConfigHistory(pipelineConfigId, limit) } - @ApiOperation(value = "Convert a pipeline config to a pipeline template.", response = String.class) + @Operation(summary = "Convert a pipeline config to a pipeline template.") @RequestMapping(value = "/{pipelineConfigId}/convertToTemplate", method = RequestMethod.GET) String convertPipelineConfigToPipelineTemplate(@PathVariable("pipelineConfigId") String pipelineConfigId) { Map pipelineConfig = front50Service.getAllPipelineConfigs().find { (pipelineConfigId == it.get("id")) } diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/PipelineController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/PipelineController.groovy index 7b61fd3004..7de709ab93 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/PipelineController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/PipelineController.groovy @@ -29,10 +29,8 @@ import groovy.transform.CompileDynamic import groovy.transform.CompileStatic import groovy.transform.InheritConstructors import groovy.util.logging.Slf4j -import io.swagger.annotations.ApiOperation -import io.swagger.annotations.ApiParam -import io.swagger.annotations.Example -import io.swagger.annotations.ExampleProperty +import io.swagger.v3.oas.annotations.Operation +import io.swagger.v3.oas.annotations.Parameter import org.springframework.beans.factory.annotation.Autowired import org.springframework.http.HttpEntity import org.springframework.http.HttpStatus @@ -41,8 +39,6 @@ import org.springframework.security.access.prepost.PreAuthorize import org.springframework.web.bind.annotation.* import retrofit.RetrofitError -import java.util.stream.Collectors - import static net.logstash.logback.argument.StructuredArguments.value @Slf4j @@ -63,7 +59,7 @@ class PipelineController { ObjectMapper objectMapper @CompileDynamic - @ApiOperation(value = "Delete a pipeline definition") + @Operation(summary = "Delete a pipeline definition") @DeleteMapping("/{application}/{pipelineName:.+}") void deletePipeline(@PathVariable String application, @PathVariable String pipelineName) { List pipelineConfigs = front50Service.getPipelineConfigsForApplication(application, true) @@ -98,7 +94,7 @@ class PipelineController { } @CompileDynamic - @ApiOperation(value = "Save a pipeline definition") + @Operation(summary = "Save a pipeline definition") @PostMapping('') void savePipeline( @RequestBody Map pipeline, @@ -127,13 +123,13 @@ class PipelineController { } } - @ApiOperation(value = "Rename a pipeline definition") + @Operation(summary = "Rename a pipeline definition") @PostMapping('move') void renamePipeline(@RequestBody Map renameCommand) { pipelineService.move(renameCommand) } - @ApiOperation(value = "Retrieve a pipeline execution") + @Operation(summary = "Retrieve a pipeline execution") @GetMapping("{id}") Map getPipeline(@PathVariable("id") String id) { try { @@ -146,7 +142,7 @@ class PipelineController { } @CompileDynamic - @ApiOperation(value = "Update a pipeline definition", response = HashMap.class) + @Operation(summary = "Update a pipeline definition") @PutMapping("{id}") Map updatePipeline(@PathVariable("id") String id, @RequestBody Map pipeline) { def operation = [ @@ -176,7 +172,7 @@ class PipelineController { } } - @ApiOperation(value = "Cancel a pipeline execution") + @Operation(summary = "Cancel a pipeline execution") @PutMapping("{id}/cancel") void cancelPipeline(@PathVariable("id") String id, @RequestParam(required = false) String reason, @@ -184,25 +180,25 @@ class PipelineController { pipelineService.cancelPipeline(id, reason, force) } - @ApiOperation(value = "Pause a pipeline execution") + @Operation(summary = "Pause a pipeline execution") @PutMapping("{id}/pause") void pausePipeline(@PathVariable("id") String id) { pipelineService.pausePipeline(id) } - @ApiOperation(value = "Resume a pipeline execution", response = HashMap.class) + @Operation(summary = "Resume a pipeline execution") @PutMapping("{id}/resume") void resumePipeline(@PathVariable("id") String id) { pipelineService.resumePipeline(id) } - @ApiOperation(value = "Update a stage execution", response = HashMap.class) + @Operation(summary = "Update a stage execution") @PatchMapping("/{id}/stages/{stageId}") Map updateStage(@PathVariable("id") String id, @PathVariable("stageId") String stageId, @RequestBody Map context) { pipelineService.updatePipelineStage(id, stageId, context) } - @ApiOperation(value = "Restart a stage execution", response = HashMap.class) + @Operation(summary = "Restart a stage execution") @PutMapping("/{id}/stages/{stageId}/restart") Map restartStage(@PathVariable("id") String id, @PathVariable("stageId") String stageId, @RequestBody Map context) { Map pipelineMap = getPipeline(id) @@ -224,13 +220,13 @@ class PipelineController { pipelineService.restartPipelineStage(id, stageId, context) } - @ApiOperation(value = "Delete a pipeline execution", response = HashMap.class) + @Operation(summary = "Delete a pipeline execution") @DeleteMapping("{id}") Map deletePipeline(@PathVariable("id") String id) { pipelineService.deletePipeline(id); } - @ApiOperation(value = "Initiate a pipeline execution") + @Operation(summary = "Initiate a pipeline execution") @PostMapping('/start') ResponseEntity start(@RequestBody Map map) { if (map.containsKey("application")) { @@ -242,7 +238,7 @@ class PipelineController { }) } - @ApiOperation(value = "Trigger a pipeline execution") + @Operation(summary = "Trigger a pipeline execution") @PostMapping("/{application}/{pipelineNameOrId:.+}") @ResponseBody @ResponseStatus(HttpStatus.ACCEPTED) @@ -265,7 +261,7 @@ class PipelineController { } } - @ApiOperation(value = "Trigger a pipeline execution", response = Map.class) + @Operation(summary = "Trigger a pipeline execution") @PreAuthorize("hasPermission(#application, 'APPLICATION', 'EXECUTE') && hasPermission(#pipelineNameOrId, 'PIPELINE', 'EXECUTE')") @PostMapping("/v2/{application}/{pipelineNameOrId:.+}") HttpEntity invokePipelineConfigViaEcho(@PathVariable("application") String application, @@ -283,7 +279,7 @@ class PipelineController { } } - @ApiOperation(value = "Evaluate a pipeline expression using the provided execution as context", response = HashMap.class) + @Operation(summary = "Evaluate a pipeline expression using the provided execution as context") @GetMapping("{id}/evaluateExpression") Map evaluateExpressionForExecution(@PathVariable("id") String id, @RequestParam("expression") String pipelineExpression) { @@ -296,7 +292,7 @@ class PipelineController { } } - @ApiOperation(value = "Evaluate a pipeline expression using the provided execution as context", response = HashMap.class) + @Operation(summary = "Evaluate a pipeline expression using the provided execution as context") @PostMapping(value = "{id}/evaluateExpression", consumes = "text/plain") Map evaluateExpressionForExecutionViaPOST(@PathVariable("id") String id, @RequestBody String pipelineExpression) { @@ -309,7 +305,7 @@ class PipelineController { } } - @ApiOperation(value = "Evaluate a pipeline expression at a specific stage using the provided execution as context", response = HashMap.class) + @Operation(summary = "Evaluate a pipeline expression at a specific stage using the provided execution as context") @GetMapping("{id}/{stageId}/evaluateExpression") Map evaluateExpressionForExecutionAtStage(@PathVariable("id") String id, @PathVariable("stageId") String stageId, @@ -323,7 +319,7 @@ class PipelineController { } } - @ApiOperation(value = "Evaluate a pipeline expression using the provided execution as context", response = HashMap.class) + @Operation(summary = "Evaluate a pipeline expression using the provided execution as context") @PostMapping(value = "{id}/evaluateExpression", consumes = "application/json") Map evaluateExpressionForExecutionViaPOST(@PathVariable("id") String id, @RequestBody Map pipelineExpression) { @@ -336,19 +332,16 @@ class PipelineController { } } - @ApiOperation(value = "Evaluate variables same as Evaluate Variables stage using the provided execution as context", response = HashMap.class) + @Operation(summary = "Evaluate variables same as Evaluate Variables stage using the provided execution as context") @PostMapping(value = "{id}/evaluateVariables", consumes = "application/json") - Map evaluateVariables(@ApiParam(value = "Execution id to run against", required = true) + Map evaluateVariables(@Parameter(name = "Execution id to run against", required = true) @RequestParam("executionId") String executionId, - @ApiParam(value = "Comma separated list of requisite stage IDs for the evaluation stage", required = false) + @Parameter(name = "Comma separated list of requisite stage IDs for the evaluation stage", required = false) @RequestParam(value = "requisiteStageRefIds", defaultValue = "") String requisiteStageRefIds, - @ApiParam(value = "Version of SpEL evaluation logic to use (v3 or v4)", required = false) + @Parameter(name = "Version of SpEL evaluation logic to use (v3 or v4)", required = false) @RequestParam(value = "spelVersion", defaultValue = "") String spelVersionOverride, - @ApiParam(value = "List of variables/expressions to evaluate", - required = true, - examples = @Example(value = - @ExampleProperty(mediaType = "application/json", value = '[{"key":"a","value":"1"},{"key":"b","value":"2"},{"key":"sum","value":"${a+b}"}]') - )) + @Parameter(name = "List of variables/expressions to evaluate", + required = true) @RequestBody List> expressions) { try { return pipelineService.evaluateVariables(executionId, requisiteStageRefIds, spelVersionOverride, expressions) diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/PipelineTemplatesController.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/PipelineTemplatesController.java index 2e8d65efc4..ff05749f57 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/PipelineTemplatesController.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/PipelineTemplatesController.java @@ -22,23 +22,11 @@ import com.netflix.spinnaker.gate.services.PipelineTemplateService.PipelineTemplateDependent; import com.netflix.spinnaker.gate.services.TaskService; import com.netflix.spinnaker.security.AuthenticatedRequest; -import io.swagger.annotations.ApiOperation; -import java.util.ArrayList; -import java.util.Base64; -import java.util.Collection; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.Optional; +import io.swagger.v3.oas.annotations.Operation; +import java.util.*; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; -import org.springframework.web.bind.annotation.PathVariable; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestMethod; -import org.springframework.web.bind.annotation.RequestParam; -import org.springframework.web.bind.annotation.ResponseStatus; -import org.springframework.web.bind.annotation.RestController; +import org.springframework.web.bind.annotation.*; @RestController @RequestMapping(value = "/pipelineTemplates") @@ -61,13 +49,13 @@ public PipelineTemplatesController( this.objectMapper = objectMapper; } - @ApiOperation(value = "List pipeline templates.", response = List.class) + @Operation(summary = "List pipeline templates.") @RequestMapping(method = RequestMethod.GET) public Collection list(@RequestParam(required = false) List scopes) { return pipelineTemplateService.findByScope(scopes); } - @ApiOperation(value = "Create a pipeline template.", response = HashMap.class) + @Operation(summary = "Create a pipeline template.") @RequestMapping(method = RequestMethod.POST) @ResponseStatus(value = HttpStatus.ACCEPTED) public Map create(@RequestBody Map pipelineTemplate) { @@ -94,7 +82,7 @@ public Map create(@RequestBody Map pipelineTemplate) { return taskService.create(operation); } - @ApiOperation(value = "Resolve a pipeline template.", response = HashMap.class) + @Operation(summary = "Resolve a pipeline template.") @RequestMapping(value = "/resolve", method = RequestMethod.GET) public Map resolveTemplates( @RequestParam String source, @@ -103,13 +91,13 @@ public Map resolveTemplates( return pipelineTemplateService.resolve(source, executionId, pipelineConfigId); } - @ApiOperation(value = "Get a pipeline template.", response = HashMap.class) + @Operation(summary = "Get a pipeline template.") @RequestMapping(value = "/{id}", method = RequestMethod.GET) public Map get(@PathVariable String id) { return pipelineTemplateService.get(id); } - @ApiOperation(value = "Update a pipeline template.", response = HashMap.class) + @Operation(summary = "Update a pipeline template.") @RequestMapping(value = "/{id}", method = RequestMethod.POST) @ResponseStatus(value = HttpStatus.ACCEPTED) public Map update( @@ -142,7 +130,7 @@ public Map update( return taskService.create(operation); } - @ApiOperation(value = "Delete a pipeline template.", response = HashMap.class) + @Operation(summary = "Delete a pipeline template.") @RequestMapping(value = "/{id}", method = RequestMethod.DELETE) @ResponseStatus(value = HttpStatus.ACCEPTED) public Map delete( @@ -163,9 +151,7 @@ public Map delete( return taskService.create(operation); } - @ApiOperation( - value = "List all pipelines that implement a pipeline template", - response = List.class) + @Operation(summary = "List all pipelines that implement a pipeline template") @RequestMapping(value = "/{id}/dependents", method = RequestMethod.GET) public List listPipelineTemplateDependents( @PathVariable String id, diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ProjectController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ProjectController.groovy index 911e148bf2..4a814b58be 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ProjectController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ProjectController.groovy @@ -19,7 +19,7 @@ package com.netflix.spinnaker.gate.controllers import com.netflix.spinnaker.gate.services.ProjectService import groovy.util.logging.Slf4j -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Autowired import org.springframework.web.bind.annotation.* @@ -30,26 +30,26 @@ class ProjectController { @Autowired ProjectService projectService - @ApiOperation(value = "Get all projects", response = List.class) + @Operation(summary = "Get all projects") @RequestMapping(method = RequestMethod.GET) List all() { return projectService.getAll() } - @ApiOperation(value = "Get a project", response = HashMap.class) + @Operation(summary = "Get a project") @RequestMapping(value = "/{id:.+}", method = RequestMethod.GET) Map get(@PathVariable("id") String projectId) { return projectService.get(projectId) } - @ApiOperation(value = "Get a project's clusters", response = List.class) + @Operation(summary = "Get a project's clusters") @RequestMapping(value = "/{id}/clusters", method = RequestMethod.GET) List getClusters(@PathVariable("id") String projectId, @RequestHeader(value = "X-RateLimit-App", required = false) String sourceApp) { return projectService.getClusters(projectId, sourceApp) } - @ApiOperation(value = "Get all pipelines for project", response = List.class) + @Operation(summary = "Get all pipelines for project") @RequestMapping(value = "/{id:.+}/pipelines", method = RequestMethod.GET) List allPipelinesForProject(@PathVariable("id") String projectId, @RequestParam(value = "limit", defaultValue = "5") int limit, diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/PubsubSubscriptionController.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/PubsubSubscriptionController.java index 820e86cfad..ee7e1b6f95 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/PubsubSubscriptionController.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/PubsubSubscriptionController.java @@ -17,7 +17,7 @@ package com.netflix.spinnaker.gate.controllers; import com.netflix.spinnaker.gate.services.PubsubSubscriptionService; -import io.swagger.annotations.ApiOperation; +import io.swagger.v3.oas.annotations.Operation; import java.util.List; import java.util.Map; import org.springframework.beans.factory.annotation.Autowired; @@ -30,7 +30,7 @@ public class PubsubSubscriptionController { @Autowired private PubsubSubscriptionService pubsubSubscriptionService; - @ApiOperation(value = "Retrieve the list of pub/sub subscriptions configured in Echo.") + @Operation(summary = "Retrieve the list of pub/sub subscriptions configured in Echo.") @RequestMapping(value = "/pubsub/subscriptions", method = RequestMethod.GET) List> all() { return pubsubSubscriptionService.getPubsubSubscriptions(); diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/RawResourceController.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/RawResourceController.java index ec6a4dcd85..575a3a7f21 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/RawResourceController.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/RawResourceController.java @@ -18,7 +18,7 @@ package com.netflix.spinnaker.gate.controllers; import com.netflix.spinnaker.gate.services.RawResourceService; -import io.swagger.annotations.ApiOperation; +import io.swagger.v3.oas.annotations.Operation; import java.util.List; import java.util.Map; import org.springframework.beans.factory.annotation.Autowired; @@ -33,9 +33,7 @@ public RawResourceController(RawResourceService rawResourceService) { this.rawResourceService = rawResourceService; } - @ApiOperation( - value = "Retrieve a list of raw resources for a given application", - response = List.class) + @Operation(summary = "Retrieve a list of raw resources for a given application") @RequestMapping(value = "/applications/{application}/rawResources", method = RequestMethod.GET) List> getApplicationRawResources(@PathVariable String application) { return rawResourceService.getApplicationRawResources(application); diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ReorderPipelinesController.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ReorderPipelinesController.java index db6f11282f..9c821f9ed6 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ReorderPipelinesController.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ReorderPipelinesController.java @@ -23,12 +23,8 @@ import com.netflix.spinnaker.security.AuthenticatedRequest; import groovy.transform.CompileStatic; import groovy.util.logging.Slf4j; -import io.swagger.annotations.ApiOperation; -import java.util.ArrayList; -import java.util.Base64; -import java.util.HashMap; -import java.util.List; -import java.util.Map; +import io.swagger.v3.oas.annotations.Operation; +import java.util.*; import lombok.Data; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.RequestBody; @@ -47,13 +43,13 @@ public class ReorderPipelinesController { @Autowired TaskService taskService; - @ApiOperation(value = "Re-order pipelines") + @Operation(summary = "Re-order pipelines") @RequestMapping(value = "/pipelines/reorder", method = RequestMethod.POST) public Map reorderPipelines(@RequestBody ReorderPipelinesCommand reorderPipelinesCommand) { return handlePipelineReorder(reorderPipelinesCommand, false); } - @ApiOperation(value = "Re-order pipeline strategies") + @Operation(summary = "Re-order pipeline strategies") @RequestMapping(value = "/strategies/reorder", method = RequestMethod.POST) public Map reorderPipelineStrategies( @RequestBody ReorderPipelinesCommand reorderPipelinesCommand) { diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/RoleController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/RoleController.groovy index dedcd2e5c4..068d27389c 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/RoleController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/RoleController.groovy @@ -17,7 +17,7 @@ package com.netflix.spinnaker.gate.controllers import com.netflix.spinnaker.gate.services.RoleService -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Autowired import org.springframework.web.bind.annotation.PathVariable import org.springframework.web.bind.annotation.RequestMapping @@ -31,7 +31,7 @@ class RoleController { @Autowired RoleService roleService - @ApiOperation(value = "Retrieve a list of roles that can be used by the selected cloud provider") + @Operation(summary = "Retrieve a list of roles that can be used by the selected cloud provider") @RequestMapping(value = "/{cloudProvider}", method = RequestMethod.GET) List all(@PathVariable String cloudProvider) { roleService.getRoles(cloudProvider) diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/RootController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/RootController.groovy index 866edd70d1..afa09bc0a7 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/RootController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/RootController.groovy @@ -21,7 +21,7 @@ import org.springframework.beans.factory.annotation.Value import org.springframework.web.bind.annotation.RequestMapping import org.springframework.web.bind.annotation.RestController -import javax.servlet.http.HttpServletResponse +import jakarta.servlet.http.HttpServletResponse @Slf4j @RestController diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/SearchController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/SearchController.groovy index 5bc191f7e5..6046b315f1 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/SearchController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/SearchController.groovy @@ -18,18 +18,17 @@ package com.netflix.spinnaker.gate.controllers import com.netflix.spinnaker.gate.services.SearchService -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation +import jakarta.servlet.http.HttpServletRequest import org.springframework.beans.factory.annotation.Autowired import org.springframework.web.bind.annotation.* -import javax.servlet.http.HttpServletRequest - @RestController class SearchController { @Autowired SearchService searchService - @ApiOperation(value = "Search infrastructure", response = List.class) + @Operation(summary = "Search infrastructure") @RequestMapping(value = "/search", method = RequestMethod.GET) List search(@RequestParam(value = "q", defaultValue = "", required = false) String query, @RequestParam(value = "type") String type, diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/SecurityGroupController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/SecurityGroupController.groovy index 9a7802b497..ee029f2b1b 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/SecurityGroupController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/SecurityGroupController.groovy @@ -18,7 +18,7 @@ package com.netflix.spinnaker.gate.controllers import com.netflix.spinnaker.gate.services.SecurityGroupService import com.netflix.spinnaker.kork.web.exceptions.NotFoundException -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Autowired import org.springframework.web.bind.annotation.* @@ -30,7 +30,7 @@ class SecurityGroupController { @Autowired SecurityGroupService securityGroupService - @ApiOperation(value = "Retrieve a list of security groups, grouped by account, cloud provider, and region") + @Operation(summary = "Retrieve a list of security groups, grouped by account, cloud provider, and region") @RequestMapping(method = RequestMethod.GET) Map all(@RequestParam(value = "id", required = false) String id, @RequestHeader(value = "X-RateLimit-App", required = false) String sourceApp) { @@ -46,7 +46,7 @@ class SecurityGroupController { } } - @ApiOperation(value = "Retrieve a list of security groups for a given account, grouped by region") + @Operation(summary = "Retrieve a list of security groups for a given account, grouped by region") @RequestMapping(value = "/{account}", method = RequestMethod.GET) Map allByAccount( @PathVariable String account, @@ -55,7 +55,7 @@ class SecurityGroupController { securityGroupService.getForAccountAndProvider(account, provider, sourceApp) } - @ApiOperation(value = "Retrieve a security group's details") + @Operation(summary = "Retrieve a security group's details") @RequestMapping(value = "/{account}/{region}/{name:.+}", method = RequestMethod.GET) Map getSecurityGroup( @PathVariable String account, diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ServerGroupController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ServerGroupController.groovy index 38021873df..0667fa7375 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ServerGroupController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ServerGroupController.groovy @@ -20,14 +20,9 @@ package com.netflix.spinnaker.gate.controllers import com.netflix.spinnaker.gate.services.ServerGroupService import com.netflix.spinnaker.kork.web.exceptions.NotFoundException import groovy.transform.CompileStatic -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Autowired -import org.springframework.web.bind.annotation.PathVariable -import org.springframework.web.bind.annotation.RequestHeader -import org.springframework.web.bind.annotation.RequestMapping -import org.springframework.web.bind.annotation.RequestMethod -import org.springframework.web.bind.annotation.RequestParam -import org.springframework.web.bind.annotation.RestController +import org.springframework.web.bind.annotation.* @CompileStatic @RestController @@ -35,7 +30,7 @@ class ServerGroupController { @Autowired ServerGroupService serverGroupService - @ApiOperation(value = "Retrieve a list of server groups for a given application") + @Operation(summary = "Retrieve a list of server groups for a given application") @RequestMapping(value = "/applications/{applicationName}/serverGroups", method = RequestMethod.GET) List getServerGroupsForApplication(@PathVariable String applicationName, @RequestParam(required = false, value = 'expand', defaultValue = 'false') String expand, @@ -45,7 +40,7 @@ class ServerGroupController { serverGroupService.getForApplication(applicationName, expand, cloudProvider, clusters, sourceApp) } - @ApiOperation(value = "Retrieve a list of server groups for a list of applications or a list of servergroups by 'account:region:name'") + @Operation(summary = "Retrieve a list of server groups for a list of applications or a list of servergroups by 'account:region:name'") @RequestMapping(value = "/serverGroups", method = RequestMethod.GET) List getServerGroups(@RequestParam(required = false, value = 'applications') List applications, @RequestParam(required = false, value = 'ids') List ids, @@ -62,7 +57,7 @@ class ServerGroupController { } } - @ApiOperation(value = "Retrieve a server group's details") + @Operation(summary = "Retrieve a server group's details") @RequestMapping(value = "/applications/{applicationName}/serverGroups/{account}/{region}/{serverGroupName:.+}", method = RequestMethod.GET) Map getServerGroupDetails(@PathVariable String applicationName, @PathVariable String account, diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ServerGroupManagerController.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ServerGroupManagerController.java index 64bbdcbbcc..5f39090f52 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ServerGroupManagerController.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ServerGroupManagerController.java @@ -17,7 +17,7 @@ package com.netflix.spinnaker.gate.controllers; import com.netflix.spinnaker.gate.services.ServerGroupManagerService; -import io.swagger.annotations.ApiOperation; +import io.swagger.v3.oas.annotations.Operation; import java.util.List; import java.util.Map; import org.springframework.beans.factory.annotation.Autowired; @@ -36,9 +36,7 @@ public class ServerGroupManagerController { this.serverGroupManagerService = serverGroupManagerService; } - @ApiOperation( - value = "Retrieve a list of server group managers for an application", - response = List.class) + @Operation(summary = "Retrieve a list of server group managers for an application") @RequestMapping(method = RequestMethod.GET) public List getServerGroupManagersForApplication(@PathVariable String application) { return this.serverGroupManagerService.getServerGroupManagersForApplication(application); diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/SlackController.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/SlackController.java index 8c984fde13..bff2cfa82c 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/SlackController.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/SlackController.java @@ -20,7 +20,7 @@ import com.netflix.spinnaker.gate.config.SlackConfigProperties; import com.netflix.spinnaker.gate.services.SlackService; import com.netflix.spinnaker.kork.core.RetrySupport; -import io.swagger.annotations.ApiOperation; +import io.swagger.v3.oas.annotations.Operation; import java.time.Duration; import java.util.ArrayList; import java.util.Date; @@ -64,7 +64,7 @@ public SlackController( this.registry = registry; } - @ApiOperation("Retrieve a list of public slack channels") + @Operation(summary = "Retrieve a list of public slack channels") @RequestMapping("/channels") public List getChannels() { return slackChannelsCache.get(); diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/SnapshotController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/SnapshotController.groovy index cb48904b85..d9530e40e9 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/SnapshotController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/SnapshotController.groovy @@ -19,7 +19,7 @@ package com.netflix.spinnaker.gate.controllers import com.netflix.spinnaker.gate.services.SnapshotService import groovy.transform.CompileStatic import groovy.util.logging.Slf4j -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Autowired import org.springframework.web.bind.annotation.* @@ -32,14 +32,14 @@ class SnapshotController { @Autowired SnapshotService snapshotService - @ApiOperation(value = "Get current snapshot", response = HashMap.class) + @Operation(summary = "Get current snapshot") @RequestMapping(value = "/{application}/snapshots/{account}", method = RequestMethod.GET) Map getCurrentSnapshot(@PathVariable("application") String application, @PathVariable("account") String account) { snapshotService.getCurrent(application, account) } - @ApiOperation(value = "Get snapshot history", response = List.class) + @Operation(summary = "Get snapshot history") @RequestMapping(value = "/{application}/snapshots/{account}/history", method = RequestMethod.GET) List getSnapshotHistory(@PathVariable("application") String application, @PathVariable("account") String account, diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/StorageAccountController.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/StorageAccountController.java index 3ad9b9a599..0f7753a7f4 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/StorageAccountController.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/StorageAccountController.java @@ -17,7 +17,7 @@ package com.netflix.spinnaker.gate.controllers; import com.netflix.spinnaker.gate.services.appengine.StorageAccountService; -import io.swagger.annotations.ApiOperation; +import io.swagger.v3.oas.annotations.Operation; import java.util.List; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.RequestHeader; @@ -32,7 +32,7 @@ public class StorageAccountController { @Autowired private StorageAccountService storageAccountService; - @ApiOperation(value = "Retrieve the list of storage accounts configured in Clouddriver.") + @Operation(summary = "Retrieve the list of storage accounts configured in Clouddriver.") @RequestMapping(method = RequestMethod.GET) List all(@RequestHeader(value = "X-RateLimit-App", required = false) String sourceApp) { return storageAccountService.getAppengineStorageAccounts(sourceApp); diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/SubnetController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/SubnetController.groovy index bfa896d928..412208592d 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/SubnetController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/SubnetController.groovy @@ -17,9 +17,12 @@ package com.netflix.spinnaker.gate.controllers import com.netflix.spinnaker.gate.services.internal.ClouddriverServiceSelector -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Autowired -import org.springframework.web.bind.annotation.* +import org.springframework.web.bind.annotation.PathVariable +import org.springframework.web.bind.annotation.RequestMapping +import org.springframework.web.bind.annotation.RequestMethod +import org.springframework.web.bind.annotation.RestController @RestController @RequestMapping("/subnets") @@ -28,7 +31,7 @@ class SubnetController { @Autowired ClouddriverServiceSelector clouddriverServiceSelector - @ApiOperation(value = "Retrieve a list of subnets for a given cloud provider", response = List.class) + @Operation(summary = "Retrieve a list of subnets for a given cloud provider") @RequestMapping(value = "/{cloudProvider}", method = RequestMethod.GET) List allByCloudProvider(@PathVariable String cloudProvider) { clouddriverServiceSelector.select().getSubnets(cloudProvider) diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/TaskController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/TaskController.groovy index 883685879a..683c97c2e0 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/TaskController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/TaskController.groovy @@ -18,7 +18,7 @@ package com.netflix.spinnaker.gate.controllers import com.netflix.spinnaker.gate.services.TaskService import groovy.transform.CompileStatic -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Autowired import org.springframework.web.bind.annotation.* @@ -30,37 +30,37 @@ class TaskController { @Autowired TaskService taskService - @ApiOperation(value = "Get task", response = HashMap.class) + @Operation(summary = "Get task") @RequestMapping(value = "/{id}", method = RequestMethod.GET) Map getTask(@PathVariable("id") String id) { taskService.getTask(id) } - @ApiOperation(value = "Delete task", response = HashMap.class) + @Operation(summary = "Delete task") @RequestMapping(value = "/{id}", method = RequestMethod.DELETE) Map deleteTask(@PathVariable("id") String id) { taskService.deleteTask(id) } - @ApiOperation(value = "Create task", response = HashMap.class) + @Operation(summary = "Create task") @RequestMapping(method = RequestMethod.POST) Map task(@RequestBody Map map) { taskService.createAppTask(map) } - @ApiOperation(value = "Cancel task", response = HashMap.class) + @Operation(summary = "Cancel task") @RequestMapping(value = "/{id}/cancel", method = RequestMethod.PUT) Map cancelTask(@PathVariable("id") String id) { taskService.cancelTask(id) } - @ApiOperation(value = "Cancel tasks", response = HashMap.class) + @Operation(summary = "Cancel tasks") @RequestMapping(value = "/cancel", method = RequestMethod.PUT) Map cancelTasks(@RequestParam List ids) { taskService.cancelTasks(ids) } - @ApiOperation(value = "Get task details", response = HashMap.class) + @Operation(summary = "Get task details") @RequestMapping(value = "/{id}/details/{taskDetailsId}", method = RequestMethod.GET) Map getTaskDetails(@PathVariable("id") String id, @PathVariable("taskDetailsId") String taskDetailsId, diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/TokenAuthController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/TokenAuthController.groovy index 03897ba694..ce4e391339 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/TokenAuthController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/TokenAuthController.groovy @@ -1,13 +1,12 @@ package com.netflix.spinnaker.gate.controllers - import com.netflix.spinnaker.gate.config.AuthenticationRequest import com.netflix.spinnaker.gate.config.AuthenticationResponse import com.netflix.spinnaker.gate.config.JwtUtil import com.netflix.spinnaker.gate.services.UserDataService import com.netflix.spinnaker.gate.util.OesRestApi import groovy.util.logging.Slf4j -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.apache.tomcat.websocket.AuthenticationException import org.springframework.beans.factory.annotation.Autowired import org.springframework.beans.factory.annotation.Value @@ -53,7 +52,7 @@ class TokenAuthController { String groupApiPath; - @ApiOperation(value = "New Login for Jwt") + @Operation(summary = "New Login for Jwt") @RequestMapping(value = "/login", method = RequestMethod.POST, produces = "application/json") public ResponseEntity authenticateUser(@RequestBody AuthenticationRequest authenticationRequest ) { diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/V2CanaryConfigController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/V2CanaryConfigController.groovy index bf0d82b0d1..01a13f82b7 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/V2CanaryConfigController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/V2CanaryConfigController.groovy @@ -17,15 +17,10 @@ package com.netflix.spinnaker.gate.controllers import com.netflix.spinnaker.gate.services.CanaryConfigService -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Autowired import org.springframework.boot.autoconfigure.condition.ConditionalOnBean -import org.springframework.web.bind.annotation.PathVariable -import org.springframework.web.bind.annotation.RequestBody -import org.springframework.web.bind.annotation.RequestMapping -import org.springframework.web.bind.annotation.RequestMethod -import org.springframework.web.bind.annotation.RequestParam -import org.springframework.web.bind.annotation.RestController +import org.springframework.web.bind.annotation.* @RestController @RequestMapping("/v2/canaryConfig") @@ -35,28 +30,28 @@ class V2CanaryConfigController { @Autowired CanaryConfigService canaryConfigService - @ApiOperation(value = "Retrieve a list of canary configurations") + @Operation(summary = "Retrieve a list of canary configurations") @RequestMapping(method = RequestMethod.GET) List getCanaryConfigs(@RequestParam(value = "application", required = false) String application, @RequestParam(value = "configurationAccountName", required = false) String configurationAccountName) { canaryConfigService.getCanaryConfigs(application, configurationAccountName) } - @ApiOperation(value = "Retrieve a canary configuration by id") + @Operation(summary = "Retrieve a canary configuration by id") @RequestMapping(value = "/{id}", method = RequestMethod.GET) Map getCanaryConfig(@PathVariable String id, @RequestParam(value = "configurationAccountName", required = false) String configurationAccountName) { canaryConfigService.getCanaryConfig(id, configurationAccountName) } - @ApiOperation(value = "Create a canary configuration") + @Operation(summary = "Create a canary configuration") @RequestMapping(method = RequestMethod.POST) Map createCanaryConfig(@RequestBody Map config, @RequestParam(value = "configurationAccountName", required = false) String configurationAccountName) { canaryConfigService.createCanaryConfig(config, configurationAccountName) } - @ApiOperation(value = "Update a canary configuration") + @Operation(summary = "Update a canary configuration") @RequestMapping(value = "/{id}", method = RequestMethod.PUT) Map updateCanaryConfig(@PathVariable String id, @RequestParam(value = "configurationAccountName", required = false) String configurationAccountName, @@ -64,7 +59,7 @@ class V2CanaryConfigController { canaryConfigService.updateCanaryConfig(id, config, configurationAccountName) } - @ApiOperation(value = "Delete a canary configuration") + @Operation(summary = "Delete a canary configuration") @RequestMapping(value = "/{id}", method = RequestMethod.DELETE) void deleteCanaryConfig(@PathVariable String id, @RequestParam(value = "configurationAccountName", required = false) String configurationAccountName) { diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/V2CanaryController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/V2CanaryController.groovy index c2f093f45b..634a3dc683 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/V2CanaryController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/V2CanaryController.groovy @@ -17,8 +17,8 @@ package com.netflix.spinnaker.gate.controllers import com.netflix.spinnaker.gate.services.V2CanaryService -import io.swagger.annotations.ApiOperation -import io.swagger.annotations.ApiParam +import io.swagger.v3.oas.annotations.Operation +import io.swagger.v3.oas.annotations.Parameter import org.springframework.beans.factory.annotation.Autowired import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression import org.springframework.web.bind.annotation.* @@ -31,26 +31,26 @@ class V2CanaryController { @Autowired V2CanaryService v2CanaryService - @ApiOperation(value = 'Retrieve a list of configured Kayenta accounts') + @Operation(summary = 'Retrieve a list of configured Kayenta accounts') @RequestMapping(value = '/credentials', method = RequestMethod.GET) List listCredentials() { v2CanaryService.getCredentials() } - @ApiOperation(value = 'Retrieve a list of descriptors for use in populating the canary config ui') + @Operation(summary = 'Retrieve a list of descriptors for use in populating the canary config ui') @RequestMapping(value = '/metadata/metricsService', method = RequestMethod.GET) List listMetricsServiceMetadata(@RequestParam(required = false) final String filter, @RequestParam(required = false) final String metricsAccountName) { v2CanaryService.listMetricsServiceMetadata(filter, metricsAccountName) } - @ApiOperation(value = 'Retrieve a list of all configured canary judges') + @Operation(summary = 'Retrieve a list of all configured canary judges') @RequestMapping(value = '/judges', method = RequestMethod.GET) List listJudges() { v2CanaryService.listJudges() } - @ApiOperation(value = 'Start a canary execution') + @Operation(summary = 'Start a canary execution') @RequestMapping(value = '/canary/{canaryConfigId:.+}', method = RequestMethod.POST) Map initiateCanary(@PathVariable String canaryConfigId, @RequestBody Map executionRequest, @@ -68,7 +68,7 @@ class V2CanaryController { configurationAccountName) } - @ApiOperation(value = 'Start a canary execution with the supplied canary config') + @Operation(summary = 'Start a canary execution with the supplied canary config') @RequestMapping(value = '/canary', method = RequestMethod.POST) Map initiateCanaryWithConfig(@RequestBody Map adhocExecutionRequest, @RequestParam(value = 'application', required = false) String application, @@ -83,7 +83,7 @@ class V2CanaryController { } // TODO: Change callers to the new endpoint sans canary config id in Spinnaker 1.17.x. - @ApiOperation(value = '(DEPRECATED) Retrieve a canary result') + @Operation(summary = '(DEPRECATED) Retrieve a canary result') @RequestMapping(value = '/canary/{canaryConfigId}/{canaryExecutionId}', method = RequestMethod.GET) @Deprecated Map getCanaryResult(@PathVariable String canaryConfigId /* unused */, @@ -92,19 +92,19 @@ class V2CanaryController { v2CanaryService.getCanaryResults(canaryExecutionId, storageAccountName) } - @ApiOperation(value = 'Retrieve a canary result') + @Operation(summary = 'Retrieve a canary result') @RequestMapping(value = '/canary/{canaryExecutionId}', method = RequestMethod.GET) Map getCanaryResult(@PathVariable String canaryExecutionId, @RequestParam(value='storageAccountName', required = false) String storageAccountName) { v2CanaryService.getCanaryResults(canaryExecutionId, storageAccountName) } - @ApiOperation(value = 'Retrieve a list of an application\'s canary results') + @Operation(summary = 'Retrieve a list of an application\'s canary results') @RequestMapping(value = '/{application}/executions', method = RequestMethod.GET) List getCanaryResultsByApplication(@PathVariable String application, @RequestParam(value='limit') int limit, @RequestParam(value='page', defaultValue='1') int page, - @ApiParam('Comma-separated list of statuses, e.g.: RUNNING, SUCCEEDED, TERMINAL') + @Parameter(description = 'Comma-separated list of statuses, e.g.: RUNNING, SUCCEEDED, TERMINAL') @RequestParam(value='statuses', required = false) String statuses, @RequestParam(value='storageAccountName', required = false) String storageAccountName) { v2CanaryService.getCanaryResultsByApplication(application, limit, page, statuses, storageAccountName) @@ -112,7 +112,7 @@ class V2CanaryController { // TODO(dpeach): remove this endpoint when a Kayenta endpoint for // retrieving a single metric set pair exists. - @ApiOperation(value = 'Retrieve a metric set pair list') + @Operation(summary = 'Retrieve a metric set pair list') @RequestMapping(value = '/metricSetPairList/{metricSetPairListId}', method = RequestMethod.GET) List getMetricSetPairList(@PathVariable String metricSetPairListId, @RequestParam(value='storageAccountName', required = false) String storageAccountName) { diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/V2PipelineTemplatesController.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/V2PipelineTemplatesController.java index 04daea91fa..0fee80ef57 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/V2PipelineTemplatesController.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/V2PipelineTemplatesController.java @@ -16,35 +16,21 @@ package com.netflix.spinnaker.gate.controllers; -import static com.netflix.spinnaker.gate.controllers.PipelineTemplatesController.encodeAsBase64; -import static com.netflix.spinnaker.gate.controllers.PipelineTemplatesController.getApplicationFromTemplate; -import static com.netflix.spinnaker.gate.controllers.PipelineTemplatesController.getNameFromTemplate; +import static com.netflix.spinnaker.gate.controllers.PipelineTemplatesController.*; import com.fasterxml.jackson.databind.ObjectMapper; -import com.netflix.spinnaker.gate.controllers.PipelineTemplatesController.PipelineTemplate; import com.netflix.spinnaker.gate.services.PipelineTemplateService.PipelineTemplateDependent; import com.netflix.spinnaker.gate.services.TaskService; import com.netflix.spinnaker.gate.services.V2PipelineTemplateService; import com.netflix.spinnaker.kork.exceptions.HasAdditionalAttributes; import com.netflix.spinnaker.security.AuthenticatedRequest; import groovy.transform.InheritConstructors; -import io.swagger.annotations.ApiOperation; -import java.util.ArrayList; -import java.util.Collection; -import java.util.Collections; -import java.util.HashMap; -import java.util.List; -import java.util.Map; +import io.swagger.v3.oas.annotations.Operation; +import java.util.*; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; import org.springframework.util.StringUtils; -import org.springframework.web.bind.annotation.PathVariable; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestMethod; -import org.springframework.web.bind.annotation.RequestParam; -import org.springframework.web.bind.annotation.ResponseStatus; -import org.springframework.web.bind.annotation.RestController; +import org.springframework.web.bind.annotation.*; @RestController @RequestMapping(value = "/v2/pipelineTemplates") @@ -69,25 +55,25 @@ public V2PipelineTemplatesController( } // TODO(louisjimenez): Deprecated. Will be replaced with /versions endpoint starting with 1.19. - @ApiOperation(value = "(ALPHA) List pipeline templates.", response = List.class) + @Operation(summary = "(ALPHA) List pipeline templates.") @RequestMapping(method = RequestMethod.GET) public Collection list(@RequestParam(required = false) List scopes) { return v2PipelineTemplateService.findByScope(scopes); } - @ApiOperation(value = "List pipeline templates with versions", response = Map.class) + @Operation(summary = "List pipeline templates with versions") @RequestMapping(value = "/versions", method = RequestMethod.GET) public Map> listVersions(@RequestParam(required = false) List scopes) { return v2PipelineTemplateService.findVersionsByScope(scopes); } - @ApiOperation(value = "(ALPHA) Plan a pipeline template configuration.", response = HashMap.class) + @Operation(summary = "(ALPHA) Plan a pipeline template configuration.") @RequestMapping(value = "/plan", method = RequestMethod.POST) public Map plan(@RequestBody Map pipeline) { return v2PipelineTemplateService.plan(pipeline); } - @ApiOperation(value = "(ALPHA) Create a pipeline template.", response = HashMap.class) + @Operation(summary = "(ALPHA) Create a pipeline template.") @RequestMapping(value = "/create", method = RequestMethod.POST) @ResponseStatus(value = HttpStatus.OK) public Map create( @@ -133,7 +119,7 @@ private void validateSchema(Map pipelineTemplate) { } } - @ApiOperation(value = "(ALPHA) Update a pipeline template.", response = HashMap.class) + @Operation(summary = "(ALPHA) Update a pipeline template.") @RequestMapping(value = "/update/{id}", method = RequestMethod.POST) @ResponseStatus(value = HttpStatus.OK) public Map update( @@ -175,7 +161,7 @@ private Map makeUpdateOp( return operation; } - @ApiOperation(value = "(ALPHA) Get a pipeline template.", response = HashMap.class) + @Operation(summary = "(ALPHA) Get a pipeline template.") @RequestMapping(value = "/{id}", method = RequestMethod.GET) public Map get( @PathVariable String id, @@ -184,7 +170,7 @@ public Map get( return v2PipelineTemplateService.get(id, tag, digest); } - @ApiOperation(value = "Delete a pipeline template.", response = HashMap.class) + @Operation(summary = "Delete a pipeline template.") @RequestMapping(value = "/{id}", method = RequestMethod.DELETE) @ResponseStatus(value = HttpStatus.OK) public Map delete( @@ -209,9 +195,7 @@ public Map delete( return taskService.createAndWaitForCompletion(operation); } - @ApiOperation( - value = "(ALPHA) List all pipelines that implement a pipeline template", - response = List.class) + @Operation(summary = "(ALPHA) List all pipelines that implement a pipeline template") @RequestMapping(value = "/{id}/dependents", method = RequestMethod.GET) public List listPipelineTemplateDependents(@PathVariable String id) { return v2PipelineTemplateService.getTemplateDependents(id); diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/VersionController.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/VersionController.java index 8bc6e9b96f..933d25a31b 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/VersionController.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/VersionController.java @@ -16,7 +16,7 @@ package com.netflix.spinnaker.gate.controllers; -import io.swagger.annotations.ApiOperation; +import io.swagger.v3.oas.annotations.Operation; import java.util.Optional; import lombok.Data; import org.springframework.web.bind.annotation.RequestMapping; @@ -27,7 +27,7 @@ @RequestMapping("/version") public class VersionController { - @ApiOperation(value = "Fetch Gate's current version") + @Operation(summary = "Fetch Gate's current version") @RequestMapping(method = RequestMethod.GET) Version getVersion() { return new Version(); diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/WebhookController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/WebhookController.groovy index 5a08935d7f..22c00194c4 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/WebhookController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/WebhookController.groovy @@ -17,14 +17,9 @@ package com.netflix.spinnaker.gate.controllers import com.netflix.spinnaker.gate.services.WebhookService -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Autowired -import org.springframework.web.bind.annotation.PathVariable -import org.springframework.web.bind.annotation.RequestBody -import org.springframework.web.bind.annotation.RequestHeader -import org.springframework.web.bind.annotation.RequestMapping -import org.springframework.web.bind.annotation.RequestMethod -import org.springframework.web.bind.annotation.RestController +import org.springframework.web.bind.annotation.* @RestController @RequestMapping("/webhooks") @@ -33,7 +28,7 @@ class WebhookController { @Autowired WebhookService webhookService - @ApiOperation(value = "Endpoint for posting webhooks to Spinnaker's webhook service") + @Operation(summary = "Endpoint for posting webhooks to Spinnaker's webhook service") @RequestMapping(value = "/{type}/{source}", method = RequestMethod.POST) Map webhooks(@PathVariable("type") String type, @PathVariable("source") String source, @@ -48,7 +43,7 @@ class WebhookController { } } - @ApiOperation(value = "Retrieve a list of preconfigured webhooks in Orca") + @Operation(summary = "Retrieve a list of preconfigured webhooks in Orca") @RequestMapping(value = "/preconfigured", method = RequestMethod.GET) List preconfiguredWebhooks() { return webhookService.preconfiguredWebhooks() diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/aws/AmazonInfrastructureController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/aws/AmazonInfrastructureController.groovy index 4f264f856b..d93a85a40b 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/aws/AmazonInfrastructureController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/aws/AmazonInfrastructureController.groovy @@ -17,7 +17,7 @@ package com.netflix.spinnaker.gate.controllers.aws import com.netflix.spinnaker.gate.services.aws.InfrastructureService -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Autowired import org.springframework.web.bind.annotation.PathVariable import org.springframework.web.bind.annotation.RequestMapping @@ -31,32 +31,32 @@ class AmazonInfrastructureController { @Autowired InfrastructureService infrastructureService - @ApiOperation(value = "Get instance types", response = List.class) + @Operation(summary = "Get instance types") @RequestMapping(value = "/instanceTypes", method = RequestMethod.GET) List instanceTypes() { infrastructureService.instanceTypes } - @ApiOperation(value = "Get key pairs", response = List.class) + @Operation(summary = "Get key pairs") @RequestMapping(value = "/keyPairs", method = RequestMethod.GET) List keyPairs() { infrastructureService.keyPairs } - @ApiOperation(value = "Get subnets", response = List.class) + @Operation(summary = "Get subnets") @RequestMapping(value = "/subnets", method = RequestMethod.GET) List subnets() { infrastructureService.subnets } @Deprecated - @ApiOperation(value = "Get VPCs", response = List.class) + @Operation(summary = "Get VPCs") @RequestMapping(value = "/vpcs", method = RequestMethod.GET) List vpcs() { infrastructureService.vpcs } - @ApiOperation(value = "Get functions", response = List.class) + @Operation(summary = "Get functions") @RequestMapping(value = "/functions", method = RequestMethod.GET) List functions(@RequestParam(value = "functionName", required = false) String functionName, @RequestParam(value = "region", required = false) String region, @@ -64,7 +64,7 @@ class AmazonInfrastructureController { infrastructureService.getFunctions(functionName, region, account) } - @ApiOperation(value = "Get application functions", response = List.class) + @Operation(summary = "Get application functions") @RequestMapping(value = "/applications/{application}/functions", method = RequestMethod.GET) List applicationFunctions(@PathVariable String application) { infrastructureService.getApplicationFunctions(application) diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ecs/EcsCloudMetricController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ecs/EcsCloudMetricController.groovy index 56dbfdab47..435519a87d 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ecs/EcsCloudMetricController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ecs/EcsCloudMetricController.groovy @@ -17,7 +17,7 @@ package com.netflix.spinnaker.gate.controllers.ecs import com.netflix.spinnaker.gate.services.EcsCloudMetricService -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Autowired import org.springframework.web.bind.annotation.RequestMapping import org.springframework.web.bind.annotation.RequestMethod @@ -29,7 +29,7 @@ class EcsCloudMetricController { @Autowired EcsCloudMetricService ecsClusterService - @ApiOperation(value = "Retrieve a list of MetricAlarms.") + @Operation(summary = "Retrieve a list of MetricAlarms.") @RequestMapping(value = "/alarms", method = RequestMethod.GET) List allMetricAlarms() { ecsClusterService.getEcsAllMetricAlarms() diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ecs/EcsClusterController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ecs/EcsClusterController.groovy index de24961d0e..e9d095c026 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ecs/EcsClusterController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ecs/EcsClusterController.groovy @@ -17,7 +17,7 @@ package com.netflix.spinnaker.gate.controllers.ecs import com.netflix.spinnaker.gate.services.EcsClusterService -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Autowired import org.springframework.web.bind.annotation.PathVariable import org.springframework.web.bind.annotation.RequestMapping @@ -29,13 +29,13 @@ class EcsClusterController { @Autowired EcsClusterService ecsClusterService - @ApiOperation(value = "Retrieve a list of ECS clusters that can be used for the account and region.") + @Operation(summary = "Retrieve a list of ECS clusters that can be used for the account and region.") @RequestMapping(value = "/ecs/ecsClusters", method = RequestMethod.GET) List all() { ecsClusterService.getAllEcsClusters() } - @ApiOperation(value = "Retrieve a list of Ecs Cluster Description WRT account and region") + @Operation(summary = "Retrieve a list of Ecs Cluster Description WRT account and region") @RequestMapping(value = "/ecs/ecsClusterDescriptions/{account}/{region}", method = RequestMethod.GET) List getEcsClusterDescriptions(@PathVariable String account, @PathVariable String region) { ecsClusterService.getEcsClusterDescriptions(account, region) diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ecs/EcsSecretsController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ecs/EcsSecretsController.groovy index a00bcf71de..e4d1ea425f 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ecs/EcsSecretsController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ecs/EcsSecretsController.groovy @@ -17,9 +17,8 @@ package com.netflix.spinnaker.gate.controllers.ecs import com.netflix.spinnaker.gate.services.EcsSecretService -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Autowired -import org.springframework.web.bind.annotation.PathVariable import org.springframework.web.bind.annotation.RequestMapping import org.springframework.web.bind.annotation.RequestMethod import org.springframework.web.bind.annotation.RestController @@ -29,7 +28,7 @@ class EcsSecretController { @Autowired EcsSecretService ecsSecretService - @ApiOperation(value = "Retrieve a list of Secrets Manager secrets that can be used for the account and region.") + @Operation(summary = "Retrieve a list of Secrets Manager secrets that can be used for the account and region.") @RequestMapping(value = "/ecs/secrets", method = RequestMethod.GET) List all() { ecsSecretService.getAllEcsSecrets() diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ecs/EcsServerGroupEventsController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ecs/EcsServerGroupEventsController.groovy index fd9bdd80db..155a0b5fa3 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ecs/EcsServerGroupEventsController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ecs/EcsServerGroupEventsController.groovy @@ -17,7 +17,7 @@ package com.netflix.spinnaker.gate.controllers.ecs import com.netflix.spinnaker.gate.services.EcsServerGroupEventsService -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Autowired import org.springframework.web.bind.annotation.* @@ -27,7 +27,7 @@ class EcsServerGroupEventsController { @Autowired EcsServerGroupEventsService ecsServerGroupEventsService - @ApiOperation(value = "Retrieves a list of events for a server group") + @Operation(summary = "Retrieves a list of events for a server group") @RequestMapping(value = "applications/{application}/serverGroups/{account}/{serverGroupName}/events", method = RequestMethod.GET) List getEvents(@PathVariable String application, @PathVariable String account, diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ecs/EcsServiceDiscoveryController.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ecs/EcsServiceDiscoveryController.java index e170894b8a..361b334c3e 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ecs/EcsServiceDiscoveryController.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/ecs/EcsServiceDiscoveryController.java @@ -16,7 +16,7 @@ package com.netflix.spinnaker.gate.controllers.ecs; import com.netflix.spinnaker.gate.services.EcsServiceDiscoveryService; -import io.swagger.annotations.ApiOperation; +import io.swagger.v3.oas.annotations.Operation; import java.util.List; import java.util.Map; import org.springframework.beans.factory.annotation.Autowired; @@ -27,8 +27,9 @@ public class EcsServiceDiscoveryController { @Autowired private EcsServiceDiscoveryService ecsServiceDiscoveryService; - @ApiOperation( - value = "Retrieve a list of Cloud Map services that can be used for the account and region.") + @Operation( + summary = + "Retrieve a list of Cloud Map services that can be used for the account and region.") @GetMapping(value = "/ecs/serviceDiscoveryRegistries") public List all() { return ecsServiceDiscoveryService.getAllEcsServiceDiscoveryRegistries(); diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/filters/ContentCachingFilter.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/filters/ContentCachingFilter.java index c71551ff41..89a8ca5cf3 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/filters/ContentCachingFilter.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/filters/ContentCachingFilter.java @@ -16,14 +16,14 @@ package com.netflix.spinnaker.gate.filters; +import jakarta.servlet.Filter; +import jakarta.servlet.FilterChain; +import jakarta.servlet.FilterConfig; +import jakarta.servlet.ServletException; +import jakarta.servlet.ServletRequest; +import jakarta.servlet.ServletResponse; +import jakarta.servlet.http.HttpServletResponse; import java.io.IOException; -import javax.servlet.Filter; -import javax.servlet.FilterChain; -import javax.servlet.FilterConfig; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletResponse; import org.springframework.web.util.ContentCachingResponseWrapper; /** diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/filters/RequestLoggingFilter.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/filters/RequestLoggingFilter.java index 86c72cf186..260b8a40dc 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/filters/RequestLoggingFilter.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/filters/RequestLoggingFilter.java @@ -19,13 +19,13 @@ import com.netflix.spinnaker.kork.common.Header; import com.netflix.spinnaker.security.AuthenticatedRequest; +import jakarta.servlet.*; +import jakarta.servlet.http.HttpFilter; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.Optional; import java.util.UUID; -import javax.servlet.*; -import javax.servlet.http.HttpFilter; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.slf4j.MDC; diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/filters/RequestSheddingFilter.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/filters/RequestSheddingFilter.java index 485b203916..6f7561ee2f 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/filters/RequestSheddingFilter.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/filters/RequestSheddingFilter.java @@ -26,6 +26,12 @@ import com.netflix.spectator.api.histogram.PercentileTimer; import com.netflix.spinnaker.gate.config.SsdConfigProperties; import com.netflix.spinnaker.kork.dynamicconfig.DynamicConfigService; +import jakarta.annotation.PreDestroy; +import jakarta.servlet.FilterChain; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpFilter; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import java.io.IOException; import java.time.Duration; import java.time.Instant; @@ -39,12 +45,6 @@ import java.util.concurrent.TimeUnit; import java.util.regex.Pattern; import java.util.regex.PatternSyntaxException; -import javax.annotation.PreDestroy; -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.http.HttpFilter; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.slf4j.MDC; diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/filters/ResetAuthenticatedRequestFilter.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/filters/ResetAuthenticatedRequestFilter.java index 3e41d4c00c..28adba7ad7 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/filters/ResetAuthenticatedRequestFilter.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/filters/ResetAuthenticatedRequestFilter.java @@ -17,12 +17,12 @@ package com.netflix.spinnaker.gate.filters; import com.netflix.spinnaker.security.AuthenticatedRequest; +import jakarta.servlet.FilterChain; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpFilter; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import java.io.IOException; -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.http.HttpFilter; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; /** * An HttpFilter that ensures the AuthenticatedRequest is cleared at the end of every request. diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/interceptors/RequestContextInterceptor.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/interceptors/RequestContextInterceptor.java index f49863b8b3..ae5a0694f5 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/interceptors/RequestContextInterceptor.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/interceptors/RequestContextInterceptor.java @@ -17,13 +17,13 @@ package com.netflix.spinnaker.gate.interceptors; import com.netflix.spinnaker.security.AuthenticatedRequest; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import java.util.regex.Matcher; import java.util.regex.Pattern; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; +import org.springframework.web.servlet.HandlerInterceptor; -public class RequestContextInterceptor extends HandlerInterceptorAdapter { +public class RequestContextInterceptor implements HandlerInterceptor { private static Pattern applicationPattern = Pattern.compile("/applications/([^/]+)"); private static Pattern orchestrationMatch = Pattern.compile("/(?:tasks$|tasks/)"); diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/interceptors/ResponseHeaderInterceptor.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/interceptors/ResponseHeaderInterceptor.java index 5245e1c81c..767c7b09f2 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/interceptors/ResponseHeaderInterceptor.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/interceptors/ResponseHeaderInterceptor.java @@ -19,10 +19,10 @@ import static com.netflix.spinnaker.kork.common.Header.REQUEST_ID; import com.netflix.spinnaker.security.AuthenticatedRequest; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import java.util.Optional; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; +import org.springframework.web.servlet.HandlerInterceptor; /** * Return values (e.g. X-SPINNAKER-*) stored in the AuthenticatedRequest (backed by MDC and set via @@ -32,7 +32,7 @@ * X-SPINNAKER-EXECUTION-ID is also absent. For other fields, no values are returned if they are * absent from AuthenticatedRequest. */ -public class ResponseHeaderInterceptor extends HandlerInterceptorAdapter { +public class ResponseHeaderInterceptor implements HandlerInterceptor { private final ResponseHeaderInterceptorConfigurationProperties properties; diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/ratelimit/Rate.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/ratelimit/Rate.java index 1272e66a28..89de346005 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/ratelimit/Rate.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/ratelimit/Rate.java @@ -15,7 +15,7 @@ */ package com.netflix.spinnaker.gate.ratelimit; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletResponse; public class Rate { diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/ratelimit/RateLimitingFilter.java b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/ratelimit/RateLimitingFilter.java index 205a61c749..77ad505e6c 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/ratelimit/RateLimitingFilter.java +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/ratelimit/RateLimitingFilter.java @@ -26,6 +26,11 @@ import com.netflix.spectator.api.Tag; import com.netflix.spectator.api.histogram.PercentileTimer; import com.netflix.spinnaker.gate.security.RequestIdentityExtractor; +import jakarta.servlet.FilterChain; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpFilter; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import java.io.IOException; import java.time.ZonedDateTime; import java.util.Collections; @@ -33,11 +38,6 @@ import java.util.Objects; import java.util.Optional; import java.util.concurrent.TimeUnit; -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.http.HttpFilter; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.slf4j.MDC; diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/services/internal/OpsmxOesService.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/services/internal/OpsmxOesService.groovy index 9345cde9d4..2c997b9585 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/services/internal/OpsmxOesService.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/services/internal/OpsmxOesService.groovy @@ -16,7 +16,6 @@ package com.netflix.spinnaker.gate.services.internal -import io.swagger.models.auth.In import retrofit.client.Response import retrofit.http.* diff --git a/gate-web/src/main/groovy/com/opsmx/spinnaker/gate/controllers/OpsmxAuditClientServiceController.groovy b/gate-web/src/main/groovy/com/opsmx/spinnaker/gate/controllers/OpsmxAuditClientServiceController.groovy index 894e19a639..e4800ff8a9 100644 --- a/gate-web/src/main/groovy/com/opsmx/spinnaker/gate/controllers/OpsmxAuditClientServiceController.groovy +++ b/gate-web/src/main/groovy/com/opsmx/spinnaker/gate/controllers/OpsmxAuditClientServiceController.groovy @@ -18,7 +18,7 @@ package com.opsmx.spinnaker.gate.controllers import com.opsmx.spinnaker.gate.services.OpsmxAuditClientService import groovy.util.logging.Slf4j -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Autowired import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression import org.springframework.web.bind.annotation.PathVariable @@ -42,7 +42,7 @@ class OpsmxAuditClientServiceController { @Autowired OpsmxAuditClientService opsmxAuditClientService - @ApiOperation(value = "Endpoint for audit-client rest services") + @Operation(summary = "Endpoint for audit-client rest services") @RequestMapping(value = "/{version}/{type}", method = RequestMethod.GET) Object getAuditClientResponse1(@PathVariable("version") String version, @PathVariable("type") String type, @@ -56,7 +56,7 @@ class OpsmxAuditClientServiceController { return opsmxAuditClientService.getAuditClientResponse1(version, type,applicationName,noOfDays,page,size,policyStatus,search,sortOrder) } - @ApiOperation(value = "Endpoint for audit-client rest services") + @Operation(summary = "Endpoint for audit-client rest services") @RequestMapping(value = "/{version}/{type}/{source}", method = RequestMethod.GET) Object getDeliveryInsightCharts(@PathVariable("version") String version, @PathVariable("type") String type, @@ -74,7 +74,7 @@ class OpsmxAuditClientServiceController { return opsmxAuditClientService.getDeliveryInsightCharts(version, type, source, chartId, startTime, endTime, days, pageNo, pageLimit, search, sortBy, sortOrder, filterBy) } - @ApiOperation(value = "Endpoint for audit-client rest services") + @Operation(summary = "Endpoint for audit-client rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}", method = RequestMethod.GET) Object getAuditClientResponse3(@PathVariable("version") String version, @PathVariable("type") String type, @@ -94,7 +94,7 @@ class OpsmxAuditClientServiceController { return opsmxAuditClientService.getAuditClientResponse3(version, type, source, source1, isTreeView, isLatest, pageNo, pageLimit, noOfDays, search, sortOrder, sortBy, startDate, endDate, cdNames) } - @ApiOperation(value = "Endpoint for audit-client rest services") + @Operation(summary = "Endpoint for audit-client rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}", method = RequestMethod.GET) Object getAuditClientResponse4(@PathVariable("version") String version, @PathVariable("type") String type, @@ -111,7 +111,7 @@ class OpsmxAuditClientServiceController { return opsmxAuditClientService.getAuditClientResponse4(version, type, source, source1, source2, noOfDays, updatedTimestamp, size, startDate, endDate, cdNames) } - @ApiOperation(value = "Endpoint for audit-client rest services") + @Operation(summary = "Endpoint for audit-client rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}", method = RequestMethod.GET) Object getAuditClientResponse5(@PathVariable("version") String version, @PathVariable("type") String type, @@ -126,7 +126,7 @@ class OpsmxAuditClientServiceController { return opsmxAuditClientService.getAuditClientResponse5(version, type, source, source1, source2, source3, noOfDays, startDate, endDate, cdNames) } - @ApiOperation(value = "Endpoint for audit-client rest services") + @Operation(summary = "Endpoint for audit-client rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}/{source4}", method = RequestMethod.GET) Object getAuditClientResponse6(@PathVariable("version") String version, @PathVariable("type") String type, @@ -139,7 +139,7 @@ class OpsmxAuditClientServiceController { return opsmxAuditClientService.getAuditClientResponse6(version, type, source, source1, source2, source3, source4) } - @ApiOperation(value = "Endpoint for audit-client rest services") + @Operation(summary = "Endpoint for audit-client rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}/{source2}/{source3}/{source4}/{source5}", method = RequestMethod.GET) Object getAuditClientResponse7(@PathVariable("version") String version, @PathVariable("type") String type, @@ -153,7 +153,7 @@ class OpsmxAuditClientServiceController { return opsmxAuditClientService.getAuditClientResponse7(version, type, source, source1, source2, source3, source4, source5) } - @ApiOperation(value = "Endpoint for Insights controller to download csv file") + @Operation(summary = "Endpoint for Insights controller to download csv file") @RequestMapping(value = "/{version}/users/{username}/{source}/download", produces = "text/csv", method = RequestMethod.GET) Object downloadCSVFileAuditService(@PathVariable("version") String version, @PathVariable("username") String username, @@ -185,7 +185,7 @@ class OpsmxAuditClientServiceController { return ResponseEntity.status(response.getStatus()).build() } - @ApiOperation(value = "Endpoint for Delivery Insights controller to download csv file") + @Operation(summary = "Endpoint for Delivery Insights controller to download csv file") @RequestMapping(value = "/{version}/{type}/{source}/download", produces = "text/csv", method = RequestMethod.GET) Object downloadCSVFileAuditService(@PathVariable("version") String version, @PathVariable("type") String type, diff --git a/gate-web/src/main/groovy/com/opsmx/spinnaker/gate/controllers/OpsmxAuditServiceController.groovy b/gate-web/src/main/groovy/com/opsmx/spinnaker/gate/controllers/OpsmxAuditServiceController.groovy index adebea437a..b9d67e8df3 100644 --- a/gate-web/src/main/groovy/com/opsmx/spinnaker/gate/controllers/OpsmxAuditServiceController.groovy +++ b/gate-web/src/main/groovy/com/opsmx/spinnaker/gate/controllers/OpsmxAuditServiceController.groovy @@ -18,7 +18,7 @@ package com.opsmx.spinnaker.gate.controllers import com.opsmx.spinnaker.gate.services.OpsmxAuditService import groovy.util.logging.Slf4j -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Autowired import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression import org.springframework.web.bind.annotation.PathVariable @@ -36,7 +36,7 @@ class OpsmxAuditServiceController { @Autowired OpsmxAuditService opsmxAuditService - @ApiOperation(value = "Endpoint for audit rest services") + @Operation(summary = "Endpoint for audit rest services") @RequestMapping(value = "/{version}/{type}/{source}/{source1}", method = RequestMethod.POST) Object postAuditService1(@PathVariable("version") String version, @PathVariable("type") String type, diff --git a/gate-web/src/main/groovy/com/opsmx/spinnaker/gate/controllers/OpsmxSaporPolicyController.groovy b/gate-web/src/main/groovy/com/opsmx/spinnaker/gate/controllers/OpsmxSaporPolicyController.groovy index e652d5b79d..8054153b7d 100644 --- a/gate-web/src/main/groovy/com/opsmx/spinnaker/gate/controllers/OpsmxSaporPolicyController.groovy +++ b/gate-web/src/main/groovy/com/opsmx/spinnaker/gate/controllers/OpsmxSaporPolicyController.groovy @@ -17,10 +17,9 @@ package com.opsmx.spinnaker.gate.controllers import com.netflix.spinnaker.gate.services.internal.OpsmxOesService -import com.opsmx.spinnaker.gate.exception.XSpinnakerUserHeaderMissingException import com.opsmx.spinnaker.gate.rbac.ApplicationFeatureRbac import groovy.util.logging.Slf4j -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Autowired import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression import org.springframework.http.MediaType @@ -29,7 +28,7 @@ import org.springframework.web.bind.annotation.PostMapping import org.springframework.web.bind.annotation.RequestBody import org.springframework.web.bind.annotation.RestController -import javax.servlet.http.HttpServletRequest +import jakarta.servlet.http.HttpServletRequest @Slf4j @RestController @@ -42,7 +41,7 @@ class OpsmxSaporPolicyController { @Autowired(required = false) ApplicationFeatureRbac applicationFeatureRbac - @ApiOperation(value = "Endpoint for sapor runtime policy evaluation rest services") + @Operation(summary = "Endpoint for sapor runtime policy evaluation rest services") @PostMapping(value = "{version}/data/**", consumes = MediaType.APPLICATION_JSON_VALUE) Object evaluateRuntimePolicy(@PathVariable("version") String version, @RequestBody(required = false) Object data, @@ -57,7 +56,7 @@ class OpsmxSaporPolicyController { return opsmxOesService.evaluateRuntimePolicy(version, data, requestUri) } - @ApiOperation(value = "Endpoint for sapor static policy evaluation rest services") + @Operation(summary = "Endpoint for sapor static policy evaluation rest services") @PostMapping(value = "{version}/staticPolicy/eval", consumes = MediaType.APPLICATION_JSON_VALUE) Object evaluateStaticPolicy(@PathVariable("version") String version, @RequestBody(required = false) Object data) { diff --git a/gate-web/src/main/groovy/com/opsmx/spinnaker/gate/controllers/OpsmxSessionController.groovy b/gate-web/src/main/groovy/com/opsmx/spinnaker/gate/controllers/OpsmxSessionController.groovy index 5b01f93b92..8fef781e11 100644 --- a/gate-web/src/main/groovy/com/opsmx/spinnaker/gate/controllers/OpsmxSessionController.groovy +++ b/gate-web/src/main/groovy/com/opsmx/spinnaker/gate/controllers/OpsmxSessionController.groovy @@ -19,7 +19,7 @@ package com.opsmx.spinnaker.gate.controllers import com.netflix.spinnaker.gate.exceptions.OesRequestException import groovy.util.logging.Slf4j -import io.swagger.annotations.ApiOperation +import io.swagger.v3.oas.annotations.Operation import org.springframework.beans.factory.annotation.Value import org.springframework.web.bind.annotation.GetMapping import org.springframework.web.bind.annotation.PutMapping @@ -27,8 +27,8 @@ import org.springframework.web.bind.annotation.RequestMapping import org.springframework.web.bind.annotation.RequestParam import org.springframework.web.bind.annotation.RestController -import javax.servlet.http.HttpServletRequest -import javax.servlet.http.HttpSession +import jakarta.servlet.http.HttpServletRequest +import jakarta.servlet.http.HttpSession @RequestMapping("/session") @RestController @@ -38,14 +38,14 @@ class OpsmxSessionController { @Value('${server.session.timeout-in-seconds:3600}') int sessionTimeout - @ApiOperation(value = "get session timeout") + @Operation(summary = "get session timeout") @GetMapping(value = "/getSessionTimeout") Integer getSessionTimeout() { log.info("sessionTimeout : {}" , sessionTimeout) return sessionTimeout } - @ApiOperation(value = "extend session by given duration") + @Operation(summary = "extend session by given duration") @PutMapping(value = "/extendSession") void extendSession(@RequestParam("duration") int duration, HttpServletRequest request) { if(duration <= 0) { diff --git a/gate-web/src/main/groovy/com/opsmx/spinnaker/gate/exception/RetrofitErrorHandler.groovy b/gate-web/src/main/groovy/com/opsmx/spinnaker/gate/exception/RetrofitErrorHandler.groovy index 80c7b48430..16db895466 100644 --- a/gate-web/src/main/groovy/com/opsmx/spinnaker/gate/exception/RetrofitErrorHandler.groovy +++ b/gate-web/src/main/groovy/com/opsmx/spinnaker/gate/exception/RetrofitErrorHandler.groovy @@ -33,7 +33,6 @@ import org.springframework.web.bind.annotation.ControllerAdvice import org.springframework.web.bind.annotation.ExceptionHandler import org.springframework.web.bind.annotation.ResponseBody import retrofit.RetrofitError -import retrofit.client.Response @Slf4j @ControllerAdvice(basePackageClasses = [OpsmxSaporPolicyController.class, OpsmxAutopilotController.class, diff --git a/gate-web/src/main/java/com/netflix/spinnaker/gate/config/ManagedDeliverySchemaEndpointConfiguration.java b/gate-web/src/main/java/com/netflix/spinnaker/gate/config/ManagedDeliverySchemaEndpointConfiguration.java index 898f189da2..b067c5c69d 100644 --- a/gate-web/src/main/java/com/netflix/spinnaker/gate/config/ManagedDeliverySchemaEndpointConfiguration.java +++ b/gate-web/src/main/java/com/netflix/spinnaker/gate/config/ManagedDeliverySchemaEndpointConfiguration.java @@ -18,20 +18,22 @@ import static org.springframework.core.Ordered.HIGHEST_PRECEDENCE; +import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.core.annotation.Order; import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.util.matcher.AntPathRequestMatcher; @Configuration @Order(HIGHEST_PRECEDENCE + 23) -public class ManagedDeliverySchemaEndpointConfiguration extends WebSecurityConfigurerAdapter { - @Override - protected void configure(HttpSecurity http) throws Exception { - http.requestMatcher(new AntPathRequestMatcher("/managed/delivery-configs/schema")) +public class ManagedDeliverySchemaEndpointConfiguration { + @Bean + public SecurityFilterChain configure(HttpSecurity http) throws Exception { + http.securityMatcher(new AntPathRequestMatcher("/managed/delivery-configs/schema")) .authorizeRequests() .anyRequest() .permitAll(); + return http.build(); } } diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/audit/AuditRestApiHandler.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/audit/AuditRestApiHandler.java index 7aa557a947..4928fbc7cb 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/audit/AuditRestApiHandler.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/audit/AuditRestApiHandler.java @@ -27,14 +27,15 @@ import org.springframework.cloud.openfeign.EnableFeignClients; import org.springframework.stereotype.Component; - @ConditionalOnExpression("${services.auditservice.enabled:false}") @Component @EnableFeignClients(basePackageClasses = AuditService.class) @Slf4j public class AuditRestApiHandler implements AuditHandler { - @Autowired(required = false) private AuditService auditService; + @Autowired(required = false) + private AuditService auditService; + Gson gson = new Gson(); @Override diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/audit/AuthenticationAuditListener.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/audit/AuthenticationAuditListener.java index ab2e3b3f12..5d7513931f 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/audit/AuthenticationAuditListener.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/audit/AuthenticationAuditListener.java @@ -42,7 +42,9 @@ @EnableAsync public class AuthenticationAuditListener extends AbstractAuthenticationAuditListener { - @Autowired(required = false) private AuditHandler auditHandler; + @Autowired(required = false) + private AuditHandler auditHandler; + @Autowired @Lazy private ProducerTemplate template; Gson gson = new Gson(); diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/feignclient/DashboardClient.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/feignclient/DashboardClient.java index 65f29167b1..2a935e32cd 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/feignclient/DashboardClient.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/feignclient/DashboardClient.java @@ -18,8 +18,6 @@ import com.opsmx.spinnaker.gate.cache.Constants; import java.util.Map; - -import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; import org.springframework.cloud.openfeign.FeignClient; import org.springframework.http.MediaType; import org.springframework.http.ResponseEntity; diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/ApplicationIdRbacInterceptor.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/ApplicationIdRbacInterceptor.java index f998444589..0547e03a32 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/ApplicationIdRbacInterceptor.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/ApplicationIdRbacInterceptor.java @@ -17,8 +17,8 @@ package com.opsmx.spinnaker.gate.interceptors; import com.opsmx.spinnaker.gate.rbac.ApplicationFeatureRbac; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/ApprovalGateIdRbacInterceptor.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/ApprovalGateIdRbacInterceptor.java index f926e4b25d..b9e43988de 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/ApprovalGateIdRbacInterceptor.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/ApprovalGateIdRbacInterceptor.java @@ -17,8 +17,8 @@ package com.opsmx.spinnaker.gate.interceptors; import com.opsmx.spinnaker.gate.rbac.ApplicationFeatureRbac; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/ApprovalGateInstanceIdRbacInterceptor.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/ApprovalGateInstanceIdRbacInterceptor.java index 268fcaa9ea..56e60f5204 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/ApprovalGateInstanceIdRbacInterceptor.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/ApprovalGateInstanceIdRbacInterceptor.java @@ -17,8 +17,8 @@ package com.opsmx.spinnaker.gate.interceptors; import com.opsmx.spinnaker.gate.rbac.ApplicationFeatureRbac; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/ApprovalPolicyIdInterceptor.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/ApprovalPolicyIdInterceptor.java index 59362937a0..c8eba4d448 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/ApprovalPolicyIdInterceptor.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/ApprovalPolicyIdInterceptor.java @@ -17,8 +17,8 @@ package com.opsmx.spinnaker.gate.interceptors; import com.opsmx.spinnaker.gate.rbac.ApplicationFeatureRbac; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/CustomGatesTriggerRbacInterceptor.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/CustomGatesTriggerRbacInterceptor.java index c8233ef42a..3fafaa0597 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/CustomGatesTriggerRbacInterceptor.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/CustomGatesTriggerRbacInterceptor.java @@ -18,9 +18,9 @@ import com.opsmx.spinnaker.gate.exception.XSpinnakerUserHeaderMissingException; import com.opsmx.spinnaker.gate.rbac.ApplicationFeatureRbac; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import java.util.Optional; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/FeatureVisibilityRbacInterceptor.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/FeatureVisibilityRbacInterceptor.java index 5938ffb300..f2b72e883f 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/FeatureVisibilityRbacInterceptor.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/FeatureVisibilityRbacInterceptor.java @@ -17,10 +17,10 @@ package com.opsmx.spinnaker.gate.interceptors; import com.opsmx.spinnaker.gate.rbac.ApplicationFeatureRbac; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import java.util.ArrayList; import java.util.List; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/GateIdRbacInterceptor.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/GateIdRbacInterceptor.java index 0124e813c0..504fedaa55 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/GateIdRbacInterceptor.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/GateIdRbacInterceptor.java @@ -17,8 +17,8 @@ package com.opsmx.spinnaker.gate.interceptors; import com.opsmx.spinnaker.gate.rbac.ApplicationFeatureRbac; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/OesServiceInterceptor.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/OesServiceInterceptor.java index c95fb18a59..5a7e489e22 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/OesServiceInterceptor.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/OesServiceInterceptor.java @@ -17,8 +17,8 @@ package com.opsmx.spinnaker.gate.interceptors; import com.opsmx.spinnaker.gate.exception.InvalidApiKeyException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; import org.springframework.web.servlet.HandlerInterceptor; diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/PipelineIdRbacInterceptor.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/PipelineIdRbacInterceptor.java index e3d537aac3..b31ff23ffe 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/PipelineIdRbacInterceptor.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/PipelineIdRbacInterceptor.java @@ -17,10 +17,10 @@ package com.opsmx.spinnaker.gate.interceptors; import com.opsmx.spinnaker.gate.rbac.ApplicationFeatureRbac; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import java.util.ArrayList; import java.util.List; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/ServiceIdRbacInterceptor.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/ServiceIdRbacInterceptor.java index 4a9a53fd23..b2d376de31 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/ServiceIdRbacInterceptor.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/ServiceIdRbacInterceptor.java @@ -17,8 +17,8 @@ package com.opsmx.spinnaker.gate.interceptors; import com.opsmx.spinnaker.gate.rbac.ApplicationFeatureRbac; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/rbac/ApplicationFeatureRbac.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/rbac/ApplicationFeatureRbac.java index 48aee5711e..8b3ae955ff 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/rbac/ApplicationFeatureRbac.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/rbac/ApplicationFeatureRbac.java @@ -25,11 +25,11 @@ import com.opsmx.spinnaker.gate.exception.AccessForbiddenException; import com.opsmx.spinnaker.gate.exception.InvalidResourceIdException; import com.opsmx.spinnaker.gate.exception.XSpinnakerUserHeaderMissingException; +import jakarta.servlet.http.HttpServletRequest; import java.util.ArrayList; import java.util.Arrays; import java.util.List; import java.util.Optional; -import javax.servlet.http.HttpServletRequest; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; @@ -94,8 +94,8 @@ public void authorizeUserForApplicationId( log.debug("authorizing the endpoint : {}", endpointUrl); - switch (method) { - case GET: + switch (method.name()) { + case "GET": permission = oesAuthorizationService .fetchPermissions(username, RbacFeatureType.APP.name(), applicationId, username) @@ -112,8 +112,8 @@ public void authorizeUserForApplicationId( } break; - case PUT: - case DELETE: + case "PUT": + case "DELETE": if (method.equals(HttpMethod.DELETE) && endpointUrl.split("/").length == 4 && endpointUrl.trim().contains("/dashboardservice/v3/applications")) { @@ -182,8 +182,8 @@ public void authorizeUserForServiceId(String username, String endpointUrl, Strin log.info("authorizing the endpoint for service Id : {}", endpointUrl); - switch (method) { - case GET: + switch (method.name()) { + case "GET": isAuthorized = Boolean.parseBoolean( oesAuthorizationService @@ -211,8 +211,8 @@ public void authorizeUserForServiceId(String username, String endpointUrl, Strin } break; - case PUT: - case DELETE: + case "PUT": + case "DELETE": isAuthorized = Boolean.parseBoolean( oesAuthorizationService @@ -268,8 +268,8 @@ public void authorizeUserForPipelineId(String username, String endpointUrl, Stri log.info("authorizing the endpoint : {}", endpointUrl); - switch (method) { - case GET: + switch (method.name()) { + case "GET": isAuthorized = Boolean.parseBoolean( oesAuthorizationService @@ -297,8 +297,8 @@ public void authorizeUserForPipelineId(String username, String endpointUrl, Stri } break; - case PUT: - case DELETE: + case "PUT": + case "DELETE": isAuthorized = Boolean.parseBoolean( oesAuthorizationService @@ -356,8 +356,8 @@ public void authorizeUserForGateId(String username, String endpointUrl, String h log.info("authorizing the endpoint : {}", endpointUrl); - switch (method) { - case GET: + switch (method.name()) { + case "GET": isAuthorized = Boolean.parseBoolean( oesAuthorizationService @@ -385,8 +385,8 @@ public void authorizeUserForGateId(String username, String endpointUrl, String h } break; - case PUT: - case DELETE: + case "PUT": + case "DELETE": isAuthorized = Boolean.parseBoolean( oesAuthorizationService @@ -448,8 +448,8 @@ public void authorizeUserForApprovalGateId( log.info("authorizing the endpoint : {}", endpointUrl); - switch (method) { - case GET: + switch (method.name()) { + case "GET": isAuthorized = Boolean.parseBoolean( oesAuthorizationService @@ -478,8 +478,8 @@ public void authorizeUserForApprovalGateId( } break; - case PUT: - case DELETE: + case "PUT": + case "DELETE": isAuthorized = Boolean.parseBoolean( oesAuthorizationService @@ -535,8 +535,8 @@ public void authorizeUserForApprovalGateInstanceId( log.info("authorizing the endpoint : {}", endpointUrl); - switch (method) { - case GET: + switch (method.name()) { + case "GET": isAuthorized = Boolean.parseBoolean( oesAuthorizationService @@ -567,8 +567,8 @@ public void authorizeUserForApprovalGateInstanceId( } break; - case PUT: - case DELETE: + case "PUT": + case "DELETE": isAuthorized = Boolean.parseBoolean( oesAuthorizationService @@ -624,8 +624,8 @@ public void authorizeUserForApprovalPolicyId( log.info("authorizing the endpoint : {}", endpointUrl); - switch (method) { - case GET: + switch (method.name()) { + case "GET": isAuthorized = Boolean.parseBoolean( oesAuthorizationService @@ -656,8 +656,8 @@ public void authorizeUserForApprovalPolicyId( } break; - case PUT: - case DELETE: + case "PUT": + case "DELETE": isAuthorized = Boolean.parseBoolean( oesAuthorizationService diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/service/DatasourceCachingServiceImpl.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/service/DatasourceCachingServiceImpl.java index a8c5377ffc..7e0d95a861 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/service/DatasourceCachingServiceImpl.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/service/DatasourceCachingServiceImpl.java @@ -43,7 +43,8 @@ public class DatasourceCachingServiceImpl implements DashboardCachingService { @Autowired private DatasourceCaching datasourceCaching; - @Autowired(required = false) private DashboardClient dashboardClient; + @Autowired(required = false) + private DashboardClient dashboardClient; @Override public void cacheResponse(Object response, String userName) { diff --git a/gate-web/src/test/groovy/com/netflix/spinnaker/gate/FunctionalSpec.groovy b/gate-web/src/test/groovy/com/netflix/spinnaker/gate/FunctionalSpec.groovy index 102fccb647..eba1404dc8 100644 --- a/gate-web/src/test/groovy/com/netflix/spinnaker/gate/FunctionalSpec.groovy +++ b/gate-web/src/test/groovy/com/netflix/spinnaker/gate/FunctionalSpec.groovy @@ -25,9 +25,6 @@ import com.netflix.spinnaker.gate.config.ServiceConfiguration import com.netflix.spinnaker.gate.controllers.ApplicationController import com.netflix.spinnaker.gate.controllers.PipelineController import com.netflix.spinnaker.gate.services.* -import com.netflix.spinnaker.gate.services.commands.ServerErrorException -import com.netflix.spinnaker.gate.services.commands.ServiceUnavailableException -import com.netflix.spinnaker.gate.services.commands.ThrottledRequestException import com.netflix.spinnaker.gate.services.internal.* import com.netflix.spinnaker.kork.dynamicconfig.DynamicConfigService import com.netflix.spinnaker.kork.dynamicconfig.SpringDynamicConfigService @@ -39,9 +36,9 @@ import org.springframework.context.ConfigurableApplicationContext import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Import import org.springframework.core.annotation.Order -import org.springframework.http.HttpStatus +import org.springframework.security.config.annotation.SecurityBuilder +import org.springframework.security.config.annotation.web.WebSecurityConfigurer import org.springframework.security.config.annotation.web.builders.HttpSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import retrofit.RetrofitError import retrofit.RestAdapter; import retrofit.client.OkClient @@ -105,11 +102,11 @@ class FunctionalSpec extends Specification { ctx = spring.run() api = new RestAdapter.Builder() - .setEndpoint("http://localhost:${localPort}") - .setClient(new OkClient()) - .setLogLevel(RestAdapter.LogLevel.FULL) - .build() - .create(Api) + .setEndpoint("http://localhost:${localPort}") + .setClient(new OkClient()) + .setLogLevel(RestAdapter.LogLevel.FULL) + .build() + .create(Api) } def cleanup() { @@ -118,75 +115,32 @@ class FunctionalSpec extends Specification { void "should call ApplicationService for applications"() { when: - api.applications + api.applications then: - 1 * applicationService.getAllApplications() >> [] + 1 * applicationService.getAllApplications() >> [] } void "should call ApplicationService for a single application"() { - when: - api.getApplication(name) - - then: - 1 * applicationService.getApplication(name, true) >> [name: name] - - where: - name = "foo" - } - - void "should 404 if ApplicationService does not return an application"() { - when: - api.getApplication(name) - - then: - 1 * applicationService.getApplication(name, true) >> null - - RetrofitError exception = thrown() - exception.response.status == 404 - - where: - name = "foo" - } - - void "should 429 if ThrottledRequestException is raised"() { - when: - api.getApplication(name) - - then: - 1 * applicationService.getApplication(name, true) >> { throw new ThrottledRequestException("throttled!") } - - RetrofitError exception = thrown() - exception.response.status == 429 - toMap(exception.response.body).message == "throttled!" - - where: - name = "foo" - } - - void "should 503 on ServiceUnavailableException"() { when: api.getApplication(name) then: - 1 * applicationService.getApplication(name, true) >> { throw new ServiceUnavailableException() } - RetrofitError exception = thrown() - exception.response.status == 503 - toMap(exception.response.body).message == HttpStatus.SERVICE_UNAVAILABLE.reasonPhrase + 1 * applicationService.getApplication(name, true) >> [name: name] where: name = "foo" } - void "should 500 on ServerErrorException"() { + void "should 404 if ApplicationService does not return an application"() { when: api.getApplication(name) then: - 1 * applicationService.getApplication(name, true) >> { throw new ServerErrorException() } + 1 * applicationService.getApplication(name, true) >> null + RetrofitError exception = thrown() - exception.response.status == 500 - toMap(exception.response.body).message == HttpStatus.INTERNAL_SERVER_ERROR.reasonPhrase + exception.response.status == 404 where: name = "foo" @@ -194,52 +148,26 @@ class FunctionalSpec extends Specification { void "should call ApplicationService for an application's tasks"() { when: - api.getTasks(name, null, null, "RUNNING,TERMINAL") + api.getTasks(name, null, null, "RUNNING,TERMINAL") then: - 1 * orcaServiceSelector.select() >> { orcaService } - 1 * orcaService.getTasks(name, null, null, "RUNNING,TERMINAL") >> [] + 1 * orcaServiceSelector.select() >> { orcaService } + 1 * orcaService.getTasks(name, null, null, "RUNNING,TERMINAL") >> [] where: - name = "foo" + name = "foo" } void "should call TaskService to create a task for an application"() { when: - api.createTask("foo", task) + api.createTask("foo", task) then: - 1 * taskService.createAppTask('foo', task) >> [:] + 1 * taskService.createAppTask('foo', task) >> [:] where: - name = "foo" - task = [type: "deploy"] - } - - void "should throw ServerErrorException(500) on a random thrown exception"() { - when: - def tasks = executionHistoryService.getTasks("app", null, 5, null) - - then: - 1 * orcaServiceSelector.select() >> { orcaService } - 1 * orcaService.getTasks("app", null, 5, null) >> { return ["1"] } - tasks == ["1"] - - when: - executionHistoryService.getTasks("app", null, 10, "RUNNING") - - then: - 1 * orcaServiceSelector.select() >> { orcaService } - 1 * orcaService.getTasks("app", null, 10, "RUNNING") >> { throw new IllegalStateException() } - thrown(ServerErrorException) - - when: - executionHistoryService.getPipelines("app", 5, "TERMINAL", false) - - then: - 1 * orcaServiceSelector.select() >> { orcaService } - 1 * orcaService.getPipelines("app", 5, "TERMINAL", false) >> { throw new IllegalStateException() } - thrown(ServerErrorException) + name = "foo" + task = [type: "deploy"] } Map toMap(TypedInput typedInput) { @@ -249,7 +177,7 @@ class FunctionalSpec extends Specification { @Order(10) @Import(ErrorConfiguration) @EnableAutoConfiguration(exclude = [GroovyTemplateAutoConfiguration, GsonAutoConfiguration]) - private static class FunctionalConfiguration extends WebSecurityConfigurerAdapter { + private static class FunctionalConfiguration implements WebSecurityConfigurer{ @Bean ClouddriverServiceSelector clouddriverSelector() { @@ -314,7 +242,7 @@ class FunctionalSpec extends Specification { @Bean RestAdapter.LogLevel retrofitLogLevel() { return RestAdapter.LogLevel.BASIC - } + } @Bean PipelineController pipelineController() { @@ -346,11 +274,19 @@ class FunctionalSpec extends Specification { ) } - @Override protected void configure(HttpSecurity http) throws Exception { http .csrf().disable() .authorizeRequests().antMatchers("/**").permitAll() } + + void init(SecurityBuilder builder) throws Exception { + + } + + + void configure(SecurityBuilder builder) throws Exception { + + } } } diff --git a/gate-web/src/test/groovy/com/netflix/spinnaker/gate/controllers/SearchControllerSpec.groovy b/gate-web/src/test/groovy/com/netflix/spinnaker/gate/controllers/SearchControllerSpec.groovy index 1afa6c7237..cd46f62551 100644 --- a/gate-web/src/test/groovy/com/netflix/spinnaker/gate/controllers/SearchControllerSpec.groovy +++ b/gate-web/src/test/groovy/com/netflix/spinnaker/gate/controllers/SearchControllerSpec.groovy @@ -21,7 +21,7 @@ import spock.lang.Specification import spock.lang.Subject import spock.lang.Unroll -import javax.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletRequest; class SearchControllerSpec extends Specification { def searchService = Mock(SearchService) diff --git a/gate-web/src/test/groovy/com/netflix/spinnaker/gate/filters/RequestSheddingFilterSpec.groovy b/gate-web/src/test/groovy/com/netflix/spinnaker/gate/filters/RequestSheddingFilterSpec.groovy index c71a067c55..cf4af89348 100644 --- a/gate-web/src/test/groovy/com/netflix/spinnaker/gate/filters/RequestSheddingFilterSpec.groovy +++ b/gate-web/src/test/groovy/com/netflix/spinnaker/gate/filters/RequestSheddingFilterSpec.groovy @@ -22,9 +22,9 @@ import spock.lang.Specification import spock.lang.Subject import spock.lang.Unroll -import javax.servlet.FilterChain -import javax.servlet.http.HttpServletRequest -import javax.servlet.http.HttpServletResponse +import jakarta.servlet.FilterChain +import jakarta.servlet.http.HttpServletRequest +import jakarta.servlet.http.HttpServletResponse import static com.netflix.spinnaker.gate.filters.RequestSheddingFilter.* diff --git a/gate-web/src/test/groovy/com/netflix/spinnaker/gate/health/DownstreamServicesHealthIndicatorSpec.groovy b/gate-web/src/test/groovy/com/netflix/spinnaker/gate/health/DownstreamServicesHealthIndicatorSpec.groovy index 5e225ffdd7..dab83501ae 100644 --- a/gate-web/src/test/groovy/com/netflix/spinnaker/gate/health/DownstreamServicesHealthIndicatorSpec.groovy +++ b/gate-web/src/test/groovy/com/netflix/spinnaker/gate/health/DownstreamServicesHealthIndicatorSpec.groovy @@ -25,7 +25,7 @@ import retrofit.RetrofitError import spock.lang.Specification import spock.lang.Unroll -import javax.servlet.http.HttpServletRequest +import jakarta.servlet.http.HttpServletRequest class DownstreamServicesHealthIndicatorSpec extends Specification { def healthCheckableService = Mock(HealthCheckableService) diff --git a/gate-web/src/test/groovy/com/netflix/spinnaker/gate/ratelimit/RateLimitingFilterSpec.groovy b/gate-web/src/test/groovy/com/netflix/spinnaker/gate/ratelimit/RateLimitingFilterSpec.groovy index c382d69d6a..3360f0b9af 100644 --- a/gate-web/src/test/groovy/com/netflix/spinnaker/gate/ratelimit/RateLimitingFilterSpec.groovy +++ b/gate-web/src/test/groovy/com/netflix/spinnaker/gate/ratelimit/RateLimitingFilterSpec.groovy @@ -26,9 +26,9 @@ import org.springframework.security.core.userdetails.User import spock.lang.Specification import spock.lang.Unroll -import javax.servlet.FilterChain -import javax.servlet.http.HttpServletRequest -import javax.servlet.http.HttpServletResponse +import jakarta.servlet.FilterChain +import jakarta.servlet.http.HttpServletRequest +import jakarta.servlet.http.HttpServletResponse class RateLimitingFilterSpec extends Specification { diff --git a/gate-web/src/test/groovy/com/netflix/spinnaker/gate/security/FormLoginRequestBuilder.groovy b/gate-web/src/test/groovy/com/netflix/spinnaker/gate/security/FormLoginRequestBuilder.groovy index c49dd5d4de..5970fd5328 100644 --- a/gate-web/src/test/groovy/com/netflix/spinnaker/gate/security/FormLoginRequestBuilder.groovy +++ b/gate-web/src/test/groovy/com/netflix/spinnaker/gate/security/FormLoginRequestBuilder.groovy @@ -22,8 +22,8 @@ import org.springframework.mock.web.MockHttpSession import org.springframework.test.web.servlet.RequestBuilder import org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder -import javax.servlet.ServletContext -import javax.servlet.http.Cookie +import jakarta.servlet.ServletContext +import jakarta.servlet.http.Cookie import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post diff --git a/gate-web/src/test/groovy/com/netflix/spinnaker/gate/security/basic/BasicAuthSpec.groovy b/gate-web/src/test/groovy/com/netflix/spinnaker/gate/security/basic/BasicAuthSpec.groovy index 14ba76096b..20abdfa61b 100644 --- a/gate-web/src/test/groovy/com/netflix/spinnaker/gate/security/basic/BasicAuthSpec.groovy +++ b/gate-web/src/test/groovy/com/netflix/spinnaker/gate/security/basic/BasicAuthSpec.groovy @@ -22,7 +22,7 @@ import com.netflix.spinnaker.gate.security.FormLoginRequestBuilder import com.netflix.spinnaker.gate.security.GateSystemTest import com.netflix.spinnaker.gate.security.YamlFileApplicationContextInitializer import com.netflix.spinnaker.gate.services.AccountLookupService - +import com.netflix.spinnaker.gate.services.internal.ClouddriverService import groovy.util.logging.Slf4j import org.springframework.beans.factory.annotation.Autowired import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc @@ -37,7 +37,7 @@ import org.springframework.test.web.servlet.MvcResult import org.springframework.util.Base64Utils import spock.lang.Specification -import javax.servlet.http.Cookie +import jakarta.servlet.http.Cookie import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print diff --git a/gate-web/src/test/groovy/com/netflix/spinnaker/gate/security/ldap/LdapAuthSpec.groovy b/gate-web/src/test/groovy/com/netflix/spinnaker/gate/security/ldap/LdapAuthSpec.groovy index 87ec6eccee..269368aa03 100644 --- a/gate-web/src/test/groovy/com/netflix/spinnaker/gate/security/ldap/LdapAuthSpec.groovy +++ b/gate-web/src/test/groovy/com/netflix/spinnaker/gate/security/ldap/LdapAuthSpec.groovy @@ -23,7 +23,7 @@ import com.netflix.spinnaker.gate.security.GateSystemTest import com.netflix.spinnaker.gate.security.YamlFileApplicationContextInitializer import com.netflix.spinnaker.gate.security.ldap.LdapSsoConfig.LdapConfigProps import com.netflix.spinnaker.gate.services.AccountLookupService - +import com.netflix.spinnaker.gate.services.internal.ClouddriverService import groovy.util.logging.Slf4j import org.springframework.beans.factory.annotation.Autowired import org.springframework.boot.context.properties.ConfigurationProperties @@ -38,7 +38,7 @@ import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MvcResult import spock.lang.Specification -import javax.servlet.http.Cookie +import jakarta.servlet.http.Cookie import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.* import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.* @@ -131,9 +131,9 @@ class LdapAuthSpec extends Specification { AccountLookupService accountLookupService() { return new AccountLookupService() { @Override - List getAccounts() { + List getAccounts() { return [ - new AccountDetails(name: "foo") + new ClouddriverService.AccountDetails(name: "foo") ] } } diff --git a/gate-web/src/test/groovy/com/netflix/spinnaker/gate/services/NotificationServiceSpec.groovy b/gate-web/src/test/groovy/com/netflix/spinnaker/gate/services/NotificationServiceSpec.groovy index c63df4f76c..5abd2f3074 100644 --- a/gate-web/src/test/groovy/com/netflix/spinnaker/gate/services/NotificationServiceSpec.groovy +++ b/gate-web/src/test/groovy/com/netflix/spinnaker/gate/services/NotificationServiceSpec.groovy @@ -19,7 +19,7 @@ package com.netflix.spinnaker.gate.services import com.netflix.spinnaker.config.DefaultServiceEndpoint import com.netflix.spinnaker.config.okhttp3.OkHttpClientProvider import com.netflix.spinnaker.gate.config.ServiceConfiguration - +import com.netflix.spinnaker.gate.services.internal.EchoService import com.netflix.spinnaker.gate.services.internal.Front50Service import okhttp3.Call import okhttp3.MediaType diff --git a/gate-web/src/test/groovy/com/netflix/spinnaker/gate/swagger/GenerateSwaggerSpec.groovy b/gate-web/src/test/groovy/com/netflix/spinnaker/gate/swagger/GenerateSwaggerSpec.groovy index b7ad60a9bb..113355a677 100644 --- a/gate-web/src/test/groovy/com/netflix/spinnaker/gate/swagger/GenerateSwaggerSpec.groovy +++ b/gate-web/src/test/groovy/com/netflix/spinnaker/gate/swagger/GenerateSwaggerSpec.groovy @@ -3,7 +3,7 @@ package com.netflix.spinnaker.gate.swagger import com.netflix.spinnaker.gate.Main import com.netflix.spinnaker.gate.security.GateSystemTest import com.netflix.spinnaker.gate.security.YamlFileApplicationContextInitializer - +import com.netflix.spinnaker.gate.services.internal.IgorService import groovy.util.logging.Slf4j import org.apache.commons.io.FileUtils import org.springframework.beans.factory.annotation.Autowired @@ -48,12 +48,12 @@ class GenerateSwaggerSpec extends Specification { Boolean written = false when: - mockMvc.perform(get("/v2/api-docs").accept(MediaType.APPLICATION_JSON)) + mockMvc.perform(get("/v3/api-docs").accept(MediaType.APPLICATION_JSON)) .andDo({ result -> - log.info('Generating swagger spec and writing to "swagger.json".') - FileUtils.writeStringToFile(new File('swagger.json'), result.getResponse().getContentAsString()) - written = true - }) + log.info('Generating swagger spec and writing to "swagger.json".') + FileUtils.writeStringToFile(new File('swagger.json'), result.getResponse().getContentAsString()) + written = true + }) then: written diff --git a/gate-x509/gate-x509.gradle b/gate-x509/gate-x509.gradle index 769a71d518..d636e0593d 100644 --- a/gate-x509/gate-x509.gradle +++ b/gate-x509/gate-x509.gradle @@ -1,10 +1,11 @@ dependencies { implementation project(':gate-core') - implementation "org.bouncycastle:bcprov-jdk15on" + implementation "org.bouncycastle:bcprov-jdk15on:1.70" implementation "io.spinnaker.kork:kork-core" implementation "io.spinnaker.kork:kork-security" implementation "com.netflix.spectator:spectator-api" implementation "com.github.ben-manes.caffeine:caffeine" implementation "io.spinnaker.fiat:fiat-api:$fiatVersion" implementation "io.spinnaker.fiat:fiat-core:$fiatVersion" + implementation("commons-io:commons-io") } diff --git a/gate-x509/src/main/groovy/com/netflix/spinnaker/gate/security/x509/X509Config.groovy b/gate-x509/src/main/groovy/com/netflix/spinnaker/gate/security/x509/X509Config.groovy index a9a35df62b..4ddbe2e608 100644 --- a/gate-x509/src/main/groovy/com/netflix/spinnaker/gate/security/x509/X509Config.groovy +++ b/gate-x509/src/main/groovy/com/netflix/spinnaker/gate/security/x509/X509Config.groovy @@ -14,6 +14,7 @@ * limitations under the License. */ + package com.netflix.spinnaker.gate.security.x509 import com.netflix.spinnaker.gate.config.AuthConfig @@ -25,11 +26,10 @@ import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Configuration import org.springframework.core.annotation.Order import org.springframework.security.config.annotation.web.builders.HttpSecurity -import org.springframework.security.config.annotation.web.builders.WebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter +import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer +import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.context.NullSecurityContextRepository -import org.springframework.security.web.util.matcher.AnyRequestMatcher @ConditionalOnExpression('${x509.enabled:false}') @Configuration @@ -40,7 +40,7 @@ import org.springframework.security.web.util.matcher.AnyRequestMatcher // and otherwise will just work(tm) if it is the only WebSecurityConfigurerAdapter // present as well @Order(2000) -class X509Config extends WebSecurityConfigurerAdapter { +class X509Config { @Value('${x509.subject-principal-regex:}') String subjectPrincipalRegex @@ -51,8 +51,8 @@ class X509Config extends WebSecurityConfigurerAdapter { @Autowired X509AuthenticationUserDetailsService x509AuthenticationUserDetailsService - @Override - void configure(HttpSecurity http) { + @Bean + public SecurityFilterChain x509FilterChain(HttpSecurity http) throws Exception { authConfig.configure(http) http.securityContext().securityContextRepository(new NullSecurityContextRepository()) http.x509().authenticationUserDetailsService(x509AuthenticationUserDetailsService) @@ -63,12 +63,12 @@ class X509Config extends WebSecurityConfigurerAdapter { //x509 is the catch-all if configured, this will auth apiPort connections and // any additional ports that get installed and removes the requestMatcher // installed by authConfig - http.requestMatcher(AnyRequestMatcher.INSTANCE) + return http.build() } - @Override - void configure(WebSecurity web) throws Exception { - authConfig.configure(web) + @Bean + public WebSecurityCustomizer webSecurityCustomizer() { + return (web) -> authConfig.configure(web) } @Bean diff --git a/gate-x509/src/main/groovy/com/netflix/spinnaker/gate/security/x509/X509IdentityExtractor.java b/gate-x509/src/main/groovy/com/netflix/spinnaker/gate/security/x509/X509IdentityExtractor.java index 1e043e03ce..043b0d1b8a 100644 --- a/gate-x509/src/main/groovy/com/netflix/spinnaker/gate/security/x509/X509IdentityExtractor.java +++ b/gate-x509/src/main/groovy/com/netflix/spinnaker/gate/security/x509/X509IdentityExtractor.java @@ -1,9 +1,9 @@ package com.netflix.spinnaker.gate.security.x509; import com.netflix.spinnaker.gate.security.RequestIdentityExtractor; +import jakarta.servlet.http.HttpServletRequest; import java.security.cert.X509Certificate; import java.util.Objects; -import javax.servlet.http.HttpServletRequest; import lombok.extern.slf4j.Slf4j; import org.springframework.security.core.context.SecurityContextHolder; diff --git a/gradle.properties b/gradle.properties index 2d5d79325d..5991e1b778 100644 --- a/gradle.properties +++ b/gradle.properties @@ -1,11 +1,10 @@ enablePublishing=false -fiatVersion=1.37.3-SNAPSHOT +fiatVersion=1-0-SNAPSHOT includeProviders=basic,iap,ldap,oauth2,saml,x509 -korkVersion=7.169.1 -kotlinVersion=1.4.0 +korkVersion=1-0-SNAPSHOT +kotlinVersion=1.9.21 org.gradle.parallel=true -spinnakerGradleVersion=8.25.0 -targetJava11=true +spinnakerGradleVersion=1-0-SNAPSHOT # To enable a composite reference to a project, set the # project property `'Composite=true'`. @@ -21,3 +20,4 @@ targetJava11=true # #fiatComposite=true #korkComposite=true +org.gradle.jvmargs=-Xmx6g -Xms6g diff --git a/gradle/kotlin-test.gradle b/gradle/kotlin-test.gradle index 5ffe2c3cd8..4dfaef8aae 100644 --- a/gradle/kotlin-test.gradle +++ b/gradle/kotlin-test.gradle @@ -29,10 +29,17 @@ dependencies { testRuntimeOnly "org.junit.platform:junit-platform-launcher" testRuntimeOnly "org.junit.jupiter:junit-jupiter-engine" } +test { + useJUnitPlatform { + includeEngines "junit-jupiter" + } +} + +test.jvmArgs = ['--add-opens=java.base/java.nio.file=ALL-UNNAMED', '--add-exports=java.base/java.nio.file=ALL-UNNAMED'] compileTestKotlin { kotlinOptions { - languageVersion = "1.4" - jvmTarget = "11" + languageVersion = "1.7" + jvmTarget = "17" } } diff --git a/gradle/kotlin.gradle b/gradle/kotlin.gradle index cbe600fd35..586eb05db2 100644 --- a/gradle/kotlin.gradle +++ b/gradle/kotlin.gradle @@ -19,15 +19,15 @@ apply plugin: "kotlin-spring" compileKotlin { kotlinOptions { - languageVersion = "1.4" - jvmTarget = "11" + languageVersion = "1.7" + jvmTarget = "17" } } compileTestKotlin { kotlinOptions { - languageVersion = "1.4" - jvmTarget = "11" + languageVersion = "1.7" + jvmTarget = "17" } } diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties index 28ff446a21..ae04661ee7 100644 --- a/gradle/wrapper/gradle-wrapper.properties +++ b/gradle/wrapper/gradle-wrapper.properties @@ -1,5 +1,5 @@ distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-6.8.1-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-7.5.1-bin.zip zipStoreBase=GRADLE_USER_HOME zipStorePath=wrapper/dists diff --git a/settings.gradle b/settings.gradle index 5717693630..4dd9ae26db 100644 --- a/settings.gradle +++ b/settings.gradle @@ -13,7 +13,21 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - +if (spinnakerGradleVersion.endsWith('-SNAPSHOT')) { + pluginManagement { + repositories { + mavenLocal() + gradlePluginPortal() + maven{ + url "https://nexus.opsmx.net/repository/maven-snapshots/" + credentials { + username = "NEXUS_USERNAME" + password = "NEXUS_PASSWORD" + } + } + } + } +} ['fiat', 'kork'].each { prj -> String propName = "${prj}Composite" String projectPath = "../$prj" @@ -21,7 +35,7 @@ includeBuild projectPath } } - +enableFeaturePreview("VERSION_ORDERING_V2") rootProject.name = "gate" include "gate-api",