Skip to content

Commit

Permalink
Update dependencies to avoid CVE (#2267)
Browse files Browse the repository at this point in the history
  • Loading branch information
linghengqian authored Sep 18, 2023
1 parent d4f7d94 commit de93e07
Show file tree
Hide file tree
Showing 9 changed files with 565 additions and 215 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -19,43 +19,111 @@

import lombok.AccessLevel;
import lombok.NoArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.apache.curator.framework.CuratorFramework;
import org.apache.curator.framework.CuratorFrameworkFactory;
import org.apache.curator.framework.imps.CuratorFrameworkState;
import org.apache.curator.retry.ExponentialBackoffRetry;
import org.apache.curator.test.TestingServer;
import org.apache.shardingsphere.elasticjob.reg.exception.RegExceptionHandler;
import org.apache.zookeeper.KeeperException;

import java.io.File;
import java.io.IOException;
import java.util.Collection;
import java.util.concurrent.TimeUnit;

@NoArgsConstructor(access = AccessLevel.PRIVATE)
@Slf4j
public final class EmbedTestingServer {

private static final int PORT = 10181;

private static volatile TestingServer testingServer;


private static final Object INIT_LOCK = new Object();

/**
* Start the embed server.
* Start embed zookeeper server.
*/
public static void start() {
if (null != testingServer) {
log.info("Embed zookeeper server already exists 1, on {}", testingServer.getConnectString());
return;
}
log.info("Starting embed zookeeper server...");
synchronized (INIT_LOCK) {
if (null != testingServer) {
log.info("Embed zookeeper server already exists 2, on {}", testingServer.getConnectString());
return;
}
start0();
waitTestingServerReady();
}
}

private static void start0() {
try {
testingServer = new TestingServer(PORT, new File(String.format("target/test_zk_data/%s/", System.nanoTime())));
testingServer = new TestingServer(PORT, true);
// CHECKSTYLE:OFF
} catch (final Exception ex) {
// CHECKSTYLE:ON
RegExceptionHandler.handleException(ex);
if (!isIgnoredException(ex)) {
throw new RuntimeException(ex);
} else {
log.warn("Start embed zookeeper server got exception: {}", ex.getMessage());
}
} finally {
Runtime.getRuntime().addShutdownHook(new Thread(() -> {
try {
testingServer.close();
} catch (final IOException ex) {
RegExceptionHandler.handleException(ex);
} catch (final IOException ignored) {
}
log.info("Close embed zookeeper server done");
}));
}
}


private static void waitTestingServerReady() {
int maxRetries = 60;
try (CuratorFramework client = buildCuratorClient()) {
client.start();
int round = 0;
while (round < maxRetries) {
try {
if (client.getZookeeperClient().isConnected()) {
log.info("client is connected");
break;
}
if (client.blockUntilConnected(500, TimeUnit.MILLISECONDS)) {
CuratorFrameworkState state = client.getState();
Collection<String> childrenKeys = client.getChildren().forPath("/");
log.info("TestingServer connected, state={}, childrenKeys={}", state, childrenKeys);
break;
}
// CHECKSTYLE:OFF
} catch (final Exception ignored) {
// CHECKSTYLE:ON
}
++round;
}
}
}

private static CuratorFramework buildCuratorClient() {
CuratorFrameworkFactory.Builder builder = CuratorFrameworkFactory.builder();
int retryIntervalMilliseconds = 500;
int maxRetries = 3;
builder.connectString(getConnectionString())
.retryPolicy(new ExponentialBackoffRetry(retryIntervalMilliseconds, maxRetries, retryIntervalMilliseconds * maxRetries))
.namespace("test");
builder.sessionTimeoutMs(60 * 1000);
builder.connectionTimeoutMs(500);
return builder.build();
}

private static boolean isIgnoredException(final Throwable cause) {
return cause instanceof KeeperException.ConnectionLossException || cause instanceof KeeperException.NoNodeException || cause instanceof KeeperException.NodeExistsException;
}

/**
* Get the connection string.
*
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -216,44 +216,44 @@ The following components are provided under the Apache License. See project link
The text of each license is the standard Apache 2.0 license.

audience-annotations 0.5.0: https://github.com/apache/yetus, Apache 2.0
commons-codec 1.10: https://github.com/apache/commons-codec, Apache 2.0
commons-dbcp2 2.9.0: https://github.com/apache/commons-dbcp, Apache 2.0
commons-codec 1.16.0: https://github.com/apache/commons-codec, Apache 2.0
commons-dbcp2 2.11.1: https://github.com/apache/commons-dbcp, Apache 2.0
commons-exec 1.3: http://commons.apache.org/proper/commons-exec, Apache 2.0
commons-lang 2.6: https://github.com/apache/commons-lang, Apache 2.0
commons-lang3 3.4: https://github.com/apache/commons-lang, Apache 2.0
commons-logging 1.2: https://github.com/apache/commons-logging, Apache 2.0
commons-pool2 2.8.1: https://github.com/apache/commons-pool, Apache 2.0
curator-client 5.1.0: https://github.com/apache/curator, Apache 2.0
curator-framework 5.1.0: https://github.com/apache/curator, Apache 2.0
curator-recipes 5.1.0: https://github.com/apache/curator, Apache 2.0
curator-client 5.5.0: https://github.com/apache/curator, Apache 2.0
curator-framework 5.5.0: https://github.com/apache/curator, Apache 2.0
curator-recipes 5.5.0: https://github.com/apache/curator, Apache 2.0
error_prone_annotations 2.3.4: https://github.com/google/error-prone, Apache 2.0
failureaccess 1.0.1:https://github.com/google/guava, Apache 2.0
fenzo-core 0.11.1: https://github.com/Netflix/Fenzo, Apache 2.0
gson 2.6.1: https://github.com/google/gson, Apache 2.0
guava 29.0-jre: https://github.com/google/guava, Apache 2.0
fenzo-core 1.0.1: https://github.com/Netflix/Fenzo, Apache 2.0
gson 2.10.1: https://github.com/google/gson, Apache 2.0
guava 30.0-jre: https://github.com/google/guava, Apache 2.0
HikariCP-java7 2.4.13: https://github.com/brettwooldridge/HikariCP, Apache 2.0
httpclient 4.5.13: https://github.com/apache/httpcomponents-client, Apache 2.0
httpcore 4.4.13: https://github.com/apache/httpcomponents-core, Apache 2.0
httpclient 4.5.14: https://github.com/apache/httpcomponents-client, Apache 2.0
httpcore 4.4.16: https://github.com/apache/httpcomponents-core, Apache 2.0
jackson-annotations 2.4.0: https://github.com/FasterXML/jackson-annotations, Apache 2.0
jackson-core 2.4.5: https://github.com/FasterXML/jackson-core, Apache 2.0
jackson-databind 2.4.5: https://github.com/FasterXML/jackson-core, Apache 2.0
listenablefuture 9999.0-empty-to-avoid-conflict-with-guava:https://github.com/google/guava, Apache 2.0
log4j 1.2.17: http://logging.apache.org/log4j/1.2/, Apache 2.0
log4j-over-slf4j 1.7.7: https://github.com/qos-ch/slf4j, Apache 2.0
mesos 1.1.0: http://mesos.apache.org/, Apache 2.0
netty-buffer 4.1.45.Final: https://github.com/netty, Apache 2.0
netty-codec 4.1.45.Final: https://github.com/netty, Apache 2.0
netty-codec-http 4.1.45.Final: https://github.com/netty, Apache 2.0
netty-common 4.1.45.Final: https://github.com/netty, Apache 2.0
netty-handler 4.1.45.Final: https://github.com/netty, Apache 2.0
netty-resolver 4.1.45.Final: https://github.com/netty, Apache 2.0
netty-transport 4.1.45.Final: https://github.com/netty, Apache 2.0
netty-transport-native-epoll 4.1.45.Final: https://github.com/netty, Apache 2.0
netty-transport-native-unix-common 4.1.45.Final: https://github.com/netty, Apache 2.0
log4j-over-slf4j 1.7.36: https://github.com/qos-ch/slf4j, Apache 2.0
mesos 1.11.0: http://mesos.apache.org/, Apache 2.0
netty-buffer 4.1.97.Final: https://github.com/netty, Apache 2.0
netty-codec 4.1.97.Final: https://github.com/netty, Apache 2.0
netty-codec-http 4.1.97.Final: https://github.com/netty, Apache 2.0
netty-common 4.1.97.Final: https://github.com/netty, Apache 2.0
netty-handler 4.1.97.Final: https://github.com/netty, Apache 2.0
netty-resolver 4.1.97.Final: https://github.com/netty, Apache 2.0
netty-transport 4.1.97.Final: https://github.com/netty, Apache 2.0
netty-transport-native-epoll 4.1.97.Final: https://github.com/netty, Apache 2.0
netty-transport-native-unix-common 4.1.97.Final: https://github.com/netty, Apache 2.0
quartz 2.3.2: https://github.com/quartz-scheduler/quartz, Apache 2.0
snakeyaml 1.26: http://www.snakeyaml.org, Apache 2.0
zookeeper 3.6.0: https://github.com/apache/zookeeper, Apache 2.0
zookeeper-jute 3.6.0: https://github.com/apache/zookeeper, Apache 2.0
snakeyaml 2.0: https://bitbucket.org/snakeyaml/snakeyaml/src, Apache 2.0
zookeeper 3.9.0: https://github.com/apache/zookeeper, Apache 2.0
zookeeper-jute 3.9.0: https://github.com/apache/zookeeper, Apache 2.0

========================================================================
EPL licenses
Expand All @@ -264,8 +264,8 @@ The text of each license is also included at licenses/LICENSE-[project].txt.

jakarta.annotation-api 1.3.5: https://github.com/eclipse-ee4j/common-annotations-api, EPL 2.0
jakarta.el 3.0.3: https://github.com/eclipse-ee4j/el-ri, EPL 2.0
logback-classic 1.2.3: https://github.com/qos-ch/logback, EPL 1.0
logback-core 1.2.3: https://github.com/qos-ch/logback, EPL 1.0
logback-classic 1.2.12: https://github.com/qos-ch/logback, EPL 1.0
logback-core 1.2.12: https://github.com/qos-ch/logback, EPL 1.0
mchange-commons-java 0.2.15: https://github.com/swaldman/mchange-commons-java/tree/mchange-commons-java-0.2.15, EPL 1.0

========================================================================
Expand All @@ -276,6 +276,6 @@ The following components are provided under the MIT License. See project link fo
The text of each license is also included at licenses/LICENSE-[project].txt.

checker-qual 2.11.1: https://github.com/typetools/checker-framework, MIT
jcl-over-slf4j 1.7.7: https://github.com/qos-ch/slf4j, MIT
jul-to-slf4j 1.7.7: https://github.com/qos-ch/slf4j, MIT
slf4j-api 1.7.7: https://github.com/qos-ch/slf4j, MIT
jcl-over-slf4j 1.7.36: https://github.com/qos-ch/slf4j, MIT
jul-to-slf4j 1.7.36: https://github.com/qos-ch/slf4j, MIT
slf4j-api 1.7.36: https://github.com/qos-ch/slf4j, MIT
Original file line number Diff line number Diff line change
Expand Up @@ -19,50 +19,118 @@

import lombok.AccessLevel;
import lombok.NoArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.apache.curator.framework.CuratorFramework;
import org.apache.curator.framework.CuratorFrameworkFactory;
import org.apache.curator.framework.imps.CuratorFrameworkState;
import org.apache.curator.retry.ExponentialBackoffRetry;
import org.apache.curator.test.TestingServer;
import org.apache.shardingsphere.elasticjob.reg.exception.RegExceptionHandler;
import org.apache.zookeeper.KeeperException;

import java.io.File;
import java.io.IOException;
import java.util.Collection;
import java.util.concurrent.TimeUnit;

@Slf4j
@NoArgsConstructor(access = AccessLevel.PRIVATE)
public final class EmbedTestingServer {

private static final int PORT = 9181;

private static volatile TestingServer testingServer;

/**
* Get the connection string.
*
* @return connection string
*/
public static String getConnectionString() {
return "localhost:" + PORT;
}


private static final Object INIT_LOCK = new Object();

/**
* Start the server.
* Start embed zookeeper server.
*/
public static void start() {
if (null != testingServer) {
log.info("Embed zookeeper server already exists 1, on {}", testingServer.getConnectString());
return;
}
log.info("Starting embed zookeeper server...");
synchronized (INIT_LOCK) {
if (null != testingServer) {
log.info("Embed zookeeper server already exists 2, on {}", testingServer.getConnectString());
return;
}
start0();
waitTestingServerReady();
}
}

private static void start0() {
try {
testingServer = new TestingServer(PORT, new File(String.format("target/test_zk_data/%s/", System.nanoTime())));
testingServer = new TestingServer(PORT, true);
// CHECKSTYLE:OFF
} catch (final Exception ex) {
// CHECKSTYLE:ON
RegExceptionHandler.handleException(ex);
if (!isIgnoredException(ex)) {
throw new RuntimeException(ex);
} else {
log.warn("Start embed zookeeper server got exception: {}", ex.getMessage());
}
} finally {
Runtime.getRuntime().addShutdownHook(new Thread(() -> {
try {
testingServer.close();
} catch (final IOException ex) {
RegExceptionHandler.handleException(ex);
} catch (final IOException ignored) {
}
log.info("Close embed zookeeper server done");
}));
}
}

private static void waitTestingServerReady() {
int maxRetries = 60;
try (CuratorFramework client = buildCuratorClient()) {
client.start();
int round = 0;
while (round < maxRetries) {
try {
if (client.getZookeeperClient().isConnected()) {
log.info("client is connected");
break;
}
if (client.blockUntilConnected(500, TimeUnit.MILLISECONDS)) {
CuratorFrameworkState state = client.getState();
Collection<String> childrenKeys = client.getChildren().forPath("/");
log.info("TestingServer connected, state={}, childrenKeys={}", state, childrenKeys);
break;
}
// CHECKSTYLE:OFF
} catch (final Exception ignored) {
// CHECKSTYLE:ON
}
++round;
}
}
}

private static CuratorFramework buildCuratorClient() {
CuratorFrameworkFactory.Builder builder = CuratorFrameworkFactory.builder();
int retryIntervalMilliseconds = 500;
int maxRetries = 3;
builder.connectString(getConnectionString())
.retryPolicy(new ExponentialBackoffRetry(retryIntervalMilliseconds, maxRetries, retryIntervalMilliseconds * maxRetries))
.namespace("test");
builder.sessionTimeoutMs(60 * 1000);
builder.connectionTimeoutMs(500);
return builder.build();
}

private static boolean isIgnoredException(final Throwable cause) {
return cause instanceof KeeperException.ConnectionLossException || cause instanceof KeeperException.NoNodeException || cause instanceof KeeperException.NodeExistsException;
}

/**
* Get the connection string.
*
* @return connection string
*/
public static String getConnectionString() {
return "localhost:" + PORT;
}
}

Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
package org.apache.shardingsphere.elasticjob.lite.internal.server;

import com.google.common.base.Strings;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.shardingsphere.elasticjob.lite.internal.instance.InstanceNode;
import org.apache.shardingsphere.elasticjob.lite.internal.schedule.JobRegistry;
import org.apache.shardingsphere.elasticjob.lite.internal.storage.JobNodeStorage;
Expand Down
Loading

0 comments on commit de93e07

Please sign in to comment.