Merge remote-tracking branch 'origin/foundation-2023' into master-31

.circleci/main/commands/executions/run-integration-tests.yml

@@ -60,12 +60,18 @@ commands:
           name: Gather system logs
           when: always
           command: |
-            mkdir -p ~/build-results/system-logs
-            (dmesg || :) > ~/build-results/system-logs/dmesg 2>&1
-            (ps auxf || :) > ~/build-results/system-logs/ps 2>&1
-            (free -m || :) > ~/build-results/system-logs/free 2>&1
-            (docker stats --no-stream || :) > ~/build-results/system-logs/docker_stats 2>&1
-            cp -R /tmp/jvmprocmon ~/build-results/system-logs/ || :
+            mkdir -p ~/test-results/system-logs
+            (dmesg || :) > ~/test-results/system-logs/dmesg 2>&1
+            (ps auxf || :) > ~/test-results/system-logs/ps 2>&1
+            (free -m || :) > ~/test-results/system-logs/free 2>&1
+            cp -R /tmp/jvmprocmon ~/test-results/system-logs/ || :
+
+            (date '+%T' || :)                       > ~/test-results/system-logs/docker_stats 2>&1
+            (docker stats --all --no-stream || :) >> ~/test-results/system-logs/docker_stats 2>&1
+            (docker ps ---all || :)               >> ~/test-results/system-logs/docker_stats 2>&1
+            for CONTAINER in `docker ps --all --quiet`; do
+              ((docker logs --timestamps "$CONTAINER" 2>&1 | tail -n 20 ) || :) > ~/test-results/system-logs/"docker-${CONTAINER}.log" 2>&1
+            done
       - store_test_results:
           path: ~/test-results
       - store_artifacts:

.circleci/main/commands/executions/run-smoke-tests.yml

@@ -41,7 +41,14 @@ commands:
             (dmesg || :) > ~/test-results/system-logs/dmesg 2>&1
             (ps auxf || :) > ~/test-results/system-logs/ps 2>&1
             (free -m || :) > ~/test-results/system-logs/free 2>&1
-            (docker stats --no-stream || :) > ~/test-results/system-logs/docker_stats 2>&1
+            cp -R /tmp/jvmprocmon ~/test-results/system-logs/ || :
+
+            (date '+%T' || :)                      > ~/test-results/system-logs/docker_stats 2>&1
+            (docker stats --all --no-stream || :) >> ~/test-results/system-logs/docker_stats 2>&1
+            (docker ps ---all || :)               >> ~/test-results/system-logs/docker_stats 2>&1
+            for CONTAINER in `docker ps --all --quiet`; do
+              ((docker logs --timestamps "$CONTAINER" 2>&1 | tail -n 20 ) || :) > ~/test-results/system-logs/"docker-${CONTAINER}.log" 2>&1
+            done
             cp -R /tmp/jvmprocmon ~/test-results/system-logs/ || :
             ls -alh ~/project/smoke-test/ || :
       - run:

.circleci/main/jobs/tests/smoke/smoke-test-core.yml

@@ -2,6 +2,7 @@
   smoke-test-core:
     executor: smoke-test-executor
     parallelism: 10
+    resource_class: medium+
     steps:
       - run:
           name: "skip if flaky tests are enabled"

.circleci/main/jobs/tests/smoke/smoke-test-minion.yml

@@ -2,6 +2,7 @@
   smoke-test-minion:
     executor: smoke-test-executor
     parallelism: 4
+    resource_class: medium+
     steps:
       - run:
           name: "skip if flaky tests are enabled"

.circleci/main/jobs/tests/smoke/smoke-test-sentinel.yml

@@ -2,6 +2,7 @@
   smoke-test-sentinel:
     executor: smoke-test-executor
     parallelism: 4
+    resource_class: medium+
     steps:
       - run:
           name: "skip if flaky tests are enabled"

.circleci/scripts/itest.sh

@@ -99,7 +99,7 @@ retry sudo apt update && \
             || exit 1
 
 export JAVA_HOME=/usr/lib/jvm/java-11-openjdk-amd64
-export MAVEN_OPTS="$MAVEN_OPTS -Xmx8g -XX:ReservedCodeCacheSize=1g"
+export MAVEN_OPTS="$MAVEN_OPTS -Xmx4g -XX:ReservedCodeCacheSize=1g"
 
 # shellcheck disable=SC3045
 ulimit -n 65536
@@ -144,7 +144,7 @@ echo "#### Building Assembly Dependencies"
            install
 
 echo "#### Executing tests"
-./compile.pl "${MAVEN_ARGS[@]}" \
+ionice nice ./compile.pl "${MAVEN_ARGS[@]}" \
            -P'!checkstyle' \
            -P'!production' \
            -Pbuild-bamboo \

.circleci/scripts/smoke.sh

@@ -48,7 +48,7 @@ done
 
 # Configure the heap for the Maven JVM - the tests themselves are forked out in separate JVMs
 # The heap size should be sufficient to buffer the output (stdout/stderr) from the test
-export MAVEN_OPTS="-Xmx1g -Xms1g"
+export MAVEN_OPTS="-Xmx2g -Xms2g"
 
 # shellcheck disable=SC3045
 # Set higher open files limit
@@ -66,7 +66,7 @@ else
 fi
 
 # When we are ready to collect coverge on smoke tests, add "-Pcoverage" below
-../compile.pl \
+ionice nice ../compile.pl \
   -DskipTests=false \
   -DskipITs=false \
   -DfailIfNoTests=false \

.github/assign-by-files.yml

@@ -1,12 +1,13 @@
 ---
 "**/*.adoc":
   - Bonrob2
-  - emarsh1995
 
 "opennms-doc/**/*":
   - Bonrob2
-  - emarsh1995
 
 "docs/**/*":
   - Bonrob2
-  - emarsh1995
+
+".circleci/**/*":
+  - RangerRick
+  - mershad-manesh

.github/workflows/auto-assign.yml

@@ -1,7 +1,7 @@
 name: "Auto Assign Pull Request"
 on:
   pull_request:
-    types: [review_requested, ready_for_review, opened, synchronize, reopened]
+    # types: [review_requested, ready_for_review, opened, synchronize, reopened]
     branches:
       - develop
       - 'foundation-**'
@@ -11,7 +11,7 @@ jobs:
     if: github.event.pull_request.draft == false
     runs-on: ubuntu-latest
     steps:
-      - uses: shufo/[email protected].3
+      - uses: shufo/[email protected].4
         with:
           config: ".github/assign-by-files.yml"
           token: ${{ secrets.GITHUB_TOKEN }}

container/features/src/main/resources/features-core.xml

@@ -179,14 +179,15 @@
     </feature>
 
     <!-- override the default Karaf ssh with a version from a newer release -->
-    <feature name="ssh" description="Provide a SSHd server on Karaf" version="4.3.9">
+    <feature name="ssh" description="Provide an SSHd server on Karaf" version="${karafSshdVersion}">
         <feature>shell</feature>
         <feature>jaas</feature>
-        <bundle start-level="30">mvn:org.apache.sshd/sshd-osgi/2.9.2</bundle>
-        <bundle start-level="30">mvn:org.apache.sshd/sshd-scp/2.9.2</bundle>
-        <bundle start-level="30">mvn:org.apache.sshd/sshd-sftp/2.9.2</bundle>
-        <bundle start-level="30">mvn:org.bouncycastle/bcprov-jdk15on/1.70</bundle>
-        <bundle start-level="30">mvn:org.bouncycastle/bcpkix-jdk15on/1.70</bundle>
+        <bundle start-level="30">mvn:org.apache.sshd/sshd-osgi/${minaSshdVersion}</bundle>
+        <bundle start-level="30">mvn:org.apache.sshd/sshd-scp/${minaSshdVersion}</bundle>
+        <bundle start-level="30">mvn:org.apache.sshd/sshd-sftp/${minaSshdVersion}</bundle>
+        <bundle start-level="30">mvn:org.bouncycastle/bcutil-jdk18on/1.72</bundle>
+        <bundle start-level="30">mvn:org.bouncycastle/bcprov-jdk18on/1.72</bundle>
+        <bundle start-level="30">mvn:org.bouncycastle/bcpkix-jdk18on/1.72</bundle>
         <bundle start-level="30">mvn:org.apache.karaf.shell/org.apache.karaf.shell.ssh/${karafVersion}</bundle>
     </feature>
 </features>

container/features/src/main/resources/features-experimental.xml

@@ -142,7 +142,7 @@
       <bundle>mvn:org.opennms/opennms-web-api/${project.version}</bundle>
       <bundle>mvn:org.opennms.core/org.opennms.core.web-assets/${project.version}</bundle>
 
-      <feature>spring-security32</feature>
+      <feature>spring-security-opennms</feature>
       <bundle>mvn:org.opennms.features/org.opennms.features.springframework-security/${project.version}</bundle>
 
       <!-- The main webapp WAR file -->

container/features/src/main/resources/features.xml

@@ -277,17 +277,17 @@
         <feature>joda-time</feature>
         <bundle>wrap:mvn:com.swrve/rate-limited-logger/${rateLimitedLoggerVersion}</bundle>
     </feature>
-    <feature name="spring-security32" version="${springSecurityVersion}" description="Spring :: Security">
+    <feature name="spring-security-opennms" version="${springSecurityVersion}" description="Spring :: Security">
         <feature version="[4.2,4.3)">spring-web</feature>
         <feature>commons-codec</feature>
         <feature>javax.servlet</feature>
-        <bundle>wrap:mvn:org.springframework.ldap/spring-ldap-core/1.3.2.RELEASE$Export-Package=org.springframework.ldap*;version="1.3.2"</bundle>
-        <bundle>mvn:org.springframework.security/spring-security-aspects/${springSecurityVersion}</bundle>
-        <bundle>mvn:org.springframework.security/spring-security-core/${springSecurityVersion}</bundle>
-        <bundle>mvn:org.springframework.security/spring-security-config/${springSecurityVersion}</bundle>
-        <bundle>mvn:org.springframework.security/spring-security-ldap/${springSecurityVersion}</bundle>
-        <bundle>mvn:org.springframework.security/spring-security-remoting/${springSecurityVersion}</bundle>
-        <bundle>mvn:org.springframework.security/spring-security-web/${springSecurityVersion}</bundle>
+        <bundle>wrap:mvn:org.springframework.ldap/spring-ldap-core/${springLdapVersion}$Export-Package=org.springframework.ldap*;version="${springLdapVersion}"</bundle>
+        <bundle>wrap:mvn:org.springframework.security/spring-security-aspects/${springSecurityVersion}</bundle>
+        <bundle>wrap:mvn:org.springframework.security/spring-security-core/${springSecurityVersion}</bundle>
+        <bundle>wrap:mvn:org.springframework.security/spring-security-config/${springSecurityVersion}</bundle>
+        <bundle>wrap:mvn:org.springframework.security/spring-security-ldap/${springSecurityVersion}</bundle>
+        <bundle>wrap:mvn:org.springframework.security/spring-security-remoting/${springSecurityVersion}</bundle>
+        <bundle>wrap:mvn:org.springframework.security/spring-security-web/${springSecurityVersion}</bundle>
     </feature>
     <feature name="jicmp" version="${jicmpVersion}" description="jicmp">
         <feature version="${guavaOsgiVersion}">guava</feature>
@@ -897,7 +897,7 @@
         <feature>javax.servlet</feature>
         <feature>jcifs</feature>
         <feature>jldap</feature>
-        <feature>spring-security32</feature>
+        <feature>spring-security-opennms</feature>
         <feature>opennms-collection-api</feature>
         <feature>opennms-core-web</feature>
         <feature>opennms-dhcpd</feature>

container/karaf/pom.xml

@@ -64,7 +64,7 @@
                         <feature>feature</feature>
                         <feature>jaas</feature>
                         <feature>jasypt-encryption</feature>
-                        <feature>ssh</feature>
+                        <feature>ssh/${karafSshdVersion}</feature>
                         <feature>management</feature>
                         <feature>bundle</feature>
                         <feature>config</feature>

container/karaf/src/main/filtered-resources/etc/blacklisted.properties

@@ -1,4 +1,4 @@
-# replaced by explicit `spring-security32`
+# replaced by explicit `spring-security-opennms`
 spring-security
 
 # no karaf Spring repos

container/karaf/src/main/filtered-resources/etc/custom.properties

@@ -922,6 +922,7 @@ org.osgi.framework.system.packages.extra=org.apache.karaf.branding,\
         org.springframework.security.access.intercept;version=${springSecurityVersion},\
         org.springframework.security.access.intercept.aopalliance;version=${springSecurityVersion},\
         org.springframework.security.access.intercept.aspectj;version=${springSecurityVersion},\
+        org.springframework.security.access.intercept.aspectj.aspect;version=${springSecurityVersion},\
         org.springframework.security.access.method;version=${springSecurityVersion},\
         org.springframework.security.access.prepost;version=${springSecurityVersion},\
         org.springframework.security.access.vote;version=${springSecurityVersion},\
@@ -956,15 +957,22 @@ org.osgi.framework.system.packages.extra=org.apache.karaf.branding,\
         org.springframework.security.config.annotation.web.configuration;version=${springSecurityVersion},\
         org.springframework.security.config.annotation.web.configurers;version=${springSecurityVersion},\
         org.springframework.security.config.annotation.web.configurers.openid;version=${springSecurityVersion},\
+        org.springframework.security.config.annotation.web.messaging;version=${springSecurityVersion},\
         org.springframework.security.config.annotation.web.servlet;version=${springSecurityVersion},\
         org.springframework.security.config.annotation.web.servlet.configuration;version=${springSecurityVersion},\
+        org.springframework.security.config.annotation.web.socket;version=${springSecurityVersion},\
         org.springframework.security.config.authentication;version=${springSecurityVersion},\
+        org.springframework.security.config;version=${springSecurityVersion},\
+        org.springframework.security.config.core;version=${springSecurityVersion},\
         org.springframework.security.config.debug;version=${springSecurityVersion},\
         org.springframework.security.config.http;version=${springSecurityVersion},\
         org.springframework.security.config.ldap;version=${springSecurityVersion},\
         org.springframework.security.config.method;version=${springSecurityVersion},\
+        org.springframework.security.config;version=${springSecurityVersion},\
+        org.springframework.security.config.websocket;version=${springSecurityVersion},\
         org.springframework.security.context;version=${springSecurityVersion},\
         org.springframework.security.core;version=${springSecurityVersion},\
+        org.springframework.security.core.annotation;version=${springSecurityVersion},\
         org.springframework.security.core.authority;version=${springSecurityVersion},\
         org.springframework.security.core.authority.mapping;version=${springSecurityVersion},\
         org.springframework.security.core.context;version=${springSecurityVersion},\
@@ -979,9 +987,12 @@ org.osgi.framework.system.packages.extra=org.apache.karaf.branding,\
         org.springframework.security.crypto.bcrypt;version=${springSecurityVersion},\
         org.springframework.security.crypto.codec;version=${springSecurityVersion},\
         org.springframework.security.crypto.encrypt;version=${springSecurityVersion},\
+        org.springframework.security.crypto.factory;version=${springSecurityVersion},\
         org.springframework.security.crypto.keygen;version=${springSecurityVersion},\
         org.springframework.security.crypto.password;version=${springSecurityVersion},\
+        org.springframework.security.crypto.scrypt;version=${springSecurityVersion},\
         org.springframework.security.crypto.util;version=${springSecurityVersion},\
+        org.springframework.security.jackson2;version=${springSecurityVersion},\
         org.springframework.security.kerberos;version=${springSecurityKerberosVersion},\
         org.springframework.security.kerberos.authentication;version=${springSecurityKerberosVersion},\
         org.springframework.security.kerberos.authentication.sun;version=${springSecurityKerberosVersion},\
@@ -990,13 +1001,14 @@ org.osgi.framework.system.packages.extra=org.apache.karaf.branding,\
         org.springframework.security.kerberos.client.ldap;version=${springSecurityKerberosVersion},\
         org.springframework.security.kerberos.web;version=${springSecurityKerberosVersion},\
         org.springframework.security.kerberos.web.authentication;version=${springSecurityKerberosVersion},\
-        org.springframework.security.ldap;version=${springLdapVersion},\
-        org.springframework.security.ldap.authentication;version=${springLdapVersion},\
-        org.springframework.security.ldap.authentication.ad;version=${springLdapVersion},\
-        org.springframework.security.ldap.ppolicy;version=${springLdapVersion},\
-        org.springframework.security.ldap.search;version=${springLdapVersion},\
-        org.springframework.security.ldap.server;version=${springLdapVersion},\
-        org.springframework.security.ldap.userdetails;version=${springLdapVersion},\
+        org.springframework.security.ldap;version=${springSecurityVersion},\
+        org.springframework.security.ldap.authentication;version=${springSecurityVersion},\
+        org.springframework.security.ldap.authentication.ad;version=${springSecurityVersion},\
+        org.springframework.security.ldap.ppolicy;version=${springSecurityVersion},\
+        org.springframework.security.ldap.search;version=${springSecurityVersion},\
+        org.springframework.security.ldap.server;version=${springSecurityVersion},\
+        org.springframework.security.ldap.userdetails;version=${springSecurityVersion},\
+        org.springframework.security;version=${springSecurityVersion},\
         org.springframework.security.provisioning;version=${springSecurityVersion},\
         org.springframework.security.remoting;version=${springSecurityVersion},\
         org.springframework.security.remoting.dns;version=${springSecurityVersion},\
@@ -1006,7 +1018,6 @@ org.osgi.framework.system.packages.extra=org.apache.karaf.branding,\
         org.springframework.security.taglibs;version=${springSecurityVersion},\
         org.springframework.security.taglibs.authz;version=${springSecurityVersion},\
         org.springframework.security.taglibs.csrf;version=${springSecurityVersion},\
-        org.springframework.security.taglibs.velocity;version=${springSecurityVersion},\
         org.springframework.security.task;version=${springSecurityVersion},\
         org.springframework.security.util;version=${springSecurityVersion},\
         org.springframework.security.web;version=${springSecurityVersion},\
@@ -1031,17 +1042,23 @@ org.osgi.framework.system.packages.extra=org.apache.karaf.branding,\
         org.springframework.security.web.context;version=${springSecurityVersion},\
         org.springframework.security.web.context.request;version=${springSecurityVersion},\
         org.springframework.security.web.context.request.async;version=${springSecurityVersion},\
+        org.springframework.security.web.context.support;version=${springSecurityVersion},\
         org.springframework.security.web.csrf;version=${springSecurityVersion},\
         org.springframework.security.web.debug;version=${springSecurityVersion},\
         org.springframework.security.web.firewall;version=${springSecurityVersion},\
         org.springframework.security.web.header;version=${springSecurityVersion},\
         org.springframework.security.web.header.writers;version=${springSecurityVersion},\
         org.springframework.security.web.header.writers.frameoptions;version=${springSecurityVersion},\
         org.springframework.security.web.jaasapi;version=${springSecurityVersion},\
+        org.springframework.security.web.jackson2;version=${springSecurityVersion},\
+        org.springframework.security.web.method;version=${springSecurityVersion},\
+        org.springframework.security.web.method.annotation;version=${springSecurityVersion},\
         org.springframework.security.web.savedrequest;version=${springSecurityVersion},\
         org.springframework.security.web.servlet;version=${springSecurityVersion},\
         org.springframework.security.web.servlet.support;version=${springSecurityVersion},\
         org.springframework.security.web.servlet.support.csrf;version=${springSecurityVersion},\
+        org.springframework.security.web.servlet.util;version=${springSecurityVersion},\
+        org.springframework.security.web.servlet.util.matcher;version=${springSecurityVersion},\
         org.springframework.security.web.servletapi;version=${springSecurityVersion},\
         org.springframework.security.web.session;version=${springSecurityVersion},\
         org.springframework.security.web.util;version=${springSecurityVersion},\

container/karaf/src/main/filtered-resources/etc/org.apache.karaf.features.cfg

@@ -33,7 +33,7 @@ featuresBoot = ( \
     instance/${karafVersion}, \
     package/${karafVersion}, \
     log/${karafVersion}, \
-    ssh/${karafVersion}, \
+    ssh/${karafSshdVersion}, \
     aries-blueprint/${karafVersion}, \
     framework/${karafVersion}, \
     system/${karafVersion}, \

container/karaf/src/main/filtered-resources/etc/overrides.properties

@@ -9,4 +9,10 @@ mvn:org.apache.qpid/proton-j/0.34.0
 mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.jasypt/${jasyptVersion}_1
 mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.jasypt-spring31/${jasyptVersion}_1
 mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.xstream/${xstreamVersion}_1
+mvn:org.apache.sshd/sshd/${minaSshdVersion}
+mvn:org.apache.sshd/sshd-common/${minaSshdVersion}
+mvn:org.apache.sshd/sshd-core/${minaSshdVersion}
+mvn:org.apache.sshd/sshd-osgi/${minaSshdVersion}
+mvn:org.apache.sshd/sshd-scp/${minaSshdVersion}
+mvn:org.apache.sshd/sshd-sftp/${minaSshdVersion}
 mvn:org.codehaus.jettison/jettison/${jettisonVersion}