Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): migrate to the official Zeebe Spring SDK #3193

Draft
wants to merge 12 commits into
base: main
Choose a base branch
from
Draft

chore(deps): migrate to the official Zeebe Spring SDK #3193

wants to merge 12 commits into from

Conversation

chillleader
Copy link
Member

@chillleader chillleader commented Aug 28, 2024
edited
Loading

Description

This PR will migrate the Connectors project to the official Camunda Spring SDK. Until now, we have been using the community-supported library Spring Zeebe which is now on a deprecation path.

Key changes:

  • All Spring Boot apps are not using the new property structure for authentication-related config
  • A community-supported Operate client is now used. The official Camunda Spring SDK doesn't offer an Operate client yet.
  • All integration tests that had previously used the testing library from Spring Zeebe now use the official Camunda Process Test (CPT) library.
    • ⚠️ This will lead to significant increase in build time - each integration test case now takes 40+ seconds.
    • We can consider build optimizations due to this in a follow-up PR if this impacts our productivity
  • Console Secret API client has been changed: it uses the authentication classes from the Operate client library. The check whether or not it should be enabled is done via the standard Zeebe client properties to cover the use cases where Operate is disabled and no properties are provided.
    • This is subject to change when Operate client becomes part of the Spring SDK.

Related issues

closes #2896

@chillleader chillleader self-assigned this Aug 28, 2024
@chillleader chillleader changed the title chore: migrate to the official Zeebe Spring SDK chore(runtime): migrate to the official Zeebe Spring SDK Aug 28, 2024
@chillleader chillleader changed the title chore(runtime): migrate to the official Zeebe Spring SDK chore(deps): migrate to the official Zeebe Spring SDK Aug 28, 2024
github-advanced-security[bot]
github-advanced-security bot found potential problems Aug 28, 2024
View reviewed changes
...runtime-spring/src/main/java/io/camunda/connector/runtime/secret/ConsoleSecretApiClient.java
@@ -62,10 +59,10 @@
}

public Map<String, String> getSecrets() {
LOGGER.debug("Loading secrets from " + secretsEndpoint);
LOGGER.debug("Loading secrets from {}", secretsEndpoint);

Check failure

Code scanning / CodeQL

Insertion of sensitive information into log files High

This
potentially sensitive information
Loading
is written to a log file.

Copilot Autofix AI 8 days ago

To fix the problem, we should avoid logging the secretsEndpoint directly. Instead, we can log a generic message indicating that secrets are being loaded without revealing the endpoint. This approach maintains the logging functionality for debugging purposes without exposing potentially sensitive information.

  • Modify the log message on line 62 to remove the secretsEndpoint.
  • Ensure the new log message still provides useful information for debugging without exposing sensitive details.
connector-runtime/connector-runtime-spring/src/main/java/io/camunda/connector/runtime/secret/ConsoleSecretApiClient.java

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/connector-runtime/connector-runtime-spring/src/main/java/io/camunda/connector/runtime/secret/ConsoleSecretApiClient.java b/connector-runtime/connector-runtime-spring/src/main/java/io/camunda/connector/runtime/secret/ConsoleSecretApiClient.java
--- a/connector-runtime/connector-runtime-spring/src/main/java/io/camunda/connector/runtime/secret/ConsoleSecretApiClient.java
+++ b/connector-runtime/connector-runtime-spring/src/main/java/io/camunda/connector/runtime/secret/ConsoleSecretApiClient.java
@@ -61,3 +61,3 @@
   public Map<String, String> getSecrets() {
-    LOGGER.debug("Loading secrets from {}", secretsEndpoint);
+    LOGGER.debug("Loading secrets from the configured endpoint.");
     try (CloseableHttpClient httpClient = HttpClientBuilder.create().build()) {
EOF
@@ -61,3 +61,3 @@
public Map<String, String> getSecrets() {
LOGGER.debug("Loading secrets from {}", secretsEndpoint);
LOGGER.debug("Loading secrets from the configured endpoint.");
try (CloseableHttpClient httpClient = HttpClientBuilder.create().build()) {
Copilot is powered by AI and may make mistakes. Always verify output.
@chillleader chillleader mentioned this pull request Aug 29, 2024
Open
@chillleader chillleader added this to the 8.7.0-alpha1 milestone Sep 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@chillleader chillleader

Labels
None yet
Projects
None yet
Milestone
8.7.0-alpha1
Development

Successfully merging this pull request may close these issues.

Migrate to the official Zeebe client and standalone Operate client
1 participant
@chillleader