git.opendaylight Code Review - odlparent.git/log

Intro. @Nullable / @NonNull (and @NonNullByDefault) "type" annotations

These are "better" than those in package javax.annotation from FindBugs
(JSR-305), because they are (newer) @Target({ TYPE_USE } annotations,
which can annotate more places than similar older annotations.

FYI: I'll start to use these annotations in some work I'm doing, and
annotate some ODL code with these - just because they are more flexible
than FindBugs' annotations.

FTR: This is *NOT* a jab at FindBugs - I love FindBugs and will strongly
support its introduction in OpenDaylight; as I have for Checkstyle.
FindBugs does a lot of interesting and useful static code analysis in
addition to null analysis, all of which will add value to code quality
in ODL.  I just happen to think that specifically for null analysis, not
other checks, FindBugs is not the best game in town (anymore); and both
Eclipse and probably IntelliJ's (which I know very little about) are
superior (now); and e.g. https://sourceforge.net/p/findbugs/bugs/1355/
seems to confirm this.

Please note that the fact that this has "org.eclipse.jdt" in its name
does *NOT* in any way tie this (only) to "Eclipse" as in the IDE per se!
Eclipse does indeed now have native built-in support for static null
analysis (which BTW FYI can also be run on the command line, outside of
the IDE...), but putting these annotations on code does NOT "tie" ODL in
any way to Eclipse ... these are JUST annotations, which presumably
(hopefully) e.g. IntelliJ is flexible enough to be configured to use as
well (an IntelliJ user should ideally test and confirm this).  They are
just better, more modern, versions of this kind of annotations than are
available elsewhere (we could even define our own in ODL; but why would
we).

There is no strong technical need for us to exclusively use only these
annotations in ODL; at least Eclipse' null analysis supports several
types (and so does IntelliJ presumably; FYI in Eclipse, one type has to
be designated the "primary", but AFAIK it can be configured for interop.
compatibility with code annotated with the other, older,
javax.annotation @Nullable / @NonNull from FindBugs (JSR-305) as well).

This is a very small new JAR with only 4 annotations in it related to
static code analysis for null-ability.  Its declared <scope>provided, so
it can be used at compilation time, but doesn't end up in the shipped
product.

Change-Id: Ie60241a3b7b0845496d3af8393db2661720f5394
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

BUG-7053: Add SCM connection

Change-Id: Ia99773bafbc499c089b686776aec916ac005500c
Signed-off-by: Robert Varga <rovarga@cisco.com>

Blacklist the Triple DES cipher suite

In reaction to CVE-2016-2183 [0], this disables the Triple DES cipher
suites. JCA nomenclature denotes this using "DESede".

[0] https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2183

Change-Id: I27c0b65bbe07be2ef7664fb7dc023ceb8aa4f551
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>

Add configuration and execution to FindBugs plugin

Added the appropriate configuration and execution to the FindBugs plugin
so it can run during compile phase and report violations. failOnError is
set to false by default so it doesn't fail the build. Projects can override
this setting if they want enforcement.

Also added a findbugs project (similar to checkstyle) that defines the rule
filters to exclude. I added one to exclude b/c it's of low priority
and is a common pattern used in ODL. I also added package exclusions for
yang-generated classes and protobuff-generated classes.

Change-Id: Ie01507a23990280d4bee8c2aefdc6c2293a3c6db
Signed-off-by: Tom Pantelis <tpanteli@brocade.com>
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Unfork the appropriate karaf bin files

In Boron based OpenDaylight, karaf 3.0.7 was used. Karaf 3.0.7 was susceptible
tot he following bugs:

KARAF-4564 - Can't start karaf using symbolic link
KARAF-4566 - "karaf" script invokes /bin/sh but requres /bin/bash functions

In order to avoid an entire container upgrade, the bin scripts were forked with
appropriate fixes to temporarily alleviate the aformentioned issues.

Karaf 3.0.8 fixed the aformenentioned issues. This change removes the appropriate
forked scripts, as they should now be fixed in upstream karaf.

The following scripts were determined to be unnecessary forks:
* client, shell, start, status and stop

The following scripts were determined to be necessary forks:
* instance* (they load odl.java.security)
* karaf (enforces Java 8, enables heap-dumps on OOMs, loads odl.java.security)
* karaf.bat (includes a workaround for Equinox on Windows 10 and loads odl.java.security)
These five files will remain forked for the forseeable future.
* setenv* (set up java max memory to appropriate value for ODL)

Change-Id: I769b30b1661a1fb8daec4de8b7cf170d1edcba7c
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>

Upgrade Apache Shiro from 1.3.1 to 1.3.2

Upgrades Apache Shiro to the newest release (September 2016). This includes
the following bugfixes:

SHIRO-577 Fixes bug allow enabling of SessionValidationScheduler when set
via setSessionValidationScheduler

Release notes are not currently available, but this information was determined
through looking at the Apache Shiro git commit history.

Change-Id: I0cc2983df285402a93b8887410c53f98a6bd8a3e
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>

Upgrade maven-jar-plugin 3.0.0 -> 3.0.2

Release notes for 3.0.1:
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317526&version=12335708

Release notes for 3.0.2:
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317526&version=12336062

Change-Id: Ie214fea2fb51c2467b99e9c10a59c6d9a8f3e7a0
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Upgrade build-helper-maven-plugin 1.10 -> 1.12

Release notes:
http://www.mojohaus.org/build-helper-maven-plugin/github-report.html

Change-Id: Ifda76e4447e8ea2373b712132229c52154da6d9f
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Upgrade maven-javadoc-plugin 2.10.3 -> 2.10.4

https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317529&version=12331967

Change-Id: I1075c75f620b53f8fa6857d69226a0498c973a72
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Upgrade maven-plugin-plugin 3.4 -> 3.5

http://maven.40175.n5.nabble.com/Apache-Maven-Plugin-Tools-3-5-Released-td5879432.html

Change-Id: Id730c854f0e19276ca4b2b47cfded3030edc42fb
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Upgrade maven-source-plugin 3.0.0 -> 3.0.1

https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317924&version=12335588

Change-Id: I80c471511263ca727ed65779eb5d28ef12f94172
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Bug 647: Use bin/karaf arguments as JVM arguments

This is just a convenience for users,
so that they do not have to manipulate JAVA_OPTS.

Using JAVA_OPTS requires user to know DEFAULT_JAVA_OPTS,
this change only appends to default options (possibly overriding them).

Example usage:
$ bin/karaf -Xmx4g -DmySystemProperty=foo

Change-Id: Ice07a9c3a2c9455d622722498f3433501091728e
Signed-off-by: Vratko Polak <vrpolak@cisco.com>

Disable stack trace trimming

We use exception chaining quite extensively, which means
that full error details are not visible when the stack trace
is trimmed.

Change-Id: If55f22ed9771d7c14c9787bccd2d7439e2e1ce98
Signed-off-by: Robert Varga <rovarga@cisco.com>

Intro. FindBugs' full :annotation (in addition to existing :jsr305)

Having both of these is a required intermediate step, in order to switch
completely over to :annotation instead of :jsr305, which would be
preferable, because these two JARs define the same annotations and
overlap, which is never great.

This change will allow all downstream projects to gradually switch their
<dependency><groupId>com.google.code.findbugs from <artifactId>jsr305 to
<artifactId>annotations in all pom.xml. They will NOT have to adapt any
code, because the actual Java types are exactly the same (just from a
different Maven artefact).

When all downstream projects have switched over, then we'll replace what
this change added by the cleaner "real" solution prepared in
https://git.opendaylight.org/gerrit/#/c/47337/

see also discussion in https://git.opendaylight.org/gerrit/#/c/46914/

Change-Id: Ib026cd0338b263bb9663f2d1fa2a6cb167d6f136
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

BUG-6705: remove enunciate-maven-plugin

With the removal of enunciate-parent from controller,
enunciate-maven-plugin is no longer used anywhere in ODL, so let's
remove it.

This depends on https://git.opendaylight.org/gerrit/47080

Change-Id: Ifde699521a9e1db71013445b614b8892b65e7472
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Replace target/ by ${project.build.directory}/ to make target-ide/ possible

Change-Id: Ia4f9508c3db4aac94f00b861cfef0669b7c15ef7
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Upgrade commons-lang3 3.4 -> 3.5

The release notes are at
http://www.apache.org/dist/commons/lang/RELEASE-NOTES.txt

Change-Id: I0f27a25031e28d3081546297a492c1ad4b4ec9ec
Signed-off-by: Stephen Kitt <skitt@redhat.com>

BUG-6652: generate features.xml with karaf-maven-plugin

features.xml can be generated from POM information; this allows us to
produce features which are simultaneously Karaf artifacts and Maven
artifacts. Thus downstream projects can simply depend (at a Maven
level) on Karaf features — this automatically gives the correct Maven
dependencies at build and test time, and the correct Karaf feature
dependencies at run time.

Karaf 3.0.8 now includes enough features handling improvements to
produce useful results here. This patch preserves old features for
backwards-compatibility, which results in some inelegant feature
names; the intention is to allow experimentation in downstream
projects without breaking anything.

This patch introduces two new parent POMs: single-feature-parent is
intended for modules packaging a single feature, feature-repo-parent
for modules packaging a repository of features. SingleFeatureTest is
used to test the feature repositories — this ensures that the features
we ship are tested. single-feature-parent doesn't run
SingleFeatureTest to avoid testing features twice.

Change-Id: I2858891618360710a13756dbd4d005aa1a48c703
Signed-off-by: Stephen Kitt <skitt@redhat.com>

odlparents-artifacts is a POM

If we don't specify its packaging, Maven complains that we're
producing an empty JAR.

Change-Id: I0414f28f28f4dee396fc41d036cab5e69608b663
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Have slf4j-simple as an "always there" <scope>test dependency.

The "always there" as in always, literally, not just in
<dependencyManagement>. This makes sense because in (unit and
component, not integration) tests you want logging to "just work" - you
don't want to have to remember to add slf4j-simple yourself as a
dependency every time (and you certainly don't want to have to add
logback every time, and configure it with an XML or properties; for
every project).

Also the problem with manually adding a slf4j-simple dependency to
projects with tests is that there is a risk of it getting accidentally
removed, because "mvn dependency:analyze" will find it's "not needed";
as happened e.g. in
https://git.opendaylight.org/gerrit/#/c/45090/6/vpnservice/aclservice/impl/pom.xml

Change-Id: I5af53bbd8d69ad5cebac08f97225c2f9cbe60ab7
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Allow '_' in checkstyle PackageName rule

The JLS allows '_' in package names but the default checkstyle regex
pattern for the PackageName rule doesn't. Underscores shouldn't normally
be used but the yang code generator can generate package names with
underscores. We can exclude most yang-generated code from checkstyle but
the CSS code generator places some classes under src/main/java to be
completed (ie *Module classes) so we need the regex pattern to allow
underscores.

Change-Id: I14fdb1955499d5684b1bdaeabd188f7d425caf60
Signed-off-by: Tom Pantelis <tpanteli@brocade.com>

Copy in supporting bouncycastle PKIX/CMS/EAC/PKCS/OCSP/TSP/OPENSSL packages

Since we already ship the Bouncy Castle Provider (bcprov-jdk15on) in lib/ext,
we should also ship the other key exchange packages. Bouncy castle provides
these packages in bcpkix-jdk15on. This change adds the bcpkix-jdk15on
dependency, and an appropriate action to copy the library into lib/ext, very
similar to how the bcprov-jdk15on is copied.

Change-Id: Id706f58c8f56193a717013ffc5446643004045ad
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>

Bump the bouncy castle version to the latest, 1.55

Bumps the bouncy castle version to the latest, version 1.55. Specifics
regarding what was fixed can be found in the bouncy castle release notes:

http://www.bouncycastle.org/releasenotes.html

Change-Id: Iad9b000d15be91781c3de7501cce6c8e95cefb09
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>

Complete enforcer setup in odlparent-lite

We need to specify the plugin version and ignore it in m2eclipse.

Change-Id: Ied2769679be6e58f0299120b513693d66d2185e5
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Add maven-antrun-plugin to m2e lifecycle mapping

Change-Id: Ib28a8b6d8e576186673ca1fa7637f0eda8c84659
Signed-off-by: Lorand Jakab <lojakab@cisco.com>

Move maven-enforcer-plugin from odlparent to odlparent-lite

That way it's detected earlier, e.g. Maven version mismatch is already
flagged up to end-users on their root parent project (which has
odlparent-lite as parent), and only a little later on the first Java
project (which have odlparent as parent).

Change-Id: I9c285fc45ffc0a82e8375a2b77dc89da19238033
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Bump maven-javadoc-plugin version from 2.10.3 to 2.10.4

Not just for fun, but because I've just figured, through trial and
error, that this fixes a weird problem seen in the failed builds of
https://git.opendaylight.org/gerrit/#/c/46206/ - the older 2.10.3 seems
to have some bug which causes it to choke on finding references between
(two different kinds of) generated code in JavaDoc gen. and the 2.10.4
upgrade magically fixes it (I've locally tested this).

Note that we seem to have our maven-javadoc-plugin version defined in
two places, which is a bit of a shame (and very confusing at first). I
wanted to get this bump merged in ASAP, with minimal side effect, so in
this commit have just changed both places. A follow-up commit which
unifies this into a single place for the next time around would be cool.

Change-Id: Ie2c35f4a7dea357eed5ce8b72c9e757dbdf85565
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

odlparent/pom.xml: Parameter tasks is deprecated

remove maven warning by replacing tasks with target
> [WARNING] Parameter tasks is deprecated, use target instead

Change-Id: I6cf82b1760e711de60dd836024b6e67239214c2c
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>

Upgrade jsonassert 1.2.3 -> 1.3.0

Change-Id: Icf7717624601182e96ae21821d50131e059b63ac
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Upgrade webcohesion enunciate 2.1.1 -> 2.6.0

Enunciate 2.2.0 adds support for Spring Web annotations and fixes a
number of bugs:
https://github.com/stoicflame/enunciate/issues?q=milestone%3A2.2.0+is%3Aclosed

Enunciate 2.3.0 fixes a number of bugs:
https://github.com/stoicflame/enunciate/issues?q=milestone%3A2.3.0+is%3Aclosed

Enunciate 2.4.0 includes many bug fixes and enhancements:
https://github.com/stoicflame/enunciate/issues?q=milestone%3A2.4.0+is%3Aclosed

Enunciate 2.5.0 includes minor bug fixes and support for Spring's
@ModelAttribute:
https://github.com/stoicflame/enunciate/issues?q=milestone%3A2.5.0+is%3Aclosed

Enunciate 2.6.0 includes support for Bean Validation annotations and
Jackson annotations, and fixes a number of bugs:
https://github.com/stoicflame/enunciate/milestone/13?closed=1

Change-Id: Ic61354408b64089d228cb89a7f13e11874ecf5d5
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Bump enforced Maven version to 3.3.9+

Also, remove enforcer section from karaf-parent,
as odlparent:odlparent already sets strong enough requirement.

Change-Id: I6952b1a5bfd98180ea9f6fc598029163780ffa9a
Signed-off-by: Vratko Polak <vrpolak@cisco.com>

Work around apparent Checkstyle bug re. JavaDoc in package-info.java

We have earlier agreed to, and aligned our Checkstyle rules accordingly,
not enforce JavaDoc presence, just validate its content if it's present.
However, we are still enforcing every package-info.java (of which we
have almost none..) to have a JavaDoc.

While experimenting with plastering package-info.java into EVERY package
everywhere (to have an annotation @NonNullByDefault package in it..),
I don't want to put in bogus empty JavaDoc into every package just to
satisfy Checkstyle, that would be ridiculous.

Related to https://github.com/checkstyle/checkstyle/issues/3416

Change-Id: I397763f9e09bc7db009ade5da1a5b35bdc518169
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Bug 6790: use non-blocking /dev/urandom

Set Karaf up to use /dev/urandom (where available) instead of
/dev/random, to avoid blocking (and failing incoming SSH connections)
in low entropy situations.

Bug: 6790
Change-Id: I17c5681151a4bb6c61def952a7898b018d3ece86
Signed-off-by: Michael Vorburger <vorburger@redhat.com>
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Revert "Bump akka to 2.4.10"

This reverts commit 6ef4fcc3b02cb261afa0fd6fb615e4f5f9002d95. (The upgrade breaks controller.)

Change-Id: I6af4777350c0254f95b2acc52a5657f54091984a
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Bump akka to 2.4.10

Not so much it would impact us, but it is still good to keep
up with upstream.

Change-Id: Idaea34037e190378abe821be015506083306cd0a
Signed-off-by: Robert Varga <rovarga@cisco.com>

Add org.apache.karaf.shell.console

This is useful for projects implementing Karaf CLI commands.

Change-Id: Id08c52d66a1992ba1645fb1691be4f967088d82f
Signed-off-by: Stephen Kitt <skitt@redhat.com>

BUG-6341: add Cassandra and Coda Hale Metrics

(io.dropwizard is Metrics' new home. These releases are
backwards-compatible.)

Change-Id: Id8bfc25548238b806f10771b86f478249d84faef
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Enable Blueprint annotation support

This enables injection annotations everywhere. To activate Blueprint
annotation support (which generates an autowire.xml Blueprint file),
projects need to add

    <build>
        <plugins>
            <plugin>
                <groupId>org.apache.aries.blueprint</groupId>
                <artifactId>blueprint-maven-plugin</artifactId>
            </plugin>
        </plugins>
    </build>

and

    <dependency>
        <groupId>javax.inject</groupId>
        <artifactId>javax.inject</artifactId>
    </dependency>

The generated XML file is moved to org/opendaylight/blueprint so it is
loaded alongside other Blueprint descriptors.

Change-Id: I4423f691ca5c475e8d14f5210d61855a7ddc2328
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Bug 6730: Upgrade Apache Shiro to the latest compatible release

Upgrade Apache Shiro to the latest release. 1.X stream contains
only compatible changes.

Change-Id: I3b89215842f469bea21fba3ca86589501cd516bc
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>

BUG-6712: fix bin/shell's classpath

bin/shell is duplicated from Karaf, but needs ${karaf.version} instead
of ${project.version} to define its classpath.

The correct long-term fix is to drop bin/shell and rely on upstream's
version (https://git.opendaylight.org/gerrit/45546); this patch is
intended for cherry-picking to Boron.

Change-Id: I91658bc9068119aa29d0b3a93d9fce53cfe9d9c6
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Intro. Google Guice DI with JSR-250 Extensions from Mycila

See https://github.com/mycila/guice/ & https://github.com/google/guice

See https://github.com/mycila/guice/issues/11 re. <version>4.0.rc1

This is already used in aclservice-impl for the first end2end test.

Intentionally <dependencyManagement> only with <scope>test, for now, as
it's not required at RT, yet. (When it will be, then we'll look at OSGi
MANIFEST.MF, and a Karaf feature; later. For the time being the
intention is to use Guice for more end2end style tests.)

Change-Id: Ia4c99a958ee0a5d687a311936693501a2a68c36d
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Upgrade karaf from 3.0.7 to 3.0.8

Change-Id: Ieb3e4424a84332d6bd4c1d12e62e6eba50440874
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>

Enable JSR-305 annotations everywhere

Change-Id: I1f0b62a629f206957cdcd928d1f0b5ae8cb97ec9
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Upgrade gson 2.3.1 -> 2.7

Change-Id: I09c99491b259939603639cdea165253ce2848ade
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Bump akka-companion netty to 3.10.6

This is the latest bugfix release, possibly even
improving performance. Changelog is at
https://github.com/netty/netty/issues?q=milestone%3A3.10.6.Final

Change-Id: I67232fec57864cad01f8702f61e910ad098ed6f7
Signed-off-by: Robert Varga <rovarga@cisco.com>

Bug 6278: Move opendaylight-karaf-empty to odlparent

Move opendaylight-karaf-empty from controller to odlparent.  As with
moves of other artifacts, the following process will happen:

1) Copy opendaylight-karaf-empty into odlparent and adjust the groupId.
   This patch handles the copy work.

2) Change opendaylight-karaf-empty in controller to derive from
   odlparent's opendaylight-karaf-empty

3) Change references to use the artifact added in #1.

4) Deprecate and remove controller's opendaylight-karaf-empty.

This patch just handles the initial groundwork outlined in #1.

Change-Id: I824e61280784409194840ba54bdc0a6a10f0368f
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>

Remove a few unneeded braces

This avoids maven picking up certain properties (i.e., JAVA_HOME)
and replacing with build time value.

Change-Id: I5a7b0a7e5c8698cfb1469420b8bb358857c3e449
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>

Upgrade Karaf 3.0.6 -> 3.0.7

https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12334639
has the details; in particular this should fix
https://issues.apache.org/jira/browse/KARAF-4502 (the SSH key
negotiation failure).

This upgrade also pulls in newer versions of Aries Blueprint.

Change-Id: I475281cc9e422bfdd7574c23457259133593966d
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Bug 6341 Remove copy of dependencies from karaf-parent

It appears that a lot of bloat is based on the manner in which the transition of
integration/distribution/distribution-karaf was transitioned to using karaf-parent.

There-in lies a tale.  Way back in Helium days... we used a 'dependency' hack for populating system/.
It basically just copied all the dependencies into system/ from the whole shebang.  This had two issues:

a)  Massive overinclusion , as you don't need most of the maven dependencies.
b)  Maven only ever copies *one* version of a thing via the maven dependency mechanisms... so *any* version skew borks you.

To fix this, in Li timeframe I wrote karaf-plugin.  Karaf-plugin walks the features.xml files
and makes sure that we have the needed bundles so all possible features can run.  This radically
reduces the overinclusion, as you are only pulling in the stuff you actually need.
It also solves the version skew problem... which is important because while we don't *want* version skew... it happens.

Because we were at the end of Li, and I did not wish to possibly break someone's
project local distribution, I *only* deployed karaf-plugin to integration/distribution, *not* to karaf-parent.

Since then, others have done good work on karaf-parent (and migrated it to odlparent).
Many thanks to them.  As part of that work, integration/distribution was migrated to use
karaf-parent (again, a good thing).

*But*... this suddenly caused integration/distribution to start doing massive overinclusion again (not good) :(
This appears to account for around 100mb of our size growth since Be.

The correct solution here IMHO would be:

a) To remove the dependency copying behavior of karaf-parent
b) Have the karaf-parent use karaf-plugin

Note: If you do #a without #b... you will likely break the project local distributions.

Sadly, doing #a and #b puts us back in the late breaking change that might impact the
project local distributions place I decided to avoid in Li.  However,
we now have a couple of releases of experience with the karaf-plugin, and thus the risk is somewhat lower.

This patch does #a and #b.

PatchSet #5: Fix karaf-plugin to also install bundles listed in startup.properties as well.

Change-Id: Ie4d99e86cf364fd4fc6d7d99622991133fa3e006
Signed-off-by: Ed Warnicke <eaw@cisco.com>
Signed-off-by: Robert Varga <rovarga@cisco.com>

Bump versions by 0.1.0 for next dev cycle

Change-Id: I5d0c92a382129f35ed2cefe407720a30d1e1332b
Signed-off-by: Thanh Ha <thanh.ha@linuxfoundation.org>

Add a workaround for Karaf not recognizing Windows 10

* Adjusts Karaf(Equinox) properties on startup to allow running on Windows 10
* This fix will be obsolete once we update Karaf to a version
with w10-compatible Equinox
* Equinox commit needed for a permanent fix:
https://github.com/eclipse/rt.equinox.framework/commit/5ebd8e732dcca11efc03ac4721e1909565caf679

Change-Id: Ide7cf4600a83dd379a7bb2811735e1980dc0887c
Signed-off-by: Martin Dindoffer <martin.dindoffer@pantheon.tech>

Add more logging from karaf

When a feature fails to install, we would really like
some context to the failure. This option will result
in an additional warning with exception being logged.

Change-Id: I44d44f1905e9b2f400dc31b33473b16d839b9874
Signed-off-by: Robert Varga <rovarga@cisco.com>

Add relativePath to karaf poms

Change-Id: I4176f2fdb4ed57d5c69c2b2eac01765c53ddf0e2
Signed-off-by: Vratko Polak <vrpolak@cisco.com>

Add an explicit comment about CPD being brain-dead

This is a follow-up to the reverted CPD commit. Appropriate
configuration is added to mdsal's binding parent.

Change-Id: I38616d2e1b7e4340d31bb977d07c2e7858a352ca
Signed-off-by: Robert Varga <rovarga@cisco.com>

Remove tcpmd5 even from comments

Change-Id: I5a4510d964b017871004c0096f2114775e113db4
Signed-off-by: Vratko Polak <vrpolak@cisco.com>

Remove a few unneeded braces

This avoids Maven picking up certain properties in some circumstances
(e.g. ${PWD} getting replaced by the current directory at
build-time).

Change-Id: I33e664605d9b715295fbc0214fa384f8c1177be6
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Revert "Do not run CPD on anything in target/generated-sources"

This breaks the lispflowmapping build.

This reverts commit ef60163bb91025f24881897e8916902187207d02.

Change-Id: I55715d0796620fe95371728babf4935909112db8
Signed-off-by: Lorand Jakab <lojakab@cisco.com>

BUG-6027: merge upstream realname fix

This patch syncs the startup scripts with Karaf 3.0.6 and adds the
upstream fix to handle symlinks (see
https://git-wip-us.apache.org/repos/asf?p=karaf.git;a=commit;h=5bbaf71814df514b112cbe8cd73ba57fefdc869f
for details).

Once we upgrade to a version of Karaf which includes this fix, then
client, shell, start, status and stop should be deleted.

Change-Id: I82efe6d29206c37bc46a08bc367342d63dea51c9
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Do not run CPD on anything in target/generated-sources

From layering perspective odlparent does not know anything
about mdsal, hence it must not make any special handling
for its behavior.

What it can do is to say that we simply do not CPD any
source that is generated -- which is actually the correct
thing to do.

Change-Id: If325f2c1da00fdba8f337f6b75fb860ac86797fa
Signed-off-by: Robert Varga <rovarga@cisco.com>

Add odl-triemap feature

The TrieMap bundle is being packaged by multiple projects.
provide a separate package so it can be reused.

Change-Id: If29bec69ef4b06fd32346d150a378c69be0b222d
Signed-off-by: Robert Varga <rovarga@cisco.com>

Add maven-cpd-plugin to m2e lifecycle mapping

Change-Id: Ie564815a81a28da608d5e1ef8577df97706a3c7a
Signed-off-by: Lorand Jakab <lojakab@cisco.com>

Add missing properties for startup scripts

The Karaf startup scripts use a number of Maven properties; this patch
copies the values used in Karaf 3.0.6.

Change-Id: I4d2a3e0ae98955c32cc07af2713f6c759a8c4fb5
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Do not specify MaxPermSize

In Boron we only support Java 8, which does not need
this deprecated option. Remove it.

Change-Id: Iad00670c2298ac105fa078d26e6520bd0bdf832b
Signed-off-by: Robert Varga <rovarga@cisco.com>

Bug 6187: Force more maven resolution in karaf-plugin

Especially concerning level 1 feature repository dependencies.
This fixed Bug 6187 in my local testing.

+ Improve logging.

Change-Id: Ie973e3669510061afd59a6c9d22f7a9161f0bd13
Signed-off-by: Vratko Polak <vrpolak@cisco.com>

Eliminate karaf.resources.version

This property is only used once, inline it in dependency
declaration.

Change-Id: I618ead3ad2a4232e8f41283ddd68649c78f2601d
Signed-off-by: Robert Varga <rovarga@cisco.com>

Bug 6278: Delete incorrect start script

This version doesn't work, the version provided by Karaf does.

Change-Id: I694e926d1917951708ed9740b51ad38f4b826de9
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Remove duplicate karaf-branding declaration

scope=compile is the default, hence elimite the duplicate
which emits a maven warning.

Change-Id: Id352a6a11008effec98371d8f4e48ec95df60b41
Signed-off-by: Robert Varga <rovarga@cisco.com>

Include README and CONTRIBUTING & PROJECT_INFO.yaml files in built JARs

Bug: 4134
Change-Id: I455c815270a2f71f12ecd78727461e4403009850
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Enable the license checker on src/test/** files

Should be merged once all the Boron projects merged their patches first.
See:
https://git.opendaylight.org/gerrit/#/q/status:open++topic:fix-license

Change-Id: I067c5034bf5b9897d030700f3956a0cbc2abce06
Signed-off-by: Thanh Ha <thanh.ha@linuxfoundation.org>

Bug 6278: Copy karaf-parent from controller to odlparent

As discussed in the MD-SAL call, there is an architectural need to move
karaf-parent from the controller project to the odlparent project.  This
is particularly useful for karaf upgrades, since right now a bump in karaf
version within odlparent requires a rebuild of controller to reflect the
change in karaf-parent, and our build jobs are not set up to support such
a process.

The move process will be handled in multiple steps:

1) Copy karaf-parent, karaf-branding and opendaylight-karaf-resources to
odlparent.  All three of these should belong in odlparent.  All three must
be moved since karaf-parent depends on the latter two artifacts.  Since
controller depends on odlparent (and not the other way around), they must
be moved upstream to odlparent.  [THIS PATCH]

2) Have controller's karaf-parent derive from odlparent's karaf-parent.
This preserves the ability for downstream consumers to derive from the
controller karaf-parent in the interim, while allowing changes to odlparent's
karaf-parent to be recognized since controller does not need to be rebuilt.

https://git.opendaylight.org/gerrit/#/c/42649/

This also involves removing karaf-branding and opendaylight-karaf-resources
from the controller project, since they are no longer needed.  There are two
consumers that need to be patched:
lispflowmapping: https://git.opendaylight.org/gerrit/42647
vtn: https://git.opendaylight.org/gerrit/42648

3) Change all downstream projects to utilize odlparent's karaf-parent.  This
is future work and will be done in several patches.

4) Remove controller's karaf-parent once we feel all downstream consumers
are using the odlparent's karaf-parent.

Change-Id: If2cdb2796a0649dbea5e289d35a95647eb3bdb60
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Upgrade pax-url-aether 1.5.0 -> 2.4.7

In particular this removes an old dependency on httpclient 3.1 which
suffers from CVE-2012-6153 and CVE-2014-3577 (SSL MITM attacks).

Add a few missing dependencies (which used to be pulled in by
pax-url-aether).

Explicitly scope feature-test's dependencies.

Change-Id: I9430f2f646ea050359a9c52bd978d8fb6c6a01e5
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Activate PMD CPD by default

The new Copy-Paste detector which I recently introduced in
c5cfbc434448b646fd93a89e0928111e2a4d500c and announced on
https://lists.opendaylight.org/pipermail/odlparent-dev/2016-July/000443.html
would probably be of more value if it was actually on by default, and
not just dormant in an pluginManagement doing nothing? ;-) Note again
that this will never break a build - just log; unless enforcement is
enabled (same model as for Checkstyle).

Change-Id: I07b90dfb5a9c3f724eba77d2b87e08c25699c8b6
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

maven-compiler-plugin javac -parameters

Quote e.g.
https://docs.oracle.com/javase/8/docs/technotes/tools/windows/javac.html:
"Stores formal parameter names of constructors and methods in the
generated class file so that the method
java.lang.reflect.Executable.getParameters from the Reflection API can
retrieve them."

The XtendBeanGenerator successfully uses this Java feature, and in order
to be able to use this across all projects, this should be the new
default setting in odlparent.

AFAIK some IDEs can now also leverage this to offer better default
method parameter name e.g. on @Override. Dito AFAIK some other
libraries, such as e.g. Jackson JSON stuff, may also be able to benefit
from this and need less annotations, if present. I do remember that
e.g. Spring Framework can leverage this for it's REST thing - it saves
you from having to say: void foo(@ParamName("bar") int bar) kind of
thing.

I can't think of any real downside.. I'm guessing that it leads to an
ever so slight increase in .class and thus JAR file size (logical), but
that seems a very small disadvantage, and fair price to pay, for the
benefit.

Change-Id: I24015bd00b777c0a68fcf17316a13a86dd1251df
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Add sensible defaults for metadata required for Maven Central deployment

Change-Id: I15d09744aede2e54b5c4f63167777ab6b98600eb
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Checkstyle now also covers src/test/java & src/test|main/resources

But license headers are not enforced in src/test/java - not because that
wouldn't be nice, but just because it is way too much work to fix up
everything - I've tried, and then realized that's not realistic.

Change-Id: I66bcca1c8a54cb8a242579884a33032eba3ee100
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Checkstyle new rule ConstantName

Change-Id: I2497c871880139142fc79cb05b677eb2629dce94
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Checkstyle IllegalThrows with ignoreOverriddenMethods

The default is true, and for good reason; it was stupid of me to
originally have used ignoreOverriddenMethods = false.

This is because when you @Override a method, you cannot do anything
anymore about its throws clause - you have to comply with what you are
overriding.

Based on doing some real world Checkstyle clean up work and noticing
that this was wrong.

Change-Id: Ifbfd677074d7b84cbea52f5ca520791d648def75
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Add NoCleanIfFailure option to SingleFeatureTest

This will as shown much clearer errors in case of SFT failures; e.g.
"java.lang.IllegalStateException: Can't install
feature odl-integration-compatible-with-all/0.5.0-SNAPSHOT:
Could not start bundle mvn:org.opendaylight.snmp4sdn/snmp4sdn/0.4.0-SNAPSHOT
in feature(s) odl-snmp4sdn-snmp4sdn-0.4.0-SNAPSHOT: The bundle
"org.opendaylight.snmp4sdn_0.4.0.SNAPSHOT [504]" could not be resolved.
Reason: Missing Constraint: Import-Package: org.opendaylight.controller.sal.packet; version="[0.7.0,1.0.0)""

as shown on https://lists.opendaylight.org/pipermail/odlparent-dev/2016-July/000467.html

Change-Id: I5b5df8807e87c76975598a0f3311010b781227c6
Signed-off-by: Yakir Dorani <yakir.dorani@hpe.com>

Option to performance profile SingleFeatureTest

with Java Mission Control FlightRecorder

via -Dkaraf.featureTest.profile=true

Change-Id: I7450f44bb4543718253bda742d111c5050d5bf2b
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Quick (-Pq) should skip running tests, but not building them

Change-Id: Ie537fc006265da0492f8bf620a73280301af91e2
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Intro. Google Truth into dependencyManagement

see http://google.github.io/truth/. This seems neater than Hamcrest in
particular for tests on Iterables (Collections). For example, in
Hamcrest:

assertThat(Arrays.asList("foo", "bar"), contains("foo", "baz")); // OK

assertThat(Arrays.asList("foo", "bar"), contains(Arrays.asList("foo",
"bar"))); // NOK! :-( because contains only works for vararg not List

whereas with Google Truth:

assertThat(Arrays.asList("foo", "bar")).
containsExactlyElementsIn(Arrays.asList("foo", "baz"));

==> AssertionError: Not true that <[foo, bar]> contains exactly <[foo,
baz]>. It is missing <[baz]> and has unexpected items <[bar]>

also see http://google.github.io/truth/comparison

Change-Id: Iac121b302179e64c8cbd339b6f027582abfdd822
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Increase enforced Maven minimal version from 3.1.1 to 3.2.5 (no upper)

as discussed on [odlparent-dev] thread "Re: Introducing PMD Copy/Paste
Detector (CPD)"

Change-Id: I6c1e32029ba993849a368d832a48a442cd396053
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Introduce PMD Copy/Paste Detector (CPD)

Take II - is using <excludeRoots><excludeRoot> better? (We tried this
before and had to revert, despite it passing on Jenkins; very strange.)

Like Checkstyle, this by default only reports to the console during
(local..) builds, but does not enforce it - builds will NOT fail with
this. Then projects ready to "opt-in" for CPD enforcement can use:
<properties> <pmd.cpd.fail>false</pmd.cpd.fail> </properties>

Change-Id: I01de6ce01fe5f7020aae47ee2e9325cdc14e00e4
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Checkstyle java.nio.charset.StandardCharsets instead of com.google.common.base.Charsets

http://blog2.vorburger.ch/2016/06/how-to-use-checkstyle-to-enforce-using.html

Change-Id: Ibdc5520a7700f548e735c569ee8a3c1c9426dcd1
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Revert "Introduce PMD Copy/Paste Detector (CPD)"

This reverts commit 68afa051f302f5f67aedd42bf1ab2f4cc20d75c7.
It breaks build in yangtools: checkstyle fails to parse
configuration and cannot assign String to File[].

Change-Id: I5f9025c1dd79c19f10e8c17a56e270d17cbda043
Signed-off-by: Robert Varga <nite@hq.sk>

Upgrade Felix dependencies

* Dependency Manager 3.1.0 -> 4.3.0
* Dependency Manager Shell 3.0.1 -> 4.0.4
* File Install 3.1.6 -> 3.5.4
* Web Console 4.2.0 -> 4.2.14

Change-Id: I7d499669cf98e0761b92f7cce6b870ebc3f1d7c5
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Introduce PMD Copy/Paste Detector (CPD)

Like Checkstyle, this by default only reports to the console during
(local..) builds, but does not enforce it - builds will NOT fail with
this. Then projects ready to "opt-in" for CPD enforcement can use:

  <properties>
    <pmd.cpd.fail>false</pmd.cpd.fail>
  </properties>

BTW: The "minimumTokens" threshold may take some tuning - let's start
with these approx. 10 line rule, and then adjust it as we see how this
plays out in practice on a number of projects.

Change-Id: If862b8a16db5eed391bb85165987a4302ae44540
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Mark slf4j-api as provided

Since Karaf provides its own SLF4J encapsulation, it might make sense
to simply identify slf4j-api as provided.

Change-Id: I42f2854eec608155b9013ec6756053ea85104ba6
Signed-off-by: Stephen Kitt <skitt@redhat.com>

akka-testkit should be scoped to test

This is a testing framework for testing actor systems,
it should never be carried in production.

Change-Id: I32cd9af660463ee3d981acde29ff635a518b7a88
Signed-off-by: Robert Varga <rovarga@cisco.com>

Checkstyle remove duplicate UpperEll (minor)

Change-Id: I4a557c4b2dc629f6d0544c24b09aa09ea53b673e
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Introduce hamcrest-library, going beyond hamcrest-core, to the stars..

http://www.vogella.com/tutorials/Hamcrest/article.html
https://code.google.com/archive/p/hamcrest/wikis/Tutorial.wiki

Change-Id: If042c21216c62509c37176df647369b1fa2757c5
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Relax Checkstyle for JavaDoc, not mandatory for annotations

Because in at least one instance a project (ovsdb/library;
https://git.opendaylight.org/gerrit/#/c/40967/) has adopted Checkstyle
99% but then disabled enforcement because of lack of JavaDoc in a few
annotation types. This is the wrong way to go about this IMHO; I'd
rather we relax this arbitrary requirement (that even annotations do not
have to have JavaDoc, like everything else), and be able to enforce
Checkstyle in more projects.

Change-Id: I42d1c81aa5ff511c272d39752340dddc5e3b0636
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Intro. Xtend dependencyManagement and Maven plugin

Xtend <http://xtend-lang.org> is already used in ODL's MDSAL project,
and I'd like to start using it in other projects as well (for writing
test code, for now). In order to keep the version of Xtend used
uniform, and to keep child pom.xml shorter re. the xtend-maven-plugin
configuration, it would thus make sense to have this in the ODL parent.

Change-Id: I8356ef07772d3d487b688b5f6789c23a9b698bd2
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Add guava-testlib to dependencyManagement

Guava Testlib has a neat EqualsTester(), and other test helpers.

Change-Id: I843b3f724b545107f0ecf6e3651f2a583fbca820
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Add skip for pmd & cpd to Q

Even though PMD / CPD aren't actually used yet, I'm planning to propose
gradually introducing it, and having this already in Q will help not
forgetting it, and people not complaining. It does not hurt having this
in early.

Change-Id: Ib6021da46129b5e5b9d6c2e79475fbf03ddda199
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Checkstyle rulez for Exception Handling Anti-Patterns

* http://checkstyle.sourceforge.net/config_coding.html#IllegalCatch
* http://checkstyle.sourceforge.net/config_coding.html#IllegalThrows
* http://checkstyle.sourceforge.net/config_design.html#MutableException

and TBD:
* http://sevntu-checkstyle.github.io/sevntu.checkstyle/apidocs/com/github/sevntu/checkstyle/checks/coding/AvoidHidingCauseExceptionCheck.html
* http://sevntu-checkstyle.github.io/sevntu.checkstyle/apidocs/com/github/sevntu/checkstyle/checks/coding/EitherLogOrThrowCheck.html

Includes fixing "Catching 'Exception' is not allowed" in
SingleFeatureTest.

Change-Id: I716bd43573c4431e0276141acfb3eec2195d5aa6
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Checkstyle enforce no redundant modifiers

see
http://checkstyle.sourceforge.net/config_modifier.html#RedundantModifier

Change-Id: I711de6ea9dc374435af5ba7403eef53ff2a99ce8
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Increase SingleFeatureTest timeout from 5 to 10 min.

Bug: 6156
Change-Id: I1f0a887e2e5fbaad9a934558cd13a28ab43ec434
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

SingleFeatureTest PerRepoTestRunner logging

Clarified; description includes feature name which is what you want to
show here, instead of just features.xml. System.out exceptionally used
because, whatever I did, I could never see that log otherwise..

Change-Id: I1cb1873e7eda3dcf2643888251f49cafec4e4dea
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

maven-enforcer-plugin requireJavaVersion 1.8.0

but we should probably move this to odlparent-lite, not just odlparent,
so that it already works for <packaging>pom roots.

Change-Id: Ide367d2697341e791bf1b9516a8937d1833cb35b
Signed-off-by: Michael Vorburger <vorburger@redhat.com>