jenkins-releng [Thu, 26 Apr 2018 22:04:55 +0000 (22:04 +0000)]
Bump versions by x.y.(z+1)
Change-Id: Iaef99b633d261ef4352a4f961edfac8eaa97432a
Signed-off-by: jenkins-releng <jenkins-releng@opendaylight.org>
Robert Varga [Tue, 23 Jan 2018 11:22:31 +0000 (12:22 +0100)]
Bump akka to 2.4.20
https://akka.io/blog/news/2017/06/12/akka-2.4.19-released
https://akka.io/blog/news/2017/08/10/akka-2.4.20-released
Change-Id: I814c2997a44d75eb9abe9c816e21c2baa7211aeb
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
(cherry picked from commit
6972dee687a4be9d046903d16c943c043cc3d07a)
Robert Varga [Tue, 23 Jan 2018 11:18:57 +0000 (12:18 +0100)]
Bump scala to 2.11.12
http://scala-lang.org/news/security-update-nov17.html
Change-Id: I681ff93030e096edeeaa2ab6580affec9ea1b8bd
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
(cherry picked from commit
6b8f0de4518a6fdcf19a5eeb5ac3642b0fb2af00)
jenkins-releng [Fri, 23 Feb 2018 14:26:52 +0000 (14:26 +0000)]
Bump versions by x.y.(z+1)
Change-Id: Icf29224994f9bae577c703d8ec721ed782e0774c
Signed-off-by: jenkins-releng <jenkins-releng@opendaylight.org>
jenkins-releng [Tue, 17 Oct 2017 01:39:43 +0000 (01:39 +0000)]
Bump versions by x.y.(z+1)
Change-Id: I9019e82f327f90fad2f56f6ebdafb7cf481cc484
Signed-off-by: jenkins-releng <jenkins-releng@opendaylight.org>
Ryan Goulding [Tue, 3 Oct 2017 18:27:48 +0000 (14:27 -0400)]
Bug 9228: Package bcprov-ext-jdk15on jar
Bouncycastle is hotwired as the default JCE provider in ODL
since it has greater capabilities than those provided with
the default Oracle and OpenJDK JCE implementations. This
change adds an overlooked and missing jar to the existing
provider infra.
Change-Id: I82baae9af5dcacea2f675b0e9f25837c85670362
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
jenkins-releng [Fri, 14 Jul 2017 12:49:21 +0000 (12:49 +0000)]
Bump versions by x.y.(z+1)
Change-Id: Ia20bb131fcff941ae2a8d0f7c31c444ff88fba30
Signed-off-by: jenkins-releng <jenkins-releng@opendaylight.org>
Thanh Ha [Fri, 16 Jun 2017 15:41:50 +0000 (11:41 -0400)]
Add method to skip karaf4 featureTest
Allow us to skip karaf4 featureTest seperately from karaf3 featureTest.
Change-Id: I235eafb777d62a95ca8ffb8010ef95754618421e
Signed-off-by: Thanh Ha <thanh.ha@linuxfoundation.org>
Robert Varga [Fri, 12 May 2017 09:37:58 +0000 (11:37 +0200)]
Bump akka to 2.4.18
http://akka.io/news/2017/05/02/akka-2.4.18-released.html
https://github.com/real-logic/Agrona/releases/tag/0.9.5
https://github.com/real-logic/Aeron/releases/tag/1.2.5
Change-Id: I2a19b3b2b1d35dba28e729938d6c579d55930681
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
(cherry picked from commit
7980f99e6874247df63fe8bed836cf1d0ce4ca96)
Robert Varga [Fri, 28 Apr 2017 16:44:50 +0000 (18:44 +0200)]
Bump scala to 2.11.11
Scala-2.11.11 is the last release in the 2.11 train, update to it.
Change-Id: I2d053d10b35b55efff0359f4303a66e8099e810b
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 31 May 2017 19:19:54 +0000 (21:19 +0200)]
BUG-4219: fix karaf CLI reload
Controller's blueprint extenstion is pulling in an optional
dependency of pax-logging, causing it to reload, effectively
restarting everything. Wire osgi-service before starting up
to eliminate this.
Change-Id: Idf0170d805e98362e7f3560db7f166c68a18d19d
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
jenkins-releng [Thu, 25 May 2017 18:18:08 +0000 (18:18 +0000)]
Bump versions by x.y.(z+1)
Change-Id: I1b83ec0785b8bad1c894c71d08060b697b967148
Signed-off-by: jenkins-releng <jenkins-releng@opendaylight.org>
Michael Vorburger [Tue, 9 May 2017 14:17:38 +0000 (16:17 +0200)]
Introduce pax-cdi-api into dependencyManagement
This enables @Inject @OsgiService instead of <reference> in XML; see
https://wiki.opendaylight.org/view/BestPractices/DI_Guidelines#.40OsgiService_.26_.40OsgiServiceProvider
see c/56723 for full details re. why it is <optional>true
Change-Id: I1aa5f314cb561dbbd82cbd34c4812e0e1a803a4b
Signed-off-by: Michael Vorburger <vorburger@redhat.com>
(cherry picked from commit
bf832961de4bf40135fc102e39b16851783f01f9)
Stephen Kitt [Wed, 3 May 2017 09:15:17 +0000 (11:15 +0200)]
skip.karaf.featureTest in single-feature-parent
Historically, the skip.karaf.featureTest property could be used to
skip SingleFeatureTest; that was lost in the migration to Karaf 4.
This patch restores the functionality in single-feature-parent.
Change-Id: Id6ed63129d7b9d7284356ca665152b321fc9ca16
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Robert Varga [Thu, 4 May 2017 23:42:30 +0000 (01:42 +0200)]
Fix pax-web's commons-collections
pax-web-4.3.0 can still pull in commons-collections-3.2.1, fix that.
Change-Id: Id0e0a678fcc54b45a864b69aed8ba7d1345bb756
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 4 May 2017 23:36:38 +0000 (01:36 +0200)]
Align pax-web and karaf standard features
Karaf's standard feature uses ow2/asm-all 5.0.4, while pax-web
is installing 5.0.2. Patch pax-web to use the same version, saving
around 230k.
Change-Id: Ifb29d1b3d3a54d4d55818795289b3eb0e357a826
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Vratko Polak [Fri, 28 Apr 2017 16:47:35 +0000 (18:47 +0200)]
Bug 7891: Place provided features to featuresBoot
Specifically, org.apache.sshd/sshd-core/0.14.0 is excluded,
thus "ssh" feature has to be always installed.
Without this, distribution4-check with odl-netconf-mdsal
in integration fails at installing boot features, because
org.opendaylight.netconf.netty-util depends on sshd-core bundle,
which is only activated by "ssh" feature
(as any ODL feature drops that dependency,
because of exclusions in feature parents).
Change-Id: Ic1d3b19981fccca9c320a5079aaf9e2eadf09397
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
Stephen Kitt [Wed, 26 Apr 2017 16:16:17 +0000 (18:16 +0200)]
Karaf 4: allow SFT configurations to be combined
We need to allow children of single-feature-parent to reconfigure the
generator plugin, while still ensuring that the list of excluded
artifacts is honoured.
Change-Id: Ifa284e6e10c5182a68d4a3457446903ef9d1ccb8
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Stephen Kitt [Wed, 8 Mar 2017 16:33:20 +0000 (17:33 +0100)]
Bug 7900: make feature repos aggregate features
Instead of redefining features and producing standalone feature
repositories, feature-repo-parent can produce features which list the
individual feature repositories produced by single-feature-parent.
This allows integration/distribution's integration-index to build much
faster (by rendering SFT moot there).
SFT now tests individual features in single-feature-test instead of
testing the full repository. This makes the -Psft profile useless so
it is removed. It also means that odl-bundles-test needs to be handled
specially, since it is used in features4-test: it can't use
single-feature-parent, otherwise it introduces a dependency loop. This
patch introduces a new, internal parent,
untested-single-feature-parent, which is used by odl-bundles-test and
single-feature-parent: untested- takes care of the actual feature
construction, and single-feature-parent adds the SFT tests.
(cherry picked from commit
bd4340895f8ec544393f2ec75f0cb5cfd25eae1f)
Change-Id: Ib0de6ce1e6488944bcbe0aa7e84496676f6db19a
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Ryan Goulding [Thu, 20 Apr 2017 13:44:00 +0000 (09:44 -0400)]
Bug 8261: prevent TestBundleDiag from throwing NPE
There is a stack trace demonstrating this behavior in bug 8261. In
short, TestBundleDiag is occasionally throwing NPE because a null
Bundle is returned from serviceReference.getBundle(). This change just
adds some null sanity checking in TestBundleDiag and
ServiceReferenceUtil.
Also, in ServiceReferenceUtil, a local variable is extracted just in
case the object is mutated between calls. This at least gives a
consistent snapshot for usingBundles over the course of the method
call.
Change-Id: I334b0850be4a2045f9eeb260f5de4af542896dc1
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
(cherry picked from commit
667f362239f037fb01b670dbb20340ab2798ca1e)
Stephen Kitt [Thu, 20 Apr 2017 17:26:06 +0000 (19:26 +0200)]
Bug 7926: exclude OSGi bundles from features
We need to avoid having OSGi core bundles pulled in by features (they
cause bundle refreshes which break Pax Exam tests). This patch marks
the OSGi bundles as provided, and excludes them from generated
features.
Change-Id: I66f519e4d498f956cb3fa087d98d30a64b3316f4
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Michael Vorburger [Wed, 19 Apr 2017 18:09:03 +0000 (20:09 +0200)]
Relax Checkstyle RightCurly rule for LITERAL_WHILE
In the Checkstyle upgrade from 6.16 to 7.6.1 done in parallel in other
changes, I've come across a number of "violations" because it did not
like "... } while (condition)" in one line.
This indeed seems to be what our current Checkstyle rule would mandate,
but because of what looks like a bug in our currently used version 6.16
was never enforced. As we upgrade, they seem to have fixed that, so
either we add a \n after } before while during the upgrade in the
projects which are already enforcing Checkstyle - or we just relax this
rule - personally I think it's ugly on two lines, and thus suggest this.
See http://checkstyle.sourceforge.net/config_blocks.html#RightCurly
I have not actually really tested this, just seems above right.
Change-Id: I21e20d91b854340a636c4fbbe5a6038caf0bee57
Signed-off-by: Michael Vorburger <vorburger@redhat.com>
(cherry picked from commit
3d622f95319336f5a5b9587b924bd6bac98982d7)
Robert Varga [Wed, 19 Apr 2017 19:08:02 +0000 (21:08 +0200)]
BUG-8208: remove prereq from jdbc/jetty features
It seems that dependencies have to be completely converged
and prerequisite=true does not play nice with optional imports,
leading to half-baked installation.
This patch drops dependency/prerequisite flags, which will need
to be revisited once we have this thing working.
Change-Id: I9340e7dff6566b793689406e8029b546ec349302
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Tue, 18 Apr 2017 13:19:17 +0000 (15:19 +0200)]
Revert "Bug 8208: revert to the Karaf 4.0.7 runtime"
This reverts commit
dacab8c7e49bc18578ceb8f088333550cfe389ab.
Change-Id: I6c7808b1ef130287a52c6d24c20c951f7d5dcd53
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 13 Apr 2017 19:13:51 +0000 (21:13 +0200)]
BUG-8202: make war a prerequisite
This seems to help getting the container up and about in local testing,
but it may break something else.
Change-Id: I0cadae70de7ef39001fccfaa33982de3293cc130
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Stephen Kitt [Thu, 13 Apr 2017 17:23:10 +0000 (19:23 +0200)]
Bug 8208: revert to the Karaf 4.0.7 runtime
We keep the 4.0.9 Maven plugin to get the new generator features, but
switch back to the 4.0.7 runtime to avoid the resolver issues.
Change-Id: Ifebe6ab8155a86c2e9e8c80315ae345a7f033a79
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Robert Varga [Thu, 13 Apr 2017 13:25:33 +0000 (15:25 +0200)]
Remove akka-distributed-data-experimental
This module is causing trouble with org.objectweb.asm and is not
used anywhere anymore. Remove it.
Change-Id: I0dcb1d73533f2a7ef1999093840c0c93a4f1450d
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Anil Belur [Tue, 11 Apr 2017 01:26:30 +0000 (11:26 +1000)]
Update .gitreview to stable/carbon
Change-Id: I7d31e3b1074b4f83c0caecbb14212e4756955cc8
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Stephen Kitt [Thu, 6 Apr 2017 13:26:42 +0000 (15:26 +0200)]
Bug 4219: upgrade to Karaf 4.0.9
Change-Id: Ibfaf2b64c971ab4320d8114cb74d4f5e4c2ae305
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Robert Varga [Mon, 10 Apr 2017 16:16:45 +0000 (18:16 +0200)]
BUG-8117: fix jetty/pax-web configuration mismatch
Karaf 4 uses pax-web as the jetty configuration bridge, which
compares the jetty configuration with its directives. If a port
or address mismatch is found, this leads to duplicate ports being
used and hence preventing successful jetty startup.
Change-Id: Ia5b71621ba0474481dab738232ebac778540a258
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Stephen Kitt [Fri, 7 Apr 2017 15:28:40 +0000 (17:28 +0200)]
Drop karaf-maven-plugin
We can’t use it within odlparent anyway, and the release of Karaf
4.0.9 means we don’t need it.
Change-Id: I04edebf6799115d35b225e145d18dc29235819a1
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Michael Vorburger [Fri, 7 Apr 2017 10:10:34 +0000 (12:10 +0200)]
Add .tox/ to .gitignore
Change-Id: I002f31717abcb15ed5e4d0b91ea774b6fc79203f
Signed-off-by: Michael Vorburger <vorburger@redhat.com>
Michael Vorburger [Fri, 10 Mar 2017 00:46:39 +0000 (01:46 +0100)]
Bug 8175: Improve SFT TestBundleDiag under Karaf 4
This does NOT yet completely fix all problems of the SingleFeatureTest
TestBundleDiag under Karaf 4 (which was in really bad shape!), most
importantly there is still something somewhere in Pax Exam that I
haven't understood yet which seems to just "swallow" all exceptions
thrown by SingleFeatureTest's @Test installFeature() but at least now:
1. there is something in the log now for failures at least
thanks to a (try/catch/log) WORKAROUND (!)
2. LinkageError fixed (see details below)
3. IllegalStateException: BundleContext is no longer valid fixed (?)
This changes the setup by just embedding bundles4-test and it's
dependencies into features4-test, instead of programmatically installing
the odl-bundles-test feature (which is removed in this change) or the
features4-test bundle.
This simplifies installation, avoid problems with the wrap: protocol,
and should resolve weird problems we've seen (only!) in the distribution
jobs, which seem to have had something to do with a custom local Maven
repo.
IMHO it would be *REALLY* good to practice proper TDD for SFT (with
TestBundleDiag) now, and have some automated negative testing of broken
features and bundles (incl. BP) in odlparent...
Bug: 7981 related later proper solution
Change-Id: I516c0f6c4e9ee85f0c753cb4b58a0b53fc22c7ea
Signed-off-by: Michael Vorburger <vorburger@redhat.com>
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Michael Vorburger [Wed, 29 Mar 2017 12:15:55 +0000 (14:15 +0200)]
Bug 8100: Karaf 4 SingleFeatureTest TestBundleDiag blacklist genius
Change-Id: Ieca1f632f59924416374579487441ea0082a7f9b
Signed-off-by: Michael Vorburger <vorburger@redhat.com>
Michael Vorburger [Fri, 10 Mar 2017 01:50:51 +0000 (02:50 +0100)]
added -XX JVM options to be able to analyze OOMs in SingleFeatureTest
-XX:+HeapDumpOnOutOfMemoryError
-XX:OnOutOfMemoryError="kill -3 %p"
Change-Id: Ide5d8cb96fc46e61a101adba3022de333b3fc1aa
Signed-off-by: Michael Vorburger <vorburger@redhat.com>
Stephen Kitt [Mon, 20 Mar 2017 09:51:50 +0000 (10:51 +0100)]
Add Git Commit Coala Bear
This enforces line lengths in commit messages.
Change-Id: I314d85a101c2f3225d1c66749a593f715e0270ec
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Sam Hague [Thu, 16 Mar 2017 20:15:26 +0000 (16:15 -0400)]
Add cli property to un-skip git-commit-id skip flag
Change-Id: I88340ab60e3e922fd3c79fe01f6b60471eec55e7
Signed-off-by: Sam Hague <shague@redhat.com>
Signed-off-by: Michael Vorburger <vorburger@redhat.com>
Vratko Polak [Fri, 17 Mar 2017 14:34:06 +0000 (15:34 +0100)]
Improve whitespace negligibly
The motivation is to run verify on the current code,
but no harm merging this.
Change-Id: I3e44934904664ec8f255e832a5cbdb769869c5f5
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
Vratko Polak [Wed, 15 Mar 2017 18:49:09 +0000 (19:49 +0100)]
Revert "Bug 7588: Stop blacklisting odl-hbaseclient from SFT"
This reverts commit
297793d5f9faa091323e07f601e96641df9fe5ff.
Before reverting this revert, make sure Tsdr verify (or merge) works,
as opposed to distribution-check or multipatch.
Change-Id: I7ea0408767678d7f0b099be5e7c197708cf7c808
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
David [Wed, 15 Mar 2017 08:15:47 +0000 (09:15 +0100)]
Fix checkstyle FinalClass issue
Fix the FinalClass checkstyle violation described in this pending
change:
https://git.opendaylight.org/gerrit/#/c/43324/
Move the constructor to be the first method.
The same fix solved in this patch:
https://git.opendaylight.org/gerrit/#/c/53250/
Change-Id: I1986199ee2b761e1b73cac31f2f1630f57e73b64
Signed-off-by: David <david.suarez.fuentes@ericsson.com>
David [Mon, 13 Mar 2017 23:23:54 +0000 (00:23 +0100)]
Fix checkstyle FinalClass issue
Fix the FinalClass checkstyle violation described in this pending
change:
https://git.opendaylight.org/gerrit/#/c/43324/
Move the constructor to be the first method.
Change-Id: I475ab18c233655ebfb0df72ddf2dad8e5a8d8bdd
Signed-off-by: David <david.suarez.fuentes@ericsson.com>
Vratko Polak [Fri, 10 Mar 2017 12:49:30 +0000 (13:49 +0100)]
Bug 7588: Stop blacklisting odl-hbaseclient from SFT
Change-Id: I0e12cc209f9023c5e25033ce2aa7ec9bd60b002f
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
Vratko Polak [Fri, 3 Mar 2017 15:12:10 +0000 (16:12 +0100)]
Bug 7895: Fix java version regex in Karaf scripts
This only fixes Karaf 3 scripts.
Any idea how to reliably create .patch files for Karaf 4 scripts?
Change-Id: I4e0ffae51e4ba38472195164f3ddf22e08966578
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
Michael Vorburger [Fri, 10 Mar 2017 00:48:42 +0000 (01:48 +0100)]
Minor (very) clean up of SFT related code I bumped into
Change-Id: I23f852c7c37775138cd414755d7645fbd42a02a6
Signed-off-by: Michael Vorburger <vorburger@redhat.com>
Stephen Kitt [Wed, 15 Feb 2017 15:49:42 +0000 (16:49 +0100)]
Upgrade commons-net 3.5 → 3.6
Release notes:
http://www.apache.org/dist/commons/net/RELEASE-NOTES.txt
Change-Id: I6ba6bff7f3e6f14d297b0b4f1a426657bcedc623
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Vratko Polak [Tue, 7 Mar 2017 12:52:29 +0000 (13:52 +0100)]
Remove invalid code in Karaf 3 instance script
If jvm version is lower than 1.8.0, the checkJvmVersion
function will exit. As a result, check jvm version code
is invalid in subsequent setupDefaults function.
Karaf 4 patchs files are not updated.
Change-Id: I20b22a59ceb92ac76523d135e15a3920f258700e
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
Robert Varga [Tue, 21 Feb 2017 09:53:40 +0000 (10:53 +0100)]
Do not package protobuff-java
Change-Id: I3261557e16b338beb7f95710f895118d2e057587
Signed-off-by: Robert Varga <rovarga@cisco.com>
ding.rui [Mon, 6 Mar 2017 06:20:35 +0000 (14:20 +0800)]
Replace exit with die function in Karaf script.
die function is a unified error handling function, which was used
anyplace except checkJvmVersion funciton in Karaf script.
Change-Id: I2d22e0967c4fb4c55feffe830f22cb7d02017540
Signed-off-by: Ding Rui <ding.rui@zte.com.cn>
ding.rui [Mon, 6 Mar 2017 02:39:50 +0000 (10:39 +0800)]
Remove invalid code in Karaf scripts
If jvm version is lower than 1.8.0, the checkJvmVersion function will
exit. As a result, check jvm version code is invalid in subsequent
setupDefaults function.
Change-Id: I0cda1473326e6c90792fa6452c23a0a1dcd89719
Signed-off-by: Ding Rui <ding.rui@zte.com.cn>
Michael Vorburger [Wed, 15 Feb 2017 14:23:07 +0000 (15:23 +0100)]
SingleFeatureTest (SFT) TestBundleDiag with full diag during wait loop
Change-Id: I3d16d2f9dd7986d7514afc43e54af83e66494fc7
Signed-off-by: Michael Vorburger <vorburger@redhat.com>
Robert Varga [Mon, 13 Feb 2017 19:02:43 +0000 (20:02 +0100)]
Checkstyle: no space inside parentheses
Add the ParenPad check to odl_checks.xml, which makes sure there is no
space after a left parenthesis and before a right parenthesis.
Change-Id: I2b843fa150b80b14043147377339b9c633e68b91
Signed-off-by: Lorand Jakab <lojakab@cisco.com>
Signed-off-by: Robert Varga <rovarga@cisco.com>
Thanh Ha [Wed, 1 Mar 2017 19:42:26 +0000 (14:42 -0500)]
Add missing <name> fields for pom.xml files
This is used by autorelease scripts to automatically parse which project
is failing a build and report to the mailing list automatically. We need
names in the format:
ODL :: <groupId> :: <artifactId>
This patch formats in the same format as found in the startup archetypes
patch found here: https://git.opendaylight.org/52522
Change-Id: I0174ee777830e54c7bd1ec81de53ceccedd57ecb
Signed-off-by: Thanh Ha <thanh.ha@linuxfoundation.org>
Tom Pantelis [Tue, 21 Feb 2017 13:55:57 +0000 (08:55 -0500)]
Add akka-persistence-tck dependency
Change-Id: I208c169bd59da87d9e573b3de5e8617441f26c38
Signed-off-by: Tom Pantelis <tpanteli@brocade.com>
Ryan Goulding [Fri, 24 Feb 2017 18:52:55 +0000 (13:52 -0500)]
Bump bouncycastle dependencies from 1.55 to 1.56
Comprehensive release notes can be found here:
https://www.bouncycastle.org/releasenotes.html
This release fixes the following:
* It is now possible to configure the provider to only import keys for specific named curves.
* Work has been done to improve the "constant time" behaviour of the RSA padding mechanisms.
* The GCM ciphers in the JCE and lightweight API will now fail if an attempt is made to use
them for encryption after doFinal or without changing the IV.
* The constructor for IESParameterSpec that allows the use of cipher without a nonce has been
deleted. See also details for CVE-2016-
1000344, CVE-2016-
1000352.
* Strict encoding enforcement has been introduced for ASN1Integer.
* CVE-2016-
1000338: DSA does not fully validate ASN.1 encoding of signature on verification.
It is possible to inject extra elements in the sequence making up the signature and still
have it validate, which in some cases may allow the introduction of "invisible" data into a
signed structure.
* CVE-2016-
1000339: AESFastEngine has a side channel leak if table accesses can be observed.
The use of lookup large static lookup tables in AESFastEngine means that where data accesses
by the CPU can be observed, it is possible to gain information about the key used to
initialize the cipher. We now recommend not using AESFastEngine where this might be a concern.
The BC provider is now using AESEngine by default.
* CVE-2016-
1000340: Static ECDH vulnerable to carry propagation bug. Carry propagation bugs in
the implementation of squaring for several raw math classes have been fixed
(org.bouncycastle.math.raw.Nat???). These classes are used by our custom elliptic curve
implementations (org.bouncycastle.math.ec.custom.**), so there was the possibility of rare
(in general usage) spurious calculations for elliptic curve scalar multiplications. Such
errors would have been detected with high probability by the output validation for our scalar
multipliers.
* CVE-2016-
1000341: DSA signature generation vulnerable to timing attack. Where timings can be
closely observed for the generation of signatures, the lack of blinding in 1.55 or earlier,
may allow an attacker to gain information about the signatures k value and ultimately the
private value as well.
* CVE-2016-
1000342: ECDSA does not fully validate ASN.1 encoding of signature on verification.
It is possible to inject extra elements in the sequence making up the signature and still have
it validate, which in some cases may allow the introduction of "invisible" data into a signed
structure.
* CVE-2016-
1000343: DSA key pair generator generates a weak private key if used with default
values. If the JCA key pair generator is not explicitly initialised with DSA parameters,
1.55 and earlier generates a private value assuming a 1024 bit key size. In earlier releases
this can be dealt with by explicitly passing parameters to the key pair generator.
* CVE-2016-
1000344: DHIES allows the use of unsafe ECB mode. This algorithm is now removed from
the provider.
* CVE-2016-
1000345: DHIES/ECIES CBC mode vulnerable to padding oracle attack. For BC 1.55 and
older, in an environment where timings can be easily observed, it is possible with enough
observations to identify when the decryption is failing due to padding.
* CVE-2016-
1000346: Other party DH public key not fully validated. This can cause issues as
invalid keys can be used to reveal details about the other party's private key where static
Diffie-Hellman is in use. As of this release the key parameters are checked on agreement
calculation.
* CVE-2016-
1000352: ECIES allows the use of unsafe ECB mode. This algorithm is now removed
from the provider.
This upgraded provider provides a great number of security fixes. We should consider moving to
the updated version swiftly.
Change-Id: I0cec4b220bf6d37a76718faad682a9cf095a0dc1
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Stephen Kitt [Fri, 17 Feb 2017 14:59:23 +0000 (15:59 +0100)]
Generator: add plugin configuration for prereq/deps
This adds two lists of features as configuration elements in
karaf-maven-plugin, dependencyFeatures and prerequisiteFeatures;
features named there (and defined elsewhere, in the POM) will be
flagged as dependencies and prerequisites respectively.
Bug: 7752
Bug: 7753
Change-Id: Ice35279822f513945df08f70880edcc74395da33
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Robert Varga [Thu, 16 Feb 2017 17:35:29 +0000 (18:35 +0100)]
BUG-7813: remove spring from base distribution
We do not use spring anywhere in the project, hence we can safely
remove it from the distribution, cutting it down by 35MB.
Change-Id: I07e6c8f0996d0d9cc9b0d6c50195a9fbb9f448b7
Signed-off-by: Robert Varga <rovarga@cisco.com>
Ryan Goulding [Wed, 15 Feb 2017 05:15:23 +0000 (00:15 -0500)]
Add syslog log4j appender entry, disabled by default
Add correct formatting for enabling syslog appender for ODL. By default,
the appender is disabled.
Change-Id: Ibbd296af53901b636b917a75c6072a36ef3cebe9
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Michael Vorburger [Mon, 23 Jan 2017 16:31:37 +0000 (17:31 +0100)]
Forbid use of mockito-all via a new maven-enforcer-plugin rule
mockito-all is bad, because it includes other libs (non-shaded), they
never intended it to be used from system with transitive dependency
management such as Maven; it can cause issues incl. fix
NoSuchMethodError: org.hamcrest.Matcher ...
see
http://maven.apache.org/enforcer/enforcer-rules/bannedDependencies.html
We'll remove mockito-all from dependencyManagement a little later.
Bug 7662 related
Change-Id: Id0da73a875cbb6de481782db1ccaadd6ac54ea6f
Signed-off-by: Michael Vorburger <vorburger@redhat.com>
Robert Varga [Sat, 18 Feb 2017 09:49:20 +0000 (10:49 +0100)]
Bump akka to 2.4.17
http://akka.io/news/2017/02/10/akka-2.4.17-released.html
Change-Id: Ib0de05829fe1c9f581ec89fab7e0b22f69dd5910
Signed-off-by: Robert Varga <rovarga@cisco.com>
Stephen Kitt [Fri, 17 Feb 2017 13:29:19 +0000 (14:29 +0100)]
Generator: merge existing dependency information
This patch allows the generator to merge dependency information from
feature.xml stubs and POMs ("dependency" and "prerequisite" flags).
This allows version information to be pulled from the POMs and still
allow the flags to be set.
Bug: 7752
Bug: 7753
Change-Id: I2b5147dc1636b4c9a3ec3b77654c9994702c7877
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Stephen Kitt [Mon, 20 Feb 2017 09:19:34 +0000 (10:19 +0100)]
Skip site generation for karaf-maven-plugin
Change-Id: I58f384df87542bb7b9318da7990ca92093255e50
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Stephen Kitt [Fri, 17 Feb 2017 15:35:46 +0000 (16:35 +0100)]
Add Maven site information
Change-Id: I5ddd8f162aace77d7b0c4bb40feb129d0402b439
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Stephen Kitt [Tue, 14 Feb 2017 16:25:42 +0000 (17:25 +0100)]
Import the Karaf Maven plugin
This is a temporary measure to enable quick iteration on new features
in the descriptor generator. New features there will as far as
possible be submitted upstream.
Having this as a plugin in odlparent will allow us to drop the
4.0.8-odl artifacts and should resolve the Maven site plugin issues.
Change-Id: Iea0b54e1be49659fd95e98b15df09077dd871f9a
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Robert Varga [Thu, 9 Feb 2017 16:50:22 +0000 (17:50 +0100)]
BUG-7767: upgrade Jetty to 9.2.19
This bumps the version of jetty we are pulling in by our proxy
feature, which should result in an all-round upgrade.
Change-Id: I766a6489ce467590b03744f086a761ec4535132e
Signed-off-by: Robert Varga <rovarga@cisco.com>
Lorand Jakab [Wed, 15 Feb 2017 09:53:46 +0000 (11:53 +0200)]
Bump netty to 4.1.8
See [0] for release notes.
While at it, also update API link from 4.0.x to 4.1.x.
[0] http://netty.io/news/2017/01/30/4-0-44-Final-4-1-8-Final.html
Change-Id: I69722be2d06a3a1317f02e6aba9c6f116793e417
Signed-off-by: Lorand Jakab <lojakab@cisco.com>
Stephen Kitt [Wed, 15 Feb 2017 14:30:37 +0000 (15:30 +0100)]
Karaf 4: remove the war feature
In Karaf 4, the war feature ends up pulling in Jetty 9.2, which we
aren't ready for yet.
Change-Id: I7b95633ef04e1031b87a91aafdfeb0929875adae
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Stephen Kitt [Mon, 13 Feb 2017 16:56:56 +0000 (17:56 +0100)]
Jetty 9.2 upgrade: add h2 to dependency management
This allows the Jetty upgrade to be driven from odlparent, without
requiring synchronised commits to odlparent and aaa (once aaa starts
using this dependency management).
Change-Id: I99f9086497706a321380d32f7cbc194895cf6abf
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Robert Varga [Mon, 13 Feb 2017 19:01:40 +0000 (20:01 +0100)]
Checkstyle: no space inside parentheses
Fix violations of ParenPad rule so it can be enabled at a later point.
Change-Id: I17968e48ca25b09be9dea7dac355612b81c7e606
Signed-off-by: Lorand Jakab <lojakab@cisco.com>
Signed-off-by: Robert Varga <rovarga@cisco.com>
Robert Varga [Mon, 13 Feb 2017 18:45:15 +0000 (18:45 +0000)]
Revert "Checkstyle: no space inside parentheses"
This reverts commit
28204b1caf363e7f7ae8d184ad305cf958a24608.
Breaks controller, we certainly do not need any more breakage at this point.
Change-Id: I3ee127e638a1adcbdf295ee7ab3e7328c6fd5777
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 13 Feb 2017 14:43:56 +0000 (15:43 +0100)]
Downgrade javax.mail version
Installing both jdbc and jetty-8 features causes a conflict on
which version of javax.mail to use, as they pull in 1.4.4 and 1.4.5
respectively.
Resolve this by downgrading the version in jetty-8.
Change-Id: Icfa2fe3d5f87b7fc97405f94fe7bf33113178a75
Signed-off-by: Robert Varga <rovarga@cisco.com>
Robert Varga [Mon, 13 Feb 2017 16:01:37 +0000 (17:01 +0100)]
Remove unneeded groupId
Maven plugins have an implied groupId, there is no need to be
explicit.
Change-Id: I6c0d3aa532be7c1c3255e2a1cc5e927a96bb66c4
Signed-off-by: Robert Varga <rovarga@cisco.com>
Robert Varga [Mon, 13 Feb 2017 16:02:10 +0000 (17:02 +0100)]
Add version declaration for maven-remote-resources-plugin
Fixes a warning about undeclared version.
Change-Id: I47118df48ee7f3b7d0d09c090228a46d70acbd68
Signed-off-by: Robert Varga <rovarga@cisco.com>
Robert Varga [Mon, 13 Feb 2017 13:40:56 +0000 (14:40 +0100)]
Pull in karaf's enterprise repository for jdbc
This seems to be causing downstream grief, while passing SFT here.
Pull in the repository explicitly.
Change-Id: I963fa67fe7470f155bae459ba2b2cdf8a2f874fa
Signed-off-by: Robert Varga <rovarga@cisco.com>
Lorand Jakab [Thu, 2 Feb 2017 00:06:01 +0000 (02:06 +0200)]
Checkstyle: no space inside parentheses
Add the ParenPad check to odl_checks.xml, which makes sure there is no
space after a left parenthesis and before a right parenthesis. Fix the
violations in odlparent.
Change-Id: Ib6cf36f05598f68ad034af67be17b8963bafba07
Signed-off-by: Lorand Jakab <lojakab@cisco.com>
Robert Varga [Thu, 9 Feb 2017 16:20:28 +0000 (17:20 +0100)]
Add odl-karaf-feat-jetty and odl-karaf-feat-feature
Jetty is yet another feature we are using, provide a proxy for it.
Also note that we should be upgrading it.
feature service is needed by config-adaptor in controller, so add
that as well.
Change-Id: Idb5049ca822f9fb2a7383e79ca04d40c37eaa8eb
Signed-off-by: Robert Varga <rovarga@cisco.com>
Robert Varga [Thu, 9 Feb 2017 09:11:27 +0000 (10:11 +0100)]
Add single features wrapping karaf features
Auto-generated features have no way of referring to core
karaf features, hence we need to wrap them. This provides
jdbc and war needed for aaa project.
Change-Id: Ia3a9cc3a926b6f7d00a001f604adda9cae551851
Signed-off-by: Robert Varga <rovarga@cisco.com>
Stephen Kitt [Wed, 8 Feb 2017 09:17:19 +0000 (10:17 +0100)]
Karaf 4: make odl-akka-leveldb-0.7 use the Guava feature
The LevelDB feature ends up pulling in Guava, so make it use our Guava
feature explicitly.
Change-Id: I53b8bcd9a93f0a1ac952718f47c6315167989e7d
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Stephen Kitt [Wed, 8 Feb 2017 09:08:48 +0000 (10:08 +0100)]
Karaf 4: exclude artifacts provided by our distribution
This is a first pass, covering all the controller features'
dependencies which are (now) provided by our Karaf distribution: Aries
Blueprint, Aries Quiesce, jline, sshd, and the core Karaf JAAS and
shell bundles.
Change-Id: I2ab260d367c8acb4805b1480c60ad34f5c2692d4
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Robert Varga [Tue, 7 Feb 2017 22:08:20 +0000 (23:08 +0100)]
Revert "FindBugs' full :annotation instead of :jsr305 artifact sub-set"
This reverts commit
4647724a79fbf7db440716f93f1067d17ecd8dda.
It breaks yangtools' and bgpcep's SFT, I suspect it breaks others
as well.
Change-Id: I880c3835958edac14a608fb8f7346c2274298c83
Signed-off-by: Robert Varga <rovarga@cisco.com>
Michael Vorburger [Fri, 21 Oct 2016 12:19:53 +0000 (14:19 +0200)]
FindBugs' full :annotation instead of :jsr305 artifact sub-set
This will require that all downstream projects first switch their
<dependency><groupId>com.google.code.findbugs from <artifactId>jsr305 to
<artifactId>annotations in all pom.xml. They will NOT have to adapt any
code, because the actual Java types are exactly the same (just from a
different Maven artefact).
see also discussion in https://git.opendaylight.org/gerrit/#/c/46914/
Change-Id: Idedc9203f99dd012f10945f2f8f69c88e5f541a2
Signed-off-by: Michael Vorburger <vorburger@redhat.com>
Stephen Kitt [Fri, 3 Feb 2017 10:35:17 +0000 (11:35 +0100)]
SFT: avoid testing aggregator features
Feature repositories built by the Karaf Maven plugin contain an
aggregator feature which pulls in all the features in the relevant
POM. It's pointless to test this, and very expensive, so we now skip
them: the rule is that, in repositories with more than one feature,
any feature with the same name as the repository is skipped.
(Repositories containing a single feature are tested, so that single
features can be checked in -Psft mode.)
Change-Id: I8ca11e9ff18663e62cee94e3203b5a0e0db17742
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Robert Varga [Mon, 6 Feb 2017 20:28:19 +0000 (21:28 +0100)]
Use equinox instead of felix for SFT
Default felix has some problem with attaching optional imports,
breaking downstream features. Switch to using equinox, which is
actually what we package.
Change-Id: I6813f2a5e3d9343fb59ec52d12e0367ca07f71b9
Signed-off-by: Robert Varga <rovarga@cisco.com>
Robert Varga [Mon, 6 Feb 2017 07:27:51 +0000 (08:27 +0100)]
Bump pax-exam to 4.10.0
Just an usual upgrade.
Change-Id: Ie642793bb1388a1bb700a9e0859c301f86567b2a
Signed-off-by: Robert Varga <rovarga@cisco.com>
Robert Varga [Mon, 6 Feb 2017 06:57:35 +0000 (07:57 +0100)]
Fix karaf's aries-blueprint feature
quiesce.api is something we are using and since blueprint-core has
it as an optional dependency, we end up refreshing blueprint when
we install it. That leads to pax-exam thinking the test during SFT
has ended and proceeds to the next test -- wreaking havoc in process
of doing so.
Patch the upstream feature file so quiesce.api is installed
unconditionally, so we do not have to install it from a feature,
hence we won't trigger blueprint refresh.
Change-Id: I14ad8b70d1dc8a961944da9087a54242ba017195
Signed-off-by: Robert Varga <rovarga@cisco.com>
Stephen Kitt [Mon, 6 Feb 2017 10:24:52 +0000 (11:24 +0100)]
Ignore ow2.asm, it's provided
Change-Id: I815efb3e6e274a908f683bf0b5bd0ce7a7d5904b
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Robert Varga [Sun, 5 Feb 2017 16:53:25 +0000 (17:53 +0100)]
Fix maven-site-plugin not working with JDK9
site plugin pulls in old velocity, which in turn pulls in
old commons-lang, which breaks with new Java versioning
scheme. Bump the dependency to 2.6 to make it work.
Change-Id: I37f11858fafccf02eb8c17581fa5c44214bcfdd4
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 5 Feb 2017 15:33:24 +0000 (16:33 +0100)]
Bump maven-compiler-plugin to 3.6.1
Updates compiler plugin to 3.6.1, needed for JDK9 support.
Change-Id: I04515d84ee427479de56aad451bbd485dfe36421
Signed-off-by: Robert Varga <rovarga@cisco.com>
Robert Varga [Sun, 5 Feb 2017 15:39:17 +0000 (16:39 +0100)]
Fix jar plugin inconsistency
maven-jar-plugin should be at 3.0.2, not 3.0.0.
Change-Id: Iea0742bf05e18a3e6998b96c56d82ad5b6364cf3
Signed-off-by: Robert Varga <rovarga@cisco.com>
Robert Varga [Sun, 5 Feb 2017 15:30:55 +0000 (16:30 +0100)]
Update deploy-site.xml versions
- wagon-webdav-jackrabbit to 2.12
- maven-site-plugin to 3.6
Change-Id: Ia693d45ac7fb5c63d99dfe0a485862bb228726c3
Signed-off-by: Robert Varga <rovarga@cisco.com>
Robert Varga [Sun, 5 Feb 2017 15:29:43 +0000 (16:29 +0100)]
Update maven-site-plugin to 3.6
Bump the site plugin to uniform 3.6.
Change-Id: I520230fa1ebaffb7fef49d8c6f40c833d0225f95
Signed-off-by: Robert Varga <rovarga@cisco.com>
Robert Varga [Sun, 5 Feb 2017 15:25:53 +0000 (16:25 +0100)]
Remove maven.jar.version
The property is no longer used anywhere, remove it and inline
the version declaration.
Change-Id: Ibe7b8a9e4807434848185adcf4b03191b63eeec7
Signed-off-by: Robert Varga <rovarga@cisco.com>
Robert Varga [Sun, 5 Feb 2017 15:17:59 +0000 (16:17 +0100)]
Remove maven.antrun.plugin.version
No autorelease projects are using this property, inline it.
Change-Id: Ib7fe05d1c17865707e426960466eafde6fce59d6
Signed-off-by: Robert Varga <rovarga@cisco.com>
Michael Vorburger [Fri, 3 Feb 2017 16:17:06 +0000 (17:17 +0100)]
Make SingleFeatureTest getKarafDistroVersion() throw clear IOException
instead of a confusion NullPointerException, as e.g. on
https://jenkins.opendaylight.org/releng/job/odlparent-distribution-check-boron/27/console
(and I've seen this before... even on master, not just stable/boron)
Change-Id: I256fccc5a48444c4c8f79a90e129d3641779f45a
Signed-off-by: Michael Vorburger <vorburger@redhat.com>
Stephen Kitt [Fri, 3 Feb 2017 09:21:28 +0000 (10:21 +0100)]
Improve the SFT log for features.xml/feature.xml
Instead of logging an error when features.xml or feature.xml aren't
found, check whether we find any test children and log an error if
there aren't any globally.
Change-Id: I21fe04911cbf350b33c28e2fcb79422f631c6ac4
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Robert Varga [Thu, 2 Feb 2017 18:00:45 +0000 (19:00 +0100)]
BUG-6236: bump to official xtend 2.11.0 release
This changes xtend-related things so they use 2.11.0 instead of
RC2 versions.
Change-Id: I36bc6a97331ecb6eb1d6a18d198593931b11cb2b
Signed-off-by: Robert Varga <rovarga@cisco.com>
Stephen Kitt [Wed, 1 Feb 2017 13:37:27 +0000 (14:37 +0100)]
Skip Jacoco in SingleFeatureTest
There's no point in checking code coverage in SingleFeatureTest, and
it increases memory usage substantially. This patch disables Jacoco in
single-feature-parent and feature-repo-parent.
Change-Id: If004e4b4f79f0e2e728ec2f9a76aa7458df05e7f
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Stephen Kitt [Tue, 31 Jan 2017 13:52:51 +0000 (14:52 +0100)]
Upgrade lmax disruptor 3.3.4 → 3.3.6
See https://github.com/LMAX-Exchange/disruptor/releases/tag/3.3.5 and
https://github.com/LMAX-Exchange/disruptor/releases/tag/3.3.6 for the
changes.
Change-Id: Ia625a38e669d2ce9542bda4b4ea7144d7c34109d
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Stephen Kitt [Tue, 31 Jan 2017 13:38:57 +0000 (14:38 +0100)]
Upgrade commons-io 2.4 → 2.5
See https://commons.apache.org/proper/commons-io/upgradeto2_5.html for
the changes.
Change-Id: I6c127eaa5012479cda3a74b5331a07e227dae492
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Stephen Kitt [Tue, 31 Jan 2017 13:18:24 +0000 (14:18 +0100)]
Upgrade logback 1.1.7 → 1.1.9
See https://logback.qos.ch/news.html for the changes.
Change-Id: Ie5622690a8c62500415da5f3d17ee5abea213600
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Robert Varga [Mon, 30 Jan 2017 14:02:55 +0000 (15:02 +0100)]
BUG-6236: bump xtend version to 2.11.0
This bumps xtend dependency to 2.11.0.RC2. This is a preparation
patch, will be updated to official 2.11.0 release once that is out.
Change-Id: I5cb8365d6541f5878bbc9fcfb02d29be0524122f
Signed-off-by: Robert Varga <rovarga@cisco.com>
Code Review / odlparent.git / log