git.opendaylight Code Review - odlparent.git/log

Bump netty to 4.1.7

Follow-up to previous bump, major changes detailed
at http://netty.io/news/2016/05/26/4-1-0-Final.html.

Change-Id: I56ab3a5edc59ce1c36f356b052f332bb49fd3b45
Signed-off-by: Robert Varga <rovarga@cisco.com>

Sync the Karaf 4 SFT blacklist

Bug: 7584
Change-Id: Ia588fbc9ea3ef812bb9a4e0bcb69c96657a27d4d
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Karaf 4: exclude jcl-over-slf4j

We need to exclude this for dlux.

Change-Id: I03450bd5803b43004a9202b77c31c2e5fdea7486
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Sync sft.diag.force for Karaf 4

Change-Id: I3e8c97d8f43f016e5b1cead856012bed74f6aac2
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Bump netty to 4.0.43

http://netty.io/news/2016/07/01/4-0-38-Final-4-1-2-Final.html
http://netty.io/news/2016/07/15/4-0-39-Final-4-1-3-Final.html
http://netty.io/news/2016/07/27/4-0-40-Final-4-1-4-Final.html
http://netty.io/news/2016/08/29/4-0-41-Final-4-1-5-Final.html
http://netty.io/news/2016/10/14/4-0-42-Final-4-1-6-Final.html
http://netty.io/news/2017/01/12/4-0-43-Final-4-1-7-Final.html

Change-Id: Ib9bd686dbb645128a093f4f934710e19ba6e3fca
Signed-off-by: Robert Varga <rovarga@cisco.com>
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Re-bump akka netty to 3.10.6

It seems that the original bump,
https://git.opendaylight.org/gerrit/44231/, was lost during reorg
done in https://git.opendaylight.org/gerrit/39539. Reinstate the bump.

Change-Id: Idb6a52475181d4fd0bebe157adc331a012ea8a03
Signed-off-by: Robert Varga <rovarga@cisco.com>

SFT diag: add a force option

Add a sft.diag.force property to force diag even on blacklisted
features (this makes it easier for downstreams to check whether they
really have fixed their blacklisted features).

Change-Id: I7f23c5767293ffc55d0a269071235b08c815caba
Signed-off-by: Stephen Kitt <skitt@redhat.com>

odlparent pom.xml only doc (only) re. mockito-core VS mockito-all

to prevent NoSuchMethodError: org.hamcrest.Matcher ...

Bug 7662 related
Change-Id: I7decc16bf70b0b1c09455872776cda07950e573e
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Remove the aaa Cassandra back-end from the blacklist

aaa no longer provides odl-aaa-authn-cassandra-cluster
(https://git.opendaylight.org/gerrit/50450).

Bug: 7584
Change-Id: If69b78da84c51eda142ab9516e0eebf64b631b50
Signed-off-by: Stephen Kitt <skitt@redhat.com>

BUG-7473: add Karaf 4 features

Instead of switching wholesale to Karaf 4 only, this patch adds
duplicate features for Karaf 4:

* feature-repo-parent is the new parent for Karaf 4 feature
  repositories (the Karaf 3 parent is now feature3-repo-parent, used
  only in odlparent);
* single-feature-parent is the new parent for Karaf 4 features (the
  Karaf 3 parent is now single-feature3-parent, used only in
  odlparent);
* features4-akka is the new odlparent Karaf 4 feature repository for
  Akka (dropping the old, backwards-compatible features);
* features4-odlparent is the new odlparent Karaf 4 feature repository
  for all other features (again, dropping the old,
  backwards-compatible features).

For the time being, we use Karaf 4.0.7 as the container (otherwise we
run into issues caused by
https://issues.apache.org/jira/browse/FELIX-5450 at least in
controller), and our own release of 4.0.9-SNAPSHOT, called 4.0.8-odl,
for the Karaf Maven plugin (we need upcoming 4.0.9 features when
generating our feature descriptors).

features-parent isn't duplicated for Karaf 4, downstreams are
encouraged to use at least feature-repo-parent instead.

This patch includes the following changes too:
* bundle uninstall failures are ignored in SingleFeatureTest;
* the deprecated features are reduced to delegates for their
  replacement features (e.g. odl-akka-scala simply pulls in
  odl-akka-scala-2.11);
* karaf4-parent only pulls in standard and war (these two features
  include all the other features that were explicitly listed);
* Pax Exam is upgraded to 4.9.2 (necessary to build with Karaf 4, but
  backwards-compatible with Karaf 3);
* Jacoco is upgraded to 0.7.7.201606060606 (as above);
* pax-url is upgraded to 2.5.1 (as above);
* the Protobuf tweaking for clustering is no longer necessary and is
  removed;
* bundles-test needs wrap as a pre-requisite, which requires wrapping
  it in a feature (odl-bundles-test) and using that in the Karaf 4
  SingleFeatureTest;
* karaf4-parent supports karaf.localFeature again.

Change-Id: I251aa7aefe6d3d7f93a73b5256bad6e596147c66
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Use generated-test-sources for xtend

IntelliJ expects test sources in generated-test-sources (which also
matches other programs' expectations, e.g. annotation processors).
Building test sources in generates-sources causes issues because the
classpaths don't match up. This patch moves generated xtend sources to
generates-sources/xtend for main code and generated-test-sources/xtend
for test code.

Change-Id: I8bc657c7cc06b0c7d2b8deeb7a970fe504a7d144
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Bug 7586: Remove lispflowmapping features from eSFT blacklist

Can be merged once https://git.opendaylight.org/gerrit/#/c/50736/ is
merged.

Change-Id: I13017c7a78a4ef1f8a41f11f1c958875c9537bc6
Signed-off-by: Lorand Jakab <lojakab@cisco.com>

Remove BGPCEP features related from BLACKLISTED_BROKEN_FEATURES

Remove BGPCEP features related from BLACKLISTED_BROKEN_FEATURES

Change-Id: I698f996bdb5bd727c3a867602407e5c1cdae8cd8
Signed-off-by: Claudio D. Gasparini <cgaspari@cisco.com>

Add -Dsft.diag.timeout=... option to SingleFeatureTest BundleDiagInfos

This is useful when locally debugging issues, and you don't want to wait
too long for the bundle convergence to eventually succeed (because you
already know there is a problem). The worst case default of 5 minutes
for the build is still a good idea, though.

This also tunes the pollInterval from 250ms to 1s, which is sufficient,
and leads to less noise in the log.

This also fixes -Dsft.diag.skip=true, which didn't actually work
(becaues of a missing PropagateSystemPropertyOption).

Change-Id: I8c7bae10295ddef57c0869628789949d991456e3
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Bump immutables.org to 2.4.2

Simple update to get the latest version.

Change-Id: I3f90eb355feca4f925021dfed6bda54ac49d2458
Signed-off-by: Robert Varga <rovarga@cisco.com>

Add metainf-services dependencyManagement section

This is a simple annotation processor for generating META-INF/services
entries. Useful for libraries and plugins which need to provide services
outside of the OSGi container.

Change-Id: I4747ce29f7da984bbfa48e7e8b8a6979d33e9440
Signed-off-by: Robert Varga <rovarga@cisco.com>

SingleFeatureTest BLACKLISTED_BROKEN_FEATURES link Bug 7595

Bug: 7595
Change-Id: I3eb4a9aa4c0fae739b5f43189110565427536753
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

SingleFeatureTest BLACKLISTED_BROKEN_FEATURES bugs links (only)

Bug: 7582
Change-Id: Ibd0c0feb1d8c0318461c9d71d4b737bcecae25fe
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Remove version.properties from karaf resources

This file lacks support from build jobs for a long time,
it mentions controller while appearing in every distribution,
and it tends to cause confusion instead of providing information.

Change-Id: I87548cec6d00502b52c900207cf337bba73ed844
Signed-off-by: Vratko Polak <vrpolak@cisco.com>

Update LISP config in default Karaf resources

The lisp.mappingOverwrite configuration option was removed in the LISP
code, and the new option lisp.mappingMerge was added. Update
etc/custom.properties accordingly.

Change-Id: Ifaf9888a36e2b5ac90e8c82122e8d4db96a02b18
Signed-off-by: Lorand Jakab <lojakab@cisco.com>

BUG-7446: package released Guava 21

This updates the packaged version to 21.0 release.

Change-Id: I15fb97019667401bac201cc95a7f3540e0b9c177
Signed-off-by: Robert Varga <rovarga@cisco.com>

Remove BGPCEP from SingleFeature Test Black List

Remove BGPCEP from SingleFeature Test Black List

Change-Id: I5fb8bd7a826b3b6f2b14ea2275636c948f2d666a
Signed-off-by: Claudio D. Gasparini <cgaspari@cisco.com>

SingleFeatureTest now fails if diag CLI command would have failed

This will help us detect a whole range of issues, notably any
blueprint related problems, much earlier in our development cycle than
we currently are.

The log contains details re. OSGi missing and available services.

NB: This change includes a (surprisingly long!) "black list" of features
known to be broken right now.  These ideally should all be fixed, and
the black list removed.

IMPL: The new bundles-test was introduced here because I ran into Pax
Exam related ClassNotFoundException, which I could not to resolve any
other way.  Basically, the problem is that the "probe" bundle which Pax
Exam creates on the fly includes the SingleFeatureTest class, and not
classes it references.  In other tests like IT this works, possibly
because Pax Exam somehow finds them in src/test/java; but not from
features-test.  (The currently existing utility classes next to
SingleFeatureTest in features-test probably only work because those run
outside the probe?)

This also did not help, because it's never called, because the
ClassNotFoundException happened earlier, on loading of the class
already:

import org.osgi.framework.Constants;

@ProbeBuilder
public TestProbeBuilder probeConfiguration(TestProbeBuilder probe) {
    LOG.info("probeConfiguration()");
    probe.setHeader(Constants.DYNAMICIMPORT_PACKAGE, "*");
    probe.setHeader(Constants.EXPORT_PACKAGE,
"org.opendaylight.odlparent.featuretest");
    probe.setHeader(IMPORT_PACKAGE,
"org.opendaylight.odlparent.featuretest");
    return probe;
}

Change-Id: I328e503703770aab539fdf1f0a7804ba676596ac
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

SingleFeatureTest java.security.egd /dev/urandom

This prevents SingleFeatureTest getting blocked on Karaf start-up e.g.
in netconf/features/netconf-connector which I just ran into on a build
server, due to very low entropy (cat
/proc/sys/kernel/random/entropy_avail); it was like 40 or so.

Bug: 6790
Change-Id: Iad71b3b3afb3dad64eeebcce2838e88f2f580606
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Bump aeron/agron to 1.0.5/0.9.1

Bring in the latest bugfix releases for artery.

Change-Id: I182206de5d7062b039d79338271217a492c6f46b
Signed-off-by: Robert Varga <rovarga@cisco.com>

BUG-7446: Package Guava 21-rc2

Bump the packaged version to rc2.

Change-Id: If46bb289bd426a391aa68c1abe770295ae5f2d0b
Signed-off-by: Robert Varga <rovarga@cisco.com>

BUG-7446: introduce odl-guava-21 feature

This is a preparatory patch, bringing in 21-rc1 artifact. This
will be followed-up with a patch to switch the build-time version.

Change-Id: If1eebe54190cfd5a7f97937b0b6b0b7a9624c78b
Signed-off-by: Robert Varga <rovarga@cisco.com>

BUG-7183: Bump akka to 2.4.16

This is the first build available for scala 2.12
with working OSGi and therefore is a prerequisite
for upgrade.

Change-Id: I73d7b3322fe72fe6814f81ed52006dc7866e4848
Signed-off-by: Robert Varga <rovarga@cisco.com>

BUG-7183: Bump aeron/Agrona to latest versions

This is a bump to latest versions, which require leak of
com.sun.media.sound from the boot class path to work.

Change-Id: I5a7bbf8b1cf8c28e14af9a8d92a03be0072022b4
Signed-off-by: Robert Varga <rovarga@cisco.com>

Exclude slf4j-api from generated features

This avoids issues with features depending on slf4j-api, without
needing to fix all the bundle dependencies to avoid pulling it in.

Change-Id: I765f2ab4d34ae39a878605ac4b2b70398febfca5
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Bump aeron/agrona to newer versions

This is a compatible upgrade for testing out artery.

Change-Id: Ibec7b6c263d0c650472b4bdc2aa93046babad332
Signed-off-by: Robert Varga <rovarga@cisco.com>

Revert "Upgrade Servlet API 3.0.1 -> 3.1.0"

This reverts commit 48e2f345b347dbca7f8b94df40adb6666ac4e017, which breaks at least AAA.

Change-Id: I398ededd9f77107fb9a191ea9c587e46b5e0784a
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Upgrade Servlet API 3.0.1 -> 3.1.0

This is part of Java EE 7 and adds non-blocking I/O and WebSocket
support. See https://jcp.org/en/jsr/detail?id=340 for details.

Change-Id: Ia615749593971421b9388d37700b957f847cbb6b
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Fix jacoco and sonar exclusions for yang-generated files

Jacoco and Sonar exclusions lists were missing some yang-generated
files that should be excluded. Also update the jacoco and sonar
exclusions to match.

Change-Id: Iff7f68102d66724a86d1654fd59145e9bc22e66a
Signed-off-by: AbdulRahman AlHamali <a.alhamali93@gmail.com>

Add maven-help-plugin and exec-maven-plugin

This just defines the versions, so they can be used
downstream without specifying versions.

Change-Id: I186b326e4d69403888074c30e7c92f6d8a2e69eb
Signed-off-by: Robert Varga <rovarga@cisco.com>

git-commit-id-plugin skipped on mvn -Pq, because it slows down a little

Change-Id: I5570855a6de43858f5f7305e7c2a53da778f1ad2
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

[eclipse] git-commit-id-plugin ignored in M2E by lifecycle-mapping

The recently git-commit-id-plugin likely was the culprit for the
recently very badly dropped Build Workspace performance issue I've
started noticing in Eclipse... there is really no need at all to produce
the new META-INF/git.properties during incremental in-IDE build (as
useful as it is on CLI build) - so ignore it!

Change-Id: I1a5a8282cdee236a5911560b80b1193522173c1d
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Bug 6523: Use opendaylight-karaf-empty for SingleFeatureTest

This makes feature-parent to use the same karaf container
as integration/distribution uses for testing its features.

The downside is developers experiencing
daily download of a big snapshot artifact.

A solution which replaces org.apache.aries.proxy.impl
in maven-surefire-plugin default (non-snapshot) karaf container would be preferable.

Change-Id: I6cd4f0ee4c9883e0376f262bd2f09d1bc1c29911
Signed-off-by: Vratko Polak <vrpolak@cisco.com>

Bug 7285 - CENTINEL Carbon Autorelease Build Failure

guice dependency shouldn't be targeted with scope test
as downstream consumer of that dependency needs it during
some other lifecycle state (compile).

Centinel is pulling graylog2-plugin that requires guice at
compile time, and does pull it as transitice dependency.
But since odlparent provide it with the scope test, and centinel
isn't speficically defining that dependency, odlparent overwrite
the transitive dependency of graylog2-plugin

Change-Id: I9c109f942804637463113db56d0bce45d4cf65ae
Signed-off-by: Alexis de Talhouët <adetalhouet@inocybe.com>

git-commit-id-plugin cannot fail build for new projects w.o. .git/

Change-Id: I5483524047476b9fcf3562dde55b07c79efbea0b
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

BUG-4219: eliminate odlparent-version

Since karaf4-parent is derived from odlparent,
we can just add branding and conf to our artifacts
and not specify the version. Hence we can eliminate
odlparent.version.

Change-Id: Ic62f80cca737cfc386a428d33ccac2b4ab43c395
Signed-off-by: Robert Varga <rovarga@cisco.com>

Checkstyle Windows EOL single message instead of each line

The current configuration prints a Checkstyle violation for EACH LINE in
a file with Windows (CR+LF) instead of UNIX (LF) end of line (EOL)
delimiters.

This change adjusts that to cause only 1 violation per such file.

This leads to clearer and shorter logs.

Change-Id: I4ef2825608966e3dbd714f73fbc462e10cc5d8d8
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Add akka-distributed-data to akka features

Change-Id: I2548ab02df746dc076dc5a7153accd54b39e22ba
Signed-off-by: Tomas Cere <tcere@cisco.com>

git-commit-id-plugin to put a META-INF/git.properties in all built JAR

see https://github.com/ktoso/maven-git-commit-id-plugin for background

This automatically works for all ODL JARs without any changes needed in
any other POM (unlike buildnumber-maven-plugin which needs SCM info).

This required https://git.opendaylight.org/gerrit/#/c/48447/ before.

Change-Id: I43f9692b4a3ae83a90cdfbeaf20bd2cba323bce8
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Upgrade commons-fileupload from 1.3.1 to 1.3.2 (security vulnerability)

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092

http://mail-archives.us.apache.org/mod_mbox/www-announce/201606.mbox/%3C6223ece6-2b41-ef4f-22f9-d3481e492832@apache.org%3E

https://bugzilla.redhat.com/show_bug.cgi?id=1349475

Change-Id: Ifc63c3b6021d8a8b3a906905fee96ce7287fd96b
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Upgrade Spring Framework from 3.2.14 to 3.2.17 (security vulnerability)

and org.springframework.security from 3.2.8 to 3.2.9 just while we're at
it

https://pivotal.io/security/cve-2015-5211

Change-Id: I6896c592803a105c2c44ea9f4a9fcfd7ff50f595
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Checkstyle suppressions XML to completely avoid checking target/

This is the only reliably way that I found to avoid checking generated
code and resources. See also e.g.
http://stackoverflow.com/questions/2362652/excluding-classes-in-maven-checkstyle-plugin-reports
and my comment on that page.

Change-Id: I8b2ec5ee6d46dc108e781031996a1022b8c5330a
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

BUG-6577: package fixed TrieMap

Until upstream releases a fix, we need a private package,
which has been populated to nexus.

Change-Id: I709f3516c80fb06fd41dc29eed4bcb56df92cf72
Signed-off-by: Robert Varga <rovarga@cisco.com>

BUG-4219: disable filtering in opendaylight-karaf4-resources

We *don't* want any filtering in the resources here. Hopefully this
will fix the patching issue during merges (and avoid any future
problems with filtered values).

Change-Id: I77301bf76772c0487ec2a27b6f1398f429608a27
Signed-off-by: Stephen Kitt <skitt@redhat.com>

BUG-4219: add karaf4-plugin

Change-Id: Ic7c497521b5683f452100dddd243b7513573d48f
Signed-off-by: Stephen Kitt <skitt@redhat.com>

BUG-4219: Add wrap as a boot feature

In Karaf 4, wrapped bundles aren't supported by default. Features
containing wrapped bundles are supposed to declare a prerequisite
dependency on the "wrap" feature; until that's done, we simply add
"wrap" as a boot feature to enable loading old features.

Change-Id: If4fe6da367915c6c5474a5f87b062c71226b2a3a
Signed-off-by: Stephen Kitt <skitt@redhat.com>

BUG-4219: copy ODL branding and configuration [WIP]

This applies patches to the upstream-provided startup scripts, instead
of replacing them wholesale — this helps identify the changes we're
interested in, allows upstream improvements to be picked up
automatically, and fails the build if our changes can no longer be
applied (but this will only happen with a Karaf upgrade, so a working
build can't start failing for outside reasons).

Change-Id: I677d18403800ff5ee5aac665ba040dd1ceb43962
Signed-off-by: Stephen Kitt <skitt@redhat.com>

BUG-4219: Add basic Karaf 4 artifacts

This patch adds karaf4-parent and opendaylight-karaf4-empty, currently
only equivalent to apache-karaf-minimal, as groundwork for the Karaf 4
migration.

Change-Id: I699ace7247cea4544857288313822571b97d9460
Signed-off-by: Stephen Kitt <skitt@redhat.com>

LICENSE bundled in all built OSGi bundle JARs

Work was done a while ago (by Thanh) to put a LICENSE into
target/classes expecting that to end up in all built JARs, but it
actually never did, which I stumbled upon in the context of
https://git.opendaylight.org/gerrit/#/c/48443/. This remedies that by
explicitly instructing the maven-bundle-plugin to additionally bundle
the LICENSE text file (and the META-INF/git.properties after this is
merged).

Change-Id: If382d763b5fabe21cfed9e7c51fa3d4f9b31e47a
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Add Google Guice to dependencyManagement

Actually we already have it anyway, through mycila, but in
https://git.opendaylight.org/gerrit/#/c/48077/ for
https://git.opendaylight.org/gerrit/#/c/48078/ I'd like to depend only
on Guice directly, because there I don't need anything from mycila, so I
need the adjustment proposed here.

Change-Id: Ia1fcc56c3e650759dc483c8d8c36091e047efde7
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Immutables.org in dependencyManagement

https://immutables.github.io is really great IMHO. So far I've used it
to write a few structs for test data, have made some small contributions
to it (bug reports & testing; no code) but I'd like to start using it
more in ODL work, and thus am proposing it into odlparent. It's a fast
moving project, so having a single place (odlparent) for the version and
keep moving it forward is useful from the start IMHO, instead of
plastering it across projects.

I do realize this code. gen. could be seen under the YANG lens, but IMHO
it's complementary and has a different sweet spot (YANG for persistent
data store, remotable objects) and this Immutables.org for private
in-bundle code for tests and configuration data - notably anything
threading related such as https://git.opendaylight.org/gerrit/#/c/48373/
discussion, where easy true immutability is of interest (YANG gen. code
is NOT immutable; it pretends to be, but it's actually not at all).

Change-Id: I1bc87c3d11316aa42002eb1a4b1f49f820058860
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

BUG-7183: bump scala-java8-compat to 0.8.0

This is the first build available for scala 2.12
and is a prerequisite.

Change-Id: I399a5d2d8e623caca7e649c2aa07020ecb1c16b7
Signed-off-by: Robert Varga <rovarga@cisco.com>

Bug 6236: Add mdsal.skip.verbose to -Pq Quick profile

see https://git.opendaylight.org/gerrit/#/c/47036/

Change-Id: I47286b9a9bc3bf69594b74add275a24251d0e924
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Introduce awaitility utility for asynchronous testing

see https://github.com/awaitility/awaitility for awaitility details

Already used in netconf/netconf/netconf-topology/pom.xml, and about to
be introduced in https://git.opendaylight.org/gerrit/#/c/48061/ and
https://git.opendaylight.org/gerrit/#/c/48077/

Change-Id: I555ceaeae9007e33ce4c8c8d851558e68da0ce2f
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Use target-ide/ instead of target/ as output folder under M2E in Eclipse

Change-Id: I884ce4854509fb4b474a86c82449e600b6f639ed
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Checkstyle enforce space-instead-tab control for *.xtend

https://git.opendaylight.org/gerrit/#/c/47975/ must be merged before
this one, otherwise the build will break (because that affects a project
which is already enforcing CS compliance).

I've verified, using a simplified version of the
https://wiki.opendaylight.org/view/EvolvingCheckstyle procedure, that
this tightening of CS rules has no impacts anywhere else (other than
c/47975).

Change-Id: I772391310907b5890b5e64e5039f689a2f91e520
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Bump akka to 2.4.11

http://akka.io/news/2016/09/30/akka-2.4.11-released.html, brings
options to use alternative remoting transport, potentially increasing
performance and stability.

Change-Id: Ib26f8557ccca278c1057b91bbe3bd4236ed4e46b
Signed-off-by: Robert Varga <rovarga@cisco.com>

Revert "BUG-7053: bump findbugs annotations"

This reverts commit b5739e344964ea69474f43c15e6b85d350c8171c.

Change-Id: I9931a183d1293af56b6b56fb51ce374bdbd2aec6
Signed-off-by: Robert Varga <rovarga@cisco.com>

BUG-7053: bump findbugs annotations

Bumps findbugs annotations to latest version.

Change-Id: I55626a2b7b28f39f460e4208f12dede683684ae1
Signed-off-by: Robert Varga <rovarga@cisco.com>

Upgrade xtend 2.9.2 -> 2.10.0

Change-Id: I95352c6ab2a95f43517672a839ee3c0322ad511d
Signed-off-by: Stephen Kitt <skitt@redhat.com>

target-ide/ on .gitignore

Change-Id: Ibcbd701bf3b9c7fd19261678ee1378f6ea076af5
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Intro. @Nullable / @NonNull (and @NonNullByDefault) "type" annotations

These are "better" than those in package javax.annotation from FindBugs
(JSR-305), because they are (newer) @Target({ TYPE_USE } annotations,
which can annotate more places than similar older annotations.

FYI: I'll start to use these annotations in some work I'm doing, and
annotate some ODL code with these - just because they are more flexible
than FindBugs' annotations.

FTR: This is *NOT* a jab at FindBugs - I love FindBugs and will strongly
support its introduction in OpenDaylight; as I have for Checkstyle.
FindBugs does a lot of interesting and useful static code analysis in
addition to null analysis, all of which will add value to code quality
in ODL.  I just happen to think that specifically for null analysis, not
other checks, FindBugs is not the best game in town (anymore); and both
Eclipse and probably IntelliJ's (which I know very little about) are
superior (now); and e.g. https://sourceforge.net/p/findbugs/bugs/1355/
seems to confirm this.

Please note that the fact that this has "org.eclipse.jdt" in its name
does *NOT* in any way tie this (only) to "Eclipse" as in the IDE per se!
Eclipse does indeed now have native built-in support for static null
analysis (which BTW FYI can also be run on the command line, outside of
the IDE...), but putting these annotations on code does NOT "tie" ODL in
any way to Eclipse ... these are JUST annotations, which presumably
(hopefully) e.g. IntelliJ is flexible enough to be configured to use as
well (an IntelliJ user should ideally test and confirm this).  They are
just better, more modern, versions of this kind of annotations than are
available elsewhere (we could even define our own in ODL; but why would
we).

There is no strong technical need for us to exclusively use only these
annotations in ODL; at least Eclipse' null analysis supports several
types (and so does IntelliJ presumably; FYI in Eclipse, one type has to
be designated the "primary", but AFAIK it can be configured for interop.
compatibility with code annotated with the other, older,
javax.annotation @Nullable / @NonNull from FindBugs (JSR-305) as well).

This is a very small new JAR with only 4 annotations in it related to
static code analysis for null-ability.  Its declared <scope>provided, so
it can be used at compilation time, but doesn't end up in the shipped
product.

Change-Id: Ie60241a3b7b0845496d3af8393db2661720f5394
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

BUG-7053: Add SCM connection

Change-Id: Ia99773bafbc499c089b686776aec916ac005500c
Signed-off-by: Robert Varga <rovarga@cisco.com>

Blacklist the Triple DES cipher suite

In reaction to CVE-2016-2183 [0], this disables the Triple DES cipher
suites. JCA nomenclature denotes this using "DESede".

[0] https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2183

Change-Id: I27c0b65bbe07be2ef7664fb7dc023ceb8aa4f551
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>

Add configuration and execution to FindBugs plugin

Added the appropriate configuration and execution to the FindBugs plugin
so it can run during compile phase and report violations. failOnError is
set to false by default so it doesn't fail the build. Projects can override
this setting if they want enforcement.

Also added a findbugs project (similar to checkstyle) that defines the rule
filters to exclude. I added one to exclude b/c it's of low priority
and is a common pattern used in ODL. I also added package exclusions for
yang-generated classes and protobuff-generated classes.

Change-Id: Ie01507a23990280d4bee8c2aefdc6c2293a3c6db
Signed-off-by: Tom Pantelis <tpanteli@brocade.com>
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Unfork the appropriate karaf bin files

In Boron based OpenDaylight, karaf 3.0.7 was used. Karaf 3.0.7 was susceptible
tot he following bugs:

KARAF-4564 - Can't start karaf using symbolic link
KARAF-4566 - "karaf" script invokes /bin/sh but requres /bin/bash functions

In order to avoid an entire container upgrade, the bin scripts were forked with
appropriate fixes to temporarily alleviate the aformentioned issues.

Karaf 3.0.8 fixed the aformenentioned issues. This change removes the appropriate
forked scripts, as they should now be fixed in upstream karaf.

The following scripts were determined to be unnecessary forks:
* client, shell, start, status and stop

The following scripts were determined to be necessary forks:
* instance* (they load odl.java.security)
* karaf (enforces Java 8, enables heap-dumps on OOMs, loads odl.java.security)
* karaf.bat (includes a workaround for Equinox on Windows 10 and loads odl.java.security)
These five files will remain forked for the forseeable future.
* setenv* (set up java max memory to appropriate value for ODL)

Change-Id: I769b30b1661a1fb8daec4de8b7cf170d1edcba7c
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>

Upgrade Apache Shiro from 1.3.1 to 1.3.2

Upgrades Apache Shiro to the newest release (September 2016). This includes
the following bugfixes:

SHIRO-577 Fixes bug allow enabling of SessionValidationScheduler when set
via setSessionValidationScheduler

Release notes are not currently available, but this information was determined
through looking at the Apache Shiro git commit history.

Change-Id: I0cc2983df285402a93b8887410c53f98a6bd8a3e
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>

Upgrade maven-jar-plugin 3.0.0 -> 3.0.2

Release notes for 3.0.1:
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317526&version=12335708

Release notes for 3.0.2:
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317526&version=12336062

Change-Id: Ie214fea2fb51c2467b99e9c10a59c6d9a8f3e7a0
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Upgrade build-helper-maven-plugin 1.10 -> 1.12

Release notes:
http://www.mojohaus.org/build-helper-maven-plugin/github-report.html

Change-Id: Ifda76e4447e8ea2373b712132229c52154da6d9f
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Upgrade maven-javadoc-plugin 2.10.3 -> 2.10.4

https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317529&version=12331967

Change-Id: I1075c75f620b53f8fa6857d69226a0498c973a72
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Upgrade maven-plugin-plugin 3.4 -> 3.5

http://maven.40175.n5.nabble.com/Apache-Maven-Plugin-Tools-3-5-Released-td5879432.html

Change-Id: Id730c854f0e19276ca4b2b47cfded3030edc42fb
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Upgrade maven-source-plugin 3.0.0 -> 3.0.1

https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317924&version=12335588

Change-Id: I80c471511263ca727ed65779eb5d28ef12f94172
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Bug 647: Use bin/karaf arguments as JVM arguments

This is just a convenience for users,
so that they do not have to manipulate JAVA_OPTS.

Using JAVA_OPTS requires user to know DEFAULT_JAVA_OPTS,
this change only appends to default options (possibly overriding them).

Example usage:
$ bin/karaf -Xmx4g -DmySystemProperty=foo

Change-Id: Ice07a9c3a2c9455d622722498f3433501091728e
Signed-off-by: Vratko Polak <vrpolak@cisco.com>

Disable stack trace trimming

We use exception chaining quite extensively, which means
that full error details are not visible when the stack trace
is trimmed.

Change-Id: If55f22ed9771d7c14c9787bccd2d7439e2e1ce98
Signed-off-by: Robert Varga <rovarga@cisco.com>

Intro. FindBugs' full :annotation (in addition to existing :jsr305)

Having both of these is a required intermediate step, in order to switch
completely over to :annotation instead of :jsr305, which would be
preferable, because these two JARs define the same annotations and
overlap, which is never great.

This change will allow all downstream projects to gradually switch their
<dependency><groupId>com.google.code.findbugs from <artifactId>jsr305 to
<artifactId>annotations in all pom.xml. They will NOT have to adapt any
code, because the actual Java types are exactly the same (just from a
different Maven artefact).

When all downstream projects have switched over, then we'll replace what
this change added by the cleaner "real" solution prepared in
https://git.opendaylight.org/gerrit/#/c/47337/

see also discussion in https://git.opendaylight.org/gerrit/#/c/46914/

Change-Id: Ib026cd0338b263bb9663f2d1fa2a6cb167d6f136
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

BUG-6705: remove enunciate-maven-plugin

With the removal of enunciate-parent from controller,
enunciate-maven-plugin is no longer used anywhere in ODL, so let's
remove it.

This depends on https://git.opendaylight.org/gerrit/47080

Change-Id: Ifde699521a9e1db71013445b614b8892b65e7472
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Replace target/ by ${project.build.directory}/ to make target-ide/ possible

Change-Id: Ia4f9508c3db4aac94f00b861cfef0669b7c15ef7
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Upgrade commons-lang3 3.4 -> 3.5

The release notes are at
http://www.apache.org/dist/commons/lang/RELEASE-NOTES.txt

Change-Id: I0f27a25031e28d3081546297a492c1ad4b4ec9ec
Signed-off-by: Stephen Kitt <skitt@redhat.com>

BUG-6652: generate features.xml with karaf-maven-plugin

features.xml can be generated from POM information; this allows us to
produce features which are simultaneously Karaf artifacts and Maven
artifacts. Thus downstream projects can simply depend (at a Maven
level) on Karaf features — this automatically gives the correct Maven
dependencies at build and test time, and the correct Karaf feature
dependencies at run time.

Karaf 3.0.8 now includes enough features handling improvements to
produce useful results here. This patch preserves old features for
backwards-compatibility, which results in some inelegant feature
names; the intention is to allow experimentation in downstream
projects without breaking anything.

This patch introduces two new parent POMs: single-feature-parent is
intended for modules packaging a single feature, feature-repo-parent
for modules packaging a repository of features. SingleFeatureTest is
used to test the feature repositories — this ensures that the features
we ship are tested. single-feature-parent doesn't run
SingleFeatureTest to avoid testing features twice.

Change-Id: I2858891618360710a13756dbd4d005aa1a48c703
Signed-off-by: Stephen Kitt <skitt@redhat.com>

odlparents-artifacts is a POM

If we don't specify its packaging, Maven complains that we're
producing an empty JAR.

Change-Id: I0414f28f28f4dee396fc41d036cab5e69608b663
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Have slf4j-simple as an "always there" <scope>test dependency.

The "always there" as in always, literally, not just in
<dependencyManagement>. This makes sense because in (unit and
component, not integration) tests you want logging to "just work" - you
don't want to have to remember to add slf4j-simple yourself as a
dependency every time (and you certainly don't want to have to add
logback every time, and configure it with an XML or properties; for
every project).

Also the problem with manually adding a slf4j-simple dependency to
projects with tests is that there is a risk of it getting accidentally
removed, because "mvn dependency:analyze" will find it's "not needed";
as happened e.g. in
https://git.opendaylight.org/gerrit/#/c/45090/6/vpnservice/aclservice/impl/pom.xml

Change-Id: I5af53bbd8d69ad5cebac08f97225c2f9cbe60ab7
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Allow '_' in checkstyle PackageName rule

The JLS allows '_' in package names but the default checkstyle regex
pattern for the PackageName rule doesn't. Underscores shouldn't normally
be used but the yang code generator can generate package names with
underscores. We can exclude most yang-generated code from checkstyle but
the CSS code generator places some classes under src/main/java to be
completed (ie *Module classes) so we need the regex pattern to allow
underscores.

Change-Id: I14fdb1955499d5684b1bdaeabd188f7d425caf60
Signed-off-by: Tom Pantelis <tpanteli@brocade.com>

Copy in supporting bouncycastle PKIX/CMS/EAC/PKCS/OCSP/TSP/OPENSSL packages

Since we already ship the Bouncy Castle Provider (bcprov-jdk15on) in lib/ext,
we should also ship the other key exchange packages. Bouncy castle provides
these packages in bcpkix-jdk15on. This change adds the bcpkix-jdk15on
dependency, and an appropriate action to copy the library into lib/ext, very
similar to how the bcprov-jdk15on is copied.

Change-Id: Id706f58c8f56193a717013ffc5446643004045ad
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>

Bump the bouncy castle version to the latest, 1.55

Bumps the bouncy castle version to the latest, version 1.55. Specifics
regarding what was fixed can be found in the bouncy castle release notes:

http://www.bouncycastle.org/releasenotes.html

Change-Id: Iad9b000d15be91781c3de7501cce6c8e95cefb09
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>

Complete enforcer setup in odlparent-lite

We need to specify the plugin version and ignore it in m2eclipse.

Change-Id: Ied2769679be6e58f0299120b513693d66d2185e5
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Add maven-antrun-plugin to m2e lifecycle mapping

Change-Id: Ib28a8b6d8e576186673ca1fa7637f0eda8c84659
Signed-off-by: Lorand Jakab <lojakab@cisco.com>

Move maven-enforcer-plugin from odlparent to odlparent-lite

That way it's detected earlier, e.g. Maven version mismatch is already
flagged up to end-users on their root parent project (which has
odlparent-lite as parent), and only a little later on the first Java
project (which have odlparent as parent).

Change-Id: I9c285fc45ffc0a82e8375a2b77dc89da19238033
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Bump maven-javadoc-plugin version from 2.10.3 to 2.10.4

Not just for fun, but because I've just figured, through trial and
error, that this fixes a weird problem seen in the failed builds of
https://git.opendaylight.org/gerrit/#/c/46206/ - the older 2.10.3 seems
to have some bug which causes it to choke on finding references between
(two different kinds of) generated code in JavaDoc gen. and the 2.10.4
upgrade magically fixes it (I've locally tested this).

Note that we seem to have our maven-javadoc-plugin version defined in
two places, which is a bit of a shame (and very confusing at first). I
wanted to get this bump merged in ASAP, with minimal side effect, so in
this commit have just changed both places. A follow-up commit which
unifies this into a single place for the next time around would be cool.

Change-Id: Ie2c35f4a7dea357eed5ce8b72c9e757dbdf85565
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

odlparent/pom.xml: Parameter tasks is deprecated

remove maven warning by replacing tasks with target
> [WARNING] Parameter tasks is deprecated, use target instead

Change-Id: I6cf82b1760e711de60dd836024b6e67239214c2c
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>

Upgrade jsonassert 1.2.3 -> 1.3.0

Change-Id: Icf7717624601182e96ae21821d50131e059b63ac
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Upgrade webcohesion enunciate 2.1.1 -> 2.6.0

Enunciate 2.2.0 adds support for Spring Web annotations and fixes a
number of bugs:
https://github.com/stoicflame/enunciate/issues?q=milestone%3A2.2.0+is%3Aclosed

Enunciate 2.3.0 fixes a number of bugs:
https://github.com/stoicflame/enunciate/issues?q=milestone%3A2.3.0+is%3Aclosed

Enunciate 2.4.0 includes many bug fixes and enhancements:
https://github.com/stoicflame/enunciate/issues?q=milestone%3A2.4.0+is%3Aclosed

Enunciate 2.5.0 includes minor bug fixes and support for Spring's
@ModelAttribute:
https://github.com/stoicflame/enunciate/issues?q=milestone%3A2.5.0+is%3Aclosed

Enunciate 2.6.0 includes support for Bean Validation annotations and
Jackson annotations, and fixes a number of bugs:
https://github.com/stoicflame/enunciate/milestone/13?closed=1

Change-Id: Ic61354408b64089d228cb89a7f13e11874ecf5d5
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Bump enforced Maven version to 3.3.9+

Also, remove enforcer section from karaf-parent,
as odlparent:odlparent already sets strong enough requirement.

Change-Id: I6952b1a5bfd98180ea9f6fc598029163780ffa9a
Signed-off-by: Vratko Polak <vrpolak@cisco.com>

Work around apparent Checkstyle bug re. JavaDoc in package-info.java

We have earlier agreed to, and aligned our Checkstyle rules accordingly,
not enforce JavaDoc presence, just validate its content if it's present.
However, we are still enforcing every package-info.java (of which we
have almost none..) to have a JavaDoc.

While experimenting with plastering package-info.java into EVERY package
everywhere (to have an annotation @NonNullByDefault package in it..),
I don't want to put in bogus empty JavaDoc into every package just to
satisfy Checkstyle, that would be ridiculous.

Related to https://github.com/checkstyle/checkstyle/issues/3416

Change-Id: I397763f9e09bc7db009ade5da1a5b35bdc518169
Signed-off-by: Michael Vorburger <vorburger@redhat.com>

Bug 6790: use non-blocking /dev/urandom

Set Karaf up to use /dev/urandom (where available) instead of
/dev/random, to avoid blocking (and failing incoming SSH connections)
in low entropy situations.

Bug: 6790
Change-Id: I17c5681151a4bb6c61def952a7898b018d3ece86
Signed-off-by: Michael Vorburger <vorburger@redhat.com>
Signed-off-by: Stephen Kitt <skitt@redhat.com>

Revert "Bump akka to 2.4.10"

This reverts commit 6ef4fcc3b02cb261afa0fd6fb615e4f5f9002d95. (The upgrade breaks controller.)

Change-Id: I6af4777350c0254f95b2acc52a5657f54091984a
Signed-off-by: Stephen Kitt <skitt@redhat.com>