diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 797b3f81cf..f8881e1f2b 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -10,3 +10,9 @@ updates: # For all packages, ignore all major versions to minimize breaking issues - dependency-name: "*" update-types: ["version-update:semver-major"] + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + commit-message: + prefix: "dependabot:" diff --git a/.github/workflows/auto-release.yml b/.github/workflows/auto-release.yml index ce71aed419..4f37d6918f 100644 --- a/.github/workflows/auto-release.yml +++ b/.github/workflows/auto-release.yml @@ -13,7 +13,7 @@ jobs: steps: - name: GitHub App token id: github_app_token - uses: tibdex/github-app-token@v1.5.0 + uses: tibdex/github-app-token@v1.8.0 with: app_id: ${{ secrets.APP_ID }} private_key: ${{ secrets.APP_PRIVATE_KEY }} diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml index 6472a968d8..40ec3d70b1 100644 --- a/.github/workflows/backport.yml +++ b/.github/workflows/backport.yml @@ -16,7 +16,7 @@ jobs: steps: - name: GitHub App token id: github_app_token - uses: tibdex/github-app-token@v1.5.0 + uses: tibdex/github-app-token@v1.8.0 with: app_id: ${{ secrets.APP_ID }} private_key: ${{ secrets.APP_PRIVATE_KEY }} diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index 03d5d6bd9b..5c57b2b35e 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -23,7 +23,7 @@ jobs: uses: actions/checkout@v2 - name: Cache Gradle packages - uses: actions/cache@v2 + uses: actions/cache@v3 with: path: | ~/.gradle/caches @@ -46,7 +46,7 @@ jobs: - name: Create Github Draft Release id: create_release - uses: actions/create-release@v1.0.0 + uses: actions/create-release@v1.1.4 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: @@ -57,7 +57,7 @@ jobs: - name: Upload Release Asset id: upload-release-asset - uses: actions/upload-release-asset@v1.0.1 + uses: actions/upload-release-asset@v1.0.2 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 66919ab87e..fcc1ffe7ac 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,6 +1,12 @@ name: CI -on: [push, pull_request] +on: + push: + branches: + - main + - 1.* + - 2.* + pull_request: env: GRADLE_OPTS: -Dhttp.keepAlive=false diff --git a/.github/workflows/delete_backport_branch.yml b/.github/workflows/delete_backport_branch.yml index 9964fe1ec8..d102506291 100644 --- a/.github/workflows/delete_backport_branch.yml +++ b/.github/workflows/delete_backport_branch.yml @@ -10,6 +10,6 @@ jobs: if: startsWith(github.event.pull_request.head.ref,'backport/') steps: - name: Delete merged branch - uses: SvanBoxel/delete-merged-branch@b77e873cee00b09f55cc553bd24aae5f8dfc9157 + uses: SvanBoxel/delete-merged-branch@2b5b058e3db41a3328fd9a6a58fd4c2545a14353 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/maven-publish.yml b/.github/workflows/maven-publish.yml index 1490e1d7f6..13a2b8a265 100644 --- a/.github/workflows/maven-publish.yml +++ b/.github/workflows/maven-publish.yml @@ -22,7 +22,7 @@ jobs: distribution: temurin # Temurin is a distribution of adoptium java-version: 11 - uses: actions/checkout@v3 - - uses: aws-actions/configure-aws-credentials@v1 + - uses: aws-actions/configure-aws-credentials@v2 with: role-to-assume: ${{ secrets.PUBLISH_SNAPSHOTS_ROLE }} aws-region: us-east-1 diff --git a/build.gradle b/build.gradle index 442cd414ad..f8f9b701ad 100644 --- a/build.gradle +++ b/build.gradle @@ -30,7 +30,7 @@ buildscript { open_saml_version = '4.3.0' one_login_java_saml = '2.9.0' jjwt_version = '0.11.5' - guava_version = '32.1.1-jre' + guava_version = '32.1.2-jre' jaxb_version = '2.3.8' if (buildVersionQualifier) { @@ -63,7 +63,7 @@ plugins { id 'maven-publish' id 'com.diffplug.spotless' version '6.20.0' id 'checkstyle' - id 'com.netflix.nebula.ospackage' version "11.3.0" + id 'com.netflix.nebula.ospackage' version "11.4.0" id "org.gradle.test-retry" version "1.5.4" id 'eclipse' id "com.github.spotbugs" version "5.0.14" @@ -531,7 +531,7 @@ dependencies { runtimeOnly 'com.google.errorprone:error_prone_annotations:2.20.0' runtimeOnly 'com.sun.istack:istack-commons-runtime:4.2.0' runtimeOnly 'jakarta.xml.bind:jakarta.xml.bind-api:4.0.0' - runtimeOnly 'org.ow2.asm:asm:9.1' + runtimeOnly 'org.ow2.asm:asm:9.5' testImplementation 'org.apache.camel:camel-xmlsecurity:3.21.0' @@ -568,7 +568,7 @@ dependencies { runtimeOnly 'org.xerial.snappy:snappy-java:1.1.10.3' runtimeOnly 'org.codehaus.woodstox:stax2-api:4.2.1' runtimeOnly "org.glassfish.jaxb:txw2:${jaxb_version}" - runtimeOnly 'com.fasterxml.woodstox:woodstox-core:6.4.0' + runtimeOnly 'com.fasterxml.woodstox:woodstox-core:6.5.1' runtimeOnly 'org.apache.ws.xmlschema:xmlschema-core:2.2.5' runtimeOnly 'org.apache.santuario:xmlsec:2.2.3' runtimeOnly "com.github.luben:zstd-jni:${versions.zstd}" @@ -578,7 +578,7 @@ dependencies { testImplementation "org.opensaml:opensaml-messaging-impl:${open_saml_version}" - implementation 'org.apache.commons:commons-lang3:3.12.0' + implementation 'org.apache.commons:commons-lang3:3.13.0' testImplementation "org.opensearch:common-utils:${common_utils_version}" testImplementation "org.opensearch.plugin:reindex-client:${opensearch_version}" testImplementation "org.opensearch:opensearch-ssl-config:${opensearch_version}" @@ -588,9 +588,9 @@ dependencies { testImplementation "org.opensearch.plugin:aggs-matrix-stats-client:${opensearch_version}" testImplementation "org.apache.logging.log4j:log4j-core:${versions.log4j}" testImplementation 'javax.servlet:servlet-api:2.5' - testImplementation 'com.unboundid:unboundid-ldapsdk:4.0.9' + testImplementation 'com.unboundid:unboundid-ldapsdk:4.0.14' testImplementation 'com.github.stephenc.jcip:jcip-annotations:1.0-1' - testImplementation 'com.unboundid:unboundid-ldapsdk:4.0.9' + testImplementation 'com.unboundid:unboundid-ldapsdk:4.0.14' testImplementation 'javax.servlet:servlet-api:2.5' testImplementation 'org.apache.httpcomponents:fluent-hc:4.5.13' testImplementation "org.apache.httpcomponents.client5:httpclient5-fluent:${versions.httpclient5}" @@ -600,8 +600,8 @@ dependencies { testImplementation "org.apache.kafka:kafka-clients:${kafka_version}:test" testImplementation 'org.springframework.kafka:spring-kafka-test:2.9.6' testImplementation 'org.springframework:spring-beans:5.3.20' - testImplementation 'org.junit.jupiter:junit-jupiter:5.8.2' - testImplementation 'org.junit.jupiter:junit-jupiter-api:5.8.2' + testImplementation 'org.junit.jupiter:junit-jupiter:5.10.0' + testImplementation 'org.junit.jupiter:junit-jupiter-api:5.10.0' // Only osx-x86_64, osx-aarch_64, linux-x86_64, linux-aarch_64, windows-x86_64 are available if (osdetector.classifier in ["osx-x86_64", "osx-aarch_64", "linux-x86_64", "linux-aarch_64", "windows-x86_64"]) { testImplementation "io.netty:netty-tcnative-classes:2.0.54.Final" @@ -610,7 +610,7 @@ dependencies { // JUnit build requirement testCompileOnly 'org.apiguardian:apiguardian-api:1.1.2' // Kafka test execution - testRuntimeOnly 'org.springframework.retry:spring-retry:1.3.3' + testRuntimeOnly 'org.springframework.retry:spring-retry:1.3.4' testRuntimeOnly ('org.springframework:spring-core:5.3.27') { exclude(group:'org.springframework', module: 'spring-jcl' ) } @@ -642,7 +642,7 @@ dependencies { integrationTestImplementation('org.awaitility:awaitility:4.2.0') { exclude(group: 'org.hamcrest', module: 'hamcrest') } - integrationTestImplementation 'com.unboundid:unboundid-ldapsdk:4.0.9' + integrationTestImplementation 'com.unboundid:unboundid-ldapsdk:4.0.14' //Checkstyle checkstyle 'com.puppycrawl.tools:checkstyle:10.12.1' diff --git a/src/integrationTest/java/org/opensearch/test/framework/cluster/ContextHeaderDecoratorClient.java b/src/integrationTest/java/org/opensearch/test/framework/cluster/ContextHeaderDecoratorClient.java index 2b05807fa2..c6ddf3281a 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/cluster/ContextHeaderDecoratorClient.java +++ b/src/integrationTest/java/org/opensearch/test/framework/cluster/ContextHeaderDecoratorClient.java @@ -12,9 +12,9 @@ import java.util.Collections; import java.util.Map; -import org.opensearch.action.ActionListener; +import org.opensearch.core.action.ActionListener; import org.opensearch.action.ActionRequest; -import org.opensearch.action.ActionResponse; +import org.opensearch.core.action.ActionResponse; import org.opensearch.action.ActionType; import org.opensearch.action.support.ContextPreservingActionListener; import org.opensearch.client.Client; diff --git a/src/main/java/org/opensearch/security/OpenSearchSecurityPlugin.java b/src/main/java/org/opensearch/security/OpenSearchSecurityPlugin.java index 28ba1a716b..a43afcb187 100644 --- a/src/main/java/org/opensearch/security/OpenSearchSecurityPlugin.java +++ b/src/main/java/org/opensearch/security/OpenSearchSecurityPlugin.java @@ -67,7 +67,7 @@ import org.opensearch.SpecialPermission; import org.opensearch.Version; import org.opensearch.action.ActionRequest; -import org.opensearch.action.ActionResponse; +import org.opensearch.core.action.ActionResponse; import org.opensearch.action.search.PitService; import org.opensearch.action.search.SearchScrollAction; import org.opensearch.action.support.ActionFilter; diff --git a/src/main/java/org/opensearch/security/action/whoami/TransportWhoAmIAction.java b/src/main/java/org/opensearch/security/action/whoami/TransportWhoAmIAction.java index bd3ecf46a2..f7e741b868 100644 --- a/src/main/java/org/opensearch/security/action/whoami/TransportWhoAmIAction.java +++ b/src/main/java/org/opensearch/security/action/whoami/TransportWhoAmIAction.java @@ -26,7 +26,7 @@ package org.opensearch.security.action.whoami; -import org.opensearch.action.ActionListener; +import org.opensearch.core.action.ActionListener; import org.opensearch.action.support.ActionFilters; import org.opensearch.action.support.HandledTransportAction; import org.opensearch.cluster.service.ClusterService; diff --git a/src/main/java/org/opensearch/security/action/whoami/WhoAmIResponse.java b/src/main/java/org/opensearch/security/action/whoami/WhoAmIResponse.java index ef61af5527..976e6d1238 100644 --- a/src/main/java/org/opensearch/security/action/whoami/WhoAmIResponse.java +++ b/src/main/java/org/opensearch/security/action/whoami/WhoAmIResponse.java @@ -28,7 +28,7 @@ import java.io.IOException; -import org.opensearch.action.ActionResponse; +import org.opensearch.core.action.ActionResponse; import org.opensearch.core.common.Strings; import org.opensearch.core.common.io.stream.StreamInput; import org.opensearch.core.common.io.stream.StreamOutput; diff --git a/src/main/java/org/opensearch/security/configuration/ConfigurationLoaderSecurity7.java b/src/main/java/org/opensearch/security/configuration/ConfigurationLoaderSecurity7.java index 3cf7ce534c..ac53895310 100644 --- a/src/main/java/org/opensearch/security/configuration/ConfigurationLoaderSecurity7.java +++ b/src/main/java/org/opensearch/security/configuration/ConfigurationLoaderSecurity7.java @@ -40,7 +40,7 @@ import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.opensearch.action.ActionListener; +import org.opensearch.core.action.ActionListener; import org.opensearch.action.get.GetResponse; import org.opensearch.action.get.MultiGetItemResponse; import org.opensearch.action.get.MultiGetRequest; diff --git a/src/main/java/org/opensearch/security/configuration/DlsFilterLevelActionHandler.java b/src/main/java/org/opensearch/security/configuration/DlsFilterLevelActionHandler.java index fa1c4989e0..099e27c238 100644 --- a/src/main/java/org/opensearch/security/configuration/DlsFilterLevelActionHandler.java +++ b/src/main/java/org/opensearch/security/configuration/DlsFilterLevelActionHandler.java @@ -25,7 +25,6 @@ import org.apache.logging.log4j.Logger; import org.opensearch.OpenSearchSecurityException; -import org.opensearch.action.ActionListener; import org.opensearch.action.ActionRequest; import org.opensearch.action.admin.cluster.shards.ClusterSearchShardsRequest; import org.opensearch.action.get.GetRequest; @@ -44,6 +43,7 @@ import org.opensearch.common.document.DocumentField; import org.opensearch.common.util.concurrent.ThreadContext; import org.opensearch.common.util.concurrent.ThreadContext.StoredContext; +import org.opensearch.core.action.ActionListener; import org.opensearch.index.IndexService; import org.opensearch.index.get.GetResult; import org.opensearch.index.mapper.MapperService; diff --git a/src/main/java/org/opensearch/security/configuration/DlsFlsRequestValve.java b/src/main/java/org/opensearch/security/configuration/DlsFlsRequestValve.java index 9bce6564dc..954461b43d 100644 --- a/src/main/java/org/opensearch/security/configuration/DlsFlsRequestValve.java +++ b/src/main/java/org/opensearch/security/configuration/DlsFlsRequestValve.java @@ -26,7 +26,7 @@ package org.opensearch.security.configuration; -import org.opensearch.action.ActionListener; +import org.opensearch.core.action.ActionListener; import org.opensearch.action.ActionRequest; import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.search.internal.SearchContext; diff --git a/src/main/java/org/opensearch/security/configuration/DlsFlsValveImpl.java b/src/main/java/org/opensearch/security/configuration/DlsFlsValveImpl.java index cf2e77a25f..14eaed4e0d 100644 --- a/src/main/java/org/opensearch/security/configuration/DlsFlsValveImpl.java +++ b/src/main/java/org/opensearch/security/configuration/DlsFlsValveImpl.java @@ -34,7 +34,7 @@ import org.opensearch.OpenSearchException; import org.opensearch.OpenSearchSecurityException; import org.opensearch.SpecialPermission; -import org.opensearch.action.ActionListener; +import org.opensearch.core.action.ActionListener; import org.opensearch.action.ActionRequest; import org.opensearch.action.DocWriteRequest; import org.opensearch.action.RealtimeRequest; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/AbstractApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/AbstractApiAction.java index aeeb4f1c92..6a1d011fd3 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/AbstractApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/AbstractApiAction.java @@ -22,7 +22,6 @@ import org.apache.logging.log4j.Logger; import org.opensearch.ExceptionsHelper; -import org.opensearch.action.ActionListener; import org.opensearch.action.index.IndexRequest; import org.opensearch.action.index.IndexResponse; import org.opensearch.action.support.WriteRequest.RefreshPolicy; @@ -42,6 +41,7 @@ import org.opensearch.rest.RestController; import org.opensearch.rest.RestRequest; import org.opensearch.rest.RestRequest.Method; +import org.opensearch.core.action.ActionListener; import org.opensearch.core.rest.RestStatus; import org.opensearch.security.DefaultObjectMapper; import org.opensearch.security.action.configupdate.ConfigUpdateAction; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/FlushCacheApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/FlushCacheApiAction.java index ad7e035d7c..9c36b971e7 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/FlushCacheApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/FlushCacheApiAction.java @@ -20,11 +20,11 @@ import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.opensearch.action.ActionListener; import org.opensearch.client.Client; import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.inject.Inject; import org.opensearch.common.settings.Settings; +import org.opensearch.core.action.ActionListener; import org.opensearch.rest.RestChannel; import org.opensearch.rest.RestController; import org.opensearch.rest.RestRequest; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/MigrateApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/MigrateApiAction.java index 73066666b9..9cb926497f 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/MigrateApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/MigrateApiAction.java @@ -22,7 +22,6 @@ import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.opensearch.action.ActionListener; import org.opensearch.action.admin.indices.create.CreateIndexResponse; import org.opensearch.action.bulk.BulkRequestBuilder; import org.opensearch.action.bulk.BulkResponse; @@ -32,6 +31,7 @@ import org.opensearch.client.Client; import org.opensearch.cluster.metadata.IndexMetadata; import org.opensearch.cluster.service.ClusterService; +import org.opensearch.core.action.ActionListener; import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.collect.Tuple; import org.opensearch.common.inject.Inject; diff --git a/src/main/java/org/opensearch/security/dlic/rest/support/Utils.java b/src/main/java/org/opensearch/security/dlic/rest/support/Utils.java index 34a8da8b9d..5a3392e2d4 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/support/Utils.java +++ b/src/main/java/org/opensearch/security/dlic/rest/support/Utils.java @@ -41,6 +41,7 @@ import org.opensearch.common.xcontent.XContentHelper; import org.opensearch.common.xcontent.XContentType; import org.opensearch.common.xcontent.json.JsonXContent; +import org.opensearch.core.xcontent.MediaTypeRegistry; import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.core.xcontent.ToXContent; import org.opensearch.core.xcontent.XContentParser; @@ -111,7 +112,12 @@ public static JsonNode convertJsonToJackson(ToXContent jsonContent, boolean omit pm.put("omit_defaults", String.valueOf(omitDefaults)); ToXContent.MapParams params = new ToXContent.MapParams(pm); - final BytesReference bytes = XContentHelper.toXContent(jsonContent, XContentType.JSON, params, false); + final BytesReference bytes = org.opensearch.core.xcontent.XContentHelper.toXContent( + jsonContent, + MediaTypeRegistry.JSON, + params, + false + ); return DefaultObjectMapper.readTree(bytes.utf8ToString()); } catch (IOException e1) { throw ExceptionsHelper.convertToOpenSearchException(e1); diff --git a/src/main/java/org/opensearch/security/filter/SecurityFilter.java b/src/main/java/org/opensearch/security/filter/SecurityFilter.java index e540d48512..06f2fae397 100644 --- a/src/main/java/org/opensearch/security/filter/SecurityFilter.java +++ b/src/main/java/org/opensearch/security/filter/SecurityFilter.java @@ -40,9 +40,9 @@ import org.opensearch.OpenSearchException; import org.opensearch.OpenSearchSecurityException; import org.opensearch.ResourceAlreadyExistsException; -import org.opensearch.action.ActionListener; +import org.opensearch.core.action.ActionListener; import org.opensearch.action.ActionRequest; -import org.opensearch.action.ActionResponse; +import org.opensearch.core.action.ActionResponse; import org.opensearch.action.DocWriteRequest.OpType; import org.opensearch.action.admin.cluster.snapshots.restore.RestoreSnapshotRequest; import org.opensearch.action.admin.indices.alias.Alias; diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/CCReplicationTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/CCReplicationTest.java index 697ed8f898..549486b784 100644 --- a/src/test/java/org/opensearch/security/dlic/dlsfls/CCReplicationTest.java +++ b/src/test/java/org/opensearch/security/dlic/dlsfls/CCReplicationTest.java @@ -23,10 +23,10 @@ import org.junit.Test; import org.opensearch.OpenSearchSecurityException; -import org.opensearch.action.ActionListener; +import org.opensearch.core.action.ActionListener; import org.opensearch.action.ActionRequest; import org.opensearch.action.ActionRequestValidationException; -import org.opensearch.action.ActionResponse; +import org.opensearch.core.action.ActionResponse; import org.opensearch.action.ActionType; import org.opensearch.action.IndicesRequest; import org.opensearch.action.IndicesRequest.Replaceable; diff --git a/src/test/java/org/opensearch/security/filter/SecurityFilterTest.java b/src/test/java/org/opensearch/security/filter/SecurityFilterTest.java index 3e9cfe4b5e..ea2978302e 100644 --- a/src/test/java/org/opensearch/security/filter/SecurityFilterTest.java +++ b/src/test/java/org/opensearch/security/filter/SecurityFilterTest.java @@ -21,8 +21,8 @@ import org.mockito.ArgumentCaptor; import org.opensearch.OpenSearchSecurityException; -import org.opensearch.action.ActionListener; -import org.opensearch.action.ActionResponse; +import org.opensearch.core.action.ActionListener; +import org.opensearch.core.action.ActionResponse; import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.settings.Settings; import org.opensearch.security.auditlog.AuditLog; diff --git a/src/test/java/org/opensearch/security/http/proxy/HTTPExtendedProxyAuthenticatorTest.java b/src/test/java/org/opensearch/security/http/proxy/HTTPExtendedProxyAuthenticatorTest.java index 085ea61668..d3bf10d943 100644 --- a/src/test/java/org/opensearch/security/http/proxy/HTTPExtendedProxyAuthenticatorTest.java +++ b/src/test/java/org/opensearch/security/http/proxy/HTTPExtendedProxyAuthenticatorTest.java @@ -36,7 +36,7 @@ import org.junit.Test; import org.opensearch.OpenSearchSecurityException; -import org.opensearch.action.ActionListener; +import org.opensearch.core.action.ActionListener; import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.settings.Settings; import org.opensearch.common.util.concurrent.ThreadContext;