- Upgraded Spring Security from 5.8.2 to 5.8.3
- Upgraded Spring Boot from 2.7.10 to 2.7.11 for Registry
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#7190.
- Removed unnecessary JSTL dependency and reference from Documentation JSP
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#7110.
- Switch from spotify docker-maven-plugin to fabric8 docker-maven-plugin
- Add consistency to docker maven image names and tags
- Other minor Dockerfile changes for consistency
This closes#7105
Signed-off-by: David Handermann <exceptionfactory@apache.org>
- Upgraded Ranger Hadoop dependencies from 3.3.3 to 3.3.5
- Aligned Iceberg Hadoop version with project Hadoop version
- Updated Atlas dependencies to align hadoop-hdfs-client version with hadoop-common
- Updated Ranger hadoop-auth version to align with other Hadoop dependencies
- Updated Spark Livy bundle to align with project Hadoop version
- Removed unnecessary dependencies from Hive Test Utilities
- Updated HBase 2 Woodstox Core from 5.3.0 to 5.4.0
- Suppressed false positive vulnerabilities for HBase client libraries
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#7097.
- Updated suppression configuration
- Upgraded Solr from 8.6.3 to 8.11.1 for Ranger
- Excluded Apache Ivy from Hive and Janus Graph dependencies
- Excluded Groovy from Hive tests
Signed-off-by: Joe Witt <joewitt@apache.org>
- Upgraded direct dependencies in Framework and Registry modules as well as Spark bundle
This closes#7073
This closes#7074
This closes#7075
Signed-off-by: David Handermann <exceptionfactory@apache.org>
- Replaced deprecated Matchers references with ArgumentMatchers
- Removed unnecessary Mockito versions for Registry
- Refactored test configuration to Java for mocking
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#7071.
- Updated Maven JAR plugin configuration for nifi-registry-data-model to include implementation version
This closes#7057
Co-authored-by: David Handermann <exceptionfactory@apache.org>
Signed-off-by: David Handermann <exceptionfactory@apache.org>
- Upgraded Spring Security from 5.8.0 to 5.8.2
- Upgraded Spring Boot from 2.7.6 to 2.7.9 for NiFi Registry
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#7067.
- Replaced OSUtils.getProcessId() with java.lang.Process.pid() available on Java 9 and following
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#6989.
- Updated GitHub workflows from Java 8 to 11
- Updated Maven Compiler Source and Target version from 1.8 to 11
- Disabled JASN1 tests failing on Windows with Java 11
This closes#6940
Co-authored-by: David Handermann <exceptionfactory@apache.org>
Signed-off-by: David Handermann <exceptionfactory@apache.org>
- Upgraded Logback from 1.2.11 to 1.3.5
- Updated Logback DelayingShutdownHook to DefaultShutdownHook
- Disabled Spring Boot Logging System in favor of standard Logback initialization
- Excluded logback-classic from ZooKeeper and other dependencies to avoid conflicts when running tests
- Excluded spring-boot-starter-logging to avoid failures related to Logback 1.2 and Spring Boot 2.7
- Removed ZooKeeperMigratorTest.groovy based on Apache Curator test server usage of Logback 1.2
NIFI-10580 Added logback-core as explicit dependency
- Set logback-core as provided in root configuration
- Added logback-core as compile dependency in assembly configurations
Signed-off-by: Joe Witt <joewitt@apache.org>
- Upgraded Spring Security from 5.7.5 to 5.8.0
- Upgraded Spring Boot from 2.7.4 to 2.7.6 for Registry
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#6737.
NIFI-10177: Addressed latest PR reviews. Reworded comments in the logout endpoint, use nifi registry properties to configure HTTP client timeouts for OIDC logout request, used NiFiUserUtils.getNiFiUserIdentity to retrieve identity used to delete the key
Signed-off-by: Nathan Gough <thenatog@gmail.com>
This closes#6637.
NIFI-9656 Change Docker images to use Java 11
This closes#6673
Signed-off-by: Chris Sampson <chris.sampson82@gmail.com>
Signed-off-by: David Handermann <exceptionfactory@apache.org>
- Added deprecation warnings for NiFi, Registry, and MiNiFi
- Added RuntimeVersionProvider for shared reference to deprecated and minimum versions
Signed-off-by: Nathan Gough <thenatog@gmail.com>
This closes#6648.
NIFI-9398 processor verification integration-tests for nifi-elasticsearch-restapi-processors using common nifi-elasticsearch-test-utils refactored from nifi-elasticsearch-client-service
NIFI-9398 fail index exists verification for Elasticsearch processors whose operations would not create the index if it doesn't already exist
This closes#6544
Signed-off-by: Mike Thomsen <mthomsen@apache.org>
NIFI-10691 Removed duplicate Bouncy Castle dependencies from nifi-standard-processors
This closes#6571
Signed-off-by: David Handermann <exceptionfactory@apache.org>
- Upgraded Jettison in nifi-framework-bundle
- Upgraded Jettison in nifi-registry-ranger
- Upgraded Jettison in nifi-spark-bundle
This closes#6548
This closes#6549
This closes#6550
Signed-off-by: David Handermann <exceptionfactory@apache.org>
- Added nifi-security-ssl for generalized SSLContext creation
- Removed static keystore and truststore test files from nifi-registry-jetty
Signed-off-by: Nathan Gough <thenatog@gmail.com>
This closes#6514.
- Corrected nifi-registry-assembly configuration avoiding inclusion of libraries from nifi-registry-ranger-assembly when building with include-ranger
This closes#6481
Signed-off-by: David Handermann <exceptionfactory@apache.org>
- Excluding these configurations avoids unexpected runtime behavior when running Registry with the Apache Ranger plugin
Signed-off-by: Joe Witt <joewitt@apache.org>
- Replaced individual AWS SDK versions with root managed dependency version
- Set AWS SDK 1 version to 1.12.299
- Set AWS SDK 2 version to 2.17.270
- Suppressed false positive dependency vulnerability for aws-sdk-swf-libraries
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#6405.
- Moved refresh of Registry Configuration to checkLogin functions
- Refreshing Registry Configuration allows the user interface to reflect the correct status for OIDC and other authentication strategies
Signed-off-by: Nathan Gough <thenatog@gmail.com>
This closes#6295.
- Adding AWS SDK to list of included dependencies in Registry SPP directory avoids NoClassDefFound errors with encrypt-config
This closes#6309
Signed-off-by: David Handermann <exceptionfactory@apache.org>
- Added managed dependency in root Maven configuration
- Removed different versions from other Maven configurations
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#6284.
- Upgraded multiple GitHub Actions from Version 2 to 3
- Replaced Maven Cache step with cache feature in Setup Java Action
- Moved checkstyle and license checks from verify to validate phase in Maven execution
- Removed unnecessary contrib-check profile from nifi-registry
This closes#6202
Signed-off-by: Paul Grey <greyp@apache.org>
- Upgraded Spring Security from 5.7.1 to 5.7.2
- Upgraded Spring Boot from 2.7.0 to 2.7.1 for NiFi Registry
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#6165.
- Excluded slf4j-reload4j implementation of Log4j 1
- Updated nifi-hive3-processors to leverage shared Hadoop version from 3.1.1
- Updated nifi-accumulo-bundle to leverage shared Hadoop version from 3.1.1
- Updated nifi-atlas-bundle to leverage shared Hadoop version from 3.3.2
- Updated nifi-spark-receiver to leverage shared Hadoop version from 3.3.2
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#6139.
- Removed duplicate plugin configuration in nifi-registry
- Removed maven-failsafe-plugin override in nifi-elasticsearch-client-service
- Removed failing test ResourceAuthorizationFilterSpec in nifi-registry-web-api
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#6132.
- Upgraded Spring Security from 5.6.3 to 5.7.1
- Upgraded Spring Boot from 2.6.7 to 2.7.0 for NiFi Registry
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#6095.
* NIFI-9958 Implemented Sensitive Dynamic Properties
- Added SupportsSensitiveDynamicProperties annotation for components
- Added optional sensitive query parameter to Property Descriptor REST Resource methods
- Added system tests for components supporting sensitive dynamic properties
- Updated REST Resources to support Sensitive Dynamic Property Names
- Updated Documentation Writer to indicate component support for Sensitive Dynamic Properties
- Updated InvokeHTTP to support Sensitive Dynamic Properties
- Updated Auditor components to handle masking Sensitive Dynamic Properties
* Refactored Property Descriptor REST method handling
- Corrected AbstractDocumentationWriter evaluation of support for sensitive dynamic properties
- Refactored Controller Service Dynamic Properties system tests to new class
* Updated AbstractComponentNode.getProperties() to get canonical descriptor
* NIFI-10001: Fixed issue in which some components may fail to update the scheduled state when comparing flows
* NIFI-10001: Fixed bugs that caused some components to not have their scheduled state updated. When comparing two flows, now allow specifying how to determine a VersionedComponent's ID for comparison. When comparing local flow against flow from registry, use Versioned Component ID. But when comparing two instantiated flows, such as local flow vs. cluster flow, use the VersionedComponent's Instance ID instead. This ensures that we can properly compare two components even if there are several instances of a given flow
- Downgraded Jakarta Activation from 2.0.1 to 1.2.2 in nifi-bootstrap
- Updated assembly configurations to include Jakarta Activation in java11 directory
- Upgraded MySQL from 8.0.15 to 8.0.29
- Upgraded MariabDB from 2.4.1 to 3.0.4
- Upgraded PostgreSQL from 42.2.19 to 42.3.5
- Removed unsupported database version references from project README.md
- Added MariaDB 10.3 to list of Registry examples
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#6033.
- Removed version declarations from multiple modules
- Adjusted PutDynamoDB to remove catch for IOException not thrown in Commons IO 2.11.0
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#6015.
- Upgraded Spring Security from 5.6.2 to 5.6.3
- Upgraded Log4j 2 from 2.17.1 to 2.17.2
- Upgraded Spring Boot from 2.6.6 to 2.6.7 for NiFi Registry
Signed-off-by: Joe Witt <joewitt@apache.org>
- The nifi-xml-processing library is not provided in the nifi-registry lib directory
- The nifi-xml-processing library must be available to the instance ClassLoader for the RangerAuthorizer
This closes#5994.
Signed-off-by: Peter Turcsanyi <turcsanyi@apache.org>
- Removed unnecessary references to jackson.version property
- Removed unnecessary dependency management references to Jackson libraries
This closes#5992
Signed-off-by: Mike Thomsen <mthomsen@apache.org>
* NIFI-9883 Refactored property protection to isolated ClassLoader
- Added nifi-property-protection-loader for abstracting access to implementation classes using ServiceLoader
- Updated Authorizer and Login Identity Provider configuration using isolated ClassLoader
- Updated NiFi Properties Loader using isolated ClassLoader
- Updated nifi-assembly to place property protection dependencies in lib/properties directory
- Updated and refactored unit tests
- Corrected LoginIdentityProviderFactoryBean getObject() Type
- Refactored XML parsing to use providers from nifi-xml-processing
- Configured spotbugs-maven-plugin with findsecbugs-plugin in nifi-xml-processing
- Disabled Validate DTD in default configuration for EvaluateXPath and EvaluateXQuery
- Replaced configuration of DocumentBuilder and streaming XML Readers with shared components
- Removed XML utilities from nifi-security-utils
- Moved Commons Configuration classes to nifi-lookup-services
This closes#5962
Signed-off-by: Paul Grey <greyp@apache.org>
exceptionfactory
timeabarna
Pierre Villard
Chris Sampson
mr1716
Kevin Doran
Joe Witt
dependabot[bot]
Mark Bean
simonbence
Ryan Van Den Bos
Scott Aslan
mkalavala
Emilio Setiadarma
Nissim Shiman
Justin Rittenhouse
Bryan Bende
Dominique Jean-Prost
Mark Payne
Nathan Gough
Shawn Weeks
Peter Gyori
UcanInfosec
Jeremy Snyder
dan-s1
Zoltan Kornel Torok
Andrew Lim
Joe Gresock
nathluu
Julien Guitton
Zoltan Kornel Torok
Gabor Kulik
Matthew Burgess
Matthieu Bertin
Bryan Bende
Hervé Boutemy
Jonathan Conti-Vock
Mike Thomsen