- SensitiveValueEncoder and SecureHasher are no longer required following the removal of support for flow.xml.gz
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#7873.
- Created NIFI-12203 to evaluate issues with flow comparison surfaced in JoinClusterWithDifferentFlow
This closes#7661
Signed-off-by: David Handermann <exceptionfactory@apache.org>
- Imported nifi-bom to nifi-commons and nifi-nar-bundles parent modules
- Removed explicit version and scope properties for dependencies declared in nifi-bom
Revamped RuleViolationsManager and FlowAnalyzer handling to make sure no issue occurs when these are not set. Fix ResourceNotFoundException: When determining the subject permissions for a rule violation the type of the subject is now known, so we try to lookup all possible types. Non-matching tpyes throw a ResourceNotFoundException exception though. Going to ignore those.
This closes#7809
Signed-off-by: David Handermann <exceptionfactory@apache.org>
- Removed Security.addProvider() references from several tests
- Refactored KeyStoreUtils to use instance of BouncyCastleProvider instead of BC provider name string
- Refactored MiNiFi references to pass BouncyCastleProvider for BCFKS
Signed-off-by: Joseph Witt <joewitt@apache.org>
- Set getClusterNodeProtocolMaxPoolSize method reference in place of deprecated getClusterNodeProtocolThreads
Signed-off-by: Joseph Witt <joewitt@apache.org>
Fixed issue in logic of LocalComponentLifecycle, which was waiting for all PGs to reach desired stateless run schedule, even when the group itself was not stateless
Fixed JavaScript to specify correct value for recursivity when updating process group parameter context
- Extracted common logic from setState() and replace() into modifyState()
- Removed redundant code from createNode() because exceptions are handled on the caller side
- NodeExistsException and InterruptedException are handled in setState() and replace()
- Also used KeeperException's subclasses instead of KeeperException.code()
This closes#7324
Signed-off-by: David Handermann <exceptionfactory@apache.org>
- Updated component references to remove use of Object[] wrapping for log methods
This closes#7748
Signed-off-by: David Handermann <exceptionfactory@apache.org>
- Adjusted Groovy Maven coordinates to org.apache.groovy
- Adjusted build configuration and tests for Groovy 4
This closes#7692
Signed-off-by: David Handermann <exceptionfactory@apache.org>
- Upgraded SLF4J from 2.0.7 to 2.0.9
- Upgraded Logback from 1.3.8 to 1.3.11
- Upgraded Testcontainers from 1.18.3 to 1.19.0
- Upgraded Fabric8 Kubernetes from 6.5.1 to 6.8.1
- Upgraded AspectJ from 1.9.19 to 1.9.20.1
- Upgraded Caffeine from 3.1.6 to 3.1.8
- Upgraded AWS SDK from 2.20.103 to 2.20.148
- Upgraded Guava from 32.0.1 to 32.1.2
- Upgraded Nimbus JOSE JWT from 9.31 to 9.33
- Upgraded Apache Tika from 2.8.0 to 2.9.0
- Upgraded gRPC from 1.57.2 to 1.58.0
- Upgraded Google Libraries from 26.17.0 to 26.22.0
- Upgraded Azure SDK from 1.2.13 to 1.2.16
This closes#7733
Signed-off-by: David Handermann <exceptionfactory@apache.org>
- Added org.spockframework to the list of banned dependencies
- Removed several other Groovy tests and associated build profiles
Signed-off-by: Joseph Witt <joewitt@apache.org>
- Changed default value of nifi.web.https.application.protocols to include both h2 and http/1.1
- Changed default value of nifi.registry.web.https.application.protocols to include both h2 and http/1.1
- Updated HostHeaderHandler logging
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#7684.
* NIFI-10904 Changed the font color for dropdown menus to avoid the appearance of menu items being disabled
* NIFI-10904 Changed the CSS tag used to set the color of the dropdown menu text
* NIFI-10904 Used a new css class to set the color of dropdown options
* nifi-10904 Changed the css class for create/reference drop down menu items.
Merged #7502 into main.
- Added nifi-security-cert for reusable components without dependencies
- Added nifi-security-cert-builder for certificate generation
Signed-off-by: Matt Burgess <mattyb149@apache.org>
This closes#7651
- Added new extensible Component Type: FlowAnalysisRule
- Added DisallowComponentType Rule implementation
- Flow Analysis Rules can be managed from the UI under Controller Settings -> Flow Analysis Rules
- Flow Analysis Rules can be set up with an enforcement policy of WARN or ENFORCE
- Flow Analysis Rules can evaluate an individual Component or a Process Group
This closes#7191
Signed-off-by: David Handermann <exceptionfactory@apache.org>
- Updated Jetty WebSocket components using Jetty 10 components
- Upgraded Solr components from 8.11.2 to 9.2.1 to align with Jetty 10 dependencies
Signed-off-by: Matt Burgess <mattyb149@apache.org>
This closes#7622
* NIFI-11303 Added a go-to entry on the right click context menu for the provenance lineage tree to take you to the specified component in the graph
* nifi-11303 Removed unused variable.
Merged #7461 into main.
When shutting down FlowController, wait up to gracefulShutdownSeconds seconds for the components to stop before shutting down thread pools. This allows for asynchronous operations such as disableControllerServicesAsync to complete during shutdown. Updated StandardStatelessFlow so that on shutdown it catches more general Exception to ensure that shutdown succeeds
Ensure that Max Concurrent Tasks cannot be set less than 1 for stateless group; fixed typo in ProcessGroupDTO's docs; on shutdown, we may need to disable controller services asynchronously. At that point, the thread pool used to do so may already be shutdown. If so, catch this and create a new single-thread pool, disable the service, and immediately shutdown the pool. Also, if we fail to disable services on shutdown of a stateless flow, instead of throwing an Exception, just log it and move on - it doesn't make much sense for shutdown() to throw an Exception in that case.
Updated system tests so that when emptying a queue, we check the result and if the queue still has data (because a Processor hasn't acknowledged the data, for example) then continue issuing request until the queue fully becomes empty.
When shutting down input/output ports for stateless group, ensure that we wait for the ports' active threads to complete before returning
When stopping StatelessGroupNode, ensure that all the Processors, Controller Services (even those not executed by the Stateless Engine) are stopped/disabled before considering the Stateless Group to be fully STOPPED.
This closes#7253
Signed-off-by: David Handermann <exceptionfactory@apache.org>
- Updated QuestDB Status Repository shutdown method to cancel scheduled tasks before immediate shutdown of Scheduled Executor Service
- Updated QuestDB Scheduled Tasks to include initial delay to avoid unnecessary execution when starting
- Updated QuestDB test class to minimize logging for QuestDB 7
- Improved logging and exception messages
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#7564.
Added documentation to indicate how to debug Python side of nifi framework, as well as debugging Python processors themselves using VSCode's Remote debugger.
This also provides the ability to launch the Controller process in such a way that it will listen to incoming remote debug connections.
This closes#7469
Signed-off-by: David Handermann <exceptionfactory@apache.org>
When waiting for all controller services to reach the desired status in the ClusterReplicationComponentLifecycle component, return immediately if there are no services to wait for. Otherwise, request that referencing components not be included in the return value of the Controller Services
This closes#7493
Signed-off-by: David Handermann <exceptionfactory@apache.org>
- Added StandardOidcUserService supporting fallback claim names
- Updated StandardClientRegistrationProvider to use standard Subject claim
- Updated OIDC Security Configuration to use customized OidcUserService for claim handling
Signed-off-by: Joe Gresock <jgresock@gmail.com>
This closes#7468.
- Replaced Jetty KeyStoreScanner and custom TrustStoreScanner with shared StoreScanner
- New StoreScanner uses TLS Configuration to reload SSLContext instead of relying on Jetty SslContextFactory properties
This closes#7446
Signed-off-by: David Handermann <exceptionfactory@apache.org>
- Removed hamcrest-all from default dependencies
- Added groovy-test to selected modules with Groovy test classes
- Added junit-vintage-engine to selected modules with JUnit 4 test classes
- Corrected references to JUnit 4 assertions in JUnit 5 test classes
- Removed several unnecessary test classes from nifi-socket-utils
- Removed duplicative Registry toolkit test classes
- Removed Kudu integration tests
NIFI-11532 Corrected scope for junit-vintage-engine for Elasticsearch
Signed-off-by: Matt Burgess <mattyb149@apache.org>
This closes#7233
- Resolved BufferOverflowException in PeerChannel with Bouncy Castle Provider
- Changed prepareForWrite() to use Destination Buffer remaining instead of Application Buffer Size
- Changed encrypt() to Packet Buffer Size instead of Application Buffer Size
Rather than creating many FlowFiles with the same Content Claim, refactored content repos' OutputStreams and ClaimWriteCache so that a new ContentClaim is created for each FlowFile. This ensures that we have a content claim offset of 0. The poor performance was due to having to use StreamUtils.skip() in conjunction with the CipherInputStream, which would only skip a max of 511 bytes at a time. By using a separate Content Claim per FlowFile, we no longer need to seek after creating the CipherInputStream
This closes#7363
Signed-off-by: David Handermann <exceptionfactory@apache.org>
exceptionfactory
Bence Simon
timeabarna
Bryan Bende
Nissim Shiman
Mark Payne
Tamas Palfy
Joe Gresock
Emilio Setiadarma
Joe Witt
Pierre Villard
Nandor Soma Abonyi
Peter Turcsanyi
Timea Barna
Matt Burgess
Peter Turcsanyi
Freedom9339
Tamas Palfy
Ferenc Kis
mr1716
Mike Thomsen
Yolanda M. Davis
dan-s1
simonbence
siddr