NIFI-11310: Fixed META-INF/services file that was mistakenly listing an extra extension point, due to rebase
Signed-off-by: Matthew Burgess <mattyb149@apache.org>
This closes#7061
* NIFI-10975 Added Kubernetes Leader Election and State Provider
- Added Kubernetes Leader Election Manager based on Kubernetes Leases
- Added Kubernetes State Provider based on Kubernetes ConfigMaps
- Added nifi-kubernetes-client for generalized access to Fabric8 Kubernetes Client
- Added nifi.cluster.leader.election.implementation Property defaulting to CuratorLeaderElectionManager
- Refactored LeaderElectionManager to nifi-framework-api for Extension Discovering Manager
- Refactored shared ZooKeeper configuration to nifi-framework-cluster-zookeeper
* NIFI-10975 Updated Kubernetes Client and StateMap
- Upgraded Kubernetes Client from 6.2.0 to 6.3.0
- Added getStateVersion to StateMap and deprecated getVersion
- Updated Docker start.sh with additional properties
* NIFI-10975 Corrected MockStateManager.assertStateSet()
* NIFI-10975 Upgraded Kubernetes Client from 6.3.0 to 6.3.1
* NIFI-10975 Corrected unregister leader and disabled release on cancel
* NIFI-10975 Corrected findLeader handling of Lease expiration
- Changed LeaderElectionManager.getLeader() return to Optional String
* NIFI-10975 Corrected StandardNiFiServiceFacade handling of Optional Leader
* NIFI-10975 Changed getLeader() to call findLeader() to avoid stale cached values
* NIFI-10975 Updated LeaderElectionCommand to run LeaderElector in loop
* NIFI-10975 Rebased on project version 2.0.0-SNAPSHOT
* NIFI-10975 Corrected Gson and AspectJ versions
- Updated versions to match current main branch and avoid reverting
- Moved StringUtils from nifi-properties to nifi-property-utils
- Moved Peer Identity methods from CertificateUtils to specific Site-to-Site classes
Signed-off-by: Joe Gresock <jgresock@gmail.com>
This closes#6977.
NIFI-11192: If a failure is encountered when changing the version of a flow from 1 version to another, attempt to rollback the changes instead of just failing with the flow in a bad state
Signed-off-by: Matthew Burgess <mattyb149@apache.org>
This closes#6981
- Removed unnecessary references to PropertyEncryptor from multiple framework components
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#6962.
- Updated TestAttributesToCSV with LinkedHashMap for deterministic test behavior
- Updated TestHttpFlowFileServerProtocol with adjusted checksums to match expectations from LinkedHashMap changes
This closes#6748
Signed-off-by: David Handermann <exceptionfactory@apache.org>
This closes#6750
Signed-off-by: David Handermann <exceptionfactory@apache.org>
Co-authored-by: Chris Sampson <12159006+ChrisSamo632@users.noreply.github.com>
- Upgraded Logback from 1.2.11 to 1.3.5
- Updated Logback DelayingShutdownHook to DefaultShutdownHook
- Disabled Spring Boot Logging System in favor of standard Logback initialization
- Excluded logback-classic from ZooKeeper and other dependencies to avoid conflicts when running tests
- Excluded spring-boot-starter-logging to avoid failures related to Logback 1.2 and Spring Boot 2.7
- Removed ZooKeeperMigratorTest.groovy based on Apache Curator test server usage of Logback 1.2
NIFI-10580 Added logback-core as explicit dependency
- Set logback-core as provided in root configuration
- Added logback-core as compile dependency in assembly configurations
Signed-off-by: Joe Witt <joewitt@apache.org>
Correcting EmbeddedQuestDbStatusHistoryRepositoryForComponentsTest
Correcting TestQueryNiFiReportingTask
Signed-off-by: Matthew Burgess <mattyb149@apache.org>
This closes#6869
- Updated impacted classes to remove redundant import lines
- Removed WebUtilsGroovyTest.groovy class due to use of internal sun.security classes
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#6804.
- NIFI-10981 Ensure NarAutoLoader starts after provider retrieves NARs, and ensure the auto-loader attempts to process any NARs available before starting to watch for new files
- Add system test with NAR Provider that copies NARs from a local directory and verifies the NARs were loaded and linked correctly
- Exclude new assembly from CI test-compile
- Update manifests assembly to include the additionaDetails.html files
- Update C2 ExtensionDefinition to add a new field for additional details content
- Update manifest generation to read the additional details and pass through to C2 runtime manifest
- Switch to boolean to indicate presence of additional details, instead of including content
Add additionalDetails files to nifi-runtime-manifest artifact, organized by group/artifact/version/type
Signed-off-by: Matthew Burgess <mattyb149@apache.org>
This closes#6767
- Added Commons Net to managed dependencies in root Maven configuration
- Removed version references to 3.3 in MiNiFi and 3.6 in NiFi standard modules
Signed-off-by: Joe Witt <joewitt@apache.org>
* display description for selected flow
* NIFI-10814: add border when content overflows and increase height
* NIFI-10814: add padding to description
* NIFI-10814: remove duplicate CSS property from declaration block
* NIFI-10814: a few more CSS tweaks
This closes#6693
NifiRegistryFlowRegistryClient defines the PropertyDescriptor PROPERTY_URL name as small case "url". The map bases on the name property of the PropertyDescriptor object. Here searching with uppercase value of "URL" causes the map lookup to fail and cause a NPE later on. Therefore, it is changed as "url"
NIFI-10787 - Added constant for property descriptor "url" in NiFiRegistryFlowMapper to make it more clear.
NIFI-10787 - Added change to unit test.
NIFI-10787 - Updated unit test to validate that NiFi registry url is being set and retrieved.
Signed-off-by: Nathan Gough <thenatog@gmail.com>
This closes#6655.
NIFI-10703 - Also setting the maxEventDrivenThreadCount on the controller when using a versioned flow.
NIFI-10703 - Corrected to use getMaxEventDrivenThreadCount(), set a default value for event driven thread count in VersionedDataflow
NIFI-10703 - Updated log message for setMaxThreadCount in FlowController.java
NIFI-10703 - Updated default value for maxEventDrivenThreadCount
NIFI-10703 - Set private for DEFAULT_MAX_EVENT_DRIVEN_THREAD_COUNT
Signed-off-by: Matthew Burgess <mattyb149@apache.org>
This closes#6638
NIFI-9398 processor verification integration-tests for nifi-elasticsearch-restapi-processors using common nifi-elasticsearch-test-utils refactored from nifi-elasticsearch-client-service
NIFI-9398 fail index exists verification for Elasticsearch processors whose operations would not create the index if it doesn't already exist
This closes#6544
Signed-off-by: Mike Thomsen <mthomsen@apache.org>
- Only restart ports if their scheduledState is Running.
- Adding unit tests.
- Fixing unit test to properly verify Port isn't restarted.
Signed-off-by: Nathan Gough <thenatog@gmail.com>
This closes#6582.
- Upgraded Jettison in nifi-framework-bundle
- Upgraded Jettison in nifi-registry-ranger
- Upgraded Jettison in nifi-spark-bundle
This closes#6548
This closes#6549
This closes#6550
Signed-off-by: David Handermann <exceptionfactory@apache.org>
- Added org.apache.commons.text.version property in root Maven configuration
- Removed direct version references in favor of managed dependency version
Signed-off-by: Nathan Gough <thenatog@gmail.com>
This closes#6531.
- Updated XmlFlowSynchronizer to filter parsed Sensitive Dynamic Property Names using dynamic status of component Property Descriptor
- Lack of access to the Component Property Descriptor when parsing DOM elements required subsequent dynamic status filtering
- Corrected logging statements with placeholders instead of concatenation
- Removed unused NiFiServerStub
Signed-off-by: Matthew Burgess <mattyb149@apache.org>
This closes#6513
* NIFI-10577 Fixed Sensitive Checkbox rendering for Fetch Parameters
- Corrected rendering of Sensitive status checkbox on Firefox using standard nf-checkbox
* NIFI-10577 Corrected canvas rendering in Safari
Merged #6473 in main.
* NIFI-10566: update availability text in Controller Settings
- fix link in controller service referencing a parameter provider
* add Registry Clients to the availability message
This closes#6463
Adding provided scope to api dependency in nifi-standard-parameter-providers module
Adding additional documentation, other minor code cleanup
Correcting error handling in StandardParameterProviderNode, updating additional details for DatabaseParameterProvider
Correcting null columm value handling
NIFI-9402: Fixed Checkstyle violation
Signed-off-by: Matthew Burgess <mattyb149@apache.org>
This closes#6391
* NIFI-10542: set sensitivity for new parameters in a synced parameter context
* show removed or missing but referenced parameters with tooltip in the selectable parameters table
- remove default parameter value
* address review feedback
- fix showing a referencing icon for a missing but removed parameter
* fix discovering new parameters
This closes#6446
* init commit
* remove test string
* display only class name for types combo
* remove commented code
* add UI support for dynamic properties
* add support for controller services
* address review feedback:
* fix syntax error
* remove console logs
* move contents of editRegistry into callback
* add name and description fields back to edit dialog
* add referencing component logic for registry clients
* implement reload logic
* more review findings
* increase size of description textarea in config
* remove location column from registry table
* remove commented out code
* post-rebase tweaks
* change if condition from assignment to evaluation
* add missing semicolons
* refactor new registry initialization into function
* more feedback addressed
* fix rebase error around controller service reference
* render registry references in their own list
* remove duplicate updateValidationError function
* remove TODO comment
* expose reload through nfSettings public variable
* show add registry dialog only after available types returns
* fix css class name
This closes#6437
* NIFI-9514 - Add UI support for Parameter Providers in Controller Services
* - Fix a dialog closing issue
* - Hide fetch parameters button if there are config errors
* - Update Fetch Parameters dialog with new UX
- Implement checkbox logic for Selectable Parameters table
* - add createNewParameterContext property to track if group will be created as a new parameter context
- update fetch parameters dialog views for editing and after applying changes
- show affected referencing components after applying changes
- disable apply button if no parameter contexts will be updated
- refactor showing and hiding fetched parameters and selectable parameters tables logic
- add tooltip for parameter context icon
* - update parameter contexts view for provided contexts
* - add affected referencing components after applying fetched parameters
- add referencing parameter contexts to the provider settings tab
- update checkbox style in the selectable parameters table
- fix updating the referencing components border
- fix lint errors
* - fix selectable parameters table checkbox styles
* - fix hasParameterContextChanged checks
- checkbox style tweaks
* - add status bar to fetch parameters dialog
* - more style tweaks and remove unnecessary code
* - fix the selectable parameters table not saving and loading correctly
* - add tooltips
- fix styles
* - link from the parameter context to the associated parameter provider
* 9514: support navigating to the controller service created in parameter providers
* fix bulletins format in status bar
* address review feedback
- manage permissions for parameter providers
- disable/enable Fetch Parameters dialog Apply button
* manage authorizations to access parameter providers and parameter contexts
* fix lint errors
* fix and refactor hasGroupsChanged to determine the Apply button state
* new parameter context name input cannot be empty in Fetch Parameters dialog
* address review feedback
* fix duplicate code
* more fixes
* update fetch parameters checkbox states
* replace slickgrid checkbox selection plugin with custom implementation for different selection types
- check for affected parameters using the parameter status
* fixed showing the correct referencing components when switching groups
* fixed selectable parameters table shifting contents on row selection
* leverage slickgrid onClick to set user-selected parameter sensitivities in the selectable parameters table
* fix statusbar bulletins in processor details
- fix updating borders for referencing components
- update referencing parameter icon
- update table title in fetch parameters dialog
* address review feedback
* populate controller services referencing components of a referenced provider
- update controller services tab name
* showing parameter providers in CS controller service
* update tooltip messages in fetch parameters dialog
- fix dialog height to make room for the status bar
* reload the parameter providers table after a referenced parameter provider change in controller services
- fix conditions for enabling/disabling fetch parameters dialog Apply button
- add affected components no permissions message in the dialog
* fix always reloading the parameter providers table
- fix disableApplyButton checks
- add dialog message for a missing new parameter context name
* remove extra reload
* more fixes for disableApplyButton
- fixed styles for dialog message
* add a check in disableApplyButton for changed parameter values that are not referenced
- add changed value icon for parameters that are not referenced
- fix border on the referencing affected components container
* removed unnused plugins
This closes#5671
* NIFI-10473: Removing referencing components check on param provider fetch
* NIFI-10473: Adding parameter status DTO to ParameterProviderDTO
* Allowing parameterStatus to be populated even when no parameters were updated
* Adding ParameterStatus enum for parameter fetching
* Adding MISSING_BUT_REFERENCED ParameterStatus
This closes#6388
- NIFI-10518: Adding intended state to ScheduledStateChangeListener
- Notifying of scheduled state change when transitionComponentState is called
- Notifying scheduled state change when reporting task state is changed
- Notifying scheduledState changes for remote group port start/stop components calls
- Removing org.apache.httpcomponents:httpclient from nifi-web-api avoids Linkage Errors with Sensitive Property Providers
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#6423.
- Updated Admin Guide with section on Logging Configuration and Deprecation Logging
- Updated Developer Guide with section on Deprecating Components and Features
- Added Deprecation Logging when adding components marked with DeprecationNotice to the Flow Configuration
- Added Deprecation Logging on deprecated methods in standard Controller Service implementations
- Removed integration tests for deprecated PersistentProvenanceRepository
- Updated logging and added documentation on minor upgrade steps
- Updated logging for HDFSNarProvider and RocksDB Repository
This closes#6390
Signed-off-by: Paul Grey <greyp@apache.org>
- Updated standard user interface error handler to clear the Access-Token-Expiration item from Session Storage when receiving an error with the WWW-Authenticate Header indicating a problem with the Bearer Token
Signed-off-by: Nathan Gough <thenatog@gmail.com>
This closes#6334.
- Added nifi-deprecation-log module with interface and implementation using SLF4J
- Updated standard logback.xml with nifi-deprecation.log appender
- Updated NiFiLegacyCipherProvider with deprecation logging
- Set Size, Time Policy, and Total Size Limit for Deprecation Log
This closes#6300
Signed-off-by: Paul Grey <greyp@apache.org>
Fixed bug where ProcessGroup would inadvertently set the wrong component's Versioned Component ID to null when there was an ID conflict
This closes#6314
Signed-off-by: David Handermann <exceptionfactory@apache.org>
- Added managed dependency in root Maven configuration
- Removed different versions from other Maven configurations
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#6284.
- Appended root path to Cookie path attribute when removing Bearer Tokens as part of unauthorized response handling
- Updated Saml2AuthenticationSuccessHandler to follow standard Cookie path building strategy
Signed-off-by: Nathan Gough <thenatog@gmail.com>
This closes#6278.
NIFI-10277 Changed failure test to throw SocketException
NIFI-10277 Increased timeout to 30 seconds and moved verify method
Signed-off-by: Joe Witt <joewitt@apache.org>
- Added Standard AuthenticationEntryPoint
- Configured AuthenticationEntryPoint for SecurityFilterChain and BearerTokenAuthenticationFilter
Signed-off-by: Nathan Gough <thenatog@gmail.com>
This closes#6233.
- Migrate tests in nifi-framework-mark-loading-utils to JUnit5
- Annotate tests that use x86_64 native binaries to be conditional on x86_64 os.arch
This closes#6215
Signed-off-by: David Handermann <exceptionfactory@apache.org>
- Removed extension of deprecated WebSecurityConfigurerAdapter
- Moved Filter bean configuration associated configuration classes
- Set default Spring Security log level to INFO
- Adjusted CSRF Token Repository to leverage simplified RequestUriBuilder for retrieving allowed context paths
Signed-off-by: Nathan Gough <thenatog@gmail.com>
This closes#6195
- Bump version to 6.29.5 for arm64 compatibility
- Extract RocksDBFlowFileRepository and supporting code to its own module
- Mark RocksDBFlowFileRepository as deprecated, both in code and documentation
- Log deprecation warning at startup if RocksDBFlowFileRepository is used
- Move native RocksDB info logs to NiFi debug level logs
This closes#6155
Signed-off-by: David Handermann <exceptionfactory@apache.org>
- Corrected handling of documentation for allowable values
NIFI-10162 Updated Multipart Form-Data Name description
This closes#6163.
Signed-off-by: Kevin Doran <kdoran@apache.org>
- Increased bootstrap heap size from 24 MB to 48 to avoid heap constraints when using HTTP notifications
This closes#6161
Signed-off-by: David Handermann <exceptionfactory@apache.org>
- Updated SAML Authentication Configuration with Spring Security SAML 2 components
- Updated Administration Guide with REST Resources
- Replaced SAMLAccessResource methods with applicable Spring Security Filters
- Removed IDP Credential Service and supporting components
- Removed message.logging.enabled, metadata.signing.enabled, and signature.digest.algorithm properties
- Added Access Token Expiration resource method
- Removed Saml2AccessResource and replaced with Access Token Expiration to avoid unnecessary conflicts with SAML login consumer
- Corrected Resource URI handling to support proxy server access
Signed-off-by: Nathan Gough <thenatog@gmail.com>
This closes#6149.
- Removed direct dependency on metadata-extractor to inherit newer transitive version
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#6140.
- Implemented MiNiFi C2 client using OkHttp
- Refactored MiNiFi bootstrap command handling and socket communication
- Added C2 Client Service to nifi-framework-core
This closes#6075
Co-authored-by: Matthew Burgess <mattyb149@apache.org>
Co-authored-by: Csaba Bejan <bejan.csaba@gmail.com>
Co-authored-by: Ferenc Erdei <ferdei@cloudera.com>
Signed-off-by: David Handermann <exceptionfactory@apache.org>
- Added nifi.web.https.application.protocols property
- Set default protocol to HTTP/1.1 and provided documentation for enabling HTTP/2
- Changed StandardALPNProcessor handshakeFailed log to debug
Signed-off-by: Joe Gresock <jgresock@gmail.com>
This closes#6093.
* NIFI-9960 Added documentation for Sensitive Dynamic Properties
- Updated User Guide with Add Property details
- Updated Developer Guide with annotation configuration details
- Updated Document Writer to indicate Supports Sensitive Dynamic Properties status
* NIFI-9960 Adjusted User Guide wording based on feedback
* NIFI-9959 Added UI Support for Sensitive Dynamic Properties
- Added SupportsSensitiveDynamicProperties to DBCPConnectionPool and ScriptedReportingTask
* NIFI-9959 Added sensitive parameter argument for Controller Service descriptors
* NIFI-9959 Adjusted sensitive property descriptor handling to support changing status
* NIFI-9959 Added info icon for Sensitive Value field
* NIFI-9959 Corrected handling of descriptor for existing dynamic properties
* NIFI-9959 Cleaning up dialog markup.
Co-authored-by: Matt Gilman <matt.c.gilman@gmail.com>
This closes#6073
* NIFI-9958 Implemented Sensitive Dynamic Properties
- Added SupportsSensitiveDynamicProperties annotation for components
- Added optional sensitive query parameter to Property Descriptor REST Resource methods
- Added system tests for components supporting sensitive dynamic properties
- Updated REST Resources to support Sensitive Dynamic Property Names
- Updated Documentation Writer to indicate component support for Sensitive Dynamic Properties
- Updated InvokeHTTP to support Sensitive Dynamic Properties
- Updated Auditor components to handle masking Sensitive Dynamic Properties
* Refactored Property Descriptor REST method handling
- Corrected AbstractDocumentationWriter evaluation of support for sensitive dynamic properties
- Refactored Controller Service Dynamic Properties system tests to new class
* Updated AbstractComponentNode.getProperties() to get canonical descriptor
* NIFI-10001: Fixed issue in which some components may fail to update the scheduled state when comparing flows
* NIFI-10001: Fixed bugs that caused some components to not have their scheduled state updated. When comparing two flows, now allow specifying how to determine a VersionedComponent's ID for comparison. When comparing local flow against flow from registry, use Versioned Component ID. But when comparing two instantiated flows, such as local flow vs. cluster flow, use the VersionedComponent's Instance ID instead. This ensures that we can properly compare two components even if there are several instances of a given flow
- Added Map and Set Cache Servers based on nifi-event-transport components
- Removed custom servers and unused socket stream components
- Reduced duplication on protocol classes
- Added checks for readable bytes
- Added mark and reset handling for buffer reads
This closes#6040
Signed-off-by: Paul Grey <greyp@apache.org>
* NIFI-9895 Allow parameter to reference controller service. Check read and write authorization for both previous and newly set controller service. Authorization done for both property or parameter change. Import/export handled by switching between instance id and versioned id.
* NIFI-10001: When enabling a collection of Controller Services, changed logic. Instead of enabling dependent services and waiting for them to complete enablement before starting a given service, just start the services given. The previous logic was necessary long ago because we couldn't enable a service unless all dependent services were fully enabled. But that changed a while ago. Now, we can enable a service when it's invalid. It'll just keep trying to enable until it becomes valid. At that point, it will complete its transition from ENABLING to ENABLED.
* NIFI-10001: Restored previous implementation for StandardControllerServiceProvider, as the changes were not ultimately what we needed. Changed StandardProcessGroup to use a ConcurrentHashMap for controller services instead of a HashMap with readLock. This was causing a deadlock when we enable a Controller Service that references another service during flow synchronization. Flow Synchronization was happening within a write lock and enabling the service required a read lock on the group. Eventually the thread holding the write lock would timeout and release the write lock. But this caused significant delays on startup. By changing to a ConcurrentHashMap, we alleviate the need for the Read Lock. Also noticed in testing that the StandardNiFiServiceFacade did not save flow changes when enabling dependent services so added call to controllerFacade.save().
- Removed version declarations from multiple modules
- Adjusted PutDynamoDB to remove catch for IOException not thrown in Commons IO 2.11.0
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#6015.
- Replaced nifi-framework-bundle managed dependency to root managed dependency
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#6005.
- Removed unnecessary references to jackson.version property
- Removed unnecessary dependency management references to Jackson libraries
This closes#5992
Signed-off-by: Mike Thomsen <mthomsen@apache.org>
* NIFI-9883 Refactored property protection to isolated ClassLoader
- Added nifi-property-protection-loader for abstracting access to implementation classes using ServiceLoader
- Updated Authorizer and Login Identity Provider configuration using isolated ClassLoader
- Updated NiFi Properties Loader using isolated ClassLoader
- Updated nifi-assembly to place property protection dependencies in lib/properties directory
- Updated and refactored unit tests
- Corrected LoginIdentityProviderFactoryBean getObject() Type
- Changed log methods that accept a String and Object array to replace the last Throwable argument with a formatted summary of causes when calling LogRepository.addLogMessage()
Signed-off-by: Joe Gresock <jgresock@gmail.com>
This closes#5965.
- Refactored XML parsing to use providers from nifi-xml-processing
- Configured spotbugs-maven-plugin with findsecbugs-plugin in nifi-xml-processing
- Disabled Validate DTD in default configuration for EvaluateXPath and EvaluateXQuery
- Replaced configuration of DocumentBuilder and streaming XML Readers with shared components
- Removed XML utilities from nifi-security-utils
- Moved Commons Configuration classes to nifi-lookup-services
This closes#5962
Signed-off-by: Paul Grey <greyp@apache.org>
- Refactored SimpleProcessLogger to avoid sending stack trace causes to SLF4J Logger
- Refactored SimpleProcessLogger to minimize duplication of component message formatting
- Updated ConnectableTask logging to avoid repeating Throwable class in message string
- Refactored TestSimpleProcessLogger to improve coverage and confirm consistent argument handling
- Corrected handling of exception strings in argument arrays