Commit Graph

658 Commits

Author SHA1 Message Date
Chris Cochrane
0ab4ac94c8
ENT-6903 - address security issues reported by Snyk (#7244)
ENT-6903: Update versions of BC, Shiro, Netty okhttp
Also updated platform version to 12.
2022-09-30 17:49:21 +01:00
Chris Cochrane
877e00f8d3
Fwd-merge from OS-4.9 2022-08-01 13:00:57 +01:00
Chris Cochrane
878f0bba8b
ENT-6885: Added build option to specify the version of Apache commons-configuration2 (#7224)
Added a build.gradle option to specify the version of Apache commons-configuration2 to build with, overriding whatever version is pulled in by Artemis Server.
This is to address Nexus security vulnerability reported for Apache commons-configuration2 v2.7.

This change was previously applied in Ent-4.9 and was shown to remove the critical security issues reported by Nexus. See [PR-4652](https://github.com/corda/enterprise/pull/4562) for more info about that.

The Corda jar was built locally and then scrutinised, revealing that it had Apache commons-configuration2 v2.8.0 included within.
2022-07-29 17:33:13 +01:00
Adel El-Beik
ffc843b64d
ENT-6882: Upgraded shiro-core to 1.9.1. (#7217) 2022-07-13 14:40:55 +01:00
Adel El-Beik
c23e8b49d4 ENT-6847: Updated shiro and netty version. 2022-06-30 12:15:31 +01:00
Waldemar Zurowski
ec14f9ccba NOTICK: Merging forward updates from OS 4.7 to OS 4.8 (2022-05-26) 2022-05-26 14:13:33 +02:00
Waldemar Zurowski
0336c938a6 NOTICK: Merging forward updates from OS 4.6 to OS 4.7 (2022-05-25)
Conflicts:
* .ci/dev/regression/Jenkinsfile
*
core/src/main/kotlin/net/corda/core/internal/PlatformVersionSwitches.kt
2022-05-25 19:07:45 +02:00
Waldemar Zurowski
ef76ae0973 NOTICK: Merging forward updates from OS 4.5 to OS 4.6 (2022-05-25)
Conflicts:
*
client/rpc/src/integration-test/kotlin/net/corda/client/rpcreconnect/CordaRPCClientReconnectionTest.kt
*
client/rpc/src/main/kotlin/net/corda/client/rpc/internal/ReconnectingCordaRPCOps.kt
* constants.properties
* gradle/wrapper/gradle-wrapper.properties
* tools/shell/src/main/kotlin/net/corda/tools/shell/InteractiveShell.kt
2022-05-25 10:14:38 +02:00
Adel El-Beik
81348de000 ENT-6802: Upgrade Jackson to 2.13.3 2022-05-24 20:02:15 +01:00
Viktor Kolomeyko
355411b195 Merge remote-tracking branch 'origin/release/os/4.9' into vkolomeyko/cc4.9-cc4.10-merge
# Conflicts:
#	.ci/dev/regression/Jenkinsfile
#	build.gradle
2022-05-18 15:27:44 +01:00
Adel El-Beik
e33265f60d ENT-6765: Upgraded quassar and hibernate. 2022-05-09 13:36:16 +01:00
Dimos Raptis
b331a421b2 ENT-6579 - Upgrade netty 2022-04-22 15:40:28 +01:00
Adel El-Beik
c53b0af997 ENT-6748: Make sure correct artemis is picked up, and don't rely on cache. 2022-04-11 12:21:49 +01:00
Chris Rankin
c25e0f1c73 NOTICK: Force Gradle to use the most recent SNAPSHOTs. 2022-04-04 15:16:34 +01:00
Adel El-Beik
cb4c7a80ca Merge remote-tracking branch 'origin/release/os/4.9' into adel/merge-from-4.9-1stApr 2022-04-01 16:58:08 +01:00
Adel El-Beik
f89cb76309 ENT-6629: Update hibernate version to match ent. 2022-04-01 16:40:19 +01:00
Adel El-Beik
40a72a4837
ENT-6687: Added the corda-releases repo, so that deployNodes in the s… (#7113)
* ENT-6687: Added the corda-releases repo, so that deployNodes in the samples can find the corda shell.
2022-03-10 17:56:09 +00:00
Chris Rankin
4fe68c93f4
NOTICK: Replace global dependency exclusions with dependency substitution. (#7099) 2022-03-08 12:04:26 +00:00
Rick Parker
1e227fdfc4
ENT-6711 - Fix for upgrade to Jackson 2.12 and beyond (actual upgrade to 2.13.1) (#7096)
* NOTICK - Don't know what the JIRA is but wanted to share.

* Updates to resolve bukld issues

* NOTICK: Fixed JDK11 version to prevent capsule version error

* ENT-6711: Added comment for use of jackson_kotlin_version.

* ENT-6711: Avoid deprecation warning, switched to the default method.

Co-authored-by: Chris Cochrane <chris.cochrane@r3.com>
Co-authored-by: Adel El-Beik <adel.el-beik@r3.com>
2022-03-07 11:08:06 +00:00
Adel El-Beik
4594c76259 ENT-6637: Targeted exclude of the jgroups dependency. 2022-03-04 11:52:14 +00:00
Adel El-Beik
4203a56c3a ENT-6637 & ENT-6618: Removed jgroups and dbcp from artemis dependencies. 2022-03-03 16:40:18 +00:00
Viktor Kolomeyko
df34a59b02 Merge remote-tracking branch 'origin/release/os/4.9' into vkolomeyko/os-4.9-4.10-merge
# Conflicts:
#	build.gradle
2022-02-24 16:46:48 +00:00
Chris Cochrane
9dfdd71c22
ENT-6631 - upgrade jackson version to get rid of databind vulnerability, keeping jackson-module-kotlin the same 2022-02-24 13:26:37 +00:00
Adel El-Beik
5ad2486041
Merge pull request #7082 from corda/vkolomeyko/ENT-6286-official-artemis-switch
ENT-6286: Switch to official version of Artemis library
2022-02-23 10:15:59 +00:00
Chris Cochrane
59272e880d
ENT-6607 moved all 3rd party lib versions to constants.properties (#7077)
* ENT-6607 moved all 3rd party lib versions to constants.properties

* Post-review - Corrected Corda version number
2022-02-22 18:09:30 +00:00
Adel El-Beik
ba8cd1b80d Merge remote-tracking branch 'origin/release/os/4.8' into adel/merge-from-4.8-21Feb 2022-02-21 12:52:29 +00:00
Viktor Kolomeyko
cfbfa23ec3 ENT-6286: Switch to official version of Artemis library
Version number is the same as ours - `2.19.1`, removing `includeGroup 'org.apache.activemq'` from Corda Dependencies repository, will make it fall back to Maven Central where the official version is available.
2022-02-21 10:00:16 +00:00
Chris Cochrane
b008f5f42a
Updated tcnative version to 2.0.48 (#7072) 2022-02-16 18:10:05 +00:00
Rick Parker
9c30d5a2cc
ENT-6498 Fix API docs dependencies (#7054) 2022-02-08 10:25:07 +00:00
Viktor Kolomeyko
835321bb70
ENT-6286: OS: Upgrade version of Artemis to 2.19.1 (#6975)
Fixes DDoS attack mentioned on the Jira ticket.

PR upgrades Artemis library to version 2.19.1.
This is our own release of Apache Artemis library which has vulnerability fix for v2.20 applied.

**_Breaking changes discovered during Artemis upgrade:_**
1. When the queue is created as temporary, it needs to explicitly be specified as non-durable.
2. By default, Artemis Client performs Host DNS name check against the certificate presented by the server. Our TLS certificates fail this check and this verification has to be explicitly disabled, see use of: `TransportConstants.VERIFY_HOST_PROP_NAME`.
3. Artemis Server now caches login attempts, even unsuccessful ones. When we add RPC users dynamically via DB insert this may have an unexpected outcome if the user with the same `userName` and `password` was not available previously.
To workaround permissions changing dynamically, authorization and authentication caches had to be disabled.
4. When computing `maxMessageSize`, the size of the headers content is now taken into account as well.
5. Artemis handling of start-up errors has changed. E.g. when the port is already bound.
6. A number of deprecated APIs like: `createTemporaryQueue`, `failoverOnInitialAttempt`, `NullOutputStream`, `CoreQueueConfiguration`.
7. Log warning message is produced like: `AMQ212080: Using legacy SSL store provider value: JKS. Please use either 'keyStoreType' or 'trustStoreType' instead as appropriate.`
8. As reported by QA, Artemis now produces more audit logging more details [here](https://r3-cev.atlassian.net/browse/ENT-6540). Log configuration been adjusted to reduce such output.
2022-01-21 09:18:14 +00:00
Ryan Fowler
857b8aa286
ENT-6542: Add Community Edition string for R3 builds (#7026) 2022-01-18 11:12:32 +00:00
Waldemar Zurowski
54bd321bfe Merge branch 'release/os/4.8' into wz/merge-os-48-49-2022-01-12 2022-01-12 15:18:30 +01:00
Dan Newton
56c9d6404f
ENT-6378 Migrate corda-shell to external repo (#7005)
Remove the shell code from the OS code base, this includes the modules:

- `:tools:shell`
- `:tools:shell-cli`

The shell will be run within a node if it exists within the node's `drivers` directory. 

This is done by using a `URLClassloader` to load the `InteractiveShell` class into Corda's JVM process and running `startShell` and `runLocalShell`.

Running the shell within the `:samples` will require adding:

```
cordaDriver "net.corda:corda-shell:<corda_shell_version>"
```

To the module's `build.gradle` containing `deployNodes`. The script will then include the shell in the created nodes.
2022-01-12 11:54:18 +00:00
Waldemar Zurowski
00ba7b3447 Merge branch 'release/os/4.7' into wz/merge-os-47-48-2022-01-12 2022-01-12 09:52:52 +01:00
Waldemar Zurowski
46a358965e Merge branch 'release/os/4.6' into wz/merge-os-46-47-2022-01-12 2022-01-12 07:34:32 +01:00
Viktor Kolomeyko
8191073c7f NOTICK: Change repository for ghostdriver library
Since SCI Java repository is no longer available, the library has been copied to the internal `corda-dependencies` repository.
2022-01-11 16:48:51 +01:00
Viktor Kolomeyko
78aed771b2
NOTICK: Change repository for ghostdriver library (#7015)
Since SCI Java repository is no longer available, the library has been copied to the internal `corda-dependencies` repository.
2022-01-11 12:57:20 +00:00
Adel El-Beik
f8fc7281eb ENT-6494: Upgraded log4j to 2.17.1 2022-01-10 10:51:52 +00:00
Adel El-Beik
c0c6110d5a ENT-6494: Upgraded log4j to 2.17.1 2022-01-10 10:49:18 +00:00
Adel El-Beik
a5512ff2e6 ENT-6494: Upgraded log4j to 2.17.1 2022-01-10 10:47:07 +00:00
Viktor Kolomeyko
df5604874b
ENT-6388: Update Crash shell to version 1.7.5 (#7004)
This is a newly built internal version of the library which in particular upgrades `org.apache.mina:mina-core` to version `2.0.22` eliminating NexusIQ vulnerability.
2022-01-06 13:46:58 +00:00
Adel El-Beik
47bf3c9055 ENT-6494: log4j update to 2.17.1 2022-01-05 15:50:09 +00:00
Adel El-Beik
65bba87741
ENT-6494: Upgraded log4j to 2.17.0 (#6993) 2021-12-21 11:26:52 +00:00
Adel El-Beik
a7d5b46120
ENT-6494: Upgraded log4j to 2.17.0 (#6994) 2021-12-21 11:26:33 +00:00
Adel El-Beik
67da0ffee5
ENT-6494: Upgraded log4j to 2.17.0 (#6995) 2021-12-21 11:26:05 +00:00
Adel El-Beik
0eeaa743d3
ENT-6494: Upgraded log4j to 2.17.0 (#6996) 2021-12-21 11:25:14 +00:00
Adel El-Beik
2c01816353
ENT-6494: Upgrade log4j again. (#6990) 2021-12-15 22:21:49 +01:00
Adel El-Beik
094455571f
ENT-6494: Upgrade log4j (#6988) 2021-12-14 12:24:38 +00:00
Dimos Raptis
18333b4860
Upgrade netty version (#6974) 2021-11-19 14:22:01 +00:00
Dimos Raptis
84000e0794
ENT-3644: Upgrade Netty (#6957) 2021-09-15 08:52:14 +01:00
Waldemar Zurowski
6b1faeb25e Merge branch 'release/os/4.6' into wz/merge-os-46-47-2021-07-27 2021-07-27 14:16:32 +02:00
Waldemar Zurowski
64de942752 Merge branch 'release/os/4.5' into wz/merge-os-45-46-2021-07-26
Conflicts:
	build.gradle
2021-07-27 07:33:25 +02:00
Waldemar Zurowski
5d27c62510 Merge branch 'release/os/4.4' into wz/merge-os-44-45-2021-07-26
Conflicts:
	build.gradle
2021-07-26 09:29:43 +02:00
Waldemar Zurowski
bb5eb6f93d Merge branch 'release/os/4.3' into wz/merge-os-43-44-2021-07-23 2021-07-23 13:23:09 +02:00
Waldemar Żurowski
f82f6f9b65
NOTICK: remote obsolete Maven repository for Kotlin in Bintray (#6933) 2021-07-23 11:10:21 +02:00
Waldemar Zurowski
ad83074e6d NOTICK: Merging forward updates from OS 4.6 to OS 4.7 (2021/07/19) 2021-07-19 22:14:03 +02:00
Waldemar Zurowski
f3065b81b5 NOTICK: Merging forward updates from OS 4.5 to OS 4.6 (2021/07/19)
Conflicts:
	samples/irs-demo/build.gradle
2021-07-19 22:07:31 +02:00
Waldemar Zurowski
c60f72d927 NOTICK: Merging forward updates from OS 4.4 to OS 4.5 (2021/07/19) 2021-07-19 21:56:48 +02:00
Waldemar Zurowski
e07ec2e7bd NOTICK: Merging forward updates from OS 4.3 to OS 4.4 (2021/07/19) 2021-07-19 17:47:41 +02:00
Waldemar Żurowski
9e790c4767
INFRA-1309: migrate docker-compose-rule-junit4 from Bintray to Maven Central (#6927)
docker-compose-rule-junit4 is available from Maven Central, but from
version 1.0.0 onwards

Bumping version number to 1.5.0 introduces following list of
dependencies:

* com.fasterxml.jackson.core:jackson-annotations:2.4.4 (Apache 2.0)
* com.fasterxml.jackson.core:jackson-core:2.9.7 (Apache 2.0)
* com.fasterxml.jackson.core:jackson-databind:2.11.0 (Apache 2.0)
* com.fasterxml.jackson.core:jackson-databind:2.9.7 (Apache 2.0)
* com.fasterxml.jackson.core:jackson-databind:2.9.8 (Apache 2.0)
* com.fasterxml.jackson.core:jackson-databind:2.9.9 (Apache 2.0)
* com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.9.8 (Apache
  2.0)
* com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:2.10.2
  (Apache 2.0)
* com.fasterxml.jackson.datatype:jackson-datatype-guava:2.9.8 (Apache
  2.0)
* com.fasterxml.jackson.datatype:jackson-datatype-jdk8:2.9.8 (Apache
  2.0)
* com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.9.8 (Apache
  2.0)
* com.fasterxml.jackson.module:jackson-module-afterburner:2.9.8 (Apache
  2.0)
* com.github.zafarkhaja:java-semver:0.9.0 (MIT)
* com.google.code.findbugs:jsr305:3.0.2 (Apache 2.0)
* com.google.errorprone:error_prone_annotations:2.3.3 (Apache 2.0)
* com.google.guava:guava:18.0 (Apache 2.0)
* com.google.guava:guava:21.0  (Apache 2.0)
* commons-io:commons-io:2.6  (Apache 2.0)
* com.palantir.conjure.java.api:errors:2.12.0 (Apache 2.0)
* com.palantir.conjure.java:conjure-lib:5.15.0 (Apache 2.0)
* com.palantir.conjure.java.runtime:conjure-java-jackson-serialization:
  4.18.1 (Apache 2.0)
* com.palantir.docker.compose:docker-compose-rule-core:1.5.0 (Apache
  2.0)
* com.palantir.docker.compose:docker-compose-rule-events-api-objects:
  1.5.0 (Apache 2.0)
* com.palantir.docker.compose:docker-compose-rule-junit4:1.5.0 (Apache
  2.0)
* com.palantir.ri:resource-identifier:1.1.0 (Apache 2.0)
* com.palantir.safe-logging:preconditions:1.11.0 (Apache 2.0)
* com.palantir.safe-logging:preconditions:1.13.0 (Apache 2.0)
* com.palantir.safe-logging:preconditions:1.9.0 (Apache 2.0)
* com.palantir.safe-logging:safe-logging:1.11.0 (Apache 2.0)
* com.palantir.safe-logging:safe-logging:1.13.0 (Apache 2.0)
* com.palantir.tokens:auth-tokens:3.6.1  (Apache 2.0)
* jakarta.annotation:jakarta.annotation-api:1.3.5 (EPL 2.0)
* jakarta.ws.rs:jakarta.ws.rs-api:2.1.6 (EPL 2.0)
* joda-time:joda-time:2.10.3 (Apache 2.0)
* junit:junit:4.13 (EPL 1.0)
* one.util:streamex:0.7.2 (Apache 2.0)
* org.apache.commons:commons-lang3:3.7 (Apache 2.0)
* org.awaitility:awaitility:4.0.2 (Apache 2.0)
* org.hamcrest:hamcrest:2.1 (BSD 3-clause)
* org.hamcrest:hamcrest-core:2.1 (BSD 3-clause)
* org.slf4j:slf4j-api:1.7.25 (MIT)
2021-07-19 15:02:33 +02:00
Walter Oggioni
734d35b719
INFRA-803 Rebuild Docker image tasks (#6804) 2020-11-20 10:21:53 +00:00
Edoardo Ierina
82a114a329
[DRAFT] feat/CORDA-3823-hash-agility-qa-ready (#6789)
* wip

* wip

* wip (need to review IEE comments)

* wip

* wip

* Small refactoring, fixed network-verifier's TestNotaryFlow

* Added command line option to explicitly enable hash agility support

* wip-do-not-push

* wip

* wip

* wip

* aligned merkletree/transaction hash algorithms

* wip

* Added mixed algorithm support for nodes vs leaves and corrected mixed algorithm tests

* moved global computeNonce and componentHash to DigestService

* added comment for failing test to fix

* wip

* Minor cleanups, added deprecated componentHash/computeNonce

* restored exploratory changes to failing SignedTransaction test

* cleaned up and minor rafactoring

* Fixed some tests with hardcoded hash algorithm

* some changes and cleanups following code review

* WIP commit before large change

* WIP Fixed 3 tests

* WIP removed direct references to randomSHA256() and sha256()

* Updated/added liquibase migrations to support larger hash algorithms

* Reviewed, cleanups, comments, fixes

* removing direct references to sha256()

* WIP verifying obligations test errors

* reviewing obligation/attachment issues with sha3_256

* Full review before PR - intermediate commits

* Reviewed and cleaned up

* Futher cleanup

* Fixed partial tree backward compatible json and cleanups

* all tests passing

* Removed couple of unused imports

* Reworked global componentHash function to avoid deprecated warnings

* replaced SHA3s with some alternate SHA2s

* Removed SHA3-256 and SHA3-512 references

* fixed some tests using non ubiquitous hash algorithms

* Fixed ABI compatibility (not for TransactionBuilder)

* Fixed ABI compatibility to TransactionBuilder

* couple of fixes

* fixed DigestService's randomHash

* Removed constructor with loosely typed args for private constructor of LedgerTransaction class (API removal)

* re-introduced LedgerTransaction deprecated ctor for deserialization

* Add possibility to load CustomMessageDigest bypassing JCA (#6798)

* Change api-current for DigestAlgorithm

* disable flaky tests

Co-authored-by: Denis Rekalov <denis.rekalov@r3.com>
2020-11-05 22:05:29 +00:00
Ross Nicoll
5a93f848b0 Merge remote-tracking branch 'origin/release/os/4.4' into rni/notick-merge-44-45 2020-09-25 09:57:10 +01:00
Ross Nicoll
8048cb4966
CORDA-3845: Update BC, log4j, slf4j (#6699) (#6742)
* CORDA-3845: Update BC, log4j, slf4j (#6699)

* CORDA-3845: Update BC to 1.64
* CORDA-3845: Upgraded log4j to 2.12.1
* We can remove the use of Manifests from the logging package so that when _it_ logs it doesn't error on the fact the stream was already closed by the default Java logger.
* Remove the logging package as a plugin
* latest BC version
* Remove old test
* Fix some rebased changes to log file handling
* Update slf4j too

Co-authored-by: Ryan Fowler <fowlerrr@users.noreply.github.com>
Co-authored-by: Adel El-Beik <adel.el-beik@r3.com>
2020-09-25 09:54:59 +01:00
Ross Nicoll
2064a572ba
CORDA-4034 ENT-5679 CORDA-3845 Correct instability of linear builds (#6722)
* CORDA-4034 Reduce forkEvery to 15 to attempt to mitigate memory leak.
* ENT-5679 Disable test which triggers OOM
* Run tests on two Jenkins agents
* Fixed processing JUnit test results by Allure
* Add timeouts to VaultObserverExceptionTest
* Revert "CORDA-3845: Update BC, log4j, slf4j (#6699)" to eliminate introduced memory leaks

Co-authored-by: Waldemar Zurowski <waldemar.zurowski@r3.com>
2020-09-18 00:23:16 +01:00
Adel El-Beik
01cd8d6415 Merge remote-tracking branch 'origin/release/os/4.5' into adel/merge-from-4.5-17-Sept 2020-09-17 10:34:01 +01:00
Waldemar Zurowski
99841dcaeb Merge branch 'release/os/4.4' into INFRA-683-os-45-linear-builds 2020-09-15 14:27:34 +02:00
Ross Nicoll
bcce0e9519
INFRA-683 Move OS 4.4 release branch builds to linear (#6705)
* Do not use Security.addProvider(BouncyCastleProvider()) in tests, to avoid disruptions of other tests.
* Forcibly register security providers before starting Jimfs, to resolve a sequencing problem where Jimfs triggers loading of the SFTP filesystem provider, which in turn registers the standard BouncyCastle provider rather than the patched version Corda needs.
* INFRA-683 Move Corda OS release branch builds to serial (#6703)

Co-authored-by: Waldemar Zurowski <waldemar.zurowski@r3.com>
Co-authored-by: Denis Rekalov <denis.rekalov@r3.com>
Co-authored-by: Waldemar Zurowski <waldemar.zurowski@r3.com>
2020-09-15 13:18:46 +01:00
Ross Nicoll
c0d354e97a
CORDA-3845: Update BC, log4j, slf4j (#6699)
* CORDA-3845: Update BC to 1.64
* CORDA-3845: Upgraded log4j to 2.12.1
* We can remove the use of Manifests from the logging package so that when _it_ logs it doesn't error on the fact the stream was already closed by the default Java logger.
* Remove the logging package as a plugin
* latest BC version
* Remove old test
* Fix some rebased changes to log file handling
* Update slf4j too

Co-authored-by: Ryan Fowler <fowlerrr@users.noreply.github.com>
Co-authored-by: Adel El-Beik <adel.el-beik@r3.com>
2020-09-15 11:59:46 +01:00
Ross Nicoll
b3d9d1291f
INFRA-683 Move Corda OS release branch builds to serial (#6703)
Co-authored-by: Waldemar Zurowski <waldemar.zurowski@r3.com>
2020-09-14 11:29:42 +01:00
Razvan Codreanu
b2cb0cc51a
INFRA-608 Split out regression test stage (#6619)
Split out regression test stage to reduce fragility
2020-08-21 11:18:54 +01:00
Ross Nicoll
416d27a909
CORDA-3982 Revert "CORDA-3917 Update to Jackson 2.9.8 (#6493)" (#6615)
This reverts commit cd4626d8c2.
2020-08-11 23:42:00 +01:00
Ross Nicoll
80685041e1
Revert "CORDA-3917 Update to Jackson 2.9.8 (#6493)" (#6614)
This reverts commit cd4626d8c2.
2020-08-11 12:20:26 +01:00
Chris Rankin
ef27dbfdbb
INFRA-563: Upgrade to distributed-testing-plugin 1.3.0. (#6588) 2020-08-06 22:13:57 +01:00
Chris Rankin
d60feb1138
INFRA-563 Update Corda to test distributed-testing-plugin 1.3-SNAPSHOT. (#6551)
Integrate YAML profile support, and the eagle-eyed will notice that the plugin no longer needs to be applied at the very bottom of the build.gradle file!
 
Other features include:
* Implicit upgrade to docker-remote-api plugin v5.3.0
* Fixing a ClassGraph-related memory leak by closing the ScanResult objects after use.
* More logging of any exceptions from Kubenetese.
* The gradlecache volume is now created with a hostPath of "/gradle/$podName/$podIdx-$taskForExecuteName", which should allow having multiple pods on a single node.
2020-08-05 12:48:29 +01:00
Ross Nicoll
6bcd3a9f9f
CORDA-3938 Restrict Gradle dependency locations (#6554)
* Restrict Gradle dependency locations so Gradle does not check Corda/Kotlin specific repositories for other dependencies, to save on wasted requests.
* Remove dependx plugin as it appears to be abandoned
2020-08-03 21:28:26 +01:00
Waldemar Zurowski
e95ff388da Merge branch 'release/os/4.5' into wz/merge-os-45-46-2020-07-28 2020-07-28 14:14:43 +01:00
Ross Nicoll
9527c553ec Merge remote-tracking branch 'origin/release/os/4.4' into rni/notick/merge-4.4-4.5 2020-07-23 17:24:36 +01:00
Ross Nicoll
13073c300f
NOTICK: OS 4.3 to OS 4.4 merge (#6506)
* CORDA-3917 Update to Jackson 2.9.8 (#6493)

* Update to Jackson 2.9.8 to address multiple security issues, and update warning note about
updates to clarify that it refers to 2.10+. When the note was added 2.9.7 as the highest
available version in the 2.9.x series.
* Add PR code checks Jenkinsfile

* CORDA-3916 Update to BouncyCastle 1.61 (#6492)

Update to BouncyCastle 1.61. Updating one version at a time to mitigate risk of a complex breaking change being introduced.

* Added missing collection of JUnit tests and logs

Co-authored-by: Waldemar Zurowski <waldemar.zurowski@r3.com>
2020-07-23 16:59:42 +01:00
Ryan Fowler
2ca10464b7
CORDA-3845: Update BC, log4j, slf4j (#6464)
* CORDA-3845: Update BC to 1.64

* CORDA-3845: Upgraded log4j to 2.13.3

* We can remove the use of Manifests from the logging package so that when _it_ logs it doesn't error on the fact the stream was already closed by the default Java logger.

* Some more tidy up

* Remove the logging package as a plugin

* latest BC version

* Remove old test

* fix up

* Fix some rebased changes to log file handling

* Fix some rebased changes to log file handling

* Update slf4j too

Co-authored-by: Adel El-Beik <adel.el-beik@r3.com>
2020-07-23 16:37:29 +01:00
Ross Nicoll
cd4626d8c2
CORDA-3917 Update to Jackson 2.9.8 (#6493)
* Update to Jackson 2.9.8 to address multiple security issues, and update warning note about
updates to clarify that it refers to 2.10+. When the note was added 2.9.7 as the highest
available version in the 2.9.x series.
* Add PR code checks Jenkinsfile
2020-07-22 09:08:49 +01:00
Viktor Kolomeyko
3e9a8cdfcd Merge remote-tracking branch 'origin/release/os/4.5' into vkolomeyko/os-4.5-os-4.6-merge 2020-07-20 15:16:33 +01:00
Waldemar Żurowski
309d2ec69f
INFRA-330 Use Artifactory as cache for all dependencies (#6253)
* Use a virtual repo (corda-remotes) containing all Corda repositories with dependencies
* activated when CORDA_USE_CACHE environment variable is set
* Update Jenkins configuration to use new functionality
* it does *not* affect local builds as long as environment variable is not set!
2020-07-17 09:39:45 +01:00
Chris Rankin
6bae99ef10
CORDA-3909: Upgrade to Corda Gradle plugins 5.0.11. (#6463)
This also upgrades the following plugins:
- Artifactory: 4.7.3 -> 4.16.1
- Bintray: 1.4 -> 1.8.5
2020-07-15 10:46:29 +01:00
Chris Rankin
72938fdf38
CORDA-3892: Upgrade to Gradle 5.6.4 again, with build fixes. (#6448) 2020-07-08 11:34:25 +01:00
Chris Rankin
2d63804560
CORDA-3892: Revert back to Gradle 5.4.1 to fix "clean" task. (#6439) 2020-07-07 11:29:21 +01:00
Chris Rankin
16eb9dfc08
NOTICK: Fix some Gradle technical debt. (#6430) 2020-07-07 09:08:58 +01:00
Chris Rankin
8175d4f0fb
CORDA-3892: Upgrade Gradle 5.4.1 -> 5.6.4. (#6435) 2020-07-07 09:07:55 +01:00
Ryan Fowler
d720c86fc7
CORDA-3714: Update commons-beanutils for security (#6391) 2020-06-25 11:23:18 +01:00
Razvan Codreanu
862de46c5b
INFRA-331 Improving Jenkins PR build performance (#6252)
* INFRA-331 increasing shard number and reintroducing pre allocation

* INFRA-331 removing preallocation

* INFRA-331 reintroducing preallocation as it cuts 10 mins from the build

* INFRA-331 test performance with 20 pods

* INFRA-331 test performance with 10 pods and preallocation

* INFRA-331 more tests on 15 pods + prealloc
2020-05-19 09:57:20 +01:00
James Higgs
06467d04b1
EG-1980 - Remove stale docs links from OS (#6251)
Remove hardcoded docs references, push docs link to gradle
2020-05-14 12:57:59 +01:00
Ryan Fowler
7dc8aa8f7c
Corda 3675 update netty (#6146)
* CORDA-3675: Update netty for security

* Try to improve thread counting in tests
2020-04-14 12:31:02 +01:00
Chris Rankin
b340766506
ENT-5039 Improved help text for commands (#6006) (#6122)
* Improved help text for commands
* Address feedback

Co-authored-by: jakubbielawa <jakub.bielawa@gmail.com>
2020-04-02 17:43:51 +01:00
Ryan Fowler
18c9e4a9da
Revert "CORDA-3675: Update netty for security (#6109)" (#6120)
This reverts commit 82a3f69f
2020-04-01 18:16:38 +01:00
Dimitris Gounaris
76cf4e6e66
TM-213: Add sonarqube configuration in gradle and jenkinsfile (#6060)
* Add sonarqube for regression builds

* Remove duplicated script tag

* Add detekt support to sonarqube

Co-authored-by: Dimitris Gounaris <dimitrisgounaris@20LDN-MAC257.local>
2020-04-01 11:03:01 +01:00
Ryan Fowler
82a3f69f15
CORDA-3675: Update netty for security (#6109)
* CORDA-3675: Update netty for security

* Try to improve thread counting in tests
2020-03-31 10:22:10 +01:00
Dimitris Gounaris
62e45c3a14
Bump dependx to 0.1.13 (#6086)
Co-authored-by: Dimitris Gounaris <dimitrisgounaris@20LDN-MAC257.local>
2020-03-20 16:09:57 +00:00
Joseph Zuniga-Daly
9b6d2cd979 Merge remote-tracking branch 'origin/release/os/4.4' into jzd/os4.4-to-os4.5-merge-2020-03-17 2020-03-17 14:37:50 +00:00
Razvan Codreanu
8973c5ba96
TM-168 reusable configurations for distributed testing (#6048)
* TM-168 reusable configurations for distributed testing

* TM-168 switching to class

* TM-168 switching to ext properties

* TM-168 large scale set is too aggressive and prone to failure so switching to general purpose
2020-03-12 10:04:22 +00:00
Dimitris Gounaris
67e3e09a4e
TM-209: Dependx introduction for test running optimization (#6036)
* Add dependx step to build, in monitor state

* Bump plugin version

* Update plugin version

Co-authored-by: Dimitris Gounaris <dimitrisgounaris@20LDN-MAC257.local>
2020-03-11 10:51:38 +00:00