diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index d2e704b9d..3b2cd96d2 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -1,10 +1,10 @@ -name: "CodeQL" +name: DSF 1.x CodeQL on: push: - branches: [ "main", "develop", "hotfix/*", "release/*" ] + branches: [ "main", "develop", "hotfix/1*", "release/1*" ] pull_request: - branches: [ "main", "develop", "hotfix/*", "release/*" ] + branches: [ "main", "develop", "hotfix/1*", "release/1*" ] schedule: - cron: '21 15 * * 0' # Sundays, 15:21 @@ -41,7 +41,7 @@ jobs: - name: Compile with Maven if: ${{ matrix.language == 'java-kotlin' }} - run: mvn --batch-mode --fail-at-end --threads 1C -Dmaven.javadoc.skip=true -Dimpsort.skip=true -Dformatter.skip=true -Dgpg.skip -Denforcer.skip -Dmaven.buildNumber.skip=true -Dexec.skip=true -DskipTests clean package + run: mvn --batch-mode --fail-at-end --threads 1C -Dimpsort.skip=true -Dformatter.skip=true -Denforcer.skip -Dmaven.buildNumber.skip=true -Dexec.skip=true -DskipTests -DskipShadePlugin=true -P!generate-source-and-javadoc-jars clean package - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/maven-build.yml b/.github/workflows/maven-build.yml index 07e9cf265..681ceea43 100644 --- a/.github/workflows/maven-build.yml +++ b/.github/workflows/maven-build.yml @@ -1,6 +1,8 @@ -name: Java CI Build with Maven +name: DSF 1.x Java CI Build with Maven -on: push +on: + pull_request: + branches: develop jobs: build: @@ -16,4 +18,4 @@ jobs: java-version: 17 cache: 'maven' - name: Build with Maven - run: mvn --batch-mode --fail-at-end --threads 1C -DforkCount=2 -Dgpg.skip clean verify + run: mvn --batch-mode --fail-at-end --threads 1C -DforkCount=2 clean verify diff --git a/.github/workflows/maven-publish.yml b/.github/workflows/maven-publish.yml index 7102be434..797662cfb 100644 --- a/.github/workflows/maven-publish.yml +++ b/.github/workflows/maven-publish.yml @@ -1,4 +1,4 @@ -name: Java CI Publish with Maven +name: DSF 1.x Java CI Publish with Maven on: pull_request: @@ -25,4 +25,4 @@ jobs: - name: Publish with Maven env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: mvn --batch-mode --fail-at-end --threads 1C -DforkCount=2 -Dgpg.skip clean deploy + run: mvn --batch-mode --fail-at-end --threads 1C -DforkCount=2 clean deploy diff --git a/CITATION.cff b/CITATION.cff index 26c0c1b62..d280ac3d6 100644 --- a/CITATION.cff +++ b/CITATION.cff @@ -24,8 +24,8 @@ preferred-citation: doi: 10.3233/SHTI210060 type: proceedings title: "Data Sharing Framework (DSF)" -version: 1.7.1 -date-released: 2025-01-22 +version: 2.0.0 +date-released: 2025-11-25 url: https://dsf.dev repository-code: https://github.com/datasharingframework/dsf repository-artifact: https://github.com/datasharingframework/dsf/releases diff --git a/dsf-bpe/dsf-bpe-process-api-v1/pom.xml b/dsf-bpe/dsf-bpe-process-api-v1/pom.xml index 9073f2f0e..21569889b 100644 --- a/dsf-bpe/dsf-bpe-process-api-v1/pom.xml +++ b/dsf-bpe/dsf-bpe-process-api-v1/pom.xml @@ -6,9 +6,11 @@ dev.dsf dsf-bpe-pom - 1.7.1-SNAPSHOT + 2.0.0-SNAPSHOT - + + DSF BPE Process API v1 + dev.dsf diff --git a/dsf-bpe/dsf-bpe-server-jetty/docker/Dockerfile b/dsf-bpe/dsf-bpe-server-jetty/docker/Dockerfile index c872c741c..98a4e7066 100755 --- a/dsf-bpe/dsf-bpe-server-jetty/docker/Dockerfile +++ b/dsf-bpe/dsf-bpe-server-jetty/docker/Dockerfile @@ -1,11 +1,10 @@ -FROM debian:buster-slim AS builder -RUN adduser --system --no-create-home --group --uid 2202 java +FROM debian:trixie-slim AS builder WORKDIR /opt/bpe -COPY --chown=root:java ./ ./ -RUN chown root:java ./ && \ +COPY --chown=root:2202 ./ ./ +RUN chown root:2202 ./ && \ chmod 750 ./ ./ca ./conf ./lib ./lib_external ./process ./ui ./dsf_bpe_start.sh ./healthcheck.sh && \ - chmod 440 ./ca/client_cert_ca_chains.pem ./ca/server_cert_root_cas.pem ./conf/log4j2.xml ./dsf_bpe.jar ./lib/*.jar && \ - chmod 1775 ./log + chmod 440 ./ca/client_cert_ca_chains.pem ./ca/server_cert_root_cas.pem ./conf/log4j2.xml ./dsf_bpe.jar ./lib/*.jar && \ + chmod 1775 ./log FROM azul/zulu-openjdk:17-jre-headless @@ -15,8 +14,10 @@ LABEL org.opencontainers.image.licenses="Apache License, Version 2.0" EXPOSE 8080 -RUN adduser --system --no-create-home --group --uid 2202 java && \ +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ + --mount=type=cache,target=/var/lib/apt,sharing=locked \ apt update && apt dist-upgrade -y && apt install curl -y +RUN adduser --system --no-create-home --group --uid 2202 java WORKDIR /opt/bpe COPY --from=builder /opt/bpe ./ diff --git a/dsf-bpe/dsf-bpe-server-jetty/docker/dsf_bpe_start.sh b/dsf-bpe/dsf-bpe-server-jetty/docker/dsf_bpe_start.sh index 5e170a148..d73b28fa3 100755 --- a/dsf-bpe/dsf-bpe-server-jetty/docker/dsf_bpe_start.sh +++ b/dsf-bpe/dsf-bpe-server-jetty/docker/dsf_bpe_start.sh @@ -3,11 +3,11 @@ echo "Executing DSF BPE with" java --version -trap 'kill -TERM $PID' TERM INT -java $EXTRA_JVM_ARGS -Djdk.tls.acknowledgeCloseNotify=true -cp lib/*:lib_external/*:dsf_bpe.jar dev.dsf.bpe.BpeJettyServer & +trap 'kill -TERM $PID' TERM +java $EXTRA_JVM_ARGS -Djdk.tls.acknowledgeCloseNotify=true -cp lib/*:lib_external/*:dsf_bpe.jar dev.dsf.bpe.BpeJettyServer PID=$! wait $PID -trap - TERM INT +trap - TERM wait $PID JAVA_EXIT=$? diff --git a/dsf-bpe/dsf-bpe-server-jetty/pom.xml b/dsf-bpe/dsf-bpe-server-jetty/pom.xml index 7b59bcc5e..9ee2525a5 100755 --- a/dsf-bpe/dsf-bpe-server-jetty/pom.xml +++ b/dsf-bpe/dsf-bpe-server-jetty/pom.xml @@ -6,9 +6,11 @@ dev.dsf dsf-bpe-pom - 1.7.1-SNAPSHOT + 2.0.0-SNAPSHOT + DSF BPE Server Jetty + dev.dsf diff --git a/dsf-bpe/dsf-bpe-server/pom.xml b/dsf-bpe/dsf-bpe-server/pom.xml index ea3fbbb31..b05f9c77e 100755 --- a/dsf-bpe/dsf-bpe-server/pom.xml +++ b/dsf-bpe/dsf-bpe-server/pom.xml @@ -6,9 +6,11 @@ dev.dsf dsf-bpe-pom - 1.7.1-SNAPSHOT + 2.0.0-SNAPSHOT + DSF BPE Server + dev.dsf diff --git a/dsf-bpe/dsf-bpe-server/src/main/java/dev/dsf/bpe/spring/config/PropertiesConfig.java b/dsf-bpe/dsf-bpe-server/src/main/java/dev/dsf/bpe/spring/config/PropertiesConfig.java index 7be0cfd35..56e7f6a01 100644 --- a/dsf-bpe/dsf-bpe-server/src/main/java/dev/dsf/bpe/spring/config/PropertiesConfig.java +++ b/dsf-bpe/dsf-bpe-server/src/main/java/dev/dsf/bpe/spring/config/PropertiesConfig.java @@ -110,11 +110,11 @@ public class PropertiesConfig implements InitializingBean private boolean webserviceClientLocalVerbose; @Documentation(description = "Subscription to receive notifications about task resources from the DSF FHIR server") - @Value("${dev.dsf.bpe.fhir.task.subscription.search.parameter:?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson}") + @Value("${dev.dsf.bpe.fhir.task.subscription.search.parameter:?criteria:exact=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson}") private String taskSubscriptionSearchParameter; @Documentation(description = "Subscription to receive notifications about questionnaire response resources from the DSF FHIR server") - @Value("${dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter:?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson}") + @Value("${dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter:?criteria:exact=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson}") private String questionnaireResponseSubscriptionSearchParameter; @Documentation(description = "Number of retries until a websocket connection can be established with the DSF FHIR server, `-1` means infinite number of retries") @@ -126,7 +126,7 @@ public class PropertiesConfig implements InitializingBean private long websocketRetrySleepMillis; @Documentation(description = "Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server", recommendation = "Change only if you don't use the provided directory structure from the installation guide or made changes to tit") - @Value("${dev.dsf.bpe.process.plugin.directroy:process}") + @Value("${dev.dsf.bpe.process.plugin.directory:process}") private String processPluginDirectory; @Documentation(description = "List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported", recommendation = "Only deploy processes that can be started depending on your organization's roles in the Allow-List", example = "dsfdev_updateAllowList|1.0, another_process|x.y") diff --git a/dsf-bpe/dsf-bpe-server/src/main/java/dev/dsf/bpe/variables/ObjectMapperFactory.java b/dsf-bpe/dsf-bpe-server/src/main/java/dev/dsf/bpe/variables/ObjectMapperFactory.java index 2f34d738a..5be84ed80 100644 --- a/dsf-bpe/dsf-bpe-server/src/main/java/dev/dsf/bpe/variables/ObjectMapperFactory.java +++ b/dsf-bpe/dsf-bpe-server/src/main/java/dev/dsf/bpe/variables/ObjectMapperFactory.java @@ -2,6 +2,7 @@ import org.hl7.fhir.r4.model.Resource; +import com.fasterxml.jackson.annotation.JsonInclude; import com.fasterxml.jackson.annotation.JsonInclude.Include; import com.fasterxml.jackson.databind.MapperFeature; import com.fasterxml.jackson.databind.ObjectMapper; @@ -18,7 +19,9 @@ private ObjectMapperFactory() public static ObjectMapper createObjectMapper(FhirContext fhirContext) { - return JsonMapper.builder().serializationInclusion(Include.NON_NULL).serializationInclusion(Include.NON_EMPTY) + return JsonMapper.builder() + .defaultPropertyInclusion(JsonInclude.Value.construct(Include.NON_NULL, Include.NON_NULL)) + .defaultPropertyInclusion(JsonInclude.Value.construct(Include.NON_EMPTY, Include.NON_EMPTY)) .addModule(fhirModule(fhirContext)).disable(MapperFeature.AUTO_DETECT_CREATORS) .disable(MapperFeature.AUTO_DETECT_FIELDS) // .disable(MapperFeature.AUTO_DETECT_GETTERS).disable(MapperFeature.AUTO_DETECT_IS_GETTERS) diff --git a/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.22_to_7.23.sql b/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.22_to_7.23.sql new file mode 100644 index 000000000..4f51ae734 --- /dev/null +++ b/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.22_to_7.23.sql @@ -0,0 +1,25 @@ +-- +-- Copyright Camunda Services GmbH and/or licensed to Camunda Services GmbH +-- under one or more contributor license agreements. See the NOTICE file +-- distributed with this work for additional information regarding copyright +-- ownership. Camunda licenses this file to you under the Apache License, +-- Version 2.0; you may not use this file except in compliance with the License. +-- You may obtain a copy of the License at +-- +-- http://www.apache.org/licenses/LICENSE-2.0 +-- +-- Unless required by applicable law or agreed to in writing, software +-- distributed under the License is distributed on an "AS IS" BASIS, +-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +-- See the License for the specific language governing permissions and +-- limitations under the License. +-- + +insert into ACT_GE_SCHEMA_LOG +values ('1200', CURRENT_TIMESTAMP, '7.23.0'); + +alter table ACT_HI_COMMENT + add column REV_ integer not null + default 1; + +alter table ACT_RU_EXECUTION add column PROC_DEF_KEY_ varchar(255); diff --git a/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.23_to_7.24.sql b/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.23_to_7.24.sql new file mode 100644 index 000000000..26a3a358f --- /dev/null +++ b/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.23_to_7.24.sql @@ -0,0 +1,19 @@ +-- +-- Copyright Camunda Services GmbH and/or licensed to Camunda Services GmbH +-- under one or more contributor license agreements. See the NOTICE file +-- distributed with this work for additional information regarding copyright +-- ownership. Camunda licenses this file to you under the Apache License, +-- Version 2.0; you may not use this file except in compliance with the License. +-- You may obtain a copy of the License at +-- +-- http://www.apache.org/licenses/LICENSE-2.0 +-- +-- Unless required by applicable law or agreed to in writing, software +-- distributed under the License is distributed on an "AS IS" BASIS, +-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +-- See the License for the specific language governing permissions and +-- limitations under the License. +-- + +insert into ACT_GE_SCHEMA_LOG +values ('1300', CURRENT_TIMESTAMP, '7.24.0'); diff --git a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-1.8.0.xml b/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-1.8.0.xml new file mode 100644 index 000000000..79fb1674d --- /dev/null +++ b/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-1.8.0.xml @@ -0,0 +1,12 @@ + + + + + + + + \ No newline at end of file diff --git a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-1.9.0.xml b/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-1.9.0.xml new file mode 100644 index 000000000..0459e4f85 --- /dev/null +++ b/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-1.9.0.xml @@ -0,0 +1,12 @@ + + + + + + + + \ No newline at end of file diff --git a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.changelog.xml b/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.changelog.xml index 865d2bd97..f5f1d3f96 100644 --- a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.changelog.xml +++ b/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.changelog.xml @@ -19,4 +19,8 @@ + + + + \ No newline at end of file diff --git a/dsf-bpe/pom.xml b/dsf-bpe/pom.xml index dbe45c764..94e7e35d2 100755 --- a/dsf-bpe/pom.xml +++ b/dsf-bpe/pom.xml @@ -7,7 +7,7 @@ dev.dsf dsf-pom - 1.7.1-SNAPSHOT + 2.0.0-SNAPSHOT @@ -20,6 +20,8 @@ ${project.basedir}/../.. + DSF BPE Parent POM + camunda-bpm diff --git a/dsf-common/dsf-common-auth/pom.xml b/dsf-common/dsf-common-auth/pom.xml index 30ed248fa..073f479a1 100644 --- a/dsf-common/dsf-common-auth/pom.xml +++ b/dsf-common/dsf-common-auth/pom.xml @@ -6,9 +6,11 @@ dev.dsf dsf-common-pom - 1.7.1-SNAPSHOT + 2.0.0-SNAPSHOT + DSF Common Auth + ca.uhn.hapi.fhir @@ -18,7 +20,7 @@ org.yaml snakeyaml - + jakarta.servlet jakarta.servlet-api @@ -31,7 +33,7 @@ jakarta.annotation jakarta.annotation-api - + org.springframework spring-beans diff --git a/dsf-common/dsf-common-config/pom.xml b/dsf-common/dsf-common-config/pom.xml index 4d4bd52d4..dbab88330 100644 --- a/dsf-common/dsf-common-config/pom.xml +++ b/dsf-common/dsf-common-config/pom.xml @@ -6,9 +6,11 @@ dev.dsf dsf-common-pom - 1.7.1-SNAPSHOT + 2.0.0-SNAPSHOT + DSF Common Config + org.springframework diff --git a/dsf-common/dsf-common-db/pom.xml b/dsf-common/dsf-common-db/pom.xml index f04c440da..a0df95dc8 100644 --- a/dsf-common/dsf-common-db/pom.xml +++ b/dsf-common/dsf-common-db/pom.xml @@ -6,9 +6,11 @@ dev.dsf dsf-common-pom - 1.7.1-SNAPSHOT + 2.0.0-SNAPSHOT + DSF Common DB + org.apache.commons diff --git a/dsf-common/dsf-common-documentation/pom.xml b/dsf-common/dsf-common-documentation/pom.xml index bbdc0a7ea..1737f2623 100644 --- a/dsf-common/dsf-common-documentation/pom.xml +++ b/dsf-common/dsf-common-documentation/pom.xml @@ -6,6 +6,8 @@ dev.dsf dsf-common-pom - 1.7.1-SNAPSHOT + 2.0.0-SNAPSHOT + + DSF Common Documentation \ No newline at end of file diff --git a/dsf-common/dsf-common-jetty/pom.xml b/dsf-common/dsf-common-jetty/pom.xml index c54ec4abc..d8cc06feb 100644 --- a/dsf-common/dsf-common-jetty/pom.xml +++ b/dsf-common/dsf-common-jetty/pom.xml @@ -6,25 +6,27 @@ dev.dsf dsf-common-pom - 1.7.1-SNAPSHOT + 2.0.0-SNAPSHOT - + + DSF Common Jetty + dev.dsf - dsf-common-auth + dsf-common-auth dev.dsf - dsf-common-config + dsf-common-config dev.dsf - dsf-common-documentation + dsf-common-documentation dev.dsf - dsf-tools-docker-secrets-reader + dsf-tools-docker-secrets-reader org.eclipse.jetty diff --git a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/config/AbstractJettyConfig.java b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/config/AbstractJettyConfig.java index f38dfea00..a5204fc62 100644 --- a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/config/AbstractJettyConfig.java +++ b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/config/AbstractJettyConfig.java @@ -123,7 +123,7 @@ public abstract class AbstractJettyConfig @Value("${dev.dsf.server.certificate.key.password:#{null}}") private char[] serverCertificateKeyFilePassword; - @Documentation(description = "Set to `true` to enable OIDC authorization code flow", recommendation = "Requires *DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL*, *DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID* and *DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET* to be specified") + @Documentation(description = "Set to `true` to enable OIDC authorization code flow", recommendation = "Requires *DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL*, *DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID* and *DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET* or *DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET_FILE* to be specified") @Value("${dev.dsf.server.auth.oidc.authorization.code.flow:false}") private boolean oidcAuthorizationCodeFlowEnabled; diff --git a/dsf-common/dsf-common-status/pom.xml b/dsf-common/dsf-common-status/pom.xml index 9f0f819e6..64fe34f05 100644 --- a/dsf-common/dsf-common-status/pom.xml +++ b/dsf-common/dsf-common-status/pom.xml @@ -6,9 +6,11 @@ dev.dsf dsf-common-pom - 1.7.1-SNAPSHOT + 2.0.0-SNAPSHOT - + + DSF Common Status + jakarta.servlet diff --git a/dsf-common/dsf-common-ui/pom.xml b/dsf-common/dsf-common-ui/pom.xml index 9919b7fdc..94cd4b51a 100644 --- a/dsf-common/dsf-common-ui/pom.xml +++ b/dsf-common/dsf-common-ui/pom.xml @@ -6,9 +6,11 @@ dev.dsf dsf-common-pom - 1.7.1-SNAPSHOT + 2.0.0-SNAPSHOT - + + DSF Common UI + jakarta.ws.rs diff --git a/dsf-common/pom.xml b/dsf-common/pom.xml index c6e44dc38..77dc3713a 100644 --- a/dsf-common/pom.xml +++ b/dsf-common/pom.xml @@ -7,9 +7,9 @@ dev.dsf dsf-pom - 1.7.1-SNAPSHOT + 2.0.0-SNAPSHOT - + dsf-common-auth dsf-common-config @@ -19,11 +19,13 @@ dsf-common-status dsf-common-ui - + ${project.basedir}/../.. - + + DSF Common Parent POM + @@ -38,7 +40,7 @@ test - + diff --git a/dsf-docker-test-setup-3dic-ttp/proxy/nginx.conf b/dsf-docker-test-setup-3dic-ttp/proxy/nginx.conf index d9aece023..f2ae3022e 100644 --- a/dsf-docker-test-setup-3dic-ttp/proxy/nginx.conf +++ b/dsf-docker-test-setup-3dic-ttp/proxy/nginx.conf @@ -19,6 +19,8 @@ http { ssl_client_certificate /run/secrets/proxy_trusted_client_cas.pem; ssl_verify_client optional; ssl_verify_depth 2; + + client_max_body_size 8G; map $http_upgrade $connection_upgrade { default upgrade; diff --git a/dsf-docker/bpe_proxy/.dockerignore b/dsf-docker/bpe_proxy/.dockerignore index 31bb6829b..d8f9c0ff1 100644 --- a/dsf-docker/bpe_proxy/.dockerignore +++ b/dsf-docker/bpe_proxy/.dockerignore @@ -1,3 +1,4 @@ ca/README.md .dockerignore -Dockerfile \ No newline at end of file +Dockerfile +README.md \ No newline at end of file diff --git a/dsf-docker/bpe_proxy/Dockerfile b/dsf-docker/bpe_proxy/Dockerfile index b57eb7443..83ce52b88 100644 --- a/dsf-docker/bpe_proxy/Dockerfile +++ b/dsf-docker/bpe_proxy/Dockerfile @@ -3,13 +3,18 @@ LABEL org.opencontainers.image.source=https://github.com/datasharingframework/ds LABEL org.opencontainers.image.description="DSF BPE Reverse Proxy" LABEL org.opencontainers.image.licenses="Apache License, Version 2.0" +RUN --mount=type=cache,target=/etc/apk/cache \ + apk update && apk upgrade && apk -q add libcap && \ + setcap 'cap_net_bind_service=+ep' /usr/local/apache2/bin/httpd && \ + addgroup -g 4202 apache && adduser -S -H -u 4202 -G apache apache + WORKDIR /usr/local/apache2 COPY ./ ./ -RUN chown daemon:daemon ./ca/ && \ - chmod 750 ./ca/ ./start.sh && \ - chmod 440 ./ca/client_cert_ca_chains.pem ./ca/client_cert_issuing_cas.pem && \ - chmod 644 ./conf/httpd.conf ./conf/extra/host.conf ./conf/extra/host-ssl.conf ./conf/extra/httpd-ssl.conf && \ - apk update && apk upgrade && rm -vrf /var/cache/apk/* + +RUN chmod 750 ./ca/ ./start.sh && \ + chmod 440 ./ca/client_cert_ca_chains.pem ./ca/client_cert_issuing_cas.pem && \ + chmod 640 ./conf/httpd.conf ./conf/extra/host.conf ./conf/extra/host-ssl.conf ./conf/extra/httpd-ssl.conf && \ + chown -hR apache:apache /usr/local/apache2/ # setting non existing default values, see host-ssl.conf IfFile tests ENV SSL_CERTIFICATE_CHAIN_FILE="/does/not/exist" @@ -27,7 +32,7 @@ ENV SSL_VERIFY_CLIENT="require" ENV SSL_EXPECTED_CLIENT_S_DN_C_VALUES="'DE'" # expected client certificate issuer DN common-name (CN) values -ENV SSL_EXPECTED_CLIENT_I_DN_CN_VALUES="'GEANT TLS ECC 1', 'HARICA OV TLS ECC', 'GEANT TLS RSA 1', 'HARICA OV TLS RSA', 'GEANT S/MIME ECC 1', 'HARICA S/MIME ECC', 'GEANT S/MIME RSA 1', 'HARICA S/MIME RSA', 'DFN-Verein Global Issuing CA', 'Fraunhofer User CA - G02', 'D-TRUST SSL Class 3 CA 1 2009', 'Sectigo RSA Organization Validation Secure Server CA', 'GEANT OV RSA CA 4', 'GEANT Personal CA 4', 'GEANT eScience Personal CA 4', 'Sectigo ECC Organization Validation Secure Server CA', 'GEANT OV ECC CA 4', 'GEANT Personal ECC CA 4', 'GEANT eScience Personal ECC CA 4', 'D-TRUST Limited Basic CA 1-2 2019', 'D-TRUST Limited Basic CA 1-3 2019'" +ENV SSL_EXPECTED_CLIENT_I_DN_CN_VALUES="'GEANT TLS ECC 1', 'HARICA OV TLS ECC', 'GEANT TLS RSA 1', 'HARICA OV TLS RSA', 'GEANT S/MIME ECC 1', 'HARICA Client Authentication ECC', 'HARICA S/MIME ECC', 'GEANT S/MIME RSA 1', 'HARICA Client Authentication RSA', 'HARICA S/MIME RSA', 'DFN-Verein Global Issuing CA', 'Fraunhofer User CA - G02', 'D-TRUST SSL Class 3 CA 1 2009', 'Sectigo RSA Organization Validation Secure Server CA', 'GEANT OV RSA CA 4', 'GEANT Personal CA 4', 'GEANT eScience Personal CA 4', 'Sectigo ECC Organization Validation Secure Server CA', 'GEANT OV ECC CA 4', 'GEANT Personal ECC CA 4', 'GEANT eScience Personal ECC CA 4', 'D-TRUST Limited Basic CA 1-2 2019', 'D-TRUST Limited Basic CA 1-3 2019'" # timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply ENV PROXY_PASS_TIMEOUT_HTTP=60 @@ -44,4 +49,6 @@ ENV PROXY_PASS_CONNECTION_TIMEOUT_WS=30 # server context path: / character at start, no / character at end ENV SERVER_CONTEXT_PATH="/bpe" -ENTRYPOINT [ "sh", "./start.sh" ] \ No newline at end of file +USER apache +ENTRYPOINT [ "sh", "./start.sh" ] +HEALTHCHECK --interval=10s --timeout=15s --start-period=10s --retries=5 CMD nc -zv localhost 80 && nc -zv localhost 443 || exit 1 \ No newline at end of file diff --git a/dsf-docker/bpe_proxy/start.sh b/dsf-docker/bpe_proxy/start.sh index 1f83dc1c8..38dcd2b51 100644 --- a/dsf-docker/bpe_proxy/start.sh +++ b/dsf-docker/bpe_proxy/start.sh @@ -1,39 +1,39 @@ #!/bin/sh is_comma_separated_list() { - echo "$1" | grep -qE "^(\'[^\']+\')(,\s*\'[^\']+\')*$" + echo "$1" | grep -qE "^(\'[^\']+\')(,\s*\'[^\']+\')*$" } if [ -z "$SSL_EXPECTED_CLIENT_S_DN_C_VALUES" ]; then - echo "Error: SSL_EXPECTED_CLIENT_S_DN_C_VALUES environment variable not set" - exit 1 + echo "Error: SSL_EXPECTED_CLIENT_S_DN_C_VALUES environment variable not set" + exit 1 fi if ! is_comma_separated_list "$SSL_EXPECTED_CLIENT_S_DN_C_VALUES"; then - echo "Error: SSL_EXPECTED_CLIENT_S_DN_C_VALUES must be a comma-separated list of strings in single quotation marks" - exit 1 + echo "Error: SSL_EXPECTED_CLIENT_S_DN_C_VALUES must be a comma-separated list of strings in single quotation marks" + exit 1 fi if [ -z "$SSL_EXPECTED_CLIENT_I_DN_CN_VALUES" ]; then - echo "Error: SSL_EXPECTED_CLIENT_I_DN_CN_VALUES environment variable not set" - exit 1 + echo "Error: SSL_EXPECTED_CLIENT_I_DN_CN_VALUES environment variable not set" + exit 1 fi if ! is_comma_separated_list "$SSL_EXPECTED_CLIENT_I_DN_CN_VALUES"; then - echo "Error: SSL_EXPECTED_CLIENT_I_DN_CN_VALUES must be a comma-separated list of strings in single quotation marks" - exit 1 + echo "Error: SSL_EXPECTED_CLIENT_I_DN_CN_VALUES must be a comma-separated list of strings in single quotation marks" + exit 1 fi if [ "$SSL_VERIFY_CLIENT" != "optional" ] && [ "$SSL_VERIFY_CLIENT" != "require" ]; then - echo "Error: SSL_VERIFY_CLIENT must be set to either 'optional' or 'require'" - exit 1 + echo "Error: SSL_VERIFY_CLIENT must be set to either 'optional' or 'require'" + exit 1 fi out="./conf/extra/certificate_require_expr.conf" -if [ -e "$out" ]; then - echo "Info: Not creating $out, file exists" -elif [ "$SSL_VERIFY_CLIENT" == "optional" ]; then - echo "Require expr \"%{SSL_CLIENT_VERIFY} == 'NONE' || %{SSL_CLIENT_S_DN_C} in { $SSL_EXPECTED_CLIENT_S_DN_C_VALUES } && %{SSL_CLIENT_I_DN_CN} in { $SSL_EXPECTED_CLIENT_I_DN_CN_VALUES }\"" > "$out" -elif [ "$SSL_VERIFY_CLIENT" == "require" ]; then - echo "Require expr \"%{SSL_CLIENT_S_DN_C} in { $SSL_EXPECTED_CLIENT_S_DN_C_VALUES } && %{SSL_CLIENT_I_DN_CN} in { $SSL_EXPECTED_CLIENT_I_DN_CN_VALUES }\"" > "$out" +if [ ! -f "$out" ]; then + if [ "$SSL_VERIFY_CLIENT" == "optional" ]; then + echo "Require expr \"%{SSL_CLIENT_VERIFY} == 'NONE' || %{SSL_CLIENT_S_DN_C} in { $SSL_EXPECTED_CLIENT_S_DN_C_VALUES } && %{SSL_CLIENT_I_DN_CN} in { $SSL_EXPECTED_CLIENT_I_DN_CN_VALUES }\"" > "$out" + elif [ "$SSL_VERIFY_CLIENT" == "require" ]; then + echo "Require expr \"%{SSL_CLIENT_S_DN_C} in { $SSL_EXPECTED_CLIENT_S_DN_C_VALUES } && %{SSL_CLIENT_I_DN_CN} in { $SSL_EXPECTED_CLIENT_I_DN_CN_VALUES }\"" > "$out" + fi fi -httpd-foreground \ No newline at end of file +exec httpd-foreground \ No newline at end of file diff --git a/dsf-docker/fhir_proxy/.dockerignore b/dsf-docker/fhir_proxy/.dockerignore index 31bb6829b..d8f9c0ff1 100644 --- a/dsf-docker/fhir_proxy/.dockerignore +++ b/dsf-docker/fhir_proxy/.dockerignore @@ -1,3 +1,4 @@ ca/README.md .dockerignore -Dockerfile \ No newline at end of file +Dockerfile +README.md \ No newline at end of file diff --git a/dsf-docker/fhir_proxy/Dockerfile b/dsf-docker/fhir_proxy/Dockerfile index 115969fa1..6845c66c4 100755 --- a/dsf-docker/fhir_proxy/Dockerfile +++ b/dsf-docker/fhir_proxy/Dockerfile @@ -3,13 +3,18 @@ LABEL org.opencontainers.image.source=https://github.com/datasharingframework/ds LABEL org.opencontainers.image.description="DSF FHIR Reverse Proxy" LABEL org.opencontainers.image.licenses="Apache License, Version 2.0" +RUN --mount=type=cache,target=/etc/apk/cache \ + apk update && apk upgrade && apk -q add libcap && \ + setcap 'cap_net_bind_service=+ep' /usr/local/apache2/bin/httpd && \ + addgroup -g 4101 apache && adduser -S -H -u 4101 -G apache apache + WORKDIR /usr/local/apache2 COPY ./ ./ -RUN chown daemon:daemon ./ca/ && \ - chmod 750 ./ca/ ./start.sh && \ - chmod 440 ./ca/client_cert_ca_chains.pem ./ca/client_cert_issuing_cas.pem && \ - chmod 644 ./conf/httpd.conf ./conf/extra/host.conf ./conf/extra/host-ssl.conf ./conf/extra/httpd-ssl.conf && \ - apk update && apk upgrade && rm -vrf /var/cache/apk/* + +RUN chmod 750 ./ca/ ./start.sh && \ + chmod 440 ./ca/client_cert_ca_chains.pem ./ca/client_cert_issuing_cas.pem && \ + chmod 640 ./conf/httpd.conf ./conf/extra/host.conf ./conf/extra/host-ssl.conf ./conf/extra/httpd-ssl.conf && \ + chown -hR apache:apache /usr/local/apache2/ # setting non existing default values, see host-ssl.conf IfFile tests ENV SSL_CERTIFICATE_CHAIN_FILE="/does/not/exist" @@ -27,7 +32,7 @@ ENV SSL_VERIFY_CLIENT="require" ENV SSL_EXPECTED_CLIENT_S_DN_C_VALUES="'DE'" # expected client certificate issuer DN common-name (CN) values -ENV SSL_EXPECTED_CLIENT_I_DN_CN_VALUES="'GEANT TLS ECC 1', 'HARICA OV TLS ECC', 'GEANT TLS RSA 1', 'HARICA OV TLS RSA', 'GEANT S/MIME ECC 1', 'HARICA S/MIME ECC', 'GEANT S/MIME RSA 1', 'HARICA S/MIME RSA', 'DFN-Verein Global Issuing CA', 'Fraunhofer User CA - G02', 'D-TRUST SSL Class 3 CA 1 2009', 'Sectigo RSA Organization Validation Secure Server CA', 'GEANT OV RSA CA 4', 'GEANT Personal CA 4', 'GEANT eScience Personal CA 4', 'Sectigo ECC Organization Validation Secure Server CA', 'GEANT OV ECC CA 4', 'GEANT Personal ECC CA 4', 'GEANT eScience Personal ECC CA 4', 'D-TRUST Limited Basic CA 1-2 2019', 'D-TRUST Limited Basic CA 1-3 2019'" +ENV SSL_EXPECTED_CLIENT_I_DN_CN_VALUES="'GEANT TLS ECC 1', 'HARICA OV TLS ECC', 'GEANT TLS RSA 1', 'HARICA OV TLS RSA', 'GEANT S/MIME ECC 1', 'HARICA Client Authentication ECC', 'HARICA S/MIME ECC', 'GEANT S/MIME RSA 1', 'HARICA Client Authentication RSA', 'HARICA S/MIME RSA', 'DFN-Verein Global Issuing CA', 'Fraunhofer User CA - G02', 'D-TRUST SSL Class 3 CA 1 2009', 'Sectigo RSA Organization Validation Secure Server CA', 'GEANT OV RSA CA 4', 'GEANT Personal CA 4', 'GEANT eScience Personal CA 4', 'Sectigo ECC Organization Validation Secure Server CA', 'GEANT OV ECC CA 4', 'GEANT Personal ECC CA 4', 'GEANT eScience Personal ECC CA 4', 'D-TRUST Limited Basic CA 1-2 2019', 'D-TRUST Limited Basic CA 1-3 2019'" # timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply ENV PROXY_PASS_TIMEOUT_HTTP=60 @@ -44,4 +49,6 @@ ENV PROXY_PASS_CONNECTION_TIMEOUT_WS=30 # server context path: / character at start, no / character at end ENV SERVER_CONTEXT_PATH="/fhir" -ENTRYPOINT [ "sh", "./start.sh" ] \ No newline at end of file +USER apache +ENTRYPOINT [ "sh", "./start.sh" ] +HEALTHCHECK --interval=10s --timeout=15s --start-period=10s --retries=5 CMD nc -zv localhost 80 && nc -zv localhost 443 || exit 1 \ No newline at end of file diff --git a/dsf-docker/fhir_proxy/start.sh b/dsf-docker/fhir_proxy/start.sh index 1f83dc1c8..38dcd2b51 100644 --- a/dsf-docker/fhir_proxy/start.sh +++ b/dsf-docker/fhir_proxy/start.sh @@ -1,39 +1,39 @@ #!/bin/sh is_comma_separated_list() { - echo "$1" | grep -qE "^(\'[^\']+\')(,\s*\'[^\']+\')*$" + echo "$1" | grep -qE "^(\'[^\']+\')(,\s*\'[^\']+\')*$" } if [ -z "$SSL_EXPECTED_CLIENT_S_DN_C_VALUES" ]; then - echo "Error: SSL_EXPECTED_CLIENT_S_DN_C_VALUES environment variable not set" - exit 1 + echo "Error: SSL_EXPECTED_CLIENT_S_DN_C_VALUES environment variable not set" + exit 1 fi if ! is_comma_separated_list "$SSL_EXPECTED_CLIENT_S_DN_C_VALUES"; then - echo "Error: SSL_EXPECTED_CLIENT_S_DN_C_VALUES must be a comma-separated list of strings in single quotation marks" - exit 1 + echo "Error: SSL_EXPECTED_CLIENT_S_DN_C_VALUES must be a comma-separated list of strings in single quotation marks" + exit 1 fi if [ -z "$SSL_EXPECTED_CLIENT_I_DN_CN_VALUES" ]; then - echo "Error: SSL_EXPECTED_CLIENT_I_DN_CN_VALUES environment variable not set" - exit 1 + echo "Error: SSL_EXPECTED_CLIENT_I_DN_CN_VALUES environment variable not set" + exit 1 fi if ! is_comma_separated_list "$SSL_EXPECTED_CLIENT_I_DN_CN_VALUES"; then - echo "Error: SSL_EXPECTED_CLIENT_I_DN_CN_VALUES must be a comma-separated list of strings in single quotation marks" - exit 1 + echo "Error: SSL_EXPECTED_CLIENT_I_DN_CN_VALUES must be a comma-separated list of strings in single quotation marks" + exit 1 fi if [ "$SSL_VERIFY_CLIENT" != "optional" ] && [ "$SSL_VERIFY_CLIENT" != "require" ]; then - echo "Error: SSL_VERIFY_CLIENT must be set to either 'optional' or 'require'" - exit 1 + echo "Error: SSL_VERIFY_CLIENT must be set to either 'optional' or 'require'" + exit 1 fi out="./conf/extra/certificate_require_expr.conf" -if [ -e "$out" ]; then - echo "Info: Not creating $out, file exists" -elif [ "$SSL_VERIFY_CLIENT" == "optional" ]; then - echo "Require expr \"%{SSL_CLIENT_VERIFY} == 'NONE' || %{SSL_CLIENT_S_DN_C} in { $SSL_EXPECTED_CLIENT_S_DN_C_VALUES } && %{SSL_CLIENT_I_DN_CN} in { $SSL_EXPECTED_CLIENT_I_DN_CN_VALUES }\"" > "$out" -elif [ "$SSL_VERIFY_CLIENT" == "require" ]; then - echo "Require expr \"%{SSL_CLIENT_S_DN_C} in { $SSL_EXPECTED_CLIENT_S_DN_C_VALUES } && %{SSL_CLIENT_I_DN_CN} in { $SSL_EXPECTED_CLIENT_I_DN_CN_VALUES }\"" > "$out" +if [ ! -f "$out" ]; then + if [ "$SSL_VERIFY_CLIENT" == "optional" ]; then + echo "Require expr \"%{SSL_CLIENT_VERIFY} == 'NONE' || %{SSL_CLIENT_S_DN_C} in { $SSL_EXPECTED_CLIENT_S_DN_C_VALUES } && %{SSL_CLIENT_I_DN_CN} in { $SSL_EXPECTED_CLIENT_I_DN_CN_VALUES }\"" > "$out" + elif [ "$SSL_VERIFY_CLIENT" == "require" ]; then + echo "Require expr \"%{SSL_CLIENT_S_DN_C} in { $SSL_EXPECTED_CLIENT_S_DN_C_VALUES } && %{SSL_CLIENT_I_DN_CN} in { $SSL_EXPECTED_CLIENT_I_DN_CN_VALUES }\"" > "$out" + fi fi -httpd-foreground \ No newline at end of file +exec httpd-foreground \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-auth/pom.xml b/dsf-fhir/dsf-fhir-auth/pom.xml index ec417e2fd..a414724ff 100644 --- a/dsf-fhir/dsf-fhir-auth/pom.xml +++ b/dsf-fhir/dsf-fhir-auth/pom.xml @@ -6,9 +6,11 @@ dev.dsf dsf-fhir-pom - 1.7.1-SNAPSHOT + 2.0.0-SNAPSHOT + DSF FHIR Auth + dev.dsf diff --git a/dsf-fhir/dsf-fhir-rest-adapter/pom.xml b/dsf-fhir/dsf-fhir-rest-adapter/pom.xml index e35db6b8f..a718f1e73 100755 --- a/dsf-fhir/dsf-fhir-rest-adapter/pom.xml +++ b/dsf-fhir/dsf-fhir-rest-adapter/pom.xml @@ -6,9 +6,11 @@ dev.dsf dsf-fhir-pom - 1.7.1-SNAPSHOT + 2.0.0-SNAPSHOT + DSF FHIR Rest Adapter + ca.uhn.hapi.fhir diff --git a/dsf-fhir/dsf-fhir-server-jetty/docker/Dockerfile b/dsf-fhir/dsf-fhir-server-jetty/docker/Dockerfile index 36f67ecce..b838cf2c2 100755 --- a/dsf-fhir/dsf-fhir-server-jetty/docker/Dockerfile +++ b/dsf-fhir/dsf-fhir-server-jetty/docker/Dockerfile @@ -1,11 +1,10 @@ -FROM debian:buster-slim AS builder -RUN adduser --system --no-create-home --group --uid 2101 java +FROM debian:trixie-slim AS builder WORKDIR /opt/fhir -COPY --chown=root:java ./ ./ -RUN chown root:java ./ && \ +COPY --chown=root:2101 ./ ./ +RUN chown root:2101 ./ && \ chmod 750 ./ ./ca ./conf ./lib ./ui ./dsf_fhir_start.sh ./healthcheck.sh && \ - chmod 440 ./ca/client_cert_ca_chains.pem ./ca/server_cert_root_cas.pem ./conf/log4j2.xml ./conf/bundle.xml ./dsf_fhir.jar ./lib/*.jar && \ - chmod 1775 ./log + chmod 440 ./ca/client_cert_ca_chains.pem ./ca/server_cert_root_cas.pem ./conf/log4j2.xml ./conf/bundle.xml ./dsf_fhir.jar ./lib/*.jar && \ + chmod 1775 ./log FROM azul/zulu-openjdk:17-jre-headless @@ -15,8 +14,10 @@ LABEL org.opencontainers.image.licenses="Apache License, Version 2.0" EXPOSE 8080 -RUN adduser --system --no-create-home --group --uid 2101 java && \ +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ + --mount=type=cache,target=/var/lib/apt,sharing=locked \ apt update && apt dist-upgrade -y && apt install curl -y +RUN adduser --system --no-create-home --group --uid 2101 java WORKDIR /opt/fhir COPY --from=builder /opt/fhir ./ diff --git a/dsf-fhir/dsf-fhir-server-jetty/docker/dsf_fhir_start.sh b/dsf-fhir/dsf-fhir-server-jetty/docker/dsf_fhir_start.sh index 7dc01d914..dea5775ba 100755 --- a/dsf-fhir/dsf-fhir-server-jetty/docker/dsf_fhir_start.sh +++ b/dsf-fhir/dsf-fhir-server-jetty/docker/dsf_fhir_start.sh @@ -3,11 +3,11 @@ echo "Executing DSF FHIR with" java --version -trap 'kill -TERM $PID' TERM INT +trap 'kill -TERM $PID' TERM java $EXTRA_JVM_ARGS -Djdk.tls.acknowledgeCloseNotify=true -cp lib/*:dsf_fhir.jar dev.dsf.fhir.FhirJettyServer & PID=$! wait $PID -trap - TERM INT +trap - TERM wait $PID JAVA_EXIT=$? diff --git a/dsf-fhir/dsf-fhir-server-jetty/pom.xml b/dsf-fhir/dsf-fhir-server-jetty/pom.xml index 95f16c03e..14e7fa565 100755 --- a/dsf-fhir/dsf-fhir-server-jetty/pom.xml +++ b/dsf-fhir/dsf-fhir-server-jetty/pom.xml @@ -6,9 +6,11 @@ dev.dsf dsf-fhir-pom - 1.7.1-SNAPSHOT + 2.0.0-SNAPSHOT + DSF FHIR Server Jetty + dev.dsf diff --git a/dsf-fhir/dsf-fhir-server/pom.xml b/dsf-fhir/dsf-fhir-server/pom.xml index 73854350a..cf3ad951f 100755 --- a/dsf-fhir/dsf-fhir-server/pom.xml +++ b/dsf-fhir/dsf-fhir-server/pom.xml @@ -6,9 +6,11 @@ dev.dsf dsf-fhir-pom - 1.7.1-SNAPSHOT + 2.0.0-SNAPSHOT + DSF FHIR Server + dev.dsf diff --git a/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/authorization/SubscriptionAuthorizationRule.java b/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/authorization/SubscriptionAuthorizationRule.java index c1e1c978f..73b40c855 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/authorization/SubscriptionAuthorizationRule.java +++ b/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/authorization/SubscriptionAuthorizationRule.java @@ -3,9 +3,7 @@ import java.sql.Connection; import java.sql.SQLException; import java.util.ArrayList; -import java.util.Collections; import java.util.List; -import java.util.Map; import java.util.Optional; import java.util.stream.Collectors; @@ -25,7 +23,6 @@ import dev.dsf.fhir.dao.provider.DaoProvider; import dev.dsf.fhir.help.ParameterConverter; import dev.dsf.fhir.search.PageAndCount; -import dev.dsf.fhir.search.PartialResult; import dev.dsf.fhir.search.SearchQuery; import dev.dsf.fhir.search.SearchQueryParameterError; import dev.dsf.fhir.service.ReferenceResolver; @@ -128,26 +125,10 @@ private Optional newResourceOk(Connection connection, Subscription newRe @Override protected boolean resourceExists(Connection connection, Subscription newResource) { - Map> queryParameters = Map.of("criteria", - Collections.singletonList(newResource.getCriteria()), "type", - Collections.singletonList(newResource.getChannel().getType().toCode()), "payload", - Collections.singletonList(newResource.getChannel().getPayload())); - SubscriptionDao dao = getDao(); - SearchQuery query = dao.createSearchQueryWithoutUserFilter(PageAndCount.exists()) - .configureParameters(queryParameters); - - List uQp = query.getUnsupportedQueryParameters(); - if (!uQp.isEmpty()) - { - logger.warn("Unable to search for Subscription: Unsupported query parameters: {}", uQp); - - throw new IllegalStateException("Unable to search for Subscription: Unsupported query parameters"); - } - try { - PartialResult result = dao.searchWithTransaction(connection, query); - return result.getTotal() >= 1; + return getDao().existsByCriteriaChannelTypeAndChannelPayload(newResource.getCriteria(), + newResource.getChannel().getType().toCode(), newResource.getChannel().getPayload()); } catch (SQLException e) { diff --git a/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/dao/SubscriptionDao.java b/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/dao/SubscriptionDao.java index 9bfa023f4..c7029299a 100755 --- a/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/dao/SubscriptionDao.java +++ b/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/dao/SubscriptionDao.java @@ -9,4 +9,7 @@ public interface SubscriptionDao extends ResourceDao { List readByStatus(SubscriptionStatus status) throws SQLException; + + boolean existsByCriteriaChannelTypeAndChannelPayload(String criteria, String channelType, String channelPayload) + throws SQLException; } diff --git a/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/dao/jdbc/SubscriptionDaoJdbc.java b/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/dao/jdbc/SubscriptionDaoJdbc.java index 641a872d0..0a561f9d3 100755 --- a/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/dao/jdbc/SubscriptionDaoJdbc.java +++ b/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/dao/jdbc/SubscriptionDaoJdbc.java @@ -66,4 +66,28 @@ public List readByStatus(Subscription.SubscriptionStatus status) t } } } + + @Override + public boolean existsByCriteriaChannelTypeAndChannelPayload(String criteria, String channelType, + String channelPayload) throws SQLException + { + try (Connection connection = getDataSource().getConnection(); + PreparedStatement statement = connection + .prepareStatement("SELECT count(*) FROM current_subscriptions WHERE " + + "subscription->>'criteria' = ? AND subscription->'channel'->>'type' = ? AND " + + (channelPayload == null ? "NOT subscription->'channel' ?? 'payload'" + : "subscription->'channel'->>'payload' = ?"))) + { + statement.setString(1, criteria); + statement.setString(2, channelType); + + if (channelPayload != null) + statement.setString(3, channelPayload); + + try (ResultSet result = statement.executeQuery()) + { + return result.next() && result.getInt(1) > 0; + } + } + } } diff --git a/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/service/ValidationSupportWithCache.java b/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/service/ValidationSupportWithCache.java index d8a42acb3..4cc42f9ce 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/service/ValidationSupportWithCache.java +++ b/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/service/ValidationSupportWithCache.java @@ -266,7 +266,7 @@ public List fetchAllStructureDefinitions() @Override public IBaseResource fetchStructureDefinition(String url) { - logger.trace("Fetiching structure-definition '{}'", url); + logger.trace("Fetching structure-definition '{}'", url); if (url == null || url.isBlank()) return null; @@ -283,7 +283,7 @@ public boolean isCodeSystemSupported(ValidationSupportContext theRootValidationS @Override public IBaseResource fetchCodeSystem(String url) { - logger.trace("Fetiching code-system '{}'", url); + logger.trace("Fetching code-system '{}'", url); if (url == null || url.isBlank()) return null; @@ -300,7 +300,7 @@ public boolean isValueSetSupported(ValidationSupportContext theRootValidationSup @Override public IBaseResource fetchValueSet(String url) { - logger.trace("Fetiching value-set '{}'", url); + logger.trace("Fetching value-set '{}'", url); if (url == null || url.isBlank()) return null; diff --git a/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/spring/config/JsonConfig.java b/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/spring/config/JsonConfig.java index 6d6b789f2..286424073 100755 --- a/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/spring/config/JsonConfig.java +++ b/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/spring/config/JsonConfig.java @@ -3,6 +3,7 @@ import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; +import com.fasterxml.jackson.annotation.JsonInclude; import com.fasterxml.jackson.annotation.JsonInclude.Include; import com.fasterxml.jackson.core.JsonGenerator.Feature; import com.fasterxml.jackson.databind.MapperFeature; @@ -16,7 +17,8 @@ public class JsonConfig public ObjectMapper objectMapper() { JsonMapper jsonMapper = JsonMapper.builder().disable(MapperFeature.DEFAULT_VIEW_INCLUSION) - .serializationInclusion(Include.NON_NULL).serializationInclusion(Include.NON_EMPTY) + .defaultPropertyInclusion(JsonInclude.Value.construct(Include.NON_NULL, Include.NON_NULL)) + .defaultPropertyInclusion(JsonInclude.Value.construct(Include.NON_EMPTY, Include.NON_EMPTY)) .disable(Feature.AUTO_CLOSE_TARGET).build(); return jsonMapper; diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/unique_trigger_functions/subscriptions_unique.sql b/dsf-fhir/dsf-fhir-server/src/main/resources/db/unique_trigger_functions/subscriptions_unique.sql index 95b391275..8f967bd56 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/unique_trigger_functions/subscriptions_unique.sql +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/unique_trigger_functions/subscriptions_unique.sql @@ -1,10 +1,11 @@ CREATE OR REPLACE FUNCTION subscriptions_unique() RETURNS TRIGGER AS $$ BEGIN - PERFORM pg_advisory_xact_lock(hashtext((NEW.subscription->>'criteria') || (NEW.subscription->'channel'->>'type') || (NEW.subscription->'channel'->>'payload'))); + PERFORM pg_advisory_xact_lock(hashtext((NEW.subscription->>'criteria') || (NEW.subscription->'channel'->>'type'))); IF EXISTS (SELECT 1 FROM current_subscriptions WHERE subscription_id <> NEW.subscription_id AND subscription->>'criteria' = NEW.subscription->>'criteria' AND subscription->'channel'->>'type' = NEW.subscription->'channel'->>'type' - AND subscription->'channel'->>'payload' = NEW.subscription->'channel'->>'payload') THEN + AND ((subscription->'channel'->>'payload' = NEW.subscription->'channel'->>'payload') + OR (NOT subscription->'channel' ? 'payload' AND NOT NEW.subscription->'channel' ? 'payload'))) THEN RAISE EXCEPTION 'Conflict: Not inserting Subscription with criteria %, channel.type % and channel.payload %, resource already exists with given criteria, channel type and channel payload', NEW.subscription->>'criteria', NEW.subscription->'channel'->>'type', NEW.subscription->'channel'->>'payload' USING ERRCODE = 'unique_violation'; ELSE diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.js b/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.js index 9814b85d6..04fd12ab1 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.js +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.js @@ -177,7 +177,7 @@ function newTaskInputBoolean(type, id, checkedTrue, checkedFalse, optional) { addError(errorListElement, "Input mandatory") } - if (value) { + if (value !== null) { return { input: { type: type, @@ -224,6 +224,7 @@ function readQuestionnaireResponseAnswersFromForm() { }) questionnaireResponse.status = "completed" + questionnaireResponse.authored = new Date().toISOString() questionnaireResponse.item = newItems return valid ? questionnaireResponse : null @@ -722,24 +723,27 @@ function getValueOfDifferential(differentials, path, property) { function modifyTaskInputRow(definition) { const id = definition.typeSystem + "|" + definition.typeCode const row = document.querySelector(`div.row[for="${CSS.escape(id)}"]`) - const span = row.querySelector('span.cardinalities') - span.innerText = `[${definition.min}..${definition.max}]` - if (definition.max !== "1") { - const plusIcon = htmlToElement('') - const plusIconSvg = htmlToElement('Add additional input') + if (row) { + const span = row.querySelector('span.cardinalities') + span.innerText = `[${definition.min}..${definition.max}]` - plusIconSvg.addEventListener("click", event => { - appendInputRowAfter(id) - event.preventDefault() - }) + if (definition.max !== "1") { + const plusIcon = htmlToElement('') + const plusIconSvg = htmlToElement('Add additional input') - plusIcon.appendChild(plusIconSvg) - span.appendChild(plusIcon) - } + plusIconSvg.addEventListener("click", event => { + appendInputRowAfter(id) + event.preventDefault() + }) - if (definition.min < 1 || definition.min === undefined) - row.setAttribute("optional", "") + plusIcon.appendChild(plusIconSvg) + span.appendChild(plusIcon) + } + + if (definition.min < 1 || definition.min === undefined) + row.setAttribute("optional", "") + } } function modifyQuestionnaireInputRow(item) { diff --git a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/ParallelCreateIntegrationTest.java b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/ParallelCreateIntegrationTest.java index 0574bfedb..fa59828d1 100644 --- a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/ParallelCreateIntegrationTest.java +++ b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/ParallelCreateIntegrationTest.java @@ -311,17 +311,33 @@ public void testCreateDuplicateStructureDefinitionsViaBatchBundle() throws Excep } @Test - public void testCreateDuplicateSubscriptionsViaTransactionBundle() throws Exception + public void testCreateDuplicateSubscriptionsWithPayloadViaTransactionBundle() throws Exception { - Bundle bundle = createBundle(BundleType.TRANSACTION, createSubscription(), null, 2); + Bundle bundle = createBundle(BundleType.TRANSACTION, createSubscription(true), null, 2); expectForbidden(() -> getWebserviceClient().postBundle(bundle)); } @Test - public void testCreateDuplicateSubscriptionsViaBatchBundle() throws Exception + public void testCreateDuplicateSubscriptionsWithPayloadViaBatchBundle() throws Exception { - Bundle bundle = createBundle(BundleType.BATCH, createSubscription(), null, 2); + Bundle bundle = createBundle(BundleType.BATCH, createSubscription(true), null, 2); + + checkReturnBatchBundle(getWebserviceClient().postBundle(bundle)); + } + + @Test + public void testCreateDuplicateSubscriptionsWithoutPayloadViaTransactionBundle() throws Exception + { + Bundle bundle = createBundle(BundleType.TRANSACTION, createSubscription(false), null, 2); + + expectForbidden(() -> getWebserviceClient().postBundle(bundle)); + } + + @Test + public void testCreateDuplicateSubscriptionsWithoutPayloadViaBatchBundle() throws Exception + { + Bundle bundle = createBundle(BundleType.BATCH, createSubscription(false), null, 2); checkReturnBatchBundle(getWebserviceClient().postBundle(bundle)); } @@ -585,9 +601,9 @@ public void testCreateDuplicateStructureDefinitionsViaBatchBundleWithIfNoneExist } @Test - public void testCreateDuplicateSubscriptionsViaTransactionBundleWithIfNoneExists() throws Exception + public void testCreateDuplicateSubscriptionsWithPayloadViaTransactionBundleWithIfNoneExists() throws Exception { - Bundle bundle = createBundle(BundleType.TRANSACTION, createSubscription(), + Bundle bundle = createBundle(BundleType.TRANSACTION, createSubscription(true), (s, r) -> r .setIfNoneExist("criteria=" + s.getCriteria() + "&type=" + s.getChannel().getType().toCode()), 2); @@ -596,9 +612,31 @@ public void testCreateDuplicateSubscriptionsViaTransactionBundleWithIfNoneExists } @Test - public void testCreateDuplicateSubscriptionsViaBatchBundleWithIfNoneExists() throws Exception + public void testCreateDuplicateSubscriptionsWithPayloadViaBatchBundleWithIfNoneExists() throws Exception { - Bundle bundle = createBundle(BundleType.BATCH, createSubscription(), + Bundle bundle = createBundle(BundleType.BATCH, createSubscription(true), + (s, r) -> r + .setIfNoneExist("criteria=" + s.getCriteria() + "&type=" + s.getChannel().getType().toCode()), + 2); + + testCreateDuplicatesViaBundleWithIfNoneExists(bundle, BundleType.BATCHRESPONSE); + } + + @Test + public void testCreateDuplicateSubscriptionsWithoutPayloadViaTransactionBundleWithIfNoneExists() throws Exception + { + Bundle bundle = createBundle(BundleType.TRANSACTION, createSubscription(false), + (s, r) -> r + .setIfNoneExist("criteria=" + s.getCriteria() + "&type=" + s.getChannel().getType().toCode()), + 2); + + testCreateDuplicatesViaBundleWithIfNoneExists(bundle, BundleType.TRANSACTIONRESPONSE); + } + + @Test + public void testCreateDuplicateSubscriptionsWithoutPayloadViaBatchBundleWithIfNoneExists() throws Exception + { + Bundle bundle = createBundle(BundleType.BATCH, createSubscription(false), (s, r) -> r .setIfNoneExist("criteria=" + s.getCriteria() + "&type=" + s.getChannel().getType().toCode()), 2); @@ -825,11 +863,11 @@ public void testCreateDuplicateStructureDefinitionsParallelDirect() throws Excep } @Test - public void testCreateDuplicateSubscriptionsParallelDirect() throws Exception + public void testCreateDuplicateSubscriptionsWithPayloadParallelDirect() throws Exception { testCreateDuplicatesParallel(() -> { - Subscription returnS = getWebserviceClient().create(createSubscription()); + Subscription returnS = getWebserviceClient().create(createSubscription(true)); assertNotNull(returnS); }, SubscriptionDao.class, s -> SUBSCRIPTION_CRITERIA.equals(s.getCriteria()) @@ -837,6 +875,17 @@ public void testCreateDuplicateSubscriptionsParallelDirect() throws Exception && SUBSCRIPTION_CHANNEL_PAYLOAD.equals(s.getChannel().getPayload())); } + @Test + public void testCreateDuplicateSubscriptionsWithoutPayloadParallelDirect() throws Exception + { + testCreateDuplicatesParallel(() -> + { + Subscription returnS = getWebserviceClient().create(createSubscription(false)); + assertNotNull(returnS); + }, SubscriptionDao.class, s -> SUBSCRIPTION_CRITERIA.equals(s.getCriteria()) + && SUBSCRIPTION_CHANNEL_TYPE.equals(s.getChannel().getType()) && s.getChannel().getPayload() == null); + } + @Test public void testCreateDuplicateTasksParallelDirect() throws Exception { @@ -1235,12 +1284,12 @@ public void testCreateDuplicateStructureDefinitionsParallelBatchBundle() throws } @Test - public void testCreateDuplicateSubscriptionsParallelTransactionBundle() throws Exception + public void testCreateDuplicateSubscriptionsWithPayloadParallelTransactionBundle() throws Exception { testCreateDuplicatesParallel(() -> { Bundle returnBundle = getWebserviceClient() - .postBundle(createBundle(BundleType.TRANSACTION, createSubscription(), null, 1)); + .postBundle(createBundle(BundleType.TRANSACTION, createSubscription(true), null, 1)); assertNotNull(returnBundle); }, SubscriptionDao.class, s -> SUBSCRIPTION_CRITERIA.equals(s.getCriteria()) @@ -1249,12 +1298,12 @@ public void testCreateDuplicateSubscriptionsParallelTransactionBundle() throws E } @Test - public void testCreateDuplicateSubscriptionsParallelBatchBundle() throws Exception + public void testCreateDuplicateSubscriptionsWithPayloadParallelBatchBundle() throws Exception { testCreateDuplicatesParallel(() -> { Bundle returnBundle = getWebserviceClient() - .postBundle(createBundle(BundleType.BATCH, createSubscription(), null, 1)); + .postBundle(createBundle(BundleType.BATCH, createSubscription(true), null, 1)); assertNotNull(returnBundle); assertNotNull(returnBundle.getEntry()); @@ -1270,6 +1319,38 @@ public void testCreateDuplicateSubscriptionsParallelBatchBundle() throws Excepti && SUBSCRIPTION_CHANNEL_PAYLOAD.equals(s.getChannel().getPayload())); } + @Test + public void testCreateDuplicateSubscriptionsWithoutPayloadParallelTransactionBundle() throws Exception + { + testCreateDuplicatesParallel(() -> + { + Bundle returnBundle = getWebserviceClient() + .postBundle(createBundle(BundleType.TRANSACTION, createSubscription(false), null, 1)); + assertNotNull(returnBundle); + }, SubscriptionDao.class, s -> SUBSCRIPTION_CRITERIA.equals(s.getCriteria()) + && SUBSCRIPTION_CHANNEL_TYPE.equals(s.getChannel().getType()) && s.getChannel().getPayload() == null); + } + + @Test + public void testCreateDuplicateSubscriptionsWithoutPayloadParallelBatchBundle() throws Exception + { + testCreateDuplicatesParallel(() -> + { + Bundle returnBundle = getWebserviceClient() + .postBundle(createBundle(BundleType.BATCH, createSubscription(false), null, 1)); + assertNotNull(returnBundle); + + assertNotNull(returnBundle.getEntry()); + assertEquals(1, returnBundle.getEntry().size()); + assertNotNull(returnBundle.getEntry().get(0).getResponse()); + assertNotNull(returnBundle.getEntry().get(0).getResponse().getStatus()); + + if ("403 Forbidden".equals(returnBundle.getEntry().get(0).getResponse().getStatus())) + throw new WebApplicationException(403); + }, SubscriptionDao.class, s -> SUBSCRIPTION_CRITERIA.equals(s.getCriteria()) + && SUBSCRIPTION_CHANNEL_TYPE.equals(s.getChannel().getType()) && s.getChannel().getPayload() == null); + } + @Test public void testCreateDuplicateTasksParallelTransactionBundle() throws Exception { @@ -1574,11 +1655,14 @@ private StructureDefinition createStructureDefinition() return sD; } - private Subscription createSubscription() + private Subscription createSubscription(boolean withPayload) { Subscription s = new Subscription().setStatus(SubscriptionStatus.ACTIVE).setReason("some reason") - .setCriteria(SUBSCRIPTION_CRITERIA).setChannel(new SubscriptionChannelComponent() - .setType(SUBSCRIPTION_CHANNEL_TYPE).setPayload(SUBSCRIPTION_CHANNEL_PAYLOAD)); + .setCriteria(SUBSCRIPTION_CRITERIA) + .setChannel(new SubscriptionChannelComponent().setType(SUBSCRIPTION_CHANNEL_TYPE)); + + if (withPayload) + s.getChannel().setPayload(SUBSCRIPTION_CHANNEL_PAYLOAD); getReadAccessHelper().addAll(s); diff --git a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/SubscriptionIntegrationTest.java b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/SubscriptionIntegrationTest.java index 0bf6dc68f..85b541217 100644 --- a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/SubscriptionIntegrationTest.java +++ b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/SubscriptionIntegrationTest.java @@ -61,6 +61,35 @@ public void testCreateOkNoPayload() throws Exception assertEquals("1", created.getMeta().getVersionId()); } + @Test + public void testCreateOkNoPayloadAllreadyExistsWithPayload() throws Exception + { + Subscription t = newSubscription("Task?status=completed"); + + SubscriptionDao dao = getSpringWebApplicationContext().getBean(SubscriptionDao.class); + dao.create(t); + + t = newSubscription("Task?status=completed"); + t.getChannel().setPayload(null); + + Subscription created = getWebserviceClient().create(t); + assertNotNull(created); + assertTrue(created.getIdElement().hasValue()); + assertEquals("1", created.getMeta().getVersionId()); + } + + @Test + public void testCreateNotOkNoPayloadAllreadyExistsWithoutPayload() throws Exception + { + Subscription t = newSubscription("Task?status=completed"); + t.getChannel().setPayload(null); + + SubscriptionDao dao = getSpringWebApplicationContext().getBean(SubscriptionDao.class); + dao.create(t); + + expectForbidden(() -> getWebserviceClient().create(t)); + } + @Test public void testCreateInvalid() throws Exception { diff --git a/dsf-fhir/dsf-fhir-validation/pom.xml b/dsf-fhir/dsf-fhir-validation/pom.xml index 7f5e15fd2..7231d8410 100644 --- a/dsf-fhir/dsf-fhir-validation/pom.xml +++ b/dsf-fhir/dsf-fhir-validation/pom.xml @@ -6,9 +6,11 @@ dev.dsf dsf-fhir-pom - 1.7.1-SNAPSHOT + 2.0.0-SNAPSHOT + DSF FHIR Validation + ca.uhn.hapi.fhir @@ -104,7 +106,7 @@ - diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-activity-definition-1.0.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-activity-definition-1.0.0.xml.post index aa1d48fa1..9f25fda92 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-activity-definition-1.0.0.xml.post +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-activity-definition-1.0.0.xml.post @@ -1 +1 @@ -url=http://dsf.dev/fhir/StructureDefinition/code-system&version=1.0.0 \ No newline at end of file +url=http://dsf.dev/fhir/StructureDefinition/activity-definition&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/Subscription/dsf-bpmn-questionnaire-response-subscription.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/Subscription/dsf-bpmn-questionnaire-response-subscription.xml.post index e305c959b..5bd7dd61b 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/Subscription/dsf-bpmn-questionnaire-response-subscription.xml.post +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/Subscription/dsf-bpmn-questionnaire-response-subscription.xml.post @@ -1 +1 @@ -criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson \ No newline at end of file +criteria:exact=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/Subscription/dsf-bpmn-task-subscription.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/Subscription/dsf-bpmn-task-subscription.xml.post index 44827415c..8102916d3 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/Subscription/dsf-bpmn-task-subscription.xml.post +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/Subscription/dsf-bpmn-task-subscription.xml.post @@ -1 +1 @@ -criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson \ No newline at end of file +criteria:exact=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-webservice-client/pom.xml b/dsf-fhir/dsf-fhir-webservice-client/pom.xml index 141fbf734..6255cdd8d 100755 --- a/dsf-fhir/dsf-fhir-webservice-client/pom.xml +++ b/dsf-fhir/dsf-fhir-webservice-client/pom.xml @@ -6,9 +6,11 @@ dev.dsf dsf-fhir-pom - 1.7.1-SNAPSHOT + 2.0.0-SNAPSHOT + DSF FHIR Webservice Client + dev.dsf diff --git a/dsf-fhir/dsf-fhir-websocket-client/pom.xml b/dsf-fhir/dsf-fhir-websocket-client/pom.xml index 4855a3257..5fcff412d 100755 --- a/dsf-fhir/dsf-fhir-websocket-client/pom.xml +++ b/dsf-fhir/dsf-fhir-websocket-client/pom.xml @@ -6,9 +6,11 @@ dev.dsf dsf-fhir-pom - 1.7.1-SNAPSHOT + 2.0.0-SNAPSHOT + DSF FHIR Websocket Client + ca.uhn.hapi.fhir diff --git a/dsf-fhir/pom.xml b/dsf-fhir/pom.xml index b2ad3ea6d..fba8757bd 100755 --- a/dsf-fhir/pom.xml +++ b/dsf-fhir/pom.xml @@ -7,7 +7,7 @@ dev.dsf dsf-pom - 1.7.1-SNAPSHOT + 2.0.0-SNAPSHOT @@ -19,11 +19,13 @@ dsf-fhir-validation dsf-fhir-auth - + ${project.basedir}/../.. + DSF FHIR Parent POM + @@ -107,7 +109,7 @@ dsf-tools-documentation-generator ${project.version} - + dev.dsf dsf-common-auth diff --git a/dsf-tools/dsf-tools-build-info-reader/pom.xml b/dsf-tools/dsf-tools-build-info-reader/pom.xml index 6b68277b4..13bc48e25 100644 --- a/dsf-tools/dsf-tools-build-info-reader/pom.xml +++ b/dsf-tools/dsf-tools-build-info-reader/pom.xml @@ -6,9 +6,11 @@ dev.dsf dsf-tools-pom - 1.7.1-SNAPSHOT + 2.0.0-SNAPSHOT + DSF Tools Build Info Reader + org.slf4j diff --git a/dsf-tools/dsf-tools-bundle-generator/pom.xml b/dsf-tools/dsf-tools-bundle-generator/pom.xml index abdb1aefa..177e63a6b 100755 --- a/dsf-tools/dsf-tools-bundle-generator/pom.xml +++ b/dsf-tools/dsf-tools-bundle-generator/pom.xml @@ -6,9 +6,11 @@ dev.dsf dsf-tools-pom - 1.7.1-SNAPSHOT + 2.0.0-SNAPSHOT + DSF Tools Bundle Generator + ca.uhn.hapi.fhir @@ -36,7 +38,7 @@ ca.uhn.hapi.fhir hapi-fhir-validation-resources-r5 - + org.apache.logging.log4j log4j-core diff --git a/dsf-tools/dsf-tools-db-migration/pom.xml b/dsf-tools/dsf-tools-db-migration/pom.xml index ee1aa4cdb..5cb34e770 100755 --- a/dsf-tools/dsf-tools-db-migration/pom.xml +++ b/dsf-tools/dsf-tools-db-migration/pom.xml @@ -6,9 +6,11 @@ dev.dsf dsf-tools-pom - 1.7.1-SNAPSHOT + 2.0.0-SNAPSHOT + DSF Tools DB Migration + org.postgresql diff --git a/dsf-tools/dsf-tools-db-migration/src/main/java/dev/dsf/tools/db/DbMigrator.java b/dsf-tools/dsf-tools-db-migration/src/main/java/dev/dsf/tools/db/DbMigrator.java index f7f5c6ad9..43c2587ee 100755 --- a/dsf-tools/dsf-tools-db-migration/src/main/java/dev/dsf/tools/db/DbMigrator.java +++ b/dsf-tools/dsf-tools-db-migration/src/main/java/dev/dsf/tools/db/DbMigrator.java @@ -8,9 +8,11 @@ import java.util.Arrays; import java.util.HashMap; import java.util.Map; +import java.util.Set; import org.apache.commons.dbcp2.BasicDataSource; import org.postgresql.Driver; +import org.postgresql.util.PSQLException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -44,7 +46,6 @@ private static final class DbMigratorExceptions extends RuntimeException } } - private static final class LiquibaseConfigProvider extends AbstractMapConfigurationValueProvider { static final String LIQUIBASE_CHANGELOGLOCK_WAIT_TIME = "liquibase.changelogLockWaitTimeInMinutes"; @@ -75,6 +76,9 @@ protected String getSourceDescription() } } + private static final Set POSTGRES_TRY_AGAIN_ERROR_MESSAGES = Set.of("the database system is starting up", + "the database system is not yet accepting connections"); + private final DbMigratorConfig config; public DbMigrator(DbMigratorConfig config) @@ -210,6 +214,19 @@ else if (cause instanceof UnknownHostException && times > 1) } retryOnConnectException(--times, run); } + else if (cause instanceof PSQLException p + && POSTGRES_TRY_AGAIN_ERROR_MESSAGES.contains(p.getServerErrorMessage().getMessage()) && times > 1) + { + logger.warn("PSQLException ({}): trying again in 5s", p.getServerErrorMessage().getMessage()); + try + { + Thread.sleep(5_000); + } + catch (InterruptedException e1) + { + } + retryOnConnectException(--times, run); + } else { logger.error("Error while running liquibase: {}", e.getMessage()); diff --git a/dsf-tools/dsf-tools-default-ca-files-generator/pom.xml b/dsf-tools/dsf-tools-default-ca-files-generator/pom.xml index 2621edadd..b42a6f540 100644 --- a/dsf-tools/dsf-tools-default-ca-files-generator/pom.xml +++ b/dsf-tools/dsf-tools-default-ca-files-generator/pom.xml @@ -1,20 +1,22 @@ - 4.0.0 + 4.0.0 - dsf-tools-default-ca-files-generator + dsf-tools-default-ca-files-generator - - dev.dsf - dsf-tools-pom - 1.7.1-SNAPSHOT - - - + + dev.dsf + dsf-tools-pom + 2.0.0-SNAPSHOT + + + DSF Tools Default CA Files Generator + + de.hs-heilbronn.mi crypto-utils - + org.apache.logging.log4j log4j-core diff --git a/dsf-tools/dsf-tools-default-ca-files-generator/src/main/java/dev/dsf/tools/generator/DefaultCaFilesGenerator.java b/dsf-tools/dsf-tools-default-ca-files-generator/src/main/java/dev/dsf/tools/generator/DefaultCaFilesGenerator.java index c350933e9..7648924c0 100644 --- a/dsf-tools/dsf-tools-default-ca-files-generator/src/main/java/dev/dsf/tools/generator/DefaultCaFilesGenerator.java +++ b/dsf-tools/dsf-tools-default-ca-files-generator/src/main/java/dev/dsf/tools/generator/DefaultCaFilesGenerator.java @@ -40,7 +40,8 @@ public class DefaultCaFilesGenerator private static final List CLIENT_ONLY_ISSUING_CA_COMMON_NAMES = List.of("D-TRUST Limited Basic CA 1-2 2019", "D-TRUST Limited Basic CA 1-3 2019", "Fraunhofer User CA - G02", "GEANT eScience Personal CA 4", "GEANT eScience Personal ECC CA 4", "GEANT Personal CA 4", "GEANT Personal ECC CA 4", "GEANT S/MIME ECC 1", - "GEANT S/MIME RSA 1", "HARICA S/MIME ECC", "HARICA S/MIME RSA"); + "GEANT S/MIME RSA 1", "HARICA Client Authentication ECC", "HARICA Client Authentication RSA", + "HARICA S/MIME ECC", "HARICA S/MIME RSA"); private static final String CLIENT_CERT_ISSUING_CAS_PEM = "client_cert_issuing_cas.pem"; private static final String CLIENT_CERT_CA_CHAINS_PEM = "client_cert_ca_chains.pem"; diff --git a/dsf-tools/dsf-tools-default-ca-files-generator/src/main/resources/cert/HARICA_Client_Authentication_ECC.pem b/dsf-tools/dsf-tools-default-ca-files-generator/src/main/resources/cert/HARICA_Client_Authentication_ECC.pem new file mode 100644 index 000000000..357ea7721 --- /dev/null +++ b/dsf-tools/dsf-tools-default-ca-files-generator/src/main/resources/cert/HARICA_Client_Authentication_ECC.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDgTCCAwagAwIBAgIQE8HgrQAH0BtzfX3LWvJSfzAKBggqhkjOPQQDAzBvMQsw +CQYDVQQGEwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2Vh +cmNoIEluc3RpdHV0aW9ucyBDQTEnMCUGA1UEAwweSEFSSUNBIENsaWVudCBFQ0Mg +Um9vdCBDQSAyMDIxMB4XDTIxMDMxOTA5MTczOVoXDTM2MDMxNTA5MTczOFowcTEL +MAkGA1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNl +YXJjaCBJbnN0aXR1dGlvbnMgQ0ExKTAnBgNVBAMMIEhBUklDQSBDbGllbnQgQXV0 +aGVudGljYXRpb24gRUNDMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEqEqssLtH6Kkn +Sa4ms1u/YGAi0JW3Py7nkN33soahf1Vf8p4L3eNEaCV3/sZXeviOVEyg2O+F0PWz +gLFZdv4U//ZgLA0qjFDCtYVnB0R5y/953IpMTdgKR+cjrpveu10Lo4IBYzCCAV8w +EgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBRSCNK+MoEl/fUal+xOXxq7 +U82QrTBXBggrBgEFBQcBAQRLMEkwRwYIKwYBBQUHMAKGO2h0dHA6Ly9yZXBvLmhh +cmljYS5nci9jZXJ0cy9IQVJJQ0EtQ2xpZW50LVJvb3QtMjAyMS1FQ0MuY2VyMEQG +A1UdIAQ9MDswOQYEVR0gADAxMC8GCCsGAQUFBwIBFiNodHRwOi8vcmVwby5oYXJp +Y2EuZ3IvZG9jdW1lbnRzL0NQUzATBgNVHSUEDDAKBggrBgEFBQcDAjBFBgNVHR8E +PjA8MDqgOKA2hjRodHRwOi8vY3JsLmhhcmljYS5nci9IQVJJQ0EtQ2xpZW50LVJv +b3QtMjAyMS1FQ0MuY3JsMB0GA1UdDgQWBBQqHWyH7pXv/Mkv8RzX+Dw52v+X3jAO +BgNVHQ8BAf8EBAMCAYYwCgYIKoZIzj0EAwMDaQAwZgIxAIE3QcG3SB1Dgj0a8gE7 +ZSKgA7KfGlt+/ajMitsDqHvg7RZCHFmc05ggxGbzXcu2CwIxAI0VJVUxKQbaLnm1 +u8MvlJDaH1hHCujJ3PU9lYRPg5CaOwkgvV+H5OzQhvkn4flaDw== +-----END CERTIFICATE----- diff --git a/dsf-tools/dsf-tools-default-ca-files-generator/src/main/resources/cert/HARICA_Client_Authentication_RSA.pem b/dsf-tools/dsf-tools-default-ca-files-generator/src/main/resources/cert/HARICA_Client_Authentication_RSA.pem new file mode 100644 index 000000000..17499bc10 --- /dev/null +++ b/dsf-tools/dsf-tools-default-ca-files-generator/src/main/resources/cert/HARICA_Client_Authentication_RSA.pem @@ -0,0 +1,39 @@ +-----BEGIN CERTIFICATE----- +MIIGzzCCBLegAwIBAgIQZvugWpzzpAYFBJWnGSeXMjANBgkqhkiG9w0BAQsFADBv +MQswCQYDVQQGEwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl +c2VhcmNoIEluc3RpdHV0aW9ucyBDQTEnMCUGA1UEAwweSEFSSUNBIENsaWVudCBS +U0EgUm9vdCBDQSAyMDIxMB4XDTIxMDMxOTA5MTkzN1oXDTM2MDMxNTA5MTkzNlow +cTELMAkGA1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxlbmljIEFjYWRlbWljIGFuZCBS +ZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ0ExKTAnBgNVBAMMIEhBUklDQSBDbGllbnQg +QXV0aGVudGljYXRpb24gUlNBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC +AgEAtdFg0VN118Izv7l4joORHFO+qJQ09hwRqNdfZW9g9SzSjXcAS4mz4+BlOYVC +PrdKoxs+1iVnoz6Hl1w2wf9xjTI9xQ6O6miM06CbST2rYCo58y0sV6yAs4/ptMHf +7smx1/ORdAu3AVYbqzYqoCj5gVehlIivyZKpzko7/45N9eWUs24ah3G4nMiVxTOc +RNYqw3/bfc+WvatbB6qNQRRJfebeDNQ8Hqen3DBPA9qsOf4Nfi4XDVkGgVPJZqfZ +VTE8fmZIZRq+Ujcp+JRc4V2dFRqvn9xKPA3d+nbbic+JQs24+ZqYiWrcNdYNE64d +6GlRhU3chNWFCI4RLNa7VpqoBZkFqlx2S5l83VO/G9DELikFa9nvc2BR+2h/pObG +WmWIqgQf0esW5nzy4+inufbZ4DLwQ9Bao0TMqLsi6ywdyxreFDvfzVuVxm6NWQoO +fi6uxdgwFEUp7FJ79owErc+RjNUrMzmhW1nlPtoCYaIy/7bW6VAqJ89ZftvRCCdV +5QeMOYlqdle65NjcaoXh5sC7g8pTA0VlUk2VHaHWPg13HLGQNyo0yWjtRzE6rIpl +ede96vg/bjB2edSYFUkrEZn5R71C1XhPQ945npiZ6yNv2qMlqasKuQQVEKkpi4bz +ntA0C8JUWiobnD91o1NXARIlanApakhk21b8ba0O+WsjgyECAwEAAaOCAWMwggFf +MBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAUoNYHPV4k93ugRC4kUg0Z +qisEkacwVwYIKwYBBQUHAQEESzBJMEcGCCsGAQUFBzAChjtodHRwOi8vcmVwby5o +YXJpY2EuZ3IvY2VydHMvSEFSSUNBLUNsaWVudC1Sb290LTIwMjEtUlNBLmNlcjBE +BgNVHSAEPTA7MDkGBFUdIAAwMTAvBggrBgEFBQcCARYjaHR0cDovL3JlcG8uaGFy +aWNhLmdyL2RvY3VtZW50cy9DUFMwEwYDVR0lBAwwCgYIKwYBBQUHAwIwRQYDVR0f +BD4wPDA6oDigNoY0aHR0cDovL2NybC5oYXJpY2EuZ3IvSEFSSUNBLUNsaWVudC1S +b290LTIwMjEtUlNBLmNybDAdBgNVHQ4EFgQU8qBdeyXizDQ4cBVNxXMsNAswGCYw +DgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQAr9ecjniPGgn1Le9OW +sgHWRAEAqAMnFEH7S7zlL6nzEN10kjkxWE4P6776V1rYeRWpSNbB71u2zVqAPcKD +aGiMP0I9oWlmtWxq2/JjEcf0UgRT+e9e2CleQMmTLbai1hpx08tZj/XMd6X5t78M +w4WJDfRUnfIjHcWTxu1Nkkj64rfGXI4hzjcLD7wFq6ZXVlhTe9sp5sDCfrVZHCMh +cHCu9odUF7IXPpPzJrKfB/uidE9mLt+V7DXepDJ2VCySL2JAP3yo4LdjrDEZGFZ7 +YZnHzjdeeq/dn+/DJ7BUVDVIMUQZT3MXoI5yb1PZ9JZrQ4x8jZbP3EPrbQK0RPyU +4hYjxT52BWjMlP9JXtZw4aVMaOZb9QklKzJHTtWsBrer9pi1seDC2Z2pLw6mK+Yl +NHdsk/qZ/CpK6NNrs4uWm2U3Jj7z9wFk0TCGXSS1HI024960RZTYe/3laBClflSQ +7T7xD6HwgPfNivqerXzImw87NHgM275Nd63eV/Lhw4XgH0e+NRGk8vYE6re0p6Y9 +L79OnCWtEqywdJcJ8qr3MvviOBphUXxubDYWZzy56DCACVZEKSRKkZUJIM2UEiCz +2Q9ATajqiODuPR5/lcmORxGauCkS2VIDKUekblssnemMqfrPEPllcLyLBYnlnM7e +fV8it5CZjT8kxUrFTcE3ZVkpkw== +-----END CERTIFICATE----- diff --git a/dsf-tools/dsf-tools-docker-secrets-reader/pom.xml b/dsf-tools/dsf-tools-docker-secrets-reader/pom.xml index ca2defd21..f52781633 100644 --- a/dsf-tools/dsf-tools-docker-secrets-reader/pom.xml +++ b/dsf-tools/dsf-tools-docker-secrets-reader/pom.xml @@ -6,9 +6,11 @@ dev.dsf dsf-tools-pom - 1.7.1-SNAPSHOT + 2.0.0-SNAPSHOT + DSF Tools Docker Secrets Reader + org.springframework diff --git a/dsf-tools/dsf-tools-documentation-generator/pom.xml b/dsf-tools/dsf-tools-documentation-generator/pom.xml index 9a9f7e409..f1ce4ed54 100644 --- a/dsf-tools/dsf-tools-documentation-generator/pom.xml +++ b/dsf-tools/dsf-tools-documentation-generator/pom.xml @@ -7,9 +7,11 @@ dev.dsf dsf-tools-pom - 1.7.1-SNAPSHOT + 2.0.0-SNAPSHOT + DSF Tools Documentation Generator + org.apache.maven diff --git a/dsf-tools/dsf-tools-documentation-generator/src/main/java/dev/dsf/tools/generator/DocumentationGenerator.java b/dsf-tools/dsf-tools-documentation-generator/src/main/java/dev/dsf/tools/generator/DocumentationGenerator.java index 8ebbe3a54..74763837e 100644 --- a/dsf-tools/dsf-tools-documentation-generator/src/main/java/dev/dsf/tools/generator/DocumentationGenerator.java +++ b/dsf-tools/dsf-tools-documentation-generator/src/main/java/dev/dsf/tools/generator/DocumentationGenerator.java @@ -223,7 +223,7 @@ private Function processDocumentationGenerator(List dsfDocumentationGenerator() String property = getDocumentationString("Property", initialProperty); String initialEnvironment = initialProperty.replace(".", "_").toUpperCase(); - String environment = initialProperty.endsWith(".password") + String environment = initialProperty.endsWith(".password") || initialProperty.endsWith(".secret") ? String.format("%s or %s_FILE", initialEnvironment, initialEnvironment) : initialEnvironment; diff --git a/dsf-tools/dsf-tools-proxy-test/pom.xml b/dsf-tools/dsf-tools-proxy-test/pom.xml index 029042356..e33681416 100755 --- a/dsf-tools/dsf-tools-proxy-test/pom.xml +++ b/dsf-tools/dsf-tools-proxy-test/pom.xml @@ -6,9 +6,15 @@ dev.dsf dsf-tools-pom - 1.7.1-SNAPSHOT + 2.0.0-SNAPSHOT + + false + + + DSF Tools Proxy Test + dev.dsf @@ -75,6 +81,7 @@ false + ${skipShadePlugin} diff --git a/dsf-tools/dsf-tools-test-data-generator/pom.xml b/dsf-tools/dsf-tools-test-data-generator/pom.xml index 31500b049..aa2710510 100755 --- a/dsf-tools/dsf-tools-test-data-generator/pom.xml +++ b/dsf-tools/dsf-tools-test-data-generator/pom.xml @@ -6,9 +6,11 @@ dev.dsf dsf-tools-pom - 1.7.1-SNAPSHOT + 2.0.0-SNAPSHOT + DSF Tools Test Data Generator + de.hs-heilbronn.mi @@ -32,7 +34,7 @@ ca.uhn.hapi.fhir hapi-fhir-structures-r4 - + org.apache.logging.log4j log4j-core diff --git a/dsf-tools/dsf-tools-test-data-generator/src/main/resources/config-templates/java-test-bpe-config.properties b/dsf-tools/dsf-tools-test-data-generator/src/main/resources/config-templates/java-test-bpe-config.properties index ef8b9420f..e86dd4134 100644 --- a/dsf-tools/dsf-tools-test-data-generator/src/main/resources/config-templates/java-test-bpe-config.properties +++ b/dsf-tools/dsf-tools-test-data-generator/src/main/resources/config-templates/java-test-bpe-config.properties @@ -29,7 +29,7 @@ dev.dsf.bpe.fhir.server.base.url=https://localhost:8001/fhir #dev.dsf.bpe.fhir.task.subscription.retry.max=-1 #dev.dsf.bpe.fhir.task.subscription.retry.sleep=5000 -#dev.dsf.bpe.process.plugin.directroy=process +#dev.dsf.bpe.process.plugin.directory=process #dev.dsf.bpe.process.excluded= #dev.dsf.bpe.process.retired= #dev.dsf.bpe.process.fhir.server.retry.max=-1 diff --git a/dsf-tools/pom.xml b/dsf-tools/pom.xml index 16a562f5f..3acdf428f 100755 --- a/dsf-tools/pom.xml +++ b/dsf-tools/pom.xml @@ -7,7 +7,7 @@ dev.dsf dsf-pom - 1.7.1-SNAPSHOT + 2.0.0-SNAPSHOT @@ -25,6 +25,8 @@ ${project.basedir}/../.. + DSF Tools Parent POM + diff --git a/pom.xml b/pom.xml index fd598ed8e..a26a506c4 100755 --- a/pom.xml +++ b/pom.xml @@ -3,7 +3,7 @@ dev.dsf dsf-pom - 1.7.1-SNAPSHOT + 2.0.0-SNAPSHOT pom @@ -21,19 +21,19 @@ ${project.basedir} - 2.0.16 - 2.24.3 - 11.0.24 - 3.1.10 + 2.0.17 + 2.25.2 + 11.0.26 + 3.1.11 2.2.0 - 6.2.2 - 2.18.2 - 7.22.0 + 6.2.12 + 2.20.0 + 7.24.0 5.1.0 - 1.80 + 1.82 - DSF + DSF Parent POM Data Sharing Framework (DSF) https://dsf.dev @@ -117,7 +117,7 @@ com.sun.mail jakarta.mail - 1.6.7 + 1.6.8 org.bouncycastle @@ -134,7 +134,7 @@ org.mockito mockito-core - 5.15.2 + 5.20.0 org.bouncycastle @@ -156,12 +156,12 @@ org.liquibase liquibase-core - 4.31.0 + 4.33.0 org.postgresql postgresql - 42.7.5 + 42.7.8 @@ -180,7 +180,7 @@ com.auth0 java-jwt - 4.4.0 + 4.5.0 @@ -258,6 +258,17 @@ com.fasterxml.jackson.core jackson-annotations + 2.20 + + + + com.fasterxml.jackson.core + jackson-core + ${jackson.version} + + + com.fasterxml.jackson.module + jackson-module-jakarta-xmlbind-annotations ${jackson.version} @@ -277,7 +288,7 @@ org.glassfish.jaxb jaxb-runtime - 4.0.5 + 4.0.6 @@ -392,17 +403,17 @@ org.apache.commons commons-compress - 1.27.1 + 1.28.0 org.apache.commons commons-text - 1.13.0 + 1.14.0 org.apache.commons commons-lang3 - 3.17.0 + 3.19.0 org.apache.httpcomponents @@ -417,7 +428,7 @@ com.google.code.gson gson - 2.11.0 + 2.13.2 org.thymeleaf @@ -428,12 +439,12 @@ commons-io commons-io - 2.18.0 + 2.20.0 commons-codec commons-codec - 1.17.2 + 1.19.0 @@ -455,7 +466,7 @@ org.yaml snakeyaml - 2.3 + 2.5 @@ -468,12 +479,12 @@ org.apache.maven maven-core - 3.9.9 + 3.9.11 org.apache.maven maven-plugin-api - 3.9.9 + 3.9.11 org.apache.maven.plugin-tools @@ -489,7 +500,7 @@ org.apache.maven.plugins maven-compiler-plugin - 3.13.0 + 3.14.1 org.apache.maven.plugins @@ -516,22 +527,22 @@ org.apache.maven.plugins maven-javadoc-plugin - 3.11.2 + 3.12.0 org.apache.maven.plugins maven-surefire-plugin - 3.5.2 + 3.5.4 org.apache.maven.plugins maven-failsafe-plugin - 3.5.2 + 3.5.4 org.apache.maven.plugins maven-shade-plugin - 3.6.0 + 3.6.1 org.apache.maven.plugins @@ -546,7 +557,7 @@ org.apache.maven.plugins maven-gpg-plugin - 3.2.7 + 3.2.8 org.codehaus.mojo @@ -557,12 +568,12 @@ org.apache.maven.plugins maven-clean-plugin - 3.4.0 + 3.5.0 net.revelc.code.formatter formatter-maven-plugin - 2.24.1 + 2.29.0 net.revelc.code @@ -572,7 +583,7 @@ org.apache.maven.plugins maven-dependency-plugin - 3.8.1 + 3.9.0 org.codehaus.mojo @@ -592,7 +603,7 @@ org.apache.maven.plugins maven-enforcer-plugin - 3.5.0 + 3.6.2 org.apache.maven.plugins @@ -602,17 +613,22 @@ com.github.spotbugs spotbugs-maven-plugin - 4.8.6.6 + 4.9.6.0 org.apache.maven.plugins maven-project-info-reports-plugin - 3.8.0 + 3.9.0 org.apache.maven.plugins maven-pmd-plugin - 3.26.0 + 3.28.0 + + + org.sonatype.central + central-publishing-maven-plugin + 0.9.0 @@ -736,19 +752,6 @@ java,* - - org.apache.maven.plugins - maven-gpg-plugin - - - sign-artifacts - verify - - sign - - - - org.apache.maven.plugins maven-enforcer-plugin @@ -778,11 +781,6 @@ - - sonatype - Sonatype Nexus release repository - https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/ - github @@ -895,6 +893,60 @@ + + publish-to-maven-central + + + + + org.apache.maven.plugins + maven-source-plugin + + + attach-sources + + jar + + + + + + org.apache.maven.plugins + maven-javadoc-plugin + + + attach-javadocs + + jar + + + + + + org.apache.maven.plugins + maven-gpg-plugin + + + sign-artifacts + verify + + sign + + + + + + org.sonatype.central + central-publishing-maven-plugin + true + + central + DSF 1.x + + + + +