Hotfix release v5.11.3 (#2053)

Dockerfile

@@ -1,4 +1,4 @@
-FROM --platform=$BUILDPLATFORM gradle:8.4.0-jdk21 AS build
+FROM --platform=$BUILDPLATFORM gradle:8.10.0-jdk21-alpine AS build
 ARG RELEASE_MODE
 ARG APP_VERSION
 WORKDIR /usr/app
@@ -10,7 +10,7 @@ RUN if [ "${RELEASE_MODE}" = true ]; then \
     else gradle build --exclude-task test -Dorg.gradle.project.version=${APP_VERSION}; fi
 
 # For ARM build use flag: `--platform linux/arm64`
-FROM --platform=$BUILDPLATFORM amazoncorretto:21.0.2
+FROM --platform=$BUILDPLATFORM amazoncorretto:21.0.4
 LABEL version=${APP_VERSION} description="EPAM Report portal. Main API Service" maintainer="Andrei Varabyeu <[email protected]>, Hleb Kanonik <[email protected]>"
 ARG APP_VERSION=${APP_VERSION}
 ENV APP_DIR=/usr/app

build.gradle

@@ -94,8 +94,8 @@ dependencies {
     implementation 'org.springframework.amqp:spring-amqp:2.4.17'
 
     //Fix CVE-2023-40827, CVE-2023-40828, CVE-2023-40826
-    implementation 'org.springframework:spring-webmvc:5.3.33'
-    implementation 'org.springframework:spring-web:5.3.33'
+    implementation 'org.springframework:spring-webmvc:5.3.39'
+    implementation 'org.springframework:spring-web:5.3.39'
 
     implementation 'com.opencsv:opencsv:5.8'
 
@@ -114,10 +114,12 @@ dependencies {
     implementation "com.rabbitmq:http-client:5.2.0"
 
     implementation 'com.sun.mail:javax.mail:1.6.2'
-    // check authentication error response format for versions higher than 6.18.1
-    implementation 'net.sf.jasperreports:jasperreports:6.18.1'
+    // check authentication error response format for versions higher than 6.21.3
+    implementation 'net.sf.jasperreports:jasperreports:6.21.3'
     implementation 'xerces:xercesImpl:2.12.2'
     implementation 'com.lowagie:itext:2.1.7.js7'
+    // Fix CVE-2020-15522 in com.lowagie:itext:2.1.7.js7
+    implementation 'org.bouncycastle:bcprov-jdk15on:1.70'
     // JasperReport's export to XLS uses Apache POI
     implementation 'org.apache.poi:poi:4.1.2'
     implementation 'io.springfox:springfox-swagger2:2.9.2'
@@ -126,9 +128,9 @@ dependencies {
 
     ///// Security
     //https://nvd.nist.gov/vuln/detail/CVE-2020-5407 AND https://nvd.nist.gov/vuln/detail/CVE-2020-5408
-    implementation 'org.springframework.security:spring-security-core:5.8.8'
-    implementation 'org.springframework.security:spring-security-config:5.8.8'
-    implementation 'org.springframework.security:spring-security-web:5.8.8'
+    implementation 'org.springframework.security:spring-security-core:5.8.14'
+    implementation 'org.springframework.security:spring-security-config:5.8.14'
+    implementation 'org.springframework.security:spring-security-web:5.8.14'
     //
 
     // Fix CVE-2022-22969
@@ -140,14 +142,14 @@ dependencies {
     // Fix CVE-2022-22965, CVE-2022-22970
     implementation 'org.springframework:spring-beans:5.3.31'
     // Fix CVE-2021-22060, CVE-2021-22096
-    implementation 'org.springframework:spring-core:5.3.31'
+    implementation 'org.springframework:spring-core:5.3.39'
     // Fix CVE-2022-45685, CVE-2022-40150, CVE-2022-40149
     implementation 'org.codehaus.jettison:jettison:1.5.4'
-    // Fix CVE-2020-15522
-    implementation 'org.bouncycastle:bcprov-jdk15on:1.70'
     // Fix CVE-2024-25710, CVE-2024-26308
     implementation 'org.apache.commons:commons-compress:1.26.0'
-    implementation 'org.yaml:snakeyaml:1.33'
+//    TODO: SnakeYaml 2 can't be used in Spring Boot 2.5.15.
+//    We avoid using application.yaml and user application.properties instead for safe configuration.
+    implementation 'org.yaml:snakeyaml:2.2'
     implementation 'org.hibernate:hibernate-core:5.6.15.Final'
 
     //Fix CVE-2023-6378, CVE-2023-6481, CVE-2023-6378, CVE-2023-6481

gradle/wrapper/gradle-wrapper.properties

@@ -1,5 +1,7 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.4-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.10-bin.zip
+networkTimeout=10000
+validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists

gradlew

@@ -15,6 +15,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
+# SPDX-License-Identifier: Apache-2.0
+#
 
 ##############################################################################
 #
@@ -55,7 +57,7 @@
 #       Darwin, MinGW, and NonStop.
 #
 #   (3) This script is generated from the Groovy template
-#       https://github.com/gradle/gradle/blob/HEAD/subprojects/plugins/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
+#       https://github.com/gradle/gradle/blob/HEAD/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
 #       within the Gradle project.
 #
 #       You can find Gradle at https://github.com/gradle/gradle/.
@@ -84,7 +86,8 @@ done
 # shellcheck disable=SC2034
 APP_BASE_NAME=${0##*/}
 # Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036)
-APP_HOME=$( cd "${APP_HOME:-./}" > /dev/null && pwd -P ) || exit
+APP_HOME=$( cd -P "${APP_HOME:-./}" > /dev/null && printf '%s
+' "$PWD" ) || exit
 
 # Use the maximum available, or set MAX_FD != -1 to use that value.
 MAX_FD=maximum

gradlew.bat

@@ -13,6 +13,8 @@
 @rem See the License for the specific language governing permissions and
 @rem limitations under the License.
 @rem
+@rem SPDX-License-Identifier: Apache-2.0
+@rem
 
 @if "%DEBUG%"=="" @echo off
 @rem ##########################################################################
@@ -43,11 +45,11 @@ set JAVA_EXE=java.exe
 %JAVA_EXE% -version >NUL 2>&1
 if %ERRORLEVEL% equ 0 goto execute
 
-echo.
-echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
-echo.
-echo Please set the JAVA_HOME variable in your environment to match the
-echo location of your Java installation.
+echo. 1>&2
+echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 1>&2
+echo. 1>&2
+echo Please set the JAVA_HOME variable in your environment to match the 1>&2
+echo location of your Java installation. 1>&2
 
 goto fail
 
@@ -57,11 +59,11 @@ set JAVA_EXE=%JAVA_HOME%/bin/java.exe
 
 if exist "%JAVA_EXE%" goto execute
 
-echo.
-echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
-echo.
-echo Please set the JAVA_HOME variable in your environment to match the
-echo location of your Java installation.
+echo. 1>&2
+echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 1>&2
+echo. 1>&2
+echo Please set the JAVA_HOME variable in your environment to match the 1>&2
+echo location of your Java installation. 1>&2
 
 goto fail
 

project-properties.gradle

@@ -82,5 +82,5 @@ project.ext {
 }
 
 wrapper {
-    gradleVersion = '8.4'
+    gradleVersion = '8.10'
 }

src/main/resources/application.properties

@@ -39,6 +39,16 @@ datastore.thumbnail.attachment.width=\${rp.binarystore.thumbnail.attachment.widt
 datastore.thumbnail.attachment.height=\${rp.binarystore.thumbnail.attachment.height:60}
 datastore.thumbnail.avatar.width=\${rp.binarystore.thumbnail.avatar.width:40}
 datastore.thumbnail.avatar.height=\${rp.binarystore.thumbnail.avatar.height:60}
+## Datastore properties from application.yml
+#datastore.path=/data/storage
+datastore.type=minio
+datastore.endpoint=http://play.min.io
+datastore.accessKey=
+datastore.secretKey=
+datastore.bucketPrefix=prj-
+datastore.bucketPostfix=
+datastore.defaultBucketName=rp-bucket
+datastore.region=us-west-1
 
 # Metrics
 management.endpoints.web.exposure.include=prometheus, metrics, info, health
@@ -55,3 +65,137 @@ com.ta.reportportal.rp.flushing.time.cron=\${rp.environment.variable.flushing.ti
 spring.profiles.active=\${rp.profiles:default}
 
 rp.feature.flags=
+
+# Properties from application.yml
+spring.application.name=api
+
+## Quartz properties
+#spring.application.quartz.org.quartz.jobStore.class=org.quartz.impl.jdbcjobstore.JobStoreTX
+spring.application.quartz.org.quartz.jobStore.driverDelegateClass=org.quartz.impl.jdbcjobstore.PostgreSQLDelegate
+spring.application.quartz.org.quartz.jobStore.dataSource=dataSource
+spring.application.quartz.org.quartz.jobStore.tablePrefix=quartz.scheduler_
+spring.application.quartz.org.quartz.threadPool.threadCount=1
+spring.application.quartz.org.quartz.jobStore.isClustered=true
+spring.application.quartz.org.quartz.jobStore.clusterCheckinInterval=180000
+spring.application.quartz.org.quartz.scheduler.instanceId=\${spring.application.name}:\${vcap.application.instance_id:\${spring.application.instance_id:\${random.value}}}
+spring.application.quartz.org.quartz.scheduler.instanceName=reportportal
+spring.application.quartz.org.quartz.scheduler.classLoadHelper.class=com.epam.ta.reportportal.core.configs.ReportPortalClassLoadHelper
+
+## JPA properties
+spring.jpa.properties.hibernate.dialect=com.epam.ta.reportportal.store.commons.JsonbAwarePostgresDialect
+spring.jpa.properties.hibernate.jdbc.lob.non_contextual_creation=true
+spring.jpa.generate-ddl=false
+spring.jpa.hibernate.ddl-auto=none
+
+## Spring RabbitMQ properties
+spring.rabbitmq.addresses=\${rp.amqp.addresses}
+
+## Spring server properties
+server.tomcat.connection-timeout=30s
+server.port=8585
+server.servlet.context-path=/
+
+logging.level.org.hibernate=info
+logging.level.org.hibernate.stat=info
+logging.level.org.springframework.security=info
+logging.level.org.springframework.web.bind=fatal
+logging.level.com.epam.ta.reportportal.ws.controller=debug
+logging.level.com.epam.ta.reportportal.ws.rabbit=debug
+logging.level.org.elasticsearch.client.RestClient=error
+
+springfox.documentation.swagger.v2.path=/v1/api-docs
+
+## ReportPortal custom properties
+rp.attachments.recalculate=false
+
+rp.environment.variable.flushing.time=PT24H
+rp.environment.variable.clean.items.size=500
+rp.environment.variable.cluster.item.page-size=20
+rp.environment.variable.item-analyze.batch-size=100
+rp.environment.variable.log-index.batch-size=20
+rp.environment.variable.pattern-analysis.batch-size=100
+rp.environment.variable.pattern-analysis.consumers-count=2
+rp.environment.variable.pattern-analysis.prefetch-count=0
+rp.environment.variable.pattern-analysis.single-item=true
+rp.environment.variable.elements-counter.batch-size=50
+rp.environment.variable.history.old=false
+rp.environment.variable.demo.source=001_launch.json,002_launch.json,003_launch.json,004_launch.json,005_launch.json
+rp.environment.variable.demo.attachment.probability=20
+
+rp.environment.variable.executor.pool.save-logs.core=20
+rp.environment.variable.executor.pool.save-logs.max=100
+rp.environment.variable.executor.pool.save-logs.queue=5000
+rp.environment.variable.executor.pool.log-index.core=5
+rp.environment.variable.executor.pool.log-index.max=10
+rp.environment.variable.executor.pool.log-index.queue=500
+rp.environment.variable.executor.pool.log-cluster.core=5
+rp.environment.variable.executor.pool.log-cluster.max=10
+rp.environment.variable.executor.pool.log-cluster.queue=500
+rp.environment.variable.executor.pool.auto-analyze.core=10
+rp.environment.variable.executor.pool.auto-analyze.max=30
+rp.environment.variable.executor.pool.auto-analyze.queue=500
+rp.environment.variable.executor.pool.demo-data.core=10
+rp.environment.variable.executor.pool.demo-data.max=20
+rp.environment.variable.executor.pool.demo-data.queue=50
+rp.environment.variable.executor.pool.widget-view.core=3
+rp.environment.variable.executor.pool.widget-view.max=5
+rp.environment.variable.executor.pool.widget-view.queue=100
+rp.environment.variable.executor.pool.event-listener.core=10
+rp.environment.variable.executor.pool.event-listener.max=20
+rp.environment.variable.executor.pool.event-listener.queue=1000
+rp.environment.variable.executor.pool.user-email.core=5
+rp.environment.variable.executor.pool.user-email.max=20
+rp.environment.variable.executor.pool.user-email.queue=500
+
+rp.amqp.addresses=amqp://\${rp.amqp.user}:\${rp.amqp.pass}@\${rp.amqp.host}:\${rp.amqp.port}
+rp.amqp.api-address=http://\${rp.amqp.apiuser}:\${rp.amqp.apipass}@\${rp.amqp.host}:\${rp.amqp.apiport}/api
+rp.amqp.base-vhost=/
+rp.amqp.analyzer-vhost=analyzer
+rp.amqp.host=rabbitmq
+rp.amqp.port=5672
+rp.amqp.user=
+rp.amqp.pass=
+rp.amqp.apiport=15672
+rp.amqp.apiuser=
+rp.amqp.apipass=
+rp.amqp.queues=10
+rp.amqp.queuesPerPod=10
+#TODO currently we wait for log clusterization finish that may last for ~20 mins
+# milliseconds
+rp.amqp.reply-timeout=1200000
+
+#rp.feature.flags=
+
+rp.requestLogging=true
+
+rp.jwt.signing-key=
+
+rp.jobs.baseUrl=http://jobs:8686
+
+rp.datasource.type=com.zaxxer.hikari.HikariDataSource
+rp.datasource.driverClassName=org.postgresql.Driver
+rp.datasource.jdbcUrl=\${rp.db.url}
+rp.datasource.username=\${rp.db.user}
+rp.datasource.password=\${rp.db.pass}
+rp.datasource.maximumPoolSize=27
+
+rp.db.url=jdbc:postgresql://\${rp.db.host}:\${rp.db.port}/\${rp.db.name}
+rp.db.name=reportportal
+rp.db.host=postgres
+rp.db.port=5432
+rp.db.user=
+rp.db.pass=
+
+rp.upload.maxUploadSize=128MB
+rp.upload.maxFileSize=64MB
+rp.analytics.enableByDefault=true
+rp.plugins.rootDir=/tmp/plugins
+rp.plugins.path=\${rp.plugins.rootDir}/resolved
+rp.plugins.resources.path=\${rp.plugins.rootDir}/resources
+rp.plugins.resources.public=public
+rp.plugins.temp.path=\${rp.plugins.rootDir}/temp
+
+rp.binarystore.thumbnail.attachment.width=100
+rp.binarystore.thumbnail.attachment.height=55
+rp.binarystore.thumbnail.avatar.width=40
+rp.binarystore.thumbnail.avatar.height=50