From f7893e58bad4ca9e0191cbf8fdfa108339236b4d Mon Sep 17 00:00:00 2001 From: Arun Venmany Date: Wed, 25 Sep 2024 11:52:55 +0530 Subject: [PATCH 1/3] contrast security issue fixes Signed-off-by: Arun Venmany --- .../common/arquillian/util/HttpPortUtil.java | 30 ++++++---- .../plugins/config/ServerConfigDocument.java | 30 +++++++--- .../common/plugins/config/XmlDocument.java | 37 +++++++++--- .../plugins/util/BinaryScannerUtil.java | 2 - .../tools/common/plugins/util/DevUtil.java | 31 +++++++--- .../plugins/util/InstallFeatureUtil.java | 51 +++++++--------- .../plugins/util/PrepareFeatureUtil.java | 58 +++++++++++++------ .../plugins/util/ServerFeatureUtil.java | 18 ++++-- .../common/plugins/util/ServerStatusUtil.java | 4 +- .../plugins/util/InstallFeatureUtilTest.java | 7 +-- .../util/ServerConfigDocumentTest.java | 2 +- 11 files changed, 173 insertions(+), 97 deletions(-) diff --git a/src/main/java/io/openliberty/tools/common/arquillian/util/HttpPortUtil.java b/src/main/java/io/openliberty/tools/common/arquillian/util/HttpPortUtil.java index 375f9cd0d..a6b2d221a 100644 --- a/src/main/java/io/openliberty/tools/common/arquillian/util/HttpPortUtil.java +++ b/src/main/java/io/openliberty/tools/common/arquillian/util/HttpPortUtil.java @@ -27,6 +27,7 @@ import java.util.regex.Matcher; import java.util.regex.Pattern; +import javax.xml.XMLConstants; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.ParserConfigurationException; @@ -46,16 +47,21 @@ public class HttpPortUtil { public static final int DEFAULT_PORT = 9080; private static final XPath XPATH = XPathFactory.newInstance().newXPath(); - private static final DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); - private static boolean factoryInitialized = false; - - public static void initDocumentBuilderFactory() throws ParserConfigurationException { - if (!factoryInitialized) { - factory.setNamespaceAware(true); - factory.setFeature("http://apache.org/xml/features/nonvalidating/load-dtd-grammar", false); - factory.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false); - } - } + public static DocumentBuilderFactory getDocumentBuilderFactory() throws ParserConfigurationException { + DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); + + factory.setNamespaceAware(true); + factory.setFeature("http://apache.org/xml/features/nonvalidating/load-dtd-grammar", false); + factory.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false); + factory.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); + factory.setFeature("http://xml.org/sax/features/external-parameter-entities", false); + factory.setFeature("http://xml.org/sax/features/external-general-entities", false); + factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); + factory.setXIncludeAware(false); + factory.setNamespaceAware(true); + factory.setExpandEntityReferences(false); + return factory; + } public static Integer getHttpPort(File serverXML, File bootstrapProperties) throws FileNotFoundException, IOException, ParserConfigurationException, SAXException, @@ -89,7 +95,7 @@ public static Integer getHttpPort(File serverXML, File bootstrapProperties, File protected static Integer getHttpPortForServerXML(String serverXML, Properties bootstrapProperties, String configVariableXML) throws ParserConfigurationException, SAXException, IOException, XPathExpressionException, ArquillianConfigurationException { - initDocumentBuilderFactory(); + DocumentBuilderFactory factory = getDocumentBuilderFactory(); DocumentBuilder builder = factory.newDocumentBuilder(); Document doc = builder.parse(new ByteArrayInputStream(serverXML.getBytes())); @@ -141,7 +147,7 @@ private static String getHttpPortFromConfigVariableXML(String configVariableXML, } // get input XML Document - DocumentBuilderFactory inputBuilderFactory = DocumentBuilderFactory.newInstance(); + DocumentBuilderFactory inputBuilderFactory = getDocumentBuilderFactory(); inputBuilderFactory.setIgnoringComments(true); inputBuilderFactory.setCoalescing(true); inputBuilderFactory.setIgnoringElementContentWhitespace(true); diff --git a/src/main/java/io/openliberty/tools/common/plugins/config/ServerConfigDocument.java b/src/main/java/io/openliberty/tools/common/plugins/config/ServerConfigDocument.java index 1a1a2e4d8..cc55e94d0 100644 --- a/src/main/java/io/openliberty/tools/common/plugins/config/ServerConfigDocument.java +++ b/src/main/java/io/openliberty/tools/common/plugins/config/ServerConfigDocument.java @@ -30,6 +30,7 @@ import java.util.Map; import java.util.Properties; +import javax.xml.XMLConstants; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.ParserConfigurationException; @@ -71,6 +72,7 @@ public class ServerConfigDocument { private static final XPathExpression XPATH_SERVER_ENTERPRISE_APPLICATION; private static final XPathExpression XPATH_SERVER_INCLUDE; private static final XPathExpression XPATH_SERVER_VARIABLE; + private static final XPathExpression XPATH_ALL_SERVER_APPLICATIONS; static { try { @@ -80,6 +82,7 @@ public class ServerConfigDocument { XPATH_SERVER_ENTERPRISE_APPLICATION = xPath.compile("/server/enterpriseApplication"); XPATH_SERVER_INCLUDE = xPath.compile("/server/include"); XPATH_SERVER_VARIABLE = xPath.compile("/server/variable"); + XPATH_ALL_SERVER_APPLICATIONS = xPath.compile("/server/application | /server/webApplication | /server/enterpriseApplication"); } catch (XPathExpressionException ex) { // These XPath expressions should all compile statically. // Compilation failures mean the expressions are not syntactically @@ -141,7 +144,14 @@ private DocumentBuilder getDocumentBuilder() { docBuilderFactory.setValidating(false); try { docBuilderFactory.setFeature("http://apache.org/xml/features/nonvalidating/load-dtd-grammar", false); - docBuilderFactory.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false); + docBuilderFactory.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false); + docBuilderFactory.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); + docBuilderFactory.setFeature("http://xml.org/sax/features/external-parameter-entities", false); + docBuilderFactory.setFeature("http://xml.org/sax/features/external-general-entities", false); + docBuilderFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); + docBuilderFactory.setXIncludeAware(false); + docBuilderFactory.setNamespaceAware(true); + docBuilderFactory.setExpandEntityReferences(false); docBuilder = docBuilderFactory.newDocumentBuilder(); } catch (ParserConfigurationException e) { // fail catastrophically if we can't create a document builder @@ -229,20 +239,20 @@ private void initializeAppsLocation(CommonLoggerI log, File serverXML, File conf parseApplication(doc, XPATH_SERVER_APPLICATION); parseApplication(doc, XPATH_SERVER_WEB_APPLICATION); parseApplication(doc, XPATH_SERVER_ENTERPRISE_APPLICATION); - parseNames(doc, "/server/application | /server/webApplication | /server/enterpriseApplication"); + parseNames(doc, XPATH_ALL_SERVER_APPLICATIONS); parseInclude(doc); parseConfigDropinsDir(); } catch (Exception e) { - e.printStackTrace(); + log.error("Exception while initializing app location " + e.getMessage()); } } //Checks for application names in the document. Will add locations without names to a Set - private void parseNames(Document doc, String expression) throws XPathExpressionException, IOException, SAXException { + private void parseNames(Document doc, XPathExpression expression) throws XPathExpressionException, IOException, SAXException { // parse input document - XPath xPath = XPathFactory.newInstance().newXPath(); - NodeList nodeList = (NodeList) xPath.compile(expression).evaluate(doc, XPathConstants.NODESET); + NodeList nodeList = (NodeList) expression + .evaluate(doc, XPathConstants.NODESET); for (int i = 0; i < nodeList.getLength(); i++) { if (nodeList.item(i).getAttributes().getNamedItem("name") != null) { @@ -511,8 +521,14 @@ private Document parseDocument(URL url) throws IOException, SAXException { } private Document parseDocument(InputStream in) throws SAXException, IOException { - try (InputStream ins = in) { // ins will be auto-closed + InputStream ins = null; + try { // ins will be auto-closed + ins = in; return getDocumentBuilder().parse(ins); + } finally { + if (ins != null) { + ins.close(); + } } } diff --git a/src/main/java/io/openliberty/tools/common/plugins/config/XmlDocument.java b/src/main/java/io/openliberty/tools/common/plugins/config/XmlDocument.java index f0f454434..67e2c1ea0 100644 --- a/src/main/java/io/openliberty/tools/common/plugins/config/XmlDocument.java +++ b/src/main/java/io/openliberty/tools/common/plugins/config/XmlDocument.java @@ -16,16 +16,19 @@ package io.openliberty.tools.common.plugins.config; import java.io.File; -import java.io.FileOutputStream; import java.io.IOException; +import java.io.OutputStream; +import java.io.OutputStreamWriter; import java.nio.charset.StandardCharsets; import java.nio.file.Files; +import javax.xml.XMLConstants; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.ParserConfigurationException; import javax.xml.transform.OutputKeys; import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerConfigurationException; import javax.xml.transform.TransformerException; import javax.xml.transform.TransformerFactory; import javax.xml.transform.dom.DOMSource; @@ -52,12 +55,20 @@ public void createDocument(String rootElement) throws ParserConfigurationExcepti public void createDocument(File xmlFile) throws ParserConfigurationException, SAXException, IOException { DocumentBuilderFactory builderFactory = DocumentBuilderFactory.newInstance(); + + builderFactory.setFeature("http://apache.org/xml/features/nonvalidating/load-dtd-grammar", false); + builderFactory.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false); + builderFactory.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); + builderFactory.setFeature("http://xml.org/sax/features/external-parameter-entities", false); + builderFactory.setFeature("http://xml.org/sax/features/external-general-entities", false); + builderFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); + builderFactory.setXIncludeAware(false); + builderFactory.setNamespaceAware(true); + builderFactory.setExpandEntityReferences(false); builderFactory.setCoalescing(true); builderFactory.setIgnoringElementContentWhitespace(true); builderFactory.setValidating(false); - builderFactory.setFeature("http://apache.org/xml/features/nonvalidating/load-dtd-grammar", false); - builderFactory.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false); - DocumentBuilder builder = builderFactory.newDocumentBuilder(); + DocumentBuilder builder = builderFactory.newDocumentBuilder(); doc = builder.parse(xmlFile); } @@ -70,12 +81,12 @@ public void writeXMLDocument(File f) throws IOException, TransformerException { if (!f.getParentFile().exists()) { f.getParentFile().mkdirs(); } - FileOutputStream outFile = new FileOutputStream(f); - + OutputStream outFile = Files.newOutputStream(f.toPath()); + DOMSource source = new DOMSource(doc); - StreamResult result = new StreamResult(outFile); + StreamResult result = new StreamResult(new OutputStreamWriter(outFile, StandardCharsets.UTF_8)); - TransformerFactory transformerFactory = TransformerFactory.newInstance(); + TransformerFactory transformerFactory = getTransformerFactory(); Transformer transformer = transformerFactory.newTransformer(); transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "no"); transformer.setOutputProperty(OutputKeys.DOCTYPE_PUBLIC, "yes"); @@ -109,4 +120,14 @@ public static void addNewlineBeforeFirstElement(File f) throws IOException { xmlContents = xmlContents.replace("?><", "?>"+System.getProperty("line.separator")+"<"); Files.write(f.toPath(), xmlContents.getBytes()); } + + private static TransformerFactory getTransformerFactory() throws TransformerConfigurationException { + TransformerFactory transformerFactory = TransformerFactory.newInstance(); + transformerFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE); + // XMLConstants.ACCESS_EXTERNAL_DTD uses an empty string to deny all access to external references; + transformerFactory.setAttribute(XMLConstants.ACCESS_EXTERNAL_DTD, ""); + // XMLConstants.ACCESS_EXTERNAL_STYLESHEET uses an empty string to deny all access to external references; + transformerFactory.setAttribute(XMLConstants.ACCESS_EXTERNAL_STYLESHEET, ""); + return transformerFactory; + } } diff --git a/src/main/java/io/openliberty/tools/common/plugins/util/BinaryScannerUtil.java b/src/main/java/io/openliberty/tools/common/plugins/util/BinaryScannerUtil.java index bbdbfda75..541c9cb96 100644 --- a/src/main/java/io/openliberty/tools/common/plugins/util/BinaryScannerUtil.java +++ b/src/main/java/io/openliberty/tools/common/plugins/util/BinaryScannerUtil.java @@ -27,8 +27,6 @@ public abstract class BinaryScannerUtil { - public static final String BINARY_SCANNER_MAVEN_GROUP_ID = "com.ibm.websphere.appmod.tools"; - public static final String BINARY_SCANNER_MAVEN_ARTIFACT_ID = "binary-app-scanner"; public static final String BINARY_SCANNER_MAVEN_TYPE = "jar"; public static final String BINARY_SCANNER_MAVEN_VERSION = "[21.0.0.5-SNAPSHOT,)"; diff --git a/src/main/java/io/openliberty/tools/common/plugins/util/DevUtil.java b/src/main/java/io/openliberty/tools/common/plugins/util/DevUtil.java index 059d4ebfa..3778460ce 100644 --- a/src/main/java/io/openliberty/tools/common/plugins/util/DevUtil.java +++ b/src/main/java/io/openliberty/tools/common/plugins/util/DevUtil.java @@ -74,6 +74,7 @@ import javax.tools.StandardJavaFileManager; import javax.tools.StandardLocation; import javax.tools.ToolProvider; +import javax.xml.XMLConstants; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.ParserConfigurationException; @@ -947,7 +948,7 @@ public void onFileChange(File file) { // Parse hostname, http, https ports for integration tests to use parseHostNameAndPorts(serverTask, messagesLogFile); } catch (IOException e) { - throw new PluginExecutionException("An error occurred while starting the server: " + e.getMessage(), e); + throw new PluginExecutionException("An error occurred while starting the server: " + e.getMessage()); } } @@ -963,7 +964,7 @@ protected List readContainerfile(File containerfile) throws PluginExecut containerfileLines = Files.readAllLines(containerfile.toPath()); } catch (IOException e) { error("Failed to read Containerfile located at " + containerfile); - throw new PluginExecutionException("Could not read Containerfile " + containerfile + ": " + e.getMessage(), e); + throw new PluginExecutionException("Could not read Containerfile " + containerfile + ": " + e.getMessage()); } return containerfileLines; } @@ -1263,7 +1264,7 @@ protected File prepareTempContainerfile(File containerfile, String buildContextS Files.write(tempContainerfile.toPath(), containerfileLines, StandardCharsets.UTF_8); } catch (IOException e) { error("Failed to create temp Containerfile"); - throw new PluginExecutionException("Could not create temp Containerfile: " + e.getMessage(), e); + throw new PluginExecutionException("Could not create temp Containerfile: " + e.getMessage()); } return tempContainerfile; } @@ -1311,7 +1312,7 @@ private void buildContainerImage(File tempContainerfile, File userContainerfile, "add files not needed in the container to the .containerignore file", e); } catch (IOException e) { error("Input or output error building container image: " + e.getMessage()); - throw new RuntimeException(e); + throw new RuntimeException("Input or output error building container image: "+ e.getMessage()); } catch (InterruptedException e) { debug("Thread InterruptedException while building the container image: " + e.getMessage()); throw new PluginExecutionException("Could not build container image using Containerfile: " + @@ -1361,7 +1362,7 @@ private void startContainer() throws PluginExecutionException { execContainerCmdAndLog(containerRunProcess, 0, true); } catch (IOException e) { error("Error starting container: " + e.getMessage()); - throw new RuntimeException(e); + throw new RuntimeException("Error starting container: " + e.getMessage()); } catch (InterruptedException e) { error("Thread was interrupted while starting the container: " + e.getMessage()); } catch (RuntimeException r) { @@ -2361,7 +2362,7 @@ public int findAvailablePort(int preferredPort, boolean isDebugPort) throws IOEx ++portToTry; } } else { - throw new IOException("Could not create a server socket.", e); + throw new IOException("Could not create a server socket. " + e.getMessage()); } } finally { if (serverSocket != null) { @@ -3535,9 +3536,7 @@ protected Collection getOmitFilesList(File looseAppFile, String srcDirecto Collection omitFiles = new ArrayList(); try { if (looseAppFile != null && looseAppFile.exists()) { - DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); - dbf.setFeature("http://apache.org/xml/features/nonvalidating/load-dtd-grammar", false); - dbf.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false); + DocumentBuilderFactory dbf = getDocumentBuilderFactory(); DocumentBuilder db = dbf.newDocumentBuilder(); Document document = db.parse(looseAppFile); NodeList archiveList = document.getElementsByTagName("archive"); @@ -3567,6 +3566,20 @@ protected Collection getOmitFilesList(File looseAppFile, String srcDirecto return omitFiles; } + public static DocumentBuilderFactory getDocumentBuilderFactory() throws ParserConfigurationException { + DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); + dbf.setFeature("http://apache.org/xml/features/nonvalidating/load-dtd-grammar", false); + dbf.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false); + dbf.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); + dbf.setFeature("http://xml.org/sax/features/external-parameter-entities", false); + dbf.setFeature("http://xml.org/sax/features/external-general-entities", false); + dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); + dbf.setXIncludeAware(false); + dbf.setNamespaceAware(true); + dbf.setExpandEntityReferences(false); + return dbf; + } + private boolean processUpstreamJavaCompilation(List upstreamProjects, final ThreadPoolExecutor executor) throws PluginExecutionException, IOException { boolean change = false; diff --git a/src/main/java/io/openliberty/tools/common/plugins/util/InstallFeatureUtil.java b/src/main/java/io/openliberty/tools/common/plugins/util/InstallFeatureUtil.java index 07670f62d..6369118e0 100644 --- a/src/main/java/io/openliberty/tools/common/plugins/util/InstallFeatureUtil.java +++ b/src/main/java/io/openliberty/tools/common/plugins/util/InstallFeatureUtil.java @@ -25,15 +25,11 @@ import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; -import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; import java.net.MalformedURLException; import java.net.URL; -import java.net.URLClassLoader; -import java.security.AccessController; import java.security.PrivilegedActionException; -import java.security.PrivilegedExceptionAction; import java.util.ArrayList; import java.util.Collection; import java.util.Enumeration; @@ -47,7 +43,6 @@ import java.util.concurrent.TimeUnit; import java.util.jar.JarFile; import java.util.jar.Manifest; -import java.util.logging.Level; import java.util.regex.MatchResult; import java.util.regex.Pattern; import java.util.stream.Collectors; @@ -62,9 +57,9 @@ */ public abstract class InstallFeatureUtil extends ServerFeatureUtil { - public static final String OPEN_LIBERTY_GROUP_ID = "io.openliberty.features"; - public static final String REPOSITORY_RESOLVER_ARTIFACT_ID = "repository-resolver"; - public static final String INSTALL_MAP_ARTIFACT_ID = "install-map"; + public static final String OPEN_LIBERTY_GROUP_IDENTIFIER = "io.openliberty.features"; + public static final String REPOSITORY_RESOLVER_ARTIFACT_IDENTIFIER = "repository-resolver"; + public static final String INSTALL_MAP_ARTIFACT_IDENTIFIER = "install-map"; public static final String CONFLICT = "CWWKF0033E.*", INCOMPATIBLE_SINGLETON = "CWWKF1405E.*", MISSING_MULTIPLE_DEPENDENT = "CWWKF1385E.*", SAME_MODEL_CONFLICT = "CWWKF0043E.*", DIFF_MODEL_CONFLICT = "CWWKF0044E.*", SAME_INDIRECT_MODEL_CONFLICT = "CWWKF0047E.*", @@ -106,12 +101,10 @@ public enum VerifyOption { private static final String INSTALL_MAP_PREFIX = "com.ibm.ws.install.map"; private static final String JAR_EXT = ".jar"; - private static final String OPEN_LIBERTY_PRODUCT_ID = "io.openliberty"; - private static final String CLOSED_LIBERTY_PRODUCT_ID = "com.ibm.websphere.appserver"; - private static final String FEATURES_BOM_ARTIFACT_ID = "features-bom"; - private static final String FEATURES_JSON_ARTIFACT_ID = "features"; - private static final String TO_USER = "usr"; - private static final String MIN_USER_FEATURE_VERSION = "21.0.0.11"; + private static final String OPEN_LIBERTY_PRODUCT_IDENTIFIER = "io.openliberty"; + private static final String CLOSED_LIBERTY_PRODUCT_IDENTIFIER = "com.ibm.websphere.appserver"; + private static final String TO_USR = "usr"; + private static final String MIN_FEATURE_VERSION = "21.0.0.11"; private static final String MIN_VERIFY_FEATURE_VERSION = "23.0.0.9"; private static final String MIN_VERSIONLESS_FEATURE_VERSION = "24.0.0.9"; @@ -173,7 +166,7 @@ public InstallFeatureUtil(File installDirectory, File buildDirectory, String fro //check if the openliberty kernel meets min required version 21.0.0.11 if (additionalJsons != null && !additionalJsons.isEmpty() && openLibertyVersion != null) { - if (VersionUtility.compareArtifactVersion(openLibertyVersion, MIN_USER_FEATURE_VERSION, true) >= 0) { + if (VersionUtility.compareArtifactVersion(openLibertyVersion, MIN_FEATURE_VERSION, true) >= 0) { Set groupIDJsons = getAdditionalJsons(); if (groupIDJsons != null) { downloadedJsons.addAll(groupIDJsons); @@ -434,7 +427,7 @@ public boolean accept(File dir, String name) { list.add(new InstallFeatureUtil.ProductProperties(productId, productVersion)); } catch (IOException e) { throw new PluginExecutionException( - "Cannot read the product properties file " + propertiesFile.getAbsolutePath(), e); + "Cannot read the product properties file " + propertiesFile.getAbsolutePath() + " with error message " + e.getMessage()); } finally { if (input != null) { try { @@ -456,7 +449,7 @@ public boolean accept(File dir, String name) { public static String getOpenLibertyVersion(List propList) { for (ProductProperties properties : propList) { - if (properties.getId().equals(OPEN_LIBERTY_PRODUCT_ID)) { + if (properties.getId().equals(OPEN_LIBERTY_PRODUCT_IDENTIFIER)) { return properties.getVersion(); } } @@ -465,7 +458,7 @@ public static String getOpenLibertyVersion(List propList) { public static boolean isClosedLiberty(List propList) { for (ProductProperties properties : propList) { - if (properties.getId().equals(CLOSED_LIBERTY_PRODUCT_ID)) { + if (properties.getId().equals(CLOSED_LIBERTY_PRODUCT_IDENTIFIER)) { return true; } } @@ -547,14 +540,14 @@ public static Set getOpenLibertyFeatureSet(Set jsons) throws Plugi s = new Scanner(file); // scan Maven coordinates for artifactIds that belong to the Open Liberty // groupId - while (s.findWithinHorizon(OPEN_LIBERTY_GROUP_ID + ":([^:]*):", 0) != null) { + while (s.findWithinHorizon(OPEN_LIBERTY_GROUP_IDENTIFIER + ":([^:]*):", 0) != null) { MatchResult match = s.match(); if (match.groupCount() >= 1) { libertyFeatures.add(match.group(1)); } } } catch (FileNotFoundException e) { - throw new PluginExecutionException("The JSON file is not found at " + file.getAbsolutePath(), e); + throw new PluginExecutionException("The JSON file is not found at " + file.getAbsolutePath() + " with error message " + e.getMessage()); } finally { if (s != null) { s.close(); @@ -643,7 +636,7 @@ public void copyUserFeature(Set pluginListedEsas, File installDirectory } catch (IOException e) { - throw new PluginExecutionException(e); + throw new PluginExecutionException("Exception in copy user feature "+ e.getMessage()); } } } @@ -670,11 +663,11 @@ public void installFeatures(boolean isAcceptLicense, List featuresList, if(openLibertyVersion != null) { info("plugin listed esa: " + pluginListedEsas.toString()); - if ((VersionUtility.compareArtifactVersion(openLibertyVersion, MIN_USER_FEATURE_VERSION, true) < 0) && !pluginListedEsas.isEmpty()) { + if ((VersionUtility.compareArtifactVersion(openLibertyVersion, MIN_FEATURE_VERSION, true) < 0) && !pluginListedEsas.isEmpty()) { //manually install user feature esas info("Neither InstallUtility nor FeatureUtility is available to install user feature esa."); info("Attempting to manually install the user feature esa without resolving its dependencies."); - info("Recommended user action: upgrade to OpenLiberty version " + MIN_USER_FEATURE_VERSION + " or higher and provide features-bom file for the user feature esa."); + info("Recommended user action: upgrade to OpenLiberty version " + MIN_FEATURE_VERSION + " or higher and provide features-bom file for the user feature esa."); copyUserFeature(pluginListedEsas, installDirectory); } else { @@ -733,12 +726,12 @@ public void installFeatures(boolean isAcceptLicense, List featuresList, try { installJarURL = installJarFile.toURI().toURL(); } catch (MalformedURLException e) { - throw new PluginExecutionException("Could not resolve URL from file " + installJarFile, e); + throw new PluginExecutionException("Could not resolve URL from file " + installJarFile + " with error message " + e.getMessage()); } disableCacheInURLClassLoader(); try { - String bundle = getOverrideBundleDescriptor(OPEN_LIBERTY_GROUP_ID, REPOSITORY_RESOLVER_ARTIFACT_ID); + String bundle = getOverrideBundleDescriptor(OPEN_LIBERTY_GROUP_IDENTIFIER, REPOSITORY_RESOLVER_ARTIFACT_IDENTIFIER); mapBasedInstallKernel = createMapBasedInstallKernelInstance(bundle, installDirectory); @@ -763,7 +756,7 @@ public void installFeatures(boolean isAcceptLicense, List featuresList, mapBasedInstallKernel.put("license.accept", acceptLicenseMapValue); mapBasedInstallKernel.put("action.install", esaFile); String ext = artifactsToExt.get(esaFile); - mapBasedInstallKernel.put("to.extension", TO_USER); + mapBasedInstallKernel.put("to.extension", TO_USR); if (ext!= null && !ext.equals("") && to != null) { warn("The product extension location \""+ext+"\" specified in the server.xml file overrides the to extension \""+to+"\" specified in the build file."); @@ -807,7 +800,7 @@ public void installFeatures(boolean isAcceptLicense, List featuresList, } catch (PrivilegedActionException e) { throw new PluginExecutionException("Could not load the jar " + installJarFile.getAbsolutePath(), e); } catch (IOException e) { - throw new PluginExecutionException("Could not close the jar " + installJarFile.getAbsolutePath() + " after installing features.", e); + throw new PluginExecutionException("Could not close the jar " + installJarFile.getAbsolutePath() + " after installing features." + " with error message " + e.getMessage()); } finally { if (mapBasedInstallKernel != null) { try { @@ -930,7 +923,7 @@ private File downloadOverrideJar(String groupId, String artifactId) { private File loadInstallJarFile(File installDirectory) { if(installJarFile == null) { if (openLibertyVersion != null) { - File installJarOverride = downloadOverrideJar(OPEN_LIBERTY_GROUP_ID, INSTALL_MAP_ARTIFACT_ID); + File installJarOverride = downloadOverrideJar(OPEN_LIBERTY_GROUP_IDENTIFIER, INSTALL_MAP_ARTIFACT_IDENTIFIER); if (installJarOverride != null && installJarOverride.exists()) { installJarFile = installJarOverride; } else { @@ -1011,7 +1004,7 @@ public static String extractSymbolicName(File jar) throws PluginExecutionExcepti jarFile = new JarFile(jar); return jarFile.getManifest().getMainAttributes().getValue("Bundle-SymbolicName"); } catch (IOException e) { - throw new PluginExecutionException("Could not load the jar " + jar.getAbsolutePath(), e); + throw new PluginExecutionException("Could not load the jar " + jar.getAbsolutePath() + " with error message " + e.getMessage()); } finally { if (jarFile != null) { try { diff --git a/src/main/java/io/openliberty/tools/common/plugins/util/PrepareFeatureUtil.java b/src/main/java/io/openliberty/tools/common/plugins/util/PrepareFeatureUtil.java index 17759d004..f2ff6ec65 100644 --- a/src/main/java/io/openliberty/tools/common/plugins/util/PrepareFeatureUtil.java +++ b/src/main/java/io/openliberty/tools/common/plugins/util/PrepareFeatureUtil.java @@ -32,6 +32,7 @@ import java.util.List; import java.util.Map; +import javax.xml.XMLConstants; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.ParserConfigurationException; @@ -48,10 +49,10 @@ public abstract class PrepareFeatureUtil extends ServerFeatureUtil { private String openLibertyVersion; - public static final String OPEN_LIBERTY_GROUP_ID = "io.openliberty.features"; - public static final String INSTALL_MAP_ARTIFACT_ID = "install-map"; - public static final String FEATURES_JSON_ARTIFACT_ID = "features"; - private static final String MIN_USER_FEATURE_VERSION = "21.0.0.11"; + public static final String OPEN_LIBERTY_GROUP_IDENTIFIER = "io.openliberty.features"; + public static final String INSTALL_MAP_ARTIFACT_IDENTIFIER = "install-map"; + public static final String FEATURES_JSON_ARTIFACT_IDENTIFIER = "features"; + private static final String MIN_FEATURE_VERSION = "21.0.0.11"; private static final String INSTALL_MAP_PREFIX = "com.ibm.ws.install.map"; private static final String JAR_EXT = ".jar"; @@ -66,9 +67,9 @@ public PrepareFeatureUtil(File installDirectory, String openLibertyVersion) installJarFile = loadInstallJarFile(installDirectory); // check if the openliberty kernel meets min required version 21.0.0.11 - if (VersionUtility.compareArtifactVersion(openLibertyVersion, MIN_USER_FEATURE_VERSION, true) < 0) { + if (VersionUtility.compareArtifactVersion(openLibertyVersion, MIN_FEATURE_VERSION, true) < 0) { throw new PluginScenarioException( - "Installing user features on Liberty version "+openLibertyVersion+" is not supported. The minimum required version of Liberty for installing user features is "+MIN_USER_FEATURE_VERSION+"."); + "Installing user features on Liberty version "+openLibertyVersion+" is not supported. The minimum required version of Liberty for installing user features is "+ MIN_FEATURE_VERSION +"."); } if (installJarFile == null) { throw new PluginScenarioException("Install map jar not found."); @@ -115,7 +116,7 @@ private Map populateESAMap(File additionalBOM) { private void prepareFeature(String groupId, String artifactId, String version, File additionalBOM, Map esaMap) { try { String repoLocation = parseRepositoryLocation(additionalBOM, groupId, artifactId, "pom", version); - String targetJsonFile = createArtifactFilePath(repoLocation, groupId, FEATURES_JSON_ARTIFACT_ID, "json", + String targetJsonFile = createArtifactFilePath(repoLocation, groupId, FEATURES_JSON_ARTIFACT_IDENTIFIER, "json", version); File generatedJson = generateJson(targetJsonFile, esaMap); if (generatedJson.exists()) { @@ -144,10 +145,7 @@ private Map downloadArtifactsFromBOM(File additionalBOM) throws Pl Map result = new HashMap(); ArrayList missing_tags = new ArrayList<>(); try { - DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); - dbf.setFeature("http://apache.org/xml/features/nonvalidating/load-dtd-grammar", false); - dbf.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false); - DocumentBuilder db = dbf.newDocumentBuilder(); + DocumentBuilder db = getDocumentBuilder(); Document doc = db.parse(additionalBOM); doc.getDocumentElement().normalize(); NodeList dependencyList = doc.getElementsByTagName("dependency"); @@ -182,7 +180,7 @@ private Map downloadArtifactsFromBOM(File additionalBOM) throws Pl result.put(artifactFile, groupId); } } - } catch (ParserConfigurationException | SAXException | IOException e) { + } catch (SAXException | IOException e) { throw new PluginExecutionException("Cannot read the features-bom file " + additionalBOM.getAbsolutePath() + ". " + e.getMessage()); } @@ -256,7 +254,7 @@ public File generateJson(String targetJsonFile, Map esaFileMap) th try { installJarURL = installJarFile.toURI().toURL(); } catch (MalformedURLException e) { - throw new PluginExecutionException("Could not resolve URL from file " + installJarFile, e); + throw new PluginExecutionException("Could not resolve URL from file " + installJarFile+"with error message "+ e.getMessage()); } Map mapBasedInstallKernel = null; File json = null; @@ -294,13 +292,13 @@ public File generateJson(String targetJsonFile, Map esaFileMap) th return targetFile; } catch (IOException e) { debug(e); - throw new PluginExecutionException("Cannot read or create json file " + targetJsonFile, e); + throw new PluginExecutionException("Cannot read or create json file " + targetJsonFile+" with error message "+ e.getMessage()); } } private File loadInstallJarFile(File installDirectory) { if (openLibertyVersion != null) { - File installJarOverride = downloadOverrideJar(OPEN_LIBERTY_GROUP_ID, INSTALL_MAP_ARTIFACT_ID); + File installJarOverride = downloadOverrideJar(OPEN_LIBERTY_GROUP_IDENTIFIER, INSTALL_MAP_ARTIFACT_IDENTIFIER); if (installJarOverride != null && installJarOverride.exists()) { return installJarOverride; } @@ -337,7 +335,7 @@ public Map run() throws Exception { } // Init - String bundle = getOverrideBundleDescriptor(OPEN_LIBERTY_GROUP_ID, REPOSITORY_RESOLVER_ARTIFACT_ID); + String bundle = getOverrideBundleDescriptor(OPEN_LIBERTY_GROUP_IDENTIFIER, REPOSITORY_RESOLVER_ARTIFACT_IDENTIFIER); if (bundle != null) { List bundles = new ArrayList(); bundles.add(bundle); @@ -467,7 +465,33 @@ public void provideJsonFileDependency(File file, String groupId, String version) */ public abstract File downloadArtifact(String groupId, String artifactId, String type, String version) throws PluginExecutionException; - + + private DocumentBuilder getDocumentBuilder() throws PluginExecutionException { + DocumentBuilder docBuilder; + + DocumentBuilderFactory docBuilderFactory = DocumentBuilderFactory.newInstance(); + docBuilderFactory.setIgnoringComments(true); + docBuilderFactory.setCoalescing(true); + docBuilderFactory.setIgnoringElementContentWhitespace(true); + docBuilderFactory.setValidating(false); + try { + docBuilderFactory.setFeature("http://apache.org/xml/features/nonvalidating/load-dtd-grammar", false); + docBuilderFactory.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false); + docBuilderFactory.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); + docBuilderFactory.setFeature("http://xml.org/sax/features/external-parameter-entities", false); + docBuilderFactory.setFeature("http://xml.org/sax/features/external-general-entities", false); + docBuilderFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); + docBuilderFactory.setXIncludeAware(false); + docBuilderFactory.setNamespaceAware(true); + docBuilderFactory.setExpandEntityReferences(false); + docBuilder = docBuilderFactory.newDocumentBuilder(); + } catch (ParserConfigurationException e) { + // fail catastrophically if we can't create a document builder + throw new PluginExecutionException("Cannot read the features-bom file " + e.getMessage()); + } + + return docBuilder; + } } diff --git a/src/main/java/io/openliberty/tools/common/plugins/util/ServerFeatureUtil.java b/src/main/java/io/openliberty/tools/common/plugins/util/ServerFeatureUtil.java index eb93ed7b1..88b1a63ee 100644 --- a/src/main/java/io/openliberty/tools/common/plugins/util/ServerFeatureUtil.java +++ b/src/main/java/io/openliberty/tools/common/plugins/util/ServerFeatureUtil.java @@ -40,6 +40,7 @@ import java.util.Set; import java.util.logging.Level; +import javax.xml.XMLConstants; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.ParserConfigurationException; @@ -61,13 +62,11 @@ */ public abstract class ServerFeatureUtil extends AbstractContainerSupportUtil implements CommonLoggerI { - public static final String OPEN_LIBERTY_GROUP_ID = "io.openliberty.features"; - public static final String REPOSITORY_RESOLVER_ARTIFACT_ID = "repository-resolver"; - public static final String INSTALL_MAP_ARTIFACT_ID = "install-map"; + public static final String REPOSITORY_RESOLVER_ARTIFACT_IDENTIFIER = "repository-resolver"; private static final int COPY_FILE_TIMEOUT_MILLIS = 5 * 60 * 1000; public static final String WLP_INSTALL_DIR = "wlp.install.dir"; - public static final String WLP_USER_DIR = "wlp.user.dir"; + public static final String WLP_USR_DIR = "wlp.user.dir"; public static final String USR_EXTENSION_DIR = "usr.extension.dir"; public static final String SHARED_APP_DIR = "shared.app.dir"; public static final String SHARED_CONFIG_DIR = "shared.config.dir"; @@ -365,8 +364,15 @@ public FeaturesPlatforms getServerXmlFeatures(FeaturesPlatforms origResult, File } else { try { DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); - dbf.setFeature("http://apache.org/xml/features/nonvalidating/load-dtd-grammar", false); - dbf.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false); + dbf.setFeature("http://apache.org/xml/features/nonvalidating/load-dtd-grammar", false); + dbf.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false); + dbf.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); + dbf.setFeature("http://xml.org/sax/features/external-parameter-entities", false); + dbf.setFeature("http://xml.org/sax/features/external-general-entities", false); + dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); + dbf.setXIncludeAware(false); + dbf.setNamespaceAware(true); + dbf.setExpandEntityReferences(false); DocumentBuilder db = dbf.newDocumentBuilder(); db.setErrorHandler(new ErrorHandler() { @Override diff --git a/src/main/java/io/openliberty/tools/common/plugins/util/ServerStatusUtil.java b/src/main/java/io/openliberty/tools/common/plugins/util/ServerStatusUtil.java index 8452375c9..0efa70c05 100644 --- a/src/main/java/io/openliberty/tools/common/plugins/util/ServerStatusUtil.java +++ b/src/main/java/io/openliberty/tools/common/plugins/util/ServerStatusUtil.java @@ -53,7 +53,7 @@ public static boolean isServerRunning(File installDirectory, File outputDirector return false; } } catch (Exception e) { - e.printStackTrace(); + System.out.println("exception while reading pidfile " + e.getMessage()); } } if (!sLock.exists() || !sCommand.exists()) { @@ -68,7 +68,7 @@ public static boolean isServerRunning(File installDirectory, File outputDirector return false; } } catch (Exception e) { - e.printStackTrace(); + System.out.println("exception while executing server status command " + e.getMessage()); } } } diff --git a/src/test/java/io/openliberty/tools/common/plugins/util/InstallFeatureUtilTest.java b/src/test/java/io/openliberty/tools/common/plugins/util/InstallFeatureUtilTest.java index b0b85bd1d..a7aa78fb4 100644 --- a/src/test/java/io/openliberty/tools/common/plugins/util/InstallFeatureUtilTest.java +++ b/src/test/java/io/openliberty/tools/common/plugins/util/InstallFeatureUtilTest.java @@ -8,7 +8,6 @@ import java.io.File; import java.util.ArrayList; import java.util.Collection; -import java.util.HashMap; import java.util.HashSet; import java.util.List; import java.util.Map; @@ -180,7 +179,7 @@ public void testDownloadOverrideBundle() throws Exception { @Override public File downloadArtifact(String groupId, String artifactId, String type, String version) throws PluginExecutionException { - if (artifactId.equals(InstallFeatureUtil.REPOSITORY_RESOLVER_ARTIFACT_ID)) { + if (artifactId.equals(InstallFeatureUtil.REPOSITORY_RESOLVER_ARTIFACT_IDENTIFIER)) { assertEquals("[18.0.0.2, 18.0.0.3)", version); String downloadVersion = "18.0.0.2"; @@ -197,8 +196,8 @@ public File downloadArtifact(String groupId, String artifactId, String type, Str } } }; - String result = util.getOverrideBundleDescriptor(InstallFeatureUtil.OPEN_LIBERTY_GROUP_ID, - InstallFeatureUtil.REPOSITORY_RESOLVER_ARTIFACT_ID); + String result = util.getOverrideBundleDescriptor(InstallFeatureUtil.OPEN_LIBERTY_GROUP_IDENTIFIER, + InstallFeatureUtil.REPOSITORY_RESOLVER_ARTIFACT_IDENTIFIER); String expectedEndsWith = RESOLVER_JAR_PATH + ";" + RESOLVER_SYMBOLIC_NAME; String expectedEndsWithWindows = expectedEndsWith.replaceAll("/", "\\\\"); assertTrue( diff --git a/src/test/java/io/openliberty/tools/common/plugins/util/ServerConfigDocumentTest.java b/src/test/java/io/openliberty/tools/common/plugins/util/ServerConfigDocumentTest.java index ac3e19f61..c234e4e8f 100644 --- a/src/test/java/io/openliberty/tools/common/plugins/util/ServerConfigDocumentTest.java +++ b/src/test/java/io/openliberty/tools/common/plugins/util/ServerConfigDocumentTest.java @@ -111,7 +111,7 @@ public Map getLibertyDirectoryPropertyFiles(TestLogger log, File s libertyDirectoryPropertyToFile.put(ServerFeatureUtil.SERVER_CONFIG_DIR, serverDirectory.getCanonicalFile()); File wlpUserDir = serverDirectory.getParentFile().getParentFile(); - libertyDirectoryPropertyToFile.put(ServerFeatureUtil.WLP_USER_DIR, wlpUserDir.getCanonicalFile()); + libertyDirectoryPropertyToFile.put(ServerFeatureUtil.WLP_USR_DIR, wlpUserDir.getCanonicalFile()); File wlpInstallDir = wlpUserDir.getParentFile(); libertyDirectoryPropertyToFile.put(ServerFeatureUtil.WLP_INSTALL_DIR, wlpInstallDir.getCanonicalFile()); From 98e16ea68deeff6cb5455eefe93561684f1ac2e8 Mon Sep 17 00:00:00 2001 From: Arun Venmany Date: Wed, 25 Sep 2024 13:23:44 +0530 Subject: [PATCH 2/3] contrast security issue fixes Signed-off-by: Arun Venmany --- .../tools/common/plugins/util/BinaryScannerUtil.java | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/main/java/io/openliberty/tools/common/plugins/util/BinaryScannerUtil.java b/src/main/java/io/openliberty/tools/common/plugins/util/BinaryScannerUtil.java index 541c9cb96..4381c7732 100644 --- a/src/main/java/io/openliberty/tools/common/plugins/util/BinaryScannerUtil.java +++ b/src/main/java/io/openliberty/tools/common/plugins/util/BinaryScannerUtil.java @@ -27,6 +27,8 @@ public abstract class BinaryScannerUtil { + public static final String BINARY_SCANNER_MAVEN_GROUP_IDENTIFIER = "com.ibm.websphere.appmod.tools"; + public static final String BINARY_SCANNER_MAVEN_ARTIFACT_IDENTIFIER = "binary-app-scanner"; public static final String BINARY_SCANNER_MAVEN_TYPE = "jar"; public static final String BINARY_SCANNER_MAVEN_VERSION = "[21.0.0.5-SNAPSHOT,)"; From 7b80406de432d053fc31f891b77ba20d026ba490 Mon Sep 17 00:00:00 2001 From: Arun Venmany Date: Wed, 25 Sep 2024 13:41:02 +0530 Subject: [PATCH 3/3] rolling back variable names as its causing failure in ci maven and ci gradle Signed-off-by: Arun Venmany --- .../plugins/util/BinaryScannerUtil.java | 40 +++++++++---------- .../plugins/util/InstallFeatureUtil.java | 34 ++++++++-------- .../plugins/util/PrepareFeatureUtil.java | 18 ++++----- .../plugins/util/ServerFeatureUtil.java | 8 ++-- .../plugins/util/InstallFeatureUtilTest.java | 6 +-- .../util/ServerConfigDocumentTest.java | 2 +- 6 files changed, 56 insertions(+), 52 deletions(-) diff --git a/src/main/java/io/openliberty/tools/common/plugins/util/BinaryScannerUtil.java b/src/main/java/io/openliberty/tools/common/plugins/util/BinaryScannerUtil.java index 4381c7732..5bd8d0b14 100644 --- a/src/main/java/io/openliberty/tools/common/plugins/util/BinaryScannerUtil.java +++ b/src/main/java/io/openliberty/tools/common/plugins/util/BinaryScannerUtil.java @@ -27,8 +27,8 @@ public abstract class BinaryScannerUtil { - public static final String BINARY_SCANNER_MAVEN_GROUP_IDENTIFIER = "com.ibm.websphere.appmod.tools"; - public static final String BINARY_SCANNER_MAVEN_ARTIFACT_IDENTIFIER = "binary-app-scanner"; + public static final String BINARY_SCANNER_MAVEN_GROUP_ID = "com.ibm.websphere.appmod.tools"; + public static final String BINARY_SCANNER_MAVEN_ARTIFACT_ID = "binary-app-scanner"; public static final String BINARY_SCANNER_MAVEN_TYPE = "jar"; public static final String BINARY_SCANNER_MAVEN_VERSION = "[21.0.0.5-SNAPSHOT,)"; @@ -52,8 +52,8 @@ public abstract class BinaryScannerUtil { "in the application’s API usage: %s. Review and update your application to ensure it is not using conflicting APIs " + "from different levels of MicroProfile, Java EE, or Jakarta EE."; public static final String BINARY_SCANNER_CONFLICT_MESSAGE4 = "[None available]"; // format should match JVM Set.toString() - public static final String BINARY_SCANNER_CONFLICT_MESSAGE5 = "A working set of features could not be generated due to conflicts " + - "in the required features: %s and required levels of MicroProfile: %s, Java EE or Jakarta EE: %s. Review and update your application to ensure it " + + public static final String BINARY_SCANNER_CONFLICT_MESSAGE5 = "A working set of features could not be generated due to conflicts " + + "in the required features: %s and required levels of MicroProfile: %s, Java EE or Jakarta EE: %s. Review and update your application to ensure it " + "is using the correct levels of MicroProfile, Java EE, or Jakarta EE, or consider removing the following set of features: %s."; public static final String BINARY_SCANNER_INVALID_MP_MESSAGE = "The MicroProfile version number %s specified in the build file " + "is not supported for feature generation."; @@ -94,7 +94,7 @@ public BinaryScannerUtil(File binaryScanner) { * optimize parameter. The currentFeatureSet parameter indicates the starting list of features and all the * generated features will be compatible. The generated features will also be compatible with the indicated * versions of Java EE or Jakarta EE and MicroProfile. - * + * * @param currentFeatureSet - the features already specified in the server configuration * @param classFiles - a set of class files for the scanner to handle. Should be a subset of allClassesDirectories * @param allClassesDirectories - the directories containing all the class files of the application @@ -109,7 +109,7 @@ public BinaryScannerUtil(File binaryScanner) { * @throws NoRecommendationException - indicates a problem and there are no recommended features * @throws RecommendationSetException - indicates a problem but the scanner was able to generate a set of * features that should work to run the application - * @throws FeatureModifiedException - indicates a problem but the scanner was able to generate a set of features + * @throws FeatureModifiedException - indicates a problem but the scanner was able to generate a set of features * that should work if certain features are modified * @throws FeatureUnavailableException - indicates a problem between required features and required MP/EE levels but * the scanner was able to generate a set of features that should be removed @@ -118,7 +118,7 @@ public BinaryScannerUtil(File binaryScanner) { * scanner when used in combination with each other. E.g. EE 7 and MP 2.1 */ public Set runBinaryScanner(Set currentFeatureSet, List classFiles, Set allClassesDirectories, - String logLocation, String targetJavaEE, String targetMicroProfile, boolean optimize) + String logLocation, String targetJavaEE, String targetMicroProfile, boolean optimize) throws PluginExecutionException, NoRecommendationException, RecommendationSetException, FeatureModifiedException, FeatureUnavailableException, IllegalTargetException, IllegalTargetComboException { Set featureList = null; @@ -189,7 +189,7 @@ public Set runBinaryScanner(Set currentFeatureSet, List Set modifications = getFeatures(scannerException); // rerun binary scanner with all class files and without the current feature set Set sampleFeatureList = reRunIfFailed ? reRunBinaryScanner(allClassesDirectories, logLocation, targetJavaEE, targetMicroProfile) : null; - throw new FeatureModifiedException(modifications, + throw new FeatureModifiedException(modifications, (sampleFeatureList == null) ? getNoSampleFeatureList() : sampleFeatureList, scannerException.getLocalizedMessage()); } else if (scannerException.getClass().getName().equals(FEATURE_NOT_AVAILABLE_EXCEPTION)) { // The list of features required by app or passed to binary scanner do not exist @@ -241,10 +241,10 @@ public Set runBinaryScanner(Set currentFeatureSet, List /** * The method is intended to call the binary scanner to generate a list of the optimal features for an * application. This optimal list can be reported to the user as a suggested list of features. - * + * * In order to generate the optimal list we must scan all classes in the application and we do not consider * the features already specified in the server configuration (server.xml). - * + * * @param allClassesDirectories - the scanner will find all the class files in this set of directories * @param logLocation - directory name relative to project or absolute path passed to binary scanner * @param targetJavaEE - generate features valid for the indicated version of EE @@ -267,13 +267,13 @@ public Set reRunBinaryScanner(Set allClassesDirectories, String logLocation = null; } debug("Recalling binary scanner with the following inputs...\n" + - " binaryInputs: " + binaryInputs + "\n" + - " targetJavaEE: " + targetJavaEE + "\n" + - " targetMicroP: " + targetMicroProfile + "\n" + - " currentFeatures: " + currentFeaturesSet + "\n" + - " logLocation: " + logLocation + "\n" + - " logLevel: " + logLevel + "\n" + - " locale: " + java.util.Locale.getDefault()); + " binaryInputs: " + binaryInputs + "\n" + + " targetJavaEE: " + targetJavaEE + "\n" + + " targetMicroP: " + targetMicroProfile + "\n" + + " currentFeatures: " + currentFeaturesSet + "\n" + + " logLocation: " + logLocation + "\n" + + " logLevel: " + logLevel + "\n" + + " locale: " + java.util.Locale.getDefault()); featureList = (Set) generateFeatureSetMethod.invoke(null, binaryInputs, targetJavaEE, targetMicroProfile, currentFeaturesSet, logLocation, logLevel, java.util.Locale.getDefault()); for (String s : featureList) {debug(s);}; @@ -446,12 +446,12 @@ public static String composeMPVersion(String ver) { /** * Convenience method to build the string reported to the user when the exception is detected. - * + * * This is used after the caller has analyzed the Java or Jakarta EE version number and the MicroProfile * version number and generated argument values to pass to the binary scanner. If the binary scanner * detects a problem and throws an exception it reports the invalid arguments. We must map the invalid * arguments back to the user specified version number in order to fix the problem. - * + * * @param invalidEEArg - the argument passed to the binary scanner which may be returned as invalid. * @param invalidMPArg - the argument passed to the binary scanner which may be returned as invalid. * @param eeVersion - the user specified version string from the build file used to generate the arg. @@ -593,4 +593,4 @@ public class IllegalTargetComboException extends AbstractIllegalTargetException super(eeLevel, mpLevel); } } -} +} \ No newline at end of file diff --git a/src/main/java/io/openliberty/tools/common/plugins/util/InstallFeatureUtil.java b/src/main/java/io/openliberty/tools/common/plugins/util/InstallFeatureUtil.java index 6369118e0..bfb9f0a33 100644 --- a/src/main/java/io/openliberty/tools/common/plugins/util/InstallFeatureUtil.java +++ b/src/main/java/io/openliberty/tools/common/plugins/util/InstallFeatureUtil.java @@ -57,9 +57,9 @@ */ public abstract class InstallFeatureUtil extends ServerFeatureUtil { - public static final String OPEN_LIBERTY_GROUP_IDENTIFIER = "io.openliberty.features"; - public static final String REPOSITORY_RESOLVER_ARTIFACT_IDENTIFIER = "repository-resolver"; - public static final String INSTALL_MAP_ARTIFACT_IDENTIFIER = "install-map"; + public static final String OPEN_LIBERTY_GROUP_ID = "io.openliberty.features"; + public static final String REPOSITORY_RESOLVER_ARTIFACT_ID = "repository-resolver"; + public static final String INSTALL_MAP_ARTIFACT_ID = "install-map"; public static final String CONFLICT = "CWWKF0033E.*", INCOMPATIBLE_SINGLETON = "CWWKF1405E.*", MISSING_MULTIPLE_DEPENDENT = "CWWKF1385E.*", SAME_MODEL_CONFLICT = "CWWKF0043E.*", DIFF_MODEL_CONFLICT = "CWWKF0044E.*", SAME_INDIRECT_MODEL_CONFLICT = "CWWKF0047E.*", @@ -101,10 +101,12 @@ public enum VerifyOption { private static final String INSTALL_MAP_PREFIX = "com.ibm.ws.install.map"; private static final String JAR_EXT = ".jar"; - private static final String OPEN_LIBERTY_PRODUCT_IDENTIFIER = "io.openliberty"; - private static final String CLOSED_LIBERTY_PRODUCT_IDENTIFIER = "com.ibm.websphere.appserver"; - private static final String TO_USR = "usr"; - private static final String MIN_FEATURE_VERSION = "21.0.0.11"; + private static final String OPEN_LIBERTY_PRODUCT_ID = "io.openliberty"; + private static final String CLOSED_LIBERTY_PRODUCT_ID = "com.ibm.websphere.appserver"; + private static final String FEATURES_BOM_ARTIFACT_ID = "features-bom"; + private static final String FEATURES_JSON_ARTIFACT_ID = "features"; + private static final String TO_USER = "usr"; + private static final String MIN_USER_FEATURE_VERSION = "21.0.0.11"; private static final String MIN_VERIFY_FEATURE_VERSION = "23.0.0.9"; private static final String MIN_VERSIONLESS_FEATURE_VERSION = "24.0.0.9"; @@ -166,7 +168,7 @@ public InstallFeatureUtil(File installDirectory, File buildDirectory, String fro //check if the openliberty kernel meets min required version 21.0.0.11 if (additionalJsons != null && !additionalJsons.isEmpty() && openLibertyVersion != null) { - if (VersionUtility.compareArtifactVersion(openLibertyVersion, MIN_FEATURE_VERSION, true) >= 0) { + if (VersionUtility.compareArtifactVersion(openLibertyVersion, MIN_USER_FEATURE_VERSION, true) >= 0) { Set groupIDJsons = getAdditionalJsons(); if (groupIDJsons != null) { downloadedJsons.addAll(groupIDJsons); @@ -449,7 +451,7 @@ public boolean accept(File dir, String name) { public static String getOpenLibertyVersion(List propList) { for (ProductProperties properties : propList) { - if (properties.getId().equals(OPEN_LIBERTY_PRODUCT_IDENTIFIER)) { + if (properties.getId().equals(OPEN_LIBERTY_PRODUCT_ID)) { return properties.getVersion(); } } @@ -458,7 +460,7 @@ public static String getOpenLibertyVersion(List propList) { public static boolean isClosedLiberty(List propList) { for (ProductProperties properties : propList) { - if (properties.getId().equals(CLOSED_LIBERTY_PRODUCT_IDENTIFIER)) { + if (properties.getId().equals(CLOSED_LIBERTY_PRODUCT_ID)) { return true; } } @@ -540,7 +542,7 @@ public static Set getOpenLibertyFeatureSet(Set jsons) throws Plugi s = new Scanner(file); // scan Maven coordinates for artifactIds that belong to the Open Liberty // groupId - while (s.findWithinHorizon(OPEN_LIBERTY_GROUP_IDENTIFIER + ":([^:]*):", 0) != null) { + while (s.findWithinHorizon(OPEN_LIBERTY_GROUP_ID + ":([^:]*):", 0) != null) { MatchResult match = s.match(); if (match.groupCount() >= 1) { libertyFeatures.add(match.group(1)); @@ -663,11 +665,11 @@ public void installFeatures(boolean isAcceptLicense, List featuresList, if(openLibertyVersion != null) { info("plugin listed esa: " + pluginListedEsas.toString()); - if ((VersionUtility.compareArtifactVersion(openLibertyVersion, MIN_FEATURE_VERSION, true) < 0) && !pluginListedEsas.isEmpty()) { + if ((VersionUtility.compareArtifactVersion(openLibertyVersion, MIN_USER_FEATURE_VERSION, true) < 0) && !pluginListedEsas.isEmpty()) { //manually install user feature esas info("Neither InstallUtility nor FeatureUtility is available to install user feature esa."); info("Attempting to manually install the user feature esa without resolving its dependencies."); - info("Recommended user action: upgrade to OpenLiberty version " + MIN_FEATURE_VERSION + " or higher and provide features-bom file for the user feature esa."); + info("Recommended user action: upgrade to OpenLiberty version " + MIN_USER_FEATURE_VERSION + " or higher and provide features-bom file for the user feature esa."); copyUserFeature(pluginListedEsas, installDirectory); } else { @@ -731,7 +733,7 @@ public void installFeatures(boolean isAcceptLicense, List featuresList, disableCacheInURLClassLoader(); try { - String bundle = getOverrideBundleDescriptor(OPEN_LIBERTY_GROUP_IDENTIFIER, REPOSITORY_RESOLVER_ARTIFACT_IDENTIFIER); + String bundle = getOverrideBundleDescriptor(OPEN_LIBERTY_GROUP_ID, REPOSITORY_RESOLVER_ARTIFACT_ID); mapBasedInstallKernel = createMapBasedInstallKernelInstance(bundle, installDirectory); @@ -756,7 +758,7 @@ public void installFeatures(boolean isAcceptLicense, List featuresList, mapBasedInstallKernel.put("license.accept", acceptLicenseMapValue); mapBasedInstallKernel.put("action.install", esaFile); String ext = artifactsToExt.get(esaFile); - mapBasedInstallKernel.put("to.extension", TO_USR); + mapBasedInstallKernel.put("to.extension", TO_USER); if (ext!= null && !ext.equals("") && to != null) { warn("The product extension location \""+ext+"\" specified in the server.xml file overrides the to extension \""+to+"\" specified in the build file."); @@ -923,7 +925,7 @@ private File downloadOverrideJar(String groupId, String artifactId) { private File loadInstallJarFile(File installDirectory) { if(installJarFile == null) { if (openLibertyVersion != null) { - File installJarOverride = downloadOverrideJar(OPEN_LIBERTY_GROUP_IDENTIFIER, INSTALL_MAP_ARTIFACT_IDENTIFIER); + File installJarOverride = downloadOverrideJar(OPEN_LIBERTY_GROUP_ID, INSTALL_MAP_ARTIFACT_ID); if (installJarOverride != null && installJarOverride.exists()) { installJarFile = installJarOverride; } else { diff --git a/src/main/java/io/openliberty/tools/common/plugins/util/PrepareFeatureUtil.java b/src/main/java/io/openliberty/tools/common/plugins/util/PrepareFeatureUtil.java index f2ff6ec65..77770f0f0 100644 --- a/src/main/java/io/openliberty/tools/common/plugins/util/PrepareFeatureUtil.java +++ b/src/main/java/io/openliberty/tools/common/plugins/util/PrepareFeatureUtil.java @@ -49,10 +49,10 @@ public abstract class PrepareFeatureUtil extends ServerFeatureUtil { private String openLibertyVersion; - public static final String OPEN_LIBERTY_GROUP_IDENTIFIER = "io.openliberty.features"; - public static final String INSTALL_MAP_ARTIFACT_IDENTIFIER = "install-map"; - public static final String FEATURES_JSON_ARTIFACT_IDENTIFIER = "features"; - private static final String MIN_FEATURE_VERSION = "21.0.0.11"; + public static final String OPEN_LIBERTY_GROUP_ID = "io.openliberty.features"; + public static final String INSTALL_MAP_ARTIFACT_ID = "install-map"; + public static final String FEATURES_JSON_ARTIFACT_ID = "features"; + private static final String MIN_USER_FEATURE_VERSION = "21.0.0.11"; private static final String INSTALL_MAP_PREFIX = "com.ibm.ws.install.map"; private static final String JAR_EXT = ".jar"; @@ -67,9 +67,9 @@ public PrepareFeatureUtil(File installDirectory, String openLibertyVersion) installJarFile = loadInstallJarFile(installDirectory); // check if the openliberty kernel meets min required version 21.0.0.11 - if (VersionUtility.compareArtifactVersion(openLibertyVersion, MIN_FEATURE_VERSION, true) < 0) { + if (VersionUtility.compareArtifactVersion(openLibertyVersion, MIN_USER_FEATURE_VERSION, true) < 0) { throw new PluginScenarioException( - "Installing user features on Liberty version "+openLibertyVersion+" is not supported. The minimum required version of Liberty for installing user features is "+ MIN_FEATURE_VERSION +"."); + "Installing user features on Liberty version "+openLibertyVersion+" is not supported. The minimum required version of Liberty for installing user features is "+ MIN_USER_FEATURE_VERSION +"."); } if (installJarFile == null) { throw new PluginScenarioException("Install map jar not found."); @@ -116,7 +116,7 @@ private Map populateESAMap(File additionalBOM) { private void prepareFeature(String groupId, String artifactId, String version, File additionalBOM, Map esaMap) { try { String repoLocation = parseRepositoryLocation(additionalBOM, groupId, artifactId, "pom", version); - String targetJsonFile = createArtifactFilePath(repoLocation, groupId, FEATURES_JSON_ARTIFACT_IDENTIFIER, "json", + String targetJsonFile = createArtifactFilePath(repoLocation, groupId, FEATURES_JSON_ARTIFACT_ID, "json", version); File generatedJson = generateJson(targetJsonFile, esaMap); if (generatedJson.exists()) { @@ -298,7 +298,7 @@ public File generateJson(String targetJsonFile, Map esaFileMap) th private File loadInstallJarFile(File installDirectory) { if (openLibertyVersion != null) { - File installJarOverride = downloadOverrideJar(OPEN_LIBERTY_GROUP_IDENTIFIER, INSTALL_MAP_ARTIFACT_IDENTIFIER); + File installJarOverride = downloadOverrideJar(OPEN_LIBERTY_GROUP_ID, INSTALL_MAP_ARTIFACT_ID); if (installJarOverride != null && installJarOverride.exists()) { return installJarOverride; } @@ -335,7 +335,7 @@ public Map run() throws Exception { } // Init - String bundle = getOverrideBundleDescriptor(OPEN_LIBERTY_GROUP_IDENTIFIER, REPOSITORY_RESOLVER_ARTIFACT_IDENTIFIER); + String bundle = getOverrideBundleDescriptor(OPEN_LIBERTY_GROUP_ID, REPOSITORY_RESOLVER_ARTIFACT_ID); if (bundle != null) { List bundles = new ArrayList(); bundles.add(bundle); diff --git a/src/main/java/io/openliberty/tools/common/plugins/util/ServerFeatureUtil.java b/src/main/java/io/openliberty/tools/common/plugins/util/ServerFeatureUtil.java index 88b1a63ee..575b7ad51 100644 --- a/src/main/java/io/openliberty/tools/common/plugins/util/ServerFeatureUtil.java +++ b/src/main/java/io/openliberty/tools/common/plugins/util/ServerFeatureUtil.java @@ -61,12 +61,14 @@ * Utility class to determine server features */ public abstract class ServerFeatureUtil extends AbstractContainerSupportUtil implements CommonLoggerI { - - public static final String REPOSITORY_RESOLVER_ARTIFACT_IDENTIFIER = "repository-resolver"; + + public static final String OPEN_LIBERTY_GROUP_ID = "io.openliberty.features"; + public static final String REPOSITORY_RESOLVER_ARTIFACT_ID = "repository-resolver"; + public static final String INSTALL_MAP_ARTIFACT_ID = "install-map"; private static final int COPY_FILE_TIMEOUT_MILLIS = 5 * 60 * 1000; public static final String WLP_INSTALL_DIR = "wlp.install.dir"; - public static final String WLP_USR_DIR = "wlp.user.dir"; + public static final String WLP_USER_DIR = "wlp.user.dir"; public static final String USR_EXTENSION_DIR = "usr.extension.dir"; public static final String SHARED_APP_DIR = "shared.app.dir"; public static final String SHARED_CONFIG_DIR = "shared.config.dir"; diff --git a/src/test/java/io/openliberty/tools/common/plugins/util/InstallFeatureUtilTest.java b/src/test/java/io/openliberty/tools/common/plugins/util/InstallFeatureUtilTest.java index a7aa78fb4..8fdfda195 100644 --- a/src/test/java/io/openliberty/tools/common/plugins/util/InstallFeatureUtilTest.java +++ b/src/test/java/io/openliberty/tools/common/plugins/util/InstallFeatureUtilTest.java @@ -179,7 +179,7 @@ public void testDownloadOverrideBundle() throws Exception { @Override public File downloadArtifact(String groupId, String artifactId, String type, String version) throws PluginExecutionException { - if (artifactId.equals(InstallFeatureUtil.REPOSITORY_RESOLVER_ARTIFACT_IDENTIFIER)) { + if (artifactId.equals(InstallFeatureUtil.REPOSITORY_RESOLVER_ARTIFACT_ID)) { assertEquals("[18.0.0.2, 18.0.0.3)", version); String downloadVersion = "18.0.0.2"; @@ -196,8 +196,8 @@ public File downloadArtifact(String groupId, String artifactId, String type, Str } } }; - String result = util.getOverrideBundleDescriptor(InstallFeatureUtil.OPEN_LIBERTY_GROUP_IDENTIFIER, - InstallFeatureUtil.REPOSITORY_RESOLVER_ARTIFACT_IDENTIFIER); + String result = util.getOverrideBundleDescriptor(InstallFeatureUtil.OPEN_LIBERTY_GROUP_ID, + InstallFeatureUtil.REPOSITORY_RESOLVER_ARTIFACT_ID); String expectedEndsWith = RESOLVER_JAR_PATH + ";" + RESOLVER_SYMBOLIC_NAME; String expectedEndsWithWindows = expectedEndsWith.replaceAll("/", "\\\\"); assertTrue( diff --git a/src/test/java/io/openliberty/tools/common/plugins/util/ServerConfigDocumentTest.java b/src/test/java/io/openliberty/tools/common/plugins/util/ServerConfigDocumentTest.java index c234e4e8f..ac3e19f61 100644 --- a/src/test/java/io/openliberty/tools/common/plugins/util/ServerConfigDocumentTest.java +++ b/src/test/java/io/openliberty/tools/common/plugins/util/ServerConfigDocumentTest.java @@ -111,7 +111,7 @@ public Map getLibertyDirectoryPropertyFiles(TestLogger log, File s libertyDirectoryPropertyToFile.put(ServerFeatureUtil.SERVER_CONFIG_DIR, serverDirectory.getCanonicalFile()); File wlpUserDir = serverDirectory.getParentFile().getParentFile(); - libertyDirectoryPropertyToFile.put(ServerFeatureUtil.WLP_USR_DIR, wlpUserDir.getCanonicalFile()); + libertyDirectoryPropertyToFile.put(ServerFeatureUtil.WLP_USER_DIR, wlpUserDir.getCanonicalFile()); File wlpInstallDir = wlpUserDir.getParentFile(); libertyDirectoryPropertyToFile.put(ServerFeatureUtil.WLP_INSTALL_DIR, wlpInstallDir.getCanonicalFile());