GEN-2891 - Add ingestion agent relationship to service entities

[gyohub]

Describe your changes:

Part of the work on the Collate Hybrid Ingestion Agent

Fixes GEN-2891

The ingestion agent can be assigned at service level too.
a DB migration is not required as there's no need for a new table column.

Type of change:

• Bug fix
• Improvement
• New feature
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation

Checklist:

• I have read the CONTRIBUTING document.
• My PR title is Fixes <issue-number>: <short explanation>
• I have commented on my code, particularly in hard-to-understand areas.
• For JSON Schema changes: I updated the migration scripts or explained why it is not needed.

[notion-workspace]

Add ingestion agent entity reference to Service entities

[github-actions]

🛡️ TRIVY SCAN RESULT 🛡️

Target: openmetadata-server:trivy (alpine 3.21.3)

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: Java

No Vulnerabilities Found

[github-actions]

🛡️ TRIVY SCAN RESULT 🛡️

Target: openmetadata-ingestion-base-slim:trivy (debian 12.9)

Vulnerabilities (22)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version
linux-libc-dev	CVE-2024-36899	🚨 HIGH	6.1.124-1	6.1.128-1
linux-libc-dev	CVE-2024-50047	🚨 HIGH	6.1.124-1	6.1.128-1
linux-libc-dev	CVE-2024-50164	🚨 HIGH	6.1.124-1	6.1.128-1
linux-libc-dev	CVE-2024-53170	🚨 HIGH	6.1.124-1	6.1.128-1
linux-libc-dev	CVE-2024-53229	🚨 HIGH	6.1.124-1	6.1.128-1
linux-libc-dev	CVE-2024-56551	🚨 HIGH	6.1.124-1	6.1.128-1
linux-libc-dev	CVE-2024-56608	🚨 HIGH	6.1.124-1	6.1.128-1
linux-libc-dev	CVE-2024-56631	🚨 HIGH	6.1.124-1	6.1.128-1
linux-libc-dev	CVE-2024-56664	🚨 HIGH	6.1.124-1	6.1.128-1
linux-libc-dev	CVE-2024-57887	🚨 HIGH	6.1.124-1	6.1.128-1
linux-libc-dev	CVE-2024-57892	🚨 HIGH	6.1.124-1	6.1.128-1
linux-libc-dev	CVE-2024-57906	🚨 HIGH	6.1.124-1	6.1.128-1
linux-libc-dev	CVE-2024-57907	🚨 HIGH	6.1.124-1	6.1.128-1
linux-libc-dev	CVE-2024-57908	🚨 HIGH	6.1.124-1	6.1.128-1
linux-libc-dev	CVE-2024-57910	🚨 HIGH	6.1.124-1	6.1.128-1
linux-libc-dev	CVE-2024-57911	🚨 HIGH	6.1.124-1	6.1.128-1
linux-libc-dev	CVE-2024-57912	🚨 HIGH	6.1.124-1	6.1.128-1
linux-libc-dev	CVE-2025-21631	🚨 HIGH	6.1.124-1	6.1.128-1
linux-libc-dev	CVE-2025-21647	🚨 HIGH	6.1.124-1	6.1.128-1
linux-libc-dev	CVE-2025-21648	🚨 HIGH	6.1.124-1	6.1.128-1
linux-libc-dev	CVE-2025-21671	🚨 HIGH	6.1.124-1	6.1.128-1
linux-libc-dev	CVE-2025-21680	🚨 HIGH	6.1.124-1	6.1.128-1

🛡️ TRIVY SCAN RESULT 🛡️

Target: Java

Vulnerabilities (46)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36518	🚨 HIGH	2.11.4	2.13.2.1, 2.12.6.1
com.fasterxml.jackson.core:jackson-databind	CVE-2021-46877	🚨 HIGH	2.11.4	2.12.6, 2.13.1
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42003	🚨 HIGH	2.11.4	2.12.7.1, 2.13.4.2
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42004	🚨 HIGH	2.11.4	2.12.7.1, 2.13.4
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36518	🚨 HIGH	2.13.0	2.13.2.1, 2.12.6.1
com.fasterxml.jackson.core:jackson-databind	CVE-2021-46877	🚨 HIGH	2.13.0	2.12.6, 2.13.1
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42003	🚨 HIGH	2.13.0	2.12.7.1, 2.13.4.2
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42004	🚨 HIGH	2.13.0	2.12.7.1, 2.13.4
com.google.code.gson:gson	CVE-2022-25647	🚨 HIGH	2.2.4	2.8.9
com.google.protobuf:protobuf-java	CVE-2021-22569	🚨 HIGH	2.5.0	3.16.1, 3.18.2, 3.19.2
com.google.protobuf:protobuf-java	CVE-2021-22570	🚨 HIGH	2.5.0	3.15.0
com.google.protobuf:protobuf-java	CVE-2022-3509	🚨 HIGH	2.5.0	3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java	CVE-2022-3510	🚨 HIGH	2.5.0	3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java	CVE-2024-7254	🚨 HIGH	2.5.0	3.25.5, 4.27.5, 4.28.2
com.google.protobuf:protobuf-java	CVE-2021-22569	🚨 HIGH	3.3.0	3.16.1, 3.18.2, 3.19.2
com.google.protobuf:protobuf-java	CVE-2021-22570	🚨 HIGH	3.3.0	3.15.0
com.google.protobuf:protobuf-java	CVE-2022-3509	🚨 HIGH	3.3.0	3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java	CVE-2022-3510	🚨 HIGH	3.3.0	3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java	CVE-2024-7254	🚨 HIGH	3.3.0	3.25.5, 4.27.5, 4.28.2
com.google.protobuf:protobuf-java	CVE-2021-22569	🚨 HIGH	3.7.1	3.16.1, 3.18.2, 3.19.2
com.google.protobuf:protobuf-java	CVE-2021-22570	🚨 HIGH	3.7.1	3.15.0
com.google.protobuf:protobuf-java	CVE-2022-3509	🚨 HIGH	3.7.1	3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java	CVE-2022-3510	🚨 HIGH	3.7.1	3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java	CVE-2024-7254	🚨 HIGH	3.7.1	3.25.5, 4.27.5, 4.28.2
com.nimbusds:nimbus-jose-jwt	CVE-2023-52428	🚨 HIGH	9.8.1	9.37.2
commons-io:commons-io	CVE-2024-47554	🚨 HIGH	2.11.0	2.14.0
commons-io:commons-io	CVE-2024-47554	🚨 HIGH	2.8.0	2.14.0
dnsjava:dnsjava	CVE-2024-25638	🚨 HIGH	2.1.7	3.6.0
io.airlift:aircompressor	CVE-2024-36114	🚨 HIGH	0.21	0.27
net.minidev:json-smart	CVE-2021-31684	🚨 HIGH	1.3.2	1.3.3, 2.4.4
net.minidev:json-smart	CVE-2023-1370	🚨 HIGH	1.3.2	2.4.9
org.apache.avro:avro	CVE-2024-47561	🔥 CRITICAL	1.11.0	1.11.4
org.apache.avro:avro	CVE-2023-39410	🚨 HIGH	1.11.0	1.11.3
org.apache.avro:avro	CVE-2024-47561	🔥 CRITICAL	1.7.7	1.11.4
org.apache.avro:avro	CVE-2023-39410	🚨 HIGH	1.7.7	1.11.3
org.apache.derby:derby	CVE-2022-46337	🔥 CRITICAL	10.14.2.0	10.14.3, 10.15.2.1, 10.16.1.2, 10.17.1.0
org.apache.hadoop:hadoop-common	CVE-2022-25168	🔥 CRITICAL	3.3.2	2.10.2, 3.2.4, 3.3.3
org.apache.ivy:ivy	CVE-2022-46751	🚨 HIGH	2.5.1	2.5.2
org.apache.mesos:mesos	CVE-2018-1330	🚨 HIGH	1.4.3	1.6.0
org.apache.spark:spark-hive-thriftserver_2.12	CVE-2024-23945	🚨 HIGH	3.3.4	3.4.2
org.apache.thrift:libthrift	CVE-2019-0205	🚨 HIGH	0.12.0	0.13.0
org.apache.thrift:libthrift	CVE-2020-13949	🚨 HIGH	0.12.0	0.14.0
org.apache.zookeeper:zookeeper	CVE-2023-44981	🔥 CRITICAL	3.6.2	3.7.2, 3.8.3, 3.9.1
org.xerial.snappy:snappy-java	CVE-2023-34455	🚨 HIGH	1.1.8.4	1.1.10.1
org.xerial.snappy:snappy-java	CVE-2023-43642	🚨 HIGH	1.1.8.4	1.1.10.4
org.yaml:snakeyaml	CVE-2022-1471	🚨 HIGH	1.31	2.0

🛡️ TRIVY SCAN RESULT 🛡️

Target: Node.js

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: Python

Vulnerabilities (1)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version
Werkzeug	CVE-2024-34069	🚨 HIGH	2.2.3	3.0.3

🛡️ TRIVY SCAN RESULT 🛡️

Target: /ingestion/pipelines/lineage.yaml

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: /ingestion/pipelines/sample_data.json

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: /ingestion/pipelines/sample_data.yaml

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: /ingestion/pipelines/sample_usage.json

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: /ingestion/pipelines/sample_usage.yaml

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: /etc/ssl/private/ssl-cert-snakeoil.key

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: /ingestion/pipelines/extended_sample_data.yaml

No Vulnerabilities Found

[github-actions]

🛡️ TRIVY SCAN RESULT 🛡️

Target: openmetadata-ingestion:trivy (debian 12.9)

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: Java

Vulnerabilities (46)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36518	🚨 HIGH	2.11.4	2.13.2.1, 2.12.6.1
com.fasterxml.jackson.core:jackson-databind	CVE-2021-46877	🚨 HIGH	2.11.4	2.12.6, 2.13.1
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42003	🚨 HIGH	2.11.4	2.12.7.1, 2.13.4.2
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42004	🚨 HIGH	2.11.4	2.12.7.1, 2.13.4
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36518	🚨 HIGH	2.13.0	2.13.2.1, 2.12.6.1
com.fasterxml.jackson.core:jackson-databind	CVE-2021-46877	🚨 HIGH	2.13.0	2.12.6, 2.13.1
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42003	🚨 HIGH	2.13.0	2.12.7.1, 2.13.4.2
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42004	🚨 HIGH	2.13.0	2.12.7.1, 2.13.4
com.google.code.gson:gson	CVE-2022-25647	🚨 HIGH	2.2.4	2.8.9
com.google.protobuf:protobuf-java	CVE-2021-22569	🚨 HIGH	2.5.0	3.16.1, 3.18.2, 3.19.2
com.google.protobuf:protobuf-java	CVE-2021-22570	🚨 HIGH	2.5.0	3.15.0
com.google.protobuf:protobuf-java	CVE-2022-3509	🚨 HIGH	2.5.0	3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java	CVE-2022-3510	🚨 HIGH	2.5.0	3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java	CVE-2024-7254	🚨 HIGH	2.5.0	3.25.5, 4.27.5, 4.28.2
com.google.protobuf:protobuf-java	CVE-2021-22569	🚨 HIGH	3.3.0	3.16.1, 3.18.2, 3.19.2
com.google.protobuf:protobuf-java	CVE-2021-22570	🚨 HIGH	3.3.0	3.15.0
com.google.protobuf:protobuf-java	CVE-2022-3509	🚨 HIGH	3.3.0	3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java	CVE-2022-3510	🚨 HIGH	3.3.0	3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java	CVE-2024-7254	🚨 HIGH	3.3.0	3.25.5, 4.27.5, 4.28.2
com.google.protobuf:protobuf-java	CVE-2021-22569	🚨 HIGH	3.7.1	3.16.1, 3.18.2, 3.19.2
com.google.protobuf:protobuf-java	CVE-2021-22570	🚨 HIGH	3.7.1	3.15.0
com.google.protobuf:protobuf-java	CVE-2022-3509	🚨 HIGH	3.7.1	3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java	CVE-2022-3510	🚨 HIGH	3.7.1	3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java	CVE-2024-7254	🚨 HIGH	3.7.1	3.25.5, 4.27.5, 4.28.2
com.nimbusds:nimbus-jose-jwt	CVE-2023-52428	🚨 HIGH	9.8.1	9.37.2
commons-io:commons-io	CVE-2024-47554	🚨 HIGH	2.11.0	2.14.0
commons-io:commons-io	CVE-2024-47554	🚨 HIGH	2.8.0	2.14.0
dnsjava:dnsjava	CVE-2024-25638	🚨 HIGH	2.1.7	3.6.0
io.airlift:aircompressor	CVE-2024-36114	🚨 HIGH	0.21	0.27
net.minidev:json-smart	CVE-2021-31684	🚨 HIGH	1.3.2	1.3.3, 2.4.4
net.minidev:json-smart	CVE-2023-1370	🚨 HIGH	1.3.2	2.4.9
org.apache.avro:avro	CVE-2024-47561	🔥 CRITICAL	1.11.0	1.11.4
org.apache.avro:avro	CVE-2023-39410	🚨 HIGH	1.11.0	1.11.3
org.apache.avro:avro	CVE-2024-47561	🔥 CRITICAL	1.7.7	1.11.4
org.apache.avro:avro	CVE-2023-39410	🚨 HIGH	1.7.7	1.11.3
org.apache.derby:derby	CVE-2022-46337	🔥 CRITICAL	10.14.2.0	10.14.3, 10.15.2.1, 10.16.1.2, 10.17.1.0
org.apache.hadoop:hadoop-common	CVE-2022-25168	🔥 CRITICAL	3.3.2	2.10.2, 3.2.4, 3.3.3
org.apache.ivy:ivy	CVE-2022-46751	🚨 HIGH	2.5.1	2.5.2
org.apache.mesos:mesos	CVE-2018-1330	🚨 HIGH	1.4.3	1.6.0
org.apache.spark:spark-hive-thriftserver_2.12	CVE-2024-23945	🚨 HIGH	3.3.4	3.4.2
org.apache.thrift:libthrift	CVE-2019-0205	🚨 HIGH	0.12.0	0.13.0
org.apache.thrift:libthrift	CVE-2020-13949	🚨 HIGH	0.12.0	0.14.0
org.apache.zookeeper:zookeeper	CVE-2023-44981	🔥 CRITICAL	3.6.2	3.7.2, 3.8.3, 3.9.1
org.xerial.snappy:snappy-java	CVE-2023-34455	🚨 HIGH	1.1.8.4	1.1.10.1
org.xerial.snappy:snappy-java	CVE-2023-43642	🚨 HIGH	1.1.8.4	1.1.10.4
org.yaml:snakeyaml	CVE-2022-1471	🚨 HIGH	1.31	2.0

🛡️ TRIVY SCAN RESULT 🛡️

Target: Node.js

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: Python

Vulnerabilities (2)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version
Werkzeug	CVE-2024-34069	🚨 HIGH	2.2.3	3.0.3
setuptools	CVE-2024-6345	🚨 HIGH	65.5.1	70.0.0

🛡️ TRIVY SCAN RESULT 🛡️

Target: /etc/ssl/private/ssl-cert-snakeoil.key

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: /home/airflow/.local/lib/python3.10/site-packages/openmetadata_managed_apis-1.6.0.0.dev0.dist-info/METADATA

No Vulnerabilities Found

🛡️ TRIVY SCAN RESULT 🛡️

Target: /home/airflow/openmetadata-airflow-apis/openmetadata_managed_apis.egg-info/PKG-INFO

No Vulnerabilities Found

[github-actions]

Jest test Coverage

UI tests summary

Lines	Statements	Branches	Functions
	63.4% (41481/65426)	39.03% (16543/42382)	42.98% (5017/11673)

[sonarqubecloud]

Quality Gate passed for 'open-metadata-ui'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud