diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index a0fa5ee..a0332d6 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -3,8 +3,8 @@
version: 2
updates:
+ # Enable version updates for Gradle
- package-ecosystem: "gradle"
- # Enable version updates for Gradle
# Look for `build.gradle` files in the `root` directory
directory: "/"
target-branch: "dep/dependency_upgrade_staging"
diff --git a/build.gradle b/build.gradle
index 7c08050..4a5e136 100644
--- a/build.gradle
+++ b/build.gradle
@@ -18,8 +18,12 @@ buildscript {
apply from: file('gradle/buildscript.gradle'), to: buildscript
}
+plugins {
+ id "jacoco"
+ id "com.github.spotbugs" version "5.0.13"
+}
+
apply plugin: 'java'
-apply plugin: 'maven'
apply plugin: 'maven-publish'
apply plugin: "com.github.johnrengelman.shadow"
diff --git a/gradle.properties b/gradle.properties
index 07a064b..5084fe9 100644
--- a/gradle.properties
+++ b/gradle.properties
@@ -13,6 +13,6 @@
# See the License for the specific language governing permissions and
# limitations under the License.
#
-version=7.4.10
+version=7.5.0
groupId=com.nike
artifactId=cerberus-client
diff --git a/gradle/buildscript.gradle b/gradle/buildscript.gradle
index 0a8e8fe..1030e20 100644
--- a/gradle/buildscript.gradle
+++ b/gradle/buildscript.gradle
@@ -15,12 +15,10 @@
*/
repositories {
- jcenter()
+ mavenCentral()
}
dependencies {
- classpath "net.saliman:gradle-cobertura-plugin:2.6.1"
- classpath 'org.kt3k.gradle.plugin:coveralls-gradle-plugin:2.6.3'
classpath "com.github.jengelman.gradle.plugins:shadow:4.0.3"
classpath 'org.owasp:dependency-check-gradle:5.3.2'
}
diff --git a/gradle/check.gradle b/gradle/check.gradle
index 8a9cea8..b166cda 100644
--- a/gradle/check.gradle
+++ b/gradle/check.gradle
@@ -14,10 +14,7 @@
* limitations under the License.
*/
-apply plugin: 'findbugs'
apply plugin: 'pmd'
-apply plugin: 'cobertura'
-apply plugin: 'com.github.kt3k.coveralls'
apply plugin: 'org.owasp.dependencycheck'
dependencyCheck {
@@ -26,41 +23,54 @@ dependencyCheck {
failBuildOnCVSS = 11
}
-findbugs {
- ignoreFailures = false
+pmd {
sourceSets = [ project.sourceSets.main ]
- excludeFilter = file("codequality/findbugs.xml")
+ rulesMinimumPriority = 2
+ ignoreFailures = false
}
-pmd {
- sourceSets = [ project.sourceSets.main ]
+test {
+ finalizedBy jacocoTestReport // report is always generated after tests run
}
-tasks.withType(FindBugs) {
+jacocoTestReport {
reports {
- xml.withMessages = true
+ xml.required = false
+ csv.required = false
}
+ dependsOn test // tests are required to run before generating the report
+}
+
+jacoco {
+ toolVersion = "0.8.8"
}
-cobertura {
- // https://github.com/stevesaliman/gradle-cobertura-plugin/blob/master/usage.md
- coverageReportDir = new File("$buildDir/reports/cobertura")
- coverageFormats = ['html', 'xml']
- coverageIgnoreTrivial = true
- coverageExcludes = []
+spotbugs {
+ ignoreFailures = true
+ showStackTraces = false
+ showProgress = true
+ effort = 'default'
+ reportLevel = 'default'
+ reportsDir = file("$buildDir/reports/spotbugs")
+ //visitors = [ 'FindSqlInjection', 'SwitchFallthrough' ]
+ //omitVisitors = [ 'FindNonShortCircuit' ]
+ //includeFilter = file("include.xml")
+ //excludeFilter = file("exclude.xml")
+ //baselineFile = file("baseline.xml")
+ //onlyAnalyze = [ 'com.foobar.MyClass', 'com.foobar.mypkg.*' ]
+ //maxHeapSize = '1g'
+ //extraArgs = [ '-nested:false' ]
+ //jvmArgs = [ '-Duser.language=ja' ]
}
-test.finalizedBy(project.tasks.coberturaReport)
-task findbugsHtml {
- group = "Verification"
- description = "Creates a human readable Findbugs report"
- doLast {
- ant.xslt(in: file("$buildDir/reports/findbugs/main.xml"),
- style: file('codequality/findbugs_default.xsl'),
- out: new File("$buildDir/reports/findbugs/main.html"))
+spotbugsMain {
+ reports {
+ html {
+ required = true
+ outputLocation = file("$buildDir/reports/spotbugs/main/spotbugs.html")
+ //stylesheet = 'fancy-hist.xsl'
+ }
}
}
-findbugsMain.finalizedBy findbugsHtml
tasks.check.dependsOn dependencyCheckAnalyze
-tasks.coveralls.dependsOn check
diff --git a/gradle/dependencies.gradle b/gradle/dependencies.gradle
index c5721df..ad9f81b 100644
--- a/gradle/dependencies.gradle
+++ b/gradle/dependencies.gradle
@@ -15,7 +15,7 @@
*/
repositories {
- jcenter()
+ mavenCentral()
}
def AWS_SDK_VERSION = '1.11.+'
@@ -59,36 +59,35 @@ dependencies {
shadow "org.slf4j:slf4j-api:1.7.25"
shadow "com.google.code.gson:gson:2.5"
- compile "com.squareup.okhttp3:okhttp:${OKHTTP_VERSION}"
- compile "org.apache.commons:commons-lang3:3.4"
- compile "com.google.code.gson:gson:2.5"
- compile "org.slf4j:slf4j-api:1.7.25"
- compile "io.github.resilience4j:resilience4j-all:1.7.1"
- compileOnly "com.google.code.findbugs:jsr305:3.0.2"
- compileOnly 'com.google.code.findbugs:annotations:3.0.1'
+ implementation "com.squareup.okhttp3:okhttp:${OKHTTP_VERSION}"
+ implementation "org.apache.commons:commons-lang3:3.4"
+ implementation "com.google.code.gson:gson:2.5"
+ implementation "org.slf4j:slf4j-api:1.7.25"
+ implementation "io.github.resilience4j:resilience4j-all:1.7.0"
+ testImplementation "com.google.code.findbugs:jsr305:3.0.2"
+ testImplementation 'com.google.code.findbugs:annotations:3.0.1'
- compile "com.amazonaws:aws-java-sdk-core:${AWS_SDK_VERSION}"
- compile "com.amazonaws:aws-java-sdk-sts:${AWS_SDK_VERSION}"
+ implementation "com.amazonaws:aws-java-sdk-core:${AWS_SDK_VERSION}"
+ implementation "com.amazonaws:aws-java-sdk-sts:${AWS_SDK_VERSION}"
- testRuntime 'org.slf4j:slf4j-simple:1.7.25'
- testCompile "junit:junit:4.12"
- testCompile ("org.mockito:mockito-core:1.10.19") {
+ testImplementation 'org.slf4j:slf4j-simple:1.7.25'
+ testImplementation "junit:junit:4.12"
+ testImplementation('org.mockito:mockito-core:3.12.4') {
exclude group: 'org.hamcrest'
}
- testCompile ("org.powermock:powermock-api-mockito:1.6.4") {
+ testImplementation ('org.powermock:powermock-api-mockito2:2.0.9') {
exclude group: 'org.hamcrest'
}
- testCompile ("org.powermock:powermock-module-junit4:1.6.4") {
+ testImplementation ('org.powermock:powermock-module-junit4:2.0.9') {
exclude group: 'org.hamcrest'
}
- testCompile "org.assertj:assertj-core:2.3.0"
- testCompile "com.squareup.okhttp3:mockwebserver:${OKHTTP_VERSION}"
- testCompile "commons-io:commons-io:2.4"
- testCompile group: 'com.tngtech.java', name: 'junit-dataprovider', version: '1.10.0'
+ testImplementation "org.assertj:assertj-core:2.3.0"
+ testImplementation "com.squareup.okhttp3:mockwebserver:${OKHTTP_VERSION}"
+ testImplementation "commons-io:commons-io:2.4"
+ testImplementation group: 'com.tngtech.java', name: 'junit-dataprovider', version: '1.10.0'
}
shadowJar {
- classifier = ''
dependencies {
// exclude these from the shadow jar
project.configurations.shadow.each {
diff --git a/gradle/integration.gradle b/gradle/integration.gradle
index a8a7246..d540fa3 100644
--- a/gradle/integration.gradle
+++ b/gradle/integration.gradle
@@ -23,14 +23,12 @@ sourceSets {
task integration(type: Test, description: 'Runs integration tests') {
testClassesDirs = sourceSets.integration.output.classesDirs
- classpath = sourceSets.integration.runtimeClasspath
+ classpath += sourceSets.integration.runtimeClasspath
}
dependencies {
- integrationCompile sourceSets.main.output
- integrationCompile configurations.testCompile
- integrationCompile sourceSets.test.output
- integrationCompile 'com.fieldju:commons:1.1.0'
-
- integrationRuntime configurations.testRuntime
-}
\ No newline at end of file
+ integrationCompileClasspath sourceSets.main.output
+ integrationCompileClasspath configurations.testImplementation
+ integrationCompileClasspath sourceSets.test.output
+ integrationCompileClasspath configurations.testImplementation
+}
diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
index 574c1a8..5d252ef 100644
--- a/gradle/wrapper/gradle-wrapper.properties
+++ b/gradle/wrapper/gradle-wrapper.properties
@@ -17,6 +17,6 @@
#Mon Aug 29 15:51:55 PDT 2016
distributionBase=GRADLE_USER_HOME
distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-4.8.1-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-7.5.1-bin.zip
zipStoreBase=GRADLE_USER_HOME
zipStorePath=wrapper/dists
diff --git a/src/integration/java/com/nike/cerberus/client/auth/aws/CerberusClientTest.java b/src/integration/java/com/nike/cerberus/client/auth/aws/CerberusClientTest.java
index 95f6879..591a18c 100644
--- a/src/integration/java/com/nike/cerberus/client/auth/aws/CerberusClientTest.java
+++ b/src/integration/java/com/nike/cerberus/client/auth/aws/CerberusClientTest.java
@@ -16,10 +16,9 @@
package com.nike.cerberus.client.auth.aws;
-import com.fieldju.commons.EnvUtils;
+import com.zookit.commons.EnvUtils;
import com.nike.cerberus.client.CerberusClient;
import com.nike.cerberus.client.CerberusServerApiException;
-import com.nike.cerberus.client.CerberusServerException;
import com.nike.cerberus.client.model.CerberusListFilesResponse;
import com.nike.cerberus.client.model.CerberusListResponse;
import com.nike.cerberus.client.model.CerberusResponse;
diff --git a/src/integration/java/com/nike/cerberus/client/auth/aws/StsAuthCerberusClientTest.java b/src/integration/java/com/nike/cerberus/client/auth/aws/StsAuthCerberusClientTest.java
index ce973bd..959adfd 100644
--- a/src/integration/java/com/nike/cerberus/client/auth/aws/StsAuthCerberusClientTest.java
+++ b/src/integration/java/com/nike/cerberus/client/auth/aws/StsAuthCerberusClientTest.java
@@ -16,7 +16,7 @@
package com.nike.cerberus.client.auth.aws;
-import com.fieldju.commons.EnvUtils;
+import com.zookit.commons.EnvUtils;
import com.nike.cerberus.client.auth.CerberusCredentials;
import org.apache.commons.lang3.StringUtils;
import org.junit.Before;
diff --git a/src/integration/java/com/zookit/commons/EnvUtils.java b/src/integration/java/com/zookit/commons/EnvUtils.java
new file mode 100644
index 0000000..3297ea5
--- /dev/null
+++ b/src/integration/java/com/zookit/commons/EnvUtils.java
@@ -0,0 +1,60 @@
+package com.zookit.commons;
+
+import org.apache.commons.lang3.StringUtils;
+
+/**
+ * Environment Utilities
+ * From a trimmed version of com.fieldju.commons.EnvUtils
+ * https://github.com/fieldju
+ */
+public class EnvUtils {
+
+ /**
+ * Fetches a required environment variable
+ *
+ * @throws IllegalStateException if the required environment variable is unset or blank
+ * @param key the name of the required environment variable
+ * @return {@code String} the value of the environment variable
+ */
+ public static String getRequiredEnv(String key) {
+ return getRequiredEnv(key, null);
+ }
+
+ /**
+ * Fetches a required environment variable
+ *
+ * @throws IllegalStateException if the required environment variable is unset or blank
+ * @param key the name of the required environment variable
+ * @param msg the message to include of the environment variable is unset or blank
+ * @return {@code String} the value of the environment variable
+ */
+ public static String getRequiredEnv(String key, String msg) {
+ String value = System.getenv(key);
+ if (StringUtils.isBlank(value)) {
+ StringBuilder sb = new StringBuilder("The required environment variable ")
+ .append(key)
+ .append(" was not set or is blank.");
+
+ if (StringUtils.isNotBlank(msg)) {
+ sb.append(" Msg: ").append(msg);
+ }
+
+ throw new IllegalStateException(sb.toString());
+ }
+ return value;
+ }
+
+ /**
+ * Fetches a required environment variable
+ *
+ * @throws IllegalStateException if the required environment variable is unset or blank
+ * @param key the name of the environment variable to attempt to fetch
+ * @param defaultValue the default value to use if the environment variable is unset or empty
+ * @return {@code String} the value of the environment variable or the default, if the environment variable is unset or empty.
+ */
+ public static String getEnvWithDefault(String key, String defaultValue) {
+ String value = System.getenv(key);
+ return StringUtils.isNotBlank(value) ? value : defaultValue;
+ }
+
+}
diff --git a/src/main/java/com/nike/cerberus/client/CerberusApiError.java b/src/main/java/com/nike/cerberus/client/CerberusApiError.java
index 774923a..c4b5662 100644
--- a/src/main/java/com/nike/cerberus/client/CerberusApiError.java
+++ b/src/main/java/com/nike/cerberus/client/CerberusApiError.java
@@ -15,18 +15,28 @@
*/
package com.nike.cerberus.client;
-
-import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
-
public class CerberusApiError {
private int code;
private String message;
+ /**
+ * Dummy constructor. This shouldn't be necessary because,
+ * let's face it, this whole durned class is unnecessary.
+ * We need to get rid of this class entirely but that's a
+ * task fo a different day. #codingwhiledrunk
+ * @param code
+ * @param message
+ */
+ public CerberusApiError(int code, String message)
+ {
+ this.code = code;
+ this.message = message;
+ }
+
public int getCode() {
return code;
}
- @SuppressFBWarnings("UWF_UNWRITTEN_FIELD")
public String getMessage() {
return message;
}
diff --git a/src/main/java/com/nike/cerberus/client/CerberusClient.java b/src/main/java/com/nike/cerberus/client/CerberusClient.java
index 3fe73db..d176105 100644
--- a/src/main/java/com/nike/cerberus/client/CerberusClient.java
+++ b/src/main/java/com/nike/cerberus/client/CerberusClient.java
@@ -109,7 +109,7 @@ public class CerberusClient {
(JsonDeserializer) (json, typeOfT, context) -> new DateTime(json.getAsString()))
.create();
- private final Logger logger = LoggerFactory.getLogger(getClass());
+ private static final Logger LOGGER = LoggerFactory.getLogger(CerberusClient.class);
public CerberusClient(final String cerberusUrl,
final CerberusCredentialsProvider credentialsProvider,
@@ -182,7 +182,7 @@ public CerberusClient(final String cerberusUrl,
public CerberusListResponse list(final String path) {
final HttpUrl httpUrl = buildUrl(SECRET_PATH_PREFIX, path + "?list=true");
- logger.debug("list: requestUrl={}", httpUrl);
+ LOGGER.debug("list: requestUrl={}", httpUrl);
final Response response = ofSupplier(
() -> execute(httpUrl, HttpMethod.GET, null)
@@ -239,7 +239,7 @@ public CerberusListFilesResponse listFiles(final String path) {
public CerberusListFilesResponse listFiles(final String path, Integer limit, Integer offset) {
final HttpUrl httpUrl = buildUrl("v1/secure-files/", path, limit, offset);
- logger.debug("list: requestUrl={}, limit={}, offset={}", httpUrl, limit, offset);
+ LOGGER.debug("list: requestUrl={}, limit={}, offset={}", httpUrl, limit, offset);
final Response response = ofSupplier(
() -> execute(httpUrl, HttpMethod.GET, null)
)
@@ -304,7 +304,7 @@ public void write(final String path, final Map data) {
public void writeFile(final String path, final byte[] contents) {
final String fileName = StringUtils.substringAfterLast(path, "/");
final HttpUrl httpUrl = buildUrl(SECURE_FILE_PATH_PREFIX, path);
- logger.debug("write: requestUrl={}", httpUrl);
+ LOGGER.debug("write: requestUrl={}", httpUrl);
RequestBody requestBody = new MultipartBody.Builder()
.setType(MultipartBody.FORM)
@@ -590,7 +590,7 @@ protected M buildAndExecuteRequest(final String prefix, final String path, f
private Response buildAndExecuteRequest(final String prefix, final String path, final String httpMethod, Object requestBody) {
final HttpUrl httpUrl = buildUrl(prefix, path);
- logger.debug("requestUrl={}, HTTP method={}", httpUrl, httpMethod);
+ LOGGER.debug("requestUrl={}, HTTP method={}", httpUrl, httpMethod);
final Response response = ofSupplier(
() -> execute(httpUrl, httpMethod, requestBody)
@@ -688,7 +688,7 @@ protected M parseResponseBody(final Response response, final Class respon
try {
return gson.fromJson(responseBodyStr, responseClass);
} catch (JsonSyntaxException e) {
- logger.error("parseResponseBody: responseCode={}, requestUrl={}, response={}",
+ LOGGER.error("parseResponseBody: responseCode={}, requestUrl={}, response={}",
response.code(), response.request().url(), responseBodyStr);
throw new CerberusClientException("Error parsing the response body from Cerberus, response code: "
+ response.code() + ", response body: " + responseBodyStr, e);
@@ -708,7 +708,7 @@ protected M parseResponseBody(final Response response, final Type typeOf) {
try {
return gson.fromJson(responseBodyStr, typeOf);
} catch (JsonSyntaxException e) {
- logger.error("parseResponseBody: responseCode={}, requestUrl={}, response={}",
+ LOGGER.error("parseResponseBody: responseCode={}, requestUrl={}, response={}",
response.code(), response.request().url(), responseBodyStr);
throw new CerberusClientException("Error parsing the response body from Cerberus, response code: "
+ response.code() + ", response body: " + responseBodyStr, e);
@@ -722,7 +722,7 @@ protected M parseResponseBody(final Response response, final Type typeOf) {
*/
protected void parseAndThrowErrorResponse(final Response response) {
final String responseBodyStr = responseBodyAsString(response);
- logger.debug("parseAndThrowErrorResponse: responseCode={}, requestUrl={}, response={}",
+ LOGGER.debug("parseAndThrowErrorResponse: responseCode={}, requestUrl={}, response={}",
response.code(), response.request().url(), responseBodyStr);
try {
@@ -734,7 +734,7 @@ protected void parseAndThrowErrorResponse(final Response response) {
throw new CerberusServerException(response.code(), new LinkedList());
}
} catch (JsonSyntaxException e) {
- logger.error("ERROR Failed to parse error message, response body received: {}", responseBodyStr);
+ LOGGER.error("ERROR Failed to parse error message, response body received: {}", responseBodyStr);
throw new CerberusClientException("Error parsing the error response body from Cerberus, response code: "
+ response.code() + ", response body: " + responseBodyStr, e);
}
@@ -747,7 +747,7 @@ protected void parseAndThrowErrorResponse(final Response response) {
*/
protected void parseAndThrowApiErrorResponse(final Response response) {
final String responseBodyStr = responseBodyAsString(response);
- logger.debug("parseAndThrowApiErrorResponse: responseCode={}, requestUrl={}, response={}",
+ LOGGER.debug("parseAndThrowApiErrorResponse: responseCode={}, requestUrl={}, response={}",
response.code(), response.request().url(), responseBodyStr);
try {
@@ -759,7 +759,7 @@ protected void parseAndThrowApiErrorResponse(final Response response) {
throw new CerberusServerApiException(response.code(), null, new LinkedList());
}
} catch (JsonSyntaxException e) {
- logger.error("ERROR Failed to parse error message, response body received: {}", responseBodyStr);
+ LOGGER.error("ERROR Failed to parse error message, response body received: {}", responseBodyStr);
throw new CerberusClientException("Error parsing the error response body from Cerberus, response code: "
+ response.code() + ", response body: " + responseBodyStr, e);
}
@@ -796,7 +796,7 @@ protected String responseBodyAsString(Response response) {
try {
return response.body().string();
} catch (IOException ioe) {
- logger.debug("responseBodyAsString: response={}", gson.toJson(response));
+ LOGGER.debug("responseBodyAsString: response={}", gson.toJson(response));
return "ERROR failed to print response body as str: " + ioe.getMessage();
}
}
@@ -805,7 +805,7 @@ protected byte[] responseBodyAsBytes(Response response) {
try {
return response.body().bytes();
} catch (IOException ioe) {
- logger.debug("responseBodyAsString: response={}", gson.toJson(response));
+ LOGGER.debug("responseBodyAsString: response={}", gson.toJson(response));
throw new CerberusClientException("ERROR failed to print: " + response.toString());
}
}
diff --git a/src/main/java/com/nike/cerberus/client/auth/aws/BaseAwsCredentialsProvider.java b/src/main/java/com/nike/cerberus/client/auth/aws/BaseAwsCredentialsProvider.java
index 96ecc7c..7e06d56 100644
--- a/src/main/java/com/nike/cerberus/client/auth/aws/BaseAwsCredentialsProvider.java
+++ b/src/main/java/com/nike/cerberus/client/auth/aws/BaseAwsCredentialsProvider.java
@@ -22,6 +22,7 @@
import com.nike.cerberus.client.auth.CerberusCredentialsProvider;
import com.nike.cerberus.client.auth.TokenCerberusCredentials;
import okhttp3.*;
+import org.apache.commons.lang3.NotImplementedException;
import org.joda.time.DateTime;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -43,7 +44,7 @@
* provisioned for usage of Cerberus, it will succeed and have a token that can be
* used to interact with Cerberus.
*/
-public abstract class BaseAwsCredentialsProvider implements CerberusCredentialsProvider {
+public class BaseAwsCredentialsProvider implements CerberusCredentialsProvider {
public static final MediaType DEFAULT_MEDIA_TYPE = MediaType.parse("application/json; charset=utf-8");
@@ -159,7 +160,10 @@ public CerberusCredentials getCredentials() {
* Look up the IAM roles associated with the given AWS credentials provider
* and attempt to authenticate and decrypt using STS Auth.
*/
- abstract protected void authenticate();
+ protected void authenticate()
+ {
+ throw new NotImplementedException("method authenticate must be overridden");
+ }
/**
* Executes an HTTP request and retries if a 500 level error is returned
@@ -213,7 +217,7 @@ public String getCerberusUrl(){
return cerberusUrl;
}
- public OkHttpClient createHttpClient() {
+ public final OkHttpClient createHttpClient() {
List connectionSpecs = new ArrayList<>();
connectionSpecs.add(TLS_1_2_OR_NEWER);