Merge pull request #139 from SwissCovid/develop

SwissCovid · Mar 30, 2022 · de28b6d · de28b6d
2 parents c61bfc7 + 728953d
commit de28b6d
Show file tree

Hide file tree

Showing 26 changed files with 304 additions and 158 deletions.
diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
@@ -10,15 +10,16 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
     - name: Set up JDK 11
-      uses: actions/setup-java@v1
+      uses: actions/setup-java@v3
       with:
         java-version: 11.0.7
         server-id: github # Value of the distributionManagement/repository/id field of the pom.xml
         settings-path: ${{ github.workspace }} # location for the settings.xml file: :  
+        distribution: 'zulu'
     - name: 'Create settings.xml'
-      uses: whelk-io/maven-settings-xml-action@v4
+      uses: whelk-io/maven-settings-xml-action@v20
       with:
         servers: '[{"id": "github", "username": "${{ github.actor }}", "password": "${{ github.token}}"}, {"id": "github-annotation", "username": "${{ github.actor }}", "password": "${{ github.token }}"}]'
         repositories: '[{"id" : "github", "url" : "https://maven.pkg.github.com/Ubique-OSS/springboot-swagger3"}, {"id" : "github-annotation", "url" : "https://maven.pkg.github.com/Ubique-OSS/springboot-swagger3-annotations"}]'

diff --git a/.github/workflows/tagged_release.yaml b/.github/workflows/tagged_release.yaml
@@ -10,17 +10,18 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
     - run: |
         git fetch --no-tags --prune --depth=1 origin +refs/heads/*:refs/remotes/origin/*
     - name: Set up JDK 11
-      uses: actions/setup-java@v1
+      uses: actions/setup-java@v3
       with:
         java-version: 11.0.7
         server-id: github # Value of the distributionManagement/repository/id field of the pom.xml
         settings-path: ${{ github.workspace }} # location for the settings.xml file: :  
+        distribution: 'zulu'
     - name: 'Create settings.xml'
-      uses: whelk-io/maven-settings-xml-action@v4
+      uses: whelk-io/maven-settings-xml-action@v20
       with:
         servers: '[{"id": "github", "username": "${{ github.actor }}", "password": "${{ github.token}}"}, {"id": "github-annotation", "username": "${{ github.actor }}", "password": "${{ github.token }}"}]'
         repositories: '[{"id" : "github", "url" : "https://maven.pkg.github.com/Ubique-OSS/springboot-swagger3"}, {"id" : "github-annotation", "url" : "https://maven.pkg.github.com/Ubique-OSS/springboot-swagger3-annotations"}]'

diff --git a/dpppt-config-backend/pom.xml b/dpppt-config-backend/pom.xml
@@ -23,7 +23,7 @@
     <properties>
         <java-version>11</java-version>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-        <spring-boot-version>2.5.4</spring-boot-version>
+        <spring-boot-version>2.6.4</spring-boot-version>
         <itCoverageAgent></itCoverageAgent>
         <build-helper-maven-plugin.version>1.9.1</build-helper-maven-plugin.version>
     </properties>
@@ -75,33 +75,33 @@
         <dependency>
             <groupId>io.jsonwebtoken</groupId>
             <artifactId>jjwt-api</artifactId>
-            <version>0.11.1</version>
+            <version>0.11.2</version>
         </dependency>
         <dependency>
             <groupId>io.jsonwebtoken</groupId>
             <artifactId>jjwt-root</artifactId>
-            <version>0.11.1</version>
+            <version>0.11.2</version>
             <type>pom</type>
         </dependency>
 
         <dependency>
             <groupId>io.jsonwebtoken</groupId>
             <artifactId>jjwt-jackson</artifactId>
-            <version>0.11.1</version>
+            <version>0.11.2</version>
             <scope>runtime</scope>
         </dependency>
 
         <dependency>
             <groupId>io.jsonwebtoken</groupId>
             <artifactId>jjwt-impl</artifactId>
-            <version>0.11.1</version>
+            <version>0.11.2</version>
             <scope>runtime</scope>
         </dependency>
 
         <dependency>
             <groupId>org.bouncycastle</groupId>
             <artifactId>bcpkix-jdk15on</artifactId>
-            <version>1.65</version>
+            <version>1.70</version>
         </dependency>
         <!-- Test dependencies -->
         <dependency>
@@ -131,7 +131,7 @@
         <dependency>
             <groupId>ch.admin.bag.covidcertificate</groupId>
             <artifactId>cc-backend-logging</artifactId>
-            <version>1.0.0</version>
+            <version>1.0.3</version>
         </dependency>
 
         <dependency>
@@ -251,7 +251,7 @@
             <plugin>
                 <groupId>io.github.zlika</groupId>
                 <artifactId>reproducible-build-maven-plugin</artifactId>
-                <version>0.12</version>
+                <version>0.15</version>
                 <executions>
                     <execution>
                         <id>strip-jaxb</id>
@@ -276,7 +276,7 @@
             <plugin>
                 <groupId>ch.ubique.openapi</groupId>
                 <artifactId>springboot-swagger-3</artifactId>
-                <version>1.3.3</version>
+                <version>1.3.4</version>
                 <configuration>
                     <apiVersion>1.0-gapple</apiVersion>
                     <basePackages>

diff --git a/...nd/src/main/java/org/dpppt/switzerland/backend/sdk/config/ws/config/ActuatorSecurity.java b/...nd/src/main/java/org/dpppt/switzerland/backend/sdk/config/ws/config/ActuatorSecurity.java
@@ -1,25 +1,19 @@
 package org.dpppt.switzerland.backend.sdk.config.ws.config;
 
 import org.dpppt.switzerland.backend.sdk.config.ws.config.configbeans.ActuatorSecurityConfig;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.actuate.health.HealthEndpoint;
 import org.springframework.boot.actuate.info.InfoEndpoint;
 import org.springframework.boot.actuate.logging.LoggersEndpoint;
 import org.springframework.boot.actuate.metrics.export.prometheus.PrometheusScrapeEndpoint;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
-import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
 import org.springframework.core.Ordered;
 import org.springframework.core.annotation.Order;
-import org.springframework.core.env.Environment;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
-import org.springframework.security.crypto.password.PasswordEncoder;
 
 @Configuration
 @Order(Ordered.HIGHEST_PRECEDENCE + 9)
@@ -31,50 +25,8 @@ public class ActuatorSecurity extends WebSecurityConfigurerAdapter {
 
     @Value("${ws.monitor.prometheus.user}")
     private String user;
-
-    @Autowired Environment environment;
-    // region Actuator Passwords
-    // ----------------------------------------------------------------------------------------------------------------------------------
-    @Bean
-    @Profile("cloud-dev")
-    ActuatorSecurityConfig passwordCloudDev() {
-        return new ActuatorSecurityConfig(
-                user,
-                environment.getProperty("vcap.services.ha_prometheus_dev.credentials.password"));
-    }
-
-    @Bean
-    @Profile("cloud-test")
-    ActuatorSecurityConfig passwordCloudTest() {
-        return new ActuatorSecurityConfig(
-                user,
-                environment.getProperty("vcap.services.ha_prometheus_test.credentials.password"));
-    }
-
-    @Bean
-    @Profile("cloud-abn")
-    ActuatorSecurityConfig passwordCloudAbn() {
-        return new ActuatorSecurityConfig(
-                user,
-                environment.getProperty("vcap.services.ha_prometheus_abn.credentials.password"));
-    }
-
-    @Bean
-    @Profile("cloud-prod")
-    ActuatorSecurityConfig passwordProdAbn() {
-        return new ActuatorSecurityConfig(
-                user,
-                environment.getProperty("vcap.services.ha_prometheus_prod.credentials.password"));
-    }
-
-    @Bean
-    @ConditionalOnMissingBean
-    ActuatorSecurityConfig passwordDefault() {
-        return new ActuatorSecurityConfig(
-                user, environment.getProperty("ws.monitor.prometheus.password"));
-    }
-    // ----------------------------------------------------------------------------------------------------------------------------------
-    // endregion
+    @Value("${ws.monitor.prometheus.password}")
+    private String password;
 
     @Override
     protected void configure(HttpSecurity http) throws Exception {
@@ -106,18 +58,15 @@ protected void configure(HttpSecurity http) throws Exception {
         http.csrf().ignoringAntMatchers("/actuator/loggers/**");
     }
 
-    @Autowired
-    protected void configureGlobal(
-            AuthenticationManagerBuilder auth, ActuatorSecurityConfig securityConfig)
+    @Override
+    protected void configure(
+            AuthenticationManagerBuilder auth)
             throws Exception {
         auth.inMemoryAuthentication()
-                .withUser(securityConfig.getUsername())
-                .password(passwordEncoder().encode(securityConfig.getPassword()))
+                .withUser(user)
+                .password(password)
                 .roles(PROMETHEUS_ROLE);
     }
 
-    @Bean
-    public PasswordEncoder passwordEncoder() {
-        return new BCryptPasswordEncoder();
-    }
+
 }
diff --git a/...ackend/src/main/java/org/dpppt/switzerland/backend/sdk/config/ws/config/WSBaseConfig.java b/...ackend/src/main/java/org/dpppt/switzerland/backend/sdk/config/ws/config/WSBaseConfig.java
@@ -89,13 +89,15 @@ public VaccinationInfoHelper vaccinationInfoHelper(Messages messages) {
     public GaenConfigController gaenConfigController(
             Messages messages,
             VaccinationInfoHelper vaccinationInfoHelper,
-            @Value("${ws.vaccination-info.show:false}") boolean showVaccinationInfo) {
+            @Value("${ws.vaccination-info.show:false}") boolean showVaccinationInfo,
+            @Value("${ws.deactivate-app:false}") boolean deactivate) {
         return new GaenConfigController(
                 messages,
                 interOpsCountryCodes,
                 checkInUpdateNotificationEnabled,
                 vaccinationInfoHelper,
-                showVaccinationInfo);
+                showVaccinationInfo,
+                deactivate);
     }
 
     @Bean

diff --git a/...n/java/org/dpppt/switzerland/backend/sdk/config/ws/config/mock/MockForceUpdateConfig.java b/...n/java/org/dpppt/switzerland/backend/sdk/config/ws/config/mock/MockForceUpdateConfig.java
@@ -25,22 +25,25 @@ public class MockForceUpdateConfig {
     public GaenConfigController gaenConfigController(
             Messages messages,
             VaccinationInfoHelper vaccinationInfoHelper,
-            @Value("${ws.vaccination-info.show:false}") boolean showVaccinationInfo) {
-        return new MockForceUpdateController(messages, vaccinationInfoHelper, showVaccinationInfo);
+            @Value("${ws.vaccination-info.show:false}") boolean showVaccinationInfo,
+            @Value("$(ws.deactivate-app:false") boolean deactivate) {
+        return new MockForceUpdateController(messages, vaccinationInfoHelper, showVaccinationInfo, deactivate);
     }
 
     public class MockForceUpdateController extends GaenConfigController {
 
         public MockForceUpdateController(
                 Messages messages,
                 VaccinationInfoHelper vaccinationInfoHelper,
-                boolean showVaccinationInfo) {
+                boolean showVaccinationInfo,
+                boolean deactivate) {
             super(
                     messages,
                     interOpsCountryCodes,
                     false,
                     vaccinationInfoHelper,
-                    showVaccinationInfo);
+                    showVaccinationInfo,
+                    deactivate);
         }
 
         @Override

diff --git a/.../main/java/org/dpppt/switzerland/backend/sdk/config/ws/config/mock/MockInfoBoxConfig.java b/.../main/java/org/dpppt/switzerland/backend/sdk/config/ws/config/mock/MockInfoBoxConfig.java
@@ -26,22 +26,25 @@ public class MockInfoBoxConfig {
     public GaenConfigController gaenConfigController(
             Messages messages,
             VaccinationInfoHelper vaccinationInfoHelper,
-            @Value("${ws.vaccination-info.show:false}") boolean showVaccinationInfo) {
-        return new MockInfoBoxController(messages, vaccinationInfoHelper, showVaccinationInfo);
+            @Value("${ws.vaccination-info.show:false}") boolean showVaccinationInfo,
+            @Value("$(ws.deactivate-app:false") boolean deactivate) {
+        return new MockInfoBoxController(messages, vaccinationInfoHelper, showVaccinationInfo, deactivate);
     }
 
     public class MockInfoBoxController extends GaenConfigController {
 
         public MockInfoBoxController(
                 Messages messages,
                 VaccinationInfoHelper vaccinationInfoHelper,
-                boolean showVaccinationInfo) {
+                boolean showVaccinationInfo,
+                boolean deactivate) {
             super(
                     messages,
                     interOpsCountryCodes,
                     false,
                     vaccinationInfoHelper,
-                    showVaccinationInfo);
+                    showVaccinationInfo,
+                    deactivate);
         }
 
         @Override