[#1383] Spring Boot 3 migration Step 2 (#1559)

* [#1383] Spring Boot 3 migration Step 2

Some of the steps:

1. Change spring version parent and versions in root pom.xml
2. update eclipselink versions
3. javax.annotation -> jakarta.annotation (*.java)
4. javax.persistence -> jakarta.persistence (*.java)
5. javax.servlet -> jakarta.servlet (*.java, pom.xml)
6. javax.validation:validation-api -> jakarta.validation:jakarta.validation-api (pom.xml)
7. javax.validation -> jakarta.validation (*.java)
8. javax.transaction -> jakarta.transaction (*.java)
9. replace spring-cloud-stream-binder-test (hawkbit-repository-test) with
```
<dependency>
   <groupId>org.springframework.cloud</groupId>
   <artifactId>spring-cloud-stream-test-binder</artifactId>
</dependency>
```
, TestSupportBinderAutoConfiguration.class }) -> })
@import(TestChannelBinderConfiguration.class)
10. Set to Simple UI standard parent
11. requestMatchers to securityMatcher
12. @SpringBootApplication(scanBasePackages = "org.eclipse.hawkbit") (otherwise for instance flyway doesn't work - suffix is default ".sql", not H2.sql and don't differentiate dbs? strange is there a change?)
13. @nonempty for Long leads to validation exception - replaced with @NotNull
14. RSQLUtilityTest.correctRsqlBuildsPredicate - fixed - mock query builder add method
15. https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-3.0-Migration-Guide#spring-mvc-and-webflux-url-matching-changes - aliases as targers/ return 404 - remove trailing slash
16. firewall tests (allowedHostNameWithNotAllowedHost) doesn't throw 'rejected exception' but return 400 instead (as probably is expected anyway)

Signed-off-by: Marinov Avgustin <[email protected]

* Fix tenant listing to do not mix with multitenancy

Tenant metadata is not multitenancy aware while depend on distribution set type
which is. Thus querying all tenant metadata (in non tenant context) sometimes leads to
resolution of distribution set type which is tenant scoped and leads to problems.

So, now listing tenant lists just their ids - not fill entities.

Signed-off-by: Marinov Avgustin <[email protected]>

---------

Signed-off-by: Marinov Avgustin <[email protected]
Signed-off-by: Marinov Avgustin <[email protected]>

hawkbit-artifact-repository-filesystem/src/main/java/org/eclipse/hawkbit/artifact/repository/ArtifactFilesystem.java

@@ -16,7 +16,7 @@
 import java.io.InputStream;
 import java.util.Objects;
 
-import javax.validation.constraints.NotNull;
+import jakarta.validation.constraints.NotNull;
 
 import org.eclipse.hawkbit.artifact.repository.model.AbstractDbArtifact;
 import org.eclipse.hawkbit.artifact.repository.model.DbArtifactHash;

hawkbit-autoconfigure/pom.xml

@@ -87,8 +87,8 @@
          <optional>true</optional>
       </dependency>
       <dependency>
-        <groupId>javax.servlet</groupId>
-        <artifactId>javax.servlet-api</artifactId>
+        <groupId>jakarta.servlet</groupId>
+        <artifactId>jakarta.servlet-api</artifactId>
         <scope>provided</scope>
       </dependency>     
    </dependencies>

hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/security/OidcUserManagementAutoConfiguration.java

@@ -16,14 +16,14 @@
 import java.util.Map;
 import java.util.Set;
 
-import javax.servlet.Filter;
-import javax.servlet.FilterChain;
-import javax.servlet.FilterConfig;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.Filter;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.FilterConfig;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.ServletRequest;
+import jakarta.servlet.ServletResponse;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 
 import org.eclipse.hawkbit.im.authentication.TenantAwareAuthenticationDetails;
 import org.eclipse.hawkbit.im.authentication.UserAuthenticationFilter;

hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/security/SecurityManagedConfiguration.java

@@ -14,13 +14,13 @@
 import java.util.Collections;
 import java.util.List;
 
-import javax.servlet.Filter;
-import javax.servlet.FilterChain;
-import javax.servlet.FilterConfig;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletRequest;
+import jakarta.servlet.Filter;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.FilterConfig;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.ServletRequest;
+import jakarta.servlet.ServletResponse;
+import jakarta.servlet.http.HttpServletRequest;
 
 import org.eclipse.hawkbit.cache.DownloadIdCache;
 import org.eclipse.hawkbit.ddi.rest.api.DdiRestConstants;
@@ -197,7 +197,7 @@ protected SecurityFilterChain filterChainDDI(final HttpSecurity http) throws Exc
             final AuthenticationManager authenticationManager = setAuthenticationManager(http, ddiSecurityConfiguration);
 
             http
-                    .requestMatchers(requestMatchers -> requestMatchers.antMatchers(DDI_ANT_MATCHERS))
+                    .securityMatcher(DDI_ANT_MATCHERS)
                     .csrf(AbstractHttpConfigurer::disable);
 
             if (securityProperties.isRequireSsl()) {
@@ -315,7 +315,7 @@ protected SecurityFilterChain filterChainDDIDL(final HttpSecurity http) throws E
             final AuthenticationManager authenticationManager = setAuthenticationManager(http, ddiSecurityConfiguration);
 
             http
-                    .requestMatcher(new AntPathRequestMatcher(DDI_DL_ANT_MATCHER))
+                    .securityMatcher(DDI_DL_ANT_MATCHER)
                     .csrf(AbstractHttpConfigurer::disable);
 
             if (securityProperties.isRequireSsl()) {
@@ -436,7 +436,7 @@ protected SecurityFilterChain filterChainDLID(
             downloadIdAuthenticationFilter.setAuthenticationManager(authenticationManager);
 
             http
-                    .requestMatcher(new AntPathRequestMatcher("/**/downloadId/**"))
+                    .securityMatcher(MgmtRestConstants.DOWNLOAD_ID_V1_REQUEST_MAPPING_BASE + "/downloadId/*/*")
                     .authorizeHttpRequests(armrRepository -> armrRepository.anyRequest().authenticated())
                     .csrf(AbstractHttpConfigurer::disable)
                     .anonymous(AbstractHttpConfigurer::disable)
@@ -495,11 +495,11 @@ SecurityFilterChain filterChainREST(
                 final SystemSecurityContext systemSecurityContext)
                 throws Exception {
             http
-                    .requestMatchers(requestMatchers -> requestMatchers.antMatchers("/rest/**", MgmtRestConstants.BASE_SYSTEM_MAPPING + "/admin/**"))
+                    .securityMatcher("/rest/**", MgmtRestConstants.BASE_SYSTEM_MAPPING + "/admin/**")
                     .csrf(AbstractHttpConfigurer::disable)
                     .authorizeHttpRequests(amrmRegistry ->
                             amrmRegistry
-                                    .antMatchers(MgmtRestConstants.BASE_SYSTEM_MAPPING + "/admin/**")
+                                    .requestMatchers(MgmtRestConstants.BASE_SYSTEM_MAPPING + "/admin/**")
                                         .hasAnyAuthority(SpPermission.SYSTEM_ADMIN)
                                     .anyRequest()
                                         .authenticated())

hawkbit-core/pom.xml

@@ -30,8 +30,8 @@
          <artifactId>slf4j-api</artifactId>
       </dependency>
       <dependency>
-         <groupId>javax.validation</groupId>
-         <artifactId>validation-api</artifactId>
+         <groupId>jakarta.validation</groupId>
+         <artifactId>jakarta.validation-api</artifactId>
       </dependency>
       <dependency>
          <groupId>com.google.guava</groupId>

hawkbit-core/src/main/java/org/eclipse/hawkbit/artifact/repository/ArtifactRepository.java

@@ -11,8 +11,8 @@
 
 import java.io.InputStream;
 
-import javax.validation.constraints.NotEmpty;
-import javax.validation.constraints.NotNull;
+import jakarta.validation.constraints.NotEmpty;
+import jakarta.validation.constraints.NotNull;
 
 import org.eclipse.hawkbit.artifact.repository.model.AbstractDbArtifact;
 import org.eclipse.hawkbit.artifact.repository.model.DbArtifactHash;

hawkbit-dmf/hawkbit-dmf-amqp/src/main/java/org/eclipse/hawkbit/amqp/AmqpControllerAuthentication.java

@@ -11,7 +11,7 @@
 
 import java.util.List;
 
-import javax.annotation.PostConstruct;
+import jakarta.annotation.PostConstruct;
 
 import org.eclipse.hawkbit.im.authentication.TenantAwareAuthenticationDetails;
 import org.eclipse.hawkbit.repository.ControllerManagement;

hawkbit-dmf/hawkbit-dmf-amqp/src/main/java/org/eclipse/hawkbit/amqp/AmqpMessageSenderService.java

@@ -11,7 +11,7 @@
 
 import java.net.URI;
 
-import javax.validation.constraints.NotNull;
+import jakarta.validation.constraints.NotNull;
 
 import org.springframework.amqp.core.Message;
 

hawkbit-dmf/hawkbit-dmf-amqp/src/main/java/org/eclipse/hawkbit/amqp/BaseAmqpService.java

@@ -11,7 +11,7 @@
 
 import java.util.Map;
 
-import javax.validation.constraints.NotNull;
+import jakarta.validation.constraints.NotNull;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

hawkbit-dmf/hawkbit-dmf-amqp/src/main/java/org/eclipse/hawkbit/amqp/DelayedRequeueExceptionStrategy.java

@@ -11,7 +11,7 @@
 
 import java.util.concurrent.TimeUnit;
 
-import javax.validation.ConstraintViolationException;
+import jakarta.validation.ConstraintViolationException;
 
 import org.eclipse.hawkbit.repository.exception.CancelActionNotAllowedException;
 import org.eclipse.hawkbit.repository.exception.EntityNotFoundException;

hawkbit-dmf/hawkbit-dmf-amqp/src/main/java/org/eclipse/hawkbit/amqp/DelegatingConditionalErrorHandler.java

@@ -10,7 +10,7 @@
 package org.eclipse.hawkbit.amqp;
 
 import java.util.List;
-import javax.validation.constraints.NotNull;
+import jakarta.validation.constraints.NotNull;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

hawkbit-dmf/hawkbit-dmf-amqp/src/test/java/org/eclipse/hawkbit/integration/AbstractAmqpServiceIntegrationTest.java

@@ -58,7 +58,8 @@
 import org.springframework.amqp.core.MessageProperties;
 import org.springframework.amqp.rabbit.test.RabbitListenerTestHarness;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.cloud.stream.test.binder.TestSupportBinderAutoConfiguration;
+import org.springframework.cloud.stream.binder.test.TestChannelBinderConfiguration;
+import org.springframework.context.annotation.Import;
 import org.springframework.test.context.ContextConfiguration;
 import org.springframework.util.CollectionUtils;
 
@@ -72,8 +73,8 @@
  * {@link AmqpMessageDispatcherServiceIntegrationTest}.
  */
 @ContextConfiguration(classes = { DmfApiConfiguration.class, DmfTestConfiguration.class,
-        RepositoryApplicationConfiguration.class, AmqpTestConfiguration.class, TestConfiguration.class,
-        TestSupportBinderAutoConfiguration.class })
+        RepositoryApplicationConfiguration.class, AmqpTestConfiguration.class })
+@Import(TestChannelBinderConfiguration.class)
 public abstract class AbstractAmqpServiceIntegrationTest extends AbstractAmqpIntegrationTest {
 
     protected static final String TENANT_EXIST = "DEFAULT";

hawkbit-dmf/hawkbit-dmf-rabbitmq-test/src/main/java/org/eclipse/hawkbit/rabbitmq/test/AbstractAmqpIntegrationTest.java

@@ -29,14 +29,16 @@
 import org.springframework.amqp.rabbit.junit.RabbitAvailable;
 import org.springframework.amqp.support.converter.Jackson2JsonMessageConverter;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.cloud.stream.test.binder.TestSupportBinderAutoConfiguration;
+import org.springframework.cloud.stream.binder.test.TestChannelBinderConfiguration;
+import org.springframework.context.annotation.Import;
 import org.springframework.test.annotation.DirtiesContext;
 import org.springframework.test.annotation.DirtiesContext.ClassMode;
 import org.springframework.test.context.ContextConfiguration;
 
 @RabbitAvailable
 @ContextConfiguration(classes = { RepositoryApplicationConfiguration.class, AmqpTestConfiguration.class,
-        TestConfiguration.class, TestSupportBinderAutoConfiguration.class })
+        TestConfiguration.class})
+@Import(TestChannelBinderConfiguration.class)
 // Dirty context is necessary to create a new vhost and recreate all necessary
 // beans after every test class.
 @DirtiesContext(classMode = ClassMode.AFTER_CLASS)

hawkbit-dmf/hawkbit-dmf-rabbitmq-test/src/main/java/org/eclipse/hawkbit/rabbitmq/test/RabbitMqSetupService.java

@@ -14,7 +14,7 @@
 import java.net.URL;
 import java.util.UUID;
 
-import javax.annotation.PreDestroy;
+import jakarta.annotation.PreDestroy;
 
 import org.springframework.amqp.rabbit.connection.CachingConnectionFactory;
 import org.springframework.amqp.rabbit.connection.ConnectionFactory;

hawkbit-http-security/pom.xml

@@ -37,8 +37,8 @@
          <version>${project.version}</version>
       </dependency>
       <dependency>
-         <groupId>javax.servlet</groupId>
-         <artifactId>javax.servlet-api</artifactId>
+         <groupId>jakarta.servlet</groupId>
+         <artifactId>jakarta.servlet-api</artifactId>
          <scope>provided</scope>
       </dependency>      
       <dependency>

hawkbit-http-security/src/main/java/org/eclipse/hawkbit/security/AbstractHttpControllerAuthenticationFilter.java

@@ -15,12 +15,12 @@
 import java.util.Collections;
 import java.util.Map;
 
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.ServletRequest;
+import jakarta.servlet.ServletResponse;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 
 import org.eclipse.hawkbit.repository.TenantConfigurationManagement;
 import org.eclipse.hawkbit.security.DmfTenantSecurityToken.FileResource;

hawkbit-http-security/src/main/java/org/eclipse/hawkbit/security/ControllerTenantAwareAuthenticationDetailsSource.java

@@ -11,7 +11,7 @@
 
 import java.util.Map;
 
-import javax.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletRequest;
 
 import org.eclipse.hawkbit.im.authentication.TenantAwareAuthenticationDetails;
 import org.eclipse.hawkbit.util.UrlUtils;

hawkbit-http-security/src/main/java/org/eclipse/hawkbit/security/DosFilter.java

@@ -15,10 +15,10 @@
 import java.util.concurrent.atomic.AtomicInteger;
 import java.util.regex.Pattern;
 
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 
 import org.eclipse.hawkbit.util.IpUtil;
 import org.slf4j.Logger;

hawkbit-http-security/src/main/java/org/eclipse/hawkbit/security/HttpDownloadAuthenticationFilter.java

@@ -12,7 +12,7 @@
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 
-import javax.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletRequest;
 
 import org.eclipse.hawkbit.cache.DownloadIdCache;
 import org.slf4j.Logger;

hawkbit-repository/hawkbit-repository-api/pom.xml

@@ -31,8 +31,8 @@
          <artifactId>jackson-annotations</artifactId>
       </dependency>
       <dependency>
-         <groupId>javax.validation</groupId>
-         <artifactId>validation-api</artifactId>
+         <groupId>jakarta.validation</groupId>
+         <artifactId>jakarta.validation-api</artifactId>
       </dependency>
       <dependency>
          <groupId>org.springframework.hateoas</groupId>

hawkbit-repository/hawkbit-repository-api/src/main/java/org/eclipse/hawkbit/repository/ArtifactManagement.java

@@ -11,10 +11,10 @@
 
 import java.util.Optional;
 
-import javax.validation.ConstraintViolationException;
-import javax.validation.Valid;
-import javax.validation.constraints.NotEmpty;
-import javax.validation.constraints.NotNull;
+import jakarta.validation.ConstraintViolationException;
+import jakarta.validation.Valid;
+import jakarta.validation.constraints.NotEmpty;
+import jakarta.validation.constraints.NotNull;
 
 import org.eclipse.hawkbit.artifact.repository.model.DbArtifact;
 import org.eclipse.hawkbit.im.authentication.SpPermission.SpringEvalExpressions;

hawkbit-repository/hawkbit-repository-api/src/main/java/org/eclipse/hawkbit/repository/ConfirmationManagement.java

@@ -15,7 +15,7 @@
 import org.eclipse.hawkbit.tenancy.TenantAware;
 import org.springframework.security.access.prepost.PreAuthorize;
 
-import javax.validation.constraints.NotEmpty;
+import jakarta.validation.constraints.NotEmpty;
 import java.util.Collection;
 import java.util.List;
 import java.util.Optional;

hawkbit-repository/hawkbit-repository-api/src/main/java/org/eclipse/hawkbit/repository/ControllerManagement.java

@@ -15,10 +15,10 @@
 import java.util.Map;
 import java.util.Optional;
 
-import javax.validation.ConstraintViolationException;
-import javax.validation.Valid;
-import javax.validation.constraints.NotEmpty;
-import javax.validation.constraints.NotNull;
+import jakarta.validation.ConstraintViolationException;
+import jakarta.validation.Valid;
+import jakarta.validation.constraints.NotEmpty;
+import jakarta.validation.constraints.NotNull;
 
 import org.eclipse.hawkbit.im.authentication.SpPermission.SpringEvalExpressions;
 import org.eclipse.hawkbit.repository.builder.ActionStatusCreate;

hawkbit-repository/hawkbit-repository-api/src/main/java/org/eclipse/hawkbit/repository/DeploymentManagement.java

@@ -15,9 +15,9 @@
 import java.util.Optional;
 import java.util.Set;
 
-import javax.validation.Valid;
-import javax.validation.constraints.NotEmpty;
-import javax.validation.constraints.NotNull;
+import jakarta.validation.Valid;
+import jakarta.validation.constraints.NotEmpty;
+import jakarta.validation.constraints.NotNull;
 
 import org.eclipse.hawkbit.im.authentication.SpPermission.SpringEvalExpressions;
 import org.eclipse.hawkbit.repository.event.remote.TargetAssignDistributionSetEvent;

hawkbit-repository/hawkbit-repository-api/src/main/java/org/eclipse/hawkbit/repository/DistributionSetManagement.java

@@ -13,8 +13,8 @@
 import java.util.List;
 import java.util.Optional;
 
-import javax.validation.constraints.NotEmpty;
-import javax.validation.constraints.NotNull;
+import jakarta.validation.constraints.NotEmpty;
+import jakarta.validation.constraints.NotNull;
 
 import org.eclipse.hawkbit.im.authentication.SpPermission.SpringEvalExpressions;
 import org.eclipse.hawkbit.repository.builder.DistributionSetCreate;

hawkbit-repository/hawkbit-repository-api/src/main/java/org/eclipse/hawkbit/repository/DistributionSetTagManagement.java

@@ -11,8 +11,8 @@
 
 import java.util.Optional;
 
-import javax.validation.constraints.NotEmpty;
-import javax.validation.constraints.NotNull;
+import jakarta.validation.constraints.NotEmpty;
+import jakarta.validation.constraints.NotNull;
 
 import org.eclipse.hawkbit.im.authentication.SpPermission.SpringEvalExpressions;
 import org.eclipse.hawkbit.repository.builder.TagCreate;

hawkbit-repository/hawkbit-repository-api/src/main/java/org/eclipse/hawkbit/repository/DistributionSetTypeManagement.java

@@ -12,7 +12,7 @@
 import java.util.Collection;
 import java.util.Optional;
 
-import javax.validation.constraints.NotEmpty;
+import jakarta.validation.constraints.NotEmpty;
 
 import org.eclipse.hawkbit.im.authentication.SpPermission.SpringEvalExpressions;
 import org.eclipse.hawkbit.repository.builder.DistributionSetTypeCreate;

hawkbit-repository/hawkbit-repository-api/src/main/java/org/eclipse/hawkbit/repository/EntityFactory.java

@@ -9,8 +9,8 @@
  */
 package org.eclipse.hawkbit.repository;
 
-import javax.validation.constraints.NotNull;
-import javax.validation.constraints.Size;
+import jakarta.validation.constraints.NotNull;
+import jakarta.validation.constraints.Size;
 
 import org.eclipse.hawkbit.repository.builder.ActionStatusBuilder;
 import org.eclipse.hawkbit.repository.builder.DistributionSetBuilder;