1. 19 May, 2021 2 commits
    • femiadeyemi's avatar
      adjust market-user and organisation entity · a3d5a946
      femiadeyemi authored
      Motivation:
      
      Meeting up with the new API design requires that the market-user
      and organisation entity are realign.
      
      Modification:
      
      - factor out some part of market-user and create a new class (person)
      - make organisation enity to extend audit-metadata and some properties
          were added.
      - use the lombok project to reduce the boilerplate code in both
          the market-user and organisation entities.
      - add 'person' to the list of PrefixEnum in the CerebrumEntityUuidGenerator
      
      Result:
      
      Market-user and Organisation entity are now re-worked
      
      Target: master
      a3d5a946
    • femiadeyemi's avatar
      update list of OWASP checks and upgrade spring boot · 90b6d9ff
      femiadeyemi authored
      Motivation:
      
      Some reported vulnerabilities of the dependencies by OWASP make
      the pipeline broken.
      
      Modification:
      
      - upgrade spring boot starter parent version from 2.3.5.RELEASE
          to 2.3.10.RELEASE
      - upgrade hibernate-validator from 6.0.19.Final to 6.2.0.Final
      - updgrade neo4j-java-driver-spring-boot-starter from 4.1.1.0
          to 4.2.4.0
      - update list of OWASP check and supress some false positive
          alarms
      
      Result:
      
      Build pipeline succeeds.
      
      Target: master
      90b6d9ff
  2. 18 May, 2021 1 commit
    • femiadeyemi's avatar
      make available the metrics of cerebrum · 92e4e164
      femiadeyemi authored
      Motivation:
      
      To gain insight on cerebrum-app, the spring framework provide
      the facility to expose the application metrics to monitoring
      service like Prometheus on Kubernetes.
      
      Modification:
      
      - enable graceful shutdown
      - add spring boot actuator and prometheus registry micrometer
          dependencies
      - expose the actuator endpoint that will provides: health,
         info, metric etc.
      - avoid 404 error on request to /favicon.ico
      
      Result:
      
      Cerebrum now makes it metrics available and can be shutdown
      gracefully.
      
      Target: master
      92e4e164
  3. 17 May, 2021 1 commit
    • femiadeyemi's avatar
      add new properties to market-service enity · 8614f6e7
      femiadeyemi authored
      Motivation:
      
      To fullfill the service metadata description defined by the
      cloud management board, new properties need to be added to
      the market-service entity.
      
      Modification:
      
      - add lombok dependency to the cerebrum project to avoid some
          boilterplate codes
      - add some few new properties to the market-service entity
      - enable database auditing to keep track of when an entity was
          created and when it was last modified.
      - adjust the MarketServiceRepository to fit the new market-service
          properties definition
      
      Result:
      
      Market-service entity contain some new properties and some few name
      change.
      
      Target: master
      8614f6e7
  4. 15 Mar, 2021 1 commit
  5. 21 Feb, 2021 2 commits
  6. 20 Feb, 2021 3 commits
  7. 03 Dec, 2020 2 commits
    • femiadeyemi's avatar
      add a new stage · 25fbf53b
      femiadeyemi authored
      Motivation:
      
      Automated ci/cd is desirable process we will like to adhere to in 
      our pipeline. Since we already have a local kubernetes cluster running 
      on the production machine, we need to ensure that when a new tag
      is release, the cluster is notified.
      
      Modification:
      
      - add a new pipeline stage called `docker`. This will be use for 
      the building and deploy the image into the docker hub.
      - deploy stage will now be responsible for trigger automated update 
      of the image in the cluster.
      
      Result:
      
      Getting closer to fully automated ci/cd
      
      Target: master
      25fbf53b
    • femiadeyemi's avatar
      rollback to not checking the host key · 6ce94326
      femiadeyemi authored
      6ce94326
  8. 02 Dec, 2020 7 commits
  9. 10 Nov, 2020 4 commits
    • femiadeyemi's avatar
      rollback commit #5b989230 · b42fd5ec
      femiadeyemi authored
      b42fd5ec
    • femiadeyemi's avatar
      fix uuid generation · 4392c544
      femiadeyemi authored
      Motivation:
      
      A new uuid is generated for an entity that will be save on the db..
      This is use as a primary way of uniquely identify a particular node.
      To ensure the uniqueness of the uuid, two factor were considered
      which are:
      - uuid version 1
      - secure random number
      However the secured random number is currently generated causing the
      thread to block in a VM (for details explaination see
      https://tersesystems.com/blog/2015/12/17/the-right-way-to-use-securerandom/).
      Hence the behaviour of the system become unpredicate and most likely
      will fail if the request will required the uuid to be generated.
      
      Modification:
      
      - change how the secured random number is generated
      - minor typo fix inside the MarketUserRepository
      
      Result:
      
      The generation of cerebrum custom uuid now work seemly on both local
      machine and VMs. Hence, all requests are now process as expected.
      
      Target: master
      4392c544
    • femiadeyemi's avatar
      update dependency-check-suppressions.xml · 31fee152
      femiadeyemi authored
      31fee152
    • femiadeyemi's avatar
      upgrade to spring-boot version 2.3.5 · 0167257c
      femiadeyemi authored
      Motivation:
      
      Keep cerebrum up-to-date.
      
      Modification:
      
      - change the spring-boot version to 2.3.5
      - upgrade the springdoc-openapi-ui to version 1.4.8 to
          avoid the classpath problem
      - use the latest spring boot version of the neo4j driver
      - unity aai jwt header token is at+jwt however, the latest
          springframework security does not support this. Hence.
          exclude the current version of nimbus-jose-jwt and
          add version 7.9 that support at+jwt header.
      - inside the application.yml and application-dev.yml use the
          properties setting for the neo4j instead of the spring
          neo4j properties
      - enable more neo4j logs info
      - use the proper variable name for the sceret value inside
          the docker file.
      
      Result:
      
      No visible changes to the end user
      0167257c
  10. 16 Oct, 2020 4 commits
  11. 15 Oct, 2020 9 commits
    • femiadeyemi's avatar
      fix minor typo · b015c7c6
      femiadeyemi authored
      `tar` -> `jar`
      b015c7c6
    • femiadeyemi's avatar
      create a `target` cache path · 79096995
      femiadeyemi authored
      79096995
    • femiadeyemi's avatar
      skip tests · 5b989230
      femiadeyemi authored
      Motivation:
      
      When the test stage of the ci/cd is trigger, it currently fail. 
      The main reason is that it took more than the stipulated time of 
      one hour to run.
      
      Modification:
      
      skip unit/integration tests
      
      Result:
      
      no testing
      5b989230
    • femiadeyemi's avatar
      refactor the ci/cd and supress false positive dependency · b9829399
      femiadeyemi authored
      Motivation:
      
      Maven test are unncessarily ran at least twice and some
      stage that were declared that were not use. This cause
      some unexpected behaviour in the ci/cd build.
      
      Also, the ci/cd fail because of some false postive in the
      dependency vulnerabilities scan
      
      Modification:
      
      - Define only neccessary stages and use them accordingly.
      - add some few dependecies supression
      
      Result:
      
      - Keep the ci/cd simple and avoid running multiple tests
      - when `mvn org.owasp:dependency-check-maven:check` is run
      Vulnerabilities found equal 0
      
      Target: master
      Review: https://gitlab.hzdr.de/hifis-technical-platform/helmholtz-cerebrum/-/merge_requests/39
      b9829399
    • femiadeyemi's avatar
      store new user to the database · a1be3778
      femiadeyemi authored
      Motivation:
      
      All authenticated user should be store into cerebrum
      data-storage (neo4j). At the momement this is not the
      case.
      
      Modification:
      
      - ensure that when the autheticated user hit /api/v0/users/whoami
          and the user is unknown to cerebrum, a new user will
          be created.
      - add findByEmailAndSub method in the user repository to search
          the database if user with the supplied email and sub exist
      - add a createEnity method inside CerebrumService interface that
          are implemented inside CerebrumServiceBase abstract class.
          This will be use when the uri location is not needed.
      
      Result:
      
      Unkown user that have been authenticated will be
      store by cerebrum.
      
      Target: master
      Review: https://gitlab.hzdr.de/hifis-technical-platform/helmholtz-cerebrum/-/merge_requests/38
      a1be3778
    • femiadeyemi's avatar
      0a093b08
    • femiadeyemi's avatar
      create a profile for development · f4e45bf0
      femiadeyemi authored
      Motivation:
      
      Since production environment variables will be
      different from the development variables, hence
      we create a new development profile to set up
      the necessary configuration for the development.
      
      Modification:
      
      - create a new dev profile yml file and add the
          configurations for development
      - add the dev profile to maven
      
      Result:
      
      The cerebrum dev server can now use the dev config.
      
      Using maven, selecting a dev profile will be done as follow:
          `mvn -Pdev clean ...`
      
      The profile can be set after the code is build as follow:
          `java -Dspring.profiles.active=dev -jar ...`
      
      Target: master
      Review: https://gitlab.hzdr.de/hifis-technical-platform/helmholtz-cerebrum/-/merge_requests/37
      f4e45bf0
    • femiadeyemi's avatar
      fix cors issue · 29f47571
      femiadeyemi authored
      Motivation:
      
      CORs is a technique that uses additional HTTP headers
      to inform browsers to give a client application at a
      particular origin access to requested resources at a
      different origin. This was previous implemented but
      needed some few adjustment to make it work.
      
      Modification:
      
      - Change the property name for allowed origin from
          cerebrum.allowed.client.origins to cerebrum.allowed.origins
          Hence it can be set in the command line as follow:
          `java -jar --cerebrum.allowed.origins=<comma-seperated-values>`
      - Add OPTIONS method to the list of allowed methods and obtain
          the value of the property: `cerebrum.allowed.origins`
      
      Result:
      
      CORs now works
      
      Target: master
      Review: https://gitlab.hzdr.de/hifis-technical-platform/helmholtz-cerebrum/-/merge_requests/36
      29f47571
    • femiadeyemi's avatar
      remove server property from the open-api configuration · b32087bf
      femiadeyemi authored
      Motivation:
      
      The open-api for documenting cerebrum api allows setting the
      server url property to the preferred url. In the initial state,
      it was assumed that cerebrum will be served from localhost.
      However, this is currently not the case, the application is
      dockerised and can be served from different url than the assumed
      one. Hence it is neccessary that we let the open-api generate
      the server url.
      
      Modification:
      
      Remove server property from the open-api configuration.
      
      Result:
      
      The doc server url is now autogenrated.
      
      Target: master
      Review: https://gitlab.hzdr.de/hifis-technical-platform/helmholtz-cerebrum/-/merge_requests/35
      b32087bf
  12. 14 Oct, 2020 1 commit
  13. 16 Sep, 2020 1 commit
    • femiadeyemi's avatar
      add relationship between user and service entity · da8bd9e8
      femiadeyemi authored
      Motivation:
      
      User belonging to known Helmholtz organisation can create
      and be part of a management team to manage a marketplace
      service. This patch introduce the code to model this
      relationship and expose it usage through the restful API.
      
      Modification:
      
      - create a relationship class for "MANAGES" called Management.
      - provide the ability to add and delete the relationship. Hence,
          the market-service controller expose the api, the service
          provide the bridge between the api and the repository. The
          repository contain the neccessary query to interact with
          the database.
      - fix minor typo inside the market-service-controller,
          market-service-service and market-service-repository class
      - overide both the equals and hashCode method of the
          market-service class
      
      Result:
      
      MANAGES relationship can now be added and deleted through the
      restful api.
      
      Target: master
      Review-at: https://gitlab.hzdr.de/hifis-technical-platform/helmholtz-cerebrum/-/merge_requests/33
      da8bd9e8
  14. 15 Sep, 2020 2 commits