-
Notifications
You must be signed in to change notification settings - Fork 591
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
upgrades fiat to boot2 and new BOM dependency management #388
Merged
Changes from all commits
Commits
Show all changes
35 commits
Select commit
Hold shift + click to select a range
e0289ae
refactor(boot2): Mostly working... one transient test failure
robzienert a4f053b
chore(boot2): Bump to spin-deps rc.17, add spring properties migrator
robzienert c888310
chore(boot2): spin-dep rc.18
robzienert ccc04a3
fix(boot2): spin-dep rc.21; fixed failing test
robzienert 72e6321
fix(boot2): Fix transient test?
robzienert 30cb454
chore(boot2): Why cant I get this transient failure to happen on my l…
robzienert 13d0078
fix(boot2): Im sure this will not solve it
robzienert d481c73
chore(boot2): Cleanup of some speculative test output
robzienert 35738da
chore(boot2): Disable parallel gradle execution
robzienert 3a8a981
refactor(boot2): Mostly working... one transient test failure
robzienert 99268cc
chore(boot2): Bump to spin-deps rc.17, add spring properties migrator
robzienert bdebc70
chore(boot2): spin-dep rc.18
robzienert 32b74ca
fix(boot2): spin-dep rc.21; fixed failing test
robzienert eb19e22
chore(boot2): Why cant I get this transient failure to happen on my l…
robzienert b256f87
chore(boot2): Cleanup of some speculative test output
robzienert 6c09171
Add back JSON module. Fiat now boots up.
dibyom 8c4679f
Fix tests
dibyom af66546
Fix case
dibyom d3fafaf
chore(deps): latest spinnaker-dependencies
cfieber 1a04e08
Merge remote-tracking branch 'upstream/master' into boot2
cfieber 03d8217
supply property placeholder for igor
cfieber 61cdc5c
Merge pull request #371 from cfieber/boot2
cfieber 972c3f3
update to kork bom (#376)
cfieber 69350e0
Merge branch 'master' into boot2
cfieber 4e85f1b
fix(dependencies): dependency cleanup (#377)
cfieber 3f8fa98
Merge remote-tracking branch 'upstream/master' into boot2
cfieber bdbae49
chore(dependencies): kork 4.1.0-rc.5-springBoot2
cfieber cfa2357
Merge remote-tracking branch 'upstream/master' into boot2
cfieber df017c7
chore(build): spinnaker-gradle-project 6.0.0
cfieber fb79831
Merge remote-tracking branch 'upstream/master' into boot2
cfieber fa1f056
chore(dependencies): kork 4.1.0-rc.11+springBoot2
cfieber d26254a
chore(build): remove useLastTag from non release travis buildscripts
cfieber 57207a6
chore(dependencies): kork 4.1.0-rc.13+springBoot2
cfieber 7dd8ebe
chore(dependencies): update to kork 5.0.0
cfieber 708c142
chore(build): remove unnecessary gradle config for jvm version
cfieber File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -18,15 +18,13 @@ | |
|
||
import com.fasterxml.jackson.databind.DeserializationFeature; | ||
import com.fasterxml.jackson.databind.ObjectMapper; | ||
import com.netflix.spectator.api.Registry; | ||
import com.netflix.spinnaker.config.OkHttpClientConfiguration; | ||
import com.netflix.spinnaker.okhttp.SpinnakerRequestInterceptor; | ||
import com.netflix.spinnaker.retrofit.Slf4jRetrofitLogger; | ||
import com.squareup.okhttp.OkHttpClient; | ||
import lombok.Setter; | ||
import lombok.extern.slf4j.Slf4j; | ||
import lombok.val; | ||
import org.slf4j.Logger; | ||
import org.slf4j.LoggerFactory; | ||
import org.springframework.beans.factory.annotation.Autowired; | ||
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; | ||
import org.springframework.boot.context.properties.EnableConfigurationProperties; | ||
|
@@ -37,6 +35,7 @@ | |
import org.springframework.security.config.annotation.web.builders.HttpSecurity; | ||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; | ||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; | ||
import org.springframework.security.web.authentication.AnonymousAuthenticationFilter; | ||
import org.springframework.security.web.context.SecurityContextPersistenceFilter; | ||
import retrofit.Endpoints; | ||
import retrofit.RestAdapter; | ||
|
@@ -59,8 +58,7 @@ public class FiatAuthenticationConfig { | |
|
||
@Bean | ||
@ConditionalOnMissingBean(FiatService.class) // Allows for override | ||
public FiatService fiatService(Registry registry, | ||
FiatClientConfigurationProperties fiatConfigurationProperties, | ||
public FiatService fiatService(FiatClientConfigurationProperties fiatConfigurationProperties, | ||
SpinnakerRequestInterceptor interceptor, | ||
OkHttpClientConfiguration okHttpClientConfiguration) { | ||
// New role providers break deserialization if this is not enabled. | ||
|
@@ -98,40 +96,16 @@ private class FiatWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdap | |
private final FiatStatus fiatStatus; | ||
|
||
private FiatWebSecurityConfigurerAdapter(FiatStatus fiatStatus) { | ||
super(true); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. this disables defaults, our auth filter chain for fiat is mostly about having the FiatAuthenticationFilter in there and falling back to anonymous |
||
this.fiatStatus = fiatStatus; | ||
} | ||
|
||
@Override | ||
protected void configure(HttpSecurity http) throws Exception { | ||
/* | ||
* Having `FiatAuthenticationFilter` prior to `SecurityContextPersistenceFilter` results in the | ||
* `SecurityContextHolder` being overridden with a null value. | ||
* | ||
* The null value then causes the `AnonymousAuthenticationFilter` to inject an "anonymousUser" which when | ||
* passed over the wire to fiat is promptly rejected. | ||
* | ||
* This behavior is triggered when `management.security.enabled` is `false`. | ||
*/ | ||
http | ||
.csrf().disable() | ||
.addFilterAfter(new FiatAuthenticationFilter(fiatStatus), SecurityContextPersistenceFilter.class); | ||
} | ||
} | ||
|
||
private static class Slf4jRetrofitLogger implements RestAdapter.Log { | ||
private final Logger logger; | ||
|
||
Slf4jRetrofitLogger(Class type) { | ||
this(LoggerFactory.getLogger(type)); | ||
} | ||
|
||
Slf4jRetrofitLogger(Logger logger) { | ||
this.logger = logger; | ||
} | ||
|
||
@Override | ||
public void log(String message) { | ||
logger.info(message); | ||
http.servletApi().and() | ||
.exceptionHandling().and() | ||
.anonymous().and() | ||
.addFilterBefore(new FiatAuthenticationFilter(fiatStatus), AnonymousAuthenticationFilter.class); | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
these all are actually runtime dependencies. With BOM based dependency opinions we won't run into problems on version alignment so it is safe to make these implementation rather than compileOnly