diff options
17 files changed, 145 insertions, 63 deletions
diff --git a/config-model/src/main/java/com/yahoo/vespa/model/admin/clustercontroller/ClusterControllerContainerCluster.java b/config-model/src/main/java/com/yahoo/vespa/model/admin/clustercontroller/ClusterControllerContainerCluster.java index a7f3a6224f2..f7007fec181 100644 --- a/config-model/src/main/java/com/yahoo/vespa/model/admin/clustercontroller/ClusterControllerContainerCluster.java +++ b/config-model/src/main/java/com/yahoo/vespa/model/admin/clustercontroller/ClusterControllerContainerCluster.java @@ -7,8 +7,12 @@ import com.yahoo.config.model.producer.AbstractConfigProducer; import com.yahoo.config.provision.ClusterSpec; import com.yahoo.search.config.QrStartConfig; import com.yahoo.vespa.model.container.ContainerCluster; +import com.yahoo.vespa.model.container.PlatformBundles; +import java.nio.file.Path; +import java.util.Collections; import java.util.Optional; +import java.util.Set; /** * Container cluster for cluster-controller containers. @@ -18,6 +22,8 @@ import java.util.Optional; */ public class ClusterControllerContainerCluster extends ContainerCluster<ClusterControllerContainer> { + private static final Set<Path> UNNECESSARY_BUNDLES = Collections.unmodifiableSet(PlatformBundles.VESPA_SECURITY_BUNDLES); + private final ReindexingContext reindexingContext; public ClusterControllerContainerCluster( @@ -29,6 +35,9 @@ public class ClusterControllerContainerCluster extends ContainerCluster<ClusterC } @Override + protected Set<Path> unnecessaryPlatformBundles() { return UNNECESSARY_BUNDLES; } + + @Override protected void doPrepare(DeployState deployState) { } @Override protected boolean messageBusEnabled() { return false; } diff --git a/config-model/src/main/java/com/yahoo/vespa/model/admin/metricsproxy/MetricsProxyContainerCluster.java b/config-model/src/main/java/com/yahoo/vespa/model/admin/metricsproxy/MetricsProxyContainerCluster.java index 680a4b97f86..928630214f4 100644 --- a/config-model/src/main/java/com/yahoo/vespa/model/admin/metricsproxy/MetricsProxyContainerCluster.java +++ b/config-model/src/main/java/com/yahoo/vespa/model/admin/metricsproxy/MetricsProxyContainerCluster.java @@ -45,6 +45,7 @@ import java.util.Collections; import java.util.LinkedHashMap; import java.util.Map; import java.util.Optional; +import java.util.Set; import java.util.logging.Logger; import static com.yahoo.vespa.model.admin.metricsproxy.ConsumersConfigGenerator.addMetrics; @@ -74,6 +75,7 @@ public class MetricsProxyContainerCluster extends ContainerCluster<MetricsProxyC private static final String METRICS_PROXY_NAME = "metrics-proxy"; static final Path METRICS_PROXY_BUNDLE_FILE = PlatformBundles.absoluteBundlePath(METRICS_PROXY_NAME); static final String METRICS_PROXY_BUNDLE_NAME = "com.yahoo.vespa." + METRICS_PROXY_NAME; + private static final Set<Path> UNNECESSARY_BUNDLES = Collections.unmodifiableSet(PlatformBundles.VESPA_SECURITY_BUNDLES); static final class AppDimensionNames { static final String SYSTEM = "system"; @@ -98,6 +100,9 @@ public class MetricsProxyContainerCluster extends ContainerCluster<MetricsProxyC addClusterComponents(); } + @Override + protected Set<Path> unnecessaryPlatformBundles() { return UNNECESSARY_BUNDLES; } + private void addClusterComponents() { addMetricsProxyComponent(ApplicationDimensions.class); addMetricsProxyComponent(ConfigSentinelClient.class); diff --git a/config-model/src/main/java/com/yahoo/vespa/model/container/ContainerCluster.java b/config-model/src/main/java/com/yahoo/vespa/model/container/ContainerCluster.java index c1267568581..32bdf6e182e 100755 --- a/config-model/src/main/java/com/yahoo/vespa/model/container/ContainerCluster.java +++ b/config-model/src/main/java/com/yahoo/vespa/model/container/ContainerCluster.java @@ -194,6 +194,8 @@ public abstract class ContainerCluster<CONTAINER extends Container> addSimpleComponent(com.yahoo.jdisc.http.server.jetty.Janitor.class); } + protected abstract boolean messageBusEnabled(); + public ClusterSpec.Id id() { return ClusterSpec.Id.from(getName()); } public void setZone(Zone zone) { @@ -455,18 +457,20 @@ public abstract class ContainerCluster<CONTAINER extends Container> } /** - * Adds the Vespa bundles that are necessary for all container types. + * Adds the Vespa bundles that are necessary for most container types. + * Note that some of these can be removed later by the individual cluster types. */ public void addCommonVespaBundles() { - PlatformBundles.commonVespaBundles.forEach(this::addPlatformBundle); + PlatformBundles.COMMON_VESPA_BUNDLES.forEach(this::addPlatformBundle); + PlatformBundles.VESPA_SECURITY_BUNDLES.forEach(this::addPlatformBundle); } - /* - Add all search/docproc/feed related platform bundles. - This is only required for application configured containers as the platform bundle set is not allowed to change - between config generations. For standalone container platform bundles can be added on features enabled as an - update of application package requires restart. - */ + /** + * Add all search/docproc/feed related platform bundles. + * These are only required for application configured containers as the platform bundle set is not allowed to change + * between config generations. For standalone container platform bundles can be added on features enabled as an + * update of application package requires restart. + */ public void addAllPlatformBundles() { ContainerDocumentApi.addVespaClientContainerBundle(this); addSearchAndDocprocBundles(); @@ -481,9 +485,19 @@ public abstract class ContainerCluster<CONTAINER extends Container> * @param bundlePath usually an absolute path, e.g. '$VESPA_HOME/lib/jars/foo.jar' */ public final void addPlatformBundle(Path bundlePath) { - platformBundles.add(bundlePath); + if (! unnecessaryPlatformBundles().contains(bundlePath)) { + platformBundles.add(bundlePath); + } else { + log.fine(() -> "Not installing bundle " + bundlePath + " for cluster " + getName()); + } } + /** + * Implement in subclasses to avoid installing unnecessary bundles, see {@link PlatformBundles} + * Should only return constant values, as there is no guarantee for when this is called. + */ + protected Set<Path> unnecessaryPlatformBundles() { return Set.of(); } + @Override public void getConfig(PlatformBundlesConfig.Builder builder) { platformBundles.stream() @@ -645,8 +659,6 @@ public abstract class ContainerCluster<CONTAINER extends Container> return "container cluster '" + getName() + "'"; } - protected abstract boolean messageBusEnabled(); - /** * Mark whether the config emitted by this cluster currently should be applied by clients already running with * a previous generation of it only by restarting the consuming processes. diff --git a/config-model/src/main/java/com/yahoo/vespa/model/container/PlatformBundles.java b/config-model/src/main/java/com/yahoo/vespa/model/container/PlatformBundles.java index f8691dcde53..cd2700d64e4 100644 --- a/config-model/src/main/java/com/yahoo/vespa/model/container/PlatformBundles.java +++ b/config-model/src/main/java/com/yahoo/vespa/model/container/PlatformBundles.java @@ -33,17 +33,32 @@ public class PlatformBundles { public static final String SEARCH_AND_DOCPROC_BUNDLE = BundleInstantiationSpecification.CONTAINER_SEARCH_AND_DOCPROC; // Bundles that must be loaded for all container types. - public static final Set<Path> commonVespaBundles = Stream.of( + public static final Set<Path> COMMON_VESPA_BUNDLES = toBundlePaths( + "container-spifly.jar", // Aries SPIFly repackaged "zkfacade", - "zookeeper-server" // TODO: not necessary in metrics-proxy. - ).map(PlatformBundles::absoluteBundlePath).collect(Collectors.toSet()); + "zookeeper-server", // TODO: not necessary in metrics-proxy. + // Used by vespa-athenz, zkfacade, other vespa bundles and nearly all hosted apps. + // TODO Vespa 9: stop installing and providing servlet-api. Seems difficult, though. + "javax.servlet-api-3.1.0.jar" + ); + + public static final Set<Path> VESPA_SECURITY_BUNDLES = toBundlePaths( + "jdisc-security-filters", + "vespa-athenz" + ); - public static final Set<Path> SEARCH_AND_DOCPROC_BUNDLES = Stream.of( - PlatformBundles.SEARCH_AND_DOCPROC_BUNDLE, + public static final Set<Path> SEARCH_AND_DOCPROC_BUNDLES = toBundlePaths( + SEARCH_AND_DOCPROC_BUNDLE, "container-search-gui", "docprocs", "linguistics-components" - ).map(PlatformBundles::absoluteBundlePath).collect(Collectors.toSet()); + ); + + private static Set<Path> toBundlePaths(String... bundleNames) { + return Stream.of(bundleNames) + .map(PlatformBundles::absoluteBundlePath) + .collect(Collectors.toSet()); + } public static Path absoluteBundlePath(String fileName) { return absoluteBundlePath(fileName, JarSuffix.JAR_WITH_DEPS); @@ -51,7 +66,8 @@ public class PlatformBundles { public static Path absoluteBundlePath(String fileName, JarSuffix jarSuffix) { if (fileName == null) return null; - return LIBRARY_PATH.resolve(Paths.get(fileName + jarSuffix.suffix)); + String fullFilename = fileName.endsWith(".jar") ? fileName : fileName + jarSuffix.suffix; + return LIBRARY_PATH.resolve(Paths.get(fullFilename)); } public static boolean isSearchAndDocprocClass(String className) { diff --git a/config-model/src/main/java/com/yahoo/vespa/model/container/http/BlockFeedGlobalEndpointsFilter.java b/config-model/src/main/java/com/yahoo/vespa/model/container/http/BlockFeedGlobalEndpointsFilter.java index 167dac4c57e..039daba8ad0 100644 --- a/config-model/src/main/java/com/yahoo/vespa/model/container/http/BlockFeedGlobalEndpointsFilter.java +++ b/config-model/src/main/java/com/yahoo/vespa/model/container/http/BlockFeedGlobalEndpointsFilter.java @@ -7,7 +7,7 @@ import com.yahoo.component.chain.dependencies.Dependencies; import com.yahoo.component.chain.model.ChainedComponentModel; import com.yahoo.config.model.api.ContainerEndpoint; import com.yahoo.container.bundle.BundleInstantiationSpecification; -import com.yahoo.jdisc.http.filter.security.rule.RuleBasedFilterConfig; +import com.yahoo.vespa.config.jdisc.http.filter.RuleBasedFilterConfig; import com.yahoo.vespa.model.clients.ContainerDocumentApi; import com.yahoo.vespa.model.container.ContainerCluster; @@ -17,11 +17,11 @@ import java.util.List; import java.util.Set; import java.util.stream.Collectors; -import static com.yahoo.jdisc.http.filter.security.rule.RuleBasedFilterConfig.DefaultRule.Action.Enum.ALLOW; -import static com.yahoo.jdisc.http.filter.security.rule.RuleBasedFilterConfig.Rule.Action.Enum.BLOCK; -import static com.yahoo.jdisc.http.filter.security.rule.RuleBasedFilterConfig.Rule.Methods.Enum.DELETE; -import static com.yahoo.jdisc.http.filter.security.rule.RuleBasedFilterConfig.Rule.Methods.Enum.POST; -import static com.yahoo.jdisc.http.filter.security.rule.RuleBasedFilterConfig.Rule.Methods.Enum.PUT; +import static com.yahoo.vespa.config.jdisc.http.filter.RuleBasedFilterConfig.DefaultRule.Action.Enum.ALLOW; +import static com.yahoo.vespa.config.jdisc.http.filter.RuleBasedFilterConfig.Rule.Action.Enum.BLOCK; +import static com.yahoo.vespa.config.jdisc.http.filter.RuleBasedFilterConfig.Rule.Methods.Enum.DELETE; +import static com.yahoo.vespa.config.jdisc.http.filter.RuleBasedFilterConfig.Rule.Methods.Enum.POST; +import static com.yahoo.vespa.config.jdisc.http.filter.RuleBasedFilterConfig.Rule.Methods.Enum.PUT; /** * @author mortent diff --git a/config-model/src/test/java/com/yahoo/vespa/model/admin/ClusterControllerTestCase.java b/config-model/src/test/java/com/yahoo/vespa/model/admin/ClusterControllerTestCase.java index 8012a00076b..793064af2dc 100644 --- a/config-model/src/test/java/com/yahoo/vespa/model/admin/ClusterControllerTestCase.java +++ b/config-model/src/test/java/com/yahoo/vespa/model/admin/ClusterControllerTestCase.java @@ -20,6 +20,7 @@ import com.yahoo.config.provision.Environment; import com.yahoo.config.provision.RegionName; import com.yahoo.config.provision.SystemName; import com.yahoo.config.provision.Zone; +import com.yahoo.container.di.config.PlatformBundlesConfig; import com.yahoo.search.config.QrStartConfig; import com.yahoo.vespa.config.content.FleetcontrollerConfig; import com.yahoo.vespa.config.content.StorDistributionConfig; @@ -29,6 +30,7 @@ import com.yahoo.vespa.model.Service; import com.yahoo.vespa.model.VespaModel; import com.yahoo.vespa.model.admin.clustercontroller.ClusterControllerContainer; import com.yahoo.vespa.model.admin.clustercontroller.ClusterControllerContainerCluster; +import com.yahoo.vespa.model.container.PlatformBundles; import com.yahoo.vespa.model.container.component.Component; import com.yahoo.vespa.model.test.utils.ApplicationPackageUtils; import com.yahoo.vespa.model.test.utils.DeployLoggerStub; @@ -38,11 +40,14 @@ import org.xml.sax.SAXException; import java.io.IOException; import java.io.StringReader; +import java.nio.file.Path; import java.time.Instant; import java.util.Collection; import java.util.List; import java.util.Optional; +import java.util.Set; +import static java.util.stream.Collectors.toSet; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertNull; @@ -110,8 +115,16 @@ public class ClusterControllerTestCase extends DomBuilderTest { assertEquals(4000, cfg.storage_transition_time()); assertEquals(3600000, cfg.stable_state_time_period()); } + + assertOnlyNecessaryBundles(model); } + private void assertOnlyNecessaryBundles(VespaModel model) { + PlatformBundlesConfig config = model.getConfig(PlatformBundlesConfig.class, "admin/cluster-controllers"); + Set<String> unnecessaryBundles = PlatformBundles.VESPA_SECURITY_BUNDLES.stream().map(Path::toString).collect(toSet()); + assertTrue(config.bundlePaths().stream() + .noneMatch(unnecessaryBundles::contains)); + } @Test(expected = IllegalArgumentException.class) public void testSeparateHostsRequired() { diff --git a/config-model/src/test/java/com/yahoo/vespa/model/admin/metricsproxy/MetricsProxyContainerClusterTest.java b/config-model/src/test/java/com/yahoo/vespa/model/admin/metricsproxy/MetricsProxyContainerClusterTest.java index b3860459323..1b36ff0afe6 100644 --- a/config-model/src/test/java/com/yahoo/vespa/model/admin/metricsproxy/MetricsProxyContainerClusterTest.java +++ b/config-model/src/test/java/com/yahoo/vespa/model/admin/metricsproxy/MetricsProxyContainerClusterTest.java @@ -15,12 +15,14 @@ import com.yahoo.container.core.ApplicationMetadataConfig; import com.yahoo.container.di.config.PlatformBundlesConfig; import com.yahoo.vespa.model.VespaModel; import com.yahoo.vespa.model.admin.metricsproxy.MetricsProxyContainerCluster.AppDimensionNames; +import com.yahoo.vespa.model.container.PlatformBundles; import com.yahoo.vespa.model.container.component.Component; import com.yahoo.vespa.model.container.component.Handler; import org.junit.Test; +import java.nio.file.Path; import java.util.Collection; -import java.util.stream.Collectors; +import java.util.Set; import static com.yahoo.vespa.model.admin.metricsproxy.MetricsProxyContainerCluster.METRICS_PROXY_BUNDLE_FILE; import static com.yahoo.vespa.model.admin.metricsproxy.MetricsProxyContainerCluster.zoneString; @@ -35,8 +37,8 @@ import static com.yahoo.vespa.model.admin.metricsproxy.MetricsProxyModelTester.g import static com.yahoo.vespa.model.admin.metricsproxy.MetricsProxyModelTester.getModel; import static com.yahoo.vespa.model.admin.metricsproxy.MetricsProxyModelTester.servicesWithAdminOnly; import static java.util.stream.Collectors.toList; +import static java.util.stream.Collectors.toSet; import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; /** @@ -47,21 +49,25 @@ public class MetricsProxyContainerClusterTest { @Test public void metrics_proxy_bundle_is_included_in_bundles_config() { VespaModel model = getModel(servicesWithAdminOnly(), self_hosted); - var builder = new PlatformBundlesConfig.Builder(); - model.getConfig(builder, CLUSTER_CONFIG_ID); - PlatformBundlesConfig config = builder.build(); - assertFalse(config.bundlePaths().stream() - .filter(p -> p.endsWith(METRICS_PROXY_BUNDLE_FILE.toString())) - .collect(Collectors.toList()) - .isEmpty()); + PlatformBundlesConfig config = model.getConfig(PlatformBundlesConfig.class, CLUSTER_CONFIG_ID); + assertTrue(config.bundlePaths().stream() + .anyMatch(p -> p.equals(METRICS_PROXY_BUNDLE_FILE.toString()))); + } + + @Test + public void unnecessary_bundles_are_not_installed() { + VespaModel model = getModel(servicesWithAdminOnly(), self_hosted); + PlatformBundlesConfig config = model.getConfig(PlatformBundlesConfig.class, CLUSTER_CONFIG_ID); + + Set<String> unnecessaryBundles = PlatformBundles.VESPA_SECURITY_BUNDLES.stream().map(Path::toString).collect(toSet()); + assertTrue(config.bundlePaths().stream() + .noneMatch(unnecessaryBundles::contains)); } @Test public void cluster_is_prepared_so_that_application_metadata_config_is_produced() { VespaModel model = getModel(servicesWithAdminOnly(), self_hosted); - var builder = new ApplicationMetadataConfig.Builder(); - model.getConfig(builder, CLUSTER_CONFIG_ID); - ApplicationMetadataConfig config = builder.build(); + ApplicationMetadataConfig config = model.getConfig(ApplicationMetadataConfig.class, CLUSTER_CONFIG_ID); assertEquals(MockApplicationPackage.APPLICATION_GENERATION, config.generation()); assertEquals(MockApplicationPackage.APPLICATION_NAME, config.name()); } diff --git a/config-model/src/test/java/com/yahoo/vespa/model/container/http/BlockFeedGlobalEndpointsFilterTest.java b/config-model/src/test/java/com/yahoo/vespa/model/container/http/BlockFeedGlobalEndpointsFilterTest.java index 1691868ee65..b17be9eb55e 100644 --- a/config-model/src/test/java/com/yahoo/vespa/model/container/http/BlockFeedGlobalEndpointsFilterTest.java +++ b/config-model/src/test/java/com/yahoo/vespa/model/container/http/BlockFeedGlobalEndpointsFilterTest.java @@ -4,7 +4,7 @@ package com.yahoo.vespa.model.container.http; import com.yahoo.config.model.api.ApplicationClusterEndpoint; import com.yahoo.config.model.api.ContainerEndpoint; -import com.yahoo.jdisc.http.filter.security.rule.RuleBasedFilterConfig; +import com.yahoo.vespa.config.jdisc.http.filter.RuleBasedFilterConfig; import org.junit.Test; import java.util.Collections; @@ -12,7 +12,6 @@ import java.util.List; import java.util.Set; import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertThat; import static org.junit.Assert.assertTrue; public class BlockFeedGlobalEndpointsFilterTest { diff --git a/configdefinitions/src/main/java/com/yahoo/vespa/config/jdisc/http/filter/package-info.java b/configdefinitions/src/main/java/com/yahoo/vespa/config/jdisc/http/filter/package-info.java new file mode 100644 index 00000000000..9dcdc2504d1 --- /dev/null +++ b/configdefinitions/src/main/java/com/yahoo/vespa/config/jdisc/http/filter/package-info.java @@ -0,0 +1,5 @@ +// Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +@ExportPackage +package com.yahoo.vespa.config.jdisc.http.filter; + +import com.yahoo.osgi.annotation.ExportPackage; diff --git a/configdefinitions/src/vespa/jdisc.http.filter.security.rule.config.rule-based-filter.def b/configdefinitions/src/vespa/jdisc.http.filter.security.rule.config.rule-based-filter.def new file mode 100644 index 00000000000..3fe850908dc --- /dev/null +++ b/configdefinitions/src/vespa/jdisc.http.filter.security.rule.config.rule-based-filter.def @@ -0,0 +1,18 @@ +# Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +package=com.yahoo.vespa.config.jdisc.http.filter + +dryrun bool default=false +defaultRule.action enum { ALLOW, BLOCK } +defaultRule.blockResponseCode int default=403 +defaultRule.blockResponseMessage string default="" +defaultRule.blockResponseHeaders[].name string +defaultRule.blockResponseHeaders[].value string +rule[].name string +rule[].action enum { ALLOW, BLOCK } +rule[].hostNames[] string +rule[].methods[] enum { GET, POST, PUT, PATCH, DELETE } +rule[].pathExpressions[] string +rule[].blockResponseCode int default=403 +rule[].blockResponseMessage string default="" +rule[].blockResponseHeaders[].name string +rule[].blockResponseHeaders[].value string diff --git a/container-disc/pom.xml b/container-disc/pom.xml index 3e42b924ec6..4ba208cc354 100644 --- a/container-disc/pom.xml +++ b/container-disc/pom.xml @@ -185,26 +185,16 @@ <discApplicationClass>com.yahoo.container.jdisc.ConfiguredApplication</discApplicationClass> <buildLegacyVespaPlatformBundle>true</buildLegacyVespaPlatformBundle> <discPreInstallBundle> - <!-- Vespa bundles --> + <!-- BEGIN Bundles needed to retrieve config, or used by container-disc --> config-bundle-jar-with-dependencies.jar, configdefinitions-jar-with-dependencies.jar, hosted-zone-api-jar-with-dependencies.jar, - jdisc-security-filters-jar-with-dependencies.jar, - vespa-athenz-jar-with-dependencies.jar, - - <!-- Apache http client repackaged as bundle --> container-apache-http-client-bundle-jar-with-dependencies.jar, - - <!-- Vespa security utils with necessary 3rd party bundles --> security-utils.jar, - bcpkix-jdk15on-${bouncycastle.version}.jar, - bcprov-jdk15on-${bouncycastle.version}.jar, - - <!-- TODO Vespa 9 Stop providing servlet-api 3.x --> - javax.servlet-api-3.1.0.jar, + bcprov-jdk15on-${bouncycastle.version}.jar, <!-- Used by security-utils --> + <!-- END Bundles needed to retrieve config, or used by container-disc --> - <!-- Aries SPIFly repackaged --> - container-spifly.jar, + bcpkix-jdk15on-${bouncycastle.version}.jar, <!-- Used by security-utils --> jackson-annotations-${jackson2.version}.jar, jackson-core-${jackson2.version}.jar, diff --git a/jdisc-security-filters/pom.xml b/jdisc-security-filters/pom.xml index 475a8b7e3e9..dd44a114236 100644 --- a/jdisc-security-filters/pom.xml +++ b/jdisc-security-filters/pom.xml @@ -19,6 +19,12 @@ <!-- provided --> <dependency> <groupId>com.yahoo.vespa</groupId> + <artifactId>configdefinitions</artifactId> + <version>${project.version}</version> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>com.yahoo.vespa</groupId> <artifactId>container-dev</artifactId> <version>${project.version}</version> <scope>provided</scope> diff --git a/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/rule/RuleBasedRequestFilter.java b/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/rule/RuleBasedRequestFilter.java index dac4d3ee4d6..9fb709126bf 100644 --- a/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/rule/RuleBasedRequestFilter.java +++ b/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/rule/RuleBasedRequestFilter.java @@ -6,7 +6,8 @@ import com.yahoo.jdisc.Metric; import com.yahoo.jdisc.Response; import com.yahoo.jdisc.http.filter.DiscFilterRequest; import com.yahoo.jdisc.http.filter.security.base.JsonSecurityRequestFilterBase; -import com.yahoo.jdisc.http.filter.security.rule.RuleBasedFilterConfig.Rule.Action; +import com.yahoo.vespa.config.jdisc.http.filter.RuleBasedFilterConfig; +import com.yahoo.vespa.config.jdisc.http.filter.RuleBasedFilterConfig.Rule.Action; import com.yahoo.restapi.Path; import java.net.URI; diff --git a/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/rule/package-info.java b/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/rule/package-info.java deleted file mode 100644 index 73313c2c86d..00000000000 --- a/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/rule/package-info.java +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -/** - * @author bjorncs - */ -@ExportPackage -package com.yahoo.jdisc.http.filter.security.rule; - -import com.yahoo.osgi.annotation.ExportPackage;
\ No newline at end of file diff --git a/jdisc-security-filters/src/main/resources/configdefinitions/jdisc.http.filter.security.rule.rule-based-filter.def b/jdisc-security-filters/src/main/resources/configdefinitions/jdisc.http.filter.security.rule.rule-based-filter.def index 1d0dcddfc31..d619f5ff735 100644 --- a/jdisc-security-filters/src/main/resources/configdefinitions/jdisc.http.filter.security.rule.rule-based-filter.def +++ b/jdisc-security-filters/src/main/resources/configdefinitions/jdisc.http.filter.security.rule.rule-based-filter.def @@ -1,4 +1,6 @@ # Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +# TODO: remove this def when oldest hosted model no longer uses it. + namespace=jdisc.http.filter.security.rule dryrun bool default=false diff --git a/jdisc-security-filters/src/test/java/com/yahoo/jdisc/http/filter/security/rule/RuleBasedRequestFilterTest.java b/jdisc-security-filters/src/test/java/com/yahoo/jdisc/http/filter/security/rule/RuleBasedRequestFilterTest.java index cfd0e80968f..bb3408f0089 100644 --- a/jdisc-security-filters/src/test/java/com/yahoo/jdisc/http/filter/security/rule/RuleBasedRequestFilterTest.java +++ b/jdisc-security-filters/src/test/java/com/yahoo/jdisc/http/filter/security/rule/RuleBasedRequestFilterTest.java @@ -8,8 +8,9 @@ import com.yahoo.container.jdisc.RequestHandlerTestDriver.MockResponseHandler; import com.yahoo.jdisc.Metric; import com.yahoo.jdisc.Response; import com.yahoo.jdisc.http.filter.DiscFilterRequest; -import com.yahoo.jdisc.http.filter.security.rule.RuleBasedFilterConfig.DefaultRule; -import com.yahoo.jdisc.http.filter.security.rule.RuleBasedFilterConfig.Rule; +import com.yahoo.vespa.config.jdisc.http.filter.RuleBasedFilterConfig; +import com.yahoo.vespa.config.jdisc.http.filter.RuleBasedFilterConfig.DefaultRule; +import com.yahoo.vespa.config.jdisc.http.filter.RuleBasedFilterConfig.Rule; import com.yahoo.test.json.JsonTestHelper; import org.junit.jupiter.api.Test; diff --git a/standalone-container/pom.xml b/standalone-container/pom.xml index 3776743cbd8..590872282ca 100644 --- a/standalone-container/pom.xml +++ b/standalone-container/pom.xml @@ -99,7 +99,14 @@ config-bundle-jar-with-dependencies.jar, config-model-api-jar-with-dependencies.jar, config-model-jar-with-dependencies.jar, + container-disc-jar-with-dependencies.jar, + + <!-- START bundles that can be moved to config-model when all standalone containers are set up via the model --> + container-spifly.jar, <!-- Aries SPIFly repackaged --> + javax.servlet-api-3.1.0.jar, <!-- Needed by vespa-athenz. TODO Vespa 9: remove the need for servlet-api --> + <!-- END bundles that can be moved to config-model --> + <!-- START config-model dependencies --> container-search-and-docproc-jar-with-dependencies.jar, linguistics-components-jar-with-dependencies.jar, |