diff options
-rw-r--r-- | cloud-tenant-base-dependencies-enforcer/pom.xml | 3 | ||||
-rw-r--r-- | container-dependency-versions/pom.xml | 6 | ||||
-rwxr-xr-x | docker/build/build-vespa-internal.sh | 9 | ||||
-rw-r--r-- | hosted-tenant-base/pom.xml | 5 | ||||
-rw-r--r-- | parent/pom.xml | 41 | ||||
-rw-r--r-- | vespa-athenz/pom.xml | 24 | ||||
-rw-r--r-- | vespa-athenz/src/main/java/com/yahoo/vespa/athenz/aws/AwsCredentials.java | 12 |
7 files changed, 33 insertions, 67 deletions
diff --git a/cloud-tenant-base-dependencies-enforcer/pom.xml b/cloud-tenant-base-dependencies-enforcer/pom.xml index 76a28b04805..4a1c2a47a07 100644 --- a/cloud-tenant-base-dependencies-enforcer/pom.xml +++ b/cloud-tenant-base-dependencies-enforcer/pom.xml @@ -20,7 +20,7 @@ Copied here because vz-tenant-base does not have a parent. --> <properties> <aopalliance.version>1.0</aopalliance.version> - <athenz.version>1.10.11</athenz.version> + <athenz.version>1.8.49</athenz.version> <bouncycastle.version>1.65</bouncycastle.version> <felix.version>6.0.3</felix.version> <felix.log.version>1.0.1</felix.log.version> @@ -236,6 +236,7 @@ <include>commons-digester:commons-digester:1.8:jar:test</include> <include>io.airlift:aircompressor:0.17:jar:test</include> <include>io.airlift:airline:0.7:jar:test</include> + <include>io.jsonwebtoken:jjwt:0.9.1:jar:test</include> <include>io.prometheus:simpleclient:0.6.0:jar:test</include> <include>io.prometheus:simpleclient_common:0.6.0:jar:test</include> <include>joda-time:joda-time:2.8.1:jar:test</include> diff --git a/container-dependency-versions/pom.xml b/container-dependency-versions/pom.xml index c7353241d35..afcdf474723 100644 --- a/container-dependency-versions/pom.xml +++ b/container-dependency-versions/pom.xml @@ -22,6 +22,12 @@ <url>https://github.com/vespa-engine</url> </developer> </developers> + <distributionManagement> + <repository> + <id>bintray-vespa-repo</id> + <url>https://api.bintray.com/maven/yahoo/maven/vespa;publish=1</url> + </repository> + </distributionManagement> <scm> <connection>scm:git:git@github.com:vespa-engine/vespa.git</connection> <developerConnection>scm:git:git@github.com:vespa-engine/vespa.git</developerConnection> diff --git a/docker/build/build-vespa-internal.sh b/docker/build/build-vespa-internal.sh index 63eb0efacb8..780713ec732 100755 --- a/docker/build/build-vespa-internal.sh +++ b/docker/build/build-vespa-internal.sh @@ -22,11 +22,12 @@ yum -y install epel-release yum -y install centos-release-scl if ! yum-config-manager --add-repo https://copr.fedorainfracloud.org/coprs/g/vespa/vespa/repo/epel-7/group_vespa-vespa-epel-7.repo; then - cat << 'EOF' > /etc/yum.repos.d/vespa-release.repo -[vespa-release] -name=Vespa releases -baseurl=https://verizonmedia.jfrog.io/artifactory/vespa/centos/$releasever/release/$basearch + cat << 'EOF' > /etc/yum.repos.d/vespa-engine-stable.repo +[vespa-engine-stable] +name=vespa-engine-stable +baseurl=https://yahoo.bintray.com/vespa-engine/centos/$releasever/stable/$basearch gpgcheck=0 +repo_gpgcheck=0 enabled=1 EOF fi diff --git a/hosted-tenant-base/pom.xml b/hosted-tenant-base/pom.xml index 08648f47ce2..094238454c9 100644 --- a/hosted-tenant-base/pom.xml +++ b/hosted-tenant-base/pom.xml @@ -66,11 +66,6 @@ <type>pom</type> <scope>import</scope> </dependency> - <dependency> - <groupId>org.glassfish.jaxb</groupId> - <artifactId>jaxb-runtime</artifactId> - <version>2.3.2</version> <!-- 2.3.3 has BROKEN manifest --> - </dependency> </dependencies> </dependencyManagement> diff --git a/parent/pom.xml b/parent/pom.xml index 097f72a1943..3b5b0891e73 100644 --- a/parent/pom.xml +++ b/parent/pom.xml @@ -28,12 +28,30 @@ <url>https://github.com/vespa-engine</url> </developer> </developers> + <distributionManagement> + <repository> + <id>bintray-vespa-repo</id> + <url>https://api.bintray.com/maven/yahoo/maven/vespa;publish=1</url> + </repository> + </distributionManagement> <scm> <connection>scm:git:git@github.com:vespa-engine/vespa.git</connection> <developerConnection>scm:git:git@github.com:vespa-engine/vespa.git</developerConnection> <url>git@github.com:vespa-engine/vespa.git</url> </scm> + <repositories> + <!-- Required for Athenz libraries --> + <repository> + <snapshots> + <enabled>false</enabled> + </snapshots> + <id>bintray-yahoo-maven</id> + <name>bintray</name> + <url>https://yahoo.bintray.com/maven</url> + </repository> + </repositories> + <build> <finalName>${project.artifactId}</finalName> <extensions> @@ -472,21 +490,6 @@ <version>${athenz.version}</version> </dependency> <dependency> - <groupId>io.jsonwebtoken</groupId> - <artifactId>jjwt-api</artifactId> - <version>${jjwt.version}</version> - </dependency> - <dependency> - <groupId>io.jsonwebtoken</groupId> - <artifactId>jjwt-impl</artifactId> - <version>${jjwt.version}</version> - </dependency> - <dependency> - <groupId>io.jsonwebtoken</groupId> - <artifactId>jjwt-jackson</artifactId> - <version>${jjwt.version}</version> - </dependency> - <dependency> <groupId>org.apache.commons</groupId> <artifactId>commons-math3</artifactId> <version>${commons.math3.version}</version> @@ -684,11 +687,6 @@ <version>9.2.0</version> </dependency> <dependency> - <groupId>org.glassfish.jaxb</groupId> - <artifactId>jaxb-runtime</artifactId> - <version>2.3.2</version> <!-- 2.3.3 has a BROKEN manifest --> - </dependency> - <dependency> <groupId>org.hamcrest</groupId> <artifactId>hamcrest-all</artifactId> <version>1.3</version> @@ -779,8 +777,7 @@ <apache.httpclient5.version>5.0.3</apache.httpclient5.version> <asm.version>7.0</asm.version> <!-- Athenz dependencies. Make sure these dependencies match those in Vespa's internal repositories --> - <athenz.version>1.10.11</athenz.version> - <jjwt.version>0.11.2</jjwt.version> + <athenz.version>1.8.49</athenz.version> <aws.sdk.version>1.11.974</aws.sdk.version> <!-- WARNING: If you change curator version, you also need to update zkfacade/src/main/java/org/apache/curator/**/package-info.java diff --git a/vespa-athenz/pom.xml b/vespa-athenz/pom.xml index 653eb58d76d..7d2ad924ae3 100644 --- a/vespa-athenz/pom.xml +++ b/vespa-athenz/pom.xml @@ -65,14 +65,6 @@ </exclusion> <!--Exclude all Jackson bundles provided by JDisc --> <exclusion> - <groupId>jakarta.activation</groupId> - <artifactId>jakarta.activation-api</artifactId> - </exclusion> - <exclusion> - <groupId>jakarta.xml.bind</groupId> - <artifactId>jakarta.xml.bind-api</artifactId> - </exclusion> - <exclusion> <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-core</artifactId> </exclusion> @@ -86,22 +78,6 @@ </exclusion> </exclusions> </dependency> - <dependency> <!-- needed by auth-core --> - <groupId>io.jsonwebtoken</groupId> - <artifactId>jjwt-impl</artifactId> - <scope>compile</scope> - </dependency> - <dependency> <!-- needed by auth-core --> - <groupId>io.jsonwebtoken</groupId> - <artifactId>jjwt-jackson</artifactId> - <scope>compile</scope> - <exclusions> - <exclusion> - <groupId>com.fasterxml.jackson.core</groupId> - <artifactId>jackson-databind</artifactId> - </exclusion> - </exclusions> - </dependency> <dependency> <groupId>com.yahoo.athenz</groupId> <artifactId>athenz-zpe-java-client</artifactId> diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/aws/AwsCredentials.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/aws/AwsCredentials.java index b5473929184..30ff63fb108 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/aws/AwsCredentials.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/aws/AwsCredentials.java @@ -25,18 +25,12 @@ public class AwsCredentials { private final AthenzDomain athenzDomain; private final AwsRole awsRole; private final ZtsClient ztsClient; - private final String externalId; private volatile AwsTemporaryCredentials credentials; public AwsCredentials(ZtsClient ztsClient, AthenzDomain athenzDomain, AwsRole awsRole) { - this(ztsClient, athenzDomain, awsRole, null); - } - - public AwsCredentials(ZtsClient ztsClient, AthenzDomain athenzDomain, AwsRole awsRole, String externalId) { this.ztsClient = ztsClient; this.athenzDomain = athenzDomain; this.awsRole = awsRole; - this.externalId = externalId; this.credentials = get(); } @@ -48,16 +42,12 @@ public class AwsCredentials { this(new DefaultZtsClient.Builder(ztsUrl).withSslContext(sslContext).build(), athenzDomain, awsRole); } - public AwsCredentials(URI ztsUrl, SSLContext sslContext, AthenzDomain athenzDomain, AwsRole awsRole, String externalId) { - this(new DefaultZtsClient.Builder(ztsUrl).withSslContext(sslContext).build(), athenzDomain, awsRole, externalId); - } - /** * Requests temporary credentials from ZTS or return cached credentials */ public AwsTemporaryCredentials get() { if(shouldRefresh(credentials)) { - this.credentials = ztsClient.getAwsTemporaryCredentials(athenzDomain, awsRole, externalId); + this.credentials = ztsClient.getAwsTemporaryCredentials(athenzDomain, awsRole); } return credentials; } |