Sauron, the all seeing eye! It is a service to generate automated reports and track migrations, changes and dependency versions for backend services also report on known CVE and security issues.

Related tags

sauron
Overview

SAURON - VERSION AND DEPLOYMENT TRACKER

Build Release Components Release Plugins

DESCRIPTION

Sauron, the all seeing eye! It is a service to generate automated reports and track migrations, changes and dependency versions for backend services also report on known CVE and security issues. A detailed description can be found in the internal RFC document.


COMPONENTS

Sauron Service is segregated into a few components that are described below:

  • Sauron Core: Sauron common library to be used by all sauron plugins. More details here

  • Sauron Service: Sauron entrypoint controller described in more details in this README

  • Sauron Plugin System: Sauron has an embedded plugin support that allows anyone to introduce its own logic without the need to rebuild, regenerate and stop/restart Sauron Service. More details in further sections.

  • Elasticsearch Cluster: Sauron uses Elasticsearch as a data storage. It is currently deployed in AWS and can be accessed here.

  • Kibana: Elasticsearch data can be explored using the built-in Kibana instance that can be accessed here.

  • Dependencytrack: Sauron includes an instance of Dependencytrack, a platform that allows organizations to identify and reduce risk from the use of third-party and open source components.


ARCHITECTURE OVERVIEW

Sauron Service Architecture


RUNNING

Sauron can be deployed using Docker and Docker-Compose. It provides a Dockerfile that can be built using the following commands:

Build Sauron project using maven and ship it to a docker image:

make

Start Sauron stack and load the local plugin repository

docker-compose -f docker-compose.yml --compatibility up

This command will start three components:

Note: Since Sauron needs your maven, gradle and nodejs configuration, the docker-compose.yml creates a volume for each configuration folder/file. If there is no configuration already created, please create one before running the command above. For more details please refer to docker-compose.yaml > Volumes

Docker

In order to run Sauron with you predefined configuration using docker, use the command below:

docker run \
    -e SPRING_CONFIG_LOCATION="/sauron/config/sauron-service.yml" \
    -e M2_HOME="/usr/share/maven" \
    -e SPRING_PROFILES_INCLUDE="local" \
    -e SPRING_CLOUD_CONFIG_ENABLED="false" \
    --mount type=bind,source=${PWD}/sauron-service/docker/config/sauron-service.yml,destination=/sauron/config/sauron-service.yml,readonly \
    --mount type=bind,source=${PWD}/sauron-service/plugins,destination=/sauron/plugins \
    --mount type=bind,source=${HOME}/.m2,destination=/root/.m2 \
    --mount type=bind,source=${HOME}/.gradle,destination=/root/.gradle \
    --mount type=bind,source=${HOME}/.npmrc,destination=/root/.npmrc \
    --mount type=bind,source=${HOME}/.ssh,destination=/root/.ssh,readonly \
    --name=sauron \
    -p 8080:8080 \
    ghcr.io/freenowtech/sauron/sauron-service:latest

If you need to use a specific version, please refer to Sauron Packages


CONFIGURATION

Sauron configuration can be set via application.properties file. The file path can be provided using the environment variable:

  • SPRING_CONFIG_LOCATION: it must contain the path pointing to the local file e.g. /path/to/config/my-properties.properties or /path/to/config/my-properties.yaml

Sauron supports Spring Cloud Config Server as a configuration provider. In order to set Config Server url, please use the environment variable below:

  • SPRING_CLOUD_CONFIG_URI: it must contain the URL pointing to the remote repository e.g. https://my-repository.com/my-config

For a Sauron configuration file example, please refer to sauron-service.yml


USAGE

Sauron Elasticsearch Index Template

Before start using Sauron, it is import to define the index template that will be used by Elasticsearch to create Sauron's index. It can be done by running the command line below:

elasticsearch/sauron-template.sh
elasticsearch/dependencies-template.sh

This template increases the number of fields, since usually the amount of dependencies and thus the amount of fields is huge, and some other minor optimizations.

Triggering Sauron Service

Sauron Service provides a REST api that allows one to trigger a new build. The detailed parameters can be found in its swagger documentation. Once a new build has been triggered, Sauron's pipeline will run applying all plugins pre-configured. The output will be stored in elasticsearch and can be queried afterwards using the Kibana Installation.

For more details, check in the next section how the plugin system works.

A build request example can be found below:

curl --verbose --location --request POST 'http://localhost:8080/api/v1/build' \
    --header 'Content-Type: application/json' \
    --data-raw '{
      "serviceName": "MyService",
      "repositoryUrl": "https://github.com/gazgeek/springboot-helloworld.git",
      "commitId": "41c7823dddbef43680a0726ccea0631519b9d3c1",
      "buildId": "2b8caa6c-8b55-4b57-b654-5a00d519f409",
      "owner": "Sauron",
      "eventTime": 1586962717770,
      "rollback": false,
      "returnCode": 0,
      "environment": "production",
      "release": "0.0.1",
      "user": "sauron-user",
      "dockerImage": "helloworld:0.0.1",
      "platform": "K8S"
    }'

Visualizing Sauron Data

As mentioned before, Sauron stack uses Elasticsearch + Kibana to respectively store and visualize data. Once the Sauron build is done, the information will be available and can be queried using Kibana.

In order to do that, a index pattern must be created in Kibana using this HOWTO.

Once it is done, you are able to use your data. Sauron provides a default Kibana Dashboard available here. Import it and voilà! Enjoy your data!

Kibana Dashboard Example

Sauron Kibana Dashboard


SAURON PLUGIN SYSTEM

Sauron has an embedded plugin system that allows anyone to insert its own business logic to extract information during the building/deploy process. It uses the PF4J which is a plugin framework written in Java, and provides a nice interface to implement an integration in your service.

During the startup Sauron loads all available plugins, and updates them every 5 minutes using the pre-defined plugin repository (Local or Artifactory). For more details please refer to sauron-service.yml.

Official Plugins

console Output

Prints the DataSet content to sysout.

data-sanitizer

Sanitizes the data before being processed by Sauron pipeline.

git-checkout

Checkout the project source code.

dependency-checker

Extracts dependencies information in CycloneDX and insert in DataSet.

dependencytrack-publisher

Publishes the dependencies to our internal Dependency Track instance.

maven-report

Retrieves information from pom.xml file.

elasticsearch-output

Stores the DataSet content into Elasticsearch.

protocw-checker

Checks whether a service is using protoc, and the protoc wrapper.

logs-report

Tells if your service has any logs on elasticsearch. You can configure indexes and time range to search for logs.

kubernetesapi-report

Allows Sauron to query Kubernetes API to retrieve the annotations and labels assigned to the resources, specified in the configuration, and stores the values into the DataSet.

sonarapi-report

Query Sonar API to retrieve your service related data, like Code Coverage, and stores into the DataSet.

thanosapi-report

Query Thanos API to retrieve your service related data(like RPM, Circuit Breaker), and stores into the DataSet.

readme-checker

Checks whether a service has or not a README.md file in its root folder.

bcrypt-passwordencoder-checker

Checks whether a service might be using Bcrypt to encode the passwords in the API

jaegerapi-report

Query Jaeger API to extract tracing information

Creating a New Sauron Plugin

Sauron provides a maven archetype in order to create a standard skeleton of a new plugin. To use that follow the steps below.

Install maven archetype

Checkout the sauron-plugin-archetype project:

$ git clone https://github.com/freenowtech/sauron.git

Install the archetype locally and add it to the local archetype catalog:

$ cd sauron-plugin-archetype
$ mvn clean install

Create new plugin skeleton

Generate the new plugin using the installed archetype:

$ mvn org.apache.maven.plugins:maven-archetype-plugin:3.1.2:generate
[INFO] Scanning for projects...
[INFO]
[INFO] ------------------< org.apache.maven:standalone-pom >-------------------
[INFO] Building Maven Stub Project (No POM) 1
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] >>> maven-archetype-plugin:3.0.1:generate (default-cli) > generate-sources @ standalone-pom >>>
[INFO]
[INFO] <<< maven-archetype-plugin:3.0.1:generate (default-cli) < generate-sources @ standalone-pom <<<
[INFO]
[INFO]
[INFO] --- maven-archetype-plugin:3.0.1:generate (default-cli) @ standalone-pom ---
[INFO] Generating project in Interactive mode
[INFO] No archetype defined. Using maven-archetype-quickstart (org.apache.maven.archetypes:maven-archetype-quickstart:1.0)
Choose archetype:
...
Choose a number or apply filter (format: [groupId:]artifactId, case sensitive contains): : sauron-plugin-archetype
Choose archetype:
1:  remote -> com.freenow.sauron:sauron-plugin-archetype (Sauron Plugin Archetype)
Choose a number or apply filter (format: [groupId:]artifactId, case sensitive contains): : 1
[INFO] Using property: groupId = com.free-now.sauron.plugins
Define value for property 'artifactId': my-plugin
[INFO] Using property: version = 0.0.1-SNAPSHOT
[INFO] Using property: package = com.freenow.sauron.plugins
Define value for property 'className': MyPlugin
Confirm properties configuration:
groupId: com.free-now.sauron.plugins
artifactId: my-plugin
version: 0.0.1-SNAPSHOT
package: com.freenow.sauron.plugins
className: MyPlugin
 Y: :
[INFO] ----------------------------------------------------------------------------
[INFO] Using following parameters for creating project from Archetype: sauron-plugin-archetype:0.0.1-SNAPSHOT
[INFO] ----------------------------------------------------------------------------
[INFO] Parameter: groupId, Value: com.free-now.sauron.plugins
[INFO] Parameter: artifactId, Value: my-plugin
[INFO] Parameter: version, Value: 0.0.1-SNAPSHOT
[INFO] Parameter: package, Value: com.freenow.sauron.plugins
[INFO] Parameter: packageInPathFormat, Value: com/freenow/sauron/plugins
[INFO] Parameter: package, Value: com.freenow.sauron.plugins
[INFO] Parameter: version, Value: 0.0.1-SNAPSHOT
[INFO] Parameter: groupId, Value: com.free-now.sauron.plugins
[INFO] Parameter: className, Value: MyPlugin
[INFO] Parameter: artifactId, Value: my-plugin
[INFO] Project created from Archetype in dir: /Users/sergio/Documents/sauron/my-plugin
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time:  15.041 s
[INFO] Finished at: 2019-04-08T15:10:44+02:00
[INFO] ------------------------------------------------------------------------

It will generate a new maven project that follows the structure below:

Fill in the MyPlugin.java class with your desired logic:

package com.freenow.sauron.plugins;

import com.freenow.sauron.model.DataSet;
import com.freenow.sauron.properties.PluginsConfigurationProperties;
import org.pf4j.Extension;

@Extension
public class MyPlugin implements SauronExtension
{
    @Override
    public DataSet apply(PluginsConfigurationProperties properties, DataSet input)
    {
        // PLUGIN LOGIC

        return input;
    }
}

Configuring your new Plugin

In order to provide extra configuration to your plugin, refer to CONFIGURATION SECTION. After your configuration has been added, it will be available to be used by your plugin in PluginsConfigurationProperties object. See below an example of how you can use the configuration properties:

The following configuration provides an url to my-plugin plugin generated in step above:

sauron:
    plugins:
        my-plugin:
            url: https://my-plugin.com

So in order to retrieve this configuration uses the following java code:

@Extension
public class MyPlugin implements SauronExtension
{
    @Override
    public DataSet apply(PluginsConfigurationProperties properties, DataSet input)
    {
        properties.getPluginConfigurationProperty("my-plugin", "url").ifPresent(url -> System.out.println(url) );
        return input;
    }
}

Documenting your Plugin

Sauron Plugin Archetype provides a template of a README that must be filled to document what your plugin does, inputs, outputs and possible configuration.

Deploying your new Plugin

Once the developing and testing process has been done, you can deploy a new version of your plugin, using the pre-defined plugin repository (Local or Artifactory). For more details please refer to sauron-service.yml.

The plugin reloading process runs every 5 minutes. To force a reloading use the /api/v1/reload method.

Check Swagger Documentation for more information.

Using your new Plugin

Once your plugin has been deployed and loaded by Sauron Service you can use it in a pipeline which will be then applied to new deployments. Refer to Sauron Usage for detailed information.

Issues
  • Bump elasticsearch from 7.9.3 to 7.11.0 in /plugins/elasticsearch-output

    Bump elasticsearch from 7.9.3 to 7.11.0 in /plugins/elasticsearch-output

    Bumps elasticsearch from 7.9.3 to 7.11.0.

    Release notes

    Sourced from elasticsearch's releases.

    Elasticsearch 7.11.0

    Downloads: https://elastic.co/downloads/elasticsearch Release notes: https://www.elastic.co/guide/en/elasticsearch/reference/7.11/release-notes-7.11.0.html

    Elasticsearch 7.10.2

    Downloads: https://elastic.co/downloads/elasticsearch Release notes: https://www.elastic.co/guide/en/elasticsearch/reference/7.10/release-notes-7.10.2.html

    Elasticsearch 7.10.1

    Downloads: https://elastic.co/downloads/elasticsearch Release notes: https://www.elastic.co/guide/en/elasticsearch/reference/7.10/release-notes-7.10.1.html

    Elasticsearch 7.10.0

    Downloads: https://elastic.co/downloads/elasticsearch Release notes: https://www.elastic.co/guide/en/elasticsearch/reference/7.10/release-notes-7.10.0.html

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • Bump elasticsearch from 7.9.3 to 7.11.0 in /plugins/dependency-checker

    Bump elasticsearch from 7.9.3 to 7.11.0 in /plugins/dependency-checker

    Bumps elasticsearch from 7.9.3 to 7.11.0.

    Release notes

    Sourced from elasticsearch's releases.

    Elasticsearch 7.11.0

    Downloads: https://elastic.co/downloads/elasticsearch Release notes: https://www.elastic.co/guide/en/elasticsearch/reference/7.11/release-notes-7.11.0.html

    Elasticsearch 7.10.2

    Downloads: https://elastic.co/downloads/elasticsearch Release notes: https://www.elastic.co/guide/en/elasticsearch/reference/7.10/release-notes-7.10.2.html

    Elasticsearch 7.10.1

    Downloads: https://elastic.co/downloads/elasticsearch Release notes: https://www.elastic.co/guide/en/elasticsearch/reference/7.10/release-notes-7.10.1.html

    Elasticsearch 7.10.0

    Downloads: https://elastic.co/downloads/elasticsearch Release notes: https://www.elastic.co/guide/en/elasticsearch/reference/7.10/release-notes-7.10.0.html

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • Github release workflow is not being triggered

    Github release workflow is not being triggered

    Github release workflow listen to tag creation events.

    For some reason whenever we create a new tag here, the workflow is not triggered.

    ci 
    opened by sergioasantiago 1
  • Open sourcing Sauron Service

    Open sourcing Sauron Service

    opened by sergioasantiago 1
  • Add missing files to KubernetesApiReport

    Add missing files to KubernetesApiReport

    Fix links

    opened by sergioasantiago 0
  • Bump junit from 4.12 to 4.13.1 in /plugins/sonarapi-report

    Bump junit from 4.12 to 4.13.1 in /plugins/sonarapi-report

    Bumps junit from 4.12 to 4.13.1.

    Release notes

    Sourced from junit's releases.

    JUnit 4.13.1

    Please refer to the release notes for details.

    JUnit 4.13

    Please refer to the release notes for details.

    JUnit 4.13 RC 2

    Please refer to the release notes for details.

    JUnit 4.13 RC 1

    Please refer to the release notes for details.

    JUnit 4.13 Beta 3

    Please refer to the release notes for details.

    JUnit 4.13 Beta 2

    Please refer to the release notes for details.

    JUnit 4.13 Beta 1

    Please refer to the release notes for details.

    Commits
    • 1b683f4 [maven-release-plugin] prepare release r4.13.1
    • ce6ce3a Draft 4.13.1 release notes
    • c29dd82 Change version to 4.13.1-SNAPSHOT
    • 1d17486 Add a link to assertThrows in exception testing
    • 543905d Use separate line for annotation in Javadoc
    • 510e906 Add sub headlines to class Javadoc
    • 610155b Merge pull request from GHSA-269g-pwp5-87pp
    • b6cfd1e Explicitly wrap float parameter for consistency (#1671)
    • a5d205c Fix GitHub link in FAQ (#1672)
    • 3a5c6b4 Deprecated since jdk9 replacing constructor instance of Double and Float (#1660)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump junit from 4.12 to 4.13.1 in /plugins/thanosapi-report

    Bump junit from 4.12 to 4.13.1 in /plugins/thanosapi-report

    Bumps junit from 4.12 to 4.13.1.

    Release notes

    Sourced from junit's releases.

    JUnit 4.13.1

    Please refer to the release notes for details.

    JUnit 4.13

    Please refer to the release notes for details.

    JUnit 4.13 RC 2

    Please refer to the release notes for details.

    JUnit 4.13 RC 1

    Please refer to the release notes for details.

    JUnit 4.13 Beta 3

    Please refer to the release notes for details.

    JUnit 4.13 Beta 2

    Please refer to the release notes for details.

    JUnit 4.13 Beta 1

    Please refer to the release notes for details.

    Commits
    • 1b683f4 [maven-release-plugin] prepare release r4.13.1
    • ce6ce3a Draft 4.13.1 release notes
    • c29dd82 Change version to 4.13.1-SNAPSHOT
    • 1d17486 Add a link to assertThrows in exception testing
    • 543905d Use separate line for annotation in Javadoc
    • 510e906 Add sub headlines to class Javadoc
    • 610155b Merge pull request from GHSA-269g-pwp5-87pp
    • b6cfd1e Explicitly wrap float parameter for consistency (#1671)
    • a5d205c Fix GitHub link in FAQ (#1672)
    • 3a5c6b4 Deprecated since jdk9 replacing constructor instance of Double and Float (#1660)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump junit from 4.12 to 4.13.1 in /plugins/dependencytrack-publisher

    Bump junit from 4.12 to 4.13.1 in /plugins/dependencytrack-publisher

    Bumps junit from 4.12 to 4.13.1.

    Release notes

    Sourced from junit's releases.

    JUnit 4.13.1

    Please refer to the release notes for details.

    JUnit 4.13

    Please refer to the release notes for details.

    JUnit 4.13 RC 2

    Please refer to the release notes for details.

    JUnit 4.13 RC 1

    Please refer to the release notes for details.

    JUnit 4.13 Beta 3

    Please refer to the release notes for details.

    JUnit 4.13 Beta 2

    Please refer to the release notes for details.

    JUnit 4.13 Beta 1

    Please refer to the release notes for details.

    Commits
    • 1b683f4 [maven-release-plugin] prepare release r4.13.1
    • ce6ce3a Draft 4.13.1 release notes
    • c29dd82 Change version to 4.13.1-SNAPSHOT
    • 1d17486 Add a link to assertThrows in exception testing
    • 543905d Use separate line for annotation in Javadoc
    • 510e906 Add sub headlines to class Javadoc
    • 610155b Merge pull request from GHSA-269g-pwp5-87pp
    • b6cfd1e Explicitly wrap float parameter for consistency (#1671)
    • a5d205c Fix GitHub link in FAQ (#1672)
    • 3a5c6b4 Deprecated since jdk9 replacing constructor instance of Double and Float (#1660)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump client-java from 10.0.0 to 10.0.1 in /plugins/kubernetesapi-report

    Bump client-java from 10.0.0 to 10.0.1 in /plugins/kubernetesapi-report

    Bumps client-java from 10.0.0 to 10.0.1.

    Release notes

    Sourced from client-java's releases.

    Release 10.0.1

    Release Notes:

    • Fixes path normalization for files in Copy (#1426)
    Changelog

    Sourced from client-java's changelog.

    12.0.0

    • Features
      • Kubernetes spec to v1.20.x
      • Switching datetime library from joda-time to jdk's OffsetDateTime (#1418)
        • Joda-time is under deprecation
        • Support millis-second precision in timestamp
      • Introducing DynamicKubernetesApi which extends GenericKubernetesApi and packs kubernetes resources into a dynamic object. (#1528)
      • Adding updateStatus() convenience for GenericKubernetesApi (#1470)
    • Bugfix
      • Fixes the patch content sent by event-logger. (#1559, #1569)
    • Misc

    11.0.0

    • Kubernetes spec to v1.19.x
    • Bug fixes
    Commits
    • d2bab91 [maven-release-plugin] prepare release client-java-parent-10.0.1
    • 858316a Merge pull request #1450 from kubernetes-client/release-10.0.1
    • eb2cfe9 Add path normalization for archive files.
    • eb0f078 [maven-release-plugin] prepare for next development iteration
    • See full diff in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump junit from 4.12 to 4.13.1 in /plugins/kubernetesapi-report

    Bump junit from 4.12 to 4.13.1 in /plugins/kubernetesapi-report

    Bumps junit from 4.12 to 4.13.1.

    Release notes

    Sourced from junit's releases.

    JUnit 4.13.1

    Please refer to the release notes for details.

    JUnit 4.13

    Please refer to the release notes for details.

    JUnit 4.13 RC 2

    Please refer to the release notes for details.

    JUnit 4.13 RC 1

    Please refer to the release notes for details.

    JUnit 4.13 Beta 3

    Please refer to the release notes for details.

    JUnit 4.13 Beta 2

    Please refer to the release notes for details.

    JUnit 4.13 Beta 1

    Please refer to the release notes for details.

    Commits
    • 1b683f4 [maven-release-plugin] prepare release r4.13.1
    • ce6ce3a Draft 4.13.1 release notes
    • c29dd82 Change version to 4.13.1-SNAPSHOT
    • 1d17486 Add a link to assertThrows in exception testing
    • 543905d Use separate line for annotation in Javadoc
    • 510e906 Add sub headlines to class Javadoc
    • 610155b Merge pull request from GHSA-269g-pwp5-87pp
    • b6cfd1e Explicitly wrap float parameter for consistency (#1671)
    • a5d205c Fix GitHub link in FAQ (#1672)
    • 3a5c6b4 Deprecated since jdk9 replacing constructor instance of Double and Float (#1660)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Upgrade multirabbit reposity to use github packages

    Upgrade multirabbit reposity to use github packages

    Multirabbit artifact is now deployed in githuhub packages due to the deprecation of bintray. Upgrade Sauron dependencies to use the latest version from github packages to fix Sauron Service build.

    PS: Check compatibility with the current version

    Sauron dependency: https://github.com/freenowtech/sauron/blob/main/sauron-service/pom.xml#L137 Multirabbit: https://github.com/freenowtech/spring-multirabbit/releases/tag/spring-multirabbit-parent-2.3.1

    bug 
    opened by sergioasantiago 0
Releases(sauron-service-1.0.20)
Owner
FREENOWTech
FREENOWTech
Simple API, Complex Emails (JavaMail smtp wrapper)

Simple Java Mail Simple Java Mail is the simplest to use lightweight mailing library for Java, while being able to send complex emails including CLI s

Benny Bottema 819 Mar 12, 2021
Ultra-fast SQL-like queries on Java collections

CQEngine - Collection Query Engine CQEngine – Collection Query Engine – is a high-performance Java collection which can be searched with SQL-like quer

Niall Gallagher 1.3k Mar 12, 2021
API gateway for REST and SOAP written in Java.

Membrane Service Proxy Reverse HTTP proxy (framework) written in Java, that can be used as an API gateway as a security proxy for HTTP based integrati

predic8 GmbH 354 Mar 10, 2021
Modern Java - A Guide to Java 8

Modern Java - A Guide to Java 8 This article was originally posted on my blog. You should also read my Java 11 Tutorial (including new language and AP

Benjamin Winterberg 14.5k Mar 13, 2021
Support alternative markup for Apache Maven POM files

Overview Polyglot for Maven is a set of extensions for Maven 3.3.1+ that allows the POM model to be written in dialects other than XML. Several of the

null 748 Mar 10, 2021
The easiest way to integrate Maven into your project!

Maven Wrapper Ongoing Migration to Apache Maven The project codebase has been accepted to be included in the upstream Apache Maven project itself. Cur

null 1.5k Mar 12, 2021
ThirdEye is an integrated tool for realtime monitoring of time series and interactive root-cause analysis.

ThirdEye is an integrated tool for realtime monitoring of time series and interactive root-cause analysis. It enables anyone inside an organization to collaborate on effective identification and analysis of deviations in business and system metrics. ThirdEye supports the entire workflow from anomaly detection, over root-cause analysis, to issue resolution and post-mortem reporting.

null 10 Mar 17, 2021
Make Slack and Facebook Bots in Java.

JBot Make bots in Java. JBot is a java framework (inspired by Howdyai's Botkit) to make Slack and Facebook bots in minutes. It provides all the boiler

Ram 1.1k Mar 11, 2021
Feature Flags for Java made easy

✨ ✨ ✨ FF4J - Feature Flipping for Java ✨ ✨ ✨ FF4j, is an implementation of the Feature Toggle pattern. ?? Features Feature Toggle: Enable. and disable

FF4j 898 Mar 12, 2021
A lightweight command processing pipeline ❍ ⇢ ❍ ⇢ ❍ for your Java awesome app.

PipelinR PipelinR is a lightweight command processing pipeline ❍ ⇢ ❍ ⇢ ❍ for your awesome Java app. PipelinR has been battle-proven on production, as

Eduards Sizovs 132 Mar 13, 2021
Free implementation of Play Services

microG GmsCore is a FLOSS (Free/Libre Open Source Software) framework to allow applications designed for Google Play Services to run on systems, where Play Services is not available.

microG Project 3.7k Apr 19, 2021
The WhatsApp lib for java

Gorgeous The WhatsApp lib Yowsup is no longer updated. There is no WhatsApp library available, but many people need it. I will gradually open source t

null 20 Mar 27, 2021
A Java to iOS Objective-C translation tool and runtime.

J2ObjC: Java to Objective-C Translator and Runtime Project site: https://j2objc.org J2ObjC blog: https://j2objc.blogspot.com Questions and discussion:

Google 5.8k Mar 13, 2021
Quiltflower is a fork of Fernflower adding additional features for use with the Quilt toolchain.

Quiltflower Quiltflower is a fork of Fernflower adding additional features for use with the Quilt toolchain. Changes include: Javadoc application Mult

null 19 Apr 20, 2021