From b35e0907ff4b80cd9721340a1d39b72a54632394 Mon Sep 17 00:00:00 2001 From: Kai Hudalla Date: Thu, 9 Jun 2022 14:48:07 +0200 Subject: [PATCH] [#3285] Support mongodb+srv scheme in connection string The mongodb+srv scheme requires JNDI to be available in the JRE. However, Quarkus by default disables JNDI for security reasons. The MongoDB based registry now uses the Quarkus Mongo Client extension which enables JNDI in JVM mode and provides means to use vert.x DNS resolver instead of JNDI when running as a native executable, where JNDI is not available by definition. Fixes #3285 Signed-off-by: Kai Hudalla --- legal/src/main/resources/legal/DEPENDENCIES | 6 ++++++ legal/src/main/resources/legal/hono-maven.deps | 6 ++++++ .../app/AbstractDeviceRegistryApplication.java | 14 +++++++++----- services/device-registry-mongodb/pom.xml | 4 ++++ .../deviceregistry/mongodb/app/DaoProducer.java | 2 +- .../src/main/resources/application.properties | 4 +++- 6 files changed, 29 insertions(+), 7 deletions(-) diff --git a/legal/src/main/resources/legal/DEPENDENCIES b/legal/src/main/resources/legal/DEPENDENCIES index 998c9051a3..4e0f2d6c26 100644 --- a/legal/src/main/resources/legal/DEPENDENCIES +++ b/legal/src/main/resources/legal/DEPENDENCIES @@ -122,7 +122,9 @@ maven/mavencentral/io.quarkus/quarkus-kubernetes-client-internal/2.8.3.Final, Ap maven/mavencentral/io.quarkus/quarkus-logging-gelf/2.8.3.Final, Apache-2.0, approved, clearlydefined maven/mavencentral/io.quarkus/quarkus-micrometer/2.8.3.Final, Apache-2.0, approved, clearlydefined maven/mavencentral/io.quarkus/quarkus-micrometer-registry-prometheus/2.8.3.Final, Apache-2.0, approved, clearlydefined +maven/mavencentral/io.quarkus/quarkus-mongodb-client/2.8.3.Final, Apache-2.0, approved, clearlydefined maven/mavencentral/io.quarkus/quarkus-mutiny/2.8.3.Final, Apache-2.0, approved, clearlydefined +maven/mavencentral/io.quarkus/quarkus-mutiny-reactive-streams-operators/2.8.3.Final, Apache-2.0, approved, clearlydefined maven/mavencentral/io.quarkus/quarkus-netty/2.8.3.Final, Apache-2.0, approved, clearlydefined maven/mavencentral/io.quarkus/quarkus-opentelemetry/2.8.3.Final, Apache-2.0, approved, clearlydefined maven/mavencentral/io.quarkus/quarkus-opentelemetry-exporter-otlp/2.8.3.Final, Apache-2.0, approved, clearlydefined @@ -147,6 +149,7 @@ maven/mavencentral/io.smallrye.config/smallrye-config-common/2.9.2, Apache-2.0, maven/mavencentral/io.smallrye.config/smallrye-config-core/2.9.2, Apache-2.0, approved, clearlydefined maven/mavencentral/io.smallrye.config/smallrye-config-source-yaml/2.9.2, Apache-2.0, approved, clearlydefined maven/mavencentral/io.smallrye.reactive/mutiny/1.4.0, Apache-2.0, approved, clearlydefined +maven/mavencentral/io.smallrye.reactive/mutiny-reactive-streams-operators/1.4.0, Apache-2.0, approved, clearlydefined maven/mavencentral/io.smallrye.reactive/mutiny-smallrye-context-propagation/1.4.0, Apache-2.0, approved, clearlydefined maven/mavencentral/io.smallrye.reactive/smallrye-mutiny-vertx-auth-common/2.21.0, Apache-2.0, approved, clearlydefined maven/mavencentral/io.smallrye.reactive/smallrye-mutiny-vertx-bridge-common/2.21.0, Apache-2.0, approved, clearlydefined @@ -189,6 +192,7 @@ maven/mavencentral/jakarta.interceptor/jakarta.interceptor-api/1.2.5, , approved maven/mavencentral/jakarta.transaction/jakarta.transaction-api/1.3.3, , approved, eclipse maven/mavencentral/jakarta.ws.rs/jakarta.ws.rs-api/2.1.6, , approved, ee4j.jaxrs maven/mavencentral/jakarta.xml.bind/jakarta.xml.bind-api/2.3.3, BSD-3-Clause, approved, ee4j.jaxb +maven/mavencentral/net.java.dev.jna/jna/5.8.0, Apache-2.0 OR LGPL-2.1-or-later, approved, CQ23217 maven/mavencentral/org.apache.commons/commons-collections4/4.2, Apache-2.0, approved, clearlydefined maven/mavencentral/org.apache.commons/commons-compress/1.21, Apache-2.0 AND BSD-3-Clause AND bzip2-1.0.6 AND LicenseRef-Public-Domain, approved, CQ23710 maven/mavencentral/org.apache.kafka/kafka-clients/2.8.1, Apache-2.0, approved, clearlydefined @@ -217,8 +221,10 @@ maven/mavencentral/org.jline/jline/3.19.0, BSD-3-Clause, approved, clearlydefine maven/mavencentral/org.latencyutils/LatencyUtils/2.0.3, BSD-2-Clause, approved, CQ17408 maven/mavencentral/org.lz4/lz4-java/1.8.0, Apache-2.0, approved, clearlydefined maven/mavencentral/org.mongodb/bson/4.3.4, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.mongodb/mongodb-crypt/1.2.1, Apache-2.0, approved, clearlydefined maven/mavencentral/org.mongodb/mongodb-driver-core/4.3.4, Apache-2.0, approved, clearlydefined maven/mavencentral/org.mongodb/mongodb-driver-reactivestreams/4.3.4, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.mongodb/mongodb-driver-sync/4.3.4, Apache-2.0, approved, clearlydefined maven/mavencentral/org.postgresql/postgresql/42.3.3, BSD-2-Clause, approved, #2487 maven/mavencentral/org.reactivestreams/reactive-streams/1.0.3, CC0-1.0, approved, CQ16332 maven/mavencentral/org.slf4j/slf4j-api/1.7.36, MIT, approved, CQ13368 diff --git a/legal/src/main/resources/legal/hono-maven.deps b/legal/src/main/resources/legal/hono-maven.deps index 3524275af4..9b7742807c 100644 --- a/legal/src/main/resources/legal/hono-maven.deps +++ b/legal/src/main/resources/legal/hono-maven.deps @@ -122,7 +122,9 @@ io.quarkus:quarkus-kubernetes-client:jar:2.8.3.Final io.quarkus:quarkus-logging-gelf:jar:2.8.3.Final io.quarkus:quarkus-micrometer:jar:2.8.3.Final io.quarkus:quarkus-micrometer-registry-prometheus:jar:2.8.3.Final +io.quarkus:quarkus-mongodb-client:jar:2.8.3.Final io.quarkus:quarkus-mutiny:jar:2.8.3.Final +io.quarkus:quarkus-mutiny-reactive-streams-operators:jar:2.8.3.Final io.quarkus:quarkus-netty:jar:2.8.3.Final io.quarkus:quarkus-opentelemetry-exporter-otlp:jar:2.8.3.Final io.quarkus:quarkus-opentelemetry:jar:2.8.3.Final @@ -147,6 +149,7 @@ io.smallrye.config:smallrye-config-core:jar:2.9.2 io.smallrye.config:smallrye-config:jar:2.9.2 io.smallrye.config:smallrye-config-source-yaml:jar:2.9.2 io.smallrye.reactive:mutiny:jar:1.4.0 +io.smallrye.reactive:mutiny-reactive-streams-operators:jar:1.4.0 io.smallrye.reactive:mutiny-smallrye-context-propagation:jar:1.4.0 io.smallrye.reactive:smallrye-mutiny-vertx-auth-common:jar:2.21.0 io.smallrye.reactive:smallrye-mutiny-vertx-bridge-common:jar:2.21.0 @@ -189,6 +192,7 @@ jakarta.interceptor:jakarta.interceptor-api:jar:1.2.5 jakarta.transaction:jakarta.transaction-api:jar:1.3.3 jakarta.ws.rs:jakarta.ws.rs-api:jar:2.1.6 jakarta.xml.bind:jakarta.xml.bind-api:jar:2.3.3 +net.java.dev.jna:jna:jar:5.8.0 org.apache.commons:commons-collections4:jar:4.2 org.apache.commons:commons-compress:jar:1.21 org.apache.kafka:kafka-clients:jar:2.8.1 @@ -217,8 +221,10 @@ org.jline:jline:jar:3.19.0 org.latencyutils:LatencyUtils:jar:2.0.3 org.lz4:lz4-java:jar:1.8.0 org.mongodb:bson:jar:4.3.4 +org.mongodb:mongodb-crypt:jar:1.2.1 org.mongodb:mongodb-driver-core:jar:4.3.4 org.mongodb:mongodb-driver-reactivestreams:jar:4.3.4 +org.mongodb:mongodb-driver-sync:jar:4.3.4 org.postgresql:postgresql:jar:42.3.3 org.reactivestreams:reactive-streams:jar:1.0.3 org.slf4j:slf4j-api:jar:1.7.36 diff --git a/services/device-registry-base/src/main/java/org/eclipse/hono/deviceregistry/app/AbstractDeviceRegistryApplication.java b/services/device-registry-base/src/main/java/org/eclipse/hono/deviceregistry/app/AbstractDeviceRegistryApplication.java index 245acb06fd..0606423425 100644 --- a/services/device-registry-base/src/main/java/org/eclipse/hono/deviceregistry/app/AbstractDeviceRegistryApplication.java +++ b/services/device-registry-base/src/main/java/org/eclipse/hono/deviceregistry/app/AbstractDeviceRegistryApplication.java @@ -65,15 +65,17 @@ protected void doStart() { log.info("successfully deployed authentication service verticle"); deploymentResult.put("authentication service verticle", "successfully deployed"); registerHealthCheckProvider(authenticationService); - }); + }) + .onFailure(t -> log.error("failed to deploy authentication service verticle", t)); // deploy notification sender (once only) final Future notificationSenderDeploymentTracker = vertx.deployVerticle( new WrappedLifecycleComponentVerticle(notificationSender)) .onSuccess(ok -> { - log.info("successfully deployed notification sender verticle(s)"); + log.info("successfully deployed notification sender verticle"); deploymentResult.put("notification sender verticle", "successfully deployed"); - }); + }) + .onFailure(t -> log.error("failed to deploy notification sender verticle", t)); // deploy AMQP 1.0 server @@ -83,7 +85,8 @@ protected void doStart() { .onSuccess(ok -> { log.info("successfully deployed AMQP server verticle(s)"); deploymentResult.put("AMQP server verticle(s)", "successfully deployed"); - }); + }) + .onFailure(t -> log.error("failed to deploy AMQP server verticle(s)", t)); // deploy HTTP server final Future httpServerDeploymentTracker = vertx.deployVerticle( @@ -92,7 +95,8 @@ protected void doStart() { .onSuccess(ok -> { log.info("successfully deployed HTTP server verticle(s)"); deploymentResult.put("HTTP server verticle(s)", "successfully deployed"); - }); + }) + .onFailure(t -> log.error("failed to deploy HTTP server verticle(s)", t)); CompositeFuture.all( authServiceDeploymentTracker, diff --git a/services/device-registry-mongodb/pom.xml b/services/device-registry-mongodb/pom.xml index 3a777e925c..9053f2e1a2 100644 --- a/services/device-registry-mongodb/pom.xml +++ b/services/device-registry-mongodb/pom.xml @@ -62,6 +62,10 @@ io.quarkus quarkus-kafka-client + + io.quarkus + quarkus-mongodb-client + diff --git a/services/device-registry-mongodb/src/main/java/org/eclipse/hono/deviceregistry/mongodb/app/DaoProducer.java b/services/device-registry-mongodb/src/main/java/org/eclipse/hono/deviceregistry/mongodb/app/DaoProducer.java index 74958d5d72..9bd43a7525 100644 --- a/services/device-registry-mongodb/src/main/java/org/eclipse/hono/deviceregistry/mongodb/app/DaoProducer.java +++ b/services/device-registry-mongodb/src/main/java/org/eclipse/hono/deviceregistry/mongodb/app/DaoProducer.java @@ -131,7 +131,7 @@ public CredentialsDao credentialsDao( final var encryptionHelper = options.encryptionKeyFile() .map(this::fieldLevelEncryption) - .orElse( FieldLevelEncryption.NOOP_ENCRYPTION); + .orElse(FieldLevelEncryption.NOOP_ENCRYPTION); final var dao = new MongoDbBasedCredentialsDao( mongoClient, diff --git a/services/device-registry-mongodb/src/main/resources/application.properties b/services/device-registry-mongodb/src/main/resources/application.properties index 35eb4801a1..564d964dd0 100644 --- a/services/device-registry-mongodb/src/main/resources/application.properties +++ b/services/device-registry-mongodb/src/main/resources/application.properties @@ -2,4 +2,6 @@ ${quarkus.application.properties} quarkus.jackson.accept-case-insensitive-enums=true # fail deserialization of JSON objects sent by clients if they contain unexpected content quarkus.jackson.fail-on-unknown-properties=true - +# this is needed in order to support mongodb+srv:// style connection strings in native executable +# see https://quarkus.io/guides/mongodb +quarkus.mongodb.native.dns.use-vertx-dns-resolver=true