Upgrade to new major dependency versions (#679)

- Updates JDK version of APP module to JDK 17
- Fixes EC signature cryptography issue caused by deprecation of secp256k1
- Updates Spring Boot to latest
- Updates Spring to latest
- Updates Tomcat to latest
- Updates Logback to latest
- Updates Hibernate validator to latest
- Replaces javax.* packages with jakarta.* in imports
- Updates controller mappings to have them present with and without trailing slash
- Adds new test to verify that both request mapping variants are present every time
- Converts some classes to records
- Replaces unnecessary getters with Lombok Getter
- Starts using toList() collector where possible
- Replaces Spring dependencies with Picocontainer in Cucumber tests
- Updates Docker base image to use latest JRE 17
- Updates readmes to indicate accurate Java version of each artifact

Resolves #373
{major}

Signed-off-by: Esta Nagy <[email protected]>

README.md

@@ -1,7 +1,7 @@
 ![LowkeyVault](.github/assets/LowkeyVault-logo-full.png)
 
 [![GitHub license](https://img.shields.io/github/license/nagyesta/lowkey-vault?color=informational)](https://raw.githubusercontent.com/nagyesta/lowkey-vault/main/LICENSE)
-[![Java version](https://img.shields.io/badge/Java%20version-11-yellow?logo=java)](https://img.shields.io/badge/Java%20version-11-yellow?logo=java)
+[![Java version](https://img.shields.io/badge/Java%20version-17%20app|11%20libs-yellow?logo=java)](https://img.shields.io/badge/Java%20version-17%20app|11%20libs-yellow?logo=java)
 [![latest-release](https://img.shields.io/github/v/tag/nagyesta/lowkey-vault?color=blue&logo=git&label=releases&sort=semver)](https://github.com/nagyesta/lowkey-vault/releases)
 [![Maven Central](https://img.shields.io/maven-central/v/com.github.nagyesta.lowkey-vault/lowkey-vault-app?logo=apache-maven)](https://search.maven.org/search?q=com.github.nagyesta.lowkey-vault)
 [![Docker Hub](https://img.shields.io/docker/v/nagyesta/lowkey-vault?label=docker%20hub&logo=docker&sort=semver)](https://hub.docker.com/r/nagyesta/lowkey-vault)

build.gradle

@@ -74,14 +74,7 @@ configure(subprojects.findAll({
         mavenCentral()
     }
 
-    java {
-        sourceCompatibility = JavaVersion.VERSION_11
-        toolchain {
-            languageVersion = JavaLanguageVersion.of(11)
-        }
-        withJavadocJar()
-        withSourcesJar()
-    }
+    javadoc.options.addStringOption('Xdoclint:none', '-quiet')
 
     jacocoTestReport {
         reports {

gradle/libs.versions.toml

@@ -1,11 +1,11 @@
 [versions]
-springBoot = "2.7.14"
-spring = "5.3.29"
+springBoot = "3.1.2"
+spring = "6.0.11"
 snakeYaml = "2.1"
-tomcat = "9.0.79"
-logback = "1.2.12"
+tomcat = "10.1.12"
+logback = "1.4.11"
 bouncycastle = "1.76"
-hibernateValidator = "6.2.5.Final"
+hibernateValidator = "8.0.1.Final"
 findbugs = "3.0.2"
 lombok = "1.18.28"
 handlebars="4.3.1"
@@ -85,7 +85,7 @@ abort-mission-cucumber = { module = "com.github.nagyesta.abort-mission.boosters:
 
 cucumber-java = { module = "io.cucumber:cucumber-java", version.ref = "cucumber" }
 cucumber-testng = { module = "io.cucumber:cucumber-testng", version.ref = "cucumber" }
-cucumber-spring = { module = "io.cucumber:cucumber-spring", version.ref = "cucumber" }
+cucumber-picocontainer = { module = "io.cucumber:cucumber-picocontainer", version.ref = "cucumber" }
 
 jackson-bom = { module = "com.fasterxml.jackson:jackson-bom", version.ref = "jacksonBom" }
 jackson-core = { module = "com.fasterxml.jackson.core:jackson-core", version.ref = "jackson" }
@@ -104,7 +104,7 @@ spring-boot-app = [
 ]
 spring-test = ["spring-boot-starter-test", "spring-test", "snake-yaml"]
 logback = ["logback-classic", "logback-core"]
-cucumber = ["cucumber-java", "cucumber-testng", "cucumber-spring"]
+cucumber = ["cucumber-java", "cucumber-testng", "cucumber-picocontainer"]
 jackson = ["jackson-core", "jackson-annotations", "jackson-databind", "jackson-dataformat-xml", "jackson-datatype-jsr310"]
 tomcat = [
     "tomcat-annotations-api", "tomcat-jsp-api", "tomcat-embed-core", "tomcat-embed-el", "tomcat-embed-jasper", "tomcat-embed-websocket"

lowkey-vault-app/README.md

@@ -1,7 +1,7 @@
 ![LowkeyVault](../.github/assets/LowkeyVault-logo-full.png)
 
 [![GitHub license](https://img.shields.io/github/license/nagyesta/lowkey-vault?color=informational)](https://raw.githubusercontent.com/nagyesta/lowkey-vault/main/LICENSE)
-[![Java version](https://img.shields.io/badge/Java%20version-11-yellow?logo=java)](https://img.shields.io/badge/Java%20version-11-yellow?logo=java)
+[![Java version](https://img.shields.io/badge/Java%20version-17-yellow?logo=java)](https://img.shields.io/badge/Java%20version-17-yellow?logo=java)
 [![latest-release](https://img.shields.io/github/v/tag/nagyesta/lowkey-vault?color=blue&logo=git&label=releases&sort=semver)](https://github.com/nagyesta/lowkey-vault/releases)
 [![Docker Hub](https://img.shields.io/docker/v/nagyesta/lowkey-vault?label=docker%20hub&logo=docker&sort=semver)](https://hub.docker.com/r/nagyesta/lowkey-vault)
 [![JavaCI](https://img.shields.io/github/actions/workflow/status/nagyesta/lowkey-vault/gradle.yml?logo=github&branch=main)](https://github.com/nagyesta/lowkey-vault/actions/workflows/gradle.yml)
@@ -71,7 +71,7 @@ argument.
         2. ```hostname:port``` (e.g. ```localhost:8443```)
            meaning, that we want to register an alias to exactly that host and port, which is defined
         3. ```hostname:<port>``` (e.g. ```localhost:<port>```)
-           meaning that we want to register an alias to the the host defined in the ```hostname``` using the port set with
+           meaning that we want to register an alias to the host defined in the ```hostname``` using the port set with
            ```--server.port```
 
 ```shell

lowkey-vault-app/build.gradle

@@ -28,6 +28,15 @@ dependencies {
     testImplementation libs.abort.mission.jupiter
 }
 
+java {
+    sourceCompatibility = JavaVersion.VERSION_17
+    toolchain {
+        languageVersion = JavaLanguageVersion.of(17)
+    }
+    withJavadocJar()
+    withSourcesJar()
+}
+
 test {
     outputs.file(file("$buildDir/reports/abort-mission/abort-mission-report.json"))
     useJUnitPlatform()
@@ -36,6 +45,7 @@ test {
     systemProperty("junit.jupiter.execution.parallel.mode.default", "concurrent")
     systemProperty("junit.jupiter.execution.parallel.mode.classes.default", "concurrent")
 }
+
 abortMission {
     toolVersion libs.versions.abortMission.get()
 }
@@ -50,11 +60,12 @@ processResources {
 jar {
     enabled = false
 }
+
 bootJar {
     archiveVersion.value(project.version as String)
 }
 
-task regenerateCertJks(type: Exec) {
+tasks.register('regenerateCertJks', Exec) {
     outputs.file("${project.projectDir}/src/main/resources/cert/keystore.jks")
     workingDir file("${project.projectDir}/src/main/resources/cert")
     outputs.upToDateWhen { false }
@@ -80,7 +91,7 @@ task regenerateCertJks(type: Exec) {
     logging.captureStandardOutput LogLevel.INFO
     logging.captureStandardError LogLevel.ERROR
 }
-task regenerateCert(type: Exec) {
+tasks.register('regenerateCert', Exec) {
     outputs.file("${project.projectDir}/src/main/resources/cert/keystore.p12")
     outputs.file("${project.projectDir}/src/main/resources/cert/keystore.jks")
     inputs.file("${project.projectDir}/src/main/resources/cert/keystore.jks")

lowkey-vault-app/src/main/java/com/github/nagyesta/lowkeyvault/context/CertificateConverterConfiguration.java

@@ -3,16 +3,18 @@
 import com.github.nagyesta.lowkeyvault.mapper.common.registry.CertificateConverterRegistry;
 import com.github.nagyesta.lowkeyvault.mapper.v7_3.certificate.*;
 import com.github.nagyesta.lowkeyvault.service.vault.VaultService;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.DependsOn;
 
 @Configuration
 public class CertificateConverterConfiguration {
 
-    @Autowired
-    private VaultService vaultService;
+    private final VaultService vaultService;
+
+    public CertificateConverterConfiguration(final VaultService vaultService) {
+        this.vaultService = vaultService;
+    }
 
     @Bean
     public CertificateConverterRegistry certificateConverterRegistry() {

lowkey-vault-app/src/main/java/com/github/nagyesta/lowkeyvault/controller/PingController.java

@@ -7,7 +7,7 @@
 @RestController
 public class PingController {
 
-    @GetMapping("/ping")
+    @GetMapping(value = {"/ping", "/ping/"})
     public ResponseEntity<String> ping() {
         return ResponseEntity.ok("pong");
     }

lowkey-vault-app/src/main/java/com/github/nagyesta/lowkeyvault/controller/VaultBackupManagementController.java

@@ -46,9 +46,7 @@ public VaultBackupManagementController(@NonNull final VaultImporter vaultImporte
 
     @Override
     public void afterPropertiesSet() {
-        vaultImporter.getVaults().forEach((baseUri, vault) -> {
-            vaultImportExportExecutor.restoreVault(vaultImporter, baseUri, vault);
-        });
+        vaultImporter.getVaults().forEach((baseUri, vault) -> vaultImportExportExecutor.restoreVault(vaultImporter, baseUri, vault));
     }
 
     @Operation(
@@ -64,7 +62,7 @@ public void afterPropertiesSet() {
                                     schema = @Schema(implementation = ErrorModel.class)
                             ))},
             requestBody = @RequestBody(content = @Content(mediaType = MimeTypeUtils.APPLICATION_JSON_VALUE)))
-    @GetMapping("/export")
+    @GetMapping(value = {"/export", "/export/"})
     public ResponseEntity<VaultBackupListModel> export() {
         log.info("Received request to export active vaults.");
         final List<VaultBackupModel> backupModels = vaultImportExportExecutor.backupVaultList(vaultService);

lowkey-vault-app/src/main/java/com/github/nagyesta/lowkeyvault/controller/VaultManagementController.java

@@ -12,16 +12,15 @@
 import io.swagger.v3.oas.annotations.media.Schema;
 import io.swagger.v3.oas.annotations.parameters.RequestBody;
 import io.swagger.v3.oas.annotations.responses.ApiResponse;
+import jakarta.validation.Valid;
 import lombok.NonNull;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.*;
 
-import javax.validation.Valid;
 import java.net.URI;
 import java.util.List;
-import java.util.stream.Collectors;
 
 import static com.github.nagyesta.lowkeyvault.openapi.Examples.*;
 import static org.springframework.util.MimeTypeUtils.APPLICATION_JSON_VALUE;
@@ -57,7 +56,7 @@ public VaultManagementController(@NonNull final VaultService vaultService,
                             content = @Content(mediaType = APPLICATION_JSON_VALUE, schema = @Schema(implementation = ErrorModel.class)))},
             requestBody = @RequestBody(
                     content = @Content(mediaType = APPLICATION_JSON_VALUE, schema = @Schema(implementation = VaultModel.class))))
-    @PostMapping
+    @PostMapping(value = {"", "/"})
     public ResponseEntity<VaultModel> createVault(@Valid @org.springframework.web.bind.annotation.RequestBody final VaultModel model) {
         log.info("Received request to create vault with uri: {}, recovery level: {}, recoverable days: {}",
                 model.getBaseUri(), model.getRecoveryLevel(), model.getRecoverableDays());
@@ -75,12 +74,12 @@ public ResponseEntity<VaultModel> createVault(@Valid @org.springframework.web.bi
                     @ApiResponse(responseCode = "500", description = "Internal error",
                             content = @Content(mediaType = APPLICATION_JSON_VALUE, schema = @Schema(implementation = ErrorModel.class)))},
             requestBody = @RequestBody(content = @Content(mediaType = APPLICATION_JSON_VALUE)))
-    @GetMapping
+    @GetMapping(value = {"", "/"})
     public ResponseEntity<List<VaultModel>> listVaults() {
         log.info("Received request to list vaults.");
         final List<VaultModel> vaultFake = vaultService.list().stream()
                 .map(vaultFakeToVaultModelConverter::convertNonNull)
-                .collect(Collectors.toUnmodifiableList());
+                .toList();
         log.info("Returning {} vaults.", vaultFake.size());
         return ResponseEntity.ok(vaultFake);
     }
@@ -94,12 +93,12 @@ public ResponseEntity<List<VaultModel>> listVaults() {
                     @ApiResponse(responseCode = "500", description = "Internal error",
                             content = @Content(mediaType = APPLICATION_JSON_VALUE, schema = @Schema(implementation = ErrorModel.class)))},
             requestBody = @RequestBody(content = @Content(mediaType = APPLICATION_JSON_VALUE)))
-    @GetMapping("/deleted")
+    @GetMapping(value = {"/deleted", "/deleted/"})
     public ResponseEntity<List<VaultModel>> listDeletedVaults() {
         log.info("Received request to list deleted vaults.");
         final List<VaultModel> vaultFake = vaultService.listDeleted().stream()
                 .map(vaultFakeToVaultModelConverter::convertNonNull)
-                .collect(Collectors.toUnmodifiableList());
+                .toList();
         log.info("Returning {} vaults.", vaultFake.size());
         return ResponseEntity.ok(vaultFake);
     }
@@ -117,9 +116,10 @@ public ResponseEntity<List<VaultModel>> listDeletedVaults() {
                     @ApiResponse(responseCode = "500", description = "Internal error",
                             content = @Content(mediaType = APPLICATION_JSON_VALUE, schema = @Schema(implementation = ErrorModel.class)))},
             parameters = {
-                    @Parameter(name = "baseUri", example = BASE_URI, description = "The base URI of the vault we want delete.")},
+                    @Parameter(name = "baseUri",
+                            example = BASE_URI, description = "The base URI of the vault we want delete.", required = true)},
             requestBody = @RequestBody(content = @Content(mediaType = APPLICATION_JSON_VALUE)))
-    @DeleteMapping
+    @DeleteMapping(value = {"", "/"})
     public ResponseEntity<Boolean> deleteVault(@RequestParam final URI baseUri) {
         log.info("Received request to delete vault with uri: {}", baseUri);
         return ResponseEntity.ok(vaultService.delete(baseUri));
@@ -137,9 +137,10 @@ public ResponseEntity<Boolean> deleteVault(@RequestParam final URI baseUri) {
                     @ApiResponse(responseCode = "500", description = "Internal error",
                             content = @Content(mediaType = APPLICATION_JSON_VALUE, schema = @Schema(implementation = ErrorModel.class)))},
             parameters = {
-                    @Parameter(name = "baseUri", example = BASE_URI, description = "The base URI of the vault we want to recover.")},
+                    @Parameter(name = "baseUri",
+                            example = BASE_URI, description = "The base URI of the vault we want to recover.", required = true)},
             requestBody = @RequestBody(content = @Content(mediaType = APPLICATION_JSON_VALUE)))
-    @PutMapping("/recover")
+    @PutMapping(value = {"/recover", "/recover/"})
     public ResponseEntity<VaultModel> recoverVault(@RequestParam final URI baseUri) {
         log.info("Received request to recover deleted vault with uri: {}", baseUri);
         vaultService.recover(baseUri);
@@ -160,9 +161,10 @@ public ResponseEntity<VaultModel> recoverVault(@RequestParam final URI baseUri)
                     @ApiResponse(responseCode = "500", description = "Internal error",
                             content = @Content(mediaType = APPLICATION_JSON_VALUE, schema = @Schema(implementation = ErrorModel.class)))},
             parameters = {
-                    @Parameter(name = "baseUri", example = BASE_URI, description = "The base URI of the vault we want to purge.")},
+                    @Parameter(name = "baseUri",
+                            example = BASE_URI, description = "The base URI of the vault we want to purge.", required = true)},
             requestBody = @RequestBody(content = @Content(mediaType = APPLICATION_JSON_VALUE)))
-    @DeleteMapping("/purge")
+    @DeleteMapping(value = {"/purge", "/purge/"})
     public ResponseEntity<Boolean> purgeVault(@RequestParam final URI baseUri) {
         log.info("Received request to purge deleted vault with uri: {}", baseUri);
         return ResponseEntity.ok(vaultService.purge(baseUri));
@@ -181,13 +183,13 @@ public ResponseEntity<Boolean> purgeVault(@RequestParam final URI baseUri) {
                             content = @Content(mediaType = APPLICATION_JSON_VALUE, schema = @Schema(implementation = ErrorModel.class)))},
             parameters = {
                     @Parameter(name = "baseUri", example = BASE_URI,
-                            description = "The base URI of the vault we want to update."),
+                            description = "The base URI of the vault we want to update.", required = true),
                     @Parameter(name = "add", example = ALIAS1,
-                            description = "The base URI we want to add to the aliases of the vault.", required = false),
+                            description = "The base URI we want to add to the aliases of the vault."),
                     @Parameter(name = "remove", example = ALIAS2,
-                            description = "The base URI we want to remove from the aliases of the vault.", required = false)},
+                            description = "The base URI we want to remove from the aliases of the vault.")},
             requestBody = @RequestBody(content = @Content(mediaType = APPLICATION_JSON_VALUE)))
-    @PatchMapping("/alias")
+    @PatchMapping(value = {"/alias", "/alias/"})
     public ResponseEntity<VaultModel> aliasUpdate(@RequestParam final URI baseUri,
                                                   @RequestParam(required = false) final URI add,
                                                   @RequestParam(required = false) final URI remove) {
@@ -206,11 +208,11 @@ public ResponseEntity<VaultModel> aliasUpdate(@RequestParam final URI baseUri,
                     @ApiResponse(responseCode = "500", description = "Internal error",
                             content = @Content(mediaType = APPLICATION_JSON_VALUE, schema = @Schema(implementation = ErrorModel.class)))},
             parameters = {
-                    @Parameter(name = "seconds", example = ONE, description = "The number of seconds we want to shift."),
+                    @Parameter(name = "seconds", example = ONE, description = "The number of seconds we want to shift.", required = true),
                     @Parameter(name = "regenerateCertificates", example = FALSE,
                             description = "Whether we allow regeneration of certificates to let their validity match the new time-frame.")},
             requestBody = @RequestBody(content = @Content(mediaType = APPLICATION_JSON_VALUE)))
-    @PutMapping(value = "/time/all", params = {"seconds"})
+    @PutMapping(value = {"/time/all", "/time/all/"}, params = {"seconds"})
     public ResponseEntity<Void> timeShiftAll(
             @RequestParam final int seconds,
             @RequestParam(required = false, defaultValue = "false") final boolean regenerateCertificates) {
@@ -232,12 +234,13 @@ public ResponseEntity<Void> timeShiftAll(
                     @ApiResponse(responseCode = "500", description = "Internal error",
                             content = @Content(mediaType = APPLICATION_JSON_VALUE, schema = @Schema(implementation = ErrorModel.class)))},
             parameters = {
-                    @Parameter(name = "seconds", example = ONE, description = "The number of seconds we want to shift."),
-                    @Parameter(name = "baseUri", example = BASE_URI, description = "The base URI of the vault we want to shift."),
+                    @Parameter(name = "seconds", example = ONE, description = "The number of seconds we want to shift.", required = true),
+                    @Parameter(name = "baseUri",
+                            example = BASE_URI, description = "The base URI of the vault we want to shift.", required = true),
                     @Parameter(name = "regenerateCertificates", example = FALSE,
                             description = "Whether we allow regeneration of certificates to let their validity match the new time-frame.")},
             requestBody = @RequestBody(content = @Content(mediaType = APPLICATION_JSON_VALUE)))
-    @PutMapping(value = "/time", params = {"baseUri", "seconds"})
+    @PutMapping(value = {"/time", "/time/" }, params = {"baseUri", "seconds"})
     public ResponseEntity<Void> timeShiftSingle(
             @RequestParam final URI baseUri, @RequestParam final int seconds,
             @RequestParam(required = false, defaultValue = "false") final boolean regenerateCertificates) {