commit
b5bb13bb27
@ -0,0 +1 @@
|
||||
SOURCES/parent-0.12.0.tar.gz
|
@ -0,0 +1 @@
|
||||
61ed0c2188d91bec8dc17b515087193bf9f42044 SOURCES/parent-0.12.0.tar.gz
|
@ -0,0 +1,123 @@
|
||||
From 8cbe3bee31e605d535783431bfb74c3e2867ee37 Mon Sep 17 00:00:00 2001
|
||||
From: Severin Gehwolf <sgehwolf@redhat.com>
|
||||
Date: Wed, 15 Apr 2020 17:41:17 +0200
|
||||
Subject: [PATCH] Fix CVE-2017-18640 and add a test
|
||||
|
||||
---
|
||||
collector/pom.xml | 2 +-
|
||||
.../java/io/prometheus/jmx/JmxCollector.java | 12 ++++++++-
|
||||
.../io/prometheus/jmx/JmxCollectorTest.java | 26 ++++++++++++++++---
|
||||
collector/src/test/resources/testyaml.config | 9 +++++++
|
||||
4 files changed, 44 insertions(+), 5 deletions(-)
|
||||
create mode 100644 collector/src/test/resources/testyaml.config
|
||||
|
||||
diff --git a/collector/pom.xml b/collector/pom.xml
|
||||
index 8e90d58..b58d94a 100644
|
||||
--- a/collector/pom.xml
|
||||
+++ b/collector/pom.xml
|
||||
@@ -29,7 +29,7 @@
|
||||
<dependency>
|
||||
<groupId>org.yaml</groupId>
|
||||
<artifactId>snakeyaml</artifactId>
|
||||
- <version>1.16</version>
|
||||
+ <version>1.26</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
diff --git a/collector/src/main/java/io/prometheus/jmx/JmxCollector.java b/collector/src/main/java/io/prometheus/jmx/JmxCollector.java
|
||||
index f06d3ef..a5fc96f 100644
|
||||
--- a/collector/src/main/java/io/prometheus/jmx/JmxCollector.java
|
||||
+++ b/collector/src/main/java/io/prometheus/jmx/JmxCollector.java
|
||||
@@ -3,6 +3,7 @@ package io.prometheus.jmx;
|
||||
import io.prometheus.client.Collector;
|
||||
import io.prometheus.client.Counter;
|
||||
import org.yaml.snakeyaml.Yaml;
|
||||
+import org.yaml.snakeyaml.error.YAMLException;
|
||||
|
||||
import javax.management.MalformedObjectNameException;
|
||||
import javax.management.ObjectName;
|
||||
@@ -71,7 +72,16 @@ public class JmxCollector extends Collector implements Collector.Describable {
|
||||
|
||||
public JmxCollector(File in) throws IOException, MalformedObjectNameException {
|
||||
configFile = in;
|
||||
- config = loadConfig((Map<String, Object>)new Yaml().load(new FileReader(in)));
|
||||
+ // Be defensive about loading yaml from a user. In some cases YAMLException
|
||||
+ // will be thrown for bad configs
|
||||
+ Map<String, Object> yamlConfig = null;
|
||||
+ try {
|
||||
+ yamlConfig = (Map<String, Object>)new Yaml().load(new FileReader(in));
|
||||
+ } catch (YAMLException e) {
|
||||
+ System.err.println("YAML configuration error: " + e.getMessage());
|
||||
+ throw new IllegalArgumentException(e);
|
||||
+ }
|
||||
+ config = loadConfig(yamlConfig);
|
||||
config.lastUpdate = configFile.lastModified();
|
||||
}
|
||||
|
||||
diff --git a/collector/src/test/java/io/prometheus/jmx/JmxCollectorTest.java b/collector/src/test/java/io/prometheus/jmx/JmxCollectorTest.java
|
||||
index dc35734..3d4ecf0 100644
|
||||
--- a/collector/src/test/java/io/prometheus/jmx/JmxCollectorTest.java
|
||||
+++ b/collector/src/test/java/io/prometheus/jmx/JmxCollectorTest.java
|
||||
@@ -3,15 +3,21 @@ package io.prometheus.jmx;
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.assertNotNull;
|
||||
import static org.junit.Assert.assertNull;
|
||||
+import static org.junit.Assert.assertTrue;
|
||||
import static org.junit.Assert.fail;
|
||||
|
||||
-import io.prometheus.client.Collector;
|
||||
-import io.prometheus.client.CollectorRegistry;
|
||||
+import java.io.File;
|
||||
import java.lang.management.ManagementFactory;
|
||||
+
|
||||
import javax.management.MBeanServer;
|
||||
-import org.junit.Test;
|
||||
+
|
||||
import org.junit.Before;
|
||||
import org.junit.BeforeClass;
|
||||
+import org.junit.Test;
|
||||
+import org.yaml.snakeyaml.error.YAMLException;
|
||||
+
|
||||
+import io.prometheus.client.Collector;
|
||||
+import io.prometheus.client.CollectorRegistry;
|
||||
|
||||
|
||||
public class JmxCollectorTest {
|
||||
@@ -252,4 +258,18 @@ public class JmxCollectorTest {
|
||||
Thread.sleep(2000);
|
||||
assertEquals(1.0, registry.getSampleValue("boolean_Test_True", new String[]{}, new String[]{}), .001);
|
||||
}
|
||||
+
|
||||
+ @Test
|
||||
+ public void testBillionLaughs() throws Exception {
|
||||
+ File configFile = new File(getClass().getResource("/testyaml.config").getPath());
|
||||
+ assertTrue(configFile.exists());
|
||||
+ try {
|
||||
+ JmxCollector jc = new JmxCollector(configFile);
|
||||
+ fail("Excected yaml exception due to billion laughs");
|
||||
+ } catch (IllegalArgumentException e) {
|
||||
+ Throwable ex = e.getCause();
|
||||
+ String prefix = YAMLException.class.getName() + ": ";
|
||||
+ assertEquals(prefix + "Number of aliases for non-scalar nodes exceeds the specified max=50", e.getMessage());
|
||||
+ }
|
||||
+ }
|
||||
}
|
||||
diff --git a/collector/src/test/resources/testyaml.config b/collector/src/test/resources/testyaml.config
|
||||
new file mode 100644
|
||||
index 0000000..4a3ed69
|
||||
--- /dev/null
|
||||
+++ b/collector/src/test/resources/testyaml.config
|
||||
@@ -0,0 +1,9 @@
|
||||
+a: &a ["lol","lol","lol","lol","lol","lol","lol","lol","lol"]
|
||||
+b: &b [*a,*a,*a,*a,*a,*a,*a,*a,*a]
|
||||
+c: &c [*b,*b,*b,*b,*b,*b,*b,*b,*b]
|
||||
+d: &d [*c,*c,*c,*c,*c,*c,*c,*c,*c]
|
||||
+e: &e [*d,*d,*d,*d,*d,*d,*d,*d,*d]
|
||||
+f: &f [*e,*e,*e,*e,*e,*e,*e,*e,*e]
|
||||
+g: &g [*f,*f,*f,*f,*f,*f,*f,*f,*f]
|
||||
+h: &h [*g,*g,*g,*g,*g,*g,*g,*g,*g]
|
||||
+i: &i [*h,*h,*h,*h,*h,*h,*h,*h,*h]
|
||||
\ No newline at end of file
|
||||
--
|
||||
2.21.1
|
||||
|
@ -0,0 +1,219 @@
|
||||
From fa99814967c44e654aae64802947209e2817359f Mon Sep 17 00:00:00 2001
|
||||
From: Severin Gehwolf <sgehwolf@redhat.com>
|
||||
Date: Tue, 6 Dec 2022 17:32:30 +0100
|
||||
Subject: [PATCH] Fix CVE-2022-1471 and add a test
|
||||
|
||||
---
|
||||
.../java/io/prometheus/jmx/JmxCollector.java | 34 +++++++++----
|
||||
.../io/prometheus/jmx/JmxCollectorTest.java | 51 +++++++++++++++++++
|
||||
.../test/java/io/prometheus/jmx/Person.java | 38 ++++++++++++++
|
||||
.../test/resources/testyaml_javabean.config | 6 +++
|
||||
4 files changed, 119 insertions(+), 10 deletions(-)
|
||||
create mode 100644 collector/src/test/java/io/prometheus/jmx/Person.java
|
||||
create mode 100644 collector/src/test/resources/testyaml_javabean.config
|
||||
|
||||
diff --git a/collector/src/main/java/io/prometheus/jmx/JmxCollector.java b/collector/src/main/java/io/prometheus/jmx/JmxCollector.java
|
||||
index a5fc96f..38f13ed 100644
|
||||
--- a/collector/src/main/java/io/prometheus/jmx/JmxCollector.java
|
||||
+++ b/collector/src/main/java/io/prometheus/jmx/JmxCollector.java
|
||||
@@ -1,12 +1,7 @@
|
||||
package io.prometheus.jmx;
|
||||
|
||||
-import io.prometheus.client.Collector;
|
||||
-import io.prometheus.client.Counter;
|
||||
-import org.yaml.snakeyaml.Yaml;
|
||||
-import org.yaml.snakeyaml.error.YAMLException;
|
||||
+import static java.lang.String.format;
|
||||
|
||||
-import javax.management.MalformedObjectNameException;
|
||||
-import javax.management.ObjectName;
|
||||
import java.io.File;
|
||||
import java.io.FileReader;
|
||||
import java.io.IOException;
|
||||
@@ -25,7 +20,19 @@ import java.util.logging.Logger;
|
||||
import java.util.regex.Matcher;
|
||||
import java.util.regex.Pattern;
|
||||
|
||||
-import static java.lang.String.format;
|
||||
+import javax.management.MalformedObjectNameException;
|
||||
+import javax.management.ObjectName;
|
||||
+
|
||||
+import org.yaml.snakeyaml.DumperOptions;
|
||||
+import org.yaml.snakeyaml.LoaderOptions;
|
||||
+import org.yaml.snakeyaml.Yaml;
|
||||
+import org.yaml.snakeyaml.constructor.SafeConstructor;
|
||||
+import org.yaml.snakeyaml.error.YAMLException;
|
||||
+import org.yaml.snakeyaml.representer.Representer;
|
||||
+import org.yaml.snakeyaml.resolver.Resolver;
|
||||
+
|
||||
+import io.prometheus.client.Collector;
|
||||
+import io.prometheus.client.Counter;
|
||||
|
||||
public class JmxCollector extends Collector implements Collector.Describable {
|
||||
static final Counter configReloadSuccess = Counter.build()
|
||||
@@ -76,7 +83,7 @@ public class JmxCollector extends Collector implements Collector.Describable {
|
||||
// will be thrown for bad configs
|
||||
Map<String, Object> yamlConfig = null;
|
||||
try {
|
||||
- yamlConfig = (Map<String, Object>)new Yaml().load(new FileReader(in));
|
||||
+ yamlConfig = (Map<String, Object>)createYamlInstance().load(new FileReader(in));
|
||||
} catch (YAMLException e) {
|
||||
System.err.println("YAML configuration error: " + e.getMessage());
|
||||
throw new IllegalArgumentException(e);
|
||||
@@ -86,7 +93,14 @@ public class JmxCollector extends Collector implements Collector.Describable {
|
||||
}
|
||||
|
||||
public JmxCollector(String yamlConfig) throws MalformedObjectNameException {
|
||||
- config = loadConfig((Map<String, Object>)new Yaml().load(yamlConfig));
|
||||
+ config = loadConfig((Map<String, Object>)createYamlInstance().load(yamlConfig));
|
||||
+ }
|
||||
+
|
||||
+ private static Yaml createYamlInstance() {
|
||||
+ // Equivalent to default Yaml() constructor but using SafeConstructor()
|
||||
+ // over Constructor();
|
||||
+ return new Yaml(new SafeConstructor(), new Representer(), new DumperOptions(), new LoaderOptions(),
|
||||
+ new Resolver());
|
||||
}
|
||||
|
||||
private void reloadConfig() {
|
||||
@@ -94,7 +108,7 @@ public class JmxCollector extends Collector implements Collector.Describable {
|
||||
FileReader fr = new FileReader(configFile);
|
||||
|
||||
try {
|
||||
- Map<String, Object> newYamlConfig = (Map<String, Object>)new Yaml().load(fr);
|
||||
+ Map<String, Object> newYamlConfig = (Map<String, Object>)createYamlInstance().load(fr);
|
||||
config = loadConfig(newYamlConfig);
|
||||
config.lastUpdate = configFile.lastModified();
|
||||
configReloadSuccess.inc();
|
||||
diff --git a/collector/src/test/java/io/prometheus/jmx/JmxCollectorTest.java b/collector/src/test/java/io/prometheus/jmx/JmxCollectorTest.java
|
||||
index 3d4ecf0..f499fb3 100644
|
||||
--- a/collector/src/test/java/io/prometheus/jmx/JmxCollectorTest.java
|
||||
+++ b/collector/src/test/java/io/prometheus/jmx/JmxCollectorTest.java
|
||||
@@ -8,12 +8,15 @@ import static org.junit.Assert.fail;
|
||||
|
||||
import java.io.File;
|
||||
import java.lang.management.ManagementFactory;
|
||||
+import java.nio.file.Files;
|
||||
+import java.util.stream.Collectors;
|
||||
|
||||
import javax.management.MBeanServer;
|
||||
|
||||
import org.junit.Before;
|
||||
import org.junit.BeforeClass;
|
||||
import org.junit.Test;
|
||||
+import org.yaml.snakeyaml.constructor.ConstructorException;
|
||||
import org.yaml.snakeyaml.error.YAMLException;
|
||||
|
||||
import io.prometheus.client.Collector;
|
||||
@@ -272,4 +275,52 @@ public class JmxCollectorTest {
|
||||
assertEquals(prefix + "Number of aliases for non-scalar nodes exceeds the specified max=50", e.getMessage());
|
||||
}
|
||||
}
|
||||
+
|
||||
+ @Test
|
||||
+ public void javaBeanLoadTestFile() throws Exception {
|
||||
+ try {
|
||||
+ File configFile = new File(getClass().getResource("/testyaml_javabean.config").getPath());
|
||||
+ doJavaBeanLoadTest(configFile, false);
|
||||
+ } finally {
|
||||
+ Person.fixtureReset();
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ @Test
|
||||
+ public void javaBeanLoadTestString() throws Exception {
|
||||
+ try {
|
||||
+ File configFile = new File(getClass().getResource("/testyaml_javabean.config").getPath());
|
||||
+ doJavaBeanLoadTest(configFile, true);
|
||||
+ } finally {
|
||||
+ Person.fixtureReset();
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ private void doJavaBeanLoadTest(File configFile, boolean passAsString) throws Exception {
|
||||
+ assertTrue(configFile.exists());
|
||||
+ assertEquals(0, Person.loadCount.get());
|
||||
+ try {
|
||||
+ if (passAsString) {
|
||||
+ String config = Files.readAllLines(configFile.toPath()).stream().collect(Collectors.joining("\n"));
|
||||
+ new JmxCollector(config);
|
||||
+ } else {
|
||||
+ new JmxCollector(configFile);
|
||||
+ }
|
||||
+ assertEquals("Expected Person class to not be instantiated", 0, Person.loadCount.get());
|
||||
+ } catch (ConstructorException e) {
|
||||
+ String problem = e.getProblem();
|
||||
+ assertTrue(problem.contains(Person.class.getName()));
|
||||
+ assertTrue(problem.contains("could not determine a constructor"));
|
||||
+ } catch (IllegalArgumentException e) {
|
||||
+ Throwable cause = e.getCause();
|
||||
+ if (cause instanceof ConstructorException) {
|
||||
+ ConstructorException ce = (ConstructorException) cause;
|
||||
+ String problem = ce.getProblem();
|
||||
+ assertTrue(problem.contains(Person.class.getName()));
|
||||
+ assertTrue(problem.contains("could not determine a constructor"));
|
||||
+ } else {
|
||||
+ fail("Expected ConstructorException as cause!");
|
||||
+ }
|
||||
+ }
|
||||
+ }
|
||||
}
|
||||
diff --git a/collector/src/test/java/io/prometheus/jmx/Person.java b/collector/src/test/java/io/prometheus/jmx/Person.java
|
||||
new file mode 100644
|
||||
index 0000000..e3b339a
|
||||
--- /dev/null
|
||||
+++ b/collector/src/test/java/io/prometheus/jmx/Person.java
|
||||
@@ -0,0 +1,38 @@
|
||||
+package io.prometheus.jmx;
|
||||
+
|
||||
+import java.util.concurrent.atomic.AtomicInteger;
|
||||
+
|
||||
+/**
|
||||
+ * Simple java bean (used by yaml load test)
|
||||
+ *
|
||||
+ */
|
||||
+public class Person {
|
||||
+
|
||||
+ public static final AtomicInteger loadCount = new AtomicInteger(0);
|
||||
+
|
||||
+ private String firstName;
|
||||
+ private String lastName;
|
||||
+
|
||||
+ public String getFirstName() {
|
||||
+ return firstName;
|
||||
+ }
|
||||
+
|
||||
+ public void setFirstName(String firstName) {
|
||||
+ loadCount.incrementAndGet();
|
||||
+ this.firstName = firstName;
|
||||
+ }
|
||||
+
|
||||
+ public String getLastName() {
|
||||
+ return lastName;
|
||||
+ }
|
||||
+
|
||||
+ public void setLastName(String lastName) {
|
||||
+ loadCount.incrementAndGet();
|
||||
+ this.lastName = lastName;
|
||||
+ }
|
||||
+
|
||||
+ public static void fixtureReset() {
|
||||
+ loadCount.set(0);
|
||||
+ }
|
||||
+
|
||||
+}
|
||||
diff --git a/collector/src/test/resources/testyaml_javabean.config b/collector/src/test/resources/testyaml_javabean.config
|
||||
new file mode 100644
|
||||
index 0000000..6552d83
|
||||
--- /dev/null
|
||||
+++ b/collector/src/test/resources/testyaml_javabean.config
|
||||
@@ -0,0 +1,6 @@
|
||||
+lowercaseOutputName: true
|
||||
+lowercaseOutputLabelNames: true
|
||||
+blacklistObjectNames:
|
||||
+# handled by agent's default exporter
|
||||
+- "java.lang:*"
|
||||
+other: !!io.prometheus.jmx.Person { firstName: Andrey, lastName: Tool }
|
||||
--
|
||||
2.38.1
|
||||
|
@ -0,0 +1,28 @@
|
||||
diff --git a/jmx_prometheus_javaagent/pom.xml b/jmx_prometheus_javaagent/pom.xml
|
||||
index 5a14679..fb47a94 100644
|
||||
--- a/jmx_prometheus_javaagent/pom.xml
|
||||
+++ b/jmx_prometheus_javaagent/pom.xml
|
||||
@@ -62,9 +62,11 @@
|
||||
<include>javax.servlet.**</include>
|
||||
<include>org.eclipse.**</include>
|
||||
<include>org.yaml.**</include>
|
||||
+ <include>biz.source_code.**</include>
|
||||
+ <include>org.apache.**</include>
|
||||
</includes>
|
||||
<excludes>
|
||||
- <exclude>io.prometheus.jmx.shaded.**</exclude>
|
||||
+ <exclude>io.prometheus.jmx.**</exclude>
|
||||
</excludes>
|
||||
</relocation>
|
||||
</relocations>
|
||||
@@ -81,8 +83,8 @@
|
||||
<transformers>
|
||||
<transformer implementation="org.apache.maven.plugins.shade.resource.ManifestResourceTransformer">
|
||||
<manifestEntries>
|
||||
- <Premain-Class>io.prometheus.jmx.shaded.io.prometheus.jmx.JavaAgent</Premain-Class>
|
||||
- <Agent-Class>io.prometheus.jmx.shaded.io.prometheus.jmx.JavaAgent</Agent-Class>
|
||||
+ <Premain-Class>io.prometheus.jmx.JavaAgent</Premain-Class>
|
||||
+ <Agent-Class>io.prometheus.jmx.JavaAgent</Agent-Class>
|
||||
<Implementation-Version>${project.version}</Implementation-Version>
|
||||
<Implementation-Title>${project.artifactId}</Implementation-Title>
|
||||
</manifestEntries>
|
@ -0,0 +1,155 @@
|
||||
%global version_id parent
|
||||
%global upstream_name jmx_exporter
|
||||
%global simple_client_version 0.6.0
|
||||
|
||||
# Filter requires for the Java Agent as deps are shaded within.
|
||||
%global jmx_or_client io\\.prometheus\\.jmx:.*|io\\.prometheus:simpleclient.*|org\\.yaml:snakeyaml.*
|
||||
%global mvn_requires_filter .*mvn\\(%{jmx_or_client}\\)
|
||||
%global java_headless_filter \\(?.*java-headless.*\\)?
|
||||
%global __requires_exclude ^%{java_headless_filter}|%{mvn_requires_filter}$
|
||||
|
||||
Name: prometheus-jmx-exporter
|
||||
Version: 0.12.0
|
||||
Release: 10%{?dist}
|
||||
Summary: Prometheus JMX Exporter
|
||||
|
||||
License: ASL 2.0
|
||||
URL: https://github.com/prometheus/jmx_exporter/
|
||||
|
||||
Source0: https://github.com/prometheus/jmx_exporter/archive/%{version_id}-%{version}.tar.gz
|
||||
Patch1: properly_rewrite_namespace.patch
|
||||
Patch2: 0001-Fix-CVE-2017-18640-and-add-a-test.patch
|
||||
Patch3: 0001-Fix-CVE-2022-1471-and-add-a-test.patch
|
||||
|
||||
BuildArch: noarch
|
||||
Requires: %{name}-jdk-binding
|
||||
Suggests: %{name}-openjdk11 = %{version}-%{release}
|
||||
|
||||
BuildRequires: maven-local
|
||||
BuildRequires: mvn(org.apache.felix:maven-bundle-plugin)
|
||||
BuildRequires: mvn(org.apache.maven.plugins:maven-assembly-plugin)
|
||||
BuildRequires: mvn(org.apache.maven.plugins:maven-shade-plugin)
|
||||
BuildRequires: mvn(org.yaml:snakeyaml)
|
||||
BuildRequires: mvn(io.prometheus:simpleclient)
|
||||
BuildRequires: mvn(io.prometheus:simpleclient_hotspot)
|
||||
BuildRequires: mvn(io.prometheus:simpleclient_common)
|
||||
BuildRequires: mvn(io.prometheus:simpleclient_httpserver)
|
||||
|
||||
Provides: bundled(io.prometheus.jmx:collector) = %{version}
|
||||
Provides: bundled(io.prometheus:simpleclient) = %{simple_client_version}
|
||||
Provides: bundled(org.yaml:snakeyaml) = 1.32
|
||||
Provides: bundled(biz.source_code:base64coder) = 2010.12.19
|
||||
Provides: bundled(commons-codec:commons-codec) = 1.11
|
||||
Provides: bundled(io.prometheus:simpleclient_hotspot) = %{simple_client_version}
|
||||
Provides: bundled(io.prometheus:simpleclient_httpserver) = %{simple_client_version}
|
||||
Provides: bundled(io.prometheus:simpleclient_common) = %{simple_client_version}
|
||||
|
||||
%description
|
||||
JMX to Prometheus exporter: a collector that can be configured to scrape
|
||||
and expose MBeans of a JMX target. This exporter is intended to be run as
|
||||
a Java Agent, exposing a HTTP server and serving metrics of the local JVM.
|
||||
|
||||
%package openjdk8
|
||||
Summary: OpenJDK 1.8.0 binding for %{name}
|
||||
Provides: %{name}-jdk-binding = %{version}-%{release}
|
||||
Conflicts: %{name}-jdk-binding
|
||||
Requires: %{name} = %{version}-%{release}
|
||||
Requires: java-1.8.0-headless
|
||||
|
||||
%description openjdk8
|
||||
OpenJDK 1.8.0 binding package for %{name}
|
||||
|
||||
%package openjdk11
|
||||
Summary: OpenJDK 11 binding for %{name}
|
||||
Provides: %{name}-jdk-binding = %{version}-%{release}
|
||||
Conflicts: %{name}-jdk-binding
|
||||
Requires: %{name} = %{version}-%{release}
|
||||
Requires: java-11-headless
|
||||
|
||||
%description openjdk11
|
||||
OpenJDK 11 binding package for %{name}
|
||||
|
||||
%package openjdk17
|
||||
Summary: OpenJDK 17 binding for %{name}
|
||||
Provides: %{name}-jdk-binding = %{version}-%{release}
|
||||
Conflicts: %{name}-jdk-binding
|
||||
Requires: %{name} = %{version}-%{release}
|
||||
Requires: java-17-headless
|
||||
|
||||
%description openjdk17
|
||||
OpenJDK 17 binding package for %{name}
|
||||
|
||||
%prep
|
||||
%setup -q -n %{upstream_name}-%{version_id}-%{version}
|
||||
|
||||
%patch1 -p1
|
||||
%patch2 -p1
|
||||
%patch3 -p1
|
||||
|
||||
%pom_remove_plugin org.vafer:jdeb jmx_prometheus_httpserver
|
||||
%pom_remove_plugin org.apache.maven.plugins:maven-failsafe-plugin jmx_prometheus_javaagent
|
||||
%pom_remove_plugin org.codehaus.mojo:build-helper-maven-plugin jmx_prometheus_javaagent
|
||||
|
||||
# Don't install artefacts from the reactor but the java agent itself. This is because
|
||||
# the agent needs deps from the reactor but shades them.
|
||||
%mvn_package "io.prometheus.jmx:jmx_prometheus_httpserver" __noinstall
|
||||
%mvn_package "io.prometheus.jmx:parent" __noinstall
|
||||
|
||||
# Don't depend on obsolete sonatype-oss-parent
|
||||
# See: https://github.com/prometheus/jmx_exporter/issues/420
|
||||
%pom_xpath_remove pom:project/pom:parent
|
||||
|
||||
%build
|
||||
# ignore spurious test errors with: -Dmaven.test.failure.ignore=true
|
||||
%mvn_build -j
|
||||
|
||||
%install
|
||||
%mvn_install
|
||||
|
||||
%files -f .mfiles
|
||||
%license LICENSE
|
||||
%doc NOTICE
|
||||
|
||||
%files openjdk8
|
||||
# empty files for the binding package
|
||||
|
||||
%files openjdk11
|
||||
# empty files for the binding package
|
||||
|
||||
%files openjdk17
|
||||
# empty files for the binding package
|
||||
|
||||
%changelog
|
||||
* Wed Dec 07 2022 Severin Gehwolf <sgehwolf@redhat.com> - 0.12.0-10
|
||||
- Bump release.
|
||||
|
||||
* Wed Dec 07 2022 Severin Gehwolf <sgehwolf@redhat.com> - 0.12.0-9
|
||||
- Fix CVE-2022-1471 by using SafeConstructor.
|
||||
|
||||
* Mon Sep 26 2022 Jonathan Dowland <jdowland@redhat.com> - 0.12.0-8
|
||||
- Bump snakeyaml version to 1.32 to collect fix for CVE-2022-25857
|
||||
(BZ 2126789)
|
||||
|
||||
* Tue Aug 31 2021 Severin Gehwolf <sgehwolf@redhat.com> - 0.12.0-7
|
||||
- Add JDK binding sub-packages so that the package
|
||||
can be used with either JDK 11 or JDK 17.
|
||||
- Add requirement on base package for the JDK binding packages.
|
||||
|
||||
* Mon Apr 20 2020 Severin Gehwolf <sgehwolf@redhat.com> - 0.12.0-6
|
||||
- Fix CVE-2017-18640 by using updated snakeyaml.
|
||||
|
||||
* Wed Oct 09 2019 Severin Gehwolf <sgehwolf@redhat.com> - 0.12.0-5
|
||||
- rebuilt
|
||||
|
||||
* Wed Oct 09 2019 Severin Gehwolf <sgehwolf@redhat.com> - 0.12.0-4
|
||||
- rebuilt
|
||||
|
||||
* Wed Oct 09 2019 Severin Gehwolf <sgehwolf@redhat.com> - 0.12.0-3
|
||||
- Advertise correct bundled snakeyaml version (1.25)
|
||||
|
||||
* Tue Sep 03 2019 Severin Gehwolf <sgehwolf@redhat.com> - 0.12.0-2
|
||||
- Add patch to properly name-space included dependencies
|
||||
|
||||
* Mon Aug 12 2019 Severin Gehwolf <sgehwolf@redhat.com> - 0.12.0-1
|
||||
- Initial package.
|
||||
|
Loading…
Reference in new issue