DBACLD-176888 - update ref to odm 9.5#378
Merged
Merged
Conversation
lgrateau
approved these changes
May 28, 2025
lgrateau
added a commit
that referenced
this pull request
Jun 19, 2025
* Try new liberty version * load public certificate with same alias than private * load public certificate with same alias than private * Systematically download latest working version of loan services * Update enablefips-java.security Try to fix cp4ba FIPS deployment from DC to RES * Trust certs as in https://openliberty.io/docs/latest/enable-fips.html * Update README.md * try to use pcks12 format in FIPS * Update .env Switch Liberty images 23.0.0.9 DBACLD-109060 * Fix issue issue with ltpa token configuration on 23.0.0.9 Release. DBACLD-109060 * DBACLD-79811 always import cert in nssdb * Update enablefips-java.security * DBACLD-109819 Renew automically the IBM certificate. * Bump actions/checkout from 2 to 4 (#335) Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v2...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * update dbserver sample demo * https://jsw.ibm.com/browse/DBACLD-110112 * remaining decisionmodel extract * Revert "DBACLD-79811 always import cert in nssdb" This reverts commit f8e3932. * https://jsw.ibm.com/browse/DBACLD-112133 * no message * Update stale.yml * Bump actions/stale from 5 to 8 Bumps [actions/stale](https://github.com/actions/stale) from 5 to 8. - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](actions/stale@v5...v8) --- updated-dependencies: - dependency-name: actions/stale dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Update stale.yml * Add mpmetric feature * Update build.sh * Update images (#337) * Draft of the update image contribution * Update after testing on an x86 machine * README for update images * Update README.md * Update README.md * Update README.md * updat table of content * Update .env * Update README.md * Update README.md * Update build.sh (#338) * Update full-description.md * Update full-description.md * Add arm64 * Future release (#342) * test welcomepage with Istio * change webContainer for res JSF in Istio * typo * restore welcome page * rollback istio config * https://jsw.ibm.com/browse/DBACLD-115871 * https://jsw.ibm.com/browse/DBACLD-115871 * https://jsw.ibm.com/browse/DBACLD-115871 * https://jsw.ibm.com/browse/DBACLD-118193 --------- Co-authored-by: mmouly <mathias.mouly@fr.ibm.com> * Dbacld 118194 update jdbc drivers (#346) * File rights +x * Updated JDBC driver release * Fix potential download error * Update .env * https://jsw.ibm.com/browse/DBACLD-122031 * https://jsw.ibm.com/browse/DBACLD-122031 * https://jsw.ibm.com/browse/DBACLD-122031 * move to servlet 4.0 and http/2 * move to servlet 4.0 and http/2 * missing feature upgrade for standalone * try DC with http/2 * remove stack on DC with http/2 * mpMetrics-3.0 * mpMetrics-3.0 * https://jsw.ibm.com/browse/DBACLD-125064 * restore standalone * https://jsw.ibm.com/browse/DBACLD-113498 * https://jsw.ibm.com/browse/DBACLD-125375 * missing redirect * DBACLD-125376 Move to new year 2024 * https://www.mend.io/vulnerability-database/CVE-2024-1597 * Try to fail build if download failed * Update installPostgres.sh * Revert to check if bamboo fail ai * Revert as 42.7.2 is not yet available * tentative fix LinuxForHealth/FHIR#2165 (comment) * postgresql-42.7.2.jar * Update updateDCConfigurations.sh * Add TLSv1.3 support * Workaround issue DBACLD-126226 Regression in the RES Diagnostic * 2nd fix for RES Diagnostic regression * remove http2 stacks * tentative fix #13 RoleGroupMappingTest * Update PG driver to 4.7.2 (fix CVE-2024-1597) * https://jsw.ibm.com/browse/DBACLD-127692 * https://jsw.ibm.com/browse/DBACLD-127692 * DBACLD-116542 Add support for PostgreSQL 15 * https://jsw.ibm.com/browse/DBACLD-127784 * for h2 V2.2.224 * deployed test_deployment ruleapp to RES * https://jsw.ibm.com/browse/DBACLD-113583 * https://jsw.ibm.com/browse/DBACLD-113583 * https://jsw.ibm.com/browse/DBACLD-113583 * https://jsw.ibm.com/browse/DBACLD-123096 * https://jsw.ibm.com/browse/DBACLD-123096 * https://jsw.ibm.com/browse/DBACLD-123096 * https://jsw.ibm.com/browse/DBACLD-123096 * https://jsw.ibm.com/browse/DBACLD-123096 * https://jsw.ibm.com/browse/DBACLD-123096 * change driver download * Document how to enable java agent in our containers #DBACLD-123096 * move PACKAGELIST * move PACKAGELIST * move PACKAGELIST * move PACKAGELIST * move PACKAGELIST * move PACKAGELIST * move PACKAGELIST * move PACKAGELIST * move PACKAGELIST * remove docker-compose * Update build-and-test.yml * Update build-and-test.yml * Update build-and-test.yml for latet release * Update odm-rolegroupmapping.yml * download dir in classloader * download dir in classloader * automate DC custo with download * Update .env * allow to disable dbdump #DBACLD-131249 * add directory for ml integration * Revert "For DBACLD-131396" * missing alias * Update configureTlsSecurity.sh improve alias fix as pods healthcheck does not work * watcher pod restart * move watcher to the chart * Restore DB as user given by internalDatabase.secretCredentials * Test file existence before using it * add logstashcollector-1.0 * add logstash collector config #DBACLD-125066 * DBACLD-134790 : Change license for the 9.0.0.0 Release * Update .env - Change location of the liberty base image * TCPKeepAlive #DBACLD-129332 * Update for next release * Update full-description.md * Switch build to next-release * Prepare next release * Delete iam directory * Fix Rule Designer URL * remove keycloak * Remove obsolete integration with BAI. * DBACLD-139987 - Put in place checker link (#356) Co-authored-by: Frederic Mercier <f.mercier@fr.ibm.com> * Update .env * Update .env * update detect-secrets-hook config (#358) Co-authored-by: Frederic Mercier <f.mercier@fr.ibm.com> * DBACLD-148300 Enable detect secret * Enable audit for fisma * rsyslog startup script * enable audit * add GitHub action running detect-secrets * false positive markdown-link-check error: this link is still valid * remove link to a file that has been deleted in commit 9bba4dc Remove obsolete integration with BAI. * fix dead link and make other links visible * send notification to Slack if detect-secrets failed * verifyHostname to false because of liberty 24.0.0.9 * DBACLD-151709 Change for Liberty version 24.0.0.9 + Audit 2.0 * Update to 42.7.4 before opening a bug issue about FIPS * Revert "Update to 42.7.4 before opening a bug issue about FIPS" This reverts commit 58dbe81. * move to audit-2.0 * Remove dockerhub unsafe images. Replace haproxy by official certified Traefik image. * `version` is obsolete * Updated to 2.1 * no message * no message * MAINTAINER is deprecated * DBACLD-154003 Ability to inject a hook lifecycle command in the container * DBACLD-154003 Fix issue when the 2 scripts are specifdied * sidecar probe https://jsw.ibm.com/browse/DBACLD-147947 * sidecar probe https://jsw.ibm.com/browse/DBACLD-147947 * sidecar probe https://jsw.ibm.com/browse/DBACLD-147947 * DC servlet customization * hide safe warnings * Update build-and-test.yml DBACLD-157430 Change odm on docker build to use with 9.0.0.1 release * Fix broken link * Update full-description.md * correct link * remove old server configuration * clean-up * Update links * Update full-description.md * Update full-description.md * clean-up standalone config * remove old config * update servers definition with USERS_PASSWORD * move to JDK21 * rollback * move to JDK21 * load sample in 9.0.1 * update standalone servers * disable hostname validation with new DB2 driver * Fail when ERROR * Revert "Fail when ERROR" This reverts commit 4bcc6cd. * Updated copyright to 2025 (#363) * test env export * Embed Decision Assistant WebApp in Decision Center Container Image * update custom scripts * Fix errors with multiple ZIP files * Fix issue with multiple ZIP files * Fix file name expansion * Update .env * Enable decision assistant (#365) * DBACLD-165066 - Enable DA * DBACLD-165067 - Inject Decsion Assistant configuration * Not real secret * remove DA User * Renable Standalone Licenses --------- Co-authored-by: Mathias Mouly <mathias.mouly@fr.ibm.com> * Not real secret * Enable DA * Change in the remote api * fix problem happening when customization.privateCertificateList is set and customization.trustedCertificateList is not * import cacert for RD * import cacert for RD * Manage sample db for the next release * Revert " Embed Decision Assistant WebApp in Decision Center Container Image" This reverts commit 2f8f786. * Revert feature DA * Revert "Enable DA" This reverts commit 2a144be. * Upgrade to Spring 6 for the RES Console * Upgrade to Spring 6 for DecisionRunner * merge to fix .secrets.baseline * detect secrets * Upgrade to Spring 6 for DecisionServerRuntime * DBACLD-167674 Upgrade to Spring 6 - Move redirect page to jakarta implementation (#369) * DBACLD-167674 Upgrade to Spring 6 - Move redirect page to jakarta implementation * DBACLD-167674 Move to jakarta implemetation and cleanup the build. * Move to jakarta implementation * Move to jakarta Temporary fix * Fix build issue with tag lib * Move to jakarta package. * Move to a newer mpmetrics version - mpmetrics-5.1 * establish trust by using the default certificates * add serverKeyAlias='odm' parameter to tell Liberty to use the key with alias 'odm' * DBACLD-167674 Move to jakarta implementation * error if no TLS key pair specified (#373) error "The odm certificate alias specified by the attribute serverKeyAlias is either not found in KeyStore /config/security/keystore.p12 or it is invalid." * Update build-and-test.yml * Try to fix the behavior change * switch to Liberty 25.0.0.3 * update .env * HTDS page run.jsp should require authentication (#374) otherwise the page might not load completely Co-authored-by: Frederic Mercier <f.mercier@fr.ibm.com> * configure FIPS for Liberty 25.0.0.3 and support FIPS 140-3 (#375) * fix FIPS in 25.0.0.3 and support FIPS 140-3 * unessary option (best replaced by disabling SSL in SOLR in FIPS mode -Dodm.solr.embedded.disableSSL=true) * the new ltpa.keys for FIPS 140-3 is not suitable in non FIPS mode * no pwd in ltpa element when FIPS is disabled * update .secrets.baseline * not used anymore * copy new ltpa-FIPS140-3.keys in Dockerfiles and create separate ltpa.xml and ltpaFIPS.xml --------- Co-authored-by: Frederic Mercier <f.mercier@fr.ibm.com> * Update updateDemoServers.sh DC seems to take more time to start increase the startup of the script * DBACLD-160625 - update default ciphers for FIPS 140-3 (#376) Co-authored-by: Frederic Mercier <f.mercier@fr.ibm.com> * align with prod images * DBACLD-174869 use healthCheck for servers configuration * DBACLD-176518 Update License for 25.0.0.0/9.5.0.0 Release * DBACLD-176518 Update License for 25.0.0.0/9.5.0.0 Release - Remove ru * DBACLD-176518 Update License for 25.0.0.0/9.5.0.0 Release - Update notice file * DBACLD-176518 Update License for 25.0.0.0/9.5.0.0 Release - Remove unneccessary file * DBACLD-177034 - unable to convert stores to P12 format as the pwd is incorrect * Revert "DBACLD-177034 - unable to convert stores to P12 format as the pwd is incorrect" This reverts commit 3dc9294. * Move to mpmetrics-5.1 * DBACLD-176888 - update ref to odm 9.5 (#378) * DBACLD-176888 - update readme or files wrt odm 95 * Eclipse marketplace url for new RD 9.5 * Update full-description.md * Revert "Update installPostgres driver to 42.7.4" This reverts commit d3f2eb8. --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: mmouly <mathias.mouly@fr.ibm.com> Co-authored-by: Pierre-Yves Lochou <pylochou@fr.ibm.com> Co-authored-by: Pierre-Yves Lochou <31895642+PYLochou@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Frederic Mercier <frederic.mercier@gmx.net> Co-authored-by: SiaSinTay <siasin.tay@fr.ibm.com> Co-authored-by: Frederic Mercier <f.mercier@fr.ibm.com>
lgrateau
added a commit
that referenced
this pull request
Dec 1, 2025
* Update stale.yml * Add mpmetric feature * Update build.sh * Update images (#337) * Draft of the update image contribution * Update after testing on an x86 machine * README for update images * Update README.md * Update README.md * Update README.md * updat table of content * Update .env * Update README.md * Update README.md * Update build.sh (#338) * Update full-description.md * Update full-description.md * Add arm64 * Future release (#342) * test welcomepage with Istio * change webContainer for res JSF in Istio * typo * restore welcome page * rollback istio config * https://jsw.ibm.com/browse/DBACLD-115871 * https://jsw.ibm.com/browse/DBACLD-115871 * https://jsw.ibm.com/browse/DBACLD-115871 * https://jsw.ibm.com/browse/DBACLD-118193 --------- Co-authored-by: mmouly <mathias.mouly@fr.ibm.com> * Dbacld 118194 update jdbc drivers (#346) * File rights +x * Updated JDBC driver release * Fix potential download error * Update .env * https://jsw.ibm.com/browse/DBACLD-122031 * https://jsw.ibm.com/browse/DBACLD-122031 * https://jsw.ibm.com/browse/DBACLD-122031 * move to servlet 4.0 and http/2 * move to servlet 4.0 and http/2 * missing feature upgrade for standalone * try DC with http/2 * remove stack on DC with http/2 * mpMetrics-3.0 * mpMetrics-3.0 * https://jsw.ibm.com/browse/DBACLD-125064 * restore standalone * https://jsw.ibm.com/browse/DBACLD-113498 * https://jsw.ibm.com/browse/DBACLD-125375 * missing redirect * DBACLD-125376 Move to new year 2024 * https://www.mend.io/vulnerability-database/CVE-2024-1597 * Try to fail build if download failed * Update installPostgres.sh * Revert to check if bamboo fail ai * Revert as 42.7.2 is not yet available * tentative fix LinuxForHealth/FHIR#2165 (comment) * postgresql-42.7.2.jar * Update updateDCConfigurations.sh * Add TLSv1.3 support * Workaround issue DBACLD-126226 Regression in the RES Diagnostic * 2nd fix for RES Diagnostic regression * remove http2 stacks * tentative fix #13 RoleGroupMappingTest * Update PG driver to 4.7.2 (fix CVE-2024-1597) * https://jsw.ibm.com/browse/DBACLD-127692 * https://jsw.ibm.com/browse/DBACLD-127692 * DBACLD-116542 Add support for PostgreSQL 15 * https://jsw.ibm.com/browse/DBACLD-127784 * for h2 V2.2.224 * deployed test_deployment ruleapp to RES * https://jsw.ibm.com/browse/DBACLD-113583 * https://jsw.ibm.com/browse/DBACLD-113583 * https://jsw.ibm.com/browse/DBACLD-113583 * https://jsw.ibm.com/browse/DBACLD-123096 * https://jsw.ibm.com/browse/DBACLD-123096 * https://jsw.ibm.com/browse/DBACLD-123096 * https://jsw.ibm.com/browse/DBACLD-123096 * https://jsw.ibm.com/browse/DBACLD-123096 * https://jsw.ibm.com/browse/DBACLD-123096 * change driver download * Document how to enable java agent in our containers #DBACLD-123096 * move PACKAGELIST * move PACKAGELIST * move PACKAGELIST * move PACKAGELIST * move PACKAGELIST * move PACKAGELIST * move PACKAGELIST * move PACKAGELIST * move PACKAGELIST * remove docker-compose * Update build-and-test.yml * Update build-and-test.yml * Update build-and-test.yml for latet release * Update odm-rolegroupmapping.yml * download dir in classloader * download dir in classloader * automate DC custo with download * Update .env * allow to disable dbdump #DBACLD-131249 * add directory for ml integration * Revert "For DBACLD-131396" * missing alias * Update configureTlsSecurity.sh improve alias fix as pods healthcheck does not work * watcher pod restart * move watcher to the chart * Restore DB as user given by internalDatabase.secretCredentials * Test file existence before using it * add logstashcollector-1.0 * add logstash collector config #DBACLD-125066 * DBACLD-134790 : Change license for the 9.0.0.0 Release * Update .env - Change location of the liberty base image * TCPKeepAlive #DBACLD-129332 * Update for next release * Update full-description.md * Switch build to next-release * Prepare next release * Delete iam directory * Fix Rule Designer URL * remove keycloak * Remove obsolete integration with BAI. * DBACLD-139987 - Put in place checker link (#356) Co-authored-by: Frederic Mercier <f.mercier@fr.ibm.com> * Update .env * Update .env * update detect-secrets-hook config (#358) Co-authored-by: Frederic Mercier <f.mercier@fr.ibm.com> * DBACLD-148300 Enable detect secret * Enable audit for fisma * rsyslog startup script * enable audit * add GitHub action running detect-secrets * false positive markdown-link-check error: this link is still valid * remove link to a file that has been deleted in commit 9bba4dc Remove obsolete integration with BAI. * fix dead link and make other links visible * send notification to Slack if detect-secrets failed * verifyHostname to false because of liberty 24.0.0.9 * DBACLD-151709 Change for Liberty version 24.0.0.9 + Audit 2.0 * Update to 42.7.4 before opening a bug issue about FIPS * Revert "Update to 42.7.4 before opening a bug issue about FIPS" This reverts commit 58dbe81. * move to audit-2.0 * Remove dockerhub unsafe images. Replace haproxy by official certified Traefik image. * `version` is obsolete * Updated to 2.1 * no message * no message * MAINTAINER is deprecated * DBACLD-154003 Ability to inject a hook lifecycle command in the container * DBACLD-154003 Fix issue when the 2 scripts are specifdied * sidecar probe https://jsw.ibm.com/browse/DBACLD-147947 * sidecar probe https://jsw.ibm.com/browse/DBACLD-147947 * sidecar probe https://jsw.ibm.com/browse/DBACLD-147947 * DC servlet customization * hide safe warnings * Update build-and-test.yml DBACLD-157430 Change odm on docker build to use with 9.0.0.1 release * Fix broken link * Update full-description.md * correct link * remove old server configuration * clean-up * Update links * Update full-description.md * Update full-description.md * clean-up standalone config * remove old config * update servers definition with USERS_PASSWORD * move to JDK21 * rollback * move to JDK21 * load sample in 9.0.1 * update standalone servers * disable hostname validation with new DB2 driver * Fail when ERROR * Revert "Fail when ERROR" This reverts commit 4bcc6cd. * Updated copyright to 2025 (#363) * test env export * Embed Decision Assistant WebApp in Decision Center Container Image * update custom scripts * Fix errors with multiple ZIP files * Fix issue with multiple ZIP files * Fix file name expansion * Update .env * Enable decision assistant (#365) * DBACLD-165066 - Enable DA * DBACLD-165067 - Inject Decsion Assistant configuration * Not real secret * remove DA User * Renable Standalone Licenses --------- Co-authored-by: Mathias Mouly <mathias.mouly@fr.ibm.com> * Not real secret * Enable DA * Change in the remote api * fix problem happening when customization.privateCertificateList is set and customization.trustedCertificateList is not * import cacert for RD * import cacert for RD * Manage sample db for the next release * Revert " Embed Decision Assistant WebApp in Decision Center Container Image" This reverts commit 2f8f786. * Revert feature DA * Revert "Enable DA" This reverts commit 2a144be. * Upgrade to Spring 6 for the RES Console * Upgrade to Spring 6 for DecisionRunner * merge to fix .secrets.baseline * detect secrets * Upgrade to Spring 6 for DecisionServerRuntime * DBACLD-167674 Upgrade to Spring 6 - Move redirect page to jakarta implementation (#369) * DBACLD-167674 Upgrade to Spring 6 - Move redirect page to jakarta implementation * DBACLD-167674 Move to jakarta implemetation and cleanup the build. * Move to jakarta implementation * Move to jakarta Temporary fix * Fix build issue with tag lib * Move to jakarta package. * Move to a newer mpmetrics version - mpmetrics-5.1 * establish trust by using the default certificates * add serverKeyAlias='odm' parameter to tell Liberty to use the key with alias 'odm' * DBACLD-167674 Move to jakarta implementation * error if no TLS key pair specified (#373) error "The odm certificate alias specified by the attribute serverKeyAlias is either not found in KeyStore /config/security/keystore.p12 or it is invalid." * Update build-and-test.yml * Try to fix the behavior change * switch to Liberty 25.0.0.3 * update .env * HTDS page run.jsp should require authentication (#374) otherwise the page might not load completely Co-authored-by: Frederic Mercier <f.mercier@fr.ibm.com> * configure FIPS for Liberty 25.0.0.3 and support FIPS 140-3 (#375) * fix FIPS in 25.0.0.3 and support FIPS 140-3 * unessary option (best replaced by disabling SSL in SOLR in FIPS mode -Dodm.solr.embedded.disableSSL=true) * the new ltpa.keys for FIPS 140-3 is not suitable in non FIPS mode * no pwd in ltpa element when FIPS is disabled * update .secrets.baseline * not used anymore * copy new ltpa-FIPS140-3.keys in Dockerfiles and create separate ltpa.xml and ltpaFIPS.xml --------- Co-authored-by: Frederic Mercier <f.mercier@fr.ibm.com> * Update updateDemoServers.sh DC seems to take more time to start increase the startup of the script * DBACLD-160625 - update default ciphers for FIPS 140-3 (#376) Co-authored-by: Frederic Mercier <f.mercier@fr.ibm.com> * align with prod images * DBACLD-174869 use healthCheck for servers configuration * DBACLD-176518 Update License for 25.0.0.0/9.5.0.0 Release * DBACLD-176518 Update License for 25.0.0.0/9.5.0.0 Release - Remove ru * DBACLD-176518 Update License for 25.0.0.0/9.5.0.0 Release - Update notice file * DBACLD-176518 Update License for 25.0.0.0/9.5.0.0 Release - Remove unneccessary file * DBACLD-177034 - unable to convert stores to P12 format as the pwd is incorrect * Revert "DBACLD-177034 - unable to convert stores to P12 format as the pwd is incorrect" This reverts commit 3dc9294. * Move to mpmetrics-5.1 * DBACLD-176888 - update ref to odm 9.5 (#378) * DBACLD-176888 - update readme or files wrt odm 95 * Eclipse marketplace url for new RD 9.5 * Update full-description.md * Revert "Update installPostgres driver to 42.7.4" This reverts commit d3f2eb8. * Upgrade Liberty version DBACLD-182986 - 25.0.0.6 * Fix "line 108: mapping key "environment" already defined at line 97" * Fix following introduction on a hibernat jar file that is introduced in the third party library * Improve the jrules engine version extraction * Removed outdated version: and fixed double environment: keys * enable mTLS * enable mTLS * Dbacld 187307 - Extend web.xml customization to allow editing <init-param> in filter section (#382) * To handle also removal of init-param or context param in the web.xml * Rename function and better handle removal case * use bash parameter expansion instead of sed * touch up and regroup param values escape codes * add/update element if param value in the config file is not null * correct variable for init-param value to printout * Remove space * input variables for web.xml and web-configuration.properties * modified the script so as to update RES web.xml which have 2 filters * update runtime only * move the functions updating web.xml file as separate .sh * Update servlet RESTManagementService and no longer required to update RequestFilter * the servlet that manages upload is FrontendUploadServlet * Update Liberty version in .env file * Update decisioncenter-configuration.properties * move error.jsp to jakarta * move error.jsp to jakarta * Update ODM_VERSION to 9.5.0.1 --------- Co-authored-by: Pierre-Yves Lochou <31895642+PYLochou@users.noreply.github.com> Co-authored-by: mmouly <mathias.mouly@fr.ibm.com> Co-authored-by: Frederic Mercier <frederic.mercier@gmx.net> Co-authored-by: Pierre-Yves Lochou <pylochou@fr.ibm.com> Co-authored-by: SiaSinTay <siasin.tay@fr.ibm.com> Co-authored-by: Frederic Mercier <f.mercier@fr.ibm.com>
lgrateau
added a commit
that referenced
this pull request
Jun 12, 2026
* download dir in classloader * automate DC custo with download * Update .env * allow to disable dbdump #DBACLD-131249 * add directory for ml integration * Revert "For DBACLD-131396" * missing alias * Update configureTlsSecurity.sh improve alias fix as pods healthcheck does not work * watcher pod restart * move watcher to the chart * Restore DB as user given by internalDatabase.secretCredentials * Test file existence before using it * add logstashcollector-1.0 * add logstash collector config #DBACLD-125066 * DBACLD-134790 : Change license for the 9.0.0.0 Release * Update .env - Change location of the liberty base image * TCPKeepAlive #DBACLD-129332 * Update for next release * Update full-description.md * Switch build to next-release * Prepare next release * Delete iam directory * Fix Rule Designer URL * remove keycloak * Remove obsolete integration with BAI. * DBACLD-139987 - Put in place checker link (#356) Co-authored-by: Frederic Mercier <f.mercier@fr.ibm.com> * Update .env * Update .env * update detect-secrets-hook config (#358) Co-authored-by: Frederic Mercier <f.mercier@fr.ibm.com> * DBACLD-148300 Enable detect secret * Enable audit for fisma * rsyslog startup script * enable audit * add GitHub action running detect-secrets * false positive markdown-link-check error: this link is still valid * remove link to a file that has been deleted in commit 9bba4dc Remove obsolete integration with BAI. * fix dead link and make other links visible * send notification to Slack if detect-secrets failed * verifyHostname to false because of liberty 24.0.0.9 * DBACLD-151709 Change for Liberty version 24.0.0.9 + Audit 2.0 * Update to 42.7.4 before opening a bug issue about FIPS * Revert "Update to 42.7.4 before opening a bug issue about FIPS" This reverts commit 58dbe81. * move to audit-2.0 * Remove dockerhub unsafe images. Replace haproxy by official certified Traefik image. * `version` is obsolete * Updated to 2.1 * no message * no message * MAINTAINER is deprecated * DBACLD-154003 Ability to inject a hook lifecycle command in the container * DBACLD-154003 Fix issue when the 2 scripts are specifdied * sidecar probe https://jsw.ibm.com/browse/DBACLD-147947 * sidecar probe https://jsw.ibm.com/browse/DBACLD-147947 * sidecar probe https://jsw.ibm.com/browse/DBACLD-147947 * DC servlet customization * hide safe warnings * Update build-and-test.yml DBACLD-157430 Change odm on docker build to use with 9.0.0.1 release * Fix broken link * Update full-description.md * correct link * remove old server configuration * clean-up * Update links * Update full-description.md * Update full-description.md * clean-up standalone config * remove old config * update servers definition with USERS_PASSWORD * move to JDK21 * rollback * move to JDK21 * load sample in 9.0.1 * update standalone servers * disable hostname validation with new DB2 driver * Fail when ERROR * Revert "Fail when ERROR" This reverts commit 4bcc6cd. * Updated copyright to 2025 (#363) * test env export * Embed Decision Assistant WebApp in Decision Center Container Image * update custom scripts * Fix errors with multiple ZIP files * Fix issue with multiple ZIP files * Fix file name expansion * Update .env * Enable decision assistant (#365) * DBACLD-165066 - Enable DA * DBACLD-165067 - Inject Decsion Assistant configuration * Not real secret * remove DA User * Renable Standalone Licenses --------- Co-authored-by: Mathias Mouly <mathias.mouly@fr.ibm.com> * Not real secret * Enable DA * Change in the remote api * fix problem happening when customization.privateCertificateList is set and customization.trustedCertificateList is not * import cacert for RD * import cacert for RD * Manage sample db for the next release * Revert " Embed Decision Assistant WebApp in Decision Center Container Image" This reverts commit 2f8f786. * Revert feature DA * Revert "Enable DA" This reverts commit 2a144be. * Upgrade to Spring 6 for the RES Console * Upgrade to Spring 6 for DecisionRunner * merge to fix .secrets.baseline * detect secrets * Upgrade to Spring 6 for DecisionServerRuntime * DBACLD-167674 Upgrade to Spring 6 - Move redirect page to jakarta implementation (#369) * DBACLD-167674 Upgrade to Spring 6 - Move redirect page to jakarta implementation * DBACLD-167674 Move to jakarta implemetation and cleanup the build. * Move to jakarta implementation * Move to jakarta Temporary fix * Fix build issue with tag lib * Move to jakarta package. * Move to a newer mpmetrics version - mpmetrics-5.1 * establish trust by using the default certificates * add serverKeyAlias='odm' parameter to tell Liberty to use the key with alias 'odm' * DBACLD-167674 Move to jakarta implementation * error if no TLS key pair specified (#373) error "The odm certificate alias specified by the attribute serverKeyAlias is either not found in KeyStore /config/security/keystore.p12 or it is invalid." * Update build-and-test.yml * Try to fix the behavior change * switch to Liberty 25.0.0.3 * update .env * HTDS page run.jsp should require authentication (#374) otherwise the page might not load completely Co-authored-by: Frederic Mercier <f.mercier@fr.ibm.com> * configure FIPS for Liberty 25.0.0.3 and support FIPS 140-3 (#375) * fix FIPS in 25.0.0.3 and support FIPS 140-3 * unessary option (best replaced by disabling SSL in SOLR in FIPS mode -Dodm.solr.embedded.disableSSL=true) * the new ltpa.keys for FIPS 140-3 is not suitable in non FIPS mode * no pwd in ltpa element when FIPS is disabled * update .secrets.baseline * not used anymore * copy new ltpa-FIPS140-3.keys in Dockerfiles and create separate ltpa.xml and ltpaFIPS.xml --------- Co-authored-by: Frederic Mercier <f.mercier@fr.ibm.com> * Update updateDemoServers.sh DC seems to take more time to start increase the startup of the script * DBACLD-160625 - update default ciphers for FIPS 140-3 (#376) Co-authored-by: Frederic Mercier <f.mercier@fr.ibm.com> * align with prod images * DBACLD-174869 use healthCheck for servers configuration * DBACLD-176518 Update License for 25.0.0.0/9.5.0.0 Release * DBACLD-176518 Update License for 25.0.0.0/9.5.0.0 Release - Remove ru * DBACLD-176518 Update License for 25.0.0.0/9.5.0.0 Release - Update notice file * DBACLD-176518 Update License for 25.0.0.0/9.5.0.0 Release - Remove unneccessary file * DBACLD-177034 - unable to convert stores to P12 format as the pwd is incorrect * Revert "DBACLD-177034 - unable to convert stores to P12 format as the pwd is incorrect" This reverts commit 3dc9294. * Move to mpmetrics-5.1 * DBACLD-176888 - update ref to odm 9.5 (#378) * DBACLD-176888 - update readme or files wrt odm 95 * Eclipse marketplace url for new RD 9.5 * Update full-description.md * Revert "Update installPostgres driver to 42.7.4" This reverts commit d3f2eb8. * Upgrade Liberty version DBACLD-182986 - 25.0.0.6 * Fix "line 108: mapping key "environment" already defined at line 97" * Fix following introduction on a hibernat jar file that is introduced in the third party library * Improve the jrules engine version extraction * Removed outdated version: and fixed double environment: keys * enable mTLS * enable mTLS * Dbacld 187307 - Extend web.xml customization to allow editing <init-param> in filter section (#382) * To handle also removal of init-param or context param in the web.xml * Rename function and better handle removal case * use bash parameter expansion instead of sed * touch up and regroup param values escape codes * add/update element if param value in the config file is not null * correct variable for init-param value to printout * Remove space * input variables for web.xml and web-configuration.properties * modified the script so as to update RES web.xml which have 2 filters * update runtime only * move the functions updating web.xml file as separate .sh * Update servlet RESTManagementService and no longer required to update RequestFilter * the servlet that manages upload is FrontendUploadServlet * Update Liberty version in .env file * Update decisioncenter-configuration.properties * move error.jsp to jakarta * move error.jsp to jakarta * Update ODM_VERSION to 9.5.0.1 * Improve stability of the build by switching to featureutility * Improve stability of the build by switching to featureutility * transportSecurity embbed ssl * revert commit improve stability * Revert "revert commit improve stability" This reverts commit 37c99e4. * Improve stability of the build by switching to featureutility * Improve stability of the build by switching to featureutility * Remove multiple "LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format" * check authOidc filters simplification * Update authFilters.xml * Update authFilters.xml * Improve build and test. Add health check + verify authentication (#389) * Improve build and test. Add health check + verify authentication * Try to fix * increase timeout * Fix DC URL Tests * container renamed * Fix ping installation * fix warning * update authFilters.xml * update authFilters.xml * Modification for UMS (#391) * post_logout_redirect_uri configuration * force authentication on /run * allow openid auth filters override * disable res login panel * add scope parameter * add scope parameter * rename SCOPE * allow to load custom jar files for decision service * fix restore sample DB when using custom DB credentials * ODM for Dev landing page improvements * fix restore.sh * DBACLD-218733 upgrade to postgresql 16 * Restore db for any version * due to spring change behaviour * solution with new spring lib * rollback as issue on rest-api with spring security 7 fixed * #DBACLD-218851 disable auth on DSR * typo * Update full-description.md * should fix https://www.ibm.com/support/pages/node/7266845 * Date Header change * should fix https://www.ibm.com/support/pages/node/7266845 * should fix https://www.ibm.com/support/pages/node/7266845 * should fix https://www.ibm.com/support/pages/node/7266845 * LTPA for standalone * 2nd fix for LPTA key for standalone image * use proxy to download liberty features * use proxy to download liberty features * debug * debug * cleanup * Update build-and-test.yml * Remove outdated DevWorks article reference Removed outdated DevWorks article reference from README. * #DBACLD-231538 Switch feature maven utility to use artifactory proxy * Add environment variable exports for Artifactory Export ARTIFACTORY_USER and ARTIFACTORY_TOKEN for use in Docker builds. * Update build-and-test.yml to manage docker-compose Remove existing docker-compose and install a specific version. * #DBACLD-231538 Switch feature maven utility to use artifactory proxy * Remove docker-compose installation from CI workflow Removed docker-compose installation steps from the workflow. * #DBACLD-217857 Incomplete classloader definition for downloadURL in ODM containers * #DBACLD-231322 CVE driver prostgresql * Rebuild sample databases 9.6 * Update odm-cluster.yml * DBACLD-234280 - Update Licenses * Prepare delivery for the next release * DBACLD-235181 Prepare next Release * Prepare next release * Prepare next release * Prepare next release * Prep next release * add restConnector liberty feature when setting monitor.xml * #DBACLD-150939 change keytool-initcontainer password * #DBACLD-150939 change keytool-initcontainer password * #DBACLD-150939 change keytool-initcontainer password * #DBACLD-150939 change keytool-initcontainer password * #DBACLD-150939 change keytool-initcontainer password * Update ODM_VERSION to 9.6.0.0 in workflow * Update Eclipse version from 2025-12 v3.8 to v4.38 * use PKCS12 for FIPS --------- Co-authored-by: Mathias Mouly <mathias.mouly@fr.ibm.com> Co-authored-by: SiaSinTay <siasin.tay@fr.ibm.com> Co-authored-by: Pierre-Yves Lochou <31895642+PYLochou@users.noreply.github.com> Co-authored-by: Frederic Mercier <frederic.mercier@gmx.net> Co-authored-by: Frederic Mercier <f.mercier@fr.ibm.com> Co-authored-by: Pierre-Yves Lochou <pylochou@fr.ibm.com>
lgrateau
added a commit
that referenced
this pull request
Jun 16, 2026
* Update .env * allow to disable dbdump #DBACLD-131249 * add directory for ml integration * Revert "For DBACLD-131396" * missing alias * Update configureTlsSecurity.sh improve alias fix as pods healthcheck does not work * watcher pod restart * move watcher to the chart * Restore DB as user given by internalDatabase.secretCredentials * Test file existence before using it * add logstashcollector-1.0 * add logstash collector config #DBACLD-125066 * DBACLD-134790 : Change license for the 9.0.0.0 Release * Update .env - Change location of the liberty base image * TCPKeepAlive #DBACLD-129332 * Update for next release * Update full-description.md * Switch build to next-release * Prepare next release * Delete iam directory * Fix Rule Designer URL * remove keycloak * Remove obsolete integration with BAI. * DBACLD-139987 - Put in place checker link (#356) Co-authored-by: Frederic Mercier <f.mercier@fr.ibm.com> * Update .env * Update .env * update detect-secrets-hook config (#358) Co-authored-by: Frederic Mercier <f.mercier@fr.ibm.com> * DBACLD-148300 Enable detect secret * Enable audit for fisma * rsyslog startup script * enable audit * add GitHub action running detect-secrets * false positive markdown-link-check error: this link is still valid * remove link to a file that has been deleted in commit 9bba4dc Remove obsolete integration with BAI. * fix dead link and make other links visible * send notification to Slack if detect-secrets failed * verifyHostname to false because of liberty 24.0.0.9 * DBACLD-151709 Change for Liberty version 24.0.0.9 + Audit 2.0 * Update to 42.7.4 before opening a bug issue about FIPS * Revert "Update to 42.7.4 before opening a bug issue about FIPS" This reverts commit 58dbe81. * move to audit-2.0 * Remove dockerhub unsafe images. Replace haproxy by official certified Traefik image. * `version` is obsolete * Updated to 2.1 * no message * no message * MAINTAINER is deprecated * DBACLD-154003 Ability to inject a hook lifecycle command in the container * DBACLD-154003 Fix issue when the 2 scripts are specifdied * sidecar probe https://jsw.ibm.com/browse/DBACLD-147947 * sidecar probe https://jsw.ibm.com/browse/DBACLD-147947 * sidecar probe https://jsw.ibm.com/browse/DBACLD-147947 * DC servlet customization * hide safe warnings * Update build-and-test.yml DBACLD-157430 Change odm on docker build to use with 9.0.0.1 release * Fix broken link * Update full-description.md * correct link * remove old server configuration * clean-up * Update links * Update full-description.md * Update full-description.md * clean-up standalone config * remove old config * update servers definition with USERS_PASSWORD * move to JDK21 * rollback * move to JDK21 * load sample in 9.0.1 * update standalone servers * disable hostname validation with new DB2 driver * Fail when ERROR * Revert "Fail when ERROR" This reverts commit 4bcc6cd. * Updated copyright to 2025 (#363) * test env export * Embed Decision Assistant WebApp in Decision Center Container Image * update custom scripts * Fix errors with multiple ZIP files * Fix issue with multiple ZIP files * Fix file name expansion * Update .env * Enable decision assistant (#365) * DBACLD-165066 - Enable DA * DBACLD-165067 - Inject Decsion Assistant configuration * Not real secret * remove DA User * Renable Standalone Licenses --------- Co-authored-by: Mathias Mouly <mathias.mouly@fr.ibm.com> * Not real secret * Enable DA * Change in the remote api * fix problem happening when customization.privateCertificateList is set and customization.trustedCertificateList is not * import cacert for RD * import cacert for RD * Manage sample db for the next release * Revert " Embed Decision Assistant WebApp in Decision Center Container Image" This reverts commit 2f8f786. * Revert feature DA * Revert "Enable DA" This reverts commit 2a144be. * Upgrade to Spring 6 for the RES Console * Upgrade to Spring 6 for DecisionRunner * merge to fix .secrets.baseline * detect secrets * Upgrade to Spring 6 for DecisionServerRuntime * DBACLD-167674 Upgrade to Spring 6 - Move redirect page to jakarta implementation (#369) * DBACLD-167674 Upgrade to Spring 6 - Move redirect page to jakarta implementation * DBACLD-167674 Move to jakarta implemetation and cleanup the build. * Move to jakarta implementation * Move to jakarta Temporary fix * Fix build issue with tag lib * Move to jakarta package. * Move to a newer mpmetrics version - mpmetrics-5.1 * establish trust by using the default certificates * add serverKeyAlias='odm' parameter to tell Liberty to use the key with alias 'odm' * DBACLD-167674 Move to jakarta implementation * error if no TLS key pair specified (#373) error "The odm certificate alias specified by the attribute serverKeyAlias is either not found in KeyStore /config/security/keystore.p12 or it is invalid." * Update build-and-test.yml * Try to fix the behavior change * switch to Liberty 25.0.0.3 * update .env * HTDS page run.jsp should require authentication (#374) otherwise the page might not load completely Co-authored-by: Frederic Mercier <f.mercier@fr.ibm.com> * configure FIPS for Liberty 25.0.0.3 and support FIPS 140-3 (#375) * fix FIPS in 25.0.0.3 and support FIPS 140-3 * unessary option (best replaced by disabling SSL in SOLR in FIPS mode -Dodm.solr.embedded.disableSSL=true) * the new ltpa.keys for FIPS 140-3 is not suitable in non FIPS mode * no pwd in ltpa element when FIPS is disabled * update .secrets.baseline * not used anymore * copy new ltpa-FIPS140-3.keys in Dockerfiles and create separate ltpa.xml and ltpaFIPS.xml --------- Co-authored-by: Frederic Mercier <f.mercier@fr.ibm.com> * Update updateDemoServers.sh DC seems to take more time to start increase the startup of the script * DBACLD-160625 - update default ciphers for FIPS 140-3 (#376) Co-authored-by: Frederic Mercier <f.mercier@fr.ibm.com> * align with prod images * DBACLD-174869 use healthCheck for servers configuration * DBACLD-176518 Update License for 25.0.0.0/9.5.0.0 Release * DBACLD-176518 Update License for 25.0.0.0/9.5.0.0 Release - Remove ru * DBACLD-176518 Update License for 25.0.0.0/9.5.0.0 Release - Update notice file * DBACLD-176518 Update License for 25.0.0.0/9.5.0.0 Release - Remove unneccessary file * DBACLD-177034 - unable to convert stores to P12 format as the pwd is incorrect * Revert "DBACLD-177034 - unable to convert stores to P12 format as the pwd is incorrect" This reverts commit 3dc9294. * Move to mpmetrics-5.1 * DBACLD-176888 - update ref to odm 9.5 (#378) * DBACLD-176888 - update readme or files wrt odm 95 * Eclipse marketplace url for new RD 9.5 * Update full-description.md * Revert "Update installPostgres driver to 42.7.4" This reverts commit d3f2eb8. * Upgrade Liberty version DBACLD-182986 - 25.0.0.6 * Fix "line 108: mapping key "environment" already defined at line 97" * Fix following introduction on a hibernat jar file that is introduced in the third party library * Improve the jrules engine version extraction * Removed outdated version: and fixed double environment: keys * enable mTLS * enable mTLS * Dbacld 187307 - Extend web.xml customization to allow editing <init-param> in filter section (#382) * To handle also removal of init-param or context param in the web.xml * Rename function and better handle removal case * use bash parameter expansion instead of sed * touch up and regroup param values escape codes * add/update element if param value in the config file is not null * correct variable for init-param value to printout * Remove space * input variables for web.xml and web-configuration.properties * modified the script so as to update RES web.xml which have 2 filters * update runtime only * move the functions updating web.xml file as separate .sh * Update servlet RESTManagementService and no longer required to update RequestFilter * the servlet that manages upload is FrontendUploadServlet * Update Liberty version in .env file * Update decisioncenter-configuration.properties * move error.jsp to jakarta * move error.jsp to jakarta * Update ODM_VERSION to 9.5.0.1 * Improve stability of the build by switching to featureutility * Improve stability of the build by switching to featureutility * transportSecurity embbed ssl * revert commit improve stability * Revert "revert commit improve stability" This reverts commit 37c99e4. * Improve stability of the build by switching to featureutility * Improve stability of the build by switching to featureutility * Remove multiple "LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format" * check authOidc filters simplification * Update authFilters.xml * Update authFilters.xml * Improve build and test. Add health check + verify authentication (#389) * Improve build and test. Add health check + verify authentication * Try to fix * increase timeout * Fix DC URL Tests * container renamed * Fix ping installation * fix warning * update authFilters.xml * update authFilters.xml * Modification for UMS (#391) * post_logout_redirect_uri configuration * force authentication on /run * allow openid auth filters override * disable res login panel * add scope parameter * add scope parameter * rename SCOPE * allow to load custom jar files for decision service * fix restore sample DB when using custom DB credentials * ODM for Dev landing page improvements * fix restore.sh * DBACLD-218733 upgrade to postgresql 16 * Restore db for any version * due to spring change behaviour * solution with new spring lib * rollback as issue on rest-api with spring security 7 fixed * #DBACLD-218851 disable auth on DSR * typo * Update full-description.md * should fix https://www.ibm.com/support/pages/node/7266845 * Date Header change * should fix https://www.ibm.com/support/pages/node/7266845 * should fix https://www.ibm.com/support/pages/node/7266845 * should fix https://www.ibm.com/support/pages/node/7266845 * LTPA for standalone * 2nd fix for LPTA key for standalone image * use proxy to download liberty features * use proxy to download liberty features * debug * debug * cleanup * Update build-and-test.yml * Remove outdated DevWorks article reference Removed outdated DevWorks article reference from README. * #DBACLD-231538 Switch feature maven utility to use artifactory proxy * Add environment variable exports for Artifactory Export ARTIFACTORY_USER and ARTIFACTORY_TOKEN for use in Docker builds. * Update build-and-test.yml to manage docker-compose Remove existing docker-compose and install a specific version. * #DBACLD-231538 Switch feature maven utility to use artifactory proxy * Remove docker-compose installation from CI workflow Removed docker-compose installation steps from the workflow. * #DBACLD-217857 Incomplete classloader definition for downloadURL in ODM containers * #DBACLD-231322 CVE driver prostgresql * Rebuild sample databases 9.6 * Update odm-cluster.yml * DBACLD-234280 - Update Licenses * Prepare delivery for the next release * DBACLD-235181 Prepare next Release * Prepare next release * Prepare next release * Prepare next release * Prep next release * add restConnector liberty feature when setting monitor.xml * #DBACLD-150939 change keytool-initcontainer password * #DBACLD-150939 change keytool-initcontainer password * #DBACLD-150939 change keytool-initcontainer password * #DBACLD-150939 change keytool-initcontainer password * #DBACLD-150939 change keytool-initcontainer password * Update ODM_VERSION to 9.6.0.0 in workflow * Update Eclipse version from 2025-12 v3.8 to v4.38 * use PKCS12 for FIPS * Fix port number --------- Co-authored-by: mmouly <mathias.mouly@fr.ibm.com> Co-authored-by: SiaSinTay <siasin.tay@fr.ibm.com> Co-authored-by: Pierre-Yves Lochou <31895642+PYLochou@users.noreply.github.com> Co-authored-by: Frederic Mercier <frederic.mercier@gmx.net> Co-authored-by: Frederic Mercier <f.mercier@fr.ibm.com> Co-authored-by: Pierre-Yves Lochou <pylochou@fr.ibm.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.