From 7311267f895a7694544b76d955f28ff419844a7c Mon Sep 17 00:00:00 2001 From: dervoeti Date: Thu, 13 Mar 2025 22:32:45 +0100 Subject: [PATCH 1/3] chore: migrate patches of dependencies to patchable format --- hbase/Dockerfile | 10 ++++--- .../1.2.0/0001-Add-CycloneDX-plugin.patch} | 9 ++++++ .../stackable/patches/1.2.0/patchable.toml | 2 ++ .../0001-Add-CycloneDX-plugin.patch} | 9 ++++++ .../patches/1.3.0-fd5a5fb/patchable.toml | 2 ++ .../5.2.0/0001-Add-CycloneDX-plugin.patch} | 11 +++++++- .../5.2.0/0002-Fix-CVE-2023-34455.patch} | 12 +++++++- .../stackable/patches/5.2.0/patchable.toml | 2 ++ .../5.2.1/0001-Add-CycloneDX-plugin.patch} | 13 +++++++-- .../5.2.1/0002-Fix-CVE-2023-34455.patch} | 26 +++++++++++------ .../stackable/patches/5.2.1/patchable.toml | 2 ++ .../patches/hbase-operator-tools/1.2.0/series | 1 - .../1.3.0-7c738fc/01-cyclonedx-plugin.patch | 28 ------------------- hbase/stackable/patches/phoenix/5.2.0/series | 2 -- .../5.3.0-4afe457/01-cyclonedx-plugin.patch | 28 ------------------- spark-k8s/Dockerfile | 4 +-- .../apply_patches.sh | 0 .../1.0.1/0001-Fix-protobuf-on-aarch64.patch} | 10 +++++++ .../stackable/patches/1.0.1/patchable.toml | 2 ++ 19 files changed, 96 insertions(+), 77 deletions(-) rename hbase/{stackable/patches/hbase-operator-tools/1.2.0/01-cyclonedx-plugin.patch => hbase-operator-tools/stackable/patches/1.2.0/0001-Add-CycloneDX-plugin.patch} (74%) create mode 100644 hbase/hbase-operator-tools/stackable/patches/1.2.0/patchable.toml rename hbase/{stackable/patches/hbase-operator-tools/1.3.0-fd5a5fb/01-cyclonedx-plugin.patch => hbase-operator-tools/stackable/patches/1.3.0-fd5a5fb/0001-Add-CycloneDX-plugin.patch} (74%) create mode 100644 hbase/hbase-operator-tools/stackable/patches/1.3.0-fd5a5fb/patchable.toml rename hbase/{stackable/patches/phoenix/5.2.0/01-cyclonedx-plugin.patch => phoenix/stackable/patches/5.2.0/0001-Add-CycloneDX-plugin.patch} (71%) rename hbase/{stackable/patches/phoenix/5.2.0/02-CVE-2023-34455-update-snappy-version.patch => phoenix/stackable/patches/5.2.0/0002-Fix-CVE-2023-34455.patch} (86%) create mode 100644 hbase/phoenix/stackable/patches/5.2.0/patchable.toml rename hbase/{stackable/patches/phoenix/5.2.1/01-cyclonedx-plugin.patch => phoenix/stackable/patches/5.2.1/0001-Add-CycloneDX-plugin.patch} (69%) rename hbase/{stackable/patches/phoenix/5.2.1/02-CVE-2023-34455-update-snappy-version.patch => phoenix/stackable/patches/5.2.1/0002-Fix-CVE-2023-34455.patch} (80%) create mode 100644 hbase/phoenix/stackable/patches/5.2.1/patchable.toml delete mode 100644 hbase/stackable/patches/hbase-operator-tools/1.2.0/series delete mode 100644 hbase/stackable/patches/hbase-operator-tools/1.3.0-7c738fc/01-cyclonedx-plugin.patch delete mode 100644 hbase/stackable/patches/phoenix/5.2.0/series delete mode 100644 hbase/stackable/patches/phoenix/5.3.0-4afe457/01-cyclonedx-plugin.patch rename spark-k8s/{stackable/hbase-connectors-patches => hbase-connectors}/apply_patches.sh (100%) rename spark-k8s/{stackable/hbase-connectors-patches/1.0.1/001-fix-protobuf-on-aarch64.patch => hbase-connectors/stackable/patches/1.0.1/0001-Fix-protobuf-on-aarch64.patch} (87%) create mode 100644 spark-k8s/hbase-connectors/stackable/patches/1.0.1/patchable.toml diff --git a/hbase/Dockerfile b/hbase/Dockerfile index d1cdc5ab6..ca80123c9 100644 --- a/hbase/Dockerfile +++ b/hbase/Dockerfile @@ -139,7 +139,8 @@ ARG DELETE_CACHES="true" # so that they are not expanded. Disabling ShellCheck rules in a Dockerfile # does not work, so please ignore the according warning (SC2016). COPY --chown=${STACKABLE_USER_UID}:0 hbase/stackable/bin/hbck2.env /stackable/bin/ -COPY --chown=${STACKABLE_USER_UID}:0 hbase/stackable/patches /stackable/patches +COPY --chown=${STACKABLE_USER_UID}:0 hbase/hbase-operator-tools/stackable/patches /stackable/patches +COPY --chown=${STACKABLE_USER_UID}:0 hbase/stackable/patches/apply_patches.sh /stackable/patches COPY --chown=${STACKABLE_USER_UID}:0 --chmod=755 hbase/stackable/bin/hbase-entrypoint.sh /stackable/bin/ USER ${STACKABLE_USER_UID} @@ -152,7 +153,7 @@ RUN --mount=type=cache,id=maven-hbase-operator-tools-${HBASE_OPERATOR_TOOLS},uid curl "https://repo.stackable.tech/repository/packages/hbase-operator-tools/hbase-operator-tools-${HBASE_OPERATOR_TOOLS}-src.tar.gz" | tar -xzC . mv hbase-operator-tools-${HBASE_OPERATOR_TOOLS} hbase-operator-tools-${HBASE_OPERATOR_TOOLS}-src chmod +x patches/apply_patches.sh -patches/apply_patches.sh hbase-operator-tools/${HBASE_OPERATOR_TOOLS} hbase-operator-tools-${HBASE_OPERATOR_TOOLS}-src +patches/apply_patches.sh ${HBASE_OPERATOR_TOOLS} hbase-operator-tools-${HBASE_OPERATOR_TOOLS}-src mvn \ --batch-mode \ @@ -232,7 +233,8 @@ ARG STACKABLE_USER_UID # This can be used to speed up builds when disk space is of no concern. ARG DELETE_CACHES="true" -COPY --chown=${STACKABLE_USER_UID}:0 hbase/stackable/patches /stackable/patches +COPY --chown=${STACKABLE_USER_UID}:0 hbase/phoenix/stackable/patches /stackable/patches +COPY --chown=${STACKABLE_USER_UID}:0 hbase/stackable/patches/apply_patches.sh /stackable/patches USER ${STACKABLE_USER_UID} WORKDIR /stackable @@ -242,7 +244,7 @@ curl "https://repo.stackable.tech/repository/packages/phoenix/phoenix-${PHOENIX} mv phoenix-${PHOENIX} phoenix-${PHOENIX}-src chmod +x patches/apply_patches.sh -patches/apply_patches.sh phoenix/${PHOENIX} phoenix-${PHOENIX}-src +patches/apply_patches.sh ${PHOENIX} phoenix-${PHOENIX}-src # Passing "-f" means it'll build in the phoenix source directory without cding into it # The Maven command can be found inside of the scripts in the create-release folder (release-util.sh as of Phoenix 5.2.0) diff --git a/hbase/stackable/patches/hbase-operator-tools/1.2.0/01-cyclonedx-plugin.patch b/hbase/hbase-operator-tools/stackable/patches/1.2.0/0001-Add-CycloneDX-plugin.patch similarity index 74% rename from hbase/stackable/patches/hbase-operator-tools/1.2.0/01-cyclonedx-plugin.patch rename to hbase/hbase-operator-tools/stackable/patches/1.2.0/0001-Add-CycloneDX-plugin.patch index 07ffbb8cf..fe491124d 100644 --- a/hbase/stackable/patches/hbase-operator-tools/1.2.0/01-cyclonedx-plugin.patch +++ b/hbase/hbase-operator-tools/stackable/patches/1.2.0/0001-Add-CycloneDX-plugin.patch @@ -1,3 +1,12 @@ +From 925a136ad24ae2d273990c36e591a87116f78ec0 Mon Sep 17 00:00:00 2001 +From: dervoeti +Date: Thu, 13 Mar 2025 22:04:20 +0100 +Subject: Add CycloneDX plugin + +--- + pom.xml | 17 +++++++++++++++++ + 1 file changed, 17 insertions(+) + diff --git a/pom.xml b/pom.xml index aba42b0..0288bde 100644 --- a/pom.xml diff --git a/hbase/hbase-operator-tools/stackable/patches/1.2.0/patchable.toml b/hbase/hbase-operator-tools/stackable/patches/1.2.0/patchable.toml new file mode 100644 index 000000000..312b144c1 --- /dev/null +++ b/hbase/hbase-operator-tools/stackable/patches/1.2.0/patchable.toml @@ -0,0 +1,2 @@ +upstream = "https://github.com/apache/hbase-operator-tools.git" +base = "478af00af79f82624264fd2bb447b97fecc8e790" diff --git a/hbase/stackable/patches/hbase-operator-tools/1.3.0-fd5a5fb/01-cyclonedx-plugin.patch b/hbase/hbase-operator-tools/stackable/patches/1.3.0-fd5a5fb/0001-Add-CycloneDX-plugin.patch similarity index 74% rename from hbase/stackable/patches/hbase-operator-tools/1.3.0-fd5a5fb/01-cyclonedx-plugin.patch rename to hbase/hbase-operator-tools/stackable/patches/1.3.0-fd5a5fb/0001-Add-CycloneDX-plugin.patch index 1eb4562b3..95f8a96f8 100644 --- a/hbase/stackable/patches/hbase-operator-tools/1.3.0-fd5a5fb/01-cyclonedx-plugin.patch +++ b/hbase/hbase-operator-tools/stackable/patches/1.3.0-fd5a5fb/0001-Add-CycloneDX-plugin.patch @@ -1,3 +1,12 @@ +From 8616ee8b26bfbba285a36b91eb41a203a49b222a Mon Sep 17 00:00:00 2001 +From: dervoeti +Date: Thu, 13 Mar 2025 22:07:31 +0100 +Subject: Add CycloneDX plugin + +--- + pom.xml | 17 +++++++++++++++++ + 1 file changed, 17 insertions(+) + diff --git a/pom.xml b/pom.xml index caa032a..0025687 100644 --- a/pom.xml diff --git a/hbase/hbase-operator-tools/stackable/patches/1.3.0-fd5a5fb/patchable.toml b/hbase/hbase-operator-tools/stackable/patches/1.3.0-fd5a5fb/patchable.toml new file mode 100644 index 000000000..165a2494e --- /dev/null +++ b/hbase/hbase-operator-tools/stackable/patches/1.3.0-fd5a5fb/patchable.toml @@ -0,0 +1,2 @@ +upstream = "https://github.com/apache/hbase-operator-tools.git" +base = "fd5a5fb90755949a90c502c76de8313130403fa3" diff --git a/hbase/stackable/patches/phoenix/5.2.0/01-cyclonedx-plugin.patch b/hbase/phoenix/stackable/patches/5.2.0/0001-Add-CycloneDX-plugin.patch similarity index 71% rename from hbase/stackable/patches/phoenix/5.2.0/01-cyclonedx-plugin.patch rename to hbase/phoenix/stackable/patches/5.2.0/0001-Add-CycloneDX-plugin.patch index 009c2fbc3..3c51fbc7e 100644 --- a/hbase/stackable/patches/phoenix/5.2.0/01-cyclonedx-plugin.patch +++ b/hbase/phoenix/stackable/patches/5.2.0/0001-Add-CycloneDX-plugin.patch @@ -1,5 +1,14 @@ +From a30f7fc9682806daf1b49cd8cb496ff9e8b1f72d Mon Sep 17 00:00:00 2001 +From: dervoeti +Date: Thu, 13 Mar 2025 16:49:18 +0100 +Subject: Add CycloneDX plugin + +--- + pom.xml | 17 +++++++++++++++++ + 1 file changed, 17 insertions(+) + diff --git a/pom.xml b/pom.xml -index bce2398..4abcb5a 100644 +index bce239830..4abcb5a28 100644 --- a/pom.xml +++ b/pom.xml @@ -680,6 +680,23 @@ diff --git a/hbase/stackable/patches/phoenix/5.2.0/02-CVE-2023-34455-update-snappy-version.patch b/hbase/phoenix/stackable/patches/5.2.0/0002-Fix-CVE-2023-34455.patch similarity index 86% rename from hbase/stackable/patches/phoenix/5.2.0/02-CVE-2023-34455-update-snappy-version.patch rename to hbase/phoenix/stackable/patches/5.2.0/0002-Fix-CVE-2023-34455.patch index 6b89037c8..9462aff9c 100644 --- a/hbase/stackable/patches/phoenix/5.2.0/02-CVE-2023-34455-update-snappy-version.patch +++ b/hbase/phoenix/stackable/patches/5.2.0/0002-Fix-CVE-2023-34455.patch @@ -1,6 +1,16 @@ -Fix CVE-2023-34455 +From 478367176853837a6875105cec74b2977ab23c2c Mon Sep 17 00:00:00 2001 +From: dervoeti +Date: Thu, 13 Mar 2025 16:50:29 +0100 +Subject: Fix CVE-2023-34455 See https://github.com/stackabletech/vulnerabilities/issues/558 +--- + phoenix-core-client/pom.xml | 6 ++++++ + phoenix-core-server/pom.xml | 8 +++++++- + phoenix-pherf/pom.xml | 6 ++++++ + phoenix-tracing-webapp/pom.xml | 6 ++++++ + pom.xml | 7 +++++++ + 5 files changed, 32 insertions(+), 1 deletion(-) diff --git a/phoenix-core-client/pom.xml b/phoenix-core-client/pom.xml index f711b0f6f..3cfbffef9 100644 diff --git a/hbase/phoenix/stackable/patches/5.2.0/patchable.toml b/hbase/phoenix/stackable/patches/5.2.0/patchable.toml new file mode 100644 index 000000000..7508184e1 --- /dev/null +++ b/hbase/phoenix/stackable/patches/5.2.0/patchable.toml @@ -0,0 +1,2 @@ +upstream = "https://github.com/apache/phoenix.git" +base = "ee35d060a00863bbad23f18028e1524a845874f3" diff --git a/hbase/stackable/patches/phoenix/5.2.1/01-cyclonedx-plugin.patch b/hbase/phoenix/stackable/patches/5.2.1/0001-Add-CycloneDX-plugin.patch similarity index 69% rename from hbase/stackable/patches/phoenix/5.2.1/01-cyclonedx-plugin.patch rename to hbase/phoenix/stackable/patches/5.2.1/0001-Add-CycloneDX-plugin.patch index 99de035c0..f57d3b516 100644 --- a/hbase/stackable/patches/phoenix/5.2.1/01-cyclonedx-plugin.patch +++ b/hbase/phoenix/stackable/patches/5.2.1/0001-Add-CycloneDX-plugin.patch @@ -1,8 +1,17 @@ +From 7727bee78aa96e3342da8cb9b3221327f29c43db Mon Sep 17 00:00:00 2001 +From: dervoeti +Date: Thu, 13 Mar 2025 22:00:03 +0100 +Subject: Add CycloneDX plugin + +--- + pom.xml | 17 +++++++++++++++++ + 1 file changed, 17 insertions(+) + diff --git a/pom.xml b/pom.xml -index bce2398..4abcb5a 100644 +index ed97bb870..f8534b4ad 100644 --- a/pom.xml +++ b/pom.xml -@@ -680,6 +680,23 @@ +@@ -697,6 +697,23 @@ true true diff --git a/hbase/stackable/patches/phoenix/5.2.1/02-CVE-2023-34455-update-snappy-version.patch b/hbase/phoenix/stackable/patches/5.2.1/0002-Fix-CVE-2023-34455.patch similarity index 80% rename from hbase/stackable/patches/phoenix/5.2.1/02-CVE-2023-34455-update-snappy-version.patch rename to hbase/phoenix/stackable/patches/5.2.1/0002-Fix-CVE-2023-34455.patch index 6b89037c8..0dbe1c0d8 100644 --- a/hbase/stackable/patches/phoenix/5.2.1/02-CVE-2023-34455-update-snappy-version.patch +++ b/hbase/phoenix/stackable/patches/5.2.1/0002-Fix-CVE-2023-34455.patch @@ -1,12 +1,22 @@ -Fix CVE-2023-34455 +From 24a0779c5e24caec82d23988f0b4b026e4bc7c8c Mon Sep 17 00:00:00 2001 +From: dervoeti +Date: Thu, 13 Mar 2025 22:01:52 +0100 +Subject: Fix CVE-2023-34455 See https://github.com/stackabletech/vulnerabilities/issues/558 +--- + phoenix-core-client/pom.xml | 6 ++++++ + phoenix-core-server/pom.xml | 8 +++++++- + phoenix-pherf/pom.xml | 6 ++++++ + phoenix-tracing-webapp/pom.xml | 6 ++++++ + pom.xml | 7 +++++++ + 5 files changed, 32 insertions(+), 1 deletion(-) diff --git a/phoenix-core-client/pom.xml b/phoenix-core-client/pom.xml -index f711b0f6f..3cfbffef9 100644 +index eaf92a75e..cbbebc9d5 100644 --- a/phoenix-core-client/pom.xml +++ b/phoenix-core-client/pom.xml -@@ -230,6 +230,12 @@ +@@ -233,6 +233,12 @@ org.apache.hadoop hadoop-auth @@ -20,7 +30,7 @@ index f711b0f6f..3cfbffef9 100644 diff --git a/phoenix-core-server/pom.xml b/phoenix-core-server/pom.xml -index d5032ece2..e47fb0837 100644 +index bb582d408..61cfeef6d 100644 --- a/phoenix-core-server/pom.xml +++ b/phoenix-core-server/pom.xml @@ -59,6 +59,12 @@ @@ -44,7 +54,7 @@ index d5032ece2..e47fb0837 100644 \ No newline at end of file + diff --git a/phoenix-pherf/pom.xml b/phoenix-pherf/pom.xml -index c03fff9a1..cdcce2f98 100644 +index 787137edc..017cb5dd5 100644 --- a/phoenix-pherf/pom.xml +++ b/phoenix-pherf/pom.xml @@ -159,6 +159,12 @@ @@ -61,7 +71,7 @@ index c03fff9a1..cdcce2f98 100644 diff --git a/phoenix-tracing-webapp/pom.xml b/phoenix-tracing-webapp/pom.xml -index d2d1549ef..c8054159e 100755 +index 681e68043..3f28979e7 100755 --- a/phoenix-tracing-webapp/pom.xml +++ b/phoenix-tracing-webapp/pom.xml @@ -89,6 +89,12 @@ @@ -78,10 +88,10 @@ index d2d1549ef..c8054159e 100755 diff --git a/pom.xml b/pom.xml -index 4abcb5a28..21dcf71ad 100644 +index f8534b4ad..ec98a082a 100644 --- a/pom.xml +++ b/pom.xml -@@ -850,6 +850,13 @@ +@@ -892,6 +892,13 @@ diff --git a/hbase/phoenix/stackable/patches/5.2.1/patchable.toml b/hbase/phoenix/stackable/patches/5.2.1/patchable.toml new file mode 100644 index 000000000..fd13de0cb --- /dev/null +++ b/hbase/phoenix/stackable/patches/5.2.1/patchable.toml @@ -0,0 +1,2 @@ +upstream = "https://github.com/apache/phoenix.git" +base = "b738d66cb5863b759bb98eaa417b3b5731d41f95" diff --git a/hbase/stackable/patches/hbase-operator-tools/1.2.0/series b/hbase/stackable/patches/hbase-operator-tools/1.2.0/series deleted file mode 100644 index 93ff84ea3..000000000 --- a/hbase/stackable/patches/hbase-operator-tools/1.2.0/series +++ /dev/null @@ -1 +0,0 @@ -01-cyclonedx-plugin.patch diff --git a/hbase/stackable/patches/hbase-operator-tools/1.3.0-7c738fc/01-cyclonedx-plugin.patch b/hbase/stackable/patches/hbase-operator-tools/1.3.0-7c738fc/01-cyclonedx-plugin.patch deleted file mode 100644 index b5346332e..000000000 --- a/hbase/stackable/patches/hbase-operator-tools/1.3.0-7c738fc/01-cyclonedx-plugin.patch +++ /dev/null @@ -1,28 +0,0 @@ -diff --git a/pom.xml b/pom.xml -index 3e05590..91292a0 100644 ---- a/pom.xml -+++ b/pom.xml -@@ -536,6 +536,23 @@ - - - -+ -+ org.cyclonedx -+ cyclonedx-maven-plugin -+ 2.8.0 -+ -+ application -+ 1.5 -+ -+ -+ -+ -+ makeBom -+ -+ package -+ -+ -+ - - - diff --git a/hbase/stackable/patches/phoenix/5.2.0/series b/hbase/stackable/patches/phoenix/5.2.0/series deleted file mode 100644 index d6d838f2b..000000000 --- a/hbase/stackable/patches/phoenix/5.2.0/series +++ /dev/null @@ -1,2 +0,0 @@ -01-cyclonedx-plugin.patch -02-CVE-2023-34455-update-snappy-version.patch diff --git a/hbase/stackable/patches/phoenix/5.3.0-4afe457/01-cyclonedx-plugin.patch b/hbase/stackable/patches/phoenix/5.3.0-4afe457/01-cyclonedx-plugin.patch deleted file mode 100644 index 7afc50190..000000000 --- a/hbase/stackable/patches/phoenix/5.3.0-4afe457/01-cyclonedx-plugin.patch +++ /dev/null @@ -1,28 +0,0 @@ -diff --git a/pom.xml b/pom.xml -index e3d5b9a..8a5cfdc 100644 ---- a/pom.xml -+++ b/pom.xml -@@ -685,6 +685,23 @@ - true - true - -+ -+ org.cyclonedx -+ cyclonedx-maven-plugin -+ 2.8.0 -+ -+ application -+ 1.5 -+ -+ -+ -+ -+ makeBom -+ -+ package -+ -+ -+ - - - diff --git a/spark-k8s/Dockerfile b/spark-k8s/Dockerfile index a1d625362..0ca95319d 100644 --- a/spark-k8s/Dockerfile +++ b/spark-k8s/Dockerfile @@ -86,10 +86,10 @@ EOF # Patch the hbase-connectors source code WORKDIR /stackable/hbase-connectors COPY --chown=${STACKABLE_USER_UID}:0 \ - spark-k8s/stackable/hbase-connectors-patches/apply_patches.sh \ + spark-k8s/hbase-connectors/apply_patches.sh \ patches/apply_patches.sh COPY --chown=${STACKABLE_USER_UID}:0 \ - spark-k8s/stackable/hbase-connectors-patches/${HBASE_CONNECTOR} \ + spark-k8s/hbase-connectors/stackable/patches/${HBASE_CONNECTOR} \ patches/${HBASE_CONNECTOR} RUN patches/apply_patches.sh ${HBASE_CONNECTOR} diff --git a/spark-k8s/stackable/hbase-connectors-patches/apply_patches.sh b/spark-k8s/hbase-connectors/apply_patches.sh similarity index 100% rename from spark-k8s/stackable/hbase-connectors-patches/apply_patches.sh rename to spark-k8s/hbase-connectors/apply_patches.sh diff --git a/spark-k8s/stackable/hbase-connectors-patches/1.0.1/001-fix-protobuf-on-aarch64.patch b/spark-k8s/hbase-connectors/stackable/patches/1.0.1/0001-Fix-protobuf-on-aarch64.patch similarity index 87% rename from spark-k8s/stackable/hbase-connectors-patches/1.0.1/001-fix-protobuf-on-aarch64.patch rename to spark-k8s/hbase-connectors/stackable/patches/1.0.1/0001-Fix-protobuf-on-aarch64.patch index cc072c527..37d8663c9 100644 --- a/spark-k8s/stackable/hbase-connectors-patches/1.0.1/001-fix-protobuf-on-aarch64.patch +++ b/spark-k8s/hbase-connectors/stackable/patches/1.0.1/0001-Fix-protobuf-on-aarch64.patch @@ -1,3 +1,13 @@ +From 8211177df0ca6cae00bc3bebcd264364732691b3 Mon Sep 17 00:00:00 2001 +From: dervoeti +Date: Thu, 13 Mar 2025 22:10:56 +0100 +Subject: Fix protobuf on aarch64 + +--- + pom.xml | 19 ++++++++++++++++++- + spark/pom.xml | 2 +- + 2 files changed, 19 insertions(+), 2 deletions(-) + diff --git a/pom.xml b/pom.xml index e849cd1..f514e14 100644 --- a/pom.xml diff --git a/spark-k8s/hbase-connectors/stackable/patches/1.0.1/patchable.toml b/spark-k8s/hbase-connectors/stackable/patches/1.0.1/patchable.toml new file mode 100644 index 000000000..74242d678 --- /dev/null +++ b/spark-k8s/hbase-connectors/stackable/patches/1.0.1/patchable.toml @@ -0,0 +1,2 @@ +upstream = "https://github.com/apache/hbase-connectors.git" +base = "e5217d13ed729703580ff2d1b02378ada2d94f4d" From 2c0f8f8d45b138a9bc1c3241c5cc1dcc11c4b8d9 Mon Sep 17 00:00:00 2001 From: dervoeti Date: Fri, 14 Mar 2025 14:50:11 +0100 Subject: [PATCH 2/3] docs: changelog --- CHANGELOG.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 83c699b73..f99d15a1e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -29,7 +29,7 @@ All notable changes to this project will be documented in this file. - trino-cli: Add version 470 ([#999]). - trino-storage-connector: Add version 470 ([#999]). - superset: Add version `4.1.1` ([#991]). -- Add Patchable patch management tool ([#1003], [#1005], [#1007]). +- Add Patchable patch management tool ([#1003], [#1005], [#1007], [#1026]). - nifi: Add 1.28.1, 2.2.0 ([#1006]). - airflow: Add 2.10.4 ([#1021]). - hadoop: Add 3.4.1, use jmx_export 1.1.0 ([#1021]). @@ -104,6 +104,7 @@ All notable changes to this project will be documented in this file. [#1015]: https://github.com/stackabletech/docker-images/pull/1015 [#1021]: https://github.com/stackabletech/docker-images/pull/1021 [#1022]: https://github.com/stackabletech/docker-images/pull/1022 +[#1026]: https://github.com/stackabletech/docker-images/pull/1026 ## [24.11.1] - 2025-01-14 From 0d3b651a01b6b343fa4fd581cc5068cff1843946 Mon Sep 17 00:00:00 2001 From: dervoeti Date: Mon, 17 Mar 2025 12:37:54 +0100 Subject: [PATCH 3/3] chore: removed patches for unused phoenix version --- .../5.2.0/0001-Add-CycloneDX-plugin.patch | 37 ------ .../5.2.0/0002-Fix-CVE-2023-34455.patch | 107 ------------------ .../stackable/patches/5.2.0/patchable.toml | 2 - 3 files changed, 146 deletions(-) delete mode 100644 hbase/phoenix/stackable/patches/5.2.0/0001-Add-CycloneDX-plugin.patch delete mode 100644 hbase/phoenix/stackable/patches/5.2.0/0002-Fix-CVE-2023-34455.patch delete mode 100644 hbase/phoenix/stackable/patches/5.2.0/patchable.toml diff --git a/hbase/phoenix/stackable/patches/5.2.0/0001-Add-CycloneDX-plugin.patch b/hbase/phoenix/stackable/patches/5.2.0/0001-Add-CycloneDX-plugin.patch deleted file mode 100644 index 3c51fbc7e..000000000 --- a/hbase/phoenix/stackable/patches/5.2.0/0001-Add-CycloneDX-plugin.patch +++ /dev/null @@ -1,37 +0,0 @@ -From a30f7fc9682806daf1b49cd8cb496ff9e8b1f72d Mon Sep 17 00:00:00 2001 -From: dervoeti -Date: Thu, 13 Mar 2025 16:49:18 +0100 -Subject: Add CycloneDX plugin - ---- - pom.xml | 17 +++++++++++++++++ - 1 file changed, 17 insertions(+) - -diff --git a/pom.xml b/pom.xml -index bce239830..4abcb5a28 100644 ---- a/pom.xml -+++ b/pom.xml -@@ -680,6 +680,23 @@ - true - true - -+ -+ org.cyclonedx -+ cyclonedx-maven-plugin -+ 2.8.0 -+ -+ application -+ 1.5 -+ -+ -+ -+ -+ makeBom -+ -+ package -+ -+ -+ - - - diff --git a/hbase/phoenix/stackable/patches/5.2.0/0002-Fix-CVE-2023-34455.patch b/hbase/phoenix/stackable/patches/5.2.0/0002-Fix-CVE-2023-34455.patch deleted file mode 100644 index 9462aff9c..000000000 --- a/hbase/phoenix/stackable/patches/5.2.0/0002-Fix-CVE-2023-34455.patch +++ /dev/null @@ -1,107 +0,0 @@ -From 478367176853837a6875105cec74b2977ab23c2c Mon Sep 17 00:00:00 2001 -From: dervoeti -Date: Thu, 13 Mar 2025 16:50:29 +0100 -Subject: Fix CVE-2023-34455 - -See https://github.com/stackabletech/vulnerabilities/issues/558 ---- - phoenix-core-client/pom.xml | 6 ++++++ - phoenix-core-server/pom.xml | 8 +++++++- - phoenix-pherf/pom.xml | 6 ++++++ - phoenix-tracing-webapp/pom.xml | 6 ++++++ - pom.xml | 7 +++++++ - 5 files changed, 32 insertions(+), 1 deletion(-) - -diff --git a/phoenix-core-client/pom.xml b/phoenix-core-client/pom.xml -index f711b0f6f..3cfbffef9 100644 ---- a/phoenix-core-client/pom.xml -+++ b/phoenix-core-client/pom.xml -@@ -230,6 +230,12 @@ - org.apache.hadoop - hadoop-auth - -+ -+ -+ org.xerial.snappy -+ snappy-java -+ 1.1.10.4 -+ - - - -diff --git a/phoenix-core-server/pom.xml b/phoenix-core-server/pom.xml -index d5032ece2..e47fb0837 100644 ---- a/phoenix-core-server/pom.xml -+++ b/phoenix-core-server/pom.xml -@@ -59,6 +59,12 @@ - org.apache.hadoop - hadoop-mapreduce-client-core - -+ -+ -+ org.xerial.snappy -+ snappy-java -+ 1.1.10.4 -+ - - - -@@ -192,4 +198,4 @@ - - - -- -\ No newline at end of file -+ -diff --git a/phoenix-pherf/pom.xml b/phoenix-pherf/pom.xml -index c03fff9a1..cdcce2f98 100644 ---- a/phoenix-pherf/pom.xml -+++ b/phoenix-pherf/pom.xml -@@ -159,6 +159,12 @@ - org.apache.hbase - hbase-server - -+ -+ -+ org.xerial.snappy -+ snappy-java -+ 1.1.10.4 -+ - - - -diff --git a/phoenix-tracing-webapp/pom.xml b/phoenix-tracing-webapp/pom.xml -index d2d1549ef..c8054159e 100755 ---- a/phoenix-tracing-webapp/pom.xml -+++ b/phoenix-tracing-webapp/pom.xml -@@ -89,6 +89,12 @@ - org.apache.hbase - hbase-common - -+ -+ -+ org.xerial.snappy -+ snappy-java -+ 1.1.10.4 -+ - - - -diff --git a/pom.xml b/pom.xml -index 4abcb5a28..21dcf71ad 100644 ---- a/pom.xml -+++ b/pom.xml -@@ -850,6 +850,13 @@ - - - -+ -+ -+ org.xerial.snappy -+ snappy-java -+ 1.1.10.4 -+ -+ - - org.apache.hadoop - hadoop-common diff --git a/hbase/phoenix/stackable/patches/5.2.0/patchable.toml b/hbase/phoenix/stackable/patches/5.2.0/patchable.toml deleted file mode 100644 index 7508184e1..000000000 --- a/hbase/phoenix/stackable/patches/5.2.0/patchable.toml +++ /dev/null @@ -1,2 +0,0 @@ -upstream = "https://github.com/apache/phoenix.git" -base = "ee35d060a00863bbad23f18028e1524a845874f3"