Upgrade Vulnerable Direct Dependencies [log4j]
Signed-off-by: amohamad <a.mohamad@queensu.ca>
Issue-ID: SDC-3051
Upgrade from the vulnerable log4j 1.x to log4j 2.13.1
Add a log4j version property in sdc-main pom.xml
Add two maven dependencies to respective child pom.xml
Change name of log4j .properties and .xml config files
to reflect log4j2 naming
Update the configuration files to the totally new
log4j 2 config syntax
Replace PropertyConfigurator with LoggerContext
Remove the abandoned log4j.lf5.util.ResourceUtils
Signed-off-by: amohamad <a.mohamad@queensu.ca>
Change-Id: Ie0f141eb2e0337ee5b63b61dc1395ccd8040558d
diff --git a/test-apis-ci/src/main/resources/ci/conf/log4j.properties b/test-apis-ci/src/main/resources/ci/conf/log4j.properties
deleted file mode 100644
index 02f7830..0000000
--- a/test-apis-ci/src/main/resources/ci/conf/log4j.properties
+++ /dev/null
@@ -1,34 +0,0 @@
-# Define the root logger with appender file
-log4j.rootLogger = INFO, FILE, stdout
-
-# Define the file appender
-log4j.appender.FILE=org.apache.log4j.RollingFileAppender
-log4j.appender.FILE.File=${targetlog}logs/ci-log.out
-
-# Define the layout for file appender
-log4j.appender.FILE.layout=org.apache.log4j.PatternLayout
-log4j.appender.FILE.layout.conversionPattern=%d{yyyy-MM-dd HH:mm:ss} %5p [%10c] : %m%n
-
-# Set the maximum file size before rollover
-log4j.appender.FILE.maxFileSize=5MB
-
-# Set the the backup index
-log4j.appender.FILE.maxBackupIndex=10
-
-
-#############################################################
-
-# Direct log messages to stdout
-log4j.appender.stdout=org.apache.log4j.ConsoleAppender
-log4j.appender.stdout.Target=System.out
-log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
-#log4j.appender.stdout.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss} %-5p %c{1}:%L - %m%n
-log4j.appender.stdout.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss} %5p %10c:%L - %m%n
-
-log4j.logger.org.apache.cassandra.service.StorageProxy=INFO
-log4j.logger.org.janusgraph.diskstorage.cassandra.CassandraTransaction=INFO, FILE, stdout
-
-log4j.logger.org.openecomp.sdc.ci.tests.utils=INFO, FILE, stdout
-log4j.additivity.org.openecomp.sdc.ci.tests.utils=false
-
-
diff --git a/test-apis-ci/src/main/resources/ci/conf/log4j.xml b/test-apis-ci/src/main/resources/ci/conf/log4j.xml
deleted file mode 100644
index 6db233a..0000000
--- a/test-apis-ci/src/main/resources/ci/conf/log4j.xml
+++ /dev/null
@@ -1,32 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd">
-
-<log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/"
- debug="false">
-
- <appender name="fileAppender" class="org.apache.log4j.FileAppender">
-
- <param name="Threshold" value="INFO" />
-
- <param name="File" value="logfile.log" />
-
- <layout class="org.apache.log4j.PatternLayout">
-
- <param name="ConversionPattern" value="%d %-5p [%c{1}] %m %n" />
-
- </layout>
-
- </appender>
-
- <root>
-
- <level value="INFO" />
-
- <appender-ref ref="fileAppender" />
-
- </root>
-
-
-
-</log4j:configuration>
diff --git a/test-apis-ci/src/main/resources/ci/conf/log4j2.properties b/test-apis-ci/src/main/resources/ci/conf/log4j2.properties
new file mode 100644
index 0000000..a8944db
--- /dev/null
+++ b/test-apis-ci/src/main/resources/ci/conf/log4j2.properties
@@ -0,0 +1,46 @@
+status = error
+dest = err
+name = PropertiesConfig
+
+property.filename = ${targetlog}logs/ci-log.out
+
+#filter.threshold.type = ThresholdFilter
+#filter.threshold.level = debug
+
+appender.rolling.type = RollingFile
+appender.rolling.name = RollingFile
+appender.rolling.fileName = ${filename}
+appender.rolling.filePattern = ${targetlog}logs/ci-%d{MM-dd-yy-HH-mm-ss}-%i.log.gz
+appender.rolling.layout.type = PatternLayout
+appender.rolling.layout.pattern = %d{yyyy-MM-dd HH:mm:ss} %5p [%10c] : %m%n
+appender.rolling.policies.type = Policies
+appender.rolling.policies.size.type = SizeBasedTriggeringPolicy
+appender.rolling.policies.size.size=5MB
+appender.rolling.strategy.type = DefaultRolloverStrategy
+appender.rolling.strategy.max = 10
+
+appender.console.type = Console
+appender.console.name = STDOUT
+appender.console.layout.type = PatternLayout
+appender.console.layout.pattern = %d{yyyy-MM-dd HH:mm:ss} %5p %10c:%L - %m%n
+appender.console.filter.threshold.type = ThresholdFilter
+appender.console.filter.threshold.level = info
+
+logger.rolling.name = RollingAppender
+logger.rolling.level = info
+logger.rolling.additivity = false
+logger.rolling.appenderRef.rolling.ref = RollingFile
+
+logger.org.apache.cassandra.service.StorageProxy.level=info
+logger.org.janusgraph.diskstorage.cassandra.CassandraTransaction.level =info
+logger.org.janusgraph.diskstorage.cassandra.CassandraTransaction.appendRef.rolling.ref = RollingFile
+logger.org.janusgraph.diskstorage.cassandra.CassandraTransaction.appendRef.stdout.ref = STDOUT
+
+logger.org.openecomp.sdc.ci.tests.utils.level = info
+logger.org.openecomp.sdc.ci.tests.utils.appendRef.rolling.ref = RollingFile
+logger.org.openecomp.sdc.ci.tests.utils.appendRef.stdout.ref = STDOUT
+logger.org.openecomp.sdc.ci.tests.utils.additivity = false
+
+rootLogger.level = info
+rootLogger.appenderRef.stdout.ref = STDOUT
+rootLogger.appenderRef.rolling.ref = RollingFile
diff --git a/test-apis-ci/src/main/resources/ci/conf/log4j2.xml b/test-apis-ci/src/main/resources/ci/conf/log4j2.xml
new file mode 100644
index 0000000..5295d45
--- /dev/null
+++ b/test-apis-ci/src/main/resources/ci/conf/log4j2.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Configuration status="ERROR">
+ <Appenders>
+ <File name="fileAppender" fileName="logfile.log" append="false">
+ <PatternLayout pattern="%d %-5p [%c{1}] %m %n"/>
+ </File>
+ </Appenders>
+ <Loggers>
+ <Root level="info">
+ <AppenderRef ref="fileAppender"/>
+ </Root>
+ </Loggers>
+</Configuration>
\ No newline at end of file