Development: Remove jenkins client and access Jenkins REST API directly

build.gradle

@@ -19,6 +19,7 @@ plugins {
     id "com.google.cloud.tools.jib" version "3.4.4"
     id "com.gorylenko.gradle-git-properties" version "2.4.2"
     id "io.spring.dependency-management" version "1.1.7"
+    id "nebula.lint" version "20.3.1"
     id "org.liquibase.gradle" version "${liquibase_plugin_version}"
     id "org.owasp.dependencycheck" version "11.1.1"
     id "org.springframework.boot" version "${spring_boot_version}"
@@ -94,13 +95,13 @@ repositories {
 }
 
 configurations.configureEach {
-//    exclude group: "org.dom4j", module: "dom4j"
+    exclude group: "org.dom4j", module: "dom4j"
     exclude group: "org.xmlpull", module: "pull-parser"
     exclude group: "jaxen", module: "jaxen"
     exclude group: "xmlpull", module: "xpp3"
     exclude group: "xsdlib", module: "xsdlib"
     exclude group: "javax.xml.stream", module: "stax-api"
-//    exclude group: "javax.xml.bind", module: "jaxb-api"
+    exclude group: "javax.xml.bind", module: "jaxb-api"
 
     exclude group: "org.junit.vintage", module: "junit-vintage-engine"
     exclude group: "com.vaadin.external.google", module: "android-json"
@@ -123,27 +124,35 @@ configurations.configureEach {
     exclude group: "org.apache.lucene", module: "lucene-core"
     exclude group: "org.apache.lucene", module: "lucene-analyzers-common"
     exclude group: "com.google.protobuf", module: "protobuf-java"
+
+    exclude group: "org.jasypt", module: "jasypt"
+
+    // required by eureka client, but not used in this project
+    exclude group: "com.thoughtworks.xstream", module: "xstream"
+    // required by JPlag, but not used in this project
+    exclude group: "xerces", module: "xercesImpl"
+    // required by JPlag, but not used in this project
+    exclude group: "xalan", module: "xalan"
+    // required by JPlag, but not used in this project
+    exclude group: "xalan", module: "serializer"
+
+    exclude group: "org.springframework.boot", module: "spring-boot-starter-cache"
+    exclude group: "io.micrometer", module: "micrometer-registry-prometheus"
+    exclude group: "net.logstash.logback", module: "logstash-logback-encoder"
+
+    exclude group: "javax.cache", module: "cache-api"
+    exclude group: "javax.transaction", module: "javax.transaction-api"
+
+    // JPlag depends on those, but they are not really needed
+    exclude group: "org.jgrapht", module: "jgrapht-core"
+    exclude group: "org.apfloat", module: "apfloat"
 }
 
 dependencies {
 
-    // Note: jenkins-client is not well maintained and includes dependencies to libraries with critical security issues (e.g. CVE-2020-10683 for [email protected])
-    //    implementation "com.offbytwo.jenkins:jenkins-client:0.3.8"
-    implementation files("libs/jenkins-client-0.4.1.jar")
-    // The following 4 dependencies are explicitly integrated as transitive dependencies of jenkins-client-0.4.0.jar
     implementation "org.apache.httpcomponents.client5:httpclient5:5.4.1"
     implementation "org.apache.httpcomponents.core5:httpcore5:5.3.1"
     implementation "org.apache.httpcomponents:httpmime:4.5.14"
-    implementation("org.dom4j:dom4j:2.1.4") {
-        // Note: avoid org.xml.sax.SAXNotRecognizedException: unrecognized feature http://xml.org/sax/features/external-general-entities
-        // also see https://github.com/dom4j/dom4j/issues/99
-        exclude module: "pull-parser"
-        exclude module: "jaxen"
-        exclude module: "xpp3"
-        exclude module: "xsdlib"
-        exclude module: "stax-api"
-        exclude module: "jaxb-api"
-    }
 
     implementation "org.gitlab4j:gitlab4j-api:6.0.0-rc.8"
 
@@ -172,8 +181,10 @@ dependencies {
         }
     }
 
+    // Sentry depends on this
     implementation "org.apache.logging.log4j:log4j-to-slf4j:2.24.3"
 
+    // Used for LTI (e.g. Moodle --> Artemis)
     implementation "uk.ac.ox.ctl:spring-security-lti13:0.3.0"
 
     // https://search.maven.org/artifact/org.eclipse.jgit/org.eclipse.jgit
@@ -189,7 +200,6 @@ dependencies {
 
     // https://mvnrepository.com/artifact/net.sourceforge.plantuml/plantuml
     implementation "net.sourceforge.plantuml:plantuml:1.2024.8"
-    implementation "org.jasypt:jasypt:1.9.3"
     implementation "me.xdrop:fuzzywuzzy:1.4.0"
     implementation("org.yaml:snakeyaml") {
         version {
@@ -205,14 +215,7 @@ dependencies {
     // NOTE: the following six dependencies use the newer versions explicitly to avoid other dependencies to use older versions
     implementation "ch.qos.logback:logback-classic:${logback_version}"
     implementation "ch.qos.logback:logback-core:${logback_version}"
-    // required by eureka client
-    implementation "com.thoughtworks.xstream:xstream:1.4.21"
-    // required by JPlag, should NOT be used in other places
-    implementation "xerces:xercesImpl:2.12.2"
-    // required by JPlag, should NOT be used in other places
-    implementation "xalan:xalan:2.7.3"
-    // required by JPlag, should NOT be used in other places
-    implementation "xalan:serializer:2.7.3"
+
     // required by Saml2, should NOT be used in other places
     implementation "org.apache.santuario:xmlsec:4.0.3"
 
@@ -231,14 +234,7 @@ dependencies {
     // use newest version of commons-compress to avoid security issues through outdated dependencies
     implementation "org.apache.commons:commons-compress:1.27.1"
 
-
-    // import JHipster dependencies BOM
-    implementation platform("tech.jhipster:jhipster-dependencies:${jhipster_dependencies_version}")
-
     implementation "tech.jhipster:jhipster-framework:${jhipster_dependencies_version}"
-    implementation "org.springframework.boot:spring-boot-starter-cache:${spring_boot_version}"
-    implementation "io.micrometer:micrometer-registry-prometheus:1.14.2"
-    implementation "net.logstash.logback:logstash-logback-encoder:8.0"
 
     // Defines low-level streaming API, and includes JSON-specific implementations
     implementation "com.fasterxml.jackson.core:jackson-core:${fasterxml_version}"
@@ -256,20 +252,21 @@ dependencies {
     implementation "com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:${fasterxml_version}"
 
 
+    // Required for synchronization between nodes and build agents (LocalCI)
     implementation "com.hazelcast:hazelcast:${hazelcast_version}"
     implementation "com.hazelcast:hazelcast-spring:${hazelcast_version}"
-    implementation "com.hazelcast:hazelcast-hibernate53:5.2.0"
+    // Required for Hibernate multi node caching
+    runtimeOnly "com.hazelcast:hazelcast-hibernate53:5.2.0"
 
-    implementation "javax.cache:cache-api:1.1.1"
     implementation "org.hibernate.orm:hibernate-core:${hibernate_version}"
 
+    // Required for jdbc connection pooling to databases
     implementation "com.zaxxer:HikariCP:6.2.1"
 
+    // Required for several dependencies
     implementation "org.apache.commons:commons-text:1.13.0"
     implementation "org.apache.commons:commons-math3:3.6.1"
 
-    implementation "javax.transaction:javax.transaction-api:1.3"
-
     implementation "org.liquibase:liquibase-core:${liquibase_version}"
 
     implementation "org.springframework.boot:spring-boot-starter-validation:${spring_boot_version}"
@@ -295,9 +292,10 @@ dependencies {
     implementation "org.springframework.cloud:spring-cloud-starter-config:${spring_cloud_version}"
     implementation "org.springframework.cloud:spring-cloud-commons:${spring_cloud_version}"
 
-    implementation "io.netty:netty-all:4.1.116.Final"
+    // required by the Websocket Broker Connection in WebsocketConfiguration (due to multi node setup support)
     implementation "io.projectreactor.netty:reactor-netty:1.2.1"
     implementation "org.springframework:spring-messaging:${spring_framework_version}"
+    // required for the connection to Hermes (push notifications)
     implementation "org.springframework.retry:spring-retry:2.0.11"
 
     implementation "org.springframework.security:spring-security-config:${spring_security_version}"
@@ -324,6 +322,7 @@ dependencies {
     runtimeOnly "io.jsonwebtoken:jjwt-impl:${jwt_version}"
     runtimeOnly "io.jsonwebtoken:jjwt-jackson:${jwt_version}"
 
+    // required by sshd-git
     implementation "org.bouncycastle:bcpkix-jdk18on:1.79"
     implementation "org.bouncycastle:bcprov-jdk18on:1.79"
 
@@ -332,19 +331,19 @@ dependencies {
 
     implementation "org.zalando:problem-spring-web:0.29.1"
     implementation "org.zalando:jackson-datatype-problem:0.27.1"
+    // Required by JPlag
     implementation "com.ibm.icu:icu4j-charset:76.1"
+    // Required by exam session service
     implementation "com.github.seancfoley:ipaddress:5.5.1"
+
+    // used for testing and Java Template Upgrade Service
     implementation "org.apache.maven:maven-model:3.9.9"
     implementation "org.apache.pdfbox:pdfbox:3.0.3"
     implementation "org.apache.commons:commons-csv:1.12.0"
     implementation "org.commonmark:commonmark:0.24.0"
     implementation "commons-fileupload:commons-fileupload:1.5"
     implementation "net.lingala.zip4j:zip4j:2.11.5"
-
-    implementation "org.jgrapht:jgrapht-core:1.5.2"
-    // use the latest version explicitly to avoid security vulnerabilities (currently Artemis and JPlag rely on jgrapht 1.5.2 which relies on apfloat)
-    implementation "org.apfloat:apfloat:1.14.0"
-
+
     // use newest version of guava to avoid security issues through outdated dependencies
     implementation "com.google.guava:guava:33.4.0-jre"
     implementation "com.sun.activation:jakarta.activation:2.0.1"
@@ -457,6 +456,12 @@ checkstyle {
     maxErrors = 0
 }
 
+gradleLint {
+    rules  = ['dependency-parentheses']
+//    criticalRules = ['unused-dependency'] // <-- this will fail the build in the event of a violation
+}
+
+
 def isNonStable = { String version ->
     def stableKeyword = ["RELEASE", "FINAL", "GA"].any { it -> version.toUpperCase().contains(it) }
     def regex = /^[0-9,.v-]+(-r)?$/
@@ -491,3 +496,4 @@ tasks.named("dependencyUpdates").configure {
 // 10) Clear Liquibase checksums:                   ./gradlew liquibaseClearChecksums
 // 11) Create changelog between Java and DB         ./gradlew liquibaseDiffChangeLog (make sure to set the correct username and password in liquibase.gradle)
 // 12) Generate initial schema from DB              ./gradlew liquibaseGenerateChangelog (make sure to set the correct username and password in liquibase.gradle)
+// 13) Find unused dependencies                     ./gradlew lintGradle -x webapp

src/main/java/de/tum/cit/aet/artemis/core/config/Constants.java

@@ -316,6 +316,11 @@ public final class Constants {
      */
     public static final String PROFILE_BUILDAGENT = "buildagent";
 
+    /**
+     * The name of the Spring profile used to process build jobs in a local CI setup.
+     */
+    public static final String PROFILE_JENKINS = "jenkins";
+
     /**
      * The name of the Spring profile used for Artemis functionality.
      */

src/main/java/de/tum/cit/aet/artemis/core/config/RestTemplateConfiguration.java

@@ -4,6 +4,7 @@
 import static de.tum.cit.aet.artemis.core.config.Constants.PROFILE_ATHENA;
 import static de.tum.cit.aet.artemis.core.config.Constants.PROFILE_CORE;
 import static de.tum.cit.aet.artemis.core.config.Constants.PROFILE_IRIS;
+import static de.tum.cit.aet.artemis.core.config.Constants.PROFILE_JENKINS;
 
 import java.util.ArrayList;
 
@@ -13,6 +14,7 @@
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Primary;
 import org.springframework.context.annotation.Profile;
+import org.springframework.http.client.ClientHttpRequestFactory;
 import org.springframework.http.client.ClientHttpRequestInterceptor;
 import org.springframework.http.client.SimpleClientHttpRequestFactory;
 import org.springframework.http.converter.HttpMessageConverter;
@@ -47,7 +49,7 @@ public RestTemplate gitlabRestTemplate(GitLabAuthorizationInterceptor gitlabInte
     }
 
     @Bean
-    @Profile("jenkins")
+    @Profile(PROFILE_JENKINS)
     public RestTemplate jenkinsRestTemplate(JenkinsAuthorizationInterceptor jenkinsInterceptor) {
         return initializeRestTemplateWithInterceptors(jenkinsInterceptor, createRestTemplate());
     }
@@ -91,7 +93,7 @@ public RestTemplate shortTimeoutGitlabRestTemplate(GitLabAuthorizationIntercepto
     }
 
     @Bean
-    @Profile("jenkins")
+    @Profile(PROFILE_JENKINS)
     public RestTemplate shortTimeoutJenkinsRestTemplate(JenkinsAuthorizationInterceptor jenkinsInterceptor) {
         return initializeRestTemplateWithInterceptors(jenkinsInterceptor, createShortTimeoutRestTemplate());
     }
@@ -115,7 +117,6 @@ public RestTemplate shortTimeoutHermesRestTemplate() {
 
     // Note: for certain requests, e.g. the Athena submission selection, we would like to have even shorter timeouts.
     // Therefore, we need additional rest templates. It is recommended to keep the timeout settings constant per rest template.
-
     @Bean
     @Profile(PROFILE_ATHENA)
     public RestTemplate veryShortTimeoutAthenaRestTemplate(AthenaAuthorizationInterceptor athenaAuthorizationInterceptor) {
@@ -172,16 +173,19 @@ private RestTemplate createRestTemplate() {
     }
 
     private RestTemplate createShortTimeoutRestTemplate() {
-        var requestFactory = new SimpleClientHttpRequestFactory();
-        requestFactory.setReadTimeout(SHORT_READ_TIMEOUT);
-        requestFactory.setConnectTimeout(SHORT_CONNECTION_TIMEOUT);
+        final var requestFactory = getSimpleClientHttpRequestFactory(SHORT_READ_TIMEOUT, SHORT_CONNECTION_TIMEOUT);
         return new RestTemplate(requestFactory);
     }
 
-    private RestTemplate createVeryShortTimeoutRestTemplate() {
+    private static ClientHttpRequestFactory getSimpleClientHttpRequestFactory(int shortReadTimeout, int shortConnectionTimeout) {
         var requestFactory = new SimpleClientHttpRequestFactory();
-        requestFactory.setReadTimeout(VERY_SHORT_READ_TIMEOUT);
-        requestFactory.setConnectTimeout(VERY_SHORT_CONNECTION_TIMEOUT);
+        requestFactory.setReadTimeout(shortReadTimeout);
+        requestFactory.setConnectTimeout(shortConnectionTimeout);
+        return requestFactory;
+    }
+
+    private RestTemplate createVeryShortTimeoutRestTemplate() {
+        final var requestFactory = getSimpleClientHttpRequestFactory(VERY_SHORT_READ_TIMEOUT, VERY_SHORT_CONNECTION_TIMEOUT);
         return new RestTemplate(requestFactory);
     }
 }