* Adds metrics support to the OAuth2 middleware
Basic metrics + HTTP endpoint metrics
CHANGELOG_BEGIN
* OAuth2 middleware Service - basic and HTTP endpoint metrics
CHANGELOG_END
* Expose oauth2-middleware metrics with the right component name.
* Moved TriggerServiceMetrics to under right source dir.
Co-authored-by: Miklos Erdelyi <miklos.erdelyi@digitalasset.com>
changelog_begin:
Ledger API:
Previously non-error-code exceptions coming from streaming endpoints but thrown outside of Akka streams were not logged, and reported to clients with gRPC status UNKNOWN. Now they are logged on the server side and reported to clients as errors with LEDGER_API_INTERNAL_ERROR error code
changelog_end
* Use default anchors for daml-prim and daml-stdlib when building docs
This PR introduces two flags for subcommand 'daml docs':
* '--default-input-anchor' to use the default anchors defined by //compiler/damlc:daml-base-anchors.json. This is the default if neither '--input-anchor=PATH' nor '--no-input-anchor' are passed.
* '--no-input-anchor' to use an empty anchor map. This is used to build //compiler/damlc:daml-base-anchors.json, since it cannot depend on itself.
* break cyclic dependency
It turned out that throwing an exception is too strict for the downstream Canton project
which currently fails on CI caused by errors in a number of test suites.
Until they have adapted (see https://github.com/DACH-NY/canton/issues/11083) we only warn about
the errors by default.
For this project we ensure that warnings are fatal.
Changes:
1. Swap the DB index order to facilitate filtration by application ids
2. Filter parties in JVM
3. Fetch results from the DB in a paged fashion
* Add custom viewtype mismatch error
* Modify error message on EViewTypeMismatch to be like GHC error
* Make EUnknownMethodInInterfaceInstance error consistent w/ GHC
* Add MethodTypeMismatch error, sync with GHC error
* Prefix fields in new errors
* Intercept type mismatch in method to throw EMethodTypeMismatch
* Synchronize EUnknownField with GHC-side message
* Complete synchronizing EUnknownField with GHC-side error message
* satisfy lint and changelog check
CHANGELOG_BEGIN
CHANGELOG_END
* lint
* Fix TypingSpec for new EMethodTypeMismatch
* lint
* lint again
* EFieldTypeMismatch error for ERecUpd/ERecProj mismatch, like in GHC
* lint
* add ambiguous prefix check on package which is used to generate code.
* add test case
* Update test description
Co-authored-by: Raymond Roestenburg <98821776+ray-roestenburg-da@users.noreply.github.com>
* pre prefix
* per prefix
* modify test
* lower case
* rollback per prefix code gen
* rollback per prefix code gen
* apply prefixes on unique and main package only
* fix
* move
* rename
* test same main package with different prefixes
* added test case for 2 dar files with same main package but different prefixes
* added test case for dar files with data dependencies
* add a unique package
* fixed CI
* address comment
Co-authored-by: fayi-da <112705750+fayi-da@users.noreply.github.com>
Co-authored-by: Raymond Roestenburg <98821776+ray-roestenburg-da@users.noreply.github.com>
* Add new security categories
* Use test-security framework for OAuth2 middleware
* Regenerate `security-evidence.md`
* Explicitely exit the test-evidence generator
* Use test-security framework for HTTP JSON
* Regenerate `security-evidence.md`
* Add //ledger-service/http-json:integration-tests-lib to evidence generator
* Skip maven artefacts on the classpath
The checker framework artefact (`checker-2.5.4.jar`) causes an `IllegalAccessError` when included in the runpath:
```
Exception in thread "main" java.lang.IllegalAccessError: class com.sun.tools.javac.code.Scope$ImportScope$ImportEntry cannot access its superclass com.sun.tools.javac.code.Scope$Entry (com.sun.tools.javac.code.Scope$ImportScope$ImportEntry is in unnamed module of loader java.net.URLClassLoader @31000e60; com.sun.tools.javac.code.Scope$Entry is in module jdk.compiler of loader app)
at java.base/java.lang.ClassLoader.defineClass1(Native Method)
at java.base/java.lang.ClassLoader.defineClass(ClassLoader.java:1017)
at java.base/java.security.SecureClassLoader.defineClass(SecureClassLoader.java:174)
at java.base/java.net.URLClassLoader.defineClass(URLClassLoader.java:550)
at java.base/java.net.URLClassLoader$1.run(URLClassLoader.java:458)
at java.base/java.net.URLClassLoader$1.run(URLClassLoader.java:452)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at java.base/java.net.URLClassLoader.findClass(URLClassLoader.java:451)
at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:589)
at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:522)
at org.scalatest.tools.SuiteDiscoveryHelper$.isDiscoverableSuite(SuiteDiscoveryHelper.scala:204)
at org.scalatest.tools.SuiteDiscoveryHelper$.processClassName(SuiteDiscoveryHelper.scala:243)
at org.scalatest.tools.SuiteDiscoveryHelper$.$anonfun$processFileNames$1(SuiteDiscoveryHelper.scala:279)
at scala.collection.Iterator$$anon$9.next(Iterator.scala:577)
at scala.collection.Iterator$$anon$6.hasNext(Iterator.scala:474)
at scala.collection.Iterator$$anon$9.hasNext(Iterator.scala:576)
at scala.collection.immutable.List.prependedAll(List.scala:152)
at scala.collection.immutable.List$.from(List.scala:684)
at scala.collection.immutable.List$.from(List.scala:681)
at scala.collection.IterableFactory$Delegate.from(Factory.scala:288)
at scala.collection.immutable.Iterable$.from(Iterable.scala:35)
at scala.collection.immutable.Iterable$.from(Iterable.scala:32)
at scala.collection.IterableFactory$Delegate.from(Factory.scala:288)
at scala.collection.IterableOnceExtensionMethods$.toIterable$extension(IterableOnce.scala:178)
at org.scalatest.tools.SuiteDiscoveryHelper$.processFileNames(SuiteDiscoveryHelper.scala:285)
at org.scalatest.tools.SuiteDiscoveryHelper$.$anonfun$discoverSuiteNames$1(SuiteDiscoveryHelper.scala:132)
at scala.collection.immutable.List.map(List.scala:250)
```
* Regenerate `security-evidence.md`
* Convert remaining TEST_EVIDENCE stanzas of HTTP JSON
* Regenerate `security-evidence.md`
* Use test-security framework for HTTP JSON
* Regenerate `security-evidence.md`
* Print warning when a test suite could not be loaded
* Fix typo
* Use test-security framework for HTTP JSON
* Read files in tests lazily
The test-evidence generator tool needs to instantiate scalatest test suites in order
to access the tagged tests and collect relavant test entries.
* Use test-security framework for HTTP JSON
* Regenerate `security-evidence.md`
* Regenerate `security-evidence.md`
* Use test-security framework for HTTP JSON
* Regenerate `security-evidence.md`
* Use test-security framework for HTTP JSON
* Regenerate `security-evidence.md`
* Use test-security framework for HTTP JSON
* Regenerate `security-evidence.md`
* Use test-security framework for trigger service
* Use structural type to call `in` and `ignore` for different classes
* Remove Authentication category from EvidenceSecurity tool
There are no TEST_EVIDENCE annotations anymore.
* Add required trigger-runner-lib
* Import `scala.language.reflectiveCalls` where it is needed
* Remove left-over comments
* Add `test_evidence_binary` scala binary rule
This rule is a customized `scala_binary` rule which also accepts a `tests` attr and
generates a runpath file which is later consumed by scalatest to detect the relevant
scalatest test suites.
* Process test suites, add transitive deps
* Support nested tests_suites in `test_evidence_binary`
* Remove debug print's
* Add missing dependencies to test-evidence:generator
* Abort if test suites cannot be loaded
* Cleanup
* Reinstate scalacopts in http-json
* Reword the test description to not drop information
* Fix typo
* Explicitly exit the JVM on exceptions
This is required since non-daemon threads also prevent JVM shutdown when an exception was thrown.
* Format test-evidence/BUILD.bazel
* Resolve file paths lazily
This avoids a `NullPointerException` on Windows where Runfiles.rlocation returns `null`.
* Document new Security properties
* Print target directory and file name
* Clarify test descriptions
* Replace duplicate Security properties
Co-authored-by: Stephen Compall <stephen.compall@daml.com>Co-authored-by: Stephen Compall <stephen.compall@daml.com>
It looks like, at least on some machnes, recent Node versions will not
resove localhost to 127.0.0.1 anymore.
There wasn't really a good reason for us going through DNS resolution
for these anyway, so here's a simple fix. Hopefully.
