Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add quarkus.liquibase.secure-parsing to allow disabling secure parsing #47186

Merged
merged 1 commit into from
Apr 7, 2025
Merged

Add quarkus.liquibase.secure-parsing to allow disabling secure parsing #47186

merged 1 commit into from
Apr 7, 2025

Conversation

gsmet
Copy link
Member

@gsmet gsmet commented Apr 4, 2025

Fixes #47101

gsmet
gsmet commented Apr 4, 2025
View reviewed changes
...ent/src/test/java/io/quarkus/liquibase/test/LiquibaseExtensionSecureParsingDisabledTest.java Outdated
Comment on lines 26 to 41
try (Liquibase liquibase = liquibaseFactory.createLiquibase()) {
// TODO: this will fail as the system property is not enforced
// List<ChangeSetStatus> status = liquibase.getChangeSetStatuses(liquibaseFactory.createContexts(),
// liquibaseFactory.createLabels());
// assertNotNull(status);
// assertEquals(1, status.size());
// assertEquals("id-1", status.get(0).getChangeSet().getId());
// assertFalse(status.get(0).getWillRun());
}
}
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@geoand this part is annoying: the way you did it with ResettableSystemProperties is appealing but it's also quite fragile as, while it works for the operations we are executing ourselves (because we set and restore the properties manually), it doesn't work for this piece of code for instance as the system properties are not set. Any operation you will perform manually will fail if you don't set and restore the system properties yourself.

I think we have two options here:

  • wrap Liquibase with something that will set and restore the system properties. Given people are supposed to use try with resource, it could make sense as people are supposed to close the instance - if and only if you don't use several instances with different config at the same time but I don't see why you would do that
  • make the config global and not datasource related and set it once and for all from the start. That's what you get when using -D...

Interested in your feedback before I pursue this further.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh, now I see that we are actually mentioning the use of LiquibaseFactory in the docs. In that case, I think the first option makes sense.

@gsmet gsmet mentioned this pull request Apr 4, 2025
Closed
@quarkus-bot quarkus-bot

This comment has been minimized.

Sign in to view
@gsmet gsmet marked this pull request as draft April 4, 2025 15:19
@github-actions GitHub Actions
Copy link

github-actions bot commented Apr 4, 2025
edited
Loading

🎊 PR Preview 4c5720e has been successfully built and deployed to https://quarkus-pr-main-47186-preview.surge.sh/version/main/guides/

  • Images of blog posts older than 3 months are not available.
  • Newsletters older than 3 months are not available.

@gsmet gsmet force-pushed the liquibase-insecure-parsing branch from 16d5498 to 3b5fc9d Compare April 7, 2025 08:13
@gsmet gsmet marked this pull request as ready for review April 7, 2025 08:13
@gsmet gsmet force-pushed the liquibase-insecure-parsing branch from 3b5fc9d to 1f45299 Compare April 7, 2025 08:15
@gsmet
Copy link
Member Author

gsmet commented Apr 7, 2025

@geoand things should be good, now.

geoand
geoand approved these changes Apr 7, 2025
View reviewed changes
Copy link
Contributor

@geoand geoand left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Very nice!

@quarkus-bot quarkus-bot
Copy link

quarkus-bot bot commented Apr 7, 2025
edited by github-actions bot
Loading

Status for workflow Quarkus CI

This is the status report for running Quarkus CI on commit 1f45299.

✅ The latest workflow run for the pull request has completed successfully.

It should be safe to merge provided you have a look at the other checks in the summary.

Warning

There are other workflow runs running, you probably need to wait for their status before merging.

You can consult the Develocity build scans.

@quarkus-bot quarkus-bot
Copy link

quarkus-bot bot commented Apr 7, 2025

Status for workflow Quarkus Documentation CI

This is the status report for running Quarkus Documentation CI on commit 1f45299.

✅ The latest workflow run for the pull request has completed successfully.

It should be safe to merge provided you have a look at the other checks in the summary.

@gsmet gsmet merged commit 9ce6a23 into quarkusio:main Apr 7, 2025
27 checks passed
@quarkus-bot quarkus-bot bot added this to the 3.22 - main milestone Apr 7, 2025
@gsmet gsmet modified the milestones: 3.22 - main, 3.21.2 Apr 8, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@geoand geoand geoand approved these changes

Assignees
No one assigned
Labels
area/liquibase kind/bugfix
Projects
None yet
Milestone
3.21.2
Development

Successfully merging this pull request may close these issues.

liquibase support setting of liquibase.secureParsing in application.properties
2 participants
@gsmet @geoand