This is an automated email from the ASF dual-hosted git repository. wu-sheng pushed a commit to branch fix/e2e-cve-fixtures in repository https://gitbox.apache.org/repos/asf/skywalking.git
commit 256c273b950090869240c66e247dd015c7f1aa95 Author: Wu Sheng <[email protected]> AuthorDate: Thu Jun 18 12:38:08 2026 +0800 Drop EOL log4j 1.x from e2e-service-provider (clear 2 CVE alerts) log4j:log4j 1.2.17 is end-of-life; one of its Dependabot alerts has NO patched version. The e2e provider already exercises log-to-OAP through log4j2 (apm-toolkit-log4j-2.x, GRPCLogClientAppender in log4j2.xml) and logback in parallel, so dropping the log4j 1.x path keeps log-reporting coverage. - pom: remove log4j:log4j + apm-toolkit-log4j-1.x deps and the log4j.version property - LogController/FileLogController: remove the log4j 1.x logger; the log4j2 logger now imports org.apache.logging.log4j.Logger and uses the short name - delete log4j.properties (log4j 1.x only) - kafka/log filebeat+fluentd expected files: drop the log4j-1.x fileLogger items (collector path globs /tmp/skywalking-logs/*/, so no collector-config change) --- .../cases/kafka/log/expected/logs-filebeat.yml | 31 ---------------------- .../cases/kafka/log/expected/logs-fluentd.yml | 21 --------------- .../java-test-service/e2e-service-provider/pom.xml | 11 -------- .../e2e/controller/FileLogController.java | 6 ++--- .../skywalking/e2e/controller/LogController.java | 7 ++--- .../src/main/resources/log4j.properties | 26 ------------------ 6 files changed, 4 insertions(+), 98 deletions(-) diff --git a/test/e2e-v2/cases/kafka/log/expected/logs-filebeat.yml b/test/e2e-v2/cases/kafka/log/expected/logs-filebeat.yml index d7cf95622a..238aedb209 100644 --- a/test/e2e-v2/cases/kafka/log/expected/logs-filebeat.yml +++ b/test/e2e-v2/cases/kafka/log/expected/logs-filebeat.yml @@ -48,37 +48,6 @@ logs: - key: agentName value: {{ notEmpty .value }} {{- end }} -- servicename: e2e-service-provider - serviceid: {{ b64enc "e2e-service-provider" }}.1 - serviceinstancename: provider1 - serviceinstanceid: {{ b64enc "e2e-service-provider" }}.1_{{ b64enc "provider1" }} - endpointname: null - endpointid: null - traceid: {{ .traceid }} - timestamp: {{ gt .timestamp 0 }} - contenttype: TEXT - content: {{ regexp .content "log4j fileLogger.+"}} - tags: - {{- contains .tags }} - - key: level - value: INFO - - key: logger - value: fileLogger - - key: thread - value: {{ notEmpty .value }} - - key: logfile - value: /tmp/skywalking-logs/log4j1/e2e-service-provider.log - - key: hostname - value: {{ notEmpty .value }} - - key: agent - value: filebeat - - key: agentVersion - value: {{ notEmpty .value }} - - key: agentId - value: {{ notEmpty .value }} - - key: agentName - value: {{ notEmpty .value }} - {{- end }} - servicename: e2e-service-provider serviceid: {{ b64enc "e2e-service-provider" }}.1 serviceinstancename: provider1 diff --git a/test/e2e-v2/cases/kafka/log/expected/logs-fluentd.yml b/test/e2e-v2/cases/kafka/log/expected/logs-fluentd.yml index 827f51d97a..29db321612 100644 --- a/test/e2e-v2/cases/kafka/log/expected/logs-fluentd.yml +++ b/test/e2e-v2/cases/kafka/log/expected/logs-fluentd.yml @@ -38,27 +38,6 @@ logs: - key: agent value: fluentd {{- end }} -- servicename: e2e-service-provider - serviceid: {{ b64enc "e2e-service-provider" }}.1 - serviceinstancename: provider1 - serviceinstanceid: {{ b64enc "e2e-service-provider" }}.1_{{ b64enc "provider1" }} - endpointname: null - endpointid: null - traceid: {{ .traceid }} - timestamp: {{ gt .timestamp 0 }} - contenttype: TEXT - content: {{ regexp .content "log4j fileLogger.+"}} - tags: - {{- contains .tags }} - - key: level - value: INFO - - key: logger - value: fileLogger - - key: thread - value: {{ notEmpty .value }} - - key: agent - value: fluentd - {{- end }} - servicename: e2e-service-provider serviceid: {{ b64enc "e2e-service-provider" }}.1 serviceinstancename: provider1 diff --git a/test/e2e-v2/java-test-service/e2e-service-provider/pom.xml b/test/e2e-v2/java-test-service/e2e-service-provider/pom.xml index 74b73f137c..eec89aaf0f 100644 --- a/test/e2e-v2/java-test-service/e2e-service-provider/pom.xml +++ b/test/e2e-v2/java-test-service/e2e-service-provider/pom.xml @@ -34,7 +34,6 @@ <artifactId>e2e-service-provider</artifactId> <properties> - <log4j.version>1.2.17</log4j.version> <log4j2.version>2.25.4</log4j2.version> <logback.version>1.2.13</logback.version> </properties> @@ -65,11 +64,6 @@ <artifactId>apm-toolkit-micrometer-registry</artifactId> <version>8.2.0</version> </dependency> - <dependency> - <groupId>log4j</groupId> - <artifactId>log4j</artifactId> - <version>${log4j.version}</version> - </dependency> <dependency> <groupId>org.apache.logging.log4j</groupId> <artifactId>log4j-api</artifactId> @@ -90,11 +84,6 @@ <artifactId>apm-toolkit-logback-1.x</artifactId> <version>${sw.version}</version> </dependency> - <dependency> - <groupId>org.apache.skywalking</groupId> - <artifactId>apm-toolkit-log4j-1.x</artifactId> - <version>${sw.version}</version> - </dependency> <dependency> <groupId>org.apache.skywalking</groupId> <artifactId>apm-toolkit-log4j-2.x</artifactId> diff --git a/test/e2e-v2/java-test-service/e2e-service-provider/src/main/java/org/apache/skywalking/e2e/controller/FileLogController.java b/test/e2e-v2/java-test-service/e2e-service-provider/src/main/java/org/apache/skywalking/e2e/controller/FileLogController.java index b02295ad45..81df2b6801 100644 --- a/test/e2e-v2/java-test-service/e2e-service-provider/src/main/java/org/apache/skywalking/e2e/controller/FileLogController.java +++ b/test/e2e-v2/java-test-service/e2e-service-provider/src/main/java/org/apache/skywalking/e2e/controller/FileLogController.java @@ -17,8 +17,8 @@ package org.apache.skywalking.e2e.controller; -import org.apache.log4j.Logger; import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; import org.apache.skywalking.apm.toolkit.trace.TraceContext; import org.slf4j.LoggerFactory; import org.springframework.web.bind.annotation.RequestMapping; @@ -27,13 +27,11 @@ import org.springframework.web.bind.annotation.RestController; @RestController public class FileLogController { - private static final Logger LOG4J_LOGGER = Logger.getLogger("fileLogger"); - private static final org.apache.logging.log4j.Logger LOG4J2_LOGGER = LogManager.getLogger("fileLogger"); + private static final Logger LOG4J2_LOGGER = LogManager.getLogger("fileLogger"); private static final org.slf4j.Logger LOGBACK_LOGGER = LoggerFactory.getLogger("fileLogger"); @RequestMapping(value = "/file/logs/trigger") public String trigger() { - LOG4J_LOGGER.info("log4j fileLogger ==> mills-> " + System.currentTimeMillis()); LOG4J2_LOGGER.info("log4j2 fileLogger ==> mills->" + System.currentTimeMillis()); LOGBACK_LOGGER.info("logback fileLogger ==> mills-> {}", System.currentTimeMillis()); return TraceContext.traceId(); diff --git a/test/e2e-v2/java-test-service/e2e-service-provider/src/main/java/org/apache/skywalking/e2e/controller/LogController.java b/test/e2e-v2/java-test-service/e2e-service-provider/src/main/java/org/apache/skywalking/e2e/controller/LogController.java index 16970f106d..0b21967c5d 100644 --- a/test/e2e-v2/java-test-service/e2e-service-provider/src/main/java/org/apache/skywalking/e2e/controller/LogController.java +++ b/test/e2e-v2/java-test-service/e2e-service-provider/src/main/java/org/apache/skywalking/e2e/controller/LogController.java @@ -17,8 +17,8 @@ package org.apache.skywalking.e2e.controller; -import org.apache.log4j.Logger; import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; import org.apache.skywalking.apm.toolkit.trace.TraceContext; import org.slf4j.LoggerFactory; import org.springframework.web.bind.annotation.RequestMapping; @@ -27,14 +27,11 @@ import org.springframework.web.bind.annotation.RestController; @RestController public class LogController { - private static final Logger LOG4J_LOGGER = Logger.getLogger(LogController.class); - private static final org.apache.logging.log4j.Logger LOG4J2_LOGGER = LogManager.getLogger( - LogController.class); + private static final Logger LOG4J2_LOGGER = LogManager.getLogger(LogController.class); private static final org.slf4j.Logger LOGBACK_LOGGER = LoggerFactory.getLogger(LogController.class); @RequestMapping(value = "/logs/trigger") public String trigger() { - LOG4J_LOGGER.info("log4j message==> now-> " + System.currentTimeMillis()); LOG4J2_LOGGER.info("log4j2 message==> now-> " + System.currentTimeMillis()); LOGBACK_LOGGER.info("logback message==> now-> {}", System.currentTimeMillis()); return TraceContext.traceId(); diff --git a/test/e2e-v2/java-test-service/e2e-service-provider/src/main/resources/log4j.properties b/test/e2e-v2/java-test-service/e2e-service-provider/src/main/resources/log4j.properties deleted file mode 100644 index 56a721e0ad..0000000000 --- a/test/e2e-v2/java-test-service/e2e-service-provider/src/main/resources/log4j.properties +++ /dev/null @@ -1,26 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -log4j.rootLogger=info,CustomAppender -log4j.appender.CustomAppender=org.apache.skywalking.apm.toolkit.log.log4j.v1.x.log.GRPCLogClientAppender -log4j.appender.CustomAppender.layout=org.apache.log4j.PatternLayout -log4j.appender.CustomAppender.layout.ConversionPattern=[%t] %-5p %c %x - %m%n - -log4j.logger.fileLogger=info,FileAppender -log4j.appender.FileAppender=org.apache.log4j.FileAppender -log4j.appender.FileAppender.ImmediateFlush=true -log4j.appender.FileAppender.Append=true -log4j.appender.FileAppender.File=/tmp/skywalking-logs/log4j1/e2e-service-provider.log -log4j.appender.FileAppender.layout=org.apache.skywalking.apm.toolkit.log.log4j.v1.x.TraceIdPatternLayout -log4j.appender.FileAppender.layout.ConversionPattern=[%T{SW_CTX}] [%p] %d{yyyy-MM-dd HH:mm:ss.SSS} [%t] %c:%L - %m%n \ No newline at end of file
