- Add security headers:
- X-Frame-Options
- X-Content-Type-Options
- Content-Security-Policy
- Permissions-Policy
- Do not send server information header
Committed-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
Co-authored-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
Co-authored-by: René Pfeuffer <rene.pfeuffer@cloudogu.com>
This uses 'RetryingTest' from junit jupiter to retry integration tests that are known to fail from time to time. We explicitly mark single tests in contrast to set a global retry to be able to trace those, whenever this is intended.
To do so, we have to update to the latest version of JUnit. Unfortunately, this brought a new behaviour for the @TempDir annotation: In contrast to the former behaviour where for one test all annotated parameters got the same directory, in the new version the parameters get different directories assigned. This led to the need of some consolidation between @BeforeEach methods and the related tests.
Committed-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
Co-authored-by: René Pfeuffer <rene.pfeuffer@cloudogu.com>
The new docker health check respects the jetty configuration and uses the configured port and context path.
It supports ssl listeners and follows redirects.
Co-authored-by: Sebastian Sdorra <sebastian.sdorra@cloudogu.com>
Enable gradle dependency locking for all subprojects. This change allows us to use dependency ranges, without loosing reproducible builds.
It also makes it easier for third party services such as snyk to detect dependencies and their versions.
