fix(openapi): Rewrite Swagger to OpenAPI annotations

build.gradle

@@ -18,6 +18,7 @@ plugins {
   id 'io.spinnaker.project' version "$spinnakerGradleVersion" apply false
   id "org.jetbrains.kotlin.jvm" version "$kotlinVersion" apply false
   id "org.jetbrains.kotlin.plugin.allopen" version "$kotlinVersion" apply false
+
 }
 
 allprojects {

front50-web/front50-web.gradle

@@ -35,7 +35,7 @@ dependencies {
   implementation "io.spinnaker.kork:kork-web"
   implementation "io.spinnaker.kork:kork-exceptions"
   implementation "com.squareup.retrofit:converter-jackson"
-  implementation "io.swagger:swagger-annotations"
+  implementation "io.swagger.core.v3:swagger-annotations"
   implementation "commons-codec:commons-codec"
   implementation "javax.validation:validation-api"
 

front50-web/src/main/java/com/netflix/spinnaker/front50/controllers/AdminController.java

@@ -18,8 +18,8 @@
 
 import com.netflix.spinnaker.front50.model.AdminOperations;
 import com.netflix.spinnaker.front50.model.ObjectType;
-import io.swagger.annotations.Api;
-import io.swagger.annotations.ApiOperation;
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.tags.Tag;
 import java.util.Collection;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.RequestBody;
@@ -29,7 +29,7 @@
 
 @RestController
 @RequestMapping("/admin")
-@Api(value = "admin", description = "Various administrative operations")
+@Tag(name = "admin", description = "Various administrative operations")
 public class AdminController {
 
   private final Collection<AdminOperations> adminOperations;
@@ -39,7 +39,7 @@ public AdminController(Collection<AdminOperations> adminOperations) {
     this.adminOperations = adminOperations;
   }
 
-  @ApiOperation(value = "", notes = "Recover a previously deleted object")
+  @Operation(summary = "", description = "Recover a previously deleted object")
   @RequestMapping(value = "/recover", method = RequestMethod.POST)
   void recover(@RequestBody AdminOperations.Recover operation) {
     adminOperations.forEach(o -> o.recover(operation));

front50-web/src/main/java/com/netflix/spinnaker/front50/controllers/DeliveryController.java

@@ -4,7 +4,7 @@
 import com.netflix.spinnaker.front50.model.delivery.Delivery;
 import com.netflix.spinnaker.front50.model.delivery.DeliveryRepository;
 import com.netflix.spinnaker.kork.web.exceptions.NotFoundException;
-import io.swagger.annotations.ApiOperation;
+import io.swagger.v3.oas.annotations.Operation;
 import java.util.Collection;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
@@ -25,35 +25,35 @@ public DeliveryController(DeliveryRepository deliveryRepository) {
   }
 
   @PostFilter("hasPermission(filterObject.application, 'APPLICATION', 'READ')")
-  @ApiOperation(value = "", notes = "Get all delivery configs")
+  @Operation(summary = "", description = "Get all delivery configs")
   @RequestMapping(method = RequestMethod.GET, value = "/deliveries")
   Collection<Delivery> getAllConfigs() {
     return deliveryRepository.getAllConfigs();
   }
 
   @PreAuthorize("hasPermission(#application, 'APPLICATION', 'READ')")
-  @ApiOperation(value = "", notes = "Get the delivery configs for an application")
+  @Operation(summary = "", description = "Get the delivery configs for an application")
   @RequestMapping(method = RequestMethod.GET, value = "/applications/{application}/deliveries")
   Collection<Delivery> getConfigByAppName(@PathVariable String application) {
     return deliveryRepository.getConfigsByApplication(application);
   }
 
   @PostAuthorize("hasPermission(returnObject.application, 'APPLICATION', 'READ')")
-  @ApiOperation(value = "", notes = "Get a delivery config by id")
+  @Operation(summary = "", description = "Get a delivery config by id")
   @RequestMapping(method = RequestMethod.GET, value = "deliveries/{id}")
   Delivery getConfigById(@PathVariable String id) {
     return deliveryRepository.findById(id);
   }
 
   @PreAuthorize("hasPermission(#config.application, 'APPLICATION', 'WRITE')")
-  @ApiOperation(value = "", notes = "Create a delivery config")
+  @Operation(summary = "", description = "Create a delivery config")
   @RequestMapping(method = RequestMethod.POST, value = "/deliveries")
   Delivery createConfig(@RequestBody Delivery config) {
     return deliveryRepository.upsertConfig(config);
   }
 
   @PreAuthorize("hasPermission(#config.application, 'APPLICATION', 'WRITE')")
-  @ApiOperation(value = "", notes = "Update a delivery config")
+  @Operation(summary = "", description = "Update a delivery config")
   @RequestMapping(method = RequestMethod.PUT, value = "/deliveries/{id}")
   Delivery upsertConfig(@PathVariable String id, @RequestBody Delivery config) {
     if (!id.equals(config.getId())) {
@@ -71,7 +71,7 @@ Delivery upsertConfig(@PathVariable String id, @RequestBody Delivery config) {
   }
 
   @PreAuthorize("hasPermission(#application, 'APPLICATION', 'WRITE')")
-  @ApiOperation(value = "", notes = "Delete a delivery config")
+  @Operation(summary = "", description = "Delete a delivery config")
   @RequestMapping(
       method = RequestMethod.DELETE,
       value = "/applications/{application}/deliveries/{id}")

front50-web/src/main/java/com/netflix/spinnaker/front50/controllers/PermissionsController.java

@@ -2,7 +2,7 @@
 
 import com.netflix.spinnaker.front50.ApplicationPermissionsService;
 import com.netflix.spinnaker.front50.model.application.Application;
-import io.swagger.annotations.ApiOperation;
+import io.swagger.v3.oas.annotations.Operation;
 import java.util.Set;
 import org.springframework.web.bind.annotation.*;
 
@@ -16,7 +16,7 @@ public PermissionsController(ApplicationPermissionsService permissionsService) {
     this.permissionsService = permissionsService;
   }
 
-  @ApiOperation(value = "", notes = "Get all application permissions. Internal use only.")
+  @Operation(summary = "", description = "Get all application permissions. Internal use only.")
   @RequestMapping(method = RequestMethod.GET, value = "/applications")
   public Set<Application.Permission> getAllApplicationPermissions() {
     return permissionsService.getAllApplicationPermissions();
@@ -27,7 +27,7 @@ public Application.Permission getApplicationPermission(@PathVariable String appN
     return permissionsService.getApplicationPermission(appName);
   }
 
-  @ApiOperation(value = "", notes = "Create an application permission.")
+  @Operation(summary = "", description = "Create an application permission.")
   @RequestMapping(method = RequestMethod.POST, value = "/applications")
   public Application.Permission createApplicationPermission(
       @RequestBody Application.Permission newPermission) {

front50-web/src/main/java/com/netflix/spinnaker/front50/controllers/v2/ApplicationsController.java

@@ -13,8 +13,8 @@
 import com.netflix.spinnaker.front50.model.application.ApplicationPermissionDAO;
 import com.netflix.spinnaker.front50.model.application.ApplicationService;
 import com.netflix.spinnaker.kork.web.exceptions.NotFoundException;
-import io.swagger.annotations.Api;
-import io.swagger.annotations.ApiOperation;
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.tags.Tag;
 import java.util.*;
 import java.util.stream.Collectors;
 import javax.servlet.http.HttpServletResponse;
@@ -30,7 +30,7 @@
 
 @RestController
 @RequestMapping("/v2/applications")
-@Api(value = "application", description = "Application API")
+@Tag(name = "application", description = "Application API")
 public class ApplicationsController {
 
   private static final Logger log = LoggerFactory.getLogger(ApplicationsController.class);
@@ -62,9 +62,9 @@ public ApplicationsController(
 
   @PreAuthorize("#restricted ? @fiatPermissionEvaluator.storeWholePermission() : true")
   @PostFilter("#restricted ? hasPermission(filterObject.name, 'APPLICATION', 'READ') : true")
-  @ApiOperation(
-      value = "",
-      notes =
+  @Operation(
+      summary = "",
+      description =
           "Fetch all applications.\n\nSupports filtering by one or more attributes:\n- ?email=my@email.com\n- ?email=my@email.com&name=flex")
   @RequestMapping(method = RequestMethod.GET)
   public List<Application> applications(
@@ -113,7 +113,7 @@ public List<Application> applications(
   }
 
   @PreAuthorize("@fiatPermissionEvaluator.canCreate('APPLICATION', #app)")
-  @ApiOperation(value = "", notes = "Create an application")
+  @Operation(summary = "", description = "Create an application")
   @RequestMapping(method = RequestMethod.POST)
   public Application create(@RequestBody final Application app) {
     if (applicationService.findByName(app.getName()) != null) {
@@ -135,15 +135,15 @@ public Application create(@RequestBody final Application app) {
   }
 
   @PreAuthorize("hasPermission(#applicationName, 'APPLICATION', 'WRITE')")
-  @ApiOperation(value = "", notes = "Delete an application")
+  @Operation(summary = "", description = "Delete an application")
   @RequestMapping(method = RequestMethod.DELETE, value = "/{applicationName:.+}")
   public void delete(@PathVariable String applicationName, HttpServletResponse response) {
     applicationService.delete(applicationName);
     response.setStatus(HttpStatus.NO_CONTENT.value());
   }
 
   @PreAuthorize("hasPermission(#app.name, 'APPLICATION', 'WRITE')")
-  @ApiOperation(value = "", notes = "Update an existing application by merging the attributes")
+  @Operation(summary = "", description = "Update an existing application by merging the attributes")
   @RequestMapping(method = RequestMethod.PATCH, value = "/{applicationName:.+}")
   public Application update(
       @PathVariable final String applicationName, @RequestBody final Application app) {
@@ -158,7 +158,9 @@ public Application update(
   }
 
   @PreAuthorize("hasPermission(#app.name, 'APPLICATION', 'WRITE')")
-  @ApiOperation(value = "", notes = "Update an existing application by replacing all attributes")
+  @Operation(
+      summary = "",
+      description = "Update an existing application by replacing all attributes")
   @RequestMapping(method = RequestMethod.PUT, value = "/{applicationName:.+}")
   public Application replace(
       @PathVariable final String applicationName, @RequestBody final Application app) {
@@ -173,7 +175,7 @@ public Application replace(
   }
 
   @PostAuthorize("hasPermission(#applicationName, 'APPLICATION', 'READ')")
-  @ApiOperation(value = "", notes = "Fetch a single application by name")
+  @Operation(summary = "", description = "Fetch a single application by name")
   @RequestMapping(method = RequestMethod.GET, value = "/{applicationName:.+}")
   public Application get(@PathVariable final String applicationName) {
     Application app = applicationDAO.findByName(applicationName.toUpperCase());

front50-web/src/main/java/com/netflix/spinnaker/front50/controllers/v2/ProjectsController.java

@@ -25,8 +25,8 @@
 import com.netflix.spinnaker.front50.model.project.Project;
 import com.netflix.spinnaker.front50.model.project.ProjectDAO;
 import com.netflix.spinnaker.kork.web.exceptions.NotFoundException;
-import io.swagger.annotations.Api;
-import io.swagger.annotations.ApiOperation;
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.tags.Tag;
 import java.util.*;
 import java.util.function.Predicate;
 import java.util.stream.Collectors;
@@ -38,7 +38,7 @@
 
 @RestController
 @RequestMapping(value = "/v2/projects", produces = MediaType.APPLICATION_JSON_VALUE)
-@Api(value = "projects", description = "Project API")
+@Tag(name = "projects", description = "Project API")
 public class ProjectsController {
 
   private static final Splitter COMMA_SPLITTER = Splitter.on(',');
@@ -50,9 +50,9 @@ public ProjectsController(ProjectDAO projectDAO) {
   }
 
   @RequestMapping(value = "/search", method = RequestMethod.GET)
-  @ApiOperation(
-      value = "",
-      notes =
+  @Operation(
+      summary = "",
+      description =
           "Search for projects given one or more attributes.\n\n- /search?q=ProjectName\n- /search?q=ApplicationName\n")
   public Set<Project> search(@RequestParam("q") final String query) {
     return projectDAO.all().stream()
@@ -64,9 +64,9 @@ public Set<Project> search(@RequestParam("q") final String query) {
         .collect(Collectors.toSet());
   }
 
-  @ApiOperation(
-      value = "",
-      notes =
+  @Operation(
+      summary = "",
+      description =
           "Fetch all projects.\n\n    Support filtering by one or more attributes:\n    - ?name=projectName\n    - ?email=my@email.com")
   @RequestMapping(method = RequestMethod.GET)
   public List<Project> projects(
@@ -78,7 +78,7 @@ public List<Project> projects(
     return (pageSize == null) ? projects : projects.subList(0, Math.min(pageSize, projects.size()));
   }
 
-  @ApiOperation(value = "", notes = "Fetch a single project")
+  @Operation(summary = "", description = "Fetch a single project")
   @RequestMapping(method = RequestMethod.GET, value = "/{projectId}")
   public Project project(@PathVariable String projectId) {
     try {
@@ -88,7 +88,7 @@ public Project project(@PathVariable String projectId) {
     }
   }
 
-  @ApiOperation(value = "", notes = "Update an existing project")
+  @Operation(summary = "", description = "Update an existing project")
   @RequestMapping(method = RequestMethod.PUT, value = "/{projectId}")
   public Project put(@PathVariable final String projectId, @RequestBody final Project project) {
     Project existingProject = projectDAO.findById(projectId);
@@ -110,7 +110,7 @@ public Project put(@PathVariable final String projectId, @RequestBody final Proj
     return project;
   }
 
-  @ApiOperation(value = "", notes = "Create a project")
+  @Operation(summary = "", description = "Create a project")
   @RequestMapping(method = RequestMethod.POST)
   public Project create(@RequestBody final Project project) {
     project.setCreateTs(System.currentTimeMillis());
@@ -202,7 +202,7 @@ private static boolean clusterHasMatchingApplication(
         .orElse(false);
   }
 
-  @ApiOperation(value = "", notes = "Delete a project")
+  @Operation(summary = "", description = "Delete a project")
   @RequestMapping(method = RequestMethod.DELETE, value = "/{projectId}")
   public void delete(@PathVariable String projectId, HttpServletResponse response) {
     projectDAO.delete(projectId);

gradle.properties

@@ -1,6 +1,6 @@
 fiatVersion=1.51.0
 includeProviders=azure,gcs,oracle,redis,s3,swift,sql
-korkVersion=7.245.0
+korkVersion=7.247.0
 org.gradle.parallel=true
 spinnakerGradleVersion=8.32.1
 targetJava17=true