From a1268175521329051370b9e412ea78fe1eed3635 Mon Sep 17 00:00:00 2001
From: Milan Panik <5015486+mpanik@users.noreply.github.com>
Date: Thu, 22 Feb 2024 13:32:17 -0500
Subject: [PATCH] [#186993968] Update to JDK21 and Spring Boot 3

---
 ci/e2e-tests/Dockerfile                       |  13 +-
 ci/impl/Dockerfile                            |   4 +-
 e2e-tests/pom.xml                             |  96 ++++-----
 pom.xml                                       | 195 +++++++++---------
 .../com/dnastack/wes/api/WesV1Controller.java |   2 +-
 .../wes/cromwell/CromwellWesMapper.java       |   2 +-
 .../dnastack/wes/registry/Ga4ghService.java   |   2 +-
 .../dnastack/wes/registry/Organization.java   |   2 +-
 .../dnastack/wes/registry/ServiceType.java    |   2 +-
 .../wes/security/BasicAuthSecurityConfig.java |  40 ++--
 .../wes/security/NoAuthSecurityConfig.java    |  19 +-
 .../wes/security/OAuthSecurityConfig.java     |  45 ++--
 .../PassportSecurityConfiguration.java        |   6 +-
 .../dnastack/wes/security/XForwardUtil.java   |   2 +-
 .../wes/storage/AzureBlobStorageClient.java   |  12 +-
 .../wes/storage/BlobStorageClient.java        |   2 +-
 .../workflow/ChecksumWorkflowAuthorizer.java  |   2 +-
 src/main/resources/application.yaml           |   6 +-
 18 files changed, 220 insertions(+), 232 deletions(-)

diff --git a/ci/e2e-tests/Dockerfile b/ci/e2e-tests/Dockerfile
index dab4848..e3b99f6 100644
--- a/ci/e2e-tests/Dockerfile
+++ b/ci/e2e-tests/Dockerfile
@@ -6,7 +6,8 @@
 
 # This stage depends on a JDK image and uses Maven Wrapper to pull in dependencies and build the project
 # from source.
-FROM amazoncorretto:17-alpine AS build
+FROM amazoncorretto:21-al2023 AS build
+
 ARG APP_NAME
 ARG APP_VERSION
 
@@ -47,10 +48,7 @@ RUN ./mvnw -P -dnastack -B -o process-test-classes
 
 # This stage uses a JRE rather than JDK because it doesn't have to build anything; it just runs the fat jar
 # produced by the previous stage.
-FROM amazoncorretto:17-alpine
-
-ARG APP_NAME
-ARG APP_VERSION
+FROM amazoncorretto:21-alpine
 
 # Create a non-root user
 RUN adduser -D -h /home/testuser testuser
@@ -71,9 +69,4 @@ WORKDIR /home/testuser
 
 ENV E2E_SCREENSHOT_DIR /target
 
-# If the container has a memory limit, that limit (in bytes) is present in a file under /sys/fs/cgroup
-# In Linux 5.10.76, the value comes from memory.max.
-# If the container doesn't have a set memory limit, the file contains "max", hence we fall back to a default value of 2GiB
-# In Linux 5.4.129, the value comes from memory/memory.limit_in_bytes
-# If the container doesn't have a set memory limit, the file will be blank, hence we fall back to a default value of 2Gib
 ENTRYPOINT ["./mvnw", "-B", "-o", "-DreportsDirectory=/target/surefire-reports", "test"]
\ No newline at end of file
diff --git a/ci/impl/Dockerfile b/ci/impl/Dockerfile
index f9e65b2..9187bf1 100644
--- a/ci/impl/Dockerfile
+++ b/ci/impl/Dockerfile
@@ -6,7 +6,7 @@
 
 # This stage depends on a JDK image and uses Maven Wrapper to pull in dependencies and build the project
 # from source.
-FROM azul/zulu-openjdk:17.0.3 AS build
+FROM amazoncorretto:21-al2023 AS build
 ARG APP_NAME
 ARG APP_VERSION
 
@@ -46,7 +46,7 @@ RUN ./mvnw -P -dnastack -B -o package
 
 # This stage uses a JRE rather than JDK because it doesn't have to build anything; it just runs the fat jar
 # produced by the previous stage.
-FROM azul/zulu-openjdk:17.0.3-jre
+FROM amazoncorretto:21-alpine
 ARG APP_NAME
 ARG APP_VERSION
 
diff --git a/e2e-tests/pom.xml b/e2e-tests/pom.xml
index d8e6537..2c89dc4 100644
--- a/e2e-tests/pom.xml
+++ b/e2e-tests/pom.xml
@@ -10,25 +10,27 @@
     <description>E2E tests for DNAstack WES Translator</description>
 
     <properties>
-        <java.version>17</java.version>
+        <java.version>21</java.version>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
         <maven.compiler.source>${java.version}</maven.compiler.source>
         <maven.compiler.target>${java.version}</maven.compiler.target>
-        <maven-compiler-plugin.version>3.8.1</maven-compiler-plugin.version>
-        <maven-surefire-plugin.version>3.0.0-M5</maven-surefire-plugin.version>
-        <reportsDirectory/>
-        <junit.version>5.8.2</junit.version>
-        <restassured.version>4.5.1</restassured.version>
-        <slf4j.version>2.0.1</slf4j.version>
-        <jackson.version>2.13.2</jackson.version>
-        <jackson-databind.version>2.13.4</jackson-databind.version>
-        <groovy.version>3.0.13</groovy.version>
-        <awaitility.version>4.0.3</awaitility.version>
-        <awaitility.version>4.0.3</awaitility.version>
-        <lombok.version>1.18.24</lombok.version>
-        <actuator-e2e-test.version>1.0.3</actuator-e2e-test.version>
+        <maven.compiler.plugin.version>3.8.1</maven.compiler.plugin.version>
+        <maven.surefire.plugin.version>3.0.0-M7</maven.surefire.plugin.version>
+        <maven.go-offline.plugin.version>1.2.8</maven.go-offline.plugin.version>
+        <!-- DNAstack Libs -->
+        <dnastack.actuator-e2e-test.version>1.0.4</dnastack.actuator-e2e-test.version>
+        <!-- Other -->
+        <lombok.version>1.18.30</lombok.version>
+        <junit.version>5.10.1</junit.version>
+        <webdriver.version>5.6.3</webdriver.version>
+        <selenium.version>4.16.1</selenium.version>
+        <restassured.version>5.4.0</restassured.version>
+        <slf4j.version>2.0.10</slf4j.version>
+        <awaitility.version>4.2.0</awaitility.version>
+        <jackson.version>2.16.1</jackson.version>
         <jfairy.version>0.5.9</jfairy.version>
+        <gcloud.version>1.3.2</gcloud.version>
     </properties>
 
     <dependencyManagement>
@@ -54,22 +56,12 @@
         <dependency>
             <groupId>com.dnastack</groupId>
             <artifactId>actuator-e2e-test</artifactId>
-            <version>${actuator-e2e-test.version}</version>
+            <version>${dnastack.actuator-e2e-test.version}</version>
         </dependency>
         <dependency>
-            <groupId>org.slf4j</groupId>
-            <artifactId>slf4j-api</artifactId>
-            <version>${slf4j.version}</version>
-        </dependency>
-        <dependency>
-            <groupId>org.slf4j</groupId>
-            <artifactId>slf4j-simple</artifactId>
-            <version>${slf4j.version}</version>
-        </dependency>
-        <dependency>
-            <groupId>org.slf4j</groupId>
-            <artifactId>jcl-over-slf4j</artifactId>
-            <version>${slf4j.version}</version>
+            <groupId>com.google.cloud</groupId>
+            <artifactId>google-cloud-resourcemanager</artifactId>
+            <version>${gcloud.version}</version>
         </dependency>
         <dependency>
             <groupId>org.projectlombok</groupId>
@@ -85,7 +77,7 @@
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-databind</artifactId>
-            <version>${jackson-databind.version}</version>
+            <version>${jackson.version}</version>
         </dependency>
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
@@ -108,27 +100,6 @@
                 </exclusion>
             </exclusions>
         </dependency>
-        <dependency>
-            <groupId>io.rest-assured</groupId>
-            <artifactId>json-path</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>io.rest-assured</groupId>
-            <artifactId>xml-path</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>io.rest-assured</groupId>
-            <artifactId>rest-assured-common</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>io.rest-assured</groupId>
-            <artifactId>json-schema-validator</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.codehaus.groovy</groupId>
-            <artifactId>groovy</artifactId>
-            <version>${groovy.version}</version>
-        </dependency>
         <dependency>
             <groupId>org.junit.jupiter</groupId>
             <artifactId>junit-jupiter-api</artifactId>
@@ -141,10 +112,21 @@
             <groupId>org.junit.jupiter</groupId>
             <artifactId>junit-jupiter-params</artifactId>
         </dependency>
+        <!-- Logging -->
         <dependency>
-            <groupId>com.google.cloud</groupId>
-            <artifactId>google-cloud-resourcemanager</artifactId>
-            <version>1.3.2</version>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-api</artifactId>
+            <version>${slf4j.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-simple</artifactId>
+            <version>${slf4j.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>jcl-over-slf4j</artifactId>
+            <version>${slf4j.version}</version>
         </dependency>
     </dependencies>
 
@@ -165,7 +147,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-compiler-plugin</artifactId>
-                <version>${maven-compiler-plugin.version}</version>
+                <version>${maven.compiler.plugin.version}</version>
                 <configuration>
                     <release>${java.version}</release>
                     <compilerArgs>
@@ -177,7 +159,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-surefire-plugin</artifactId>
-                <version>${maven-surefire-plugin.version}</version>
+                <version>${maven.surefire.plugin.version}</version>
                 <configuration>
                     <reportsDirectory>${reportsDirectory}</reportsDirectory>
                     <dependenciesToScan>
@@ -189,7 +171,7 @@
             <plugin>
                 <groupId>de.qaware.maven</groupId>
                 <artifactId>go-offline-maven-plugin</artifactId>
-                <version>1.2.8</version>
+                <version>${maven.go-offline.plugin.version}</version>
                 <configuration>
                     <downloadSources>false</downloadSources>
                     <downloadJavadoc>false</downloadJavadoc>
@@ -197,7 +179,7 @@
                         <DynamicDependency>
                             <groupId>org.apache.maven.surefire</groupId>
                             <artifactId>surefire-junit-platform</artifactId>
-                            <version>3.0.0-M5</version>
+                            <version>${maven.surefire.plugin.version}</version>
                             <repositoryType>PLUGIN</repositoryType>
                         </DynamicDependency>
                         <dynamicDependency>
diff --git a/pom.xml b/pom.xml
index f308273..ebd3f30 100644
--- a/pom.xml
+++ b/pom.xml
@@ -7,55 +7,55 @@
     <parent>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-parent</artifactId>
-        <version>2.7.15</version>
+        <version>3.2.2</version>
         <relativePath/> <!-- lookup parent from repository -->
     </parent>
 
     <groupId>com.dnastack</groupId>
     <artifactId>cromwell-wes-service</artifactId>
-    <version>1.1.0-SNAPSHOT</version>
+    <version>1.2.0-SNAPSHOT</version>
     <packaging>jar</packaging>
 
     <name>cromwell-wes-service</name>
-    <description>Light weight shim that sits on top of cromwell converting the cromwell REST API into a powerful WES
-        api
+    <description>
+        Light weight shim that sits on top of cromwell
+        converting the cromwell REST API into a powerful WES api
     </description>
 
     <properties>
-        <java.version>17</java.version>
+        <java.version>21</java.version>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
         <maven.compiler.source>${java.version}</maven.compiler.source>
         <maven.compiler.target>${java.version}</maven.compiler.target>
-        <maven-surefire-plugin.version>3.0.0-M5</maven-surefire-plugin.version>
-        <spring-cloud.version>2021.0.8</spring-cloud.version>
-        <logback.version>1.2.10</logback.version>
-        <logback-extensions.version>1.0.0</logback-extensions.version>
-        <logback.contrib.version>0.1.5</logback.contrib.version>
-        <springdoc.version>1.6.13</springdoc.version>
-        <dnastack-token-validator.version>1.0.9</dnastack-token-validator.version>
-        <audit-event-logger.version>1.0.15</audit-event-logger.version>
-        <okhttpclient.version>4.9.3</okhttpclient.version>
-        <jwt.version>0.11.2</jwt.version>
-        <feign-form.version>3.8.0</feign-form.version>
+        <maven.surefire.plugin.version>3.0.0-M7</maven.surefire.plugin.version>
+        <maven.go-offline.plugin.version>1.2.8</maven.go-offline.plugin.version>
+        <!-- Sonar -->
+        <sonar.dependency-check.plugin.version>7.4.1</sonar.dependency-check.plugin.version>
+        <sonar.dependency-check.jsonReportPath>target/dependency-check-report.json</sonar.dependency-check.jsonReportPath>
+        <sonar.dependency-check.htmlReportPath>target/dependency-check-report.html</sonar.dependency-check.htmlReportPath>
+        <sonar.dependency-check.summarize>true</sonar.dependency-check.summarize>
+        <!-- DNAstack Libs -->
+        <dnastack.token-validator.version>1.0.11</dnastack.token-validator.version>
+        <dnastack.spring-boot-audit-event-logger.version>1.0.17</dnastack.spring-boot-audit-event-logger.version>
+        <dnastack.logback-extensions.version>1.0.0</dnastack.logback-extensions.version>
+        <!-- SDKs and APIs -->
         <azurestorage.version>12.9.0</azurestorage.version>
-        <sonar.dependencyCheck.jsonReportPath>target/dependency-check-report.json</sonar.dependencyCheck.jsonReportPath>
-        <sonar.dependencyCheck.htmlReportPath>target/dependency-check-report.html</sonar.dependencyCheck.htmlReportPath>
-        <sonar.dependencyCheck.summarize>true</sonar.dependencyCheck.summarize>
         <azure-sdk.version>1.2.8</azure-sdk.version>
         <gcloud.storage.version>2.20.1</gcloud.storage.version>
         <gcloud.auth.version>1.16.0</gcloud.auth.version>
+        <!-- Other -->
+        <spring-cloud.version>2023.0.0</spring-cloud.version>
+        <springdoc-openapi.version>2.3.0</springdoc-openapi.version>
+        <logback.version>1.4.5</logback.version>
+        <logback.contrib.version>0.1.5</logback.contrib.version>
+        <jjwt.version>0.12.3</jjwt.version>
+        <okhttp3.version>4.12.0</okhttp3.version>
+        <feign-form.version>3.8.0</feign-form.version>
     </properties>
 
     <dependencyManagement>
         <dependencies>
-            <dependency>
-                <groupId>org.springframework.boot</groupId>
-                <artifactId>spring-boot-starter-parent</artifactId>
-                <type>pom</type>
-                <scope>import</scope>
-                <version>2.7.5</version>
-            </dependency>
             <dependency>
                 <groupId>org.springframework.cloud</groupId>
                 <artifactId>spring-cloud-dependencies</artifactId>
@@ -98,6 +98,24 @@
     </dependencyManagement>
 
     <dependencies>
+        <!-- DNAstack -->
+        <dependency>
+            <groupId>com.dnastack</groupId>
+            <artifactId>dnastack-token-validator</artifactId>
+            <version>${dnastack.token-validator.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>com.dnastack</groupId>
+            <artifactId>logback-extensions</artifactId>
+            <version>${dnastack.logback-extensions.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>com.dnastack</groupId>
+            <artifactId>spring-boot-audit-event-logger</artifactId>
+            <version>${dnastack.spring-boot-audit-event-logger.version}</version>
+        </dependency>
+
+        <!-- Spring -->
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-web</artifactId>
@@ -106,35 +124,47 @@
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-actuator</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-actuator-autoconfigure</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-configuration-processor</artifactId>
+            <optional>true</optional>
+        </dependency>
 
         <!-- Metrics -->
         <dependency>
             <groupId>io.micrometer</groupId>
             <artifactId>micrometer-registry-prometheus</artifactId>
         </dependency>
+        <dependency>
+            <groupId>io.micrometer</groupId>
+            <artifactId>micrometer-tracing-bridge-brave</artifactId>
+        </dependency>
 
-        <!--Supporting-->
+        <!-- Springdoc -->
         <dependency>
-            <groupId>com.dnastack</groupId>
-            <artifactId>dnastack-token-validator</artifactId>
-            <version>${dnastack-token-validator.version}</version>
+            <groupId>org.springdoc</groupId>
+            <artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
+            <version>${springdoc-openapi.version}</version>
         </dependency>
         <dependency>
-            <groupId>com.dnastack</groupId>
-            <artifactId>spring-boot-audit-event-logger</artifactId>
-            <version>${audit-event-logger.version}</version>
+            <groupId>org.springdoc</groupId>
+            <artifactId>springdoc-openapi-starter-webmvc-api</artifactId>
+            <version>${springdoc-openapi.version}</version>
         </dependency>
+
+        <!--Supporting-->
         <dependency>
             <groupId>org.projectlombok</groupId>
             <artifactId>lombok</artifactId>
         </dependency>
-        <dependency>
-            <groupId>org.springframework.cloud</groupId>
-            <artifactId>spring-cloud-starter-sleuth</artifactId>
-        </dependency>
         <dependency>
             <groupId>com.squareup.okhttp3</groupId>
             <artifactId>okhttp</artifactId>
+            <version>${okhttp.version}</version>
         </dependency>
         <dependency>
             <groupId>com.fasterxml.jackson.datatype</groupId>
@@ -161,55 +191,46 @@
             <groupId>io.github.openfeign</groupId>
             <artifactId>feign-jackson</artifactId>
         </dependency>
-
         <dependency>
-            <!-- Starter for using Spring Security -->
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-security</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.springframework.security</groupId>
-            <artifactId>spring-security-oauth2-jose</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.springframework.security</groupId>
-            <artifactId>spring-security-oauth2-resource-server</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.springframework.security.oauth.boot</groupId>
-            <artifactId>spring-security-oauth2-autoconfigure</artifactId>
+            <groupId>org.apache.commons</groupId>
+            <artifactId>commons-lang3</artifactId>
         </dependency>
 
-        <!-- JSON Web Token Support -->
+        <!-- Security -->
         <dependency>
             <groupId>io.jsonwebtoken</groupId>
             <artifactId>jjwt-impl</artifactId>
-            <version>${jwt.version}</version>
+            <version>${jjwt.version}</version>
             <scope>runtime</scope>
         </dependency>
         <dependency>
             <groupId>io.jsonwebtoken</groupId>
             <artifactId>jjwt-jackson</artifactId>
-            <version>${jwt.version}</version>
+            <version>${jjwt.version}</version>
             <scope>runtime</scope>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-configuration-processor</artifactId>
-            <optional>true</optional>
+            <artifactId>spring-boot-starter-security</artifactId>
         </dependency>
-
-        <!-- Parseable Stackdriver Logs -->
         <dependency>
-            <groupId>com.dnastack</groupId>
-            <artifactId>logback-extensions</artifactId>
-            <version>${logback-extensions.version}</version>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-oauth2-jose</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-oauth2-resource-server</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-oauth2-client</artifactId>
         </dependency>
         <dependency>
             <groupId>ch.qos.logback.contrib</groupId>
             <artifactId>logback-jackson</artifactId>
             <version>${logback.contrib.version}</version>
         </dependency>
+
         <!-- Cloud Dependencies -->
         <dependency>
             <groupId>com.azure</groupId>
@@ -224,29 +245,17 @@
             <artifactId>google-auth-library-oauth2-http</artifactId>
         </dependency>
 
-        <dependency>
-            <groupId>org.apache.commons</groupId>
-            <artifactId>commons-lang3</artifactId>
-        </dependency>
-
-        <!-- Springfox -->
-        <dependency>
-            <groupId>org.springdoc</groupId>
-            <artifactId>springdoc-openapi-ui</artifactId>
-            <version>${springdoc.version}</version>
-        </dependency>
-        <dependency>
-            <groupId>org.springdoc</groupId>
-            <artifactId>springdoc-openapi-security</artifactId>
-            <version>${springdoc.version}</version>
-        </dependency>
-
-
-        <!--        Test Dependencies -->
+        <!-- Test -->
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-test</artifactId>
             <scope>test</scope>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.junit.vintage</groupId>
+                    <artifactId>junit-vintage-engine</artifactId>
+                </exclusion>
+            </exclusions>
         </dependency>
         <dependency>
             <groupId>org.junit.jupiter</groupId>
@@ -254,27 +263,19 @@
             <scope>test</scope>
         </dependency>
         <dependency>
-            <groupId>org.junit.jupiter</groupId>
-            <artifactId>junit-jupiter-api</artifactId>
+            <groupId>org.junit.platform</groupId>
+            <artifactId>junit-platform-launcher</artifactId>
             <scope>test</scope>
         </dependency>
     </dependencies>
 
-    <repositories>
-        <repository>
-            <id>spring-milestones</id>
-            <name>Spring Milestones</name>
-            <url>https://repo.spring.io/milestone</url>
-        </repository>
-    </repositories>
-
     <build>
         <pluginManagement>
             <plugins>
                 <plugin>
                     <groupId>org.owasp</groupId>
                     <artifactId>dependency-check-maven</artifactId>
-                    <version>7.1.0</version>
+                    <version>${sonar.dependency-check.plugin.version}</version>
                     <configuration>
                         <format>ALL</format>
                     </configuration>
@@ -304,17 +305,17 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-resources-plugin</artifactId>
-                <version>3.1.0</version>
+                <version>${maven-resources-plugin.version}</version>
             </plugin>
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-surefire-plugin</artifactId>
-                <version>3.0.0-M5</version>
+                <version>${maven.surefire.plugin.version}</version>
             </plugin>
             <plugin>
                 <groupId>de.qaware.maven</groupId>
                 <artifactId>go-offline-maven-plugin</artifactId>
-                <version>1.2.8</version>
+                <version>${maven.go-offline.plugin.version}</version>
                 <configuration>
                     <downloadSources>false</downloadSources>
                     <downloadJavadoc>false</downloadJavadoc>
@@ -322,7 +323,7 @@
                         <DynamicDependency>
                             <groupId>org.apache.maven.surefire</groupId>
                             <artifactId>surefire-junit-platform</artifactId>
-                            <version>3.0.0-M5</version>
+                            <version>${maven.surefire.plugin.version}</version>
                             <repositoryType>PLUGIN</repositoryType>
                         </DynamicDependency>
                         <dynamicDependency>
diff --git a/src/main/java/com/dnastack/wes/api/WesV1Controller.java b/src/main/java/com/dnastack/wes/api/WesV1Controller.java
index de472b8..f98ad8a 100644
--- a/src/main/java/com/dnastack/wes/api/WesV1Controller.java
+++ b/src/main/java/com/dnastack/wes/api/WesV1Controller.java
@@ -17,7 +17,7 @@
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;
 
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.util.HashMap;
 import java.util.List;
diff --git a/src/main/java/com/dnastack/wes/cromwell/CromwellWesMapper.java b/src/main/java/com/dnastack/wes/cromwell/CromwellWesMapper.java
index 751c5d6..7f652f1 100644
--- a/src/main/java/com/dnastack/wes/cromwell/CromwellWesMapper.java
+++ b/src/main/java/com/dnastack/wes/cromwell/CromwellWesMapper.java
@@ -6,13 +6,13 @@
 import com.fasterxml.jackson.core.type.TypeReference;
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import jakarta.servlet.http.HttpServletRequest;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Service;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
 import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
 
-import javax.servlet.http.HttpServletRequest;
 import java.io.IOException;
 import java.nio.file.Paths;
 import java.util.*;
diff --git a/src/main/java/com/dnastack/wes/registry/Ga4ghService.java b/src/main/java/com/dnastack/wes/registry/Ga4ghService.java
index be5c628..9d81653 100644
--- a/src/main/java/com/dnastack/wes/registry/Ga4ghService.java
+++ b/src/main/java/com/dnastack/wes/registry/Ga4ghService.java
@@ -32,7 +32,7 @@ public class Ga4ghService implements Cloneable {
     private List<PublicAuthenticationConfiguration> authentication;
 
     @Override
-    public Ga4ghService clone() {
+    public Ga4ghService clone() throws CloneNotSupportedException {
         Ga4ghService ga4ghService;
         try {
             ga4ghService = (Ga4ghService) super.clone();
diff --git a/src/main/java/com/dnastack/wes/registry/Organization.java b/src/main/java/com/dnastack/wes/registry/Organization.java
index 62e3f39..cadba65 100644
--- a/src/main/java/com/dnastack/wes/registry/Organization.java
+++ b/src/main/java/com/dnastack/wes/registry/Organization.java
@@ -15,7 +15,7 @@ public class Organization implements Cloneable {
     private String url;
 
     @Override
-    protected Organization clone() {
+    protected Organization clone() throws CloneNotSupportedException {
         try {
             return (Organization) super.clone();
         } catch (CloneNotSupportedException e) {
diff --git a/src/main/java/com/dnastack/wes/registry/ServiceType.java b/src/main/java/com/dnastack/wes/registry/ServiceType.java
index 2e5317e..9477f06 100644
--- a/src/main/java/com/dnastack/wes/registry/ServiceType.java
+++ b/src/main/java/com/dnastack/wes/registry/ServiceType.java
@@ -16,7 +16,7 @@ public class ServiceType implements Cloneable {
     private String version;
 
     @Override
-    protected ServiceType clone() {
+    protected ServiceType clone() throws CloneNotSupportedException {
         try {
             return (ServiceType) super.clone();
         } catch (CloneNotSupportedException e) {
diff --git a/src/main/java/com/dnastack/wes/security/BasicAuthSecurityConfig.java b/src/main/java/com/dnastack/wes/security/BasicAuthSecurityConfig.java
index 38add38..af89c31 100644
--- a/src/main/java/com/dnastack/wes/security/BasicAuthSecurityConfig.java
+++ b/src/main/java/com/dnastack/wes/security/BasicAuthSecurityConfig.java
@@ -4,7 +4,9 @@
 import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
@@ -14,6 +16,8 @@
 
 import java.util.Objects;
 
+import static org.springframework.security.web.util.matcher.AntPathRequestMatcher.antMatcher;
+
 @Configuration
 @ConditionalOnExpression("'${wes.auth.method}' == 'BASIC_AUTH'")
 public class BasicAuthSecurityConfig {
@@ -45,24 +49,24 @@ public boolean matches(CharSequence rawPassword, String encodedPassword) {
 
     @Bean
     protected SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-        http.sessionManagement()
-            .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
-            .and()
-            .cors()
-            .disable()
-            .csrf()
-            .disable()
-            .authorizeRequests()
-            .antMatchers("/services", "/actuator/info**", "/actuator/health", "/actuator/health/**", "/service-info", "/docs/**")
-            .permitAll()
-            .antMatchers("/ga4gh/wes/v1/service-info")
-            .permitAll()
-            .antMatchers("/actuator/**")
-            .authenticated()
-            .antMatchers("/**")
-            .authenticated()
-            .and()
-            .httpBasic();
+        http.sessionManagement(sessionConfig -> sessionConfig.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+            .cors(AbstractHttpConfigurer::disable)
+            .csrf(AbstractHttpConfigurer::disable)
+            .authorizeHttpRequests(requestConfig -> requestConfig.requestMatchers(
+                    antMatcher("/services"),
+                    antMatcher("/actuator/info**"),
+                    antMatcher("/actuator/health"),
+                    antMatcher("/actuator/health/**"),
+                    antMatcher("/service-info"),
+                    antMatcher("/docs/**"),
+                    antMatcher("/ga4gh/wes/v1/service-info")
+                ).permitAll()
+                .requestMatchers(
+                    antMatcher("/actuator/**"),
+                    antMatcher("/**")
+                ).authenticated())
+            .httpBasic(Customizer.withDefaults());
+
         return http.build();
     }
 
diff --git a/src/main/java/com/dnastack/wes/security/NoAuthSecurityConfig.java b/src/main/java/com/dnastack/wes/security/NoAuthSecurityConfig.java
index 38c83d0..954fd1f 100644
--- a/src/main/java/com/dnastack/wes/security/NoAuthSecurityConfig.java
+++ b/src/main/java/com/dnastack/wes/security/NoAuthSecurityConfig.java
@@ -4,9 +4,12 @@
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.SecurityFilterChain;
 
+import static org.springframework.security.web.util.matcher.AntPathRequestMatcher.antMatcher;
+
 
 @Configuration
 @ConditionalOnExpression("'${wes.auth.method}' == 'NO_AUTH'")
@@ -14,16 +17,14 @@ public class NoAuthSecurityConfig {
 
     @Bean
     protected SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-        http.sessionManagement()
-            .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
-            .and()
-            .cors().disable()
-            .csrf().disable()
-            .authorizeRequests()
-            .antMatchers("/**")
-            .permitAll();
+        http.sessionManagement(sessionConfig -> sessionConfig.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+            .cors(AbstractHttpConfigurer::disable)
+            .csrf(AbstractHttpConfigurer::disable)
+            .authorizeHttpRequests(requestConfig -> requestConfig.requestMatchers(
+                    antMatcher("/**")
+                ).permitAll());
+
         return http.build();
     }
 
-
 }
diff --git a/src/main/java/com/dnastack/wes/security/OAuthSecurityConfig.java b/src/main/java/com/dnastack/wes/security/OAuthSecurityConfig.java
index 803a147..bfeec2d 100644
--- a/src/main/java/com/dnastack/wes/security/OAuthSecurityConfig.java
+++ b/src/main/java/com/dnastack/wes/security/OAuthSecurityConfig.java
@@ -19,8 +19,10 @@
 import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.oauth2.jwt.Jwt;
 import org.springframework.security.oauth2.jwt.JwtDecoder;
@@ -30,6 +32,8 @@
 import java.util.List;
 import java.util.concurrent.TimeUnit;
 
+import static org.springframework.security.web.util.matcher.AntPathRequestMatcher.antMatcher;
+
 /**
  * Configure JWT Authentication for the WES server
  */
@@ -42,25 +46,24 @@ public class OAuthSecurityConfig {
 
     @Bean
     protected SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-        http.sessionManagement()
-            .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
-            .and()
-            .cors()
-            .disable()
-            .csrf()
-            .disable()
-            .authorizeRequests()
-            .antMatchers("/services", "/actuator/info**", "/actuator/health", "/actuator/health/**", "/service-info", "/docs/**")
-            .permitAll()
-            .antMatchers("/ga4gh/wes/v1/service-info")
-            .permitAll()
-            .antMatchers("/actuator/**")
-            .authenticated()
-            .antMatchers("/**")
-            .authenticated()
-            .and()
-            .oauth2ResourceServer()
-            .jwt();
+        http.sessionManagement(sessionConfig -> sessionConfig.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+            .cors(AbstractHttpConfigurer::disable)
+            .csrf(AbstractHttpConfigurer::disable)
+            .authorizeHttpRequests(requestConfig -> requestConfig.requestMatchers(
+                    antMatcher("/services"),
+                    antMatcher("/actuator/info**"),
+                    antMatcher("/actuator/health"),
+                    antMatcher("/actuator/health/**"),
+                    antMatcher("/service-info"),
+                    antMatcher("/docs/**"),
+                    antMatcher("/ga4gh/wes/v1/service-info")
+                ).permitAll()
+                .requestMatchers(
+                    antMatcher("/actuator/**"),
+                    antMatcher("/**")
+                ).authenticated())
+            .oauth2ResourceServer(outhConfig -> outhConfig.jwt(Customizer.withDefaults()));
+
         return http.build();
     }
 
@@ -111,8 +114,8 @@ public JwtDecoder jwtDecoder(JwtTokenParser jwtTokenParser) {
         return jwtToken -> {
             try {
                 final Jws<Claims> jws = jwtTokenParser.parseTokenClaims(jwtToken);
-                final JwsHeader<?> headers = jws.getHeader();
-                final Claims claims = jws.getBody();
+                final JwsHeader headers = jws.getHeader();
+                final Claims claims = jws.getPayload();
                 return new Jwt(jwtToken, claims.getIssuedAt().toInstant(), claims.getExpiration().toInstant(), headers, claims);
             } catch (JwtException e) {
                 throw new org.springframework.security.oauth2.jwt.BadJwtException(e.getMessage(), e);
diff --git a/src/main/java/com/dnastack/wes/security/PassportSecurityConfiguration.java b/src/main/java/com/dnastack/wes/security/PassportSecurityConfiguration.java
index 1e9f3f1..b3d622f 100644
--- a/src/main/java/com/dnastack/wes/security/PassportSecurityConfiguration.java
+++ b/src/main/java/com/dnastack/wes/security/PassportSecurityConfiguration.java
@@ -19,9 +19,7 @@
 import org.springframework.security.oauth2.jwt.Jwt;
 import org.springframework.security.oauth2.jwt.JwtDecoder;
 
-import java.time.Duration;
 import java.util.List;
-import java.util.concurrent.TimeUnit;
 
 /**
  * Configure API level Authorization enforcing the <code>@PreAuthorize</code> annotations for all controller methods. Permissions
@@ -54,8 +52,8 @@ public JwtDecoder jwtDecoder(JwtTokenParser jwtTokenParser, PermissionChecker pe
             try {
                 permissionChecker.checkPermissions(jwtToken);
                 final Jws<Claims> jws = jwtTokenParser.parseTokenClaims(jwtToken);
-                final JwsHeader<?> headers = jws.getHeader();
-                final Claims claims = jws.getBody();
+                final JwsHeader headers = jws.getHeader();
+                final Claims claims = jws.getPayload();
                 return new Jwt(jwtToken, claims.getIssuedAt().toInstant(), claims.getExpiration().toInstant(), headers, claims);
             } catch (JwtException e) {
                 throw new org.springframework.security.oauth2.jwt.BadJwtException(e.getMessage(), e);
diff --git a/src/main/java/com/dnastack/wes/security/XForwardUtil.java b/src/main/java/com/dnastack/wes/security/XForwardUtil.java
index 549289f..3cd82b3 100644
--- a/src/main/java/com/dnastack/wes/security/XForwardUtil.java
+++ b/src/main/java/com/dnastack/wes/security/XForwardUtil.java
@@ -1,10 +1,10 @@
 package com.dnastack.wes.security;
 
+import jakarta.servlet.http.HttpServletRequest;
 import org.springframework.http.HttpRequest;
 import org.springframework.http.server.reactive.ServerHttpRequest;
 import org.springframework.security.web.savedrequest.SavedRequest;
 
-import javax.servlet.http.HttpServletRequest;
 import java.net.MalformedURLException;
 import java.net.URI;
 import java.net.URL;
diff --git a/src/main/java/com/dnastack/wes/storage/AzureBlobStorageClient.java b/src/main/java/com/dnastack/wes/storage/AzureBlobStorageClient.java
index bd29b08..83b40eb 100644
--- a/src/main/java/com/dnastack/wes/storage/AzureBlobStorageClient.java
+++ b/src/main/java/com/dnastack/wes/storage/AzureBlobStorageClient.java
@@ -115,8 +115,16 @@ public void readBytes(OutputStream outputStream, String blobUri, HttpRange httpR
         }
 
         BlobRange range = new BlobRange(rangeStart, rangeEnd - rangeStart);
-        blobClient.downloadWithResponse(outputStream, range, new DownloadRetryOptions()
-            .setMaxRetryRequests(3), null, false, null, null);
+        blobClient.downloadStreamWithResponse(
+            outputStream,
+            range,
+            new DownloadRetryOptions()
+            .setMaxRetryRequests(3),
+            null,
+            false,
+            null,
+            null
+        );
     }
 
     @Override
diff --git a/src/main/java/com/dnastack/wes/storage/BlobStorageClient.java b/src/main/java/com/dnastack/wes/storage/BlobStorageClient.java
index 2ad51aa..ac5fe43 100644
--- a/src/main/java/com/dnastack/wes/storage/BlobStorageClient.java
+++ b/src/main/java/com/dnastack/wes/storage/BlobStorageClient.java
@@ -2,7 +2,7 @@
 
 import org.springframework.http.HttpRange;
 
-import javax.annotation.Nullable;
+import jakarta.annotation.Nullable;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
diff --git a/src/main/java/com/dnastack/wes/workflow/ChecksumWorkflowAuthorizer.java b/src/main/java/com/dnastack/wes/workflow/ChecksumWorkflowAuthorizer.java
index ffaae79..1b77c92 100644
--- a/src/main/java/com/dnastack/wes/workflow/ChecksumWorkflowAuthorizer.java
+++ b/src/main/java/com/dnastack/wes/workflow/ChecksumWorkflowAuthorizer.java
@@ -9,7 +9,7 @@
 import org.springframework.stereotype.Component;
 import org.springframework.web.multipart.MultipartFile;
 
-import javax.xml.bind.DatatypeConverter;
+import jakarta.xml.bind.DatatypeConverter;
 import java.io.InputStream;
 import java.net.URI;
 import java.security.MessageDigest;
diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
index b8f6d26..487f266 100644
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -4,6 +4,8 @@ server:
     include-message: always         # To include "message" attribute
     include-binding-errors: always  # To include "errors" attribute
 
+build.version: @project.version@
+
 spring:
   application:
     name: cromwell-wes-service
@@ -14,8 +16,6 @@ spring:
   servlet:
     multipart:
       enabled: true
-  zipkin:
-    enabled: false
 
 logging:
   level:
@@ -47,8 +47,6 @@ info:
     url: ${wes.url}
     version: "${project.version}"
 
-build.version: @project.version@
-
 wes:
   url: http://localhost:${server.port}
   service-info: