Fix: handle null CarbonApp resources in management API #4444
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
...nagement.apis/src/main/java/org/wso2/micro/integrator/management/apis/CarbonAppResource.java
Outdated
Show resolved
Hide resolved
Comment on lines
+504
to
+509
| // Filter out dependency JARs for synapse/lib type | ||
| if ("lib".equals(type) && !isActualConnector(artifactName)) { | ||
| if (log.isDebugEnabled()) { | ||
| log.debug("Filtering out dependency artifact: " + artifactName); | ||
| } | ||
| continue; |
Contributor
There was a problem hiding this comment.
Log Improvement Suggestion No: 2
Suggested change
| // Filter out dependency JARs for synapse/lib type | |
| if ("lib".equals(type) && !isActualConnector(artifactName)) { | |
| if (log.isDebugEnabled()) { | |
| log.debug("Filtering out dependency artifact: " + artifactName); | |
| } | |
| continue; | |
| // Filter out dependency JARs for synapse/lib type | |
| if ("lib".equals(type) && !isActualConnector(artifactName)) { | |
| if (log.isDebugEnabled()) { | |
| log.debug("Filtering out dependency artifact: " + artifactName); | |
| } | |
| log.info("Excluded dependency artifact from response: " + artifactName); | |
| continue; |
Contributor
There was a problem hiding this comment.
AI Agent Log Improvement Checklist
- The log-related comments and suggestions in this review were generated by an AI tool to assist with identifying potential improvements. Purpose of reviewing the code for log improvements is to improve the troubleshooting capabilities of our products.
- Please make sure to manually review and validate all suggestions before applying any changes. Not every code suggestion would make sense or add value to our purpose. Therefore, you have the freedom to decide which of the suggestions are helpful.
✅ Before merging this pull request:
- Review all AI-generated comments for accuracy and relevance.
- Complete and verify the table below. We need your feedback to measure the accuracy of these suggestions and the value they add. If you are rejecting a certain code suggestion, please mention the reason briefly in the suggestion for us to capture it.
| Comment | Accepted (Y/N) | Reason |
|---|---|---|
| #### Log Improvement Suggestion No: 1 | ||
| #### Log Improvement Suggestion No: 2 |
….integrator.management.apis/src/main/java/org/wso2/micro/integrator/management/apis/CarbonAppResource.java find the place Co-authored-by: wso2-engineering[bot] <229087779+wso2-engineering[bot]@users.noreply.github.com>
arunans23
reviewed
Nov 7, 2025
| } | ||
|
|
||
| // Common dependency patterns to exclude | ||
| String[] dependencyPatterns = { |
Member
There was a problem hiding this comment.
IMO, this is not the best way to identify the connector dependencies. This is not future-proof and we have to keep on updating this list.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Purpose
Resolves: https://github.com/wso2/product-micro-integrator/issues/4121
Fixes an issue in the Integration Control Plane (ICP) where connector dependency JARs (such as
kafka-clients,avro,jedis,scala-library) were incorrectly displayed as connectors in the Carbon Applications detailed view.This caused confusion for users trying to identify actual connectors versus their transitive dependencies.
Problem Statement
When the Management API returns Carbon Application artifacts, it includes all artifacts of type
synapse/libwithout distinguishing between:✅ Actual connectors (e.g.,
mi-connector-kafka,mi-inbound-kafka)❌ Dependency libraries (e.g.,
kafka-clients-3.7.0,avro-1.11.3,jedis-3.6.0)This resulted in:
Cluttered ICP Dashboard with unnecessary dependency JARs
Confusion identifying actual connectors
Poor user experience in managing Carbon Applications
Difficulty troubleshooting connector issues
Solution
Implemented intelligent filtering logic in
CarbonAppResource.javato distinguish actual connectors from dependency JARs.Highlights
Added new
isActualConnector()method with pattern matchingFilters out known dependency patterns (
kafka-clients,avro,jedis,commons,netty, etc.)Retains actual connectors (
mi-connector-*,mi-inbound-*,org.wso2.carbon.connector*)Handles edge cases with versioned or non-standard artifact names
Logs filtered dependencies at DEBUG level for transparency
Changes Made
Modified File
Key Updates
Added
isActualConnector(String artifactName)(lines 98–146)Identifies actual connectors
Filters common dependency patterns
Handles version suffixes safely
Enhanced
convertCarbonAppToJsonObject()(lines 493–500)Filters out dependencies from
synapse/libartifactsIncludes only actual connectors in JSON response
Code Snippet
Testing Performed
Environment
OS: Windows 11
Java: Adoptium OpenJDK 11.0.28
Product: WSO2 Micro Integrator 4.5.0-SNAPSHOT
Tools: PowerShell (
Invoke-RestMethod), Management APITest Scenarios
✅ Kafka Connector CApp:
Only
mi-connector-kafkaappears; dependencies (kafka-clients,avro, etc.) excluded.✅ MongoDB Connector CApp:
Only actual connector shown;
jedis,mongo-java-driverfiltered.✅ File Connector CApp:
Only connector visible;
commons-vfsremoved.✅ Multiple Connectors:
Confirmed multiple connectors display cleanly with no dependencies.
API Endpoints Tested
GET /management/applicationsGET /management/applications?carbonAppName={name}Before Fix
After Fix
Filtered Dependency Patterns
Security Considerations
✅ Followed secure coding practices (OWASP)
✅ No exposure of sensitive data
✅ No changes to authentication or authorization layers
✅ No information disclosure risks
✅ Backward-compatible behavior maintained
Backward Compatibility
✅ No breaking changes to Management API contract
✅ Same JSON response structure maintained
✅ Only removes unnecessary dependency artifacts
✅ ICP Dashboard & automation scripts remain unaffected
Release Note
Performance Impact
⚙️ Minimal overhead (simple in-memory string pattern checks)
🚫 No additional DB or network operations
🧠 Per-artifact filtering within existing JSON serialization step
Future Enhancements
Externalize dependency patterns via configuration file
Introduce explicit
dependency=true/falsemetadata inartifact.xmlExtend filtering to other artifact types if needed
Edge Cases Handled
Artifacts with version suffixes (
library-1.2.3)Non-standard naming conventions
Mixed connector and non-connector libs in the same Carbon App
Checklist
Code follows WSO2 conventions
Self-reviewed
Added JavaDoc for new methods
Added debug logs for filtered artifacts
Tested locally with multiple connector scenarios
No compiler warnings introduced
No deprecated APIs used
Related issue linked in PR
Screenshots
Before Fix (ICP Dashboard)
Shows dependencies mixed with connectors:
After Fix (ICP Dashboard)
Displays only actual connectors: