[WFCORE-7247] [Community] Filtering mechanism for management audit logging and configuration change history

[yersan]

Jira issue: https://issues.redhat.com/browse/WFCORE-7247

WildFly propossal: wildfly/wildfly-proposals#769

[yersan]

Still a draft since I still see some gray areas and want to get some early feedback:

1. I'm not sure if how we are finding the attributes flagged as Redactable in the ModelNode that represents the current operation is correct. We have to find recursively over all the ModelNode paths. See https://github.com/yersan/wildfly-core/blob/a44b627f3b6bc03b806646da7bfb51934bf03061/controller/src/main/java/org/jboss/as/controller/AbstractOperationContext.java#L690-L735

2. Similarly, we need to identify which attributes were flagged with the Redactable flag, but we also have complex attribute definitions that can contain other attribute definitions and that could produce an arbitrary deeph path. See https://github.com/yersan/wildfly-core/blob/a44b627f3b6bc03b806646da7bfb51934bf03061/controller/src/main/java/org/jboss/as/controller/OperationDefinition.java#L120-L153

3. The bump of the management XSD versions, it seems code was only prepared to take into account the schema with the maximun version across all the stability levels, so I was being forced to bump both default xsd to 21 and community xsd to 21, since 21 would be the maximun value. I've changed this so the server can pick up default 20 and community 21. The change here is only on the community XSD so I don't see the point to bump also default, however it looks like the original intention was to always keep them at the same version level, so not sure if my cyurrent approach is correct. See https://github.com/wildfly/wildfly-core/pull/6679/changes#diff-05a1ac6c7737df6cf1405f1edde50f98ecfc25fa72351dded577c4ab4fbe3ec4R104-R119

For 1. and 2., let me ping @jamezp and @bstansberry
For 3. let me ping @darranl

When you have a chance, could you provide some feedback about this? thanks

Notice I've have added only a test for the configuration changes, the one for the autditlog is still in progress. Also, identify the list of attributes that should be flagged as redactable probably will be a collective effort

[yersan]

Rebased, minor tweaks, added more attributes from Elytron subsystem that seems are candidates to be flagged as redactable

[wildfly-ci]

Core -> Full Integration Build 14985 outcome was FAILURE using a merge of ecb8d7b
Summary: Tests failed: 1 (1 new), passed: 4570, ignored: 55 Build time: 02:29:09

Failed tests

org.eclipse.microprofile.lra.tck.TckContextTests.testAfterLRAEnlistmentDuringClosingPhase: java.lang.AssertionError: AfterLRA listener registered during the Closing phase was not notified about the LRA close
Expected: a value equal to or greater than <1>
     but: <0> was less than <1>
java.lang.AssertionError: 
AfterLRA listener registered during the Closing phase was not notified about the LRA close
Expected: a value equal to or greater than <1>
     but: <0> was less than <1>
	at deployment.arquillian-service//org.hamcrest.MatcherAssert.assertThat(MatcherAssert.java:20)
	at deployment.tckcontexttests.war//org.eclipse.microprofile.lra.tck.service.LRAMetricAssertions.assertYes(LRAMetricAssertions.java:412)
	at deployment.tckcontexttests.war//org.eclipse.microprofile.lra.tck.service.LRAMetricAssertions.assertClosed(LRAMetricAssertions.java:184)
	at deployment.tckcontexttests.war//org.eclipse.microprofile.lra.tck.TckContextTests.testAfterLRAEnlistmentDuringClosingPhase(TckContextTests.java:327)
	at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
	at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
	at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
	at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
	at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
	at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
	at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
	at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
	at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
	at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
	at deployment.arquillian-service//org.jboss.as.arquillian.service.ArquillianService$ExtendedJMXTestRunner.doRunTestMethod(ArquillianService.java:221)
	at deployment.arquillian-service//org.jboss.as.arquillian.service.ArquillianService$ExtendedJMXTestRunner.runTestMethod(ArquillianService.java:191)
	at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
	at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
	at java.management/com.sun.jmx.mbeanserver.StandardMBeanIntrospector.invokeM2(StandardMBeanIntrospector.java:112)
	at java.management/com.sun.jmx.mbeanserver.StandardMBeanIntrospector.invokeM2(StandardMBeanIntrospector.java:46)
	at java.management/com.sun.jmx.mbeanserver.MBeanIntrospector.invokeM(MBeanIntrospector.java:236)
	at java.management/com.sun.jmx.mbeanserver.PerInterface.invoke(PerInterface.java:138)
	at java.management/com.sun.jmx.mbeanserver.MBeanSupport.invoke(MBeanSupport.java:252)
	at java.management/com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:803)
	at java.management/com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:802)
	at [email protected]//org.jboss.as.jmx.PluggableMBeanServerImpl$TcclMBeanServer.invoke(PluggableMBeanServerImpl.java:1482)
	at [email protected]//org.jboss.as.jmx.PluggableMBeanServerImpl.invoke(PluggableMBeanServerImpl.java:714)
	at [email protected]//org.jboss.as.jmx.BlockingNotificationMBeanServer.invoke(BlockingNotificationMBeanServer.java:151)
	at [email protected]//org.jboss.as.jmx.AuthorizingMBeanServer.invoke(AuthorizingMBeanServer.java:245)
	at [email protected]//org.jboss.remotingjmx.protocol.v2.ServerProxy$InvokeHandler.handle(ServerProxy.java:947)
	at [email protected]//org.jboss.remotingjmx.protocol.v2.ServerCommon$MessageReciever$1$1.run(ServerCommon.java:149)
	at [email protected]//org.jboss.as.jmx.ServerInterceptorFactory$Interceptor$1.run(ServerInterceptorFactory.java:54)
	at [email protected]//org.jboss.as.jmx.ServerInterceptorFactory$Interceptor$1.run(ServerInterceptorFactory.java:49)
	at [email protected]//org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:328)
	at [email protected]//org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:285)
	at [email protected]//org.jboss.as.controller.AccessAuditContext.doAs(AccessAuditContext.java:237)
	at [email protected]//org.jboss.as.controller.AccessAuditContext.doAs(AccessAuditContext.java:208)
	at [email protected]//org.jboss.as.jmx.ServerInterceptorFactory$Interceptor.handleEvent(ServerInterceptorFactory.java:49)
	at [email protected]//org.jboss.remotingjmx.protocol.v2.ServerCommon$MessageReciever$1.run(ServerCommon.java:145)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1144)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:642)
	at java.base/java.lang.Thread.run(Thread.java:1583)
------- Stdout: -------
 [0m11:31:01,403 INFO  [org.eclipse.microprofile.lra.tck.TckTestBase] (pool-8-thread-1) Running test: testAfterLRAEnlistmentDuringClosingPhase