• English

    • Migrating from archived OSA Proxy

    OSA Proxy implementation

    This page describes the current OSA Proxy implementation. The archived Java/Spring implementation is available in Archived Java/Spring implementation.

    This section describes how to migrate configuration from the archived Java/Spring version of OSA Proxy to the current OSA Proxy implementation. The archived configuration used application.yml; the current version uses osa-proxy.yml.

    Main changes

    Archived OSA ProxyCurrent OSA Proxy
    application.ymlosa-proxy.yml
    codescoring.hostcodescoring.url
    codescoring.proxy-manager-hostcodescoring.osa-proxy-url
    Spring Boot logging with logging.level.ru.codescoringlogging.level: debug/info/warn/error
    Actuator endpoints/healthz, /metrics, /api/v3/api-docs, /api/swagger/
    Global codescoring.work-modecodescoring.work-mode plus repository[*].work-mode override

    The codescoring.enable-status-line, codescoring.block-status-code, codescoring.block-on-codescoring-errors, and codescoring.remove-blocked-versions fields keep the same meaning, but must be moved to the new osa-proxy.yml structure.

    New capabilities

    • Composer and RubyGems support.
    • Repository-level work mode override with repository[*].work-mode.
    • Repository-level file type filtering with repository[*].file-type-filter.
    • Explicit HTTP server and HTTP client configuration in http.server and http.client instead of Spring Boot / WebFlux properties.

    npm migration example

    Legacy configuration:

    codescoring:
  host: https://codescoring.example.com
  token: "<token>"
  work-mode: strict_wait
  proxy-manager-host: https://osa-proxy.example.com
  block-on-codescoring-errors: true
  remove-blocked-versions: true

npm:
  enabled: true
  repository:
    - name: internet-npm
      scan-package: true
      scan-manifest: true
      url-encoded-config: true
      registry: https://registry.npmjs.org

    Configuration for the current OSA Proxy:

    codescoring:
  url: https://codescoring.example.com
  token: "<token>"
  work-mode: strict_wait
  osa-proxy-url: https://osa-proxy.example.com
  block-on-codescoring-errors: true
  remove-blocked-versions: true
  block-status-code: 403

npm:
  enabled: true
  repository:
    - name: internet-npm
      scan-package: true
      scan-manifest: true
      work-mode: strict_wait
      url-encoded-config: true
      registry: https://registry.npmjs.org

logging:
  level: info

    After migration, the npm client uses the same route name:

    npm config set registry https://osa-proxy.example.com/internet-npm/
npm view lodash version

    Migration checklist

    1. Create a new osa-proxy.yml file.
    2. Move the CodeScoring platform URL from codescoring.host to codescoring.url.
    3. Move the token to codescoring.token.
    4. Move the external proxy URL from codescoring.proxy-manager-host to codescoring.osa-proxy-url.
    5. Choose the global codescoring.work-mode and set repository[*].work-mode for specific repositories when needed.
    6. Move package manager sections and check name, registry, scan-manifest, scan-package, and url-encoded-config.
    7. Enable cache.judge.enabled only when Redis is available and verdict caching is required.
    8. Update package manager configuration to use current OSA Proxy URLs.
    9. Check GET /healthz, GET /metrics, and one test request for each enabled repository type.

    What to remove from the old configuration

    Spring Boot parameters, JVM options, and actuator settings are not part of osa-proxy.yml. The current version does not use /actuator/metrics or /actuator/prometheus; metrics are exposed directly at /metrics.

    Was this page helpful?