{"id":37022207,"url":"https://github.com/estuaryoss/estuary-agent-java","last_synced_at":"2026-01-14T02:38:44.700Z","repository":{"id":40490509,"uuid":"294938297","full_name":"estuaryoss/estuary-agent-java","owner":"estuaryoss","description":"Estuary Agent is a Spring Boot service that runs your shell commands via pure REST API. Part of the Estuary stack.","archived":true,"fork":false,"pushed_at":"2023-03-31T15:28:26.000Z","size":12626,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-07-24T12:47:40.817Z","etag":null,"topics":["api-control","automation-as-a-service","distributed-testing","estuary-stack","parallel-testing","remote-config","remote-control","remote-shell","standardization","test-automation","test-automation-as-a-service","testing","testing-tool","testing-tools"],"latest_commit_sha":null,"homepage":"http://estuaryoss.github.io","language":"Java","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/estuaryoss.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-09-12T12:21:18.000Z","updated_at":"2023-09-23T10:06:13.000Z","dependencies_parsed_at":"2023-02-18T15:31:25.380Z","dependency_job_id":null,"html_url":"https://github.com/estuaryoss/estuary-agent-java","commit_stats":null,"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"purl":"pkg:github/estuaryoss/estuary-agent-java","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/estuaryoss%2Festuary-agent-java","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/estuaryoss%2Festuary-agent-java/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/estuaryoss%2Festuary-agent-java/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/estuaryoss%2Festuary-agent-java/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/estuaryoss","download_url":"https://codeload.github.com/estuaryoss/estuary-agent-java/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/estuaryoss%2Festuary-agent-java/sbom","scorecard":{"id":383441,"data":{"date":"2025-08-11","repo":{"name":"github.com/estuaryoss/estuary-agent-java","commit":"1caaffd0789848b281d371e0654a779af68b6f7b"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.8,"checks":[{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":0,"reason":"project is archived","details":["Warn: Repository is archived."],"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: containerImage not pinned by hash: Dockerfile:1: pin your Docker image by updating azul/zulu-openjdk:11 to azul/zulu-openjdk:11@sha256:00074f55c0e84f25f3c54e26bf25c00dea94156913f3aefbf0223acb42901a8c","Warn: containerImage not pinned by hash: sandbox/fluentd/Dockerfile:1: pin your Docker image by updating fluentd:v1.9.1-debian-1.0 to fluentd:v1.9.1-debian-1.0@sha256:c3ae19c34fd193cd285ff07516216a06e3e02fa1a80fc222ad13a2cf3d5f1688","Info:   0 out of   2 containerImage dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 23 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-18T16:00:14.258Z","repository_id":40490509,"created_at":"2025-08-18T16:00:14.259Z","updated_at":"2025-08-18T16:00:14.259Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28408711,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-14T01:52:23.358Z","status":"online","status_checked_at":"2026-01-14T02:00:06.678Z","response_time":107,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api-control","automation-as-a-service","distributed-testing","estuary-stack","parallel-testing","remote-config","remote-control","remote-shell","standardization","test-automation","test-automation-as-a-service","testing","testing-tool","testing-tools"],"created_at":"2026-01-14T02:38:44.200Z","updated_at":"2026-01-14T02:38:44.690Z","avatar_url":"https://github.com/estuaryoss.png","language":"Java","readme":"\u003ch1 align=\"center\"\u003e\u003cimg src=\"./docs/images/banner_agent.png\" alt=\"Estuary Agent\"\u003e\u003c/h1\u003e  \n\n# About\n\nThe agent is written in Java (SpringBoot), and it executes low-level commands.\n\nIt enables any use case which implies system commands:\n\n- Controlling and configuring the machines (via REST API)\n- Exposing CLI applications via REST API\n- Testing support by enabling SUT control and automation framework control\n- IoT\n- Home control integrations\n\nIt supports command execution having several modes:\n\n- Commands executed sequentially\n- Commands executed in parallel\n- Commands executed in background\n- Commands executed synchronously\n\nWith the help of the agent the user can also do IO operations:\n\n- File upload and download (binary / text)\n- Folder download (as zip archive)\n\nThis code acts both as a microservice as well as a library:\n\na) Standalone microservice jar with the\nextension: [exec.jar](https://search.maven.org/artifact/com.github.estuaryoss/agent/4.2.0/jar)\n\n```bash\njava -jar agent-4.2.2-exec.jar\n```\n\nb) Library as a Maven dependency:\n\n```xml\n\n\u003cdependency\u003e\n    \u003cgroupId\u003ecom.github.estuaryoss\u003c/groupId\u003e\n    \u003cartifactId\u003eagent\u003c/artifactId\u003e\n    \u003cversion\u003e4.2.2\u003c/version\u003e\n\u003c/dependency\u003e\n```\n\n## Artifact\n\n![Maven Central with version prefix filter](https://img.shields.io/maven-central/v/com.github.estuaryoss/agent/4.2.2)\n![Sonatype Nexus (Snapshots)](https://img.shields.io/nexus/s/com.github.estuaryoss/agent?server=https%3A%2F%2Fs01.oss.sonatype.org)\n\n## Build status\n\n[![CircleCI](https://circleci.com/gh/estuaryoss/estuary-agent-java.svg?style=svg\u0026circle-token=2036f4d0e07fadce8101e00e790970fcfb43e03f)](https://circleci.com/gh/estuaryoss/estuary-agent-java)\n\n## Code quality\n\n[![Codacy Badge](https://app.codacy.com/project/badge/Grade/20bec8d5bf1b4197b6447b9f926c32ad)](https://www.codacy.com/gh/estuaryoss/estuary-agent-java/dashboard?utm_source=github.com\u0026amp;utm_medium=referral\u0026amp;utm_content=estuaryoss/estuary-agent-java\u0026amp;utm_campaign=Badge_Grade)\n[![Maintainability](https://api.codeclimate.com/v1/badges/cb9958e3b834d93cb082/maintainability)](https://codeclimate.com/repos/5f6783d35aa6290178006578/maintainability)\n\n## Postman collection\n\nThe postman collection is saved in folder **docs**\n\n## Commands in background\n\nSend your command using the classic endpoints, and then timeout from client.   \nUse **/commands**, **/commands/running** and **/commands/finished** GET to retrieve your command information.\n\n## Eureka client registration\n\nSet the following env vars:\n\n- APP_IP -\u003e the ip which this service binds to\n- PORT -\u003e the port which this service binds to\n\nExample:\n\n ```bash\nexport APP_IP=192.168.0.4\nexport PORT=8081\njava -jar \\\n-Deureka.client.serviceUrl.defaultZone=http://192.168.0.100:8080/eureka/v2 \\\n-Deureka.client.enabled=true agent-4.2.3-SNAPSHOT-exec.jar \n```\n\n## Fluentd logging\n\n- FLUENTD_IP_PORT -\u003e This env var sets the fluentd ip:port connection. Example: localhost:24224\n\n## Authentication\n\n### Method 1 - Spring security\n\n- HTTP_AUTH_USER\n- HTTP_AUTH_PASSWORD\n\nThese env vars will be matched against basic authentication from your HttpClient.  \nAfter user auth, set the received cookie (JSESSIONID) to communicate further with the agent.  \nThe same settings can be set through application properties: **app.user** \u0026 **app.password**.  \nThe env vars precedence is higher than the one set through the application properties.\n\n[!!!]() Use these env variables or swap application.properties file if you use it as dependency, otherwise you will open\na major security hole. The attacker will have access to your system. [!!!]()\n\n### Method 2 - Token auth - No spring-security\n\n- HTTP_AUTH_TOKEN -\u003e This env var sets the auth token for the service. Will be matched with the header 'Token'  \n  Note: The profile to be used is 'test'.\n\n## Command timeout\n\n- COMMAND_TIMEOUT -\u003e This env var sets the command timeout for the system commands. Default is **1800** seconds.\n\n## Enable HTTPS\n\nSet **HTTPS_ENABLE** env var option to *true* or *false*.    \nSet the certificate path (is relative!) with **HTTPS_KEYSTORE** and **HTTPS_KEYSTORE_PASSWORD** env variables. E.g.\nHTTPS_KEYSTORE=file:https/keystore.p12  \nIf you do not set cert and keystore password env vars, it uses the ones from default *application.properties* in the\nresource folder.\n\n! Please also set the following env vars:\n- the app port by setting the env var called **PORT** to *8443*. Default is 8080.\n- **SERVICE_PROTOCOL** to *https*\n\n## Environment variables injection\n\nUser defined environment variables will be stored in a 'virtual' environment. The extra env vars will be used by the\nprocess that executes system commands.  \nThere are two ways to inject user defined environment variables.\n\n- call POST on **/env** endpoint. The body will contain the env vars in JSON format. E.g. {\"FOO1\":\"BAR1\"}\n- create an **environment.properties** file with the extra env vars needed and place it in the same path as the JAR.\n  Example in this repo.\n\n*! All environment variables described above can also be set using **environment.properties**. However, the vars set\nthrough **application.yml** can't be set: PORT, APP_IP, EUREKA_SERVER.*\n\n## Example output\n\ncurl -X POST -d 'ls -lrt' http://localhost:8080/command\n\n```json\n{\n  \"code\": 1000,\n  \"message\": \"Success\",\n  \"description\": {\n    \"finished\": true,\n    \"started\": false,\n    \"startedat\": \"2020-08-15 19:38:16.138962\",\n    \"finishedat\": \"2020-08-15 19:38:16.151067\",\n    \"duration\": 0.012,\n    \"pid\": 2315,\n    \"id\": \"none\",\n    \"commands\": {\n      \"ls -lrt\": {\n        \"status\": \"finished\",\n        \"details\": {\n          \"out\": \"total 371436\\n-rwxr-xr-x 1 dinuta qa  13258464 Jun 24 09:25 main-linux\\ndrwxr-xr-x 4 dinuta qa        40 Jul  1 11:42 tmp\\n-rw-r--r-- 1 dinuta qa  77707265 Jul 25 19:38 testrunner-linux.zip\\n-rw------- 1 dinuta qa   4911271 Aug 14 10:00 nohup.out\\n\",\n          \"err\": \"\",\n          \"code\": 0,\n          \"pid\": 6803,\n          \"args\": [\n            \"/bin/sh\",\n            \"-c\",\n            \"ls -lrt\"\n          ]\n        },\n        \"startedat\": \"2020-08-15 19:38:16.138970\",\n        \"finishedat\": \"2020-08-15 19:38:16.150976\",\n        \"duration\": 0.012\n      }\n    }\n  },\n  \"timestamp\": \"2020-08-15 19:38:16.151113\",\n  \"path\": \"/command?\",\n  \"name\": \"estuary-agent\",\n  \"version\": \"4.0.8\"\n}\n```\n\n## Overview\n\nThe underlying library integrating swagger to SpringBoot is [springfox](https://github.com/springfox/springfox)\n\nStart your server as an simple java application\n\nYou can view the api documentation in swagger-ui by pointing to  \nhttp://localhost:8080/\n\nChange default port value in application.properties\n\n## Maven dependency \u0026\u0026 settings.xml\n\nGet this dependency:\n\n```xml\n\n\u003cdependency\u003e\n  \u003cgroupId\u003ecom.github.estuaryoss\u003c/groupId\u003e\n  \u003cartifactId\u003eagent\u003c/artifactId\u003e\n  \u003cversion\u003e4.0.8\u003c/version\u003e\n\u003c/dependency\u003e\n```\n\n## Maven devendency snapshot\n\n```xml\n\n\u003cdependency\u003e\n    \u003cgroupId\u003ecom.github.estuaryoss\u003c/groupId\u003e\n    \u003cartifactId\u003eagent\u003c/artifactId\u003e\n    \u003cversion\u003e4.2.3-SNAPSHOT\u003c/version\u003e\n\u003c/dependency\u003e\n```\n\nTo use a snapshot version, set the s01.oss.sonatype.org repo in settings.xml:\n\n```xml\n\n\u003crepository\u003e\n    \u003cid\u003esnaphosts4\u003c/id\u003e\n    \u003csnapshots\u003e\n        \u003cenabled\u003etrue\u003c/enabled\u003e\n    \u003c/snapshots\u003e\n    \u003creleases\u003e\n        \u003cenabled\u003efalse\u003c/enabled\u003e\n        \u003cupdatePolicy\u003ealways\u003c/updatePolicy\u003e\n    \u003c/releases\u003e\n    \u003cname\u003eall-external8\u003c/name\u003e\n    \u003curl\u003ehttps://s01.oss.sonatype.org/content/repositories/snapshots/\u003c/url\u003e\n\u003c/repository\u003e\n```\n\nTo generate Query classes needed for the DB queries run:  \nmvn clean install (-DskipTests=true for faster compilation)\n\n## Resources\n\n- https://springdoc.org/#migrating-from-springfox\n- https://swagger.io/docs/open-source-tools/swagger-ui/usage/configuration/\n\nSupport\nproject: \u003ca href=\"https://paypal.me/catalindinuta?locale.x=en_US\"\u003e\u003cimg src=\"https://lh3.googleusercontent.com/Y2_nyEd0zJftXnlhQrWoweEvAy4RzbpDah_65JGQDKo9zCcBxHVpajYgXWFZcXdKS_o=s180-rw\" height=\"40\" width=\"40\" align=\"center\"\u003e\u003c/a\u003e   \n","funding_links":["https://paypal.me/catalindinuta?locale.x=en_US"],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Festuaryoss%2Festuary-agent-java","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Festuaryoss%2Festuary-agent-java","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Festuaryoss%2Festuary-agent-java/lists"}