Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use task avoidance with forbidden apis #55034

Merged
merged 4 commits into from
Apr 15, 2020
Merged

Use task avoidance with forbidden apis #55034

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
2e8d322
Use task avoidance with forbidden apis
rjernst Apr 9, 2020
efeffaf
feedback
rjernst Apr 13, 2020
4af78c1
fix bad testkit conversion
rjernst Apr 13, 2020
6762e13
Merge branch 'master' into taskavoidance1
rjernst Apr 15, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion benchmarks/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ compileJava.options.compilerArgs.addAll(["-processor", "org.openjdk.jmh.generato
run.executable = "${BuildParams.runtimeJavaHome}/bin/java"

// classes generated by JMH can use all sorts of forbidden APIs but we have no influence at all and cannot exclude these classes
forbiddenApisMain.enabled = false
disableTasks('forbiddenApisMain')

// No licenses for our benchmark deps (we don't ship benchmarks)
dependencyLicenses.enabled = false
Expand Down
9 changes: 9 additions & 0 deletions build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -518,3 +518,12 @@ subprojects {
}
}
}

subprojects {
Closure disableMethod = { String... tasknames ->
for (String taskname : tasknames) {
project.tasks.named(taskname).configure { onlyIf { false } }
}
}
project.ext.disableTasks = disableMethod
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why the intermediary variable here? This can be simplified to ext.disableTasks = { String... taskNames ->...

}
4 changes: 1 addition & 3 deletions buildSrc/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -166,9 +166,7 @@ if (project != rootProject) {
// build-tools is not ready for primetime with these...
dependencyLicenses.enabled = false
dependenciesInfo.enabled = false
forbiddenApisMain.enabled = false
forbiddenApisMinimumRuntime.enabled = false
forbiddenApisTest.enabled = false
disableTasks('forbiddenApisMain', 'forbiddenApisMinimumRuntime', 'forbiddenApisTest')
jarHell.enabled = false
thirdPartyAudit.enabled = false
if (Boolean.parseBoolean(System.getProperty("tests.fips.enabled"))){
Expand Down
3 changes: 1 addition & 2 deletions buildSrc/src/testKit/elasticsearch.build/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,8 +17,7 @@ repositories {
}

// todo remove offending rules
forbiddenApisMain.enabled = false
forbiddenApisTest.enabled = false
disableTasks('forbiddenApisMain', 'forbiddenApisTest')
// requires dependency on testing fw
jarHell.enabled = false
// we don't have tests for now
Expand Down
2 changes: 1 addition & 1 deletion client/rest-high-level/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,7 @@ dependencyLicenses {
}
}

forbiddenApisMain {
tasks.named('forbiddenApisMain').configure {
// core does not depend on the httpclient for compile so we add the signatures here. We don't add them for test as they are already
// specified
addSignatureFiles 'http-signatures'
Expand Down
4 changes: 2 additions & 2 deletions client/rest/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ dependencies {
testCompile "org.elasticsearch:mocksocket:${versions.mocksocket}"
}

tasks.withType(CheckForbiddenApis) {
tasks.withType(CheckForbiddenApis).configureEach {
//client does not depend on server, so only jdk and http signatures should be checked
replaceSignatureFiles('jdk-signatures', 'http-signatures')
}
Expand All @@ -61,7 +61,7 @@ forbiddenPatterns {
exclude '**/*.der'
}

forbiddenApisTest {
tasks.named('forbiddenApisTest').configure {
//we are using jdk-internal instead of jdk-non-portable to allow for com.sun.net.httpserver.* usage
bundledSignatures -= 'jdk-non-portable'
bundledSignatures += 'jdk-internal'
Expand Down
4 changes: 2 additions & 2 deletions client/sniffer/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,12 +49,12 @@ dependencies {
testCompile "org.elasticsearch:mocksocket:${versions.mocksocket}"
}

forbiddenApisMain {
tasks.named('forbiddenApisMain').configure {
//client does not depend on server, so only jdk signatures should be checked
replaceSignatureFiles 'jdk-signatures'
}

forbiddenApisTest {
tasks.named('forbiddenApisTest').configure {
//we are using jdk-internal instead of jdk-non-portable to allow for com.sun.net.httpserver.* usage
bundledSignatures -= 'jdk-non-portable'
bundledSignatures += 'jdk-internal'
Expand Down
4 changes: 2 additions & 2 deletions client/test/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,12 +30,12 @@ dependencies {
compile "org.hamcrest:hamcrest:${versions.hamcrest}"
}

forbiddenApisMain {
tasks.named('forbiddenApisMain').configure {
//client does not depend on core, so only jdk signatures should be checked
replaceSignatureFiles 'jdk-signatures'
}

forbiddenApisTest {
tasks.named('forbiddenApisTest').configure {
//we are using jdk-internal instead of jdk-non-portable to allow for com.sun.net.httpserver.* usage
bundledSignatures -= 'jdk-non-portable'
bundledSignatures += 'jdk-internal'
Expand Down
2 changes: 1 addition & 1 deletion distribution/tools/java-version-checker/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ apply plugin: 'elasticsearch.build'
targetCompatibility = JavaVersion.VERSION_1_7

// java_version_checker do not depend on core so only JDK signatures should be checked
forbiddenApisMain {
tasks.named('forbiddenApisMain').configure {
replaceSignatureFiles 'jdk-signatures'
}

Expand Down
2 changes: 1 addition & 1 deletion distribution/tools/launchers/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ dependencies {

archivesBaseName = 'elasticsearch-launchers'

tasks.withType(CheckForbiddenApis) {
tasks.withType(CheckForbiddenApis).configureEach {
replaceSignatureFiles 'jdk-signatures'
}

Expand Down
2 changes: 1 addition & 1 deletion libs/cli/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,6 @@ test.enabled = false
// Since CLI does not depend on :server, it cannot run the jarHell task
jarHell.enabled = false

forbiddenApisMain {
tasks.named('forbiddenApisMain').configure {
replaceSignatureFiles 'jdk-signatures'
}
2 changes: 1 addition & 1 deletion libs/core/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ dependencies {
}
}

forbiddenApisMain {
tasks.named('forbiddenApisMain').configure {
// :libs:elasticsearch-core does not depend on server
// TODO: Need to decide how we want to handle for forbidden signatures with the changes to server
replaceSignatureFiles 'jdk-signatures'
Expand Down
2 changes: 1 addition & 1 deletion libs/dissect/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ dependencies {
testCompile "com.fasterxml.jackson.core:jackson-databind:${versions.jackson}"
}

forbiddenApisMain {
tasks.named('forbiddenApisMain').configure {
replaceSignatureFiles 'jdk-signatures'
}

2 changes: 1 addition & 1 deletion libs/geo/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ dependencies {
}
}

forbiddenApisMain {
tasks.named('forbiddenApisMain').configure {
// geo does not depend on server
// TODO: Need to decide how we want to handle for forbidden signatures with the changes to core
replaceSignatureFiles 'jdk-signatures'
Expand Down
2 changes: 1 addition & 1 deletion libs/grok/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,6 @@ dependencies {
}
}

forbiddenApisMain {
tasks.named('forbiddenApisMain').configure {
replaceSignatureFiles 'jdk-signatures'
}
2 changes: 1 addition & 1 deletion libs/nio/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ dependencies {
}


forbiddenApisMain {
tasks.named('forbiddenApisMain').configure {
// nio does not depend on core, so only jdk signatures should be checked
// es-all is not checked as we connect and accept sockets
replaceSignatureFiles 'jdk-signatures'
Expand Down
2 changes: 1 addition & 1 deletion libs/plugin-classloader/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,5 +20,5 @@
test.enabled = false

// test depend on ES core...
forbiddenApisMain.enabled = false
disableTasks('forbiddenApisMain')
jarHell.enabled = false
2 changes: 1 addition & 1 deletion libs/secure-sm/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ dependencies {
}
}

forbiddenApisMain {
tasks.named('forbiddenApisMain').configure {
replaceSignatureFiles 'jdk-signatures'
}

Expand Down
2 changes: 1 addition & 1 deletion libs/ssl-config/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ dependencies {
}


forbiddenApisMain {
tasks.named('forbiddenApisMain').configure {
replaceSignatureFiles 'jdk-signatures'
}

Expand Down
2 changes: 1 addition & 1 deletion libs/x-content/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ dependencies {

}

forbiddenApisMain {
tasks.named('forbiddenApisMain').configure {
// x-content does not depend on server
// TODO: Need to decide how we want to handle for forbidden signatures with the changes to core
replaceSignatureFiles 'jdk-signatures'
Expand Down
2 changes: 1 addition & 1 deletion plugins/analysis-icu/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ esplugin {
classname 'org.elasticsearch.plugin.analysis.icu.AnalysisICUPlugin'
}

tasks.withType(CheckForbiddenApis) {
tasks.withType(CheckForbiddenApis).configureEach {
signatures += [
"com.ibm.icu.text.Collator#getInstance() @ Don't use default locale, use getInstance(ULocale) instead"
]
Expand Down
4 changes: 2 additions & 2 deletions qa/os/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ dependencies {
testCompile "com.fasterxml.jackson.core:jackson-databind:${versions.jackson}"
}

forbiddenApisTest {
tasks.named('forbiddenApisTest').configure {
replaceSignatureFiles 'jdk-signatures'
}

Expand All @@ -58,7 +58,7 @@ tasks.dependenciesInfo.enabled = false
tasks.thirdPartyAudit.ignoreMissingClasses()

tasks.register('destructivePackagingTest') {
dependsOn 'destructiveDistroTest'
dependsOn 'destructiveDistroTest'
}

processTestResources {
Expand Down
2 changes: 1 addition & 1 deletion server/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ if (!isEclipse) {
targetCompatibility = 12
}

forbiddenApisJava12 {
tasks.named('forbiddenApisJava12').configure {
doFirst {
if (BuildParams.runtimeJavaVersion < JavaVersion.VERSION_12) {
targetCompatibility = JavaVersion.VERSION_12.getMajorVersion()
Expand Down
2 changes: 1 addition & 1 deletion test/fixtures/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
subprojects {
// fixtures are mostly external and by default we don't want to check forbidden apis
forbiddenApisMain.enabled = false
disableTasks('forbiddenApisMain')
}
2 changes: 1 addition & 1 deletion test/framework/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ compileJava.options.compilerArgs << '-Xlint:-cast,-rawtypes,-unchecked'
compileTestJava.options.compilerArgs << '-Xlint:-rawtypes'

// the main files are actually test files, so use the appropriate forbidden api sigs
forbiddenApisMain {
tasks.named('forbiddenApisMain').configure {
replaceSignatureFiles 'jdk-signatures', 'es-all-signatures', 'es-test-signatures'
}

Expand Down
3 changes: 1 addition & 2 deletions test/logger-usage/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,8 +27,7 @@ dependencies {

loggerUsageCheck.enabled = false

forbiddenApisMain.enabled = true // disabled by parent project
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we need to keep this?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No, I looked at the parent but did not see it being disabled there. Also, using onlyIf now, there would be no way to disable (using onlyIf) in the parent but then re-enable in the child project.

forbiddenApisMain {
tasks.named('forbiddenApisMain').configure {
replaceSignatureFiles 'jdk-signatures' // does not depend on core, only jdk signatures
}
jarHell.enabled = true // disabled by parent project
Expand Down
2 changes: 1 addition & 1 deletion x-pack/plugin/core/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,7 @@ forbiddenPatterns {
exclude '**/*.zip'
}

forbiddenApisMain {
tasks.named('forbiddenApisMain').configure {
signaturesFiles += files('forbidden/hasher-signatures.txt')
}

Expand Down
2 changes: 1 addition & 1 deletion x-pack/plugin/identity-provider/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ forbiddenPatterns {
exclude '**/*.zip'
}

forbiddenApisMain {
tasks.named('forbiddenApisMain').configure {
signaturesFiles += files('forbidden/xml-signatures.txt')
}

Expand Down
2 changes: 1 addition & 1 deletion x-pack/plugin/security/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -170,7 +170,7 @@ forbiddenPatterns {
exclude '**/*.zip'
}

forbiddenApisMain {
tasks.named('forbiddenApisMain').configure {
signaturesFiles += files('forbidden/ldap-signatures.txt', 'forbidden/xml-signatures.txt', 'forbidden/oidc-signatures.txt')
}

Expand Down
2 changes: 1 addition & 1 deletion x-pack/plugin/security/cli/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ if (BuildParams.inFipsJvm) {
testingConventions.enabled = false
// Forbiden APIs non-portable checks fail because bouncy castle classes being used from the FIPS JDK since those are
// not part of the Java specification - all of this is as designed, so we have to relax this check for FIPS.
tasks.withType(CheckForbiddenApis) {
tasks.withType(CheckForbiddenApis).configureEach {
bundledSignatures -= "jdk-non-portable"
}
}
2 changes: 1 addition & 1 deletion x-pack/plugin/sql/jdbc/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ apply plugin: 'com.github.johnrengelman.shadow'
description = 'JDBC driver for Elasticsearch'
archivesBaseName = "x-pack-sql-jdbc"

forbiddenApisMain {
tasks.named('forbiddenApisMain').configure {
// does not depend on core, so only jdk and http signatures should be checked
replaceSignatureFiles 'jdk-signatures'
}
Expand Down
2 changes: 1 addition & 1 deletion x-pack/plugin/sql/qa/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ dependencyLicenses.enabled = false
dependenciesInfo.enabled = false

// the main files are actually test files, so use the appropriate forbidden api sigs
forbiddenApisMain {
tasks.named('forbiddenApisMain').configure {
replaceSignatureFiles 'es-all-signatures', 'es-test-signatures'
}

Expand Down
2 changes: 1 addition & 1 deletion x-pack/plugin/sql/sql-action/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ dependencies {
testCompile project(":test:framework")
}

forbiddenApisMain {
tasks.named('forbiddenApisMain').configure {
//sql does not depend on server, so only jdk signatures should be checked
replaceSignatureFiles 'jdk-signatures'
}
Expand Down
2 changes: 1 addition & 1 deletion x-pack/plugin/sql/sql-cli/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ shadowJar {
}
}

forbiddenApisMain {
tasks.named('forbiddenApisMain').configure {
//sql does not depend on server, so only jdk signatures should be checked
replaceSignatureFiles 'jdk-signatures'
signaturesFiles += files('src/forbidden/cli-signatures.txt')
Expand Down
4 changes: 2 additions & 2 deletions x-pack/plugin/sql/sql-client/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,12 +21,12 @@ dependencyLicenses {
ignoreSha 'elasticsearch-core'
}

forbiddenApisMain {
tasks.named('forbiddenApisMain').configure {
// does not depend on core, so only jdk and http signatures should be checked
replaceSignatureFiles 'jdk-signatures'
}

forbiddenApisTest {
tasks.named('forbiddenApisTest').configure {
bundledSignatures -= 'jdk-non-portable'
bundledSignatures += 'jdk-internal'
}
Expand Down
2 changes: 1 addition & 1 deletion x-pack/plugin/sql/sql-proto/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ dependencies {
testCompile project(":test:framework")
}

forbiddenApisMain {
tasks.named('forbiddenApisMain').configure {
//sql does not depend on server, so only jdk signatures should be checked
replaceSignatureFiles 'jdk-signatures'
}
Expand Down