Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Explicitly set illegal-access to deny for tests #72588

Merged
merged 11 commits into from
Jun 2, 2021

Conversation

rjernst
Copy link
Member

@rjernst rjernst commented Apr 30, 2021

Since Java 16, the default value for illegal-access is deny. This means
the latest release of Elasticsearch, and all current integration tests,
run with deny (since we don't explicitly set it in jvm options). Yet
tests run with illegal-access=warn, for legacy reasons. #71908
proposed to remove the setting from test jvms, but concerns were raised
there about whether this would cause some test failures.

This commit explicitly sets tests to deny. This has the added benefit
that any failures will be caught even when running tests with older
jvms.

Since Java 16, the default value for illegal-access is deny. This means
the latest release of Elasticsearch, and all current integration tests,
run with deny (since we don't explicitly set it in jvm options). Yet
tests run with illegal-access=warn, for legacy reasons. elastic#71908
proposed to remove the setting from test jvms, but concerns were raised
there about whether this would cause some test failures.

This commit explicitly sets tests to deny. This has the added benefit
that any failures will be caught even when running tests with older
jvms.
@rjernst rjernst added >test Issues or PRs that are addressing/adding tests :Delivery/Build Build or test infrastructure v8.0.0 labels Apr 30, 2021
@elasticmachine elasticmachine added the Team:Delivery Meta label for Delivery team label Apr 30, 2021
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-delivery (Team:Delivery)

@rjernst
Copy link
Member Author

rjernst commented Jun 1, 2021

@mark-vieira This is ready for review. It at least gets our tests closer to what production is using (since illegal-access defaults to deny in Java 16). I will followup trying to make mockito modular so that we can not accidentally allow production code to cross the module boundaries of the JDK as necessary in tests for mocking.

Copy link
Contributor

@mark-vieira mark-vieira left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like you still have one mole left to whack but otherwise LGTM.

Caused by: java.lang.IllegalAccessException: class org.apache.hadoop.security.authentication.util.KerberosUtil cannot access class sun.security.krb5.Config (in module java.security.jgss) because module java.security.jgss does not export sun.security.krb5 to unnamed module @77cd01d8

@rjernst
Copy link
Member Author

rjernst commented Jun 1, 2021

Looks related to #68075. Of course the failure doesn't reproduce...will investigate.

@rjernst
Copy link
Member Author

rjernst commented Jun 2, 2021

@elasticmachine update branch

@rjernst rjernst merged commit 8cba213 into elastic:master Jun 2, 2021
@rjernst rjernst deleted the illegal_access1 branch June 2, 2021 23:09
rjernst added a commit to rjernst/elasticsearch that referenced this pull request Jun 2, 2021
Since Java 16, the default value for illegal-access is deny. This means
the latest release of Elasticsearch, and all current integration tests,
run with deny (since we don't explicitly set it in jvm options). Yet
tests run with illegal-access=warn, for legacy reasons. elastic#71908
proposed to remove the setting from test jvms, but concerns were raised
there about whether this would cause some test failures.

This commit explicitly sets tests to deny. This has the added benefit
that any failures will be caught even when running tests with older
jvms.
rjernst added a commit that referenced this pull request Jun 3, 2021
Since Java 16, the default value for illegal-access is deny. This means
the latest release of Elasticsearch, and all current integration tests,
run with deny (since we don't explicitly set it in jvm options). Yet
tests run with illegal-access=warn, for legacy reasons. #71908
proposed to remove the setting from test jvms, but concerns were raised
there about whether this would cause some test failures.

This commit explicitly sets tests to deny. This has the added benefit
that any failures will be caught even when running tests with older
jvms.
@rjernst rjernst added the v7.14.0 label Jun 3, 2021
rjernst added a commit to rjernst/elasticsearch that referenced this pull request Sep 23, 2021
Since Java 16, the default value for illegal-access is deny. This means
the latest release of Elasticsearch, and all current integration tests,
run with deny (since we don't explicitly set it in jvm options). Yet
tests run with illegal-access=warn, for legacy reasons. elastic#71908
proposed to remove the setting from test jvms, but concerns were raised
there about whether this would cause some test failures.

This commit explicitly sets tests to deny. This has the added benefit
that any failures will be caught even when running tests with older
jvms.
elasticsearchmachine pushed a commit that referenced this pull request Sep 23, 2021
Since Java 16, the default value for illegal-access is deny. This means
the latest release of Elasticsearch, and all current integration tests,
run with deny (since we don't explicitly set it in jvm options). Yet
tests run with illegal-access=warn, for legacy reasons. #71908
proposed to remove the setting from test jvms, but concerns were raised
there about whether this would cause some test failures.

This commit explicitly sets tests to deny. This has the added benefit
that any failures will be caught even when running tests with older
jvms.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
:Delivery/Build Build or test infrastructure Team:Delivery Meta label for Delivery team >test Issues or PRs that are addressing/adding tests v7.14.0 v8.0.0-alpha1
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants