server_aws_common not included in ZMS/ZTS assembly tarballs

[gjoranv]

Background

The 1.11-to-1.12 migration guide states: "Make sure athenz-server-aws-common module along with all of its dependencies is deployed as part of your application."

However, the ZMS and ZTS assembly tarballs (assembly/zms/target/athenz-zms-*-bin.tar.gz and assembly/zts/target/athenz-zts-*-bin.tar.gz) do not include athenz-server-aws-common or its transitive dependencies (AWS SDK v2 rds, sts, ssm, s3, kms, etc.). Neither assembly/zms/pom.xml nor assembly/zts/pom.xml declares athenz-server-aws-common as a dependency, and servers/zms/servers/zts also don't depend on it.

This means the factory classes (AWSObjectStoreFactory, AWSCertRecordStoreFactory) are loaded dynamically via config properties, but the JARs they live in are not in the classpath when using the assembly tarballs.

What we had to do

We build Athenz from source and use the assembly tarballs to deploy ZMS/ZTS on EC2. To make the AWS factories work with v1.12.x, we had to:

1. Run mvn dependency:copy-dependencies on the server_aws_common module after the main build
2. Manually copy athenz-server-aws-common-*.jar and all resolved transitive JARs into the ZMS/ZTS lib directories

Question

Is this the intended workflow for users deploying from the assembly tarballs? Or would it make sense to include athenz-server-aws-common (and its deps) in the assembly when building for AWS deployments?

[havetisyan]

Interesting. I was actually planning to see if there is any use of these files and possibly even removing them during the next major 1.13.x release to save on build time. If you're doing your builds based off of these tarballs then yes, we need to update add the dependency so they're included in both files.

[gjoranv]

Yes, we deploy from the assembly tarballs as described in the ZMS setup docs. Adding the dependency for 1.12.x would be great. If the assembly tarballs are removed in 1.13.x, what would be the recommended deployment method?