Run Third party audit with forbidden APIs CLI (part3/3)#33052
Merged
alpar-t merged 10 commits intoelastic:masterfrom Aug 28, 2018
Merged
Run Third party audit with forbidden APIs CLI (part3/3)#33052alpar-t merged 10 commits intoelastic:masterfrom
alpar-t merged 10 commits intoelastic:masterfrom
Conversation
alpar-t
added
>non-issue
:Delivery/Build
Collaborator
|
Pinging @elastic/es-core-infra |
alpar-t
commented
Aug 22, 2018
| this.targetCompatibility = targetCompatibility; | ||
| } | ||
|
|
||
| public Action<JavaExecSpec> getExecAction() { |
Contributor
Author
There was a problem hiding this comment.
The action can't be an @Input, but we need to pick up changes in runtime java version/
alpar-t
commented
Aug 22, 2018
| if (project.runtimeJavaVersion == JavaVersion.VERSION_1_8) { | ||
| thirdPartyAudit.excludes += [ | ||
| // TODO: Why is this needed ? | ||
| 'com.sun.javadoc.ClassDoc', |
Contributor
Author
There was a problem hiding this comment.
I'm a bit puzzled why this came up now.
AFAIK this is part of the jdk, and not the jre ( javac ). Maybe the ant runner did something to load that.
alpar-t
commented
Aug 22, 2018
| 'java.io.ObjectInputFilter$FilterInfo', | ||
| 'java.io.ObjectInputFilter$Status', | ||
| // added in 9 | ||
| 'java.lang.ProcessHandle', |
Contributor
Author
There was a problem hiding this comment.
AFAIK this came up now as it's not in 8 for sure.
Maybe Gradle had something on the cp for compatibility ?
Contributor
Author
|
@rjernst ready for review. |
alpar-t
added a commit
that referenced
this pull request
Aug 28, 2018
The new implementation is functional equivalent with the old, ant based one. It parses task standard error to get the missing classes and violations in the same way. I considered re-using ForbiddenApisCliTask but Gradle makes it hard to build inheritance with tasks that have task actions , since the order of the task actions can't be controlled. This inheritance isn't dully desired either as the third party audit task is much more opinionated and we don't want to expose some of the configuration. We could probably extract a common base class without any task actions, but probably more trouble than it's worth. Closes #31715
dnhatn
added a commit
that referenced
this pull request
Aug 28, 2018
* master: [Rollup] Better error message when trying to set non-rollup index (#32965) HLRC: Use Optional in validation logic (#33104) Remove unused User class from protocol (#33137) ingest: Introduce the dissect processor (#32884) [Docs] Add link to es-kotlin-wrapper-client (#32618) [Docs] Remove repeating words (#33087) Minor spelling and grammar fix (#32931) Remove support for deprecated params._agg/_aggs for scripted metric aggregations (#32979) Watcher: Simplify finding next date in cron schedule (#33015) Run Third party audit with forbidden APIs CLI (part3/3) (#33052) Fix plugin build test on Windows (#33078) HLRC+MINOR: Remove Unused Private Method (#33165) Remove old unused test script files (#32970) Build analysis-icu client JAR (#33184) Ensure to generate identical NoOp for the same failure (#33141) ShardSearchFailure#readFrom to set index and shardId (#33161)
dnhatn
added a commit
that referenced
this pull request
Aug 28, 2018
* 6.x: [Rollup] Better error message when trying to set non-rollup index (#32965) Remove unused User class from protocol (#33137) [DOCS] Adds link to 6.3.0 release highlights Test: fix token bwc tests due to bad backport Ensure to generate identical NoOp for the same failure (#33141) [Docs] Add link to es-kotlin-wrapper-client (#32618) [Docs] Remove repeating words (#33087) Minor spelling and grammar fix (#32931) Run Third party audit with forbidden APIs CLI (part3/3) (#33052) Fix plugin build test on Windows (#33078) Watcher: Simplify finding next date in cron schedule (#33015) Remove old unused test script files (#32970) Build analysis-icu client JAR (#33184) Switch remaining tests to new style Requests (#33109) Use internal connection manager when fetching remote node info Switch remaining x-pack tests to new style Requests (#33108) Switch remaining ml tests to new style Requests (#33107) Token API supports the client_credentials grant (#33106)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This concludes the work to switch to using runtime java for forbidden APIs check and should allow us to always run Gradle with compile java.
The new implementation is functional equivalent with the old, ant based one.
It parses task standard error to get the missing classes and violations in the same way.
I considered re-using
ForbiddenApisCliTaskbut Gradle makes it hard to build inheritance with tasks that have task actions , since the order of the task actions can't be controlled.This inheritance isn't dully desired either as the third party audit task is much more opinionated and we don't want to expose some of the configuration.
We could probably extract a common base class without any task actions, but probably more trouble than it's worth.