Skip to content

Commit

Permalink
Create sub directories for ThirdPartyAudit dependency metadata (opens…
Browse files Browse the repository at this point in the history
…earch-project#16844)

* Extract jars to sub dirs during thirdPartyAudit task.

Signed-off-by: Finn Carroll <[email protected]>

* Change regex to split on '-'/'.'. Ignore version.

Signed-off-by: Finn Carroll <[email protected]>

* Split on .jar for sub folder prefix.

Signed-off-by: Finn Carroll <[email protected]>

---------

Signed-off-by: Finn Carroll <[email protected]>
  • Loading branch information
finnegancarroll authored Dec 24, 2024
1 parent 6b41e4f commit 54ae54a
Showing 1 changed file with 24 additions and 9 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -229,8 +229,7 @@ public Set<File> getJarsToScan() {
@TaskAction
public void runThirdPartyAudit() throws IOException {
Set<File> jars = getJarsToScan();

extractJars(jars);
Set<File> extractedJars = extractJars(jars);

final String forbiddenApisOutput = runForbiddenAPIsCli();

Expand All @@ -248,7 +247,7 @@ public void runThirdPartyAudit() throws IOException {

Set<String> jdkJarHellClasses = null;
if (this.jarHellEnabled) {
jdkJarHellClasses = runJdkJarHellCheck();
jdkJarHellClasses = runJdkJarHellCheck(extractedJars);
}

if (missingClassExcludes != null) {
Expand Down Expand Up @@ -301,16 +300,26 @@ private void logForbiddenAPIsOutput(String forbiddenApisOutput) {
getLogger().error("Forbidden APIs output:\n{}==end of forbidden APIs==", forbiddenApisOutput);
}

private void extractJars(Set<File> jars) {
/**
* Extract project jars to build directory as specified by getJarExpandDir.
* Handle multi release jars by keeping versions closest to `targetCompatibility` version.
* @param jars to extract to build dir
* @return File set of extracted jars
*/
private Set<File> extractJars(Set<File> jars) {
Set<File> extractedJars = new TreeSet<>();
File jarExpandDir = getJarExpandDir();
// We need to clean up to make sure old dependencies don't linger
getProject().delete(jarExpandDir);

jars.forEach(jar -> {
String jarPrefix = jar.getName().replace(".jar", "");
File jarSubDir = new File(jarExpandDir, jarPrefix);
extractedJars.add(jarSubDir);
FileTree jarFiles = getProject().zipTree(jar);
getProject().copy(spec -> {
spec.from(jarFiles);
spec.into(jarExpandDir);
spec.into(jarSubDir);
// exclude classes from multi release jars
spec.exclude("META-INF/versions/**");
});
Expand All @@ -329,14 +338,16 @@ private void extractJars(Set<File> jars) {
Integer.parseInt(targetCompatibility.get().getMajorVersion())
).forEach(majorVersion -> getProject().copy(spec -> {
spec.from(getProject().zipTree(jar));
spec.into(jarExpandDir);
spec.into(jarSubDir);
String metaInfPrefix = "META-INF/versions/" + majorVersion;
spec.include(metaInfPrefix + "/**");
// Drop the version specific prefix
spec.eachFile(details -> details.setPath(details.getPath().replace(metaInfPrefix, "")));
spec.setIncludeEmptyDirs(false);
}));
});

return extractedJars;
}

private void assertNoJarHell(Set<String> jdkJarHellClasses) {
Expand Down Expand Up @@ -398,7 +409,12 @@ private String runForbiddenAPIsCli() throws IOException {
return forbiddenApisOutput;
}

private Set<String> runJdkJarHellCheck() throws IOException {
/**
* Execute java with JDK_JAR_HELL_MAIN_CLASS against provided jars with OpenSearch core in the classpath.
* @param jars to scan for jarHell violations.
* @return standard out of jarHell process.
*/
private Set<String> runJdkJarHellCheck(Set<File> jars) throws IOException {
ByteArrayOutputStream standardOut = new ByteArrayOutputStream();
InjectedExecOps execOps = getProject().getObjects().newInstance(InjectedExecOps.class);
ExecResult execResult = execOps.getExecOps().javaexec(spec -> {
Expand All @@ -407,9 +423,8 @@ private Set<String> runJdkJarHellCheck() throws IOException {
getRuntimeConfiguration(),
getProject().getConfigurations().getByName(CompileOnlyResolvePlugin.RESOLVEABLE_COMPILE_ONLY_CONFIGURATION_NAME)
);

spec.getMainClass().set(JDK_JAR_HELL_MAIN_CLASS);
spec.args(getJarExpandDir());
spec.args(jars);
spec.setIgnoreExitValue(true);
if (javaHome != null) {
spec.setExecutable(javaHome + "/bin/java");
Expand Down

0 comments on commit 54ae54a

Please sign in to comment.