Integrate mongodb-crypt module #1487
Conversation
… project. JAVA-5582
JAVA-5582
vbabanin
changed the title
vbabanin
changed the title
mongocrypt/.gitignore
Outdated
|
|
||
| # local settings | ||
| **/gradle.properties | ||
| local.properties |
There was a problem hiding this comment.
This is super minor, just for fun of tech discussion. In .gitignore, "filrname" means the same as "**/filename" but the latter takes effect only after git v1.8.2
The only reason to use "**" is for such example: a/**/b
No need to change if it has been a pattern elsewhere already. Feel free to ignore, without saying.
There was a problem hiding this comment.
Thanks for the insightful comment! We currently lack consistency in the root .gitignore. We could consider addressing this if it becomes a source of confusion.
As for now, I've removed the .gitignore from this module since we don’t need an additional one; there’s already a .gitignore in the root folder of our repo.
mongocrypt/build.gradle.kts
Outdated
| } | ||
|
|
||
| dependencies { | ||
| api(project(path = ":bson", configuration = "default")) |
There was a problem hiding this comment.
The latest version of BSON is now used, as opposed to the version specified in the libmongocrypt repository. For reference, see the previous dependency listed here: libmongocrypt build.gradle.kts.
JAVA-5582
JAVA-5582
- Remove redundant git function from build script. - Integrate MongoCrypt benchmarks. JAVA-5582
JAVA-5582
JAVA-5582
mongocrypt/build.gradle.kts
Outdated
| "-exportcontents" to "com.mongodb.crypt.capi.*;-noimport:=true", | ||
| "Automatic-Module-Name" to "com.mongodb.crypt.capi", | ||
| "Import-Package" to "org.slf4j.*;resolution:=optional,org.bson.*", | ||
| "Bundle-Name" to "MongoCrypt", | ||
| "Bundle-SymbolicName" to "com.mongodb.crypt.capi", | ||
| "Private-Package" to "" |
There was a problem hiding this comment.
Manifest configuration is preserved as it is from libmongocrypt, except for:
"Import-Package"- now uses a wildcard"org.slf4j.*;resolution:=optional,org.bson.*","Build-Version" to gitVersion- is now handled by publish.gradle#L67."Bundle-Version" to gitVersion- is now handled by publish.gradle#L68.
JAVA-5582
JAVA-5582
mongocrypt/build.gradle.kts
Outdated
| tasks.register<Download>("downloadJava") { | ||
| src(downloadUrl) | ||
| dest("${jnaDownloadsDir}/$localBinariesArchiveName") | ||
| overwrite(true) | ||
| /* To make sure we don't download archive with binaries if it hasn't been changed in S3 bucket since last download.*/ | ||
| onlyIfModified(true) | ||
| } | ||
|
|
||
| tasks.register<Copy>("unzipJava") { | ||
| /* | ||
| Clean up the directory first if the task is not UP-TO-DATE. | ||
| This can happen if the download revision has been changed and the archive is downloaded again. | ||
| */ | ||
| doFirst { | ||
| println("Cleaning up $jnaResourcesDir") | ||
| delete(fileTree(jnaResourcesDir).matching { | ||
| include(jnaMapping.keys.flatMap { | ||
| listOf( | ||
| "${it}/nocrypto/**/libmongocrypt.so", | ||
| "${it}/lib/**/libmongocrypt.dylib", | ||
| "${it}/bin/**/mongocrypt.dll" | ||
| ) | ||
| }) | ||
| }) | ||
| } | ||
| from(tarTree(resources.gzip("${jnaDownloadsDir}/$localBinariesArchiveName"))) | ||
| include(jnaMapping.keys.flatMap { | ||
| listOf("${it}/nocrypto/**/libmongocrypt.so", "${it}/lib/**/libmongocrypt.dylib", "${it}/bin/**/mongocrypt.dll" ) | ||
| }) | ||
| eachFile { | ||
| path = "${jnaMapping[path.substringBefore("/")]}/${name}" | ||
| } | ||
| into(jnaResourcesDir) | ||
| mustRunAfter("downloadJava") | ||
|
|
||
| doLast { | ||
| println("jna.library.path contents: \n ${fileTree(jnaResourcesDir).files.joinToString(",\n ")}") | ||
| } | ||
| } |
There was a problem hiding this comment.
Gradle tests whether task inputs or outputs have changed since the last build as part of the incremental build process. If no changes are detected, it considers the task up-to-date and skips execution.
There are two time-consuming tasks that now leverage incremental builds:
-
downloadJava: Downloads
libmongocryptbinaries from S3. Optimized with theonlyIfModified(true)option, this task avoids redundant downloads by fetching binaries only if they are absent from the build output. ThelocalBinariesArchiveNamevariable in the./buildfolder, containing the zip archive file name with the revision number, ensures that binaries are downloaded just once per revision/tag unless agradle cleancommand explicitly clears the build folder. -
unzipJava: Unzips binaries into the temporary resource folder. Previously, this task was configured with
outputs.upToDateWhen { false }to always execute. Now, it triggers only under these conditions:- The input file name changes, detected from the
downloadRevisionvariable, prompting the unzipping of the latest or previously saved binaries. - Any alteration or corruption in the output file structure within
jnaResourcesDir. To ensure correct unzipping, it first cleansjnaResourcesDirand then proceeds to unzip the binaries.
- The input file name changes, detected from the
With mongocrypt as a project dependency of driver-core, the incremental build process conserves time when running or testing code unrelated to the mongocrypt module in sync/async modules. It avoids unnecessary rebuilding of the mongocrypt jar for the driver-core module. This is also useful during active development as libmongocrypt commits may update frequently.
There was a problem hiding this comment.
Please note, the benchmark runner is directly copied from mongocrypt with minor adjustments (added MongoCryptBenchmarkResult). It has not been fully refactored to better align with the benchmark framework; we may consider refactoring in a separate scope. Functionally, it executes the tests, which can be verified by running performance tests on this build and checking the trends graph.
JAVA-5582
…to be used by consumers, to retrieve all the elements necessary to run against this library immitating trasative dependency resolution. JAVA-5582
mongocrypt/build.gradle.kts
Outdated
|
|
||
| // Tests | ||
| testImplementation("org.junit.jupiter:junit-jupiter") | ||
| testRuntimeOnly("ch.qos.logback:logback-classic:1.2.13") |
There was a problem hiding this comment.
Can this use $logbackVersion?
There was a problem hiding this comment.
This line can be removed as its set in the main build.gradle
JAVA-5582
|
I'm holding off on merging this as I noticed an issue after running the publish snapshot. The |
|
Hoping to have fixed the 'optional' support - will review the build in the morning |
|
@rozza do you expect/desire that the optional mongodb-crypt dependency appears in driver-core, driver-sync, and driver-reactive-streams? Currently it's only in driver-core (even though driver-core doesn't actually use it!). |
…actId, ensuring that the 'optional' plugin functions correctly. JAVA-5582
|
I think the latest changes might have broken the build. I see a lot of |
|
Thanks, @rozza for your help on this issue! I found the root cause of the issue with the existing To address this, I renamed the module name to I've pushed these changes to a separate branch to avoid overriding current changes and I've run the full set of Evergreen tests, and all tests have passed successfully. You can review the results here. The commit with the fix is here: 6e3e7068f1b0f2648a2fa0610e2c13a3f1dd2e3f @jyemin @rozza please review it, and if everything looks good, @rozza feel free to cherry-pick it into this PR. |
|
@vbabanin your change looks good, great catch with the naming. I'm thinking renaming the directory to match the archive name also makes sense. Then we don't have to worry about changing the projects name in settings.gradle
I was trying to workaround the feature support limitations but seems it failed anyway. driver-core has to take a dependency as some of the options classes shared between sync and reactivestreams use the library. Thankfully, @vbabanin discovered the cause of the plugin failing 👍 |
|
There is an existing patch(es) for this commit SHA: Please note that the status that is posted is not in the context of this PR but rather the (latest) existing patch and that may affect some tests that may depend on the particular PR. If your tests do not rely on any PR-specific values (like base or head branch name) then your tests will report the same status. If you would like a patch to run in the context of this PR and abort the other(s), comment 'evergreen retry'. |
|
evergreen retry |
|
There is an existing patch(es) for this commit SHA that will be aborted: The status reported will be corresponding to this PR rather than the previous existing ones. If you would like a patch to run for another PR and to abort this one, comment 'evergreen retry' on the corresponding PR. |
Description
This PR relocates the mongocrypt Java bindings from the libmongocrypt repository to the mongo-java-driver repository to streamline maintenance and the release process.
Key changes to the Gradle build script, originally copied from the libmongocrypt repository, include:
Review Process
To aid the review process, I have taken several steps:
gradle mongocrypt:clean mongocrypt:publishToMavenLocal -x signMavenJavaPublicationto produce a publication. Subsequently, I unzipped and applied a git diff over the ones from version 1.11. The diff can be viewed here.Notable differences include many Javadoc variations due to the mongocrypt module inheriting configurations from javadoc.gradle. Key areas to focus on are the pom and manifest files, along with some source files modified by the Spotless plugin, which corrected redundant imports.
I have built the jar files using JDK 11.0.24 (Homebrew), which is the same version used to build 1.11 currently on Maven Central.
Note for Reviewers:
I would appreciate it if reviewers could be particularly vigilant when reviewing the build configurations and produced artifacts in this PR. If you have any doubts or cannot be certain that the changes do not impact previously guaranteed functionalities, please do not hesitate to raise your concerns.
NOTE: Publishing snapshot to Sonatype has not been tested yet.
JAVA-5582
JAVA-5583