Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Removes checked in js zip #403

Merged
merged 3 commits into from
Jul 9, 2022
Merged

Conversation

downsrob
Copy link
Contributor

@downsrob downsrob commented Jul 1, 2022

Issue #, if available:
#402

Description of changes:

  • Removes checked in js zip and replaces it with a dynamic dependency.

CheckList:

  • Commits are signed per the DCO using --signoff

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

downsrob added 2 commits July 1, 2022 01:16
Signed-off-by: Clay Downs <downsrob@amazon.com>
Signed-off-by: Clay Downs <downsrob@amazon.com>
@codecov-commenter
Copy link

codecov-commenter commented Jul 7, 2022

Codecov Report

Merging #403 (fbb45fc) into 1.x (71745ca) will increase coverage by 0.04%.
The diff coverage is n/a.

@@             Coverage Diff              @@
##                1.x     #403      +/-   ##
============================================
+ Coverage     75.60%   75.64%   +0.04%     
- Complexity     1997     2015      +18     
============================================
  Files           253      253              
  Lines         11466    11489      +23     
  Branches       1815     1819       +4     
============================================
+ Hits           8669     8691      +22     
- Misses         1765     1767       +2     
+ Partials       1032     1031       -1     
Impacted Files Coverage Δ
...nt/indexstatemanagement/model/destination/Chime.kt 40.90% <0.00%> (-13.64%) ⬇️
...nt/indexstatemanagement/ManagedIndexCoordinator.kt 67.06% <0.00%> (-5.44%) ⬇️
...anagement/indexstatemanagement/model/Transition.kt 63.38% <0.00%> (-4.23%) ⬇️
...nt/rollup/action/stop/TransportStopRollupAction.kt 70.93% <0.00%> (-1.17%) ⬇️
.../rollup/action/start/TransportStartRollupAction.kt 66.27% <0.00%> (-1.17%) ⬇️
...earch/indexmanagement/transform/model/Transform.kt 86.08% <0.00%> (+0.43%) ⬆️
.../opensearch/indexmanagement/rollup/model/Rollup.kt 84.43% <0.00%> (+0.47%) ⬆️
...ent/indexstatemanagement/util/ManagedIndexUtils.kt 78.03% <0.00%> (+1.15%) ⬆️
...exmanagement/opensearchapi/OpenSearchExtensions.kt 87.65% <0.00%> (+1.23%) ⬆️
.../action/explain/TransportExplainTransformAction.kt 69.31% <0.00%> (+2.27%) ⬆️
... and 5 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 71745ca...fbb45fc. Read the comment docs.

@downsrob downsrob marked this pull request as ready for review July 7, 2022 18:55
@downsrob downsrob requested a review from a team July 7, 2022 18:55
@downsrob
Copy link
Contributor Author

downsrob commented Jul 7, 2022

Whitesource failing with

CVE-2022-24329 Medium 5.3 kotlin-stdlib-1.4.0.jar Upgrade to version: org.jetbrains.kotlin:kotlin-stdlib:1.6.0

Signed-off-by: Clay Downs <downsrob@amazon.com>
Copy link
Member

@bowenlan-amzn bowenlan-amzn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice

@prudhvigodithi
Copy link
Member

Hey @downsrob
will this address #123?
Thank you

@downsrob
Copy link
Contributor Author

downsrob commented Jul 8, 2022

@prudhvigodithi It addresses the mentioned issue #402

@downsrob downsrob merged commit e9075dd into opensearch-project:1.x Jul 9, 2022
@downsrob downsrob deleted the js-zip branch July 9, 2022 00:10
@opensearch-trigger-bot
Copy link
Contributor

The backport to 1.3 failed:

The process '/usr/bin/git' failed with exit code 1

To backport manually, run these commands in your terminal:

# Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add .worktrees/backport-1.3 1.3
# Navigate to the new working tree
cd .worktrees/backport-1.3
# Create a new branch
git switch --create backport/backport-403-to-1.3
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 e9075dd2ebfa3e3f916614d132fb101c1ad0b2a1
# Push it to GitHub
git push --set-upstream origin backport/backport-403-to-1.3
# Go back to the original working tree
cd ../..
# Delete the working tree
git worktree remove .worktrees/backport-1.3

Then, create a pull request where the base branch is 1.3 and the compare/head branch is backport/backport-403-to-1.3.

@rursprung
Copy link

why do it this way around? as the infrastructure is now in place to publish everything to maven and you already have a snapshot maven repo located here you could use that: https://aws.oss.sonatype.org/content/repositories/snapshots/org/opensearch/

@prudhvigodithi: it seems that the snapshots of plugin ZIPs are not (yet) published there. if they would be this would allow you to just use them as normal maven dependencies here in the gradle build w/o having to manually construct any URLs and downloading them manually.

@prudhvigodithi
Copy link
Member

prudhvigodithi commented Jul 10, 2022

@prudhvigodithi: it seems that the snapshots of plugin ZIPs are not (yet) published there. if they would be this would allow you to just use them as normal maven dependencies here in the gradle build w/o having to manually construct any URLs and downloading them manually.

Hey @rursprung snapshots can be fetched from nexus maven repo
Example for job-scheduler snapshots

Quick test:

mvn org.apache.maven.plugins:maven-dependency-plugin:2.1:get -DrepoUrl=https://aws.oss.sonatype.org/content/repositories/snapshots/ -Dartifact=org.opensearch.plugin:opensearch-job-scheduler:2.1.0.0-SNAPSHOT:zip

Picked up JAVA_TOOL_OPTIONS: -Dlog4j2.formatMsgNoLookups=true
[INFO] Scanning for projects...
[INFO] 
[INFO] ------------------< org.apache.maven:standalone-pom >-------------------
[INFO] Building Maven Stub Project (No POM) 1
[INFO] --------------------------------[ pom ]---------------------------------
[INFO] 
[INFO] --- maven-dependency-plugin:2.1:get (default-cli) @ standalone-pom ---
Downloading from temp: https://aws.oss.sonatype.org/content/repositories/snapshots/org/opensearch/plugin/opensearch-job-scheduler/2.1.0.0-SNAPSHOT/maven-metadata.xml
Downloaded from temp: https://aws.oss.sonatype.org/content/repositories/snapshots/org/opensearch/plugin/opensearch-job-scheduler/2.1.0.0-SNAPSHOT/maven-metadata.xml (804 B at 1.6 kB/s)
Downloading from temp: https://aws.oss.sonatype.org/content/repositories/snapshots/org/opensearch/plugin/opensearch-job-scheduler/2.1.0.0-SNAPSHOT/opensearch-job-scheduler-2.1.0.0-20220630.215242-39.zip
Downloaded from temp: https://aws.oss.sonatype.org/content/repositories/snapshots/org/opensearch/plugin/opensearch-job-scheduler/2.1.0.0-SNAPSHOT/opensearch-job-scheduler-2.1.0.0-20220630.215242-39.zip (210 kB at 344 kB/s)
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time:  1.557 s
[INFO] Finished at: 2022-07-10T08:30:10-04:00
[INFO] ------------------------------------------------------------------------

@prudhvigodithi
Copy link
Member

Just to add the PluginZips are out in maven starting 2.1.0, 1.x versions have to be backfilled.
Thank you
@rursprung @dblock @bbarani

downsrob added a commit to downsrob/index-management that referenced this pull request Jul 11, 2022
* Removes job scheduler static dependency

Signed-off-by: Clay Downs <downsrob@amazon.com>

* Removes print statement to fix dependency order

Signed-off-by: Clay Downs <downsrob@amazon.com>

* Adds missed code

Signed-off-by: Clay Downs <downsrob@amazon.com>
downsrob added a commit to downsrob/index-management that referenced this pull request Jul 18, 2022
* Removes job scheduler static dependency

Signed-off-by: Clay Downs <downsrob@amazon.com>

* Removes print statement to fix dependency order

Signed-off-by: Clay Downs <downsrob@amazon.com>

* Adds missed code

Signed-off-by: Clay Downs <downsrob@amazon.com>
downsrob added a commit that referenced this pull request Jul 18, 2022
* Removes checked in js zip (#403)

* Removes job scheduler static dependency

Signed-off-by: Clay Downs <downsrob@amazon.com>

* Removes print statement to fix dependency order

Signed-off-by: Clay Downs <downsrob@amazon.com>

* Adds missed code

Signed-off-by: Clay Downs <downsrob@amazon.com>

* Removes checked in zip

Signed-off-by: Clay Downs <89109232+downsrob@users.noreply.github.com>
Signed-off-by: Clay Downs <downsrob@amazon.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants