-
Notifications
You must be signed in to change notification settings - Fork 4.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BEAM-10961] Enable strict dependency analysis on all Java modules #12938
Changes from 44 commits
53940fd
dbab64a
e3d2be0
b974636
9fa8a1d
ce8a592
6ef876f
0552aeb
d0d6c33
bb67adb
a85aab1
dffde94
343c171
accf6e7
ea972f3
40f04af
fd61007
1f18118
872b9df
4c5041c
205d42a
b23845d
a0ff883
aae94a7
5ed53e5
f73b7e2
907544f
a6ed6cb
e73cdf0
d3d030a
d14d168
d08dbd9
4bbe3e5
51e4364
efc5b5f
e6a1360
000eb99
657fcc4
16d46ad
342a315
c65966e
0b42185
47c8295
0a31ca4
606e3d5
c9add73
3b00f47
c27ae5e
7868898
5dd2771
23a5609
10cfaef
7721512
5068d90
7d388fa
3af3802
d52d009
61cb207
658f482
ab8fb61
be64412
aa22d1b
9a773af
20703a1
c207c6a
766e0eb
b47662e
7cc00b0
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -21,27 +21,26 @@ package org.apache.beam.gradle | |
import com.github.jengelman.gradle.plugins.shadow.tasks.ShadowJar | ||
import groovy.json.JsonOutput | ||
import groovy.json.JsonSlurper | ||
import org.gradle.api.attributes.Category | ||
import org.gradle.api.GradleException | ||
import org.gradle.api.Plugin | ||
import org.gradle.api.Project | ||
import org.gradle.api.Task | ||
import org.gradle.api.artifacts.Configuration | ||
import org.gradle.api.artifacts.ProjectDependency | ||
import org.gradle.api.attributes.Category | ||
import org.gradle.api.file.FileCollection | ||
import org.gradle.api.file.FileTree | ||
import org.gradle.api.plugins.quality.Checkstyle | ||
import org.gradle.api.publish.maven.MavenPublication | ||
import org.gradle.api.tasks.PathSensitivity | ||
import org.gradle.api.tasks.JavaExec | ||
import org.gradle.api.tasks.Copy | ||
import org.gradle.api.tasks.Delete | ||
import org.gradle.api.tasks.Exec | ||
import org.gradle.api.tasks.JavaExec | ||
import org.gradle.api.tasks.bundling.Jar | ||
import org.gradle.api.tasks.compile.JavaCompile | ||
import org.gradle.api.tasks.javadoc.Javadoc | ||
import org.gradle.api.tasks.testing.Test | ||
import org.gradle.api.tasks.PathSensitive | ||
import org.gradle.api.tasks.PathSensitivity | ||
import org.gradle.testing.jacoco.tasks.JacocoReport | ||
|
||
import java.util.concurrent.atomic.AtomicInteger | ||
|
@@ -101,7 +100,7 @@ class BeamModulePlugin implements Plugin<Project> { | |
boolean checkerTooSlowOnTests = false | ||
|
||
/** Controls whether the dependency analysis plugin is enabled. */ | ||
boolean enableStrictDependencies = false | ||
boolean enableStrictDependencies = true | ||
|
||
/** Override the default "beam-" + `dash separated path` archivesBaseName. */ | ||
String archivesBaseName = null | ||
|
@@ -850,7 +849,7 @@ class BeamModulePlugin implements Plugin<Project> { | |
// configurations because they are never required to be shaded or become a | ||
// dependency of the output. | ||
def compileOnlyAnnotationDeps = [ | ||
"com.google.auto.value:auto-value-annotations:1.7", | ||
"com.google.auto.value:auto-value-annotations:1.7.2", | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Around here, you can add these dependencies to There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. You gave a thumbs up but did not add the lines here :-) Here is what I mean: Right now you have this line in many
Instead, move that line here. This way the |
||
"com.google.auto.service:auto-service-annotations:1.0-rc6", | ||
"com.google.j2objc:j2objc-annotations:1.3", | ||
// These dependencies are needed to avoid error-prone warnings on package-info.java files, | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -43,40 +43,13 @@ class GrpcVendoring_1_26_0 { | |
static def npn_api_version = "1.1.1.v20141010" | ||
static def jboss_marshalling_version = "1.4.11.Final" | ||
static def jboss_modules_version = "1.1.0.Beta1" | ||
|
||
/** Returns the list of compile time dependencies. */ | ||
static List<String> dependencies() { | ||
return [ | ||
"com.google.guava:guava:$guava_version", | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. The change here concerns me - does it introduce linkage errors? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. @kennknowles ./gradlew analyzeDependencies is successfull. Apparently, there are no linkage errors. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. It is not quite so simple. See https://cwiki.apache.org/confluence/display/BEAM/Dependency+Upgrades Specifically,
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Do we need to run this for all the artifacts? |
||
"com.google.protobuf:protobuf-java:$protobuf_version", | ||
"com.google.protobuf:protobuf-java-util:$protobuf_version", | ||
"com.google.code.gson:gson:$gson_version", | ||
"io.grpc:grpc-auth:$grpc_version", | ||
"io.grpc:grpc-core:$grpc_version", | ||
"io.grpc:grpc-context:$grpc_version", | ||
"io.grpc:grpc-netty:$grpc_version", | ||
"io.grpc:grpc-protobuf:$grpc_version", | ||
"io.grpc:grpc-stub:$grpc_version", | ||
"io.netty:netty-transport-native-epoll:$netty_version", | ||
// tcnative version from https://github.com/grpc/grpc-java/blob/master/SECURITY.md#netty | ||
"io.netty:netty-tcnative-boringssl-static:2.0.33.Final", | ||
"com.google.auth:google-auth-library-credentials:$google_auth_version", | ||
"io.grpc:grpc-testing:$grpc_version", | ||
"com.google.api.grpc:proto-google-common-protos:$proto_google_common_protos_version", | ||
"io.opencensus:opencensus-api:$opencensus_version", | ||
"io.opencensus:opencensus-contrib-grpc-metrics:$opencensus_version", | ||
"io.perfmark:perfmark-api:$perfmark_version", | ||
"com.github.jponge:lzma-java:$lzma_java_version", | ||
"com.google.protobuf.nano:protobuf-javanano:$protobuf_javanano_version", | ||
"com.jcraft:jzlib:$jzlib_version", | ||
"com.ning:compress-lzf:$compress_lzf_version", | ||
"net.jpountz.lz4:lz4:$lz4_version", | ||
"org.bouncycastle:bcpkix-jdk15on:$bouncycastle_version", | ||
"org.bouncycastle:bcprov-jdk15on:$bouncycastle_version", | ||
"org.eclipse.jetty.alpn:alpn-api:$alpn_api_version", | ||
"org.eclipse.jetty.npn:npn-api:$npn_api_version", | ||
"org.jboss.marshalling:jboss-marshalling:$jboss_marshalling_version", | ||
"org.jboss.modules:jboss-modules:$jboss_modules_version" | ||
"io.grpc:grpc-api:$grpc_version", | ||
] | ||
} | ||
|
||
|
@@ -86,12 +59,7 @@ class GrpcVendoring_1_26_0 { | |
*/ | ||
static List<String> runtimeDependencies() { | ||
return [ | ||
'com.google.errorprone:error_prone_annotations:2.3.3', | ||
'commons-logging:commons-logging:1.2', | ||
'org.apache.logging.log4j:log4j-api:2.6.2', | ||
'org.slf4j:slf4j-api:1.7.30', | ||
// TODO(BEAM-9288): Enable relocation for conscrypt | ||
"org.conscrypt:conscrypt-openjdk-uber:$conscrypt_version" | ||
] | ||
} | ||
|
||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -66,7 +66,11 @@ dependencies { | |
compile library.java.joda_time | ||
compile library.java.proto_google_cloud_datastore_v1 | ||
compile library.java.slf4j_api | ||
compile library.java.slf4j_jdk14 | ||
compile "com.google.api.grpc:proto-google-cloud-language-v1:1.81.4" | ||
compile library.java.jsr305 | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Don't add jsr305 as a compile dependency; it should be a compileOnly dependency. Also, since the transitive dependency on jsr305 is introduced by There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Thanks for guidance here, resolved. |
||
compile "com.google.oauth-client:google-oauth-client:1.31.0" | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Use |
||
permitUnusedDeclared "com.google.auto.value:auto-value-annotations:1.7.2" | ||
permitUnusedDeclared "org.checkerframework:checker-qual:3.7.0" | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Adding dependencies to permitUnusedDeclared or permitTestUnusedDeclared causes the dependency analyzer to ignore cases where the dependencies are declared but not used. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. We prefer to use references to There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. @kennknowles modified almost all the newly added dependencies to the "library.auto_value_annotations" format now. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. ... but not this one? I wonder if you forgot to push the new commit? |
||
runtime project(path: ":runners:direct-java", configuration: "shadow") | ||
testCompile project(":sdks:java:io:google-cloud-platform") | ||
testCompile project(":sdks:java:extensions:ml") | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -32,4 +32,7 @@ dependencies { | |
// export the shaded variant as the actual runtime dependency. | ||
compile project(path: ":model:pipeline", configuration: "unshaded") | ||
runtime project(path: ":model:pipeline", configuration: "shadow") | ||
permitUnusedDeclared library.java.vendored_grpc_1_26_0 | ||
permitUnusedDeclared "org.checkerframework:checker-qual:3.7.0" | ||
compile "com.google.guava:guava:28.1-android" | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This is interesting. If generated protos depend on this version of Guava, we may need to do something about it. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. @kennknowles something like, do we need to need to declare it any central location? |
||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -26,7 +26,8 @@ def dependOnProjects = [":runners:core-construction-java", | |
":runners:core-java", | ||
":runners:local-java", | ||
":runners:java-fn-execution", | ||
":sdks:java:fn-execution"] | ||
":sdks:java:fn-execution" | ||
] | ||
|
||
applyJavaNature( | ||
automaticModuleName: 'org.apache.beam.runners.direct', | ||
|
@@ -72,17 +73,16 @@ dependencies { | |
shadow library.java.vendored_grpc_1_26_0 | ||
shadow library.java.joda_time | ||
shadow library.java.slf4j_api | ||
shadow library.java.args4j | ||
permitUnusedDeclared library.java.vendored_grpc_1_26_0 | ||
permitUnusedDeclared project(":runners:java-fn-execution") | ||
permitUnusedDeclared project(":sdks:java:fn-execution") | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. These seem wrong. The direct runner should either use these or not depend on them. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. If we completely remove these project-project dependencies, Java Wordcount Direct Runner check is failing. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I see. So these are really There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. @kennknowles , these dependency are indirectly being declared i.e there is transitive dependency for these projects. But the module does not require them, so we need to declare them as permitUnusedDeclared . There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Transitive dependencies are automatically included. So there is something else that makes these transitive dependencies not work. If the compile step succeeds but the test step does not succeed, that means it is a runtime dependency of the test. I think the only thing we can do is to add the exclusion, for now. Please add a comment that these are runtime dependencies of the tests. |
||
compile "com.fasterxml.jackson.core:jackson-databind:2.10.2" | ||
compile library.java.jsr305 | ||
provided library.java.hamcrest_core | ||
provided library.java.junit | ||
shadowTest project(path: ":sdks:java:core", configuration: "shadowTest") | ||
shadowTest project(path: ":runners:core-java", configuration: "testRuntime") | ||
shadowTest library.java.slf4j_jdk14 | ||
shadowTest library.java.mockito_core | ||
shadowTest library.java.stax2_api | ||
shadowTest library.java.woodstox_core_asl | ||
shadowTest library.java.google_cloud_dataflow_java_proto_library_all | ||
shadowTest library.java.jackson_dataformat_yaml | ||
needsRunner project(path: ":runners:core-construction-java", configuration: "testRuntime") | ||
needsRunner project(path: ":runners:core-java", configuration: "testRuntime") | ||
needsRunner project(path: ":sdks:java:core", configuration: "shadowTest") | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -29,3 +29,7 @@ project.ext { | |
|
||
// Load the main build script which contains all build logic. | ||
apply from: "$basePath/flink_job_server.gradle" | ||
|
||
dependencies { | ||
permitUnusedDeclared project(":runners:flink:1.10") | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This seems strange. The Flink 1.10 job server should definitely actually use There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. project(":runners:flink:1.10") is transitively being declared, though we do not need it here. If I dont add dependencies { I have been getting,
same is true for other versions. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Can you add a comment explaining that? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
As it is transitively being declared, but we do not need it here. Thats why it is important to declare it permitUnsedDeclared. |
||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -31,3 +31,4 @@ project.ext { | |
|
||
// Load the main build script which contains all build logic. | ||
apply from: "$basePath/flink_runner.gradle" | ||
|
||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. stray change - please revert |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -94,6 +94,8 @@ dependencies { | |
runtimeOnly project(":sdks:java:io:google-cloud-platform") | ||
// SqlTransform | ||
runtimeOnly project(":sdks:java:extensions:sql:expansion-service") | ||
permitUnusedDeclared project(":runners:flink:1.8") | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Didn't you already do this in There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. removed it from here. |
||
permitUnusedDeclared "org.checkerframework:checker-qual:3.7.0" | ||
} | ||
|
||
// NOTE: runShadow must be used in order to run the job server. The standard run | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
enabled dependency check via wfhartford plugin
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great. Once it is enabled we can delete the option, too.