Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove deprecated methods #190

Merged
merged 6 commits into from
Feb 13, 2019
Merged

Remove deprecated methods #190

merged 6 commits into from
Feb 13, 2019

Conversation

elharo
Copy link
Contributor

@elharo elharo commented Sep 6, 2018

Immediately following the last release is the best time to rip out all the deprecated methods.

@garrettjonesgoogle
Copy link
Member

We need to be very careful with removals in this library, and make sure the major libraries in the ecosystem have advanced to the version containing the new methods and have removed references to the deprecated ones. (We need to check grpc, google-cloud-java, and Beam). If we don't do this, this particular library could be a huge source of pain for diamond dependency conflicts. (It is very deep in the dependency tree.) I was almost thinking of recommend that these deprecated methods not even get removed when it is pushed to 1.0.

@elharo
Copy link
Contributor Author

elharo commented Sep 6, 2018

This pre-1.0 library has had one release in the last year+, and only really works on App Engine standard. Now is the time to cut the dead wood, so dependents can upgrade at a more leisurely pace. For now, they can stick with 0.11 and have one PR that upgrades to 0.12 while fixing any deprecated methods. In a non-monorepo world we can't require all usages of methods to be changed at the same time we push a new release. The sooner we make the change, the easier it will be for everyone.

@garrettjonesgoogle
Copy link
Member

This library is used for many cases:

  • Credentials is referenced in grpc-auth
  • GoogleCredentials is used by almost all google-cloud-java clients

This library works on-premise, in GCE, on GKE, etc.

In a non-monorepo world, we can require that the major consumers become "eventually consistent" before the removal. This is essentially a two-phase commit.

Why does making the change sooner make it easier for everyone?

@elharo
Copy link
Contributor Author

elharo commented Sep 6, 2018

To upgrade those libraries one can either manually inspect all possible usages, or simply add a new version with the methods removed and see what breaks.

Removing these post-1.0 would be an API breaking change that requires a new major version so we definitely don't want to wait till then to do this.

And I'd like to get 1.0 out the door sooner rather than later. The libraries you cite are all GA or include GA artifacts, so depending on this is a problem.

Looks like I misread: only google-auth-library-appengine depends on the App Engine SDK.

@garrettjonesgoogle
Copy link
Member

You don't have to publish a new version to maven central to see what breaks; you can mvn install your version with deprecated code removed, then compile & run tests in the major consumers locally and see if they break.

I completely agree that the dependency of GA libraries on unstable libraries is a problem - we both worked on https://github.com/GoogleCloudPlatform/cloud-opensource-java/blob/master/library-best-practices/JLBP-4.md , after all :-)

@chingor13 chingor13 requested a review from a team as a code owner January 15, 2019 22:45
@googlebot googlebot added the cla: yes This human has signed the Contributor License Agreement. label Jan 15, 2019
@chingor13 chingor13 added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jan 16, 2019
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jan 16, 2019
@chingor13
Copy link
Contributor

We should check usage for these against artifacts that use google-auth-libarary-oauth2-http and google-auth-library-appengine

@sduskis
Copy link
Contributor

sduskis commented Jan 22, 2019

@elharo, what's the status of this PR?

@chingor13
Copy link
Contributor

We still need to verify that we aren't using any of these methods downstream (at least across Google controlled libraries)

@elharo
Copy link
Contributor Author

elharo commented Jan 22, 2019

I haven't checked on this lately, so there may be new conflicts with this specific PR, but my opinion is still the same as when I sent it: remove all the deprecated methods now, before 1.0, and without worrying about who might be calling them. No project should be immediately broken by this since dependency upgrades are not automatic. If a project does attempt an upgrade and is broken, this will be a compile time failure and easily detected.

@garrettjonesgoogle
Copy link
Member

Disagree. This library is "common-law GA".

@elharo
Copy link
Contributor Author

elharo commented Jan 22, 2019

Fish or cut bait time. If this library is common-law GA, then remove the deprecation messages, commit to supporting those methods indefinitely, and publish a 1.0 version. The halfway state we're in now is confusing and unfair to library dependents.

@garrettjonesgoogle
Copy link
Member

Completely agreed, we need to get the library out of its ambiguous state.

@elharo
Copy link
Contributor Author

elharo commented Jan 22, 2019

Just to be clear, I don't have an informed technical opinion on the specific methods here. I do believe we should go to 1.0, and we should remove or undeprecate these methods before we do.

@sduskis sduskis added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Feb 7, 2019
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Feb 7, 2019
sduskis
sduskis suggested changes Feb 7, 2019
View reviewed changes
oauth2_http/java/com/google/auth/oauth2/GoogleCredentials.java
@@ -193,7 +180,6 @@ protected GoogleCredentials() {
* @deprecated Use {@link #create(AccessToken)} instead. This constructor will either be deleted
* or made protected/private in a later version.
**/
@Deprecated
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see @Deprecated was removed here. If it's actively used, please also remove the @deprecated comment`

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

@sduskis
Copy link
Contributor

sduskis commented Feb 7, 2019

Who is the owner of the decision of whether or not this ought to be merged?

@yoshi-automation yoshi-automation added the 🚨 This issue needs some love. label Feb 7, 2019
@sduskis sduskis added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Feb 10, 2019
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Feb 10, 2019
@codecov
Copy link

codecov bot commented Feb 10, 2019
edited
Loading

Codecov Report

❗ No coverage uploaded for pull request base (master@af3ae75). Click here to learn what that means.
The diff coverage is 100%.

Impacted file tree graph

@@            Coverage Diff            @@
##             master     #190   +/-   ##
=========================================
  Coverage          ?   78.26%           
  Complexity        ?      329           
=========================================
  Files             ?       21           
  Lines             ?     1445           
  Branches          ?      158           
=========================================
  Hits              ?     1131           
  Misses            ?      236           
  Partials          ?       78
Impacted Files Coverage Δ Complexity Δ
...uth/oauth2/ServiceAccountJwtAccessCredentials.java 75.73% <ø> (ø) 36 <0> (?)
...java/com/google/auth/oauth2/GoogleCredentials.java 52.77% <ø> (ø) 7 <0> (?)
.../google/auth/oauth2/ServiceAccountCredentials.java 84.23% <ø> (ø) 44 <0> (?)
...p/java/com/google/auth/oauth2/UserCredentials.java 81.3% <ø> (ø) 28 <0> (?)
...tp/java/com/google/auth/oauth2/UserAuthorizer.java 76.57% <100%> (ø) 20 <0> (?)
...om/google/auth/appengine/AppEngineCredentials.java 71.73% <100%> (ø) 13 <1> (?)
...m/google/auth/oauth2/ComputeEngineCredentials.java 86.23% <100%> (ø) 31 <1> (?)
...th2_http/java/com/google/auth/oauth2/ClientId.java 78.94% <100%> (ø) 11 <1> (?)
.../com/google/auth/oauth2/CloudShellCredentials.java 80% <100%> (ø) 10 <1> (?)
...java/com/google/auth/oauth2/OAuth2Credentials.java 84.61% <100%> (ø) 35 <0> (?)

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update af3ae75...3eb334c. Read the comment docs.

@sduskis
Copy link
Contributor

sduskis commented Feb 13, 2019

Given lack of clear ownership, I'll take responsibility. There will potentially be subtle diamond dependency problems based on this change. The recommendation is to raise an issue in this repository, but also in the repository that's using old deprecated APIs.

@sduskis sduskis merged commit 44a5d33 into googleapis:master Feb 13, 2019
@elharo elharo deleted the ga branch February 13, 2019 16:09
@JesseLovelace JesseLovelace mentioned this pull request Mar 25, 2019
Merged
@yoshi-automation yoshi-automation removed the 🚨 This issue needs some love. label Apr 6, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sduskis sduskis sduskis approved these changes

Assignees
No one assigned
Labels
cla: yes This human has signed the Contributor License Agreement.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
7 participants
@elharo @garrettjonesgoogle @chingor13 @sduskis @googlebot @kokoro-team @yoshi-automation