[FIXED JENKINS-41196] allow plugins to override core components #2754
Conversation
Otherwise we end up using that class before it gets initialized
Implemented the bootstrap logic and necessary packaging change to load the core from a separate classloader.
Jelly's <invokeStatic> tries to load a class from context classloader, so we need it to be core loader, not bootstrap loader.
kohsuke
added
the
work-in-progress
Conflicts: core/src/main/java/hudson/WebAppMain.java war/src/main/webapp/WEB-INF/web.xml
On further thought I think this is wrong, because if BO specifies a specific version of stapler-plugin to be a dependency and if core is newer than that, then we want BO to run normally, instead of failing. So I think the current behavior is actually sufficient. |
kohsuke
added
needs-more-reviews
|
@reviewbybees |
If someone is enumerating resources, it can end up twice
If the bootstrap fails, we want "java -jar jenkins.war" to terminate.
bootstrap/pom.xml
Outdated
| <!-- | ||
| The MIT License | ||
|
|
||
| Copyright (c) 2004-2010, Sun Microsystems, Inc., Kohsuke Kawaguchi, |
There was a problem hiding this comment.
Smells like an outdated header
There was a problem hiding this comment.
This (and the one below you commented) is because I copied this file from core/pom.xml. I don't know how much of pom is copyrightable, but I think I'll just leave it in.
There was a problem hiding this comment.
If you have modified the Pom you should at least update the date range (unclear if this was personal time or work time project so adding employer is your personal due diligence)
| <description>Hands off the execution to jenkins-core</description> | ||
|
|
||
| <properties> | ||
| <!-- TODO: Actually many issues are being filtered by src/findbugs/findbugs-excludes.xml --> |
There was a problem hiding this comment.
Yes, FindBugs takes only high-severity issues. IIRC we have about 400 of the medium-priority. I have started working on cleaning up/filtering them in #2519 , but have not finished this PR yet. Hope to revisit once I have some time for it.
| <dependencies> | ||
| <dependency> | ||
| <groupId>org.jenkins-ci</groupId> | ||
| <artifactId>version-number</artifactId> |
There was a problem hiding this comment.
Maybe it could be moved to the parent POM
There was a problem hiding this comment.
See 3377523. I think it's error prone to have this dependency in multiple places.
| * Bootstrap code uses {@link ServiceLoader} to look for subtypes of this marker interface | ||
| * and invokes {@link #contextInitialized(ServletContextEvent)} and {@link #contextDestroyed(ServletContextEvent)} | ||
| * | ||
| * @author Kohsuke Kawaguchi |
There was a problem hiding this comment.
since Javadocs for new API classes would be useful (since we really want to implement them). Or @Restricted otherwise
There was a problem hiding this comment.
Has to wait until the code gets merged since we don't know which version this will go live.
There was a problem hiding this comment.
We commonly use @since TODO in such case
| /** | ||
| * JENKINS_HOME | ||
| */ | ||
| private File home; |
There was a problem hiding this comment.
NIT: Maybe makes sense to use Path and the java.io.Files API with exceptions for the new code. Otherwise error handling may be painful (and FindBugs will grumble)
There was a problem hiding this comment.
Unrelated change that should be handled separately.
| } | ||
|
|
||
| private String getString(String key) { | ||
| String value = System.getProperty(key); // keep passing on any exceptions |
There was a problem hiding this comment.
SystemProperties (?) Just to support web.xml overrides & Co
There was a problem hiding this comment.
Yes. IMHO this method duplicates SystemProperties logic. Likely we should move it somewhere to a shared lib (required for the stuff like remoting anyway)
There was a problem hiding this comment.
I didn't want to bring a large class like that into bootstrap, and it's not like there's a lot of duplicate here, so I think this is OK.
|
|
||
| private static final Logger LOGGER = Logger.getLogger(Bootstrap.class.getName()); | ||
|
|
||
| private static final String[] HOME_NAMES = {"JENKINS_HOME","HUDSON_HOME"}; |
There was a problem hiding this comment.
Should we follow the Oracle codestyle and keep these definitions in the beginning of the file? I do not care much, but we declare this codestyle somewhere
There was a problem hiding this comment.
That's funny. I've worked for Sun Microsystems for close to 10 years and our coding convention has always been to put static fields & methods in the end. I just checked the coding convention PDF and it does say static fields before instance fields and no mention of static variables.
| public DependenciesTxt(InputStream i) throws IOException { | ||
| List<Dependency> list = new ArrayList<>(); | ||
|
|
||
| try (Reader r = new InputStreamReader(i,"UTF-8"); |
There was a problem hiding this comment.
Are we fine with hardcoding UTF? IIRC @jtnord has bugged one of my FindBugs PRs due to it
There was a problem hiding this comment.
In practice this file contents is within the ASCII charset, so frankly it's not worth our time to discuss this one further.
|
|
||
| // line that we care about has 5 components: groupId:artifactId:packaging[:classifier]:version:scope | ||
| String line; | ||
| while ((line=br.readLine())!=null) { |
There was a problem hiding this comment.
readLine() may cause hanging of the logic. I am not sure we want to have it for external files. Would be better to define a timeout
There was a problem hiding this comment.
There must be misunderstanding. This is just to read dependencies.txt from a jar file.
| /** | ||
| * Attempts to reverse map a jar file name back to {@link Dependency} | ||
| */ | ||
| public Dependency fromFileName(String jarFileName) { |
There was a problem hiding this comment.
I know what @stephenc may say, but annotations would not hurt here. NIT
There was a problem hiding this comment.
well when I see no annotations I assume that means Nullable. Iow the caller is responsible for knowing when null is appropriate.
If the caller is abdicated of that responsible then CheckForNull is useful to indicate the method is taking the responsibility for the caller.
NonNull is saying never give me a null.
As the default is Nullable, I do not see adding annotations as being ever a blocking issue with a PR review.
That said, there are times where adding annotations is very useful, and gentle reminders are ok. For example when defining an API / SPI I would see annotations as almost mandatory. But when creating an implementation of the api/spi or when writing code that is not intended to be used elsewhere I see them as very optional.
That's my €0.02 anyway
jars in the bootstrap override jars in the core, so duplicating it is not only verbose but also error prone.
|
@jenkinsci/code-reviewers |
... but I guess I've never actually bothered to read it!
|
Besides https://github.com/kohsuke/remoting-plugin there also seems to be https://github.com/ndeloof/stapler-plugin as example implementations. Do we expect these to become reactor modules of https://github.com/jenkinsci/remoting and https://github.com/stapler/stapler resp., so that we automatically get plugin releases every time we cut a component release? |
|
Unclear what CI failures are about, but needs to be cleared up. |
Please, no. We should at least wait the LTS soaking period, preferably longer, before such a plugin is released. |
|
It looks like CLIActionTest gets into an infinite loop, puts stress to the test machine, and eats all the available disk space. I suspect this resulted in strange CI failures. |
|
After investigation and conversation with Jesse, we believe we hit the same test problem that blocked #2959 from getting integrated. The problem is that The result is that the test produce ungodly amount of log output, eating up all the disk space and preventing the successful completion of the tests. Jesse said he'll incorporate a fix to this problem in #2959 and merge that first, which should unblock this PR. |
Why? Consider that if I cut a release of, say, |
The history of terrible Stapler releases over the last year indicates that the likelihood of such a bug is greater. Notably, release of the plugin would precede the core PR to update the component (and the history of process irregularities surrounding merges without code review for Stapler also gives me no confidence that a "snapshot PR first" process would actually be followed). Which is when we repeatedly caught regressions. |
Though having the CI for stapler automatically produce the plugin with every PR would enable easier testing of the side-effects before release. Whereas at the moment you need to make a custom build of jenkins to upgrade these. I think a better approach would be to set the update center to blacklist new versions of these plugins from the non-experimental update centres until they have been vetted, but have remoting and stapler produce their plugins with every release... thus easier testing of upgrades and less risk to users |
You would anyway, because those components have only unit tests, and by far the most extensive tests of their functionality are in Of course we can and should have a daily CI build which picks up
Have you not been following |
…e hates maven-release-plugin
|
|
Looks like this should be possible with minor changes to |
|
Finally have a clean CI build, at least. A fair amount of manual testing remains to be done. |
|
This pull request originates from a CloudBees employee. At CloudBees, we require that all pull requests be reviewed by other CloudBees employees before we seek to have the change accepted. If you want to learn more about our process please see this explanation. |
daniel-beck
added
the
unresolved-merge-conflict
There was a problem hiding this comment.
I think where this stands is that excepting some minor technical details, the change itself was fine, but the advent of Essentials and general changes in workflow and policy mean we do not need this much any more and it is perhaps not worth the added complexity. TBD.
batmat
added
the
proposed-for-close
|
Given this is conflicted and stalled, I'm proposing to close this. I'll do it in the next days in nobody objects. Thanks! |
I was just about to do that myself. Please close the PR and JENKINS-41196 as well. There are also downstream PRs that should be closed: jenkinsci/jenkins-test-harness#48, jenkinsci/maven-hpi-plugin#73, and jenkinsci/acceptance-test-harness#356. |
|
@jglick done. Also closing here as per my last comment. Thanks everyone! |
See this example for the actual example of a plugin that overrides core component.
WEB-INF/libWEB-INF/jarswhich is where most of the jar files now liveStill more to do: