Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[JENKINS-63350] update pac4j to 3.9.0 #90

Merged
merged 17 commits into from
Feb 25, 2021
Merged

[JENKINS-63350] update pac4j to 3.9.0 #90

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
17 commits
Select commit Hold shift + click to select a range
5786d35
[JENKINS-63350] update pac4j to 3.8
kuisathaverat Aug 8, 2020
68aaa10
add placeholders to compile
kuisathaverat Aug 8, 2020
76b6c1a
chore: remove dummy classes
kuisathaverat Nov 13, 2020
ffadcb1
feat: update pac4j to 3.9.0 and Jenkins Core to 2.266
kuisathaverat Nov 13, 2020
579a46c
chore: grooming
kuisathaverat Nov 13, 2020
8ad3af6
Merge branch 'master' into JENKINS-63350
kuisathaverat Nov 13, 2020
5188258
fix: maven complain in windows
kuisathaverat Nov 13, 2020
1beb7e3
fix: compile for the correct version
kuisathaverat Nov 13, 2020
81b5bb7
chore: update incremental maven plugin
kuisathaverat Nov 13, 2020
867faa0
chore: suggested changes on the Jenkinsfile
kuisathaverat Nov 13, 2020
e15c310
fix: exclude transitive dependencies
kuisathaverat Nov 13, 2020
867464d
docs: fix javadoc warning
kuisathaverat Nov 13, 2020
9810e6e
fix: throw exception
kuisathaverat Nov 13, 2020
aa2a2f1
Apply suggestions from code review
kuisathaverat Nov 13, 2020
cb0a8f6
fix: ignore parameters in the URL for validation
kuisathaverat Nov 15, 2020
1b22692
Merge branch 'JENKINS-63350' of github.com:kuisathaverat/saml-plugin …
kuisathaverat Nov 15, 2020
7c7a310
Update pom.xml
kuisathaverat Feb 25, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .mvn/extensions.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,6 @@
<extension>
<groupId>io.jenkins.tools.incrementals</groupId>
<artifactId>git-changelist-maven-extension</artifactId>
<version>1.0-beta-7</version>
<version>1.2</version>
</extension>
</extensions>
12 changes: 6 additions & 6 deletions Jenkinsfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,14 +4,14 @@ def lts = "2.249.3"
def weekly = "2.266"
kuisathaverat marked this conversation as resolved.
Show resolved Hide resolved
def buildConfiguration = [
/*
[ platform: "linux", jdk: "8", jenkins: lts, javaLevel: "8" ],
[ platform: "windows", jdk: "8", jenkins: lts, javaLevel: "8" ],
[ platform: "linux", jdk: "11", jenkins: lts, javaLevel: "8" ],
[ platform: "windows", jdk: "11", jenkins: lts, javaLevel: "8" ],
[ platform: "linux", jdk: "8", jenkins: lts ],
[ platform: "windows", jdk: "8", jenkins: lts ],
[ platform: "linux", jdk: "11", jenkins: lts ],
[ platform: "windows", jdk: "11", jenkins: lts ],
*/
// Also build on recent weekly
[ platform: "linux", jdk: "11", jenkins: weekly, javaLevel: "8" ],
[ platform: "windows", jdk: "11", jenkins: weekly, javaLevel: "8" ]
[ platform: "linux", jdk: "11", jenkins: weekly ],
[ platform: "windows", jdk: "11", jenkins: weekly ]
kuisathaverat marked this conversation as resolved.
Show resolved Hide resolved
]

buildPlugin(configurations: buildConfiguration)
71 changes: 67 additions & 4 deletions pom.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -103,11 +103,24 @@ under the License.
<artifactId>pac4j-saml</artifactId>
<!-- versions 4.x.x require JDK 11 -->
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Then set java.level to 11 I guess? Not sure of status of jenkinsci/plugin-pom#133.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think is fine, 3.9.0 was released a few days ago

<version>3.9.0</version>
<optional>false</optional>
<exclusions>
<exclusion>
<groupId>org.springframework</groupId>
<artifactId>spring-beans</artifactId>
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You may need to exclude more. Pay attention to what gets bundled in the *.hpi (also printed to build log).

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yep, there is a bunch of transitive dependencies that can be removed

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is there any way to acknowledge(remove the warnings) the dependencies? there are some warnings that come from the hpi plugin, but those dependencies are needed and I do not want to add all those dependencies manually to the plugin pom.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is there any way to acknowledge(remove the warnings)

Yes but do not do that.

there are some warnings that come from the hpi plugin, but those dependencies are needed

You can exclude dependencies you know you will not use, or you know you can use in the version supplied by core. Or you can switch to pluginFirstClassLoader and forget about accurate testing with JenkinsRule (must do it manually). Think twice, actually several times, before doing anything out of the ordinary. https://www.jenkins.io/doc/developer/plugin-development/dependencies-and-class-loading/

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have excluded all that are not needed or are already in the Jenkins Core. so I guess that either I add these libraries to the pom or I live with these warnings


[WARNING] Bundling transitive dependency jcommander-1.48.jar (via pac4j-saml)
--
[WARNING] Bundling transitive dependency woodstox-core-5.0.3.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency istack-commons-runtime-3.0.8.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency FastInfoset-1.2.16.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency metrics-core-3.1.2.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency jakarta.xml.bind-api-2.3.2.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency javax.json-api-1.0.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency joda-time-2.9.9.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency xmlsectool-2.0.0.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency java-support-7.5.0.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency spymemcached-2.12.3.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency httpclient-4.5.3.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency httpcore-4.4.8.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency xmlsec-2.1.4.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency velocity-1.7.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency stax2-api-3.1.4.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency cryptacular-1.2.4.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency jaxb-runtime-2.3.2.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency txw2-2.3.2.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency javax.json-1.0.4.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency stax-ex-1.8.1.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency ldaptive-1.0.13.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency opensaml-core-3.4.3.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency opensaml-messaging-api-3.4.3.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency opensaml-messaging-impl-3.4.3.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency opensaml-profile-api-3.4.3.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency opensaml-profile-impl-3.4.3.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency opensaml-saml-api-3.4.3.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency opensaml-saml-impl-3.4.3.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency opensaml-security-api-3.4.3.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency opensaml-security-impl-3.4.3.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency opensaml-soap-api-3.4.3.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency opensaml-soap-impl-3.4.3.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency opensaml-storage-api-3.4.3.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency opensaml-storage-impl-3.4.3.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency opensaml-xmlsec-api-3.4.3.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency opensaml-xmlsec-impl-3.4.3.jar (via pac4j-saml)
[WARNING] Bundling transitive dependency pac4j-core-3.9.0.jar (via pac4j-saml)

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I will live with the warnings to remove them I have to add more than 300 no-sense lines to the pom to manage these dependencies manually.

</exclusion>
<exclusion>
<groupId>org.springframework</groupId>
<artifactId>spring-jdbc</artifactId>
</exclusion>
<exclusion>
<groupId>org.springframework</groupId>
<artifactId>spring-orm</artifactId>
</exclusion>
<exclusion>
<groupId>org.springframework</groupId>
<artifactId>spring-tx</artifactId>
</exclusion>
<exclusion>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
Expand All @@ -132,6 +145,54 @@ under the License.
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
</exclusion>
<exclusion>
<groupId>antlr</groupId>
<artifactId>antlr</artifactId>
</exclusion>
<exclusion>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-core</artifactId>
</exclusion>
<exclusion>
<groupId>org.hibernate.javax.persistence</groupId>
<artifactId>hibernate-jpa-2.1-api</artifactId>
</exclusion>
<exclusion>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-entitymanager</artifactId>
</exclusion>
<exclusion>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-commons-annotations</artifactId>
</exclusion>
<exclusion>
<groupId>commons-collections</groupId>
<artifactId>commons-collections</artifactId>
</exclusion>
<exclusion>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
</exclusion>
<exclusion>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
</exclusion>
<exclusion>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
</exclusion>
<exclusion>
<groupId>xalan</groupId>
<artifactId>xalan</artifactId>
</exclusion>
<exclusion>
<groupId>jakarta.activation</groupId>
<artifactId>jakarta.activation-api</artifactId>
</exclusion>
<exclusion>
<groupId>javax.annotation</groupId>
<artifactId>javax.annotation-api</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
Expand Down Expand Up @@ -172,10 +233,6 @@ under the License.
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>antlr</groupId>
<artifactId>antlr</artifactId>
</dependency>
<dependency>
<groupId>io.jenkins.tools.bom</groupId>
<artifactId>bom-2.249.x</artifactId>
Expand All @@ -193,6 +250,12 @@ under the License.
<artifactId>xmlsec</artifactId>
<version>2.1.4</version>
</dependency>
<dependency>
<groupId>org.pac4j</groupId>
<artifactId>pac4j-saml</artifactId>
<!-- versions 4.x.x require JDK 11 -->
<version>3.9.0</version>
</dependency>
</dependencies>
</dependencyManagement>
<build>
Expand Down