updating jenkins base version and bom configuration #166
Conversation
pom.xml
Outdated
| @@ -176,7 +176,7 @@ limitations under the License. | |||
| <dependency> | |||
| <groupId>com.google.code.gson</groupId> | |||
| <artifactId>gson</artifactId> | |||
| <version>2.8.9</version> | |||
| <version>2.10.1</version> | |||
There was a problem hiding this comment.
This won't work, because jclouds currently does NOT support gson >= 2.9.0
See https://issues.jenkins.io/browse/JENKINS-72475 and my corresponding PR #165
There was a problem hiding this comment.
Thanks for reviewing the PR! I didn't expected that! Just curious how does it sneaked through the tests? Can you give some insights so that I do not repeat the same mistake again.
There was a problem hiding this comment.
Because there are no tests for that in the plugin. The relevant tests are in jclouds, not in the plugin. It would require connecting to a real cloud provider including the necessary credentials. For obvious reasons, I cannot make the credentials public.
This is a stacktrace from before #165 which shows that this happens deep down in jclouds.
|
If I revert back to previous gson version, it will raise Maven Enforcer errors referring |
Oh, did not know that. Well I don't know how to override the maven enforcer parameters or if that is even possible. Until then, I'm afraid this has to wait until jclouds-2.6.0 is released. @basil Sorry for the intrusion - Could you please help out and comment on that? |
|
Continuing to bundle the old JAR and masking the classes is a valid solution, and this was also done in jenkinsci/artifact-manager-s3-plugin#447. To silence Enforcer you can use a code snippet like https://github.com/jenkinsci/gitlab-plugin/blob/d38e95e166e43d1e1a87fc4e6dbff838a34a164f/pom.xml#L303-L325 but even better is to exclude the newer version from wherever it is coming from (use |
I think it's the best solution because will also prevent future issue when dependents plugin depends on a newer version of GSON. |
There are other problems when multiple plugins bundle the same JAR, such as linkage errors when the same class is loaded by two different class loaders and instances try to interact with each other. That is why we generally prefer library plugins in the Jenkins ecosystem. This is likely less of an issue for JClouds because it loads GSON privately and not as part of a public API. |
To sum it up, you basically need 2 changes:
<plugin>
<artifactId>maven-enforcer-plugin</artifactId>
<executions>
<execution>
<id>display-info</id>
<configuration>
<rules>
<requireUpperBoundDeps>
<excludes combine.children="append">
<exclude>com.google.code.gson:gson</exclude>
</excludes>
</requireUpperBoundDeps>
</rules>
</configuration>
</execution>
</executions>
</plugin> |
|
I hope this resolves the issue. |
Updating jenkins base version and corresponding BOM configuration. Made relevant changes to resolve issues with dependencies.
Testing done
Tests passed
Submitter checklist