[BEAM-14117] Unvendor bytebuddy dependency

[cushon]

This change unvendors bytebuddy, as discussed in BEAM-14117

---

Thank you for your contribution! Follow this checklist to help us incorporate your contribution quickly and easily:

• Choose reviewer(s) and mention them in a comment (R: @username).
• Format the pull request title like [BEAM-XXX] Fixes bug in ApproximateQuantiles, where you replace BEAM-XXX with the appropriate JIRA issue, if applicable. This will automatically link the pull request to the issue.
• Update CHANGES.md with noteworthy changes.
• If this contribution is large, please file an Apache Individual Contributor License Agreement.

See the Contributor Guide for more tips on how to make review process smoother.

To check the build health, please visit https://github.com/apache/beam/blob/master/.test-infra/BUILD_STATUS.md

GitHub Actions Tests Status (on master branch)

See CI.md for more information about GitHub Actions CI.

[asf-ci]

Can one of the admins verify this patch?

[asf-ci]

Can one of the admins verify this patch?

[codecov]

Codecov Report

Merging #17317 (7dcc6d8) into master (7dcc6d8) will not change coverage.
The diff coverage is n/a.

❗ Current head 7dcc6d8 differs from pull request most recent head ee7bf73. Consider uploading reports for the commit ee7bf73 to get more accurate results

@@           Coverage Diff           @@
##           master   #17317   +/-   ##
=======================================
  Coverage   74.23%   74.23%           
=======================================
  Files         703      703           
  Lines       93100    93100           
=======================================
  Hits        69113    69113           
  Misses      22720    22720           
  Partials     1267     1267           

Flag	Coverage Δ
go	51.52% <0.00%> (ø)
python	83.61% <0.00%> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 7dcc6d8...ee7bf73. Read the comment docs.

[kennknowles]

run java postcommit

[kennknowles]

run flink validatesrunner

[kennknowles]

run spark validatesrunner

[kennknowles]

run samza validatesrunner

[kennknowles]

run dataflow validatesrunner

[cushon]

R: @kennknowles

[kennknowles]

Thread at https://lists.apache.org/thread/sdp7tpvy5n1jlk3g8wqqp40dlyzp5llv did not encounter any major objections.

[kennknowles]

The tests are super flaky, but I think Jenkins runs against the HEAD commit of the PR so it will need a rebase to get any recent improvements in test flakiness. Let me investigate a little bit and I'll comment when I have news.

[kennknowles]

I don't think we should bundle bytebuddy in here, right? It should be a residual dependency that is resolved according to everyone's poms?

[kennknowles]

In other words, it should become "just like any other dependency"

[cushon]

Done, thanks

[kennknowles]

Perfect!

[kennknowles]

Now I just want to poke the tests until they are green, rather than ignoring red signals, even if they seem irrelevant.

[cushon]

Adding an explicit dep doesn't seem to be the way to go since it is technically a transitive dependency.

Thanks, any suggestions about what the right way to go would be?

[kennknowles]

I'm not sure how the failure occurred, but based on grep and IWYU this should just not be here. I understand you added it in response to an issue. It sounds like there must be an error in some other module's IWYU compliance, and presumably is suppressed? (just a guess; I don't know)

[cushon]

I did some more debugging, and my understanding is that this configuration is effectively removing the implementation dep:

beam/sdks/java/core/build.gradle

Lines 27 to 35 in f2e41be

	shadowClosure: {
	dependencies {
	include(dependency("org.apache.commons:.*"))
	include(dependency(library.java.antlr_runtime))
	}
	relocate "com.google.thirdparty", getJavaRelocatedPath("com.google.thirdparty")
	relocate "org.apache.commons", getJavaRelocatedPath("org.apache.commons")
	relocate "org.antlr.v4", getJavaRelocatedPath("org.antlr.v4")
	},

because when shadowClosure is specified BeamModulePlugin removes all of the implementation deps:

beam/buildSrc/src/main/groovy/org/apache/beam/gradle/BeamModulePlugin.groovy

Lines 808 to 810 in f2e41be

	// * implementation - Required during compilation or runtime of the main source set.
	// This configuration represents all dependencies that much also be shaded away
	// otherwise the generated Maven pom will be missing this dependency.

Hacking up BeamModulePlugin to add a hard-coded implementation dep on bytebuddy fixes the build errors I was seeing, which seems to be consistent with that theory:

diff --git a/buildSrc/src/main/groovy/org/apache/beam/gradle/BeamModulePlugin.groovy b/buildSrc/src/main/groovy/org/apache/beam/gradle/BeamModulePlugin.groovy
index 791277a7e1..30b94333e0 100644
--- a/buildSrc/src/main/groovy/org/apache/beam/gradle/BeamModulePlugin.groovy
+++ b/buildSrc/src/main/groovy/org/apache/beam/gradle/BeamModulePlugin.groovy
@@ -496,6 +496,7 @@ class BeamModulePlugin implements Plugin<Project> {
     def testcontainers_version = "1.16.3"
     def arrow_version = "5.0.0"
     def jmh_version = "1.34"
+    def byte_buddy_version = "1.12.9"

     // A map of maps containing common libraries used per language. To use:
     // dependencies {
@@ -541,7 +542,7 @@ class BeamModulePlugin implements Plugin<Project> {
         aws_java_sdk2_utils                         : "software.amazon.awssdk:utils:$aws_java_sdk2_version",
         bigdataoss_gcsio                            : "com.google.cloud.bigdataoss:gcsio:$google_cloud_bigdataoss_version",
         bigdataoss_util                             : "com.google.cloud.bigdataoss:util:$google_cloud_bigdataoss_version",
-        byte_buddy                                  : "net.bytebuddy:byte-buddy:1.12.9",
+        byte_buddy                                  : "net.bytebuddy:byte-buddy:$byte_buddy_version",
         cassandra_driver_core                       : "com.datastax.cassandra:cassandra-driver-core:$cassandra_driver_version",
         cassandra_driver_mapping                    : "com.datastax.cassandra:cassandra-driver-mapping:$cassandra_driver_version",
         cdap_api                                    : "io.cdap.cdap:cdap-api:$cdap_version",
@@ -1063,7 +1064,15 @@ class BeamModulePlugin implements Plugin<Project> {
         // This contains many improved annotations beyond javax.annotations for enhanced static checking
         // of the codebase. It is runtime so users can also take advantage of them. The annotations themselves
         // are MIT licensed (checkerframework is GPL and cannot be distributed)
-        implementation "org.checkerframework:checker-qual:$checkerframework_version"
+
+        def implementationDeps = [
+          "org.checkerframework:checker-qual:$checkerframework_version",
+          "net.bytebuddy:byte-buddy:$byte_buddy_version",
+        ]
+
+        implementationDeps.each { dep ->
+          implementation dep
+        }
       }

       // Defines Targets for sonarqube analysis reporting.

What do you recommend? It seems like there are no existing examples of implementation deps that aren't included in the shadow closure. Does it make sense to include it in the shadow closure after all? Is there a more principled change to BeamModulePlugin to allow it to be configured to preserve some implementation deps?

[lukecwik]

I did some more debugging, and my understanding is that this configuration is effectively removing the implementation dep:

beam/sdks/java/core/build.gradle

Lines 27 to 35 in f2e41be

	shadowClosure: {
	dependencies {
	include(dependency("org.apache.commons:.*"))
	include(dependency(library.java.antlr_runtime))
	}
	relocate "com.google.thirdparty", getJavaRelocatedPath("com.google.thirdparty")
	relocate "org.apache.commons", getJavaRelocatedPath("org.apache.commons")
	relocate "org.antlr.v4", getJavaRelocatedPath("org.antlr.v4")
	},

because when shadowClosure is specified BeamModulePlugin removes all of the implementation deps:

beam/buildSrc/src/main/groovy/org/apache/beam/gradle/BeamModulePlugin.groovy

Lines 808 to 810 in f2e41be

	// * implementation - Required during compilation or runtime of the main source set.
	// This configuration represents all dependencies that much also be shaded away
	// otherwise the generated Maven pom will be missing this dependency.

Hacking up BeamModulePlugin to add a hard-coded implementation dep on bytebuddy fixes the build errors I was seeing, which seems to be consistent with that theory:

diff --git a/buildSrc/src/main/groovy/org/apache/beam/gradle/BeamModulePlugin.groovy b/buildSrc/src/main/groovy/org/apache/beam/gradle/BeamModulePlugin.groovy
index 791277a7e1..30b94333e0 100644
--- a/buildSrc/src/main/groovy/org/apache/beam/gradle/BeamModulePlugin.groovy
+++ b/buildSrc/src/main/groovy/org/apache/beam/gradle/BeamModulePlugin.groovy
@@ -496,6 +496,7 @@ class BeamModulePlugin implements Plugin<Project> {
     def testcontainers_version = "1.16.3"
     def arrow_version = "5.0.0"
     def jmh_version = "1.34"
+    def byte_buddy_version = "1.12.9"

     // A map of maps containing common libraries used per language. To use:
     // dependencies {
@@ -541,7 +542,7 @@ class BeamModulePlugin implements Plugin<Project> {
         aws_java_sdk2_utils                         : "software.amazon.awssdk:utils:$aws_java_sdk2_version",
         bigdataoss_gcsio                            : "com.google.cloud.bigdataoss:gcsio:$google_cloud_bigdataoss_version",
         bigdataoss_util                             : "com.google.cloud.bigdataoss:util:$google_cloud_bigdataoss_version",
-        byte_buddy                                  : "net.bytebuddy:byte-buddy:1.12.9",
+        byte_buddy                                  : "net.bytebuddy:byte-buddy:$byte_buddy_version",
         cassandra_driver_core                       : "com.datastax.cassandra:cassandra-driver-core:$cassandra_driver_version",
         cassandra_driver_mapping                    : "com.datastax.cassandra:cassandra-driver-mapping:$cassandra_driver_version",
         cdap_api                                    : "io.cdap.cdap:cdap-api:$cdap_version",
@@ -1063,7 +1064,15 @@ class BeamModulePlugin implements Plugin<Project> {
         // This contains many improved annotations beyond javax.annotations for enhanced static checking
         // of the codebase. It is runtime so users can also take advantage of them. The annotations themselves
         // are MIT licensed (checkerframework is GPL and cannot be distributed)
-        implementation "org.checkerframework:checker-qual:$checkerframework_version"
+
+        def implementationDeps = [
+          "org.checkerframework:checker-qual:$checkerframework_version",
+          "net.bytebuddy:byte-buddy:$byte_buddy_version",
+        ]
+
+        implementationDeps.each { dep ->
+          implementation dep
+        }
       }

       // Defines Targets for sonarqube analysis reporting.

What do you recommend? It seems like there are no existing examples of implementation deps that aren't included in the shadow closure. Does it make sense to include it in the shadow closure after all? Is there a more principled change to BeamModulePlugin to allow it to be configured to preserve some implementation deps?

You should declare byte_buddy within the shadow configuration as per

beam/buildSrc/src/main/groovy/org/apache/beam/gradle/BeamModulePlugin.groovy

Line 811 in f2e41be

// * shadow - Required during compilation or runtime of the main source set.

This will make it a compile time dependency for the source set and it will be exposed in the pom.xml file and should become a transitive dependency.

[cushon]

You should declare byte_buddy within the shadow configuration

Thanks so much! Done.

[cushon]

I think all of the open issues have been resolved:

• the byte_buddy dep is now in the shadow configuration
• the CI is green (I had to retry a few times but this didn't require any additional fixes, I think some of the tests might be flaky)

Let me know if there's any additional feedback!

[lukecwik]

Fixes #21519