HADOOP-18583. Native code to load OpenSSL 3.x symbols

[packet23]

Description of PR

Fix for HADOOP-18583. OpenSSL 3.x broke existing ABI - the symbols for

• EVP_CIPHER_CTX_block_size and
• EVP_CIPHER_CTX_encrypting

are now called

• EVP_CIPHER_CTX_get_block_size and
• EVP_CIPHER_CTX_is_encrypting respectively (c.f. commit ed576acdf591d4164905ab98e89ca5a3b99d90ab that landed in openssl-3.0.0-beta1)

The PR changes the hadoop-common native code such that when compiled against OpenSSL 3.x, it can successfully load the OpenSSL 3.x symbols at runtime.

How was this patch tested?

A patched version of Hadoop 3.3.4 was compiled on an x86-64 Ubuntu 22.04 machine and hadoop checknative was invoked.

$ openssl version
OpenSSL 3.0.2 15 Mar 2022 (Library: OpenSSL 3.0.2 15 Mar 2022)
$ hadoop checknative
2022-12-24 11:54:31,538 INFO bzip2.Bzip2Factory: Successfully loaded & initialized native-bzip2 library system-native
2022-12-24 11:54:31,539 INFO zlib.ZlibFactory: Successfully loaded & initialized native-zlib library
2022-12-24 11:54:31,558 INFO nativeio.NativeIO: The native code was built without PMDK support.
Native library checking:
hadoop:  true /hadoop/lib/native/libhadoop.so.1.0.0
zlib:    true /lib/x86_64-linux-gnu/libz.so.1
zstd  :  true /lib/x86_64-linux-gnu/libzstd.so.1
bzip2:   true /lib/x86_64-linux-gnu/libbz2.so.1
openssl: true /lib/x86_64-linux-gnu/libcrypto.so
ISA-L:   true /lib/x86_64-linux-gnu/libisal.so.2
PMDK:    false The native code was built without PMDK support.

For code changes:

• Does the title or this PR starts with the corresponding JIRA issue id (e.g. 'HADOOP-17799. Your PR title ...')?
• Object storage: have the integration tests been executed and the endpoint declared according to the connector-specific documentation?
• If adding new dependencies to the code, are these dependencies licensed in a way that is compatible for inclusion under ASF 2.0?
• If applicable, have you updated the LICENSE, LICENSE-binary, NOTICE-binary files?

[hadoop-yetus]

💔 -1 overall

Vote	Subsystem	Runtime	Logfile	Comment
+0 🆗	reexec	35m 59s		Docker mode activated.
			_ Prechecks _
+1 💚	dupname	0m 0s		No case conflicting files found.
+0 🆗	codespell	0m 0s		codespell was not available.
+0 🆗	detsecrets	0m 0s		detect-secrets was not available.
+1 💚	@author	0m 0s		The patch does not contain any @author tags.
-1 ❌	test4tests	0m 0s		The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
			_ trunk Compile Tests _
+1 💚	mvninstall	39m 11s		trunk passed
+1 💚	compile	20m 40s		trunk passed
+1 💚	mvnsite	1m 47s		trunk passed
+1 💚	shadedclient	81m 24s		branch has no errors when building and testing our client artifacts.
			_ Patch Compile Tests _
+1 💚	mvninstall	1m 0s		the patch passed
+1 💚	compile	19m 57s		the patch passed
+1 💚	cc	19m 57s		the patch passed
+1 💚	golang	19m 57s		the patch passed
+1 💚	javac	19m 57s		the patch passed
+1 💚	blanks	0m 0s		The patch has no blanks issues.
+1 💚	mvnsite	1m 44s		the patch passed
+1 💚	shadedclient	21m 11s		patch has no errors when building and testing our client artifacts.
			_ Other Tests _
-1 ❌	unit	18m 29s	/patch-unit-hadoop-common-project_hadoop-common.txt	hadoop-common in the patch passed.
+1 💚	asflicense	1m 3s		The patch does not generate ASF License warnings.
		181m 7s

Reason	Tests
Failed junit tests	hadoop.crypto.TestCryptoStreamsWithOpensslSm4CtrCryptoCodec
	hadoop.crypto.TestCryptoCodec
	hadoop.service.launcher.TestServiceInterruptHandling

Subsystem	Report/Notes
Docker	ClientAPI=1.41 ServerAPI=1.41 base: https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/1/artifact/out/Dockerfile
GITHUB PR	#5256
Optional Tests	dupname asflicense compile cc mvnsite javac unit codespell detsecrets golang
uname	Linux 76e9e4ea09ff 4.15.0-200-generic #211-Ubuntu SMP Thu Nov 24 18:16:04 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	dev-support/bin/hadoop.sh
git revision	trunk / 4ce0602
Default Java	Red Hat, Inc.-1.8.0_352-b08
Test Results	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/1/testReport/
Max. process+thread count	2661 (vs. ulimit of 5500)
modules	C: hadoop-common-project/hadoop-common U: hadoop-common-project/hadoop-common
Console output	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/1/console
versions	git=2.9.5 maven=3.6.3
Powered by	Apache Yetus 0.14.0 https://yetus.apache.org

This message was automatically generated.

[steveloughran]

not any code i've looked at before, so trying to understand it. made some comments

[steveloughran]

1. how about adding a comment to say "the names were changed so the probes have to change their type.
2. do the actual typedefs need to be made exclusive? can see that if the actual typedef name was being recycled, but here they are being given new names

[packet23]

1. addressed in f5c9b44
2. wasn't sure which name pops up in hadoop checknativein case hadoop-common was compiled against OpenSSL 3.x and run with OpenSSL 1.x. Given that the symbols have same signature, the patch could be restricted to only Java_org_apache_hadoop_crypto_OpensslCipher_initIDs. Let me verify that...

[packet23]

addressed 2. in 6c17fcf

[steveloughran]

these are all static...the probes need to be compiled for openssl 2 vs 3. do we need this, or can it just look for either sets of symbols and be happy?

[packet23]

Not quite sure - let me check.

[packet23]

I need some more information here:

1. With "look for either sets of symbols" do you mean moving the conditional symbol loading from compile time to runtime?
2. What contract do we have for native code regarding OpenSSL ABIs?

The PR delivers the following contract:

• If compiled against OpenSSL X.Y API, it will only work at runtime if OpenSSL X.Y ABI is available.

To my knowledge, this is not a regression, looking at the other conditional symbol loads and their usage.

[hadoop-yetus]

💔 -1 overall

Vote	Subsystem	Runtime	Logfile	Comment
+0 🆗	reexec	0m 45s		Docker mode activated.
			_ Prechecks _
+1 💚	dupname	0m 0s		No case conflicting files found.
+0 🆗	codespell	0m 0s		codespell was not available.
+0 🆗	detsecrets	0m 0s		detect-secrets was not available.
+1 💚	@author	0m 0s		The patch does not contain any @author tags.
-1 ❌	test4tests	0m 0s		The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
			_ trunk Compile Tests _
+1 💚	mvninstall	39m 3s		trunk passed
+1 💚	compile	20m 51s		trunk passed
+1 💚	mvnsite	1m 48s		trunk passed
+1 💚	shadedclient	81m 25s		branch has no errors when building and testing our client artifacts.
			_ Patch Compile Tests _
+1 💚	mvninstall	1m 0s		the patch passed
+1 💚	compile	20m 3s		the patch passed
+1 💚	cc	20m 3s		the patch passed
+1 💚	golang	20m 3s		the patch passed
+1 💚	javac	20m 3s		the patch passed
+1 💚	blanks	0m 0s		The patch has no blanks issues.
+1 💚	mvnsite	1m 44s		the patch passed
+1 💚	shadedclient	21m 23s		patch has no errors when building and testing our client artifacts.
			_ Other Tests _
-1 ❌	unit	18m 43s	/patch-unit-hadoop-common-project_hadoop-common.txt	hadoop-common in the patch passed.
+1 💚	asflicense	1m 5s		The patch does not generate ASF License warnings.
		146m 30s

Reason	Tests
Failed junit tests	hadoop.crypto.TestCryptoStreamsWithOpensslSm4CtrCryptoCodec
	hadoop.crypto.TestCryptoCodec
	hadoop.service.launcher.TestServiceInterruptHandling

Subsystem	Report/Notes
Docker	ClientAPI=1.41 ServerAPI=1.41 base: https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/2/artifact/out/Dockerfile
GITHUB PR	#5256
Optional Tests	dupname asflicense compile cc mvnsite javac unit codespell detsecrets golang
uname	Linux 066f4e98dd4a 4.15.0-200-generic #211-Ubuntu SMP Thu Nov 24 18:16:04 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	dev-support/bin/hadoop.sh
git revision	trunk / f5c9b44
Default Java	Red Hat, Inc.-1.8.0_352-b08
Test Results	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/2/testReport/
Max. process+thread count	1301 (vs. ulimit of 5500)
modules	C: hadoop-common-project/hadoop-common U: hadoop-common-project/hadoop-common
Console output	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/2/console
versions	git=2.9.5 maven=3.6.3
Powered by	Apache Yetus 0.14.0 https://yetus.apache.org

This message was automatically generated.

[hadoop-yetus]

💔 -1 overall

Vote	Subsystem	Runtime	Logfile	Comment
+0 🆗	reexec	0m 44s		Docker mode activated.
			_ Prechecks _
+1 💚	dupname	0m 0s		No case conflicting files found.
+0 🆗	codespell	0m 0s		codespell was not available.
+0 🆗	detsecrets	0m 0s		detect-secrets was not available.
+1 💚	@author	0m 0s		The patch does not contain any @author tags.
-1 ❌	test4tests	0m 0s		The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
			_ trunk Compile Tests _
+1 💚	mvninstall	39m 17s		trunk passed
+1 💚	compile	20m 39s		trunk passed
+1 💚	mvnsite	1m 47s		trunk passed
+1 💚	shadedclient	81m 8s		branch has no errors when building and testing our client artifacts.
			_ Patch Compile Tests _
+1 💚	mvninstall	1m 0s		the patch passed
+1 💚	compile	20m 6s		the patch passed
+1 💚	cc	20m 7s		the patch passed
+1 💚	golang	20m 6s		the patch passed
+1 💚	javac	20m 6s		the patch passed
+1 💚	blanks	0m 0s		The patch has no blanks issues.
+1 💚	mvnsite	1m 44s		the patch passed
+1 💚	shadedclient	21m 1s		patch has no errors when building and testing our client artifacts.
			_ Other Tests _
-1 ❌	unit	18m 33s	/patch-unit-hadoop-common-project_hadoop-common.txt	hadoop-common in the patch passed.
+1 💚	asflicense	1m 5s		The patch does not generate ASF License warnings.
		145m 26s

Reason	Tests
Failed junit tests	hadoop.crypto.TestCryptoStreamsWithOpensslSm4CtrCryptoCodec
	hadoop.crypto.TestCryptoCodec
	hadoop.service.launcher.TestServiceInterruptHandling

Subsystem	Report/Notes
Docker	ClientAPI=1.41 ServerAPI=1.41 base: https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/3/artifact/out/Dockerfile
GITHUB PR	#5256
Optional Tests	dupname asflicense compile cc mvnsite javac unit codespell detsecrets golang
uname	Linux dca52a0e3810 4.15.0-200-generic #211-Ubuntu SMP Thu Nov 24 18:16:04 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	dev-support/bin/hadoop.sh
git revision	trunk / 6c17fcf
Default Java	Red Hat, Inc.-1.8.0_352-b08
Test Results	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/3/testReport/
Max. process+thread count	1669 (vs. ulimit of 5500)
modules	C: hadoop-common-project/hadoop-common U: hadoop-common-project/hadoop-common
Console output	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/3/console
versions	git=2.9.5 maven=3.6.3
Powered by	Apache Yetus 0.14.0 https://yetus.apache.org

This message was automatically generated.

[t8m]

OpenSSL 1.1.1 is not ABI compatible (and only partially API compatible) with OpenSSL 3.x.

All the 3.x versions should be upwards ABI compatible - i.e. something compiled against 3.x will work with 3.(x+1).

[packet23]

After digging a bit a more into Hadoop's usage of OpenSSL, I believe the PR fixes hadoop checknative, but there are other places that are not covered by hadoop checknative:

• org.apache.hadoop.security.ssl.DelegatingSSLSocketFactory, hadoop-azure-datalake, hadoop-azure, hadoop-aws - use OpenSSL via wildfly-openssl 1.0.7.Final (wildfly-openssl >= 2.2.0.Final supports OpenSSL 3.x), not covered by hadoop checknative
• org.apache.hadoop.crypto.random.OpensslSecureRandom - not covered by hadoop checknative as it seems
• libhdfspp
• hadoop-pipes
• hadoop-yarn-server-nodemanager's container-executor

Proper support of OpenSSL 3.x should at least review all of these usages. Supported platforms have at most OpenSSL 1.1.1, pull request verification builds run against OpenSSL 1.0.2. Perhaps file followup tickets?

[steveloughran]

thanks for this. wildfly is a source of ongoing pain and pretty brittle across openssl versions. probably a full update is needed there.

givent eh other places where things fail, is checknative correct in reporting incompatibility? as at least it is a fail-fast test for all of this.

which means: fixing it should be the last action.

• why not create a "support openssl 3.x" JIRA with the checknative one moved to being a subtask.
• we can discuss whether it is time to retire hadoop-pipes
• yarn issue is for a YARN jira
• opensslSecureRandom should be included in the checknative and we could make it probeable (i.e save stack on init failure to an accessible field; checknative could verify this is empty)

[jasonwzs]

@packet23 @steveloughran , can you provide more details on the individual issues related to openssl 3 support? It would be nice if we create jira issues for tracking purpose.
I am more interested in the yarn issue mentioned for hadoop-yarn-server-nodemanager's container-executor. Where is the related code and what is the impact?

[steveloughran]

hadoop-yarn-server-nodemanager's container-executor
no idea. best to discuss on yarn-dev

regarding crypton and checknative, we may to work on that. IMO checknative should look for openssl, at least if we add a -openssl argument.

I don't think we have specific openssl issues. In #6425 I had to add error string matching for openssl 1 messages indicating stale https connections (these were surfacing deep in the AWS error stack). For 3.x it'd be good to know that these strings were the same -or update them. Maybe you can create an uber-jira "support openssl 3"

one more thing: what is the openssl FIPS story? as for strict fips support we don't just want to talk to fips endpoints, we want to run on hosts where the ssl lib doesn't have the untrusted algorithms at all.

[Apache9]

Still face this problem when deploying hadoop on ubuntu 24.04, where the default version for openssl is 3.0.13.

I tried to compile native libraries by myself with a ubuntu 24.04 based docker image, but still get the same error message...

[steveloughran]

I've hit this too...forgot about the jira.

If we do this switch, what happens on older openssl deployments --and do we care?

[steveloughran]

let's have a single block for defining the string and then use

#if  OPENSSL_VERSION_NUMBER >= 0x30000000L
#define CTX_BLOCK_SIZE "EVP_CIPHER_CTX_get_block_size"
#define CTX_ENCRYPTING "EVP_CIPHER_CTX_is_encrypting"
...
#else
#define CTX_BLOCK_SIZE "EVP_CIPHER_CTX_block_size"
#define CTX_ENCRYPTING "EVP_CIPHER_CTX_encrypting"
...
#endif

 LOAD_DYNAMIC_SYMBOL(dlsym_EVP_CIPHER_CTX_block_size, env, openssl,
                      CTX_BLOCK_SIZE);

Then the actual uses just refer to the macro definition as needed

1. makes things less complex
2. lines up for openssl 4 and any more changes.

[packet23]

Will have a look this weekend.

[packet23]

The requested change would not work on OpenSSL 1.0: EVP_CIPHER_CTX_encrypting is only available on OpenSSL 1.1. Would we need to support OpenSSL 1.0 still?

[packet23]

Wait- I think I misunderstood you. We can decouple of course. Pushed a change addressing this and rebased as well.

[hadoop-yetus]

💔 -1 overall

Vote	Subsystem	Runtime	Logfile	Comment
+0 🆗	reexec	19m 0s		Docker mode activated.
			_ Prechecks _
+1 💚	dupname	0m 0s		No case conflicting files found.
+0 🆗	codespell	0m 0s		codespell was not available.
+0 🆗	detsecrets	0m 0s		detect-secrets was not available.
+1 💚	@author	0m 0s		The patch does not contain any @author tags.
-1 ❌	test4tests	0m 0s		The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
			_ trunk Compile Tests _
+1 💚	mvninstall	33m 5s		trunk passed
+1 💚	compile	8m 23s		trunk passed
+1 💚	mvnsite	0m 58s		trunk passed
+1 💚	shadedclient	63m 38s		branch has no errors when building and testing our client artifacts.
			_ Patch Compile Tests _
+1 💚	mvninstall	0m 32s		the patch passed
+1 💚	compile	8m 1s		the patch passed
+1 💚	cc	8m 1s		the patch passed
+1 💚	golang	8m 1s		the patch passed
+1 💚	javac	8m 1s		the patch passed
+1 💚	blanks	0m 0s		The patch has no blanks issues.
+1 💚	mvnsite	0m 56s		the patch passed
+1 💚	shadedclient	22m 23s		patch has no errors when building and testing our client artifacts.
			_ Other Tests _
+1 💚	unit	16m 8s		hadoop-common in the patch passed.
+1 💚	asflicense	0m 37s		The patch does not generate ASF License warnings.
		131m 24s

Subsystem	Report/Notes
Docker	ClientAPI=1.47 ServerAPI=1.47 base: https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/4/artifact/out/Dockerfile
GITHUB PR	#5256
Optional Tests	dupname asflicense compile cc mvnsite javac unit codespell detsecrets golang
uname	Linux 4ae01d9ff57c 5.15.0-124-generic #134-Ubuntu SMP Fri Sep 27 20:20:17 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	dev-support/bin/hadoop.sh
git revision	trunk / a30640c
Default Java	Red Hat, Inc.-1.8.0_412-b08
Test Results	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/4/testReport/
Max. process+thread count	3153 (vs. ulimit of 5500)
modules	C: hadoop-common-project/hadoop-common U: hadoop-common-project/hadoop-common
Console output	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/4/console
versions	git=2.9.5 maven=3.6.3
Powered by	Apache Yetus 0.14.0 https://yetus.apache.org

This message was automatically generated.

[hadoop-yetus]

💔 -1 overall

Vote	Subsystem	Runtime	Logfile	Comment
+0 🆗	reexec	0m 19s		Docker mode activated.
			_ Prechecks _
+1 💚	dupname	0m 0s		No case conflicting files found.
+0 🆗	codespell	0m 0s		codespell was not available.
+0 🆗	detsecrets	0m 0s		detect-secrets was not available.
+1 💚	@author	0m 0s		The patch does not contain any @author tags.
-1 ❌	test4tests	0m 0s		The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
			_ trunk Compile Tests _
+1 💚	mvninstall	33m 21s		trunk passed
+1 💚	compile	8m 23s		trunk passed
+1 💚	mvnsite	1m 1s		trunk passed
+1 💚	shadedclient	64m 25s		branch has no errors when building and testing our client artifacts.
			_ Patch Compile Tests _
+1 💚	mvninstall	0m 31s		the patch passed
+1 💚	compile	8m 1s		the patch passed
+1 💚	cc	8m 1s		the patch passed
+1 💚	golang	8m 1s		the patch passed
+1 💚	javac	8m 1s		the patch passed
+1 💚	blanks	0m 0s		The patch has no blanks issues.
+1 💚	mvnsite	0m 55s		the patch passed
+1 💚	shadedclient	23m 39s		patch has no errors when building and testing our client artifacts.
			_ Other Tests _
+1 💚	unit	16m 35s		hadoop-common in the patch passed.
+1 💚	asflicense	0m 41s		The patch does not generate ASF License warnings.
		115m 23s

Subsystem	Report/Notes
Docker	ClientAPI=1.47 ServerAPI=1.47 base: https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/5/artifact/out/Dockerfile
GITHUB PR	#5256
Optional Tests	dupname asflicense compile cc mvnsite javac unit codespell detsecrets golang
uname	Linux cb5bc0656dda 5.15.0-124-generic #134-Ubuntu SMP Fri Sep 27 20:20:17 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	dev-support/bin/hadoop.sh
git revision	trunk / 38e3d9a
Default Java	Red Hat, Inc.-1.8.0_412-b08
Test Results	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/5/testReport/
Max. process+thread count	1275 (vs. ulimit of 5500)
modules	C: hadoop-common-project/hadoop-common U: hadoop-common-project/hadoop-common
Console output	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/5/console
versions	git=2.9.5 maven=3.6.3
Powered by	Apache Yetus 0.14.0 https://yetus.apache.org

This message was automatically generated.

[hadoop-yetus]

💔 -1 overall

Vote	Subsystem	Runtime	Logfile	Comment
+0 🆗	reexec	18m 34s		Docker mode activated.
			_ Prechecks _
+1 💚	dupname	0m 0s		No case conflicting files found.
+0 🆗	codespell	0m 0s		codespell was not available.
+0 🆗	detsecrets	0m 0s		detect-secrets was not available.
+1 💚	@author	0m 0s		The patch does not contain any @author tags.
-1 ❌	test4tests	0m 0s		The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
			_ trunk Compile Tests _
+1 💚	mvninstall	31m 47s		trunk passed
+1 💚	compile	8m 7s		trunk passed
+1 💚	mvnsite	1m 4s		trunk passed
+1 💚	shadedclient	60m 31s		branch has no errors when building and testing our client artifacts.
			_ Patch Compile Tests _
+1 💚	mvninstall	0m 31s		the patch passed
+1 💚	compile	7m 54s		the patch passed
+1 💚	cc	7m 54s		the patch passed
+1 💚	golang	7m 54s		the patch passed
+1 💚	javac	7m 54s		the patch passed
+1 💚	blanks	0m 0s		The patch has no blanks issues.
+1 💚	mvnsite	0m 56s		the patch passed
+1 💚	shadedclient	20m 28s		patch has no errors when building and testing our client artifacts.
			_ Other Tests _
+1 💚	unit	16m 17s		hadoop-common in the patch passed.
+1 💚	asflicense	0m 43s		The patch does not generate ASF License warnings.
		126m 8s

Subsystem	Report/Notes
Docker	ClientAPI=1.47 ServerAPI=1.47 base: https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/8/artifact/out/Dockerfile
GITHUB PR	#5256
Optional Tests	dupname asflicense compile cc mvnsite javac unit codespell detsecrets golang
uname	Linux 29fe39ed1fd3 5.15.0-124-generic #134-Ubuntu SMP Fri Sep 27 20:20:17 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	dev-support/bin/hadoop.sh
git revision	trunk / 5f70bdf
Default Java	Red Hat, Inc.-1.8.0_412-b08
Test Results	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/8/testReport/
Max. process+thread count	3150 (vs. ulimit of 5500)
modules	C: hadoop-common-project/hadoop-common U: hadoop-common-project/hadoop-common
Console output	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/8/console
versions	git=2.9.5 maven=3.6.3
Powered by	Apache Yetus 0.14.0 https://yetus.apache.org

This message was automatically generated.

[hadoop-yetus]

💔 -1 overall

Vote	Subsystem	Runtime	Logfile	Comment
+0 🆗	reexec	33m 46s		Docker mode activated.
			_ Prechecks _
+1 💚	dupname	0m 0s		No case conflicting files found.
+0 🆗	codespell	0m 1s		codespell was not available.
+0 🆗	detsecrets	0m 1s		detect-secrets was not available.
+1 💚	@author	0m 0s		The patch does not contain any @author tags.
-1 ❌	test4tests	0m 0s		The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
			_ trunk Compile Tests _
+1 💚	mvninstall	44m 47s		trunk passed
+1 💚	compile	19m 58s		trunk passed
+1 💚	mvnsite	1m 50s		trunk passed
+1 💚	shadedclient	101m 53s		branch has no errors when building and testing our client artifacts.
			_ Patch Compile Tests _
+1 💚	mvninstall	1m 3s		the patch passed
+1 💚	compile	19m 7s		the patch passed
+1 💚	cc	19m 7s		the patch passed
+1 💚	golang	19m 7s		the patch passed
+1 💚	javac	19m 7s		the patch passed
+1 💚	blanks	0m 0s		The patch has no blanks issues.
+1 💚	mvnsite	1m 50s		the patch passed
+1 💚	shadedclient	36m 47s		patch has no errors when building and testing our client artifacts.
			_ Other Tests _
+1 💚	unit	20m 26s		hadoop-common in the patch passed.
+1 💚	asflicense	1m 4s		The patch does not generate ASF License warnings.
		215m 55s

Subsystem	Report/Notes
Docker	ClientAPI=1.47 ServerAPI=1.47 base: https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/7/artifact/out/Dockerfile
GITHUB PR	#5256
Optional Tests	dupname asflicense compile cc mvnsite javac unit codespell detsecrets golang
uname	Linux b88062eb8573 5.15.0-124-generic #134-Ubuntu SMP Fri Sep 27 20:20:17 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	dev-support/bin/hadoop.sh
git revision	trunk / 5f70bdf
Default Java	Red Hat, Inc.-1.8.0_412-b08
Test Results	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/7/testReport/
Max. process+thread count	1288 (vs. ulimit of 5500)
modules	C: hadoop-common-project/hadoop-common U: hadoop-common-project/hadoop-common
Console output	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/7/console
versions	git=2.9.5 maven=3.6.3
Powered by	Apache Yetus 0.14.0 https://yetus.apache.org

This message was automatically generated.

[hadoop-yetus]

💔 -1 overall

Vote	Subsystem	Runtime	Logfile	Comment
+0 🆗	reexec	34m 43s		Docker mode activated.
			_ Prechecks _
+1 💚	dupname	0m 0s		No case conflicting files found.
+0 🆗	codespell	0m 0s		codespell was not available.
+0 🆗	detsecrets	0m 0s		detect-secrets was not available.
+1 💚	@author	0m 0s		The patch does not contain any @author tags.
-1 ❌	test4tests	0m 0s		The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
			_ trunk Compile Tests _
+1 💚	mvninstall	44m 41s		trunk passed
+1 💚	compile	20m 5s		trunk passed
+1 💚	mvnsite	1m 50s		trunk passed
+1 💚	shadedclient	102m 23s		branch has no errors when building and testing our client artifacts.
			_ Patch Compile Tests _
+1 💚	mvninstall	1m 1s		the patch passed
+1 💚	compile	19m 0s		the patch passed
+1 💚	cc	19m 0s		the patch passed
+1 💚	golang	19m 0s		the patch passed
+1 💚	javac	19m 0s		the patch passed
+1 💚	blanks	0m 0s		The patch has no blanks issues.
+1 💚	mvnsite	1m 45s		the patch passed
+1 💚	shadedclient	37m 17s		patch has no errors when building and testing our client artifacts.
			_ Other Tests _
+1 💚	unit	20m 28s		hadoop-common in the patch passed.
+1 💚	asflicense	1m 3s		The patch does not generate ASF License warnings.
		217m 47s

Subsystem	Report/Notes
Docker	ClientAPI=1.47 ServerAPI=1.47 base: https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/6/artifact/out/Dockerfile
GITHUB PR	#5256
Optional Tests	dupname asflicense compile cc mvnsite javac unit codespell detsecrets golang
uname	Linux 05b29640b197 5.15.0-124-generic #134-Ubuntu SMP Fri Sep 27 20:20:17 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	dev-support/bin/hadoop.sh
git revision	trunk / 5f70bdf
Default Java	Red Hat, Inc.-1.8.0_412-b08
Test Results	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/6/testReport/
Max. process+thread count	1288 (vs. ulimit of 5500)
modules	C: hadoop-common-project/hadoop-common U: hadoop-common-project/hadoop-common
Console output	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/6/console
versions	git=2.9.5 maven=3.6.3
Powered by	Apache Yetus 0.14.0 https://yetus.apache.org

This message was automatically generated.

[hadoop-yetus]

💔 -1 overall

Vote	Subsystem	Runtime	Logfile	Comment
+0 🆗	reexec	0m 20s		Docker mode activated.
			_ Prechecks _
+1 💚	dupname	0m 0s		No case conflicting files found.
+0 🆗	codespell	0m 0s		codespell was not available.
+0 🆗	detsecrets	0m 0s		detect-secrets was not available.
+1 💚	@author	0m 0s		The patch does not contain any @author tags.
-1 ❌	test4tests	0m 0s		The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
			_ trunk Compile Tests _
+1 💚	mvninstall	31m 47s		trunk passed
+1 💚	compile	8m 3s		trunk passed
+1 💚	mvnsite	1m 3s		trunk passed
+1 💚	shadedclient	60m 25s		branch has no errors when building and testing our client artifacts.
			_ Patch Compile Tests _
+1 💚	mvninstall	0m 34s		the patch passed
+1 💚	compile	7m 54s		the patch passed
+1 💚	cc	7m 54s		the patch passed
+1 💚	golang	7m 54s		the patch passed
+1 💚	javac	7m 54s		the patch passed
+1 💚	blanks	0m 0s		The patch has no blanks issues.
+1 💚	mvnsite	0m 57s		the patch passed
+1 💚	shadedclient	20m 4s		patch has no errors when building and testing our client artifacts.
			_ Other Tests _
+1 💚	unit	16m 31s		hadoop-common in the patch passed.
+1 💚	asflicense	0m 35s		The patch does not generate ASF License warnings.
		107m 29s

Subsystem	Report/Notes
Docker	ClientAPI=1.47 ServerAPI=1.47 base: https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/10/artifact/out/Dockerfile
GITHUB PR	#5256
Optional Tests	dupname asflicense compile cc mvnsite javac unit codespell detsecrets golang
uname	Linux 75e526535b59 5.15.0-124-generic #134-Ubuntu SMP Fri Sep 27 20:20:17 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	dev-support/bin/hadoop.sh
git revision	trunk / 652e8f3
Default Java	Red Hat, Inc.-1.8.0_412-b08
Test Results	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/10/testReport/
Max. process+thread count	1319 (vs. ulimit of 5500)
modules	C: hadoop-common-project/hadoop-common U: hadoop-common-project/hadoop-common
Console output	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/10/console
versions	git=2.9.5 maven=3.6.3
Powered by	Apache Yetus 0.14.0 https://yetus.apache.org

This message was automatically generated.

[hadoop-yetus]

💔 -1 overall

Vote	Subsystem	Runtime	Logfile	Comment
+0 🆗	reexec	44m 27s		Docker mode activated.
			_ Prechecks _
+1 💚	dupname	0m 0s		No case conflicting files found.
+0 🆗	codespell	0m 0s		codespell was not available.
+0 🆗	detsecrets	0m 0s		detect-secrets was not available.
+1 💚	@author	0m 0s		The patch does not contain any @author tags.
-1 ❌	test4tests	0m 0s		The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
			_ trunk Compile Tests _
+1 💚	mvninstall	49m 51s		trunk passed
+1 💚	compile	17m 48s		trunk passed
+1 💚	mvnsite	1m 51s		trunk passed
+1 💚	shadedclient	108m 58s		branch has no errors when building and testing our client artifacts.
			_ Patch Compile Tests _
+1 💚	mvninstall	0m 58s		the patch passed
+1 💚	compile	17m 10s		the patch passed
+1 💚	cc	17m 10s		the patch passed
+1 💚	golang	17m 10s		the patch passed
+1 💚	javac	17m 10s		the patch passed
+1 💚	blanks	0m 0s		The patch has no blanks issues.
+1 💚	mvnsite	1m 50s		the patch passed
+1 💚	shadedclient	41m 56s		patch has no errors when building and testing our client artifacts.
			_ Other Tests _
+1 💚	unit	19m 49s		hadoop-common in the patch passed.
+1 💚	asflicense	1m 7s		The patch does not generate ASF License warnings.
		236m 14s

Subsystem	Report/Notes
Docker	ClientAPI=1.47 ServerAPI=1.47 base: https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/9/artifact/out/Dockerfile
GITHUB PR	#5256
Optional Tests	dupname asflicense compile cc mvnsite javac unit codespell detsecrets golang
uname	Linux dea38a0571a2 5.15.0-119-generic #129-Ubuntu SMP Fri Aug 2 19:25:20 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	dev-support/bin/hadoop.sh
git revision	trunk / 5f70bdf
Default Java	Red Hat, Inc.-1.8.0_412-b08
Test Results	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/9/testReport/
Max. process+thread count	3151 (vs. ulimit of 5500)
modules	C: hadoop-common-project/hadoop-common U: hadoop-common-project/hadoop-common
Console output	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/9/console
versions	git=2.9.5 maven=3.6.3
Powered by	Apache Yetus 0.14.0 https://yetus.apache.org

This message was automatically generated.

[hadoop-yetus]

💔 -1 overall

Vote	Subsystem	Runtime	Logfile	Comment
+0 🆗	reexec	0m 19s		Docker mode activated.
			_ Prechecks _
+1 💚	dupname	0m 0s		No case conflicting files found.
+0 🆗	codespell	0m 0s		codespell was not available.
+0 🆗	detsecrets	0m 0s		detect-secrets was not available.
+1 💚	@author	0m 0s		The patch does not contain any @author tags.
-1 ❌	test4tests	0m 0s		The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
			_ trunk Compile Tests _
+1 💚	mvninstall	31m 46s		trunk passed
+1 💚	compile	8m 6s		trunk passed
+1 💚	mvnsite	1m 2s		trunk passed
+1 💚	shadedclient	60m 17s		branch has no errors when building and testing our client artifacts.
			_ Patch Compile Tests _
+1 💚	mvninstall	0m 32s		the patch passed
+1 💚	compile	7m 46s		the patch passed
+1 💚	cc	7m 46s		the patch passed
+1 💚	golang	7m 46s		the patch passed
+1 💚	javac	7m 46s		the patch passed
+1 💚	blanks	0m 0s		The patch has no blanks issues.
+1 💚	mvnsite	1m 3s		the patch passed
+1 💚	shadedclient	20m 22s		patch has no errors when building and testing our client artifacts.
			_ Other Tests _
+1 💚	unit	16m 33s		hadoop-common in the patch passed.
+1 💚	asflicense	0m 42s		The patch does not generate ASF License warnings.
		107m 38s

Subsystem	Report/Notes
Docker	ClientAPI=1.47 ServerAPI=1.47 base: https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/11/artifact/out/Dockerfile
GITHUB PR	#5256
Optional Tests	dupname asflicense compile cc mvnsite javac unit codespell detsecrets golang
uname	Linux 584fadf92ca1 5.15.0-124-generic #134-Ubuntu SMP Fri Sep 27 20:20:17 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	dev-support/bin/hadoop.sh
git revision	trunk / 4e0ac98
Default Java	Red Hat, Inc.-1.8.0_412-b08
Test Results	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/11/testReport/
Max. process+thread count	1656 (vs. ulimit of 5500)
modules	C: hadoop-common-project/hadoop-common U: hadoop-common-project/hadoop-common
Console output	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-5256/11/console
versions	git=2.9.5 maven=3.6.3
Powered by	Apache Yetus 0.14.0 https://yetus.apache.org

This message was automatically generated.

[steveloughran]

+1
Approved.

I like the table of changes and the final structure

If there are regressions we will find them; I should try a build on my pi5.

[steveloughran]

really, really nice

[steveloughran]

Merged to Hadoop trunk

@packet23 can you cherrypick for branch-3.4 and submit as a new PR, so we can have yetus do a test run of it? If it is happy I will merge (there'll be no code reviews here, just a CI test)