Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade to log4j 2.15.0 #1698

Merged
merged 1 commit into from
Dec 10, 2021
Merged

Upgrade to log4j 2.15.0 #1698

merged 1 commit into from
Dec 10, 2021

Conversation

andrross
Copy link
Member

@andrross andrross commented Dec 10, 2021
edited
Loading

This commit upgrades to log4j version 2.15.0.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@andrross andrross requested a review from a team as a code owner December 10, 2021 17:54
@opensearch-ci-bot
Copy link
Collaborator

Can one of the admins verify this patch?

@saratvemulapalli
Copy link
Member

saratvemulapalli commented Dec 10, 2021
edited
Loading

The build is failing on task :plugins:discovery-azure-classic:thirdPartyAudit at the moment. Have not determined a fix yet.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@andrross you should be able to add javax.jms.Message to https://github.com/opensearch-project/OpenSearch/blob/main/plugins/discovery-azure-classic/build.gradle#L125 and it should fix it.

I believe other plugins will also fail. The same fix should take care of it.

@andrross andrross force-pushed the log4j-2.15.0 branch 2 times, most recently from 1caf63e to 044fb86 Compare December 10, 2021 18:08
@dblock dblock added backport 1.x pending backport Identifies an issue or PR that still needs to be backported labels Dec 10, 2021
@opensearch-ci-bot
Copy link
Collaborator

❌   Gradle Check failure 8812f3cbb48fd49981b5a41e67f4909b0501c014
Log 1426

Reports 1426

@opensearch-ci-bot
Copy link
Collaborator

❌   Gradle Check failure 1caf63ec4daa6cb5536ca63c383afc6df94e3a75
Log 1427

Reports 1427

@opensearch-ci-bot
Copy link
Collaborator

❌   Gradle Check failure 044fb86cb2b85b0b551a384b42e686e2f33a84da
Log 1428

Reports 1428

@opensearch-ci-bot
Copy link
Collaborator

❌   Gradle Check failure 36979afcf0e0c03e7df45c43fd59fd75534ab52f
Log 1429

Reports 1429

@andrross
Copy link
Member Author

Test failure that succeeds on retry:

./gradlew ':server:internalClusterTest' --tests "org.opensearch.cluster.MinimumMasterNodesIT.testTwoNodesNoMasterBlock" -Dtests.seed=8C423154E3EBD680 -Dtests.security.manager=true -Dtests.jvm.argline="-XX:TieredStopAtLevel=1 -XX:ReservedCodeCacheSize=64m" -Dtests.locale=el-GR -Dtests.timezone=Asia/Aden -Druntime.java=17

Will start another gradle check

@andrross
Copy link
Member Author

start gradle check

dblock
dblock approved these changes Dec 10, 2021
View reviewed changes
Copy link
Member

@dblock dblock left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM assuming it can be green

@saratvemulapalli saratvemulapalli mentioned this pull request Dec 10, 2021
Merged
5 tasks
nknize
nknize approved these changes Dec 10, 2021
View reviewed changes
Copy link
Collaborator

@nknize nknize left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

gce build.gradle thirdPartyAudit looks correct to me. Interesting that was updated even on old 2.11 versions. If gradle check doesn't succeed it'll either be from a missing class or some unrelated PR.

@opensearch-ci-bot
Copy link
Collaborator

❌   Gradle Check failure 36979afcf0e0c03e7df45c43fd59fd75534ab52f
Log 1434

Reports 1434

@andrross
Copy link
Member Author

Another test failure that succeeds on retry:

./gradlew ':server:internalClusterTest' --tests "org.opensearch.gateway.RecoveryFromGatewayIT.testReuseInFileBasedPeerRecovery" -Dtests.seed=D48F3A89DF7F2A1F -Dtests.security.manager=true -Dtests.jvm.argline="-XX:TieredStopAtLevel=1 -XX:ReservedCodeCacheSize=64m" -Dtests.locale=zh-SG -Dtests.timezone=Africa/Asmera -Druntime.java=17

@andrross
Copy link
Member Author

start gradle check

@opensearch-ci-bot
Copy link
Collaborator

❌   Gradle Check failure 36979afcf0e0c03e7df45c43fd59fd75534ab52f
Log 1436

Reports 1436

@saratvemulapalli
Copy link
Member

@andrross could you rebase your PR.
Bwc for 1.2.1 is now ported to main
#1701

@andrross
Upgrade to logj4 2.15.0
79e49d2 
Signed-off-by: Andrew Ross <andrross@amazon.com>
@dblock dblock added the v1.2.1 label Dec 10, 2021
@opensearch-ci-bot
Copy link
Collaborator

❌   Gradle Check failure 79e49d2
Log 1437

Reports 1437

@andrross
Copy link
Member Author

Another test failure that succeeds on retry:

./gradlew ':qa:remote-clusters:integTest' --tests "org.opensearch.cluster.remote.test.RemoteClustersIT.testHAProxyModeConnectionWorks" -Dtests.seed=403F055E1F14E391 -Dtests.security.manager=true -Dtests.jvm.argline="-XX:TieredStopAtLevel=1 -XX:ReservedCodeCacheSize=64m" -Dtests.locale=ar-TN -Dtests.timezone=Africa/Conakry -Druntime.java=17

@dblock
Copy link
Member

dblock commented Dec 10, 2021

start gradle check

@nknize
Copy link
Collaborator

nknize commented Dec 10, 2021
edited
Loading

Not the first time HAProxy has failed. This is unrelated to the PR but I'm not sure it's a "flake". Wondering if this is a CI config issue. /cc @peternied @peterzhuamazon

It's tiresome chasing these red herring failures.

2> java.lang.AssertionError
        at __randomizedtesting.SeedInfo.seed([403F055E1F14E391:4749D095249295CC]:0)
        at org.junit.Assert.fail(Assert.java:86)
        at org.junit.Assert.assertTrue(Assert.java:41)
        at org.junit.Assert.assertTrue(Assert.java:52)
        at org.opensearch.cluster.remote.test.RemoteClustersIT.testHAProxyModeConnectionWorks(RemoteClustersIT.java:125)
  1> [2021-12-10T20:14:09,766][INFO ][o.o.c.r.t.RemoteClustersIT] [testProxyModeConnectionWorks] before test
  1> [2021-12-10T20:14:10,385][INFO ][o.o.c.r.t.RemoteClustersIT] [testProxyModeConnectionWorks] Configuring remote cluster [opensearch-2:9300]
  1> [2021-12-10T20:14:10,487][INFO ][o.o.c.r.t.RemoteClustersIT] [testProxyModeConnectionWorks] Connection info: org.opensearch.client.cluster.RemoteConnectionInfo@688b190
  1> [2021-12-10T20:14:10,693][INFO ][o.o.c.r.t.RemoteClustersIT] [testProxyModeConnectionWorks] after test
  1> [2021-12-10T20:14:10,737][INFO ][o.o.c.r.t.RemoteClustersIT] [testSniffModeConnectionFails] before test
  1> [2021-12-10T20:14:11,294][INFO ][o.o.c.r.t.RemoteClustersIT] [testSniffModeConnectionFails] Configuring remote cluster [opensearch-2:9300]
  1> [2021-12-10T20:14:11,363][INFO ][o.o.c.r.t.RemoteClustersIT] [testSniffModeConnectionFails] Connection info: org.opensearch.client.cluster.RemoteConnectionInfo@5aef8603
  1> [2021-12-10T20:14:11,500][INFO ][o.o.c.r.t.RemoteClustersIT] [testSniffModeConnectionFails] after test
  2> NOTE: leaving temporary files on disk at: /var/CITOOL/workflow/OpenSearch_CI/PR_Checks/Gradle_Check/search/qa/remote-clusters/build/testrun/integTest/temp/org.opensearch.cluster.remote.test.RemoteClustersIT_403F055E1F14E391-001
  2> NOTE: test params are: codec=Lucene87, sim=Asserting(RandomSimilarity(queryNorm=false): {}), locale=ar-TN, timezone=Africa/Conakry
  2> NOTE: Linux 5.4.0-1045-aws amd64/Eclipse Adoptium 17.0.1 (64-bit)/cpus=72,threads=1,free=451487832,total=536870912
  2> NOTE: All tests run in this JVM: [RemoteClustersIT]

Capturing here for posterity (will open and move to separate issue):

        RemoteConnectionInfo rci = cluster1Client().cluster().remoteInfo(new RemoteInfoRequest(), RequestOptions.DEFAULT).getInfos().get(0);
        logger.info("Connection info: {}", rci);
        assertTrue(rci.isConnected());

RemoteConnectionInfo logging is useless. (todo: add toString support for logging)

@nknize
Copy link
Collaborator

nknize commented Dec 10, 2021

(will open and move to separate issue

@peternied
Copy link
Member

Not the first time HAProxy has failed. This is unrelated to the PR but I'm not sure it's a "flake". Wondering if this is a CI config issue. /cc @peternied @peterzhuamazon

It's tiresome chasing these red herring failures.

Just checked in, I don't see any blips in the system. Looking forward to the day when everyone can see it on demand.

@nknize nknize mentioned this pull request Dec 10, 2021
Closed
@nknize nknize changed the title Upgrade to logj4 2.15.0 Upgrade to log4j 2.15.0 Dec 10, 2021
@opensearch-ci-bot
Copy link
Collaborator

✅   Gradle Check success 79e49d2
Log 1439

Reports 1439

@CEHENKLE CEHENKLE merged commit 309649c into opensearch-project:main Dec 10, 2021
@jkowall jkowall mentioned this pull request Dec 10, 2021
Closed
@andrross andrross deleted the log4j-2.15.0 branch December 21, 2021 18:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@saratvemulapalli saratvemulapalli saratvemulapalli approved these changes

@nknize nknize nknize approved these changes

@dblock dblock dblock approved these changes

Assignees
No one assigned
Labels
backport 1.x CVE Fixes a CVE pending backport Identifies an issue or PR that still needs to be backported Severity-Critical v1.2.1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@andrross @opensearch-ci-bot @saratvemulapalli @dblock @nknize @peternied @CEHENKLE