Upgrade forbiddenapis to 3.5.1

[uschindler]

Description

The new version was released a minute ago: https://github.com/policeman-tools/forbidden-apis/wiki/Changes#version-35-released-2023-03-27

Summary of relevant changes for Opensearch:

• Faster startup time as Gradle plugin initialization was compiled statically and is part of JAR file
• Support for Java 20 signatures and bytecode of Java 21

[uschindler]

No idea why the checks failed. Please merge if you like, it is up to you. I won't add any more fixes to the PR.

This PR is of informational "theres something to upgrade after new release" purpose only. Do whatever you think is right. Thanks.

[github-actions]

Gradle Check (Jenkins) Run Completed with:

• RESULT: FAILURE ❌
• URL: https://build.ci.opensearch.org/job/gradle-check/12947/
• CommitID: 767ea05
  Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green.
  Is the failure a flaky test unrelated to your change?

[reta]

No idea why the checks failed. Please merge if you like, it is up to you. I won't add any more fixes to the PR.

@uschindler most of the Gradle tasks are failing with

> Third party audit task is not configured correctly

I am wondering have you run the precommit check locally (./gradlew precommit, just to understand if this is CI issue or plugin configuration indeed)? thank you

[uschindler]

I only tried:

$ gradlew forbiddenApis

Passed.

I did not try precommit but it fails for whatever reason. I assume it is because of the new version changes some logging messages and the CLI parser falls on this. I have no time to look into this, as this third party audit task is some hack by @rmuir.

[uschindler]

At moment Github is completely down, no merging of PRs works not adding comments. See Twitter...

[uschindler]

This is caused by thirdPartyAudit: "Unnecessary exclusions, following classes are not missing"

This no longer works that way as the forbiddenapis checker has toned down warning messages, so the check may need to be disabled. I have no idea where it can be found...

[reta]

This is caused by thirdPartyAudit: "Unnecessary exclusions, following classes are not missing"

Thanks @uschindler

[reta]

This is caused by thirdPartyAudit: "Unnecessary exclusions, following classes are not missing"

Thanks @uschindler

[uschindler]

I think you cant do it like that anymore. The thirdPartyAuditChecker relies on regular expressions to find some missing classes. This does not work anymore, sorry.

Maybe scan those thirs party audits with the old CLI version. I do not even understand what the code is doing... @rmuir ?

[uschindler]

This is caused by this change: policeman-tools/forbidden-apis#210

There's no workaround as all class names missing are no longer listed, so maybe the code is too strict, but I have no idea how to fix it - because I don't know why it complains at all.

[github-actions]

Gradle Check (Jenkins) Run Completed with:

• RESULT: FAILURE ❌
• URL: https://build.ci.opensearch.org/job/gradle-check/12949/
• CommitID: 48041e5
  Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green.
  Is the failure a flaky test unrelated to your change?

[reta]

@uschindler mind if I move this one under #6792 umbrella? will work on it as part of JDK-20 support story ... ty!

[uschindler]

Ok. I the meantime I understood what the code wants to do.
The new version of forbiddenapus can't be used as is. I will release a new "Bugfix / minor" update that restores the detailed "class missing" messages if you run with debug logging: policeman-tools/forbidden-apis#226 (this issue also refers to the detailed analysis of the jar hell checker).

[reta]

Ok. I the meantime I understood what the code wants to do.

This is great, thank you!

[uschindler]

Hi,
version 3.5.1 was released to work around your problem. Basically adding the --debug option to the CLI script and adapting the regular expression a bit should be enough to restore previous behaviour.

https://github.com/policeman-tools/forbidden-apis/wiki/Changes#version-351-released-2023-03-30

[reta]

Hi, version 3.5.1 was released to work around your problem. Basically adding the --debug option to the CLI script and adapting the regular expression a bit should be enough to restore previous behaviour.

https://github.com/policeman-tools/forbidden-apis/wiki/Changes#version-351-released-2023-03-30

@uschindler do you intend to make the change in this pull request or I could accommodate the update in Gradle 8.1 migration pull request? thank you!

[uschindler]

Hi, version 3.5.1 was released to work around your problem. Basically adding the --debug option to the CLI script and adapting the regular expression a bit should be enough to restore previous behaviour.
https://github.com/policeman-tools/forbidden-apis/wiki/Changes#version-351-released-2023-03-30

@uschindler do you intend to make the change in this pull request or I could accommodate the update in Gradle 8.1 migration pull request? thank you!

running tests....

Will soon update.

[uschindler]

I pushed my changes. I also removed the dependency in the testKit. I have no idea how to test this... ../gradlew integTest in the buildSrc directory does not execute this test setup.

It would be good to verify if this works as expected.

[github-actions]

Gradle Check (Jenkins) Run Completed with:

• RESULT: UNSTABLE ❕
• TEST FAILURES:

      1 org.opensearch.search.SearchWeightedRoutingIT.testSearchAggregationWithNetworkDisruption_FailOpenEnabled
      1 org.opensearch.cluster.allocation.AwarenessAllocationIT.testThreeZoneOneReplicaWithForceZoneValueAndLoadAwareness
      1 org.opensearch.backwards.MixedClusterClientYamlTestSuiteIT.test {p0=indices.shrink/30_copy_settings/Copy settings during shrink index}

• URL: https://build.ci.opensearch.org/job/gradle-check/13104/
• CommitID: b7dbef2
  Please review all flaky tests that succeeded after retry and create an issue if one does not already exist to track the flaky failure.

[reta]

@uschindler could you please rebase against latest main, the flaky tests should be gone, thank you

[github-actions]

Gradle Check (Jenkins) Run Completed with:

• RESULT: SUCCESS ✅
• URL: https://build.ci.opensearch.org/job/gradle-check/13106/
• CommitID: 772e9b8

[opensearch-trigger-bot]

The backport to 2.x failed:

The process '/usr/bin/git' failed with exit code 128

To backport manually, run these commands in your terminal:

# Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add ../.worktrees/backport-2.x 2.x
# Navigate to the new working tree
pushd ../.worktrees/backport-2.x
# Create a new branch
git switch --create backport/backport-6840-to-2.x
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 37b37c5b518c5bdb2dfdc5250117cfd39394edeb
# Push it to GitHub
git push --set-upstream origin backport/backport-6840-to-2.x
# Go back to the original working tree
popd
# Delete the working tree
git worktree remove ../.worktrees/backport-2.x

Then, create a pull request where the base branch is 2.x and the compare/head branch is backport/backport-6840-to-2.x.