Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

JDK 21 Support #2287

Open
chamilaadhi opened this issue Nov 27, 2023 · 17 comments
Open

JDK 21 Support #2287

chamilaadhi opened this issue Nov 27, 2023 · 17 comments

Comments

@chamilaadhi
Copy link
Contributor

chamilaadhi commented Nov 27, 2023

Problem

Support APIM 4.3 to run on JDK 21

@chamilaadhi
Copy link
Contributor Author

Following error is logged when starting the server with JDK21. But the pack starts without any other error
[ERROR] CARBON is supported only between JDK 11 and JDK 17

It gets resolved with wso2/product-apim#13298

Currently running product integration tests with jdk21

@chamilaadhi
Copy link
Contributor Author

Building the product-apim repo fails at the p2-generation step due to following JDK related issue. But we could run the integration tests only using the pack created from JDK11.

  [INFO] Extracting feature org.wso2.carbon.identity.framework:org.wso2.carbon.identity.workflow.mgt.server.feature
  [INFO] Extracting feature org.wso2.carbon.identity.framework:org.wso2.carbon.identity.user.store.configuration.server.feature
  [INFO] Copying resources
  [INFO]    /Users/chamila/WSO2/repository/apim/product-apim/modules/p2-profile/product/target/maven-shared-archive-resources
  [INFO] Running Equinox P2 Publisher Application for Repository Generation
  [INFO] Command line:
      [/Library/Java/JavaVirtualMachines/temurin-21.jdk/Contents/Home/bin/java, -jar, /Users/chamila/.m2/repository/org/eclipse/tycho/tycho-bundles-external/0.25.0/eclipse/plugins/org.eclipse.equinox.launcher_1.3.200.v20151021-1308.jar, -configuration, /var/folders/xk/61rzvhgd543241p4l_8158t00000gn/T/tycho-p2-runtime11133243008529385185.tmp/configuration, -nosplash, -application, org.eclipse.equinox.p2.publisher.FeaturesAndBundlesPublisher, -source, /Users/chamila/WSO2/repository/apim/product-apim/modules/p2-profile/product/target/tmp.1701228271464/featureExtract, -metadataRepository, file:/Users/chamila/WSO2/repository/apim/product-apim/modules/p2-profile/product/target/p2-repo, -metadataRepositoryName, am-p2-profile, -artifactRepository, file:/Users/chamila/WSO2/repository/apim/product-apim/modules/p2-profile/product/target/p2-repo, -artifactRepositoryName, am-p2-profile, -publishArtifacts, -publishArtifactRepository, -compress, -append]
  java.lang.ExceptionInInitializerError
      at org.eclipse.osgi.storage.Storage.<init>(Storage.java:100)
      at org.eclipse.osgi.storage.Storage.createStorage(Storage.java:87)
      at org.eclipse.osgi.internal.framework.EquinoxContainer.<init>(EquinoxContainer.java:66)
      at org.eclipse.osgi.launch.Equinox.<init>(Equinox.java:31)
      at org.eclipse.core.runtime.adaptor.EclipseStarter.startup(EclipseStarter.java:303)
      at org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:239)
      at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
      at java.base/java.lang.reflect.Method.invoke(Method.java:580)
      at org.eclipse.equinox.launcher.Main.invokeFramework(Main.java:670)
      at org.eclipse.equinox.launcher.Main.basicRun(Main.java:609)
      at org.eclipse.equinox.launcher.Main.run(Main.java:1516)
      at org.eclipse.equinox.launcher.Main.main(Main.java:1489)
  An error has occurred. See the log file
  null.
  Caused by: java.lang.reflect.InaccessibleObjectException: Unable to make protected void java.net.URLClassLoader.addURL(java.net.URL) accessible: module java.base does not "opens java.net" to unnamed module @16aa0a0a
      at java.base/java.lang.reflect.AccessibleObject.throwInaccessibleObjectException(AccessibleObject.java:391)
      at java.base/java.lang.reflect.AccessibleObject.checkCanSetAccessible(AccessibleObject.java:367)
      at java.base/java.lang.reflect.AccessibleObject.checkCanSetAccessible(AccessibleObject.java:315)
      at java.base/java.lang.reflect.Method.checkCanSetAccessible(Method.java:203)
      at java.base/java.lang.reflect.Method.setAccessible(Method.java:197)
      at org.eclipse.osgi.storage.FrameworkExtensionInstaller.findMethod(FrameworkExtensionInstaller.java:51)
      at org.eclipse.osgi.storage.FrameworkExtensionInstaller.findMethod(FrameworkExtensionInstaller.java:58)
      at org.eclipse.osgi.storage.FrameworkExtensionInstaller.findAddURLMethod(FrameworkExtensionInstaller.java:42)
      at org.eclipse.osgi.storage.FrameworkExtensionInstaller.<clinit>(FrameworkExtensionInstaller.java:36)
      ... 12 more
  [ERROR] P2 publisher return code was 13
  org.apache.maven.plugin.MojoFailureException: P2 publisher return code was 13
      at org.wso2.maven.p2.RepositoryGenMojo.generateRepository (RepositoryGenMojo.java:255)
      at org.wso2.maven.p2.RepositoryGenMojo.createRepo (RepositoryGenMojo.java:204)
      at org.wso2.maven.p2.RepositoryGenMojo.execute (RepositoryGenMojo.java:191)
      at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo (DefaultBuildPluginManager.java:134)
      at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:208)
      at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:154)
      at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:146)
      at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject (LifecycleModuleBuilder.java:117)
      at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject (LifecycleModuleBuilder.java:81)
      at org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build (SingleThreadedBuilder.java:51)
      at org.apache.maven.lifecycle.internal.LifecycleStarter.execute (LifecycleStarter.java:128)
      at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:309)
      at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:194)
      at org.apache.maven.DefaultMaven.execute (DefaultMaven.java:107)
      at org.apache.maven.cli.MavenCli.execute (MavenCli.java:955)
      at org.apache.maven.cli.MavenCli.doMain (MavenCli.java:290)
      at org.apache.maven.cli.MavenCli.main (MavenCli.java:194)
      at jdk.internal.reflect.DirectMethodHandleAccessor.invoke (DirectMethodHandleAccessor.java:103)
      at java.lang.reflect.Method.invoke (Method.java:580)
      at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced (Launcher.java:289)
      at org.codehaus.plexus.classworlds.launcher.Launcher.launch (Launcher.java:229)
      at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode (Launcher.java:415)
      at org.codehaus.plexus.classworlds.launcher.Launcher.main (Launcher.java:356)

Currently running product integration tests with jdk21

@chamilaadhi
Copy link
Contributor Author

Ran the integration on the pack. One test case failed. But this testcase is already failing in the master branch.

Screenshot 2023-11-29 at 8 48 57 AM

@chamilaadhi
Copy link
Contributor Author

Worked on builiding product-apim using JDK21. p2-repo-generation is failing due to JDK compatibility issue in carbon-p2-plugin. Tried updating tycho from 0.25 to 4.0.4.

But version bump is failing due to P2ApplicationLauncher in carbon-p2-plugins[1] removed in tycho 3.x onwards. Tried replacing it with FeaturesAndBundlesPublisherApplication but it is causing following issue when running the product-apim repo p2 generation

    [ERROR] Failed to execute goal org.wso2.maven:carbon-p2-plugin:5.2.45:p2-repo-gen (2-p2-repo-generation) on project am-p2-profile: Execution 2-p2-repo-generation of goal org.wso2.maven:carbon-p2-plugin:5.2.45:p2-repo-gen failed: A required class was missing while executing org.wso2.maven:carbon-p2-plugin:5.2.45:p2-repo-gen: org/eclipse/equinox/p2/publisher/eclipse/FeaturesAndBundlesPublisherApplication
    [ERROR] -----------------------------------------------------
    [ERROR] realm =    plugin>org.wso2.maven:carbon-p2-plugin:5.2.45
    [ERROR] strategy = org.codehaus.plexus.classworlds.strategy.SelfFirstStrategy
    [ERROR] urls[0] = file:/Users/chamila/.m2/repository/org/wso2/maven/carbon-p2-plugin/5.2.45/carbon-p2-plugin-5.2.45.jar
    [ERROR] urls[1] = file:/Users/chamila/.m2/repository/org/sonatype/sisu/sisu-inject-bean/1.4.2/sisu-inject-bean-1.4.2.jar
    [ERROR] urls[2] = file:/Users/chamila/.m2/repository/org/sonatype/sisu/sisu-guice/2.1.7/sisu-guice-2.1.7-noaop.jar
    [ERROR] urls[3] = file:/Users/chamila/.m2/repository/org/sonatype/aether/aether-util/1.7/aether-util-1.7.jar
    [ERROR] urls[4] = file:/Users/chamila/.m2/repository/org/codehaus/plexus/plexus-interpolation/1.14/plexus-interpolation-1.14.jar
    [ERROR] urls[5] = file:/Users/chamila/.m2/repository/org/codehaus/plexus/plexus-utils/2.0.4/plexus-utils-2.0.4.jar
    [ERROR] urls[6] = file:/Users/chamila/.m2/repository/org/codehaus/plexus/plexus-component-annotations/1.5.5/plexus-component-annotations-1.5.5.jar
    [ERROR] urls[7] = file:/Users/chamila/.m2/repository/org/sonatype/plexus/plexus-sec-dispatcher/1.3/plexus-sec-dispatcher-1.3.jar
    [ERROR] urls[8] = file:/Users/chamila/.m2/repository/org/sonatype/plexus/plexus-cipher/1.4/plexus-cipher-1.4.jar
    [ERROR] urls[9] = file:/Users/chamila/.m2/repository/org/eclipse/tycho/sisu-equinox-embedder/0.25.0/sisu-equinox-embedder-0.25.0.jar
    [ERROR] urls[10] = file:/Users/chamila/.m2/repository/org/eclipse/tycho/org.eclipse.osgi/3.10.101.v20150820-1432/org.eclipse.osgi-3.10.101.v20150820-1432.jar
    [ERROR] urls[11] = file:/Users/chamila/.m2/repository/org/eclipse/tycho/sisu-equinox-api/0.25.0/sisu-equinox-api-0.25.0.jar
    [ERROR] urls[12] = file:/Users/chamila/.m2/repository/org/eclipse/tycho/sisu-equinox-launching/0.25.0/sisu-equinox-launching-0.25.0.jar
    [ERROR] urls[13] = file:/Users/chamila/.m2/repository/org/eclipse/tycho/tycho-core/0.25.0/tycho-core-0.25.0.jar
    [ERROR] urls[14] = file:/Users/chamila/.m2/repository/org/codehaus/plexus/plexus-archiver/2.9.1/plexus-archiver-2.9.1.jar
    [ERROR] urls[15] = file:/Users/chamila/.m2/repository/org/codehaus/plexus/plexus-io/2.4.1/plexus-io-2.4.1.jar
    [ERROR] urls[16] = file:/Users/chamila/.m2/repository/commons-io/commons-io/2.4/commons-io-2.4.jar
    [ERROR] urls[17] = file:/Users/chamila/.m2/repository/org/apache/commons/commons-compress/1.9/commons-compress-1.9.jar
    [ERROR] urls[18] = file:/Users/chamila/.m2/repository/org/eclipse/tycho/org.eclipse.osgi.compatibility.state/1.0.100.v20150402-1551/org.eclipse.osgi.compatibility.state-1.0.100.v20150402-1551.jar
    [ERROR] urls[19] = file:/Users/chamila/.m2/repository/org/eclipse/tycho/tycho-metadata-model/0.25.0/tycho-metadata-model-0.25.0.jar
    [ERROR] urls[20] = file:/Users/chamila/.m2/repository/de/pdark/decentxml/1.3/decentxml-1.3.jar
    [ERROR] urls[21] = file:/Users/chamila/.m2/repository/org/eclipse/tycho/tycho-embedder-api/0.25.0/tycho-embedder-api-0.25.0.jar
    [ERROR] urls[22] = file:/Users/chamila/.m2/repository/org/eclipse/tycho/org.eclipse.tycho.embedder.shared/0.25.0/org.eclipse.tycho.embedder.shared-0.25.0.jar
    [ERROR] urls[23] = file:/Users/chamila/.m2/repository/org/eclipse/tycho/org.eclipse.tycho.core.shared/0.25.0/org.eclipse.tycho.core.shared-0.25.0.jar
    [ERROR] urls[24] = file:/Users/chamila/.m2/repository/org/apache/commons/commons-exec/1.2/commons-exec-1.2.jar
    [ERROR] urls[25] = file:/Users/chamila/.m2/repository/org/eclipse/tycho/tycho-p2-facade/3.0.5/tycho-p2-facade-3.0.5.jar
    [ERROR] urls[26] = file:/Users/chamila/.m2/repository/org/eclipse/tycho/org.eclipse.tycho.p2.resolver.shared/3.0.5/org.eclipse.tycho.p2.resolver.shared-3.0.5.jar
    [ERROR] urls[27] = file:/Users/chamila/.m2/repository/org/eclipse/tycho/org.eclipse.tycho.p2.tools.shared/3.0.5/org.eclipse.tycho.p2.tools.shared-3.0.5.jar
    [ERROR] urls[28] = file:/Users/chamila/.m2/repository/backport-util-concurrent/backport-util-concurrent/3.1/backport-util-concurrent-3.1.jar
    [ERROR] urls[29] = file:/Users/chamila/.m2/repository/junit/junit/3.8.1/junit-3.8.1.jar
    [ERROR] Number of foreign imports: 1
    [ERROR] import: Entry[import  from realm ClassRealm[maven.api, parent: null]]
    [ERROR] 
    [ERROR] -----------------------------------------------------

[1] https://github.com/wso2/maven-tools/blob/v5.2.42/carbon-p2-plugin/src/main/java/org/wso2/maven/p2/RepositoryGenMojo.java#L244

@chamilaadhi
Copy link
Contributor Author

chamilaadhi commented Dec 6, 2023

Started carbon-apimgt builidng work. build failed due spotbug version compatibility. Updated the spotbug spotbugs-maven-plugin to 4.8.2.0. This cases spotbug errors in the codebase. Temporary disable spotbug and tests mvn clean install -Dspotbugs.skip=true -Dmaven.test.skip=true to check other issues.

@chamilaadhi
Copy link
Contributor Author

Webapp creation failing due to maven-war-plugin version compatibility issue with the jdk. update from 2.2 to 3.2.3

  [INFO] ------------------------------------------------------------------------
  [ERROR] Failed to execute goal org.apache.maven.plugins:maven-war-plugin:2.2:war (default-war) on project org.wso2.carbon.apimgt.rest.api.store.v1: Execution default-war of goal org.apache.maven.plugins:maven-war-plugin:2.2:war failed: Unable to load the mojo 'war' in the plugin 'org.apache.maven.plugins:maven-war-plugin:2.2' due to an API incompatibility: org.codehaus.plexus.component.repository.exception.ComponentLookupException: Cannot access defaults field of Properties
  [ERROR] -----------------------------------------------------
  [ERROR] realm =    plugin>org.apache.maven.plugins:maven-war-plugin:2.2
  [ERROR] strategy = org.codehaus.plexus.classworlds.strategy.SelfFirstStrategy
  [ERROR] urls[0] = file:/Users/chamila/.m2/repository/org/apache/maven/plugins/maven-war-plugin/2.2/maven-war-plugin-2.2.jar
  [ERROR] urls[1] = file:/Users/chamila/.m2/repository/org/apache/maven/reporting/maven-reporting-api/2.0.6/maven-reporting-api-2.0.6.jar
  [ERROR] urls[2] = file:/Users/chamila/.m2/repository/org/apache/maven/doxia/doxia-sink-api/1.0-alpha-7/doxia-sink-api-1.0-alpha-7.jar
  [ERROR] urls[3] = file:/Users/chamila/.m2/repository/commons-cli/commons-cli/1.0/commons-cli-1.0.jar
  [ERROR] urls[4] = file:/Users/chamila/.m2/repository/org/codehaus/plexus/plexus-interactivity-api/1.0-alpha-4/plexus-interactivity-api-1.0-alpha-4.jar
  [ERROR] urls[5] = file:/Users/chamila/.m2/repository/org/apache/maven/maven-archiver/2.5/maven-archiver-2.5.jar
  [ERROR] urls[6] = file:/Users/chamila/.m2/repository/org/codehaus/plexus/plexus-io/2.0.2/plexus-io-2.0.2.jar
  [ERROR] urls[7] = file:/Users/chamila/.m2/repository/org/codehaus/plexus/plexus-archiver/2.1/plexus-archiver-2.1.jar
  [ERROR] urls[8] = file:/Users/chamila/.m2/repository/org/codehaus/plexus/plexus-interpolation/1.15/plexus-interpolation-1.15.jar
  [ERROR] urls[9] = file:/Users/chamila/.m2/repository/junit/junit/3.8.1/junit-3.8.1.jar
  [ERROR] urls[10] = file:/Users/chamila/.m2/repository/com/thoughtworks/xstream/xstream/1.3.1/xstream-1.3.1.jar
  [ERROR] urls[11] = file:/Users/chamila/.m2/repository/xpp3/xpp3_min/1.1.4c/xpp3_min-1.1.4c.jar
  [ERROR] urls[12] = file:/Users/chamila/.m2/repository/org/codehaus/plexus/plexus-utils/3.0/plexus-utils-3.0.jar
  [ERROR] urls[13] = file:/Users/chamila/.m2/repository/org/apache/maven/shared/maven-filtering/1.0-beta-2/maven-filtering-1.0-beta-2.jar
  [ERROR] Number of foreign imports: 1
  [ERROR] import: Entry[import  from realm ClassRealm[project>org.wso2.carbon.apimgt:carbon-apimgt:9.28.194-SNAPSHOT, parent: ClassRealm[maven.api, parent: null]]]
  [ERROR] 
  [ERROR] -----------------------------------------------------
  [ERROR] 
  [ERROR] -> [Help 1]

@chamilaadhi
Copy link
Contributor Author

Update maven-war-plugin wso2/carbon-apimgt#12194

@chamilaadhi
Copy link
Contributor Author

Worked on getting unit tests running with jdk17/ jdk21.
wso2/carbon-apimgt#12198

@chamilaadhi
Copy link
Contributor Author

Started working on upgrading spotbug. Upgrade to 4.8.2.0 gives following errors in the org.wso2.carbon.apimgt.common.gateway

  [INFO] --- spotbugs-maven-plugin:4.8.2.0:check (analyze-compile) @ org.wso2.carbon.apimgt.common.gateway ---
  [INFO] BugInstance size is 41
  [INFO] Error size is 0
  [INFO] Total bugs: 41
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.ExtensionResponseDTO.getCustomProperty() may expose internal representation by returning ExtensionResponseDTO.customProperty [org.wso2.carbon.apimgt.common.gateway.dto.ExtensionResponseDTO] At ExtensionResponseDTO.java:[line 81] EI_EXPOSE_REP
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.ExtensionResponseDTO.getHeaders() may expose internal representation by returning ExtensionResponseDTO.headers [org.wso2.carbon.apimgt.common.gateway.dto.ExtensionResponseDTO] At ExtensionResponseDTO.java:[line 61] EI_EXPOSE_REP
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.ExtensionResponseDTO.setCustomProperty(Map) may expose internal representation by storing an externally mutable object into ExtensionResponseDTO.customProperty [org.wso2.carbon.apimgt.common.gateway.dto.ExtensionResponseDTO] At ExtensionResponseDTO.java:[line 86] EI_EXPOSE_REP2
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.ExtensionResponseDTO.setHeaders(Map) may expose internal representation by storing an externally mutable object into ExtensionResponseDTO.headers [org.wso2.carbon.apimgt.common.gateway.dto.ExtensionResponseDTO] At ExtensionResponseDTO.java:[line 66] EI_EXPOSE_REP2
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.JWTConfigurationDto.getJWTExcludedClaims() may expose internal representation by returning JWTConfigurationDto.jwtExcludedClaims [org.wso2.carbon.apimgt.common.gateway.dto.JWTConfigurationDto] At JWTConfigurationDto.java:[line 137] EI_EXPOSE_REP
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.JWTConfigurationDto.getPublicCert() may expose internal representation by returning JWTConfigurationDto.publicCert [org.wso2.carbon.apimgt.common.gateway.dto.JWTConfigurationDto] At JWTConfigurationDto.java:[line 165] EI_EXPOSE_REP
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.JWTConfigurationDto.getTokenIssuerDtoMap() may expose internal representation by returning JWTConfigurationDto.tokenIssuerDtoMap [org.wso2.carbon.apimgt.common.gateway.dto.JWTConfigurationDto] At JWTConfigurationDto.java:[line 126] EI_EXPOSE_REP
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.JWTConfigurationDto.setJwtExcludedClaims(Set) may expose internal representation by storing an externally mutable object into JWTConfigurationDto.jwtExcludedClaims [org.wso2.carbon.apimgt.common.gateway.dto.JWTConfigurationDto] At JWTConfigurationDto.java:[line 142] EI_EXPOSE_REP2
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.JWTConfigurationDto.setPublicCert(Certificate) may expose internal representation by storing an externally mutable object into JWTConfigurationDto.publicCert [org.wso2.carbon.apimgt.common.gateway.dto.JWTConfigurationDto] At JWTConfigurationDto.java:[line 170] EI_EXPOSE_REP2
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.JWTConfigurationDto.setTokenIssuerDtoMap(Map) may expose internal representation by storing an externally mutable object into JWTConfigurationDto.tokenIssuerDtoMap [org.wso2.carbon.apimgt.common.gateway.dto.JWTConfigurationDto] At JWTConfigurationDto.java:[line 132] EI_EXPOSE_REP2
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.JWTInfoDto.getAppAttributes() may expose internal representation by returning JWTInfoDto.appAttributes [org.wso2.carbon.apimgt.common.gateway.dto.JWTInfoDto] At JWTInfoDto.java:[line 214] EI_EXPOSE_REP
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.JWTInfoDto.getJwtValidationInfo() may expose internal representation by returning JWTInfoDto.jwtValidationInfo [org.wso2.carbon.apimgt.common.gateway.dto.JWTInfoDto] At JWTInfoDto.java:[line 184] EI_EXPOSE_REP
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.JWTInfoDto.setAppAttributes(Map) may expose internal representation by storing an externally mutable object into JWTInfoDto.appAttributes [org.wso2.carbon.apimgt.common.gateway.dto.JWTInfoDto] At JWTInfoDto.java:[line 219] EI_EXPOSE_REP2
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.JWTInfoDto.setJwtValidationInfo(JWTValidationInfo) may expose internal representation by storing an externally mutable object into JWTInfoDto.jwtValidationInfo [org.wso2.carbon.apimgt.common.gateway.dto.JWTInfoDto] At JWTInfoDto.java:[line 189] EI_EXPOSE_REP2
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.JWTValidationInfo.getClaims() may expose internal representation by returning JWTValidationInfo.claims [org.wso2.carbon.apimgt.common.gateway.dto.JWTValidationInfo] At JWTValidationInfo.java:[line 139] EI_EXPOSE_REP
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.JWTValidationInfo.getScopes() may expose internal representation by returning JWTValidationInfo.scopes [org.wso2.carbon.apimgt.common.gateway.dto.JWTValidationInfo] At JWTValidationInfo.java:[line 129] EI_EXPOSE_REP
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.JWTValidationInfo.setClaims(Map) may expose internal representation by storing an externally mutable object into JWTValidationInfo.claims [org.wso2.carbon.apimgt.common.gateway.dto.JWTValidationInfo] At JWTValidationInfo.java:[line 144] EI_EXPOSE_REP2
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.JWTValidationInfo.setScopes(List) may expose internal representation by storing an externally mutable object into JWTValidationInfo.scopes [org.wso2.carbon.apimgt.common.gateway.dto.JWTValidationInfo] At JWTValidationInfo.java:[line 134] EI_EXPOSE_REP2
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.MsgInfoDTO.getHeaders() may expose internal representation by returning MsgInfoDTO.headers [org.wso2.carbon.apimgt.common.gateway.dto.MsgInfoDTO] At MsgInfoDTO.java:[line 53] EI_EXPOSE_REP
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.MsgInfoDTO.setHeaders(Map) may expose internal representation by storing an externally mutable object into MsgInfoDTO.headers [org.wso2.carbon.apimgt.common.gateway.dto.MsgInfoDTO] At MsgInfoDTO.java:[line 58] EI_EXPOSE_REP2
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.QueryAnalyzerResponseDTO.getErrorList() may expose internal representation by returning QueryAnalyzerResponseDTO.errorList [org.wso2.carbon.apimgt.common.gateway.dto.QueryAnalyzerResponseDTO] At QueryAnalyzerResponseDTO.java:[line 41] EI_EXPOSE_REP
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.RequestContextDTO.getApiRequestInfo() may expose internal representation by returning RequestContextDTO.apiRequestInfo [org.wso2.carbon.apimgt.common.gateway.dto.RequestContextDTO] At RequestContextDTO.java:[line 60] EI_EXPOSE_REP
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.RequestContextDTO.getCustomProperty() may expose internal representation by returning RequestContextDTO.customProperty [org.wso2.carbon.apimgt.common.gateway.dto.RequestContextDTO] At RequestContextDTO.java:[line 106] EI_EXPOSE_REP
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.RequestContextDTO.getMsgInfo() may expose internal representation by returning RequestContextDTO.msgInfo [org.wso2.carbon.apimgt.common.gateway.dto.RequestContextDTO] At RequestContextDTO.java:[line 50] EI_EXPOSE_REP
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.RequestContextDTO.setApiRequestInfo(APIRequestInfoDTO) may expose internal representation by storing an externally mutable object into RequestContextDTO.apiRequestInfo [org.wso2.carbon.apimgt.common.gateway.dto.RequestContextDTO] At RequestContextDTO.java:[line 65] EI_EXPOSE_REP2
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.RequestContextDTO.setCustomProperty(Map) may expose internal representation by storing an externally mutable object into RequestContextDTO.customProperty [org.wso2.carbon.apimgt.common.gateway.dto.RequestContextDTO] At RequestContextDTO.java:[line 111] EI_EXPOSE_REP2
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.RequestContextDTO.setMsgInfo(MsgInfoDTO) may expose internal representation by storing an externally mutable object into RequestContextDTO.msgInfo [org.wso2.carbon.apimgt.common.gateway.dto.RequestContextDTO] At RequestContextDTO.java:[line 55] EI_EXPOSE_REP2
  [ERROR] Low: RequestContextDTO.clientCerts not initialized in constructor and dereferenced in org.wso2.carbon.apimgt.common.gateway.dto.RequestContextDTO.getClientCerts() [org.wso2.carbon.apimgt.common.gateway.dto.RequestContextDTO] At RequestContextDTO.java:[line 70] UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.ResponseContextDTO.getApiRequestInfo() may expose internal representation by returning ResponseContextDTO.apiRequestInfo [org.wso2.carbon.apimgt.common.gateway.dto.ResponseContextDTO] At ResponseContextDTO.java:[line 34] EI_EXPOSE_REP
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.ResponseContextDTO.getMsgInfo() may expose internal representation by returning ResponseContextDTO.msgInfo [org.wso2.carbon.apimgt.common.gateway.dto.ResponseContextDTO] At ResponseContextDTO.java:[line 54] EI_EXPOSE_REP
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.ResponseContextDTO.setApiRequestInfo(APIRequestInfoDTO) may expose internal representation by storing an externally mutable object into ResponseContextDTO.apiRequestInfo [org.wso2.carbon.apimgt.common.gateway.dto.ResponseContextDTO] At ResponseContextDTO.java:[line 39] EI_EXPOSE_REP2
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.ResponseContextDTO.setMsgInfo(MsgInfoDTO) may expose internal representation by storing an externally mutable object into ResponseContextDTO.msgInfo [org.wso2.carbon.apimgt.common.gateway.dto.ResponseContextDTO] At ResponseContextDTO.java:[line 59] EI_EXPOSE_REP2
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.TokenIssuerDto.getClaimConfigurations() may expose internal representation by returning TokenIssuerDto.claimConfigurations [org.wso2.carbon.apimgt.common.gateway.dto.TokenIssuerDto] At TokenIssuerDto.java:[line 58] EI_EXPOSE_REP
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.TokenIssuerDto.getJwksConfigurationDTO() may expose internal representation by returning TokenIssuerDto.jwksConfigurationDTO [org.wso2.carbon.apimgt.common.gateway.dto.TokenIssuerDto] At TokenIssuerDto.java:[line 67] EI_EXPOSE_REP
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.dto.TokenIssuerDto.setJwksConfigurationDTO(JWKSConfigurationDTO) may expose internal representation by storing an externally mutable object into TokenIssuerDto.jwksConfigurationDTO [org.wso2.carbon.apimgt.common.gateway.dto.TokenIssuerDto] At TokenIssuerDto.java:[line 82] EI_EXPOSE_REP2
  [ERROR] Medium: Exception thrown in class org.wso2.carbon.apimgt.common.gateway.graphql.FieldComplexityCalculatorImpl at new org.wso2.carbon.apimgt.common.gateway.graphql.FieldComplexityCalculatorImpl(String) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. [org.wso2.carbon.apimgt.common.gateway.graphql.FieldComplexityCalculatorImpl, org.wso2.carbon.apimgt.common.gateway.graphql.FieldComplexityCalculatorImpl] At FieldComplexityCalculatorImpl.java:[line 41]At FieldComplexityCalculatorImpl.java:[line 41] CT_CONSTRUCTOR_THROW
  [ERROR] Medium: Primitive field org.wso2.carbon.apimgt.common.gateway.jwtgenerator.AbstractAPIMgtGatewayJWTGenerator.dialectURI is public and set from inside the class, which makes it too exposed. Consider making it private to limit external accessibility. [org.wso2.carbon.apimgt.common.gateway.jwtgenerator.AbstractAPIMgtGatewayJWTGenerator] At AbstractAPIMgtGatewayJWTGenerator.java:[line 65] PA_PUBLIC_PRIMITIVE_ATTRIBUTE
  [ERROR] Medium: Primitive field org.wso2.carbon.apimgt.common.gateway.jwtgenerator.AbstractAPIMgtGatewayJWTGenerator.jwtConfigurationDto is public and set from inside the class, which makes it too exposed. Consider making it private to limit external accessibility. [org.wso2.carbon.apimgt.common.gateway.jwtgenerator.AbstractAPIMgtGatewayJWTGenerator] At AbstractAPIMgtGatewayJWTGenerator.java:[line 64] PA_PUBLIC_PRIMITIVE_ATTRIBUTE
  [ERROR] Medium: Primitive field org.wso2.carbon.apimgt.common.gateway.jwtgenerator.AbstractAPIMgtGatewayJWTGenerator.signatureAlgorithm is public and set from inside the class, which makes it too exposed. Consider making it private to limit external accessibility. [org.wso2.carbon.apimgt.common.gateway.jwtgenerator.AbstractAPIMgtGatewayJWTGenerator] At AbstractAPIMgtGatewayJWTGenerator.java:[line 69] PA_PUBLIC_PRIMITIVE_ATTRIBUTE
  [ERROR] Medium: org.wso2.carbon.apimgt.common.gateway.jwttransformer.DefaultJWTTransformer.loadConfiguration(TokenIssuerDto) may expose internal representation by storing an externally mutable object into DefaultJWTTransformer.tokenIssuer [org.wso2.carbon.apimgt.common.gateway.jwttransformer.DefaultJWTTransformer] At DefaultJWTTransformer.java:[line 114] EI_EXPOSE_REP2
  [ERROR] Low: Unread field: org.wso2.carbon.apimgt.common.gateway.proxy.ExtendedProxyRoutePlanner.nonProxyHosts [org.wso2.carbon.apimgt.common.gateway.proxy.ExtendedProxyRoutePlanner] At ExtendedProxyRoutePlanner.java:[line 44] URF_UNREAD_FIELD
  [INFO] 

@chamilaadhi
Copy link
Contributor Author

Adding <failOnError>false</failOnError> to spotbugs-maven-plugin to analyse the number of issues. 115 bugs reported with 8 bug types. EI_EXPOSE_REP , EI_EXPOSE_REP2 UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR MS_EXPOSE_REP PA_PUBLIC_PRIMITIVE_ATTRIBUTE CT_CONSTRUCTOR_THROW URF_UNREAD_FIELD URF_UNREAD_PUBLIC_OR_PROTECTED_FIELD

This file contains all the reported errors spotbugs.txt. Currently working on fixing them

@chamilaadhi
Copy link
Contributor Author

Initial PR with spotbug fixes wso2/carbon-apimgt#12203

@chamilaadhi
Copy link
Contributor Author

Finalized PR wso2/carbon-apimgt#12203. with this we can build carbon-apimgt branch with tests using jdk17/21

@npamudika npamudika added this to the 4.3.0-M1 milestone Jan 3, 2024
@npamudika npamudika added 4.3.0 4.3.0-M1 4.3.0 M1 Milestone labels Jan 3, 2024
@msm1992
Copy link

msm1992 commented Jan 10, 2024

Status Update (10/01/2024)

  • Started working on spring version upgrade to 6.x as discussed in the release sync up meeting.
  • Prior to upgrading spring version to 6.x below requirements have to be met. [1]
    • tomcat version have to be upgraded to 10.x
    • snakeyaml to 2.0
    • jackson-databind to 2.14 (already satisfied)
    • After the change product will be compatible with java 17 or above only.
  • Spring dependency is coming from carbon-deployment, APIM spring version can be upgraded to 6.x by upgrading the version in carbon-deployment. carbon-apimgt and product-apim builds were successful after this upgrade, but there were errors while deploying webapps as the tomcat version was nnnot upgraded to 10.x.
  • Synced with Hiranya and got the changes for 4.9.x kernel upgrade in APIM. (Since tomcat is coming from kernel, I need these changes to do the tomcat upgrade) However even after adding above changes the product pack was giving startup errors (Full list of errors can be found at https://docs.google.com/document/d/1eDZqALzsNSV3Rwk7GlZdqa4lki43o6w2efcWKLwrUTM/edit#heading=h.9p9n0remkael)

[1]. https://github.com/spring-projects/spring-framework/wiki/Upgrading-to-Spring-Framework-6.x

@msm1992
Copy link

msm1992 commented Jan 11, 2024

Status Update (11/01/2024)

  • In order to make the product build compatible with java 17 and above we have to upgrade the equinox version as well. Due to the complexity it was decided not to do this change for the 4.3.0 release. Hence marking this ticket as on-hold.

Thanks,
Sachinin

@npamudika npamudika modified the milestones: 4.3.0-M1, 4.3.0-Alpha Jan 17, 2024
@npamudika npamudika added 4.3.0-alpha and removed 4.3.0-M1 4.3.0 M1 Milestone labels Jan 17, 2024
@npamudika npamudika removed this from the 4.3.0-Alpha milestone Jan 23, 2024
@PasanT9
Copy link

PasanT9 commented Feb 27, 2024

Status Update (27/02/2024)

Testing APIM 4.3.0 compatibility with JDK 21.
Noticed the following error when adding a new tenant.

Caused by: java.lang.NoSuchMethodError: 'void sun.security.x509.X509CertInfo.set(java.lang.String, java.lang.Object)'
	at org.wso2.carbon.keystore.mgt.KeyStoreGenerator.generateKeyPair(KeyStoreGenerator.java:171) ~[org.wso2.carbon.tenant.keystore.mgt_4.9.21.jar:?]
	at org.wso2.carbon.keystore.mgt.KeyStoreGenerator.generateKeyStore(KeyStoreGenerator.java:96) ~[org.wso2.carbon.tenant.keystore.mgt_4.9.21.jar:?]
	at org.wso2.carbon.keystore.mgt.KeystoreTenantMgtListener.onTenantCreate(KeystoreTenantMgtListener.java:43) ~[org.wso2.carbon.tenant.keystore.mgt_4.9.21.jar:?]
	at org.wso2.carbon.tenant.mgt.util.TenantMgtUtil.triggerAddTenant(TenantMgtUtil.java:151) ~[org.wso2.carbon.tenant.mgt_4.9.21.jar:?]
	at org.wso2.carbon.tenant.mgt.services.TenantMgtAdminService.notifyTenantAddition(TenantMgtAdminService.java:149) ~[org.wso2.carbon.tenant.mgt_4.9.21.jar:?]
	at org.wso2.carbon.tenant.mgt.services.TenantMgtAdminService.addTenant(TenantMgtAdminService.java:96) ~[org.wso2.carbon.tenant.mgt_4.9.21.jar:?]
	at jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103) ~[?:?]
	... 81 more

Currently analyzing the error and figuring out a proper solution thus APIM works in both JDK 11, 17 and 21.

@PasanT9
Copy link

PasanT9 commented Mar 1, 2024

Status Update (01/03/2024)

  • Methods for adding attributes to certificates that we used before are outdated in JDK 21 and don't work with JDK 17. This situation prevents us from using the same code for both JDK versions with the sun.security library. Originally, we implemented this feature using BouncyCastle, but switched to sun.security due to issues with FIPS compliance.
  • In a meeting with the WSO2 Security Team, we decided on a two-path approach to meet the needs of all users, whether they need FIPS compliance or not. We plan to use bc-fips and bcpkix-fips packages for those needing FIPS compliance and a different set of libraries for those who don't. This is because BouncyCastle supports more cryptographic algorithms than its FIPS-compliant version. To serve everyone, we're implementing both options. I've opened PR [3] with these updates.
  • Currently running the integration tests on APIM 4.3.0 on JDK 21.

[1] https://github.com/wso2/carbon-multitenancy/blob/f3d42e3c4f002f04763f66e47fa7156a855a89c1/components/tenant-mgt/org.wso2.carbon.tenant.keystore.mgt/src/main/java/org/wso2/carbon/keystore/mgt/KeyStoreGenerator.java#L196
[2] mail: [Q]APIM-3.2.0 - FIPS 140-2 compliance
[3] wso2/carbon-multitenancy#261

@PasanT9
Copy link

PasanT9 commented Mar 5, 2024

Status Update (05/03/2024)

  • Integration tests on APIM 4.3.0 on JDK 21 passed without any errrors.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

4 participants