Skip to content

Commit 2e8d322

Browse files
rjernstrjernst
committed
Use task avoidance with forbidden apis
Currently forbidden apis accounts for 800+ tasks in the build. These tasks are aggressively created by the plugin. In forbidden apis 3.0, we will get task avoidance (policeman-tools/forbidden-apis#162), but we need to ourselves use the same task avoidance mechanisms to not trigger these task creations. This commit does that for our foribdden apis usages, in preparation for upgrading to 3.0 when it is released.
1 parent 7bccbf4 commit 2e8d322

File tree

36 files changed

+49
-44
lines changed

36 files changed

+49
-44
lines changed

benchmarks/build.gradle

+1-1
Original file line numberDiff line numberDiff line change
@@ -48,7 +48,7 @@ compileJava.options.compilerArgs.addAll(["-processor", "org.openjdk.jmh.generato
4848
run.executable = "${BuildParams.runtimeJavaHome}/bin/java"
4949

5050
// classes generated by JMH can use all sorts of forbidden APIs but we have no influence at all and cannot exclude these classes
51-
forbiddenApisMain.enabled = false
51+
disableTasks('forbiddenApisMain')
5252

5353
// No licenses for our benchmark deps (we don't ship benchmarks)
5454
dependencyLicenses.enabled = false

build.gradle

+9
Original file line numberDiff line numberDiff line change
@@ -518,3 +518,12 @@ subprojects {
518518
}
519519
}
520520
}
521+
522+
subprojects {
523+
Closure disableMethod = { String... tasknames ->
524+
for (String taskname : tasknames) {
525+
project.tasks.named(taskname).configure { onlyIf { false } }
526+
}
527+
}
528+
project.ext.disableTasks = disableMethod
529+
}

buildSrc/build.gradle

+1-3
Original file line numberDiff line numberDiff line change
@@ -166,9 +166,7 @@ if (project != rootProject) {
166166
// build-tools is not ready for primetime with these...
167167
dependencyLicenses.enabled = false
168168
dependenciesInfo.enabled = false
169-
forbiddenApisMain.enabled = false
170-
forbiddenApisMinimumRuntime.enabled = false
171-
forbiddenApisTest.enabled = false
169+
disableTasks('forbiddenApisMain', 'forbiddenApisMinimumRuntime', 'forbiddenApisTest')
172170
jarHell.enabled = false
173171
thirdPartyAudit.enabled = false
174172
if (Boolean.parseBoolean(System.getProperty("tests.fips.enabled"))){

buildSrc/src/testKit/elasticsearch.build/build.gradle

+1-2
Original file line numberDiff line numberDiff line change
@@ -17,8 +17,7 @@ repositories {
1717
}
1818

1919
// todo remove offending rules
20-
forbiddenApisMain.enabled = false
21-
forbiddenApisTest.enabled = false
20+
disableTasks('forbiddenApisMain', 'forbiddenApisTest')
2221
// requires dependency on testing fw
2322
jarHell.enabled = false
2423
// we don't have tests for now

client/rest-high-level/build.gradle

+1-1
Original file line numberDiff line numberDiff line change
@@ -82,7 +82,7 @@ dependencyLicenses {
8282
}
8383
}
8484

85-
forbiddenApisMain {
85+
tasks.named('forbiddenApisMain').configure {
8686
// core does not depend on the httpclient for compile so we add the signatures here. We don't add them for test as they are already
8787
// specified
8888
addSignatureFiles 'http-signatures'

client/rest/build.gradle

+2-2
Original file line numberDiff line numberDiff line change
@@ -52,7 +52,7 @@ dependencies {
5252
testCompile "org.elasticsearch:mocksocket:${versions.mocksocket}"
5353
}
5454

55-
tasks.withType(CheckForbiddenApis) {
55+
tasks.withType(CheckForbiddenApis).configureEach {
5656
//client does not depend on server, so only jdk and http signatures should be checked
5757
replaceSignatureFiles('jdk-signatures', 'http-signatures')
5858
}
@@ -61,7 +61,7 @@ forbiddenPatterns {
6161
exclude '**/*.der'
6262
}
6363

64-
forbiddenApisTest {
64+
tasks.named('forbiddenApisTest').configure {
6565
//we are using jdk-internal instead of jdk-non-portable to allow for com.sun.net.httpserver.* usage
6666
bundledSignatures -= 'jdk-non-portable'
6767
bundledSignatures += 'jdk-internal'

client/sniffer/build.gradle

+2-2
Original file line numberDiff line numberDiff line change
@@ -49,12 +49,12 @@ dependencies {
4949
testCompile "org.elasticsearch:mocksocket:${versions.mocksocket}"
5050
}
5151

52-
forbiddenApisMain {
52+
tasks.named('forbiddenApisMain').configure {
5353
//client does not depend on server, so only jdk signatures should be checked
5454
replaceSignatureFiles 'jdk-signatures'
5555
}
5656

57-
forbiddenApisTest {
57+
tasks.named('forbiddenApisTest').configure {
5858
//we are using jdk-internal instead of jdk-non-portable to allow for com.sun.net.httpserver.* usage
5959
bundledSignatures -= 'jdk-non-portable'
6060
bundledSignatures += 'jdk-internal'

client/test/build.gradle

+2-2
Original file line numberDiff line numberDiff line change
@@ -30,12 +30,12 @@ dependencies {
3030
compile "org.hamcrest:hamcrest:${versions.hamcrest}"
3131
}
3232

33-
forbiddenApisMain {
33+
tasks.named('forbiddenApisMain').configure {
3434
//client does not depend on core, so only jdk signatures should be checked
3535
replaceSignatureFiles 'jdk-signatures'
3636
}
3737

38-
forbiddenApisTest {
38+
tasks.named('forbiddenApisTest').configure {
3939
//we are using jdk-internal instead of jdk-non-portable to allow for com.sun.net.httpserver.* usage
4040
bundledSignatures -= 'jdk-non-portable'
4141
bundledSignatures += 'jdk-internal'

distribution/tools/java-version-checker/build.gradle

+1-1
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ apply plugin: 'elasticsearch.build'
33
targetCompatibility = JavaVersion.VERSION_1_7
44

55
// java_version_checker do not depend on core so only JDK signatures should be checked
6-
forbiddenApisMain {
6+
tasks.named('forbiddenApisMain').configure {
77
replaceSignatureFiles 'jdk-signatures'
88
}
99

distribution/tools/launchers/build.gradle

+1-1
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ dependencies {
2929

3030
archivesBaseName = 'elasticsearch-launchers'
3131

32-
tasks.withType(CheckForbiddenApis) {
32+
tasks.withType(CheckForbiddenApis).configureEach {
3333
replaceSignatureFiles 'jdk-signatures'
3434
}
3535

libs/cli/build.gradle

+1-1
Original file line numberDiff line numberDiff line change
@@ -30,6 +30,6 @@ test.enabled = false
3030
// Since CLI does not depend on :server, it cannot run the jarHell task
3131
jarHell.enabled = false
3232

33-
forbiddenApisMain {
33+
tasks.named('forbiddenApisMain').configure {
3434
replaceSignatureFiles 'jdk-signatures'
3535
}

libs/core/build.gradle

+1-1
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,7 @@ dependencies {
3434
}
3535
}
3636

37-
forbiddenApisMain {
37+
tasks.named('forbiddenApisMain').configure {
3838
// :libs:elasticsearch-core does not depend on server
3939
// TODO: Need to decide how we want to handle for forbidden signatures with the changes to server
4040
replaceSignatureFiles 'jdk-signatures'

libs/dissect/build.gradle

+1-1
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ dependencies {
2626
testCompile "com.fasterxml.jackson.core:jackson-databind:${versions.jackson}"
2727
}
2828

29-
forbiddenApisMain {
29+
tasks.named('forbiddenApisMain').configure {
3030
replaceSignatureFiles 'jdk-signatures'
3131
}
3232

libs/geo/build.gradle

+1-1
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@ dependencies {
2727
}
2828
}
2929

30-
forbiddenApisMain {
30+
tasks.named('forbiddenApisMain').configure {
3131
// geo does not depend on server
3232
// TODO: Need to decide how we want to handle for forbidden signatures with the changes to core
3333
replaceSignatureFiles 'jdk-signatures'

libs/grok/build.gradle

+1-1
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,6 @@ dependencies {
2727
}
2828
}
2929

30-
forbiddenApisMain {
30+
tasks.named('forbiddenApisMain').configure {
3131
replaceSignatureFiles 'jdk-signatures'
3232
}

libs/nio/build.gradle

+1-1
Original file line numberDiff line numberDiff line change
@@ -32,7 +32,7 @@ dependencies {
3232
}
3333

3434

35-
forbiddenApisMain {
35+
tasks.named('forbiddenApisMain').configure {
3636
// nio does not depend on core, so only jdk signatures should be checked
3737
// es-all is not checked as we connect and accept sockets
3838
replaceSignatureFiles 'jdk-signatures'

libs/plugin-classloader/build.gradle

+1-1
Original file line numberDiff line numberDiff line change
@@ -20,5 +20,5 @@
2020
test.enabled = false
2121

2222
// test depend on ES core...
23-
forbiddenApisMain.enabled = false
23+
disableTasks('forbiddenApisMain')
2424
jarHell.enabled = false

libs/secure-sm/build.gradle

+1-1
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,7 @@ dependencies {
3131
}
3232
}
3333

34-
forbiddenApisMain {
34+
tasks.named('forbiddenApisMain').configure {
3535
replaceSignatureFiles 'jdk-signatures'
3636
}
3737

libs/ssl-config/build.gradle

+1-1
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,7 @@ dependencies {
3131
}
3232

3333

34-
forbiddenApisMain {
34+
tasks.named('forbiddenApisMain').configure {
3535
replaceSignatureFiles 'jdk-signatures'
3636
}
3737

libs/x-content/build.gradle

+1-1
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,7 @@ dependencies {
4040

4141
}
4242

43-
forbiddenApisMain {
43+
tasks.named('forbiddenApisMain').configure {
4444
// x-content does not depend on server
4545
// TODO: Need to decide how we want to handle for forbidden signatures with the changes to core
4646
replaceSignatureFiles 'jdk-signatures'

plugins/analysis-icu/build.gradle

+1-1
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@ esplugin {
2424
classname 'org.elasticsearch.plugin.analysis.icu.AnalysisICUPlugin'
2525
}
2626

27-
tasks.withType(CheckForbiddenApis) {
27+
tasks.withType(CheckForbiddenApis).configureEach {
2828
signatures += [
2929
"com.ibm.icu.text.Collator#getInstance() @ Don't use default locale, use getInstance(ULocale) instead"
3030
]

qa/os/build.gradle

+2-2
Original file line numberDiff line numberDiff line change
@@ -42,7 +42,7 @@ dependencies {
4242
testCompile "com.fasterxml.jackson.core:jackson-databind:${versions.jackson}"
4343
}
4444

45-
forbiddenApisTest {
45+
tasks.named('forbiddenApisTest').configure {
4646
replaceSignatureFiles 'jdk-signatures'
4747
}
4848

@@ -58,7 +58,7 @@ tasks.dependenciesInfo.enabled = false
5858
tasks.thirdPartyAudit.ignoreMissingClasses()
5959

6060
tasks.register('destructivePackagingTest') {
61-
dependsOn 'destructiveDistroTest'
61+
dependsOn 'destructiveDistroTest'
6262
}
6363

6464
processTestResources {

server/build.gradle

+1-1
Original file line numberDiff line numberDiff line change
@@ -57,7 +57,7 @@ if (!isEclipse) {
5757
targetCompatibility = 12
5858
}
5959

60-
forbiddenApisJava12 {
60+
tasks.named('forbiddenApisJava12').configure {
6161
doFirst {
6262
if (BuildParams.runtimeJavaVersion < JavaVersion.VERSION_12) {
6363
targetCompatibility = JavaVersion.VERSION_12.getMajorVersion()

test/fixtures/build.gradle

+1-1
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
11
subprojects {
22
// fixtures are mostly external and by default we don't want to check forbidden apis
3-
forbiddenApisMain.enabled = false
3+
disableTasks('forbiddenApisMain')
44
}

test/framework/build.gradle

+1-1
Original file line numberDiff line numberDiff line change
@@ -38,7 +38,7 @@ compileJava.options.compilerArgs << '-Xlint:-cast,-rawtypes,-unchecked'
3838
compileTestJava.options.compilerArgs << '-Xlint:-rawtypes'
3939

4040
// the main files are actually test files, so use the appropriate forbidden api sigs
41-
forbiddenApisMain {
41+
tasks.named('forbiddenApisMain').configure {
4242
replaceSignatureFiles 'jdk-signatures', 'es-all-signatures', 'es-test-signatures'
4343
}
4444

test/logger-usage/build.gradle

+1-2
Original file line numberDiff line numberDiff line change
@@ -27,8 +27,7 @@ dependencies {
2727

2828
loggerUsageCheck.enabled = false
2929

30-
forbiddenApisMain.enabled = true // disabled by parent project
31-
forbiddenApisMain {
30+
tasks.named('forbiddenApisMain').configure {
3231
replaceSignatureFiles 'jdk-signatures' // does not depend on core, only jdk signatures
3332
}
3433
jarHell.enabled = true // disabled by parent project

x-pack/plugin/core/build.gradle

+1-1
Original file line numberDiff line numberDiff line change
@@ -92,7 +92,7 @@ forbiddenPatterns {
9292
exclude '**/*.zip'
9393
}
9494

95-
forbiddenApisMain {
95+
tasks.named('forbiddenApisMain').configure {
9696
signaturesFiles += files('forbidden/hasher-signatures.txt')
9797
}
9898

x-pack/plugin/identity-provider/build.gradle

+1-1
Original file line numberDiff line numberDiff line change
@@ -67,7 +67,7 @@ forbiddenPatterns {
6767
exclude '**/*.zip'
6868
}
6969

70-
forbiddenApisMain {
70+
tasks.named('forbiddenApisMain').configure {
7171
signaturesFiles += files('forbidden/xml-signatures.txt')
7272
}
7373

x-pack/plugin/security/build.gradle

+1-1
Original file line numberDiff line numberDiff line change
@@ -170,7 +170,7 @@ forbiddenPatterns {
170170
exclude '**/*.zip'
171171
}
172172

173-
forbiddenApisMain {
173+
tasks.named('forbiddenApisMain').configure {
174174
signaturesFiles += files('forbidden/ldap-signatures.txt', 'forbidden/xml-signatures.txt', 'forbidden/oidc-signatures.txt')
175175
}
176176

x-pack/plugin/security/cli/build.gradle

+1-1
Original file line numberDiff line numberDiff line change
@@ -42,7 +42,7 @@ if (BuildParams.inFipsJvm) {
4242
testingConventions.enabled = false
4343
// Forbiden APIs non-portable checks fail because bouncy castle classes being used from the FIPS JDK since those are
4444
// not part of the Java specification - all of this is as designed, so we have to relax this check for FIPS.
45-
tasks.withType(CheckForbiddenApis) {
45+
tasks.withType(CheckForbiddenApis).configureEach {
4646
bundledSignatures -= "jdk-non-portable"
4747
}
4848
}

x-pack/plugin/sql/jdbc/build.gradle

+1-1
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@ apply plugin: 'com.github.johnrengelman.shadow'
66
description = 'JDBC driver for Elasticsearch'
77
archivesBaseName = "x-pack-sql-jdbc"
88

9-
forbiddenApisMain {
9+
tasks.named('forbiddenApisMain').configure {
1010
// does not depend on core, so only jdk and http signatures should be checked
1111
replaceSignatureFiles 'jdk-signatures'
1212
}

x-pack/plugin/sql/qa/build.gradle

+1-1
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,7 @@ dependencyLicenses.enabled = false
3939
dependenciesInfo.enabled = false
4040

4141
// the main files are actually test files, so use the appropriate forbidden api sigs
42-
forbiddenApisMain {
42+
tasks.named('forbiddenApisMain').configure {
4343
replaceSignatureFiles 'es-all-signatures', 'es-test-signatures'
4444
}
4545

x-pack/plugin/sql/sql-action/build.gradle

+1-1
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ dependencies {
2828
testCompile project(":test:framework")
2929
}
3030

31-
forbiddenApisMain {
31+
tasks.named('forbiddenApisMain').configure {
3232
//sql does not depend on server, so only jdk signatures should be checked
3333
replaceSignatureFiles 'jdk-signatures'
3434
}

x-pack/plugin/sql/sql-cli/build.gradle

+1-1
Original file line numberDiff line numberDiff line change
@@ -55,7 +55,7 @@ shadowJar {
5555
}
5656
}
5757

58-
forbiddenApisMain {
58+
tasks.named('forbiddenApisMain').configure {
5959
//sql does not depend on server, so only jdk signatures should be checked
6060
replaceSignatureFiles 'jdk-signatures'
6161
signaturesFiles += files('src/forbidden/cli-signatures.txt')

x-pack/plugin/sql/sql-client/build.gradle

+2-2
Original file line numberDiff line numberDiff line change
@@ -21,12 +21,12 @@ dependencyLicenses {
2121
ignoreSha 'elasticsearch-core'
2222
}
2323

24-
forbiddenApisMain {
24+
tasks.named('forbiddenApisMain').configure {
2525
// does not depend on core, so only jdk and http signatures should be checked
2626
replaceSignatureFiles 'jdk-signatures'
2727
}
2828

29-
forbiddenApisTest {
29+
tasks.named('forbiddenApisTest').configure {
3030
bundledSignatures -= 'jdk-non-portable'
3131
bundledSignatures += 'jdk-internal'
3232
}

x-pack/plugin/sql/sql-proto/build.gradle

+1-1
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ dependencies {
1818
testCompile project(":test:framework")
1919
}
2020

21-
forbiddenApisMain {
21+
tasks.named('forbiddenApisMain').configure {
2222
//sql does not depend on server, so only jdk signatures should be checked
2323
replaceSignatureFiles 'jdk-signatures'
2424
}

0 commit comments

Comments
 (0)