Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: Blocker
Fix Version/s: fuse-7.8-GA
Affects Version/s: None
Component/s: Fuse on Openshift
Labels:
- QA_IGNORE

Fuse Progress Bar:

% %
Prod build version:
build6

SFDC Cases Counter:
SFDC Cases Links:

Description

When working on ~~ENTESB-13925~~ and building karaf-camel-amq quickstart, I had OSGi resolution problem:

Unable to resolve io.fabric8.kubernetes-model/4.1.0: \
    missing requirement [io.fabric8.kubernetes-model/4.1.0] osgi.wiring.package; \
    filter:="(&(osgi.wiring.package=javax.validation)(version>=1.1.0)(!(version>=2.0.0)))"

Indeed - we've moved in Fuse 7.8 to hibernate-validator 6 (validation API 2) entirely (i.e., no alternative hibernate-validator 5 / validation API 1)

Before Fuse 7.8 and only in "SB2 pipeline" we've moved from forked to upstream versions of kubernetes-model and kubernetes-client, which are currently at version 4.1.0.

I tried (as security aware developer) to upgrade to latest kubernetes-client 4.10.3, but it started requiring Jackson 2.10, which we would like not to use, as Camel 2.23 is at Jackson 2.9 now (with whitelist support).

So by bisecting the versions, I found that:

newer versions do not depend (have OSGi imports) for Validation API at all, but depend on Jackson 2.10
older versions depend on Validation API 1
middle version 4.2.2 still use Validation API (as 4.1.0), but switched to Validation API 2 (which we need) and also stays at Jackson 2.9

So I though - what could go wrong with 4.1.0 → 4.2.2 upgrade?

This:

[ERROR] Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:3.5.1:compile (default-compile) on project kubernetes-api: Compilation failure: Compilation failure: 
[ERROR] /data/sources/github.com/jboss-fuse/fabric8-sb2/components/kubernetes-api/src/main/java/io/fabric8/kubernetes/api/Controller.java:[52,38] cannot find symbol
[ERROR]   symbol:   class PolicyBinding
[ERROR]   location: package io.fabric8.openshift.api.model
[ERROR] /data/sources/github.com/jboss-fuse/fabric8-sb2/components/kubernetes-api/src/main/java/io/fabric8/kubernetes/api/Controller.java:[54,38] cannot find symbol
[ERROR]   symbol:   class Role
[ERROR]   location: package io.fabric8.openshift.api.model
[ERROR] /data/sources/github.com/jboss-fuse/fabric8-sb2/components/kubernetes-api/src/main/java/io/fabric8/kubernetes/api/Controller.java:[55,38] cannot find symbol
[ERROR]   symbol:   class RoleBinding
[ERROR]   location: package io.fabric8.openshift.api.model
[ERROR] /data/sources/github.com/jboss-fuse/fabric8-sb2/components/kubernetes-api/src/main/java/io/fabric8/kubernetes/api/Controller.java:[811,34] cannot find symbol
[ERROR]   symbol:   class RoleBinding
[ERROR]   location: class io.fabric8.kubernetes.api.Controller
[ERROR] /data/sources/github.com/jboss-fuse/fabric8-sb2/components/kubernetes-api/src/main/java/io/fabric8/kubernetes/api/Controller.java:[855,37] cannot find symbol
[ERROR]   symbol:   class RoleBinding
[ERROR]   location: class io.fabric8.kubernetes.api.Controller
[ERROR] /data/sources/github.com/jboss-fuse/fabric8-sb2/components/kubernetes-api/src/main/java/io/fabric8/kubernetes/api/Controller.java:[866,36] cannot find symbol
[ERROR]   symbol:   class PolicyBinding
[ERROR]   location: class io.fabric8.kubernetes.api.Controller
[ERROR] /data/sources/github.com/jboss-fuse/fabric8-sb2/components/kubernetes-api/src/main/java/io/fabric8/kubernetes/api/Controller.java:[910,39] cannot find symbol
[ERROR]   symbol:   class PolicyBinding
[ERROR]   location: class io.fabric8.kubernetes.api.Controller
[ERROR] -> [Help 1]

I'm not Kubernetes/OpenShift API expert, I see that kubernetes-model 4.1.0 still has these missing classes, but I didn't find any obvious trace when checking git lg v4.1.3..v4.2.2 for git@github.com:fabric8io/kubernetes-client.git project...

I found:

commit ae06e0e0062fb115c74393a0cbcceb35feedf8a4
Author: dependabot[bot] <support@dependabot.com>
Date:   Tue Mar 19 11:21:08 2019 +0000

    Bump validation-api
    
    Bumps [validation-api]: bump karaf.version
    
    Bumps `karaf.version` from 4.2.3 to 4.2.4.
    
    Updates `common` from 4.2.3 to 4.2.4
    
    Updates `apache-karaf-minimal` from 4.2.3 to 4.2.4
    
    Updates `karaf-maven-plugin` from 4.2.3 to 4.2.4
    
    Signed-off-by: dependabot[bot] <support@dependabot.com>

diff --git a/platforms/karaf/pom.xml b/platforms/karaf/pom.xml
index 83e906a31..33920ed04 100644
--- a/platforms/karaf/pom.xml
+++ b/platforms/karaf/pom.xml
@@ -30,7 +30,7 @@
   <name>Fabric8 :: Kubernetes :: Platforms :: Karaf</name>
 
   <properties>
-    <karaf.version>4.2.3</karaf.version>
+    <karaf.version>4.2.4</karaf.version>
     <osgi.version>6.0.0</osgi.version>
     <pax.exam.version>4.13.1</pax.exam.version>
   </properties>

which is dangerous commit - not only someone accepted dependabot.com commit claiming that Validation API was bumped (it wasn't) - it shows that someone thinks that version upgrades are safe in this fast-changing world (they aren't).

But anyway - can you nicolaferraro, acosenti, astefanu@redhat.com (cc: gmalinko, janstey@redhat.com, tcunning@redhat.com) help me upgrade to 4.2.2 in jboss-fuse/fabric8/3.0.11.sb2.redhat-7.x branch?

Attachments

Issue Links

is related to

ENTESB-13925 Upgrade to Validation API 2 / Hibernate Validator 6

Resolved

Activity

People

Assignee:: Grzegorz Grzybek

Reporter:: Grzegorz Grzybek

Tester:: Salvatore Mongiardo

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Dates

Created:: 2020/07/22 3:54 AM

Updated:: 2021/10/24 7:01 AM

Resolved:: 2020/11/26 4:27 AM