POC for a buildItem defining the add-opens needs #49920
Conversation
|
Example usage by Netty cc/ @franz1981 |
| @BuildStep | ||
| ModuleOpenBuildItem allowClearThreadLocals() { | ||
| // JDK 24+ needs --add-opens=java.base/java.lang=ALL-UNNAMED for org.jboss.JDKSpecific.ThreadAccess.clearThreadLocals() | ||
| return new ModuleOpenBuildItem("java.base/java.lang"); |
There was a problem hiding this comment.
This should be two separate properties. Or maybe a set of packages to open. Plus the destination module as I said earlier.
There was a problem hiding this comment.
The problem is that the Jar's Manifest format doesn't allow to specify a destination module.
We could add it here as a hint for users of the new buildItem that they should specify it - in hope for us to being able to use it better in the future, but I'm concerned that since it won't have any effect there is no way to test that people are specifying the correct values.
Perhaps it's best to not have a misleading API and stick to offer what it can do?
There was a problem hiding this comment.
You're thinking only of what it can do, today, this week. But I already have a parallel branch which modularizes the application fully. I'd rather only maybe have to rework one or two mistakes than have to rework everything. The JAR manifest is an edge case in the greater scheme; it just happens to be the first case we've encountered.
There was a problem hiding this comment.
Ok then! Sounds great, I just wasn't sure if you were aware of these limitations - sounds like you are :)
core/deployment/src/main/java/io/quarkus/deployment/ResolvedJVMRequirements.java
Show resolved
Hide resolved
|
Just a note for consistency. There is |
|
thanks @zakkak ! I see the SecurityProcessor also produces some JPMSExportBuildItem(s), looks like related to Fips: Shouldn't these also be applied to the Jar Manifest (and any other launcher we'll support) ? |
This one needs to be revisited because it has several problems:
IMO it might be easiest to deprecate |
|
@dmlloyd agreed, I noticed the same limitations - clearly But before thinking of providing a more general solution I'd like to check if there's any need for this - as far as I can see that Fips Security Processor is the only user for "add exports" - so let's hear if that should be applied to JVM mode as well. |
The modular build requires at least one "WAGNI" - We Are Going To Need It! |
|
I agree with @dmlloyd on "WAGNI" :)
It really depends on whether the code paths triggering the issue (i.e. accessing the encapsulated code) are reached at runtime or not. We have no tests triggering it in JVM-mode AFAIK and IIRC no-one digged deeper to see whether we could prune these code paths in native-mode. |
|
I'm not sure I'd depend on a test to determine whether something is needed. But maybe it's worth trying to craft one to trigger the issue? |
very well, I know I can trust you on such feelings :) This particular POC isn't linked to any specific issue or strategy yet (I was just exploring options), I guess I'll include the need for add-exports to be addressed by the same "thing" which is emerging here. |
POC for what's being discussed on:
Essentially we need a way for each extension to declare which "add-opens" they need; we can generate the definition for the manifest, so that people can still simply invoke "java -jar app.jar".
However this doesn't resolve the need for setting the same properties during testing; during test execution I see no way to automatically apply the parameters as the JVM is already running - I'm not aware of cases in which we fork the JVM, should we?
We could consider checking if the matching parameters are being set, and if not log a clear message with suggestions?
I have a follow-up experiment to resolve some issues with Netty.