Bug 988424

Summary: Unexpected xy-jandex.jar files for cxf in EAP zip in 6.1.1 ER3, regression in cxf-rt-ws-security jar which doesn't contain META-INF/jandex.idx
Product: [JBoss] JBoss Enterprise Application Platform 6 Reporter: Rostislav Svoboda <rsvoboda>
Component: BuildAssignee: Paul Gier <pgier>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: high Docs Contact:
Priority: unspecified    
Version: 6.1.1CC: asoldano, myarboro, psakar
Target Milestone: ER6Keywords: Regression
Target Release: EAP 6.1.1   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-09-16 20:20:31 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Rostislav Svoboda 2013-07-25 14:56:23 UTC 
EAP 6.1.1 ER3 introduced 18 new files in jboss-eap-6.1/modules/system/layers/base/org/apache/cxf/impl/main folder.

There is regression in cxf-rt-ws-security-2.6.8-redhat-1.jar which doesn't contain META-INF/jandex.idx This index was externalized to cxf-rt-ws-security-2.6.8-redhat-1-jandex.jar

Please revert changes in build and move META-INF/jandex.idx back into cxf-rt-ws-security-2.6.8-redhat-1.jar. META-INF/jandex.idx in cxf-rt-ws-security is necessary for correct functionality. Confirmed by developers.

The remaining jandex.jar files are just garbage which is not used at all. module.xml in jboss-eap-6.1/modules/system/layers/base/org/apache/cxf/impl/main is referencing cxf-rt-ws-security-2.6.8-redhat-1-jandex.jar

Build was probably done by Lin Gao.
Comment 1 Rostislav Svoboda 2013-07-25 14:58:15 UTC 
Just for confirmation - jandex is needed for cxf-rt-ws-security jar
Comment 2 Paul Gier 2013-07-25 15:01:29 UTC 
This should be fixed in the new build of cxf for ER4
http://git.app.eng.bos.redhat.com/?p=apache/cxf.git;a=commitdiff;h=54b9533ff8ecc9558399e2d1227facb502352b45
Comment 3 Rostislav Svoboda 2013-07-25 15:02:33 UTC 
ER3 situation - http://pastebin.test.redhat.com/155091
ER2 situation - http://pastebin.test.redhat.com/155092
Comment 4 Paul Gier 2013-07-31 14:39:53 UTC 
Looks like this was not correctly fixed in ER4.  Should be fixed in ER5.
Comment 5 Pavel Janousek 2013-08-12 10:22:30 UTC 
Moreover, in ER4 used naming is wrong, CXF's artifacts uses cxf-(.*)-2.6.8.redhat-4.jar instead of cxf-(.*)-2.6.8-redhat-4.jar (<version>.redhat... should be <version>-redhat...)
Comment 6 Paul Gier 2013-08-12 14:07:53 UTC 
> cxf-(.*)-2.6.8.redhat-4.jar instead of cxf-(.*)-2.6.8-redhat-4.jar

Does this version cause a problem?  This was changed to follow OSGi version standards.  And the plan is for future versions to follow this convention.  Versions will look like one of the following:
1.0.0.Final-redhat-X
1.0.0.redhat-X
Comment 7 Pavel Janousek 2013-08-12 14:49:44 UTC 
First - I don't think any filename as above can cause an issue itself, mainly if correct name is listed in appropriate module.xml.

I understand '1.0.0.Final' or '1.0.0' as version string of component/artifact. I don't understand why we don't use either '.' or '-' (but only one chosen) for concatenation with string 'redhat-X' (the sign of productized, signed etc. artifact(s) by Red Hat). Following this way I mean to use either (1.0.0.Final.redhat-X and 1.0.0.redhat-X) or (1.0.0.Final-redhat-X and 1.0.0-redhat-X). Is there an agreement about this already?

At least one component (e.g. CXF) should use the uniform naming convention for every included JARs. So I can see an issue in CXF now: cxf-xjc-dv-2.6.0-redhat-2.jar vs cxf-tools-common-2.6.8.redhat-4.jar.

Finally all components in EAP should follow the same naming convention.
Comment 9 Paul Gier 2013-08-12 15:24:23 UTC 
We have a doc which defines community project versions:
https://community.jboss.org/wiki/JBossProjectVersioning

The problem is that Apache CXF and other thirdparty projects don't follow our version standard.  The OSGi spec requires versions to look like this:
X.Y.Z.qualifier

So if we use "1.0.0-redhat-X" it's not valid according to the OSGi spec.  Also "1.0.0.Final.redhat-X" is not valid.  So it creates a weird requirement where we need to add either -redhat-X or .redhat-X depending on the upstream version.

I'd be ok with deciding that we just want to stick with -redhat-X all the time but I guess we'd just have to check that this works ok with our OSGi use cases.
Comment 10 Paul Gier 2013-08-12 15:26:53 UTC 
Just an additional note about why this issue occurred.  The jandex generation was added into the github sources in this commit:
https://github.com/jbossas/jboss-eap/commit/203d1b98eb944f4557962aae6c948c1f033de28d

I added a commit to the internal eap sources to remove the jandex generation.
Comment 11 Alessio Soldano 2013-08-12 15:42:11 UTC 
Paul, can you provide move details on the last comment? so basically the productized artifacts do not need to have the jandex generation performed when building up the AS, while that is needed when using the upstream artifacts?
Btw, I think there's possibly a glitch in the AS build if the jandex="true" for cxf-rt-ws-security is causing any jars in the same module to created a corresponding jandex archive.
Comment 12 Pavel Janousek 2013-08-15 12:14:18 UTC 
I have to re-open this issue again. file jandex.idx isn't now deployed to system as a separate file (*.jandex.jar), but it is still included in e.g. cxf-rt-bindings-coloc.jar or cxf-rt-bindings-object.jar (and all other affected - see above). 

Correct state of jandex.idx presence should be based on previous state from ER2 build - see Rosta's comment #c3.
Comment 13 Paul Gier 2013-08-15 13:40:40 UTC 
Alessio, that's correct, the product build does not need to have jandex generation performed during the AS build because the product build of Apache CXF already includes the jandex information.

Yes, setting jandex="true" for one jar in a module will generate the jandex files for all the files in the module.
Comment 14 Paul Gier 2013-08-15 15:07:04 UTC 
Ok, so I'll rebuild apache cxf and make sure that only cxf-rt-ws-security includes the jandex index.
Comment 15 Paul Gier 2013-08-15 18:06:44 UTC 
Fix in git:
http://git.app.eng.bos.redhat.com/?p=apache/cxf.git;a=commitdiff;h=895aae6ad84522ac6750b70f6e65e6146b9ac41a

New build:
https://brewweb.devel.redhat.com/buildinfo?buildID=287870
Comment 16 Rostislav Svoboda 2013-08-16 06:29:49 UTC 
Verified in EAP 6.1.1 ER6

[rsvoboda@steve 611ER6]$ cd ./jboss-eap-6.1/modules/system/layers/base/org/apache/cxf/impl/main/
[rsvoboda@steve main]$ for i in `ls *.jar`; do echo $i; unzip -l $i | grep META-INF/jandex.idx; done
cxf-rt-bindings-coloc-2.6.8.redhat-6.jar
cxf-rt-bindings-object-2.6.8.redhat-6.jar
cxf-rt-bindings-soap-2.6.8.redhat-6.jar
cxf-rt-bindings-xml-2.6.8.redhat-6.jar
cxf-rt-core-2.6.8.redhat-6.jar
cxf-rt-databinding-aegis-2.6.8.redhat-6.jar
cxf-rt-databinding-jaxb-2.6.8.redhat-6.jar
cxf-rt-frontend-jaxws-2.6.8.redhat-6.jar
cxf-rt-frontend-simple-2.6.8.redhat-6.jar
cxf-rt-management-2.6.8.redhat-6.jar
cxf-rt-transports-http-2.6.8.redhat-6.jar
cxf-rt-transports-jms-2.6.8.redhat-6.jar
cxf-rt-transports-local-2.6.8.redhat-6.jar
cxf-rt-ws-addr-2.6.8.redhat-6.jar
cxf-rt-ws-mex-2.6.8.redhat-6.jar
cxf-rt-ws-policy-2.6.8.redhat-6.jar
cxf-rt-ws-rm-2.6.8.redhat-6.jar
cxf-rt-ws-security-2.6.8.redhat-6.jar
    28928  08-15-2013 12:34   META-INF/jandex.idx
cxf-services-sts-core-2.6.8.redhat-6.jar
cxf-tools-common-2.6.8.redhat-6.jar
cxf-tools-java2ws-2.6.8.redhat-6.jar
cxf-tools-validator-2.6.8.redhat-6.jar
cxf-tools-wsdlto-core-2.6.8.redhat-6.jar
cxf-tools-wsdlto-databinding-jaxb-2.6.8.redhat-6.jar
cxf-tools-wsdlto-frontend-jaxws-2.6.8.redhat-6.jar
cxf-xjc-boolean-2.6.0.redhat-4.jar
cxf-xjc-dv-2.6.0.redhat-4.jar
cxf-xjc-ts-2.6.0.redhat-4.jar