Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 900455 (JBPAPP6-842)

Summary: Unsign script keeps digests in Manifest files
Product: [JBoss] JBoss Enterprise Application Platform 6 Reporter: Vladimir Dosoudil <dosoudil>
Component: Build, Maven RepositoryAssignee: Vladimir Dosoudil <dosoudil>
Status: CLOSED NEXTRELEASE QA Contact:
Severity: urgent Docs Contact:
Priority: urgent    
Version: 6.0.0CC: dosoudil, pgier, vtunka
Target Milestone: ---   
Target Release: EAP 6.0.0   
Hardware: Unspecified   
OS: Unspecified   
URL: http://jira.jboss.org/jira/browse/JBPAPP6-842
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-06-05 05:55:24 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
digested-jars-eap-er8-dist
none
digested-jars-eap-er8-repo none

Description Vladimir Dosoudil 2012-05-17 12:26:06 UTC 
project_key: JBPAPP6

The JBoss EAP distribution zip contains 229 jars containing Manifest file with SHA1/MD5 digests.
The Maven repository zip contains 492 jars containing Manifest file with SHA1/MD5 digests.

The unsign script doesn't remove digest record lines in a proper way.

This is a performance blocker for this release.
Comment 1 Vladimir Dosoudil 2012-05-17 12:28:32 UTC 
Attached files contain the list of affected jars in both dist zip and maven repo zip.
Comment 2 Vladimir Dosoudil 2012-05-17 12:28:32 UTC 
Attachment: Added: digested-jars-eap-er8-dist
Attachment: Added: digested-jars-eap-er8-repo
Comment 3 Vladimir Dosoudil 2012-05-17 12:57:10 UTC 
The unsign script [1] had worked slowly but properly before the perl multiline regex was applied instead of the bash/sed routine [2]. The perl multiline regex works but not for every cases.

[1] http://git.app.eng.bos.redhat.com/?p=jboss-eap/maven-repository-testsuite.git;a=blob;f=src/scripts/unsign-mvn-repo;h=d3dc21dc9faeb57ef83e9b77ca888b6d1388a739;hb=570b91079ec978289a2a38057f6250972ead541e
[2] http://git.app.eng.bos.redhat.com/?p=jboss-eap/maven-repository-testsuite.git;a=commitdiff;h=5d87d7aa51784d89d66c46384716db413ce78193
Comment 4 Paul Gier 2012-05-17 14:46:17 UTC 
The unsigning script is now fixed in [git|http://git.app.eng.bos.redhat.com/?p=jboss-eap/maven-repository-testsuite.git;a=commitdiff;h=e41f7a51fcb985be4a2650d4f8b12f193fd104cd].
Comment 5 Vladimir Dosoudil 2012-05-17 15:03:48 UTC 
The JBoss EAP distribution zip contains 5 jars containing Manifest file with some rest of digests:

{code}
./modules/nu/xom/main/xom-1.2.7-redhat-1.jar
./modules/org/apache/xalan/main/serializer-2.7.1-redhat-1.jar
./modules/org/apache/xalan/main/xalan-2.7.1-redhat-1.jar
./modules/org/apache/xerces/main/xercesImpl-2.9.1-redhat-1.jar
./modules/org/jdom/main/jdom-1.1.2-redhat-1.jar
{code}

And the Maven repository zip contains 7 jars containing Manifest file some rest of digests:
{code}
./org/jdom/jdom/1.1.2-redhat-1/jdom-1.1.2-redhat-1.jar
./xalan/serializer/2.7.1-redhat-1/serializer-2.7.1-redhat-1.jar
./xalan/serializer/2.7.1-redhat-1/serializer-2.7.1-redhat-1-sources.jar
./xalan/xalan/2.7.1-redhat-1/xalan-2.7.1-redhat-1.jar
./xalan/xalan/2.7.1-redhat-1/xalan-2.7.1-redhat-1-sources.jar
./xerces/xercesImpl/2.9.1-redhat-1/xercesImpl-2.9.1-redhat-1.jar
./xom/xom/1.2.7-redhat-1/xom-1.2.7-redhat-1.jar
{code}
Comment 6 Paul Gier 2012-05-17 15:35:25 UTC 
For each of these remaining jars, all of the class file digests were removed.  However these jars contain directory specific configuration and it appears that the signing process added digest information for these directories.  The number of remaining digests is relatively small (<10) for each of these jars vs hundreds of entries in the original signed jar, so performance should be fine, but I'll look into whether we can reliably remove the remaining digests without affecting the valid directory configuration.
Comment 7 Paul Gier 2012-05-18 14:57:10 UTC 
Added another perl regex to remove any remaining SHA1-Digest lines ([21e3ba41|http://git.app.eng.bos.redhat.com/?p=jboss-eap/maven-repository-testsuite.git;a=commitdiff;h=21e3ba419067d9cb04353acfe4a638828918b666]).

Vladimir, can you add your test script to the eap smoke tests?  It should be run against both the EAP zip and Maven repo zip.
Comment 8 Vladimir Dosoudil 2012-05-21 15:05:21 UTC 
The checking script added to [git repo|http://git.app.eng.bos.redhat.com/?p=jboss-eap/maven-repository-testsuite.git;a=commitdiff;h=8b9d6992dc822e8a71401b033187b58e106b87f8].

Usage:
{code}
check-digests jboss-eap-6.0 > eap-60-handoff-jars-with-digests-eap-dist.txt
check-digests jboss-eap-6.0.0.ERX-maven-repository > eap-60-handoff-jars-with-digests-maven-repo.txt
{code}
Comment 9 Vaclav Tunka 2012-05-21 16:07:51 UTC 
Created Jenkins job to check digests during smoke tests:
https://hudson.qa.jboss.com/hudson/job/eap-60-handoff-check-manifest-digests/

Added to the smoke tests trigger:
https://hudson.qa.jboss.com/hudson/view/EAP-CI/view/EAP6-CI/job/JBoss-EAP-6.0.x-smoke-test-trigger/
Comment 10 Rajesh Rajasekaran 2012-05-23 14:56:47 UTC 
Link: Added: This issue depends JBPAPP-9121
Comment 11 Rajesh Rajasekaran 2012-05-23 14:57:02 UTC 
Link: Removed: This issue depends JBPAPP-9121
Comment 12 Paul Gier 2012-05-24 13:29:36 UTC 
Link: Added: This issue is duplicated by JBPAPP-9135
Comment 13 Misty Stanley-Jones 2012-06-01 04:35:19 UTC 
Release Notes Docs Status: Added: Not Required
Comment 14 Rostislav Svoboda 2012-06-05 05:55:24 UTC 
Verified on EAP 6.0.0 CR1.

ZIP files for EAP and maven repo do not contain jars with digests.
Comment 15 Anne-Louise Tangring 2012-11-05 17:55:51 UTC 
Release Notes Docs Status: Removed: Not Required 
Docs QE Status: Removed: NEW