search

Azure / azure-sdk-for-java

This repository is for active development of the Azure SDK for Java. For consumers of the SDK we recommend visiting our public developer docs at https://docs.microsoft.com/java/azure/ or our versioned developer docs at https://azure.github.io/azure-sdk-for-java.
MIT License
2.25k stars 1.93k forks source link

[FEATURE REQ] Upgrade guava version for azure batch sdk #39382

Open shrede01 opened 3 months ago

shrede01 commented 3 months ago

Our application has dependency on guava 33.1.0-jre, but this application also needs to leverage batch sdk('com.microsoft.azure:azure-batch:11.0.0') to interact with the azure batch account. Since batch uses guava version 20, and our application relies on higher version, when trying to hit batch api we are getting into issues like:

20 Mar 2024 13:34:49.792HostName=pre4studio.bases.com 2024-03-20 09:34:49,756 ERROR org.codehaus.groovy.grails.web.errors.GrailsExceptionResolver 489 - NoSuchMethodError occurred when processing request: [POST] /platformservices/projects/8867/skuLists/658b1d815744d25309904f2b/skuListDoeRuns
com.google.common.base.Preconditions.checkArgument(ZLjava/lang/String;Ljava/lang/Object;)V. Stacktrace follows:
, org.codehaus.groovy.grails.web.servlet.mvc.exceptions.ControllerExecutionException: Executing action [create] of controller [com.affinnova.platform.controllers.products.lpo.inputs.SkuListDoeRunController]  caused exception: Runtime error executing action
    at grails.plugin.cache.web.filter.PageFragmentCachingFilter.doFilter(PageFragmentCachingFilter.java:198)
    at grails.plugin.cache.web.filter.AbstractFilter.doFilter(AbstractFilter.java:63)
    at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)
    at grails.plugin.springsecurity.rest.RestAuthenticationFilter.doFilter(RestAuthenticationFilter.groovy:143)
    at com.affinnova.platform.services.security.CASOAuthTokenAuthenticationFilter.doFilter(CASOAuthTokenAuthenticationFilter.groovy:91)
    at com.affinnova.platform.services.security.AuthProxyAuthenticationFilter.doFilter(AuthProxyAuthenticationFilter.groovy:107)
    at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:62)
    at com.affinnova.platform.services.security.CerberusAuthenticationFilter.doFilter(CerberusAuthenticationFilter.groovy:86)
    at com.affinnova.platform.services.security.SSOConcurrentSessionFilter.doFilter(SSOConcurrentSessionFilter.groovy:114)
    at grails.plugin.springsecurity.web.SecurityRequestHolderFilter.doFilter(SecurityRequestHolderFilter.java:59)
    at com.affinnova.platform.servlet.filter.CacheExpiresFilter.doFilter(CacheExpiresFilter.groovy:40)
    at com.nielsen.springsession.web.http.HttpSessionSynchronizer.doFilterInternal(HttpSessionSynchronizer.java:29)
    at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)
    at java.lang.Thread.run(Thread.java:750)
Caused by: org.codehaus.groovy.grails.web.servlet.mvc.exceptions.ControllerExecutionException: Runtime error executing action
    ... 14 more
Caused by: java.lang.reflect.InvocationTargetException
    ... 14 more
Caused by: java.lang.NoSuchMethodError: com.google.common.base.Preconditions.checkArgument(ZLjava/lang/String;Ljava/lang/Object;)V
    at com.google.common.reflect.TypeCapture.capture(TypeCapture.java:32)
    at com.google.common.reflect.TypeToken.<init>(TypeToken.java:125)

And as we can see from dependency tree seems like the client runtime is the one pulling in the old version of dependency:

+--- com.microsoft.azure:azure-batch:11.0.0 | +--- com.microsoft.azure:azure-client-runtime:1.7.14 | | --- com.microsoft.rest:client-runtime:1.7.14 | | +--- com.google.guava:guava:20.0

Now from https://github.com/Azure/azure-sdk-for-java/issues/29586 I understand the need to support java 7, but could we not introduce a cut off version or a new version that supports using latest version of guava and hence along with it fix security vulnerabilities.

Until this is resolved we are forced to use guava 20 in our application which raises red flag with our devOps/security team to deploy the app.

joshfree commented 3 months ago

@mario-guerra could you assist in routing this Microsoft Batch SDK issue reported by @shrede01 please?

github-actions[bot] commented 3 months ago

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @bgklein @cRui861 @dpwatrous @gingi @mksuni @mscurrell @paterasMSFT.

mario-guerra commented 3 months ago

Adding @dpwatrous. Dave, this looks like another dependency issue that could potentially be resolved by the Track 2 preview release. What do you think?

dpwatrous commented 3 months ago

This is a dependency of com.microsoft.rest:client-runtime so the Batch team can't fix it directly. However, as @mario-guerra mentioned, we are working on releasing a new Batch SDK which is based on the modern, supported com.azure:azure-* libraries.

We're hoping to have a preview release out this month. I will update this issue as soon as it is published.

dpwatrous commented 3 weeks ago

Update: We have a beta version of the new SDK package (azure-compute-batch) available on Maven Central. This version is based on the latest core SDK libraries, and should resolve the Guava conflict.