Closed jcharaoui closed 1 year ago
This can be changed by trocla removing the openssl dependency (or releasing a -java version of the gem that uses jruby-openssl), or it will have to wait until we can get the openssl gem maintainer to release a no-op version for JRuby that installs jruby-openssl.
I am just a bit confused how that slipped in.
It did when I updated the gemspec, but I wonder why....
Ah it came in through #69 - that explains it.
So it looks like we do not need the OpenSSL gem at all.
BUT I tried to make sure we don't regress into a broken jruby variant (since it is important for puppet-server) by re-adding jruby to the CI: https://github.com/duritong/trocla/pull/76
BUT it fails on jruby as all code that relates to SecureRandom
, which seems not to be random at all.
Jruby CI runs fine locally though.
I have a simple reproducer that shows that SecureRandom.random_number(10)
is always 0
if executed in github actions. It again runs fine locally.
See here: https://github.com/duritong/ruby-actions-test/actions/runs/3859056296
@headius since we somehow have your attention here: why do we have that issue?
I am not sure where to open an issue for that over at jruby, ruby/setup-ruby or github (where???)
I decided to report it to ruby/setup-ruby as a first try: https://github.com/ruby/setup-ruby/issues/448
FWIW Puppet Server's JRuby is currently pegged at 9.3.9.0 (via jruby-utils), while your CI is using nightly snapshot of JRuby. Are you seeing the same issue with that version of JRuby?
Hi I have the same issue when trying to install trocla gem within puppetserver ruby context. I'm blocked by openssl installation on jruby because there is no ruby source available.
=== OpenSSL for Ruby configurator ===
=== Checking for system dependent stuff... ===
" -o conftest -I/include/universal-java11 -Iuri:classloader:/META-INF/jruby.home/lib/ruby/include/ruby/backward -Iuri:classloader:/META-INF/jruby.home/lib/ruby/include -I. -fno-omit-frame-pointer -fno-strict-aliasing -fexceptions conftest.c -L. -Luri:classloader:/META-INF/jruby.home/lib -m64 "
checked program was:
/* begin */
1: #include "ruby.h"
2:
3: #include <ruby.h>
4: int main(int argc, char **argv)
5: {
6: return 0;
7: }
/* end */
@jcharaoui did you find a workaround to install trocla 0.5.0 in jruby ?
@jcharaoui did you find a workaround to install trocla 0.5.0 in jruby ?
Currently the easiest method is to just install trocla 0.4.0... If you're on Debian bookworm/sid, you can install the trocla
package which is version 0.5.0, but with the openssl
dependency patched out. You can then symlink it (and its dependencies) gem and specifications directories to Puppetserver JRuby's jruby-gem-home
.
I use actually 0.4.0 and I want feature that are available on 0.5.0 release :( All my puppserver are on centos, I can't use debian package but thanks for the tips.
Following up here: the SecureRandom issue in 9.4.0.0 is fixed on master and will be released in 9.4.1.0 early next week. The JRuby team is here to help make sure this gem runs green in CI or answer any questions!
@headius thank you for the infos.
The gem is already green on jruby-head, as soon as we have it as well on latest jruby (according to you next week), I'll make a new release that addresses this issue fully.
@duritong Does that mean the upcoming version of trocla require JRuby 9.4 and above? Because as I mentioned above, Puppet Server currently pegs its integrated JRuby at 9.3.9.0
, and it's also the version of JRuby being shipped with the upcoming Debian stable (bookworm). Would it be possible to ensure trocla works with this version as well? Thanks.
If we can get a version of the openssl gem released for JRuby that just depends on jruby-openssl, it should be installable on all supported JRuby versions.
The SecureRandom issue was only in 9.4.0.
FTR this work appears to be currently tracked in https://github.com/ruby/openssl/issues/20
fixed with bf52792bb90343e3765c1205598421cbf5e7d662
so 0.5.1 was released that does not depend on the openssl gem anymore and passes on all supported ruby versions.
The addition of
openssl
as a dependency is causing the gem to fail to install in the JRuby environment:This is because the
openssl
gem will try (and fail) to build its native C extension. However the Gemfile already brings injruby-openssl
so it should work to only add theopenssl
dependency when not using JRuby.