search

jenkinsci / plugin-modernizer-tool

MIT License
9 stars 7 forks source link

Some plugins still using old versions of Java don't get detected as such #342

Open gounthar opened 2 days ago

gounthar commented 2 days ago

Jenkins and plugins versions report

The AnchorChain plugin for example is not declaring any java.version property that could help us identify we need a remediation. It is declaring a parent pom version, though:

<parent>
    <groupId>org.jenkins-ci.plugins</groupId>
    <artifactId>plugin</artifactId>
    <version>1.399</version><!-- which version of Jenkins is this plugin built against? -->
  </parent>

The official documentation says:

Properly maintained Jenkins plugins are expected to use a 2.x-series (or newer) parent POM, the later the better, to define the basic structure of pom.xml.

Could we leverage that to treat the plugin as a pre-jdk8 plugin and remediate it?

What Operating System are you using (both controller, and any agents involved in the problem)?

WSL2/Debian

Reproduction steps

java -jar plugin-modernizer-cli/target/j
enkins-plugin-modernizer-999999-SNAPSHOT.jar --plugins AnchorChain --recipes MinimalBuildJava8,AddOrModernizeJenkinsFile,AddDependencyCheck --debug

Expected Results

No error.

Actual Results

rm -fr ~/.cache/jenkins-plugin-modernizer-cli/vagrant/ && java -jar plugin-modernizer-cli/target/j
enkins-plugin-modernizer-999999-SNAPSHOT.jar --plugins AnchorChain --recipes MinimalBuildJava8,AddOrModernizeJenkinsFile,AddDependencyCheck --debug
Starting Plugin Modernizer
Maven version detected: 3.9.9
Connecting to GitHub using token...
(1bc776b7) GitHub API request: GET https://api.github.com/user
Getting current user using token...
(3b4825f0) GitHub API request: GET https://api.github.com/user/emails
Connected to GitHub as Bruno Verachten <gounthar@gmail.com>
Plugins: [AnchorChain]
Recipes: io.jenkins.tools.pluginmodernizer.MinimalBuildJava8, io.jenkins.tools.pluginmodernizer.AddOrModernizeJenkinsFile, io.jenkins.tools.pluginmodernizer.AddDependencyCheck
GitHub owner: gounthar
Update Center Url: https://updates.jenkins.io/current/update-center.actual.json
Plugin versions Url: https://updates.jenkins.io/current/plugin-versions.json
Plugin Health Score Url: https://plugin-health.jenkins.io/api/scores
Installation Stats Url: https://stats.jenkins.io/jenkins-stats/svg/202406-plugins.csv
Cache Path: /home/poddingue/.cache/jenkins-plugin-modernizer-cli
Dry Run: false
Skip Push: false
Skip Build: false
Skip Pull Request: false
Maven rewrite plugin version: 5.42.2
Cache entry expired: plugin-versions. Will skip it
Fetching data from: https://updates.jenkins.io/current/plugin-versions.json
Fetched data from: https://updates.jenkins.io/current/plugin-versions.json
Cache entry expired: update-center. Will skip it
Fetching data from: https://updates.jenkins.io/current/update-center.actual.json
Fetched data from: https://updates.jenkins.io/current/update-center.actual.json
Cache entry found for cache /home/poddingue/.cache/jenkins-plugin-modernizer-cli at path . and key update-center
Plugin AnchorChain latest version: 1.0
Cache entry expired: health-score. Will skip it
Fetching data from: https://plugin-health.jenkins.io/api/scores
Fetched data from: https://plugin-health.jenkins.io/api/scores
Plugin AnchorChain health score: 73.0
Cache entry expired: plugin-installation-stats. Will skip it
Fetching data from: https://stats.jenkins.io/jenkins-stats/svg/202406-plugins.csv
Fetched data from: https://stats.jenkins.io/jenkins-stats/svg/202406-plugins.csv
Plugin AnchorChain installations: 700
Cache entry found for cache /home/poddingue/.cache/jenkins-plugin-modernizer-cli at path . and key update-center
Is API plugin AnchorChain : false
Cache entry found for cache /home/poddingue/.cache/jenkins-plugin-modernizer-cli at path . and key update-center
(4dcbae55) GitHub API request: GET https://api.github.com/repos/jenkinsci/anchor-chain-plugin
(15a3b42) GitHub API request: GET https://api.github.com/repos/jenkinsci/anchor-chain-plugin
Forking plugin AnchorChain locally from repo anchor-chain-plugin...
(52c9d3d0) GitHub API request: GET https://api.github.com/orgs/gounthar
Owner is not an organization: gounthar
(67e0ff3a) GitHub API request: GET https://api.github.com/repos/jenkinsci/anchor-chain-plugin
Getting current user using token...
(7b2bf745) GitHub API request: GET https://api.github.com/repos/gounthar/anchor-chain-plugin
Getting current user using token...
Repository already forked to personal account gounthar
Getting current user using token...
(6fe595dc) GitHub API request: GET https://api.github.com/repos/gounthar/anchor-chain-plugin
Forked repository: https://github.com/gounthar/anchor-chain-plugin
(5af5d76f) GitHub API request: GET https://api.github.com/orgs/gounthar
Owner is not an organization: gounthar
Getting current user using token...
(3a8cea24) GitHub API request: GET https://api.github.com/repos/gounthar/anchor-chain-plugin
(1eb9a3ef) GitHub API request: GET https://api.github.com/repos/gounthar/anchor-chain-plugin
Syncing the forked repository gounthar/anchor-chain-plugin
(27fe059d) GitHub API request: POST https://api.github.com/repos/gounthar/anchor-chain-plugin/merge-upstream
Synced the forked repository for plugin AnchorChain
(390037e7) GitHub API request: GET https://api.github.com/repos/jenkinsci/anchor-chain-plugin
(704067c6) GitHub API request: GET https://api.github.com/repos/gounthar/anchor-chain-plugin
Fetch plugin code AnchorChain from https://github.com/gounthar/anchor-chain-plugin into directory anchor-chain-plugin...
Fetching AnchorChain
(7f4596d0) GitHub API request: GET https://api.github.com/repos/jenkinsci/anchor-chain-plugin
(6002e944) GitHub API request: GET https://api.github.com/repos/gounthar/anchor-chain-plugin
(4877919f) GitHub API request: GET https://api.github.com/repos/jenkinsci/anchor-chain-plugin
(47a7c93e) GitHub API request: GET https://api.github.com/repos/gounthar/anchor-chain-plugin
Resetting changes and pulling latest changes from https://github.com/gounthar/anchor-chain-plugin.git
Fetched repository from https://github.com/gounthar/anchor-chain-plugin.git to branch refs/heads/master
Fetched repository from https://github.com/gounthar/anchor-chain-plugin
Cache entry found for cache /home/poddingue/.cache/jenkins-plugin-modernizer-cli at path AnchorChain and key plugin-metadata
No metadata or precondition errors found for plugin AnchorChain. Skipping initial compilation.
Ensuring minimal build for plugin AnchorChain
Ensuring minimal build for plugin AnchorChain... Please be patient
Validating POM for plugin: AnchorChain
Build failed with code: 1
Done
(5e905f2c) GitHub API request: GET https://api.github.com/repos/jenkinsci/anchor-chain-plugin
(740b9a50) GitHub API request: GET https://api.github.com/repos/gounthar/anchor-chain-plugin
Branch already exists. Checking out the branch
Reseted the branch to Checking out the branch to default branch master
Metadata already computed for plugin AnchorChain. Using cached metadata.
Precondition error MAVEN_REPOSITORIES_HTTP was not remediated for plugin AnchorChain
Precondition error MISSING_RELATIVE_PATH was not remediated for plugin AnchorChain
Failed to create target directory for plugin AnchorChain
Precondition errors found for plugin AnchorChain
Saving object to /home/poddingue/.cache/jenkins-plugin-modernizer-cli/AnchorChain/sources/target/./plugin-metadata
Moving object from /home/poddingue/.cache/jenkins-plugin-modernizer-cli/AnchorChain/sources/target/./plugin-metadata to /home/poddingue/.cache/jenkins-plugin-modernizer-cli/AnchorChain/plugin-metadata
Cache entry found for cache /home/poddingue/.cache/jenkins-plugin-modernizer-cli/AnchorChain/sources/target at path . and key plugin-metadata
/home/poddingue/.cache/jenkins-plugin-modernizer-cli
Cache entry removed for key: plugin-metadata at location /home/poddingue/.cache/jenkins-plugin-modernizer-cli/AnchorChain/sources/target
Cache entry found for cache /home/poddingue/.cache/jenkins-plugin-modernizer-cli at path AnchorChain and key plugin-metadata
Moved plugin AnchorChain metadata to cache: /home/poddingue/.cache/jenkins-plugin-modernizer-cli/AnchorChain/plugin-metadata
Cache entry found for cache /home/poddingue/.cache/jenkins-plugin-modernizer-cli at path AnchorChain and key plugin-metadata
Setting extra flags for plugin AnchorChain
No applicable plugin check for flag SCM_HTTPS
No applicable plugin check for flag MAVEN_REPOSITORIES_HTTPS
No applicable plugin check for flag LICENSE_SET
No applicable plugin check for flag DEVELOPER_SET
Cache entry found for cache /home/poddingue/.cache/jenkins-plugin-modernizer-cli at path . and key update-center
Flag IS_API_PLUGIN applicable for plugin AnchorChain: false
Cache entry found for cache /home/poddingue/.cache/jenkins-plugin-modernizer-cli at path . and key update-center
Flag IS_DEPRECATED applicable for plugin AnchorChain: false
Cache entry found for cache /home/poddingue/.cache/jenkins-plugin-modernizer-cli at path . and key update-center
Flag IS_FOR_ADOPTION applicable for plugin AnchorChain: false
Cache entry found for cache /home/poddingue/.cache/jenkins-plugin-modernizer-cli at path . and key health-score
Flag HAS_MAX_SCORE applicable for plugin AnchorChain: false
Cache entry found for cache /home/poddingue/.cache/jenkins-plugin-modernizer-cli at path . and key health-score
Flag HAS_LOW_SCORE applicable for plugin AnchorChain: true
Cache entry found for cache /home/poddingue/.cache/jenkins-plugin-modernizer-cli at path . and key plugin-installation-stats
Flag NO_KNOWN_INSTALLATION applicable for plugin AnchorChain: false
Saving object to /home/poddingue/.cache/jenkins-plugin-modernizer-cli/AnchorChain/plugin-metadata
Found non-https repository URL in pom file preventing maven older than 3.8.1
Missing relative path in pom file preventing parent download
Skipping plugin AnchorChain due to metadata/precondition errors. Check logs for more details.
*************
Plugin: AnchorChain
Error: Build failed with code: 1
Stacktrace:
io.jenkins.tools.pluginmodernizer.core.model.PluginProcessingException: Build failed with code: 1
        at io.jenkins.tools.pluginmodernizer.core.model.Plugin.addError(Plugin.java:306)
        at io.jenkins.tools.pluginmodernizer.core.impl.MavenInvoker.handleInvocationResult(MavenInvoker.java:272)
        at io.jenkins.tools.pluginmodernizer.core.impl.MavenInvoker.invokeGoals(MavenInvoker.java:183)
        at io.jenkins.tools.pluginmodernizer.core.impl.MavenInvoker.ensureMinimalBuild(MavenInvoker.java:106)
        at io.jenkins.tools.pluginmodernizer.core.impl.PluginModernizer.process(PluginModernizer.java:136)
        at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
        at io.jenkins.tools.pluginmodernizer.core.impl.PluginModernizer.start(PluginModernizer.java:75)
        at io.jenkins.tools.pluginmodernizer.cli.Main.run(Main.java:265)
        at picocli.CommandLine.executeUserObject(CommandLine.java:2030)
        at picocli.CommandLine.executeHelpRequest(CommandLine.java:2016)
        at picocli.CommandLine.executeHelpRequest(CommandLine.java:1987)
        at picocli.CommandLine$AbstractParseResultHandler.execute(CommandLine.java:2272)
        at picocli.CommandLine$RunLast.execute(CommandLine.java:2421)
        at picocli.CommandLine.execute(CommandLine.java:2174)
        at io.jenkins.tools.pluginmodernizer.cli.Main.main(Main.java:47)
Error: Found non-https repository URL in pom file preventing maven older than 3.8.1
Stacktrace:
io.jenkins.tools.pluginmodernizer.core.model.PluginProcessingException: Found non-https repository URL in pom file preventing maven older than 3.8.1
        at io.jenkins.tools.pluginmodernizer.core.model.Plugin.addError(Plugin.java:306)
        at io.jenkins.tools.pluginmodernizer.core.model.Plugin.lambda$addPreconditionErrors$0(Plugin.java:261)
        at java.base/java.lang.Iterable.forEach(Iterable.java:75)
        at java.base/java.util.Collections$UnmodifiableCollection.forEach(Collections.java:1116)
        at io.jenkins.tools.pluginmodernizer.core.model.Plugin.addPreconditionErrors(Plugin.java:261)
        at io.jenkins.tools.pluginmodernizer.core.impl.PluginModernizer.process(PluginModernizer.java:184)
        at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
        at io.jenkins.tools.pluginmodernizer.core.impl.PluginModernizer.start(PluginModernizer.java:75)
        at io.jenkins.tools.pluginmodernizer.cli.Main.run(Main.java:265)
        at picocli.CommandLine.executeUserObject(CommandLine.java:2030)
        at picocli.CommandLine.executeHelpRequest(CommandLine.java:2016)
        at picocli.CommandLine.executeHelpRequest(CommandLine.java:1987)
        at picocli.CommandLine$AbstractParseResultHandler.execute(CommandLine.java:2272)
        at picocli.CommandLine$RunLast.execute(CommandLine.java:2421)
        at picocli.CommandLine.execute(CommandLine.java:2174)
        at io.jenkins.tools.pluginmodernizer.cli.Main.main(Main.java:47)
Error: Missing relative path in pom file preventing parent download
Stacktrace:
io.jenkins.tools.pluginmodernizer.core.model.PluginProcessingException: Missing relative path in pom file preventing parent download
        at io.jenkins.tools.pluginmodernizer.core.model.Plugin.addError(Plugin.java:306)
        at io.jenkins.tools.pluginmodernizer.core.model.Plugin.lambda$addPreconditionErrors$0(Plugin.java:261)
        at java.base/java.lang.Iterable.forEach(Iterable.java:75)
        at java.base/java.util.Collections$UnmodifiableCollection.forEach(Collections.java:1116)
        at io.jenkins.tools.pluginmodernizer.core.model.Plugin.addPreconditionErrors(Plugin.java:261)
        at io.jenkins.tools.pluginmodernizer.core.impl.PluginModernizer.process(PluginModernizer.java:184)
        at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
        at io.jenkins.tools.pluginmodernizer.core.impl.PluginModernizer.start(PluginModernizer.java:75)
        at io.jenkins.tools.pluginmodernizer.cli.Main.run(Main.java:265)
        at picocli.CommandLine.executeUserObject(CommandLine.java:2030)
        at picocli.CommandLine.executeHelpRequest(CommandLine.java:2016)
        at picocli.CommandLine.executeHelpRequest(CommandLine.java:1987)
        at picocli.CommandLine$AbstractParseResultHandler.execute(CommandLine.java:2272)
        at picocli.CommandLine$RunLast.execute(CommandLine.java:2421)
        at picocli.CommandLine.execute(CommandLine.java:2174)
        at io.jenkins.tools.pluginmodernizer.cli.Main.main(Main.java:47)
*************
Plugin Modernizer finished.

Anything else?

No response

Are you interested in contributing a fix?

Yes.

gounthar commented 2 days ago

Maybe I'm mixing two things there... The detection of an old JDK may fail, but some remediation code may be the root cause:

/**
     * If the plugin has HTTP repositories preventing modernization
     */
    MAVEN_REPOSITORIES_HTTP(
            (document, xpath) -> {
                if (document == null) {
                    return false;
                }
                try {
                    Double nonHttpsRepositories = (Double) xpath.evaluate(
                            "count(//*[local-name()='project']/*[local-name()='repositories']/*[local-name()='repository']/*[local-name()='url' and not(starts-with(., 'https'))])",
                            document,
                            XPathConstants.NUMBER);
                    return nonHttpsRepositories != null && !nonHttpsRepositories.equals(0.0);
                } catch (Exception e) {
                    return false;
                }
            },
            plugin -> {
                // TODO: Implement remediation function (See
                // https://github.com/jenkinsci/plugin-modernizer-tool/pull/307)
                return false;
            },
            "Found non-https repository URL in pom file preventing maven older than 3.8.1"),

I thought this was being handled by :

type: specs.openrewrite.org/v1beta/recipe
name: io.jenkins.tools.pluginmodernizer.MinimalBuildJava8
displayName: Minimal build for JDK 8
description: Ensuring a minimal build for a Jenkins plugin with JDK 8
tags: ['java8']
recipeList:
  - org.openrewrite.maven.security.UseHttpsForRepositories
  - org.openrewrite.jenkins.DisableLocalResolutionForParentPom
---

, but we may not even reach that recipe (see #307). 🤔

jonesbusy commented 2 days ago

I think io.jenkins.tools.pluginmodernizer.MinimalBuildJava8 will need to be removed because it will not work if we don't have artifacts in the local maven cache

Must be done in a static way by implementing the TODOs (should not be too difficult)

gounthar commented 2 days ago

I'm working on it. 🤗