search

quarkiverse / quarkus-amazon-services

Quarkus Amazon Services extensions
Apache License 2.0
39 stars 48 forks source link

IAMLoginModule should be marked to be initialized at runtime #1204

Open galderz opened 5 months ago

galderz commented 5 months ago

IAMSaslClientProvider lookup fails when running with Quarkus native. This is due to the mechanism name registration depending on classloader hashcode values. The issue arises because by default Quarkus initializes all classes at build time rather than runtime, so the static block in software.amazon.msk.auth.iam.IAMLoginModule runs at build time, and that registers the mech name with a hashcode value, which is different to the one computed at runtime.

The issue can easily be solved by making sure that software.amazon.msk.auth.iam.IAMLoginModule is runtime initialized. This should really be done by the Quarkus Amazon integration, but until then the following workaround can be passed to a native build

-Dquarkus.native.additional-build-args=--initialize-at-run-time=software.amazon.msk.auth.iam.IAMLoginModule

More details in https://github.com/quarkusio/quarkus/issues/39548

galderz commented 5 months ago

This should have a "good-first-issue" label applied.

scrocquesel commented 5 months ago

Looking into the aforementioned issue, it is related to another SDK that this extension is primarily focused on (aws-sdk-java-v2). There is another issue requesting an AWS JDBC driver extension.

Given that AWS has numerous SDKs, some more maintained than others, I don't believe this extension should handle all of them. While some SDKs may use aws-sdk-java-v2, others may still rely on v1, which AWS announced will enter maintenance mode in July 2024.

I'd like to hear your thoughts on this. @gsmet, any thoughts?

scrocquesel commented 4 months ago

@gastaldi @gsmet any thoughts on my previous comment ?

gastaldi commented 4 months ago

I believe this issue exists because of the iam module which contains the https://github.com/aws/aws-msk-iam-auth/blob/main/src/main/java/software/amazon/msk/auth/iam/IAMLoginModule.java class that @galderz is referring to.

joseiedo commented 2 days ago

I'm a bit lost about how to proceed with this issue. I couldn't find the aws-msk-auth-iam dependency in the project... Would the plan be to add this library to the project and manually register the components with reflection?

I'm willing to submit a PR, it's just that I'm not sure about what we can do here 😅