hbase-shaded/hbase-shaded-check-invariants/src/test/resources/ensure-jars-have-correct-contents.sh

   1 #!/usr/bin/env bash
   2 # Licensed to the Apache Software Foundation (ASF) under one
   3 # or more contributor license agreements.  See the NOTICE file
   4 # distributed with this work for additional information
   5 # regarding copyright ownership.  The ASF licenses this file
   6 # to you under the Apache License, Version 2.0 (the
   7 # "License"); you may not use this file except in compliance
   8 # with the License.  You may obtain a copy of the License at
   9 #
  10 #     http://www.apache.org/licenses/LICENSE-2.0
  11 #
  12 # Unless required by applicable law or agreed to in writing, software
  13 # distributed under the License is distributed on an "AS IS" BASIS,
  14 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  15 # See the License for the specific language governing permissions and
  16 # limitations under the License.
  17
  18 set -e
  19 function usage {
  20   echo "Usage: ${0} [options] [/path/to/some/example.jar:/path/to/another/example/created.jar]"
  21   echo ""
  22   echo "  accepts a single command line argument with a colon separated list of"
  23   echo "  paths to jars to check. Iterates through each such passed jar and checks"
  24   echo "  all the contained paths to make sure they follow the below constructed"
  25   echo "  safe list."
  26   echo ""
  27   echo "    --allow-hadoop     Include stuff from the Apache Hadoop project in the list"
  28   echo "                       of allowed jar contents. default: false"
  29   echo "    --debug            print more info to stderr"
  30   exit 1
  31 }
  32 # if no args specified, show usage
  33 if [ $# -lt 1 ]; then
  34   usage
  35 fi
  36
  37 # Get arguments
  38 declare allow_hadoop
  39 declare debug
  40 while [ $# -gt 0 ]
  41 do
  42   case "$1" in
  43     --allow-hadoop) shift; allow_hadoop="true";;
  44     --debug) shift; debug="true";;
  45     --) shift; break;;
  46     -*) usage ;;
  47     *)  break;;  # terminate while loop
  48   esac
  49 done
  50
  51 # should still have jars to check.
  52 if [ $# -lt 1 ]; then
  53   usage
  54 fi
  55 if [ -n "${debug}" ]; then
  56   echo "[DEBUG] Checking on jars: $*" >&2
  57   echo "jar command is: $(which jar)" >&2
  58   echo "grep command is: $(which grep)" >&2
  59   grep -V >&2 || true
  60 fi
  61
  62 IFS=: read -r -d '' -a artifact_list < <(printf '%s\0' "$1")
  63
  64 # we have to allow the directories that lead to the hbase dirs
  65 allowed_expr="(^org/$|^org/apache/$|^org/apache/hadoop/$"
  66 # We allow the following things to exist in our client artifacts:
  67 #   * classes in packages that start with org.apache.hadoop.hbase, which by
  68 #     convention should be in a path that looks like org/apache/hadoop/hbase
  69 allowed_expr+="|^org/apache/hadoop/hbase"
  70 #   * classes in packages that start with org.apache.hbase
  71 allowed_expr+="|^org/apache/hbase/"
  72 #   * whatever in the "META-INF" directory
  73 allowed_expr+="|^META-INF/"
  74 #   * the folding tables from jcodings
  75 allowed_expr+="|^tables/"
  76 #   * HBase's default configuration files, which have the form
  77 #     "_module_-default.xml"
  78 allowed_expr+="|^hbase-default.xml$"
  79 # public suffix list used by httpcomponents
  80 allowed_expr+="|^mozilla/$"
  81 allowed_expr+="|^mozilla/public-suffix-list.txt$"
  82 # Comes from commons-configuration, not sure if relocatable.
  83 allowed_expr+="|^digesterRules.xml$"
  84 allowed_expr+="|^properties.dtd$"
  85 allowed_expr+="|^PropertyList-1.0.dtd$"
  86
  87
  88 if [ -n "${allow_hadoop}" ]; then
  89   #   * classes in packages that start with org.apache.hadoop, which by
  90   #     convention should be in a path that looks like org/apache/hadoop
  91   allowed_expr+="|^org/apache/hadoop/"
  92   #   * Hadoop's default configuration files, which have the form
  93   #     "_module_-default.xml"
  94   allowed_expr+="|^[^-]*-default.xml$"
  95   #   * Hadoop's versioning properties files, which have the form
  96   #     "_module_-version-info.properties"
  97   allowed_expr+="|^[^-]*-version-info.properties$"
  98   #   * Hadoop's application classloader properties file.
  99   allowed_expr+="|^org.apache.hadoop.application-classloader.properties$"
 100 else
 101   # We have some classes for integrating with the Hadoop Metrics2 system
 102   # that have to be in a particular package space due to access rules.
 103   allowed_expr+="|^org/apache/hadoop/metrics2"
 104 fi
 105
 106
 107 allowed_expr+=")"
 108 declare -i bad_artifacts=0
 109 declare -a bad_contents
 110 for artifact in "${artifact_list[@]}"; do
 111   bad_contents=($(jar tf "${artifact}" | grep -v -E "${allowed_expr}" || true))
 112   if [ ${#bad_contents[@]} -gt 0 ]; then
 113     echo "[ERROR] Found artifact with unexpected contents: '${artifact}'"
 114     echo "    Please check the following and either correct the build or update"
 115     echo "    the allowed list with reasoning."
 116     echo ""
 117     for bad_line in "${bad_contents[@]}"; do
 118       echo "    ${bad_line}"
 119     done
 120     bad_artifacts=${bad_artifacts}+1
 121   else
 122     echo "[INFO] Artifact looks correct: '$(basename "${artifact}")'"
 123   fi
 124 done
 125
 126 # if there was atleast one bad artifact, exit with failure
 127 if [ "${bad_artifacts}" -gt 0 ]; then
 128   exit 1
 129 fi