Skip to content

Commit cbcfde9

Browse files
DaveCTurnerDaveCTurner
committed
Upgrade discovery-ec2 to AWS SDK v2
1 parent 27545b0 commit cbcfde9

35 files changed

+1024
-1011
lines changed

gradle/verification-metadata.xml

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4771,6 +4771,11 @@
47714771
<sha256 value="f8f0df5ee1fcfef0381d167ae50d85ce635b7e5b32d5d620bbb8019f183c6b41" origin="Generated by Gradle"/>
47724772
</artifact>
47734773
</component>
4774+
<component group="software.amazon.awssdk" name="apache-client" version="2.28.13">
4775+
<artifact name="apache-client-2.28.13.jar">
4776+
<sha256 value="5099b4417adb661410b3213426319c8b0e87d7216d8f271b2e43533672122e26" origin="Generated by Gradle"/>
4777+
</artifact>
4778+
</component>
47744779
<component group="software.amazon.awssdk" name="auth" version="2.28.13">
47754780
<artifact name="auth-2.28.13.jar">
47764781
<sha256 value="494db83a2a06f09ba6717bb7fff07d50eb85b0b0d51904bf76601ee48e728741" origin="Generated by Gradle"/>
@@ -4786,6 +4791,11 @@
47864791
<sha256 value="63adac3a637c67f779cc56099e264f1cdd2fc4ac85c27e281b2cad53a693f7d2" origin="Generated by Gradle"/>
47874792
</artifact>
47884793
</component>
4794+
<component group="software.amazon.awssdk" name="aws-query-protocol" version="2.28.13">
4795+
<artifact name="aws-query-protocol-2.28.13.jar">
4796+
<sha256 value="e967617a6a8b0b76187218d144a4058462a13a993aa18400cb6f783d65e5b947" origin="Generated by Gradle"/>
4797+
</artifact>
4798+
</component>
47894799
<component group="software.amazon.awssdk" name="bedrockruntime" version="2.28.13">
47904800
<artifact name="bedrockruntime-2.28.13.jar">
47914801
<sha256 value="9ff1571e87a11114407eade316e4439b63275283ff49b6aaf52549c37d8e6a92" origin="Generated by Gradle"/>
@@ -4801,6 +4811,11 @@
48014811
<sha256 value="20dfb45d582c175e48aa50237fd44704e31e91418b5d3da1092508dbcb9a4d11" origin="Generated by Gradle"/>
48024812
</artifact>
48034813
</component>
4814+
<component group="software.amazon.awssdk" name="ec2" version="2.28.13">
4815+
<artifact name="ec2-2.28.13.jar">
4816+
<sha256 value="667a1f24610fd9b5d68db7dc304bfc5d9df9f294d9a3e320e96ad415265b112d" origin="Generated by Gradle"/>
4817+
</artifact>
4818+
</component>
48044819
<component group="software.amazon.awssdk" name="endpoints-spi" version="2.28.13">
48054820
<artifact name="endpoints-spi-2.28.13.jar">
48064821
<sha256 value="b18dd1d66f03bf5e192ab51d7f3a8139e5bf1e7bab27501b00338f1d8e260f61" origin="Generated by Gradle"/>
@@ -4836,6 +4851,11 @@
48364851
<sha256 value="8baf158caf32cbab7cfdc2fabf48bac90e737917703c2a6e0502f46c46e3ef71" origin="Generated by Gradle"/>
48374852
</artifact>
48384853
</component>
4854+
<component group="software.amazon.awssdk" name="imds" version="2.28.13">
4855+
<artifact name="imds-2.28.13.jar">
4856+
<sha256 value="b7ff330aae712ed5dfc35b7d4612bddbfb483cbc945977420830044f6a609eed" origin="Generated by Gradle"/>
4857+
</artifact>
4858+
</component>
48394859
<component group="software.amazon.awssdk" name="json-utils" version="2.28.13">
48404860
<artifact name="json-utils-2.28.13.jar">
48414861
<sha256 value="369ed42586213a33bc7f94e9d21594ee64fec1152819476c24c82b312b27b170" origin="Generated by Gradle"/>

plugins/discovery-ec2/build.gradle

Lines changed: 100 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@
66
* your election, the "Elastic License 2.0", the "GNU Affero General Public
77
* License v3.0 only", or the "Server Side Public License, v 1".
88
*/
9+
apply plugin: 'elasticsearch.internal-cluster-test'
910
apply plugin: 'elasticsearch.internal-java-rest-test'
1011
apply plugin: 'elasticsearch.internal-cluster-test'
1112

@@ -15,30 +16,83 @@ esplugin {
1516
}
1617

1718
dependencies {
18-
api "com.amazonaws:aws-java-sdk-ec2:${versions.awsv1sdk}"
19-
api "com.amazonaws:aws-java-sdk-core:${versions.awsv1sdk}"
20-
api "org.apache.httpcomponents:httpclient:${versions.httpclient}"
21-
api "org.apache.httpcomponents:httpcore:${versions.httpcore}"
22-
api "commons-logging:commons-logging:${versions.commonslogging}"
23-
api "org.apache.logging.log4j:log4j-1.2-api:${versions.log4j}"
24-
api "commons-codec:commons-codec:${versions.commonscodec}"
25-
api "com.fasterxml.jackson.core:jackson-core:${versions.jackson}"
26-
api "com.fasterxml.jackson.core:jackson-databind:${versions.jackson}"
27-
api "com.fasterxml.jackson.core:jackson-annotations:${versions.jackson}"
28-
api "com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:${versions.jackson}"
29-
api "joda-time:joda-time:2.10.10"
19+
20+
implementation "software.amazon.awssdk:annotations:${versions.awsv2sdk}"
21+
implementation "software.amazon.awssdk:apache-client:${versions.awsv2sdk}"
22+
implementation "software.amazon.awssdk:auth:${versions.awsv2sdk}"
23+
implementation "software.amazon.awssdk:aws-core:${versions.awsv2sdk}"
24+
implementation "software.amazon.awssdk:ec2:${versions.awsv2sdk}"
25+
implementation "software.amazon.awssdk:endpoints-spi:${versions.awsv2sdk}"
26+
implementation "software.amazon.awssdk:http-client-spi:${versions.awsv2sdk}"
27+
implementation "software.amazon.awssdk:identity-spi:${versions.awsv2sdk}"
28+
implementation "software.amazon.awssdk:imds:${versions.awsv2sdk}"
29+
implementation "software.amazon.awssdk:retries-spi:${versions.awsv2sdk}"
30+
implementation "software.amazon.awssdk:sdk-core:${versions.awsv2sdk}"
31+
implementation "software.amazon.awssdk:utils:${versions.awsv2sdk}"
32+
33+
runtimeOnly "software.amazon.awssdk:aws-query-protocol:${versions.awsv2sdk}"
34+
runtimeOnly "software.amazon.awssdk:checksums-spi:${versions.awsv2sdk}"
35+
runtimeOnly "software.amazon.awssdk:checksums:${versions.awsv2sdk}"
36+
runtimeOnly "software.amazon.awssdk:http-auth-aws:${versions.awsv2sdk}"
37+
runtimeOnly "software.amazon.awssdk:http-auth-spi:${versions.awsv2sdk}"
38+
runtimeOnly "software.amazon.awssdk:http-auth:${versions.awsv2sdk}"
39+
runtimeOnly "software.amazon.awssdk:json-utils:${versions.awsv2sdk}"
40+
runtimeOnly "software.amazon.awssdk:metrics-spi:${versions.awsv2sdk}"
41+
runtimeOnly "software.amazon.awssdk:profiles:${versions.awsv2sdk}"
42+
runtimeOnly "software.amazon.awssdk:protocol-core:${versions.awsv2sdk}"
43+
runtimeOnly "software.amazon.awssdk:regions:${versions.awsv2sdk}"
44+
runtimeOnly "software.amazon.awssdk:retries:${versions.awsv2sdk}"
45+
runtimeOnly "software.amazon.awssdk:third-party-jackson-core:${versions.awsv2sdk}"
46+
47+
implementation "org.apache.httpcomponents:httpclient:${versions.httpclient}"
48+
49+
runtimeOnly "commons-codec:commons-codec:${versions.commonscodec}"
50+
runtimeOnly "commons-logging:commons-logging:${versions.commonslogging}"
51+
runtimeOnly "joda-time:joda-time:2.10.10"
52+
runtimeOnly "org.apache.httpcomponents:httpcore:${versions.httpcore}"
53+
runtimeOnly "org.apache.logging.log4j:log4j-1.2-api:${versions.log4j}"
54+
runtimeOnly "org.slf4j:slf4j-nop:${versions.slf4j}"
55+
// runtimeOnly("org.apache.logging.log4j:log4j-slf4j-impl:${versions.log4j}") https://github.com/elastic/elasticsearch/issues/93714
56+
runtimeOnly "org.slf4j:slf4j-api:${versions.slf4j}"
57+
runtimeOnly "org.reactivestreams:reactive-streams:${versions.reactive_streams}"
3058

3159
javaRestTestImplementation project(':plugins:discovery-ec2')
3260
javaRestTestImplementation project(':test:fixtures:aws-fixture-utils')
3361
javaRestTestImplementation project(':test:fixtures:aws-ec2-fixture')
3462
javaRestTestImplementation project(':test:fixtures:ec2-imds-fixture')
3563

64+
testImplementation project(':test:fixtures:aws-fixture-utils')
65+
testImplementation project(':test:fixtures:ec2-imds-fixture')
66+
3667
internalClusterTestImplementation project(':test:fixtures:ec2-imds-fixture')
3768
}
3869

3970
tasks.named("dependencyLicenses").configure {
40-
mapping from: /aws-java-sdk-.*/, to: 'aws-java-sdk'
41-
mapping from: /jackson-.*/, to: 'jackson'
71+
mapping from: 'annotations', to: 'aws-sdk-2'
72+
mapping from: 'apache-client', to: 'aws-sdk-2'
73+
mapping from: 'auth', to: 'aws-sdk-2'
74+
mapping from: 'aws-core', to: 'aws-sdk-2'
75+
mapping from: 'aws-query-protocol', to: 'aws-sdk-2'
76+
mapping from: 'checksums', to: 'aws-sdk-2'
77+
mapping from: 'checksums-spi', to: 'aws-sdk-2'
78+
mapping from: 'ec2', to: 'aws-sdk-2'
79+
mapping from: 'endpoints-spi', to: 'aws-sdk-2'
80+
mapping from: 'http-auth', to: 'aws-sdk-2'
81+
mapping from: 'http-auth-aws', to: 'aws-sdk-2'
82+
mapping from: 'http-auth-spi', to: 'aws-sdk-2'
83+
mapping from: 'http-client-spi', to: 'aws-sdk-2'
84+
mapping from: 'identity-spi', to: 'aws-sdk-2'
85+
mapping from: 'imds', to: 'aws-sdk-2'
86+
mapping from: 'json-utils', to: 'aws-sdk-2'
87+
mapping from: 'metrics-spi', to: 'aws-sdk-2'
88+
mapping from: 'profiles', to: 'aws-sdk-2'
89+
mapping from: 'protocol-core', to: 'aws-sdk-2'
90+
mapping from: 'regions', to: 'aws-sdk-2'
91+
mapping from: 'retries', to: 'aws-sdk-2'
92+
mapping from: 'retries-spi', to: 'aws-sdk-2'
93+
mapping from: 'sdk-core', to: 'aws-sdk-2'
94+
mapping from: 'third-party-jackson-core', to: 'aws-sdk-2'
95+
mapping from: 'utils', to: 'aws-sdk-2'
4296
}
4397

4498
esplugin.bundleSpec.from('config/discovery-ec2') {
@@ -68,19 +122,27 @@ tasks.register("writeTestJavaPolicy") {
68122
"permission org.bouncycastle.crypto.CryptoServicesPermission \"exportSecretKey\";",
69123
"permission org.bouncycastle.crypto.CryptoServicesPermission \"exportPrivateKey\";",
70124
"permission java.io.FilePermission \"\${javax.net.ssl.trustStore}\", \"read\";",
71-
"permission java.util.PropertyPermission \"com.amazonaws.sdk.ec2MetadataServiceEndpointOverride\", \"write\";",
72125
"permission java.security.SecurityPermission \"getProperty.jdk.tls.disabledAlgorithms\";",
73126
"permission java.security.SecurityPermission \"getProperty.jdk.certpath.disabledAlgorithms\";",
74127
"permission java.security.SecurityPermission \"getProperty.keystore.type.compat\";",
75128
"permission java.security.SecurityPermission \"getProperty.org.bouncycastle.ec.max_f2m_field_size\";",
129+
"permission java.util.PropertyPermission \"aws.ec2MetadataServiceEndpoint\", \"write\";",
130+
"permission java.io.FilePermission \"\${user.home}/.aws/credentials\", \"read\";",
131+
"permission java.io.FilePermission \"\${user.home}/.aws/config\", \"read\";",
132+
"permission java.util.PropertyPermission \"http.proxyHost\", \"read\";",
133+
"permission java.util.PropertyPermission \"aws.region\", \"read\";",
76134
"};"
77135
].join("\n")
78136
)
79137
} else {
80138
javaPolicy.write(
81139
[
82140
"grant {",
83-
" permission java.util.PropertyPermission \"com.amazonaws.sdk.ec2MetadataServiceEndpointOverride\", \"write\";",
141+
"permission java.util.PropertyPermission \"aws.ec2MetadataServiceEndpoint\", \"write\";",
142+
"permission java.io.FilePermission \"\${user.home}/.aws/credentials\", \"read\";",
143+
"permission java.io.FilePermission \"\${user.home}/.aws/config\", \"read\";",
144+
"permission java.util.PropertyPermission \"http.proxyHost\", \"read\";",
145+
"permission java.util.PropertyPermission \"aws.region\", \"read\";",
84146
"};"
85147
].join("\n"))
86148
}
@@ -92,36 +154,44 @@ tasks.withType(Test).configureEach {
92154
// this is needed for insecure plugins, remove if possible!
93155
systemProperty 'tests.artifact', project.name
94156

95-
// this is needed to manipulate com.amazonaws.sdk.ec2MetadataServiceEndpointOverride system property
157+
// this is needed to manipulate aws.ec2MetadataServiceEndpoint system property
96158
// it is better rather disable security manager at all with `systemProperty 'tests.security.manager', 'false'`
97159
if (buildParams.inFipsJvm){
98160
nonInputProperties.systemProperty 'java.security.policy', "=file://${buildDir}/tmp/java.policy"
99161
} else {
100162
nonInputProperties.systemProperty 'java.security.policy', "file://${buildDir}/tmp/java.policy"
101163
}
164+
165+
systemProperty 'aws.region', 'es-test-region'
102166
}
103167

104168
tasks.named("thirdPartyAudit").configure {
105169
ignoreMissingClasses(
106170
// classes are missing
107-
'com.amazonaws.jmespath.JmesPathExpression',
108-
'com.amazonaws.jmespath.ObjectMapperSingleton',
109-
'software.amazon.ion.IonReader',
110-
'software.amazon.ion.IonSystem',
111-
'software.amazon.ion.IonType',
112-
'software.amazon.ion.IonWriter',
113-
'software.amazon.ion.Timestamp',
114-
'software.amazon.ion.system.IonBinaryWriterBuilder',
115-
'software.amazon.ion.system.IonSystemBuilder',
116-
'software.amazon.ion.system.IonTextWriterBuilder',
117-
'software.amazon.ion.system.IonWriterBuilder',
118171
'javax.servlet.ServletContextEvent',
119172
'javax.servlet.ServletContextListener',
120173
'org.apache.avalon.framework.logger.Logger',
121174
'org.apache.log.Hierarchy',
122175
'org.apache.log.Logger',
123176
'javax.jms.Message',
124-
'javax.xml.bind.DatatypeConverter',
125-
'javax.xml.bind.JAXBContext'
177+
178+
// eventstream not used by the sync client
179+
'software.amazon.eventstream.HeaderValue',
180+
'software.amazon.eventstream.Message',
181+
'software.amazon.eventstream.MessageDecoder',
182+
183+
// crt?
184+
'software.amazon.awssdk.crt.auth.credentials.Credentials',
185+
'software.amazon.awssdk.crt.auth.signing.AwsSigner',
186+
'software.amazon.awssdk.crt.auth.signing.AwsSigningConfig',
187+
'software.amazon.awssdk.crt.auth.signing.AwsSigningConfig$AwsSignatureType',
188+
'software.amazon.awssdk.crt.auth.signing.AwsSigningConfig$AwsSignedBodyHeaderType',
189+
'software.amazon.awssdk.crt.auth.signing.AwsSigningConfig$AwsSigningAlgorithm',
190+
'software.amazon.awssdk.crt.auth.signing.AwsSigningResult',
191+
'software.amazon.awssdk.crt.checksums.CRC32',
192+
'software.amazon.awssdk.crt.checksums.CRC32C',
193+
'software.amazon.awssdk.crt.http.HttpHeader',
194+
'software.amazon.awssdk.crt.http.HttpRequest',
195+
'software.amazon.awssdk.crt.http.HttpRequestBodyStream',
126196
)
127197
}

0 commit comments

Comments
 (0)