Import-Package and other requirements not translated as Maven dependencies when generating pom #67
Comments
|
I don't think this is generally valid. An import package is for specifically allowing different providers and even multiple providers can match a given import requirement and there is no real maven equivalent for this. |
|
Yes but one would expect Maven artifacts to behave properly without specifying provider for this or that capability. I think we should try to add default providers for packages/capabilities as dependency, and people who want to deal with another provider would have to exclude the default one and add the replacement. |
That's why I always said that "reverse resolve" maven artifacts after the fact is simply wrong.
There is no such thing as "default provider", just keep DS as an example, why should Equinox be more "default" than Felix or any other? Beside that the DS provider is completely irrelevant for compile time and maven in particular as it is a runtime contain.
Do we need to believe in Maven?
A maven build would depend on the Logger API but not on the Logger Implementation ... |
Talking is cheap, show me the code ;)
That's true in theory, but some projects do recommend 1 particular provider (eg logger implementation) and ship it as a dependency so everything works according to the project recommendation out of the box. Integrators can still deal with exclude/extra dependency to bind another one.
Sorry, I wanted to write "behave".
I've seen projects that do not work that way and want a good logger by default, so they add it to dependencies. And it works. |
I have already described this in the previous discussion, nerveless it was decided to put more effort into keeping the old broken attempt ...
That's completely different, than binding a binary artifact to something it was never compiled with, this is plainly wrong and waiting for bad things to happen.
Yeah "uber-jars" also work, so we probably just ship one big-fat jar that includes everything, so no more worries... |
|
I am making good progress on improving and testing the SDK4Mvn.aggr. I've added enough mappings such that all IUs are mapped to existing group IDs:
The Many of the mappings are computed from the Maven metadata in p2. I'm now resolving all requirements, including package requirements. I'm not sure how best to handle requirements that resolve to more than on IU, e.g., here are just a few: Note too that even if the package requirement has a version range, we can't map that onto a version range on the IU (group/artifact)... Any thoughts on how we might deal with duplicate requirement resolutions? My sense is that we need some type of rule to to narrow the choices down to a single one or even to be able to filter them out... Also, I think some of the handling of os/arch/ws specific requirement is bogus, but I need to investigate further... |
As mentioned above this is not resolvable, as every one of those is a valid provider but serving completely different purpose. Beside that P2 is currently not capable of processing split packages correctly as far as I know... (reverse) mapping package imports is simply wrong as the compile time maven dependencies serve completely different purpose than selecting a suitable provider for a package import at runtime, e.g. it is not enough to just select one that provides the package, you also need to take into account use-clauses to not create an invalid class space... |
The resolution I'm doing here is just a query so all bundles exporting the package will be in the list. And while the problem may not be solvable in general, most uses of package imports are just saying I don't care about the name of the bundle that provides this package.
The package imports declared in the manifest and recorded in the p2 metadata are not compile time dependencies but runtime dependencies. |
Use clauses are not about bundle-names but about related packages, and P2 simply ignores this what could lead to wrong package-provider-bundles to be choosen, see for example: https://spring.io/blog/2008/10/20/understanding-the-osgi-uses-directive/,
Correct, but the dependencies in a pom are compile time dependencies... so mapping them just because the match something in a P2 repo is not correct. Best example is from your list:
|
|
And all this is not a problem when using plugin dependencies which are translated to maven dependencies already... |
But this is not about plugin dependencies... |
|
It's a question nevertheless because often the platform is changing bundle requirements to package imports purely to avoid depending on the name of the bundle, which changes when it comes directly from Maven... As with the recent junit changes. So I assume the platform is hoping the dependencies they had before don't disappear, so I need to understand what @mickaelistria thinks about this. |
|
Yes I think what you did here is all correct, I just wanted to explain why the problem is not solvable (with the given data in P2) as you can't know if the bundle has used this JUnit bundle/artifact when it was compiled, you can only find that it has something had on the compile classpath that provided the JUnit classes and at runtime wants a bundle exporting the package, but these two must not match so you will always get ambiguities! |
|
I think we need something that works good enough even if it's not always perfect. As @merks mentions, platform uses more and more Import-Package and we still want Maven artifacts to come with a decent dependency tree for the artifacts to be usable in Maven. @laeubi in another issue, I mentioned my attempt with |
|
About the replacement of Require-Bundle by Import-Package, it's not really a requirement but more an intermediary step to simplify migration to other providers (Bundle-SymbolicName org.junit.xxx from Orbit becomes junit-xxx from Central). But if it becomes an issue downstream for eg Maven artifacts, it would be totally acceptable to revert to |
|
@mickaelistria I'm not sure whats wrong with
Require-Bundle is bad, we should really not step-back here just to try guessing things we throw away at step zero... |
We need to capture only root dependencies be add them as dependencies in pom. Transitive dependencies are better being ignored. |
dependencies when generating pom Reduce the number of MavenMappings. Use the new CBI aggregators features described here to map based Maven metadata in p2 and to build Maven dependencies from java.package requirements: eclipse-cbi#11 Disable the validation repositories because they're not needed given the platform repository itself contains all requirements, and keeping them also results analysis anomalies because Orbit IUs are resolved where direct-from-Maven IUs are actually in the repository. eclipse-platform/eclipse.platform.releng#67
dependencies when generating pom Reduce the number of MavenMappings. Use the new CBI aggregators features described here to map based Maven metadata in p2 and to build Maven dependencies from java.package requirements: eclipse-cbi/p2repo-aggregator#11 Disable the validation repositories because they're not needed given the platform repository itself contains all requirements, and keeping them also results analysis anomalies because Orbit IUs are resolved where direct-from-Maven IUs are actually in the repository. eclipse-platform#67
dependencies when generating pom Reduce the number of MavenMappings. Use the new CBI aggregators features described here to map based Maven metadata in p2 and to build Maven dependencies from java.package requirements: eclipse-cbi/p2repo-aggregator#11 Disable the validation repositories because they're not needed given the platform repository itself contains all requirements, and keeping them also results analysis anomalies because Orbit IUs are resolved where direct-from-Maven IUs are actually in the repository. eclipse-platform#67
dependencies when generating pom Reduce the number of MavenMappings. Use the new CBI aggregator's features described here to map based Maven metadata in p2 and to build Maven dependencies from java.package requirements: eclipse-cbi/p2repo-aggregator#11 Disable the validation repositories because they're not needed given the platform repository itself contains all requirements, and keeping them also results analysis anomalies because Orbit IUs are resolved where direct-from-Maven IUs are actually in the repository. eclipse-platform#67
dependencies when generating pom Reduce the number of MavenMappings. Use the new CBI aggregator's features described here to map based Maven metadata in p2 and to build Maven dependencies from java.package requirements: eclipse-cbi/p2repo-aggregator#11 Disable the validation repositories because they're not needed given the platform repository itself contains all requirements, and keeping them also results analysis anomalies because Orbit IUs are resolved where direct-from-Maven IUs are actually in the repository. eclipse-platform#67
|
I had to reintroduce a mapping for bouncycastle. |
Currently, the pom generator (CBI p2Repo aggregator) only process Require-Bundle to derive Maven dependencies. Many bundles, more and more, do use Import-Package or even Require-Capability to define runtime requirements. Those should also be resolved and translated to Maven dependencies when generating the pom file to be deployed.
The text was updated successfully, but these errors were encountered: