[improve][build] Upgrade kubernetes client-java to 26.0.0#25856
Merged
Conversation
… AWS SDK transitives The kubernetes client-java 26.0.0 release adds software.amazon.awssdk:sts for EKS IAM authentication, which transitively pulls in ~28 AWS SDK v2 jars. Pulsar does not use the AWS auth path, so exclude software.amazon.awssdk from every consumer of libs.kubernetes.client.java to keep the binary distribution free of these dependencies. Only the kubernetes-client-java version entries in LICENSE.bin.txt are updated; no AWS SDK LICENSE entries are needed since the jars are no longer bundled. Verified with ./gradlew checkBinaryLicense.
lhotari
changed the title
dao-jun
added
dependencies
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Motivation
Previously it wasn't possible to upgrade beyond 23.0.0 due to the bug that is fixed by OpenAPITools/openapi-generator#22498 . The 26.0.0 client-java release uses 7.18.0 openapi-generator and the stubs were generated in PR kubernetes-client/java#4535.
The
io.kubernetes:client-java26.0.0 release addssoftware.amazon.awssdk:stsas a direct dependency to support EKS IAM authentication (IRSA). That single dependency transitively pulls in ~28 AWS SDK v2 jars (about 8 MB) plussoftware.amazon.eventstream:eventstream.Pulsar uses the kubernetes client only for in-cluster API access (functions runtime, OIDC auth, secrets, integration tests) and does not need the AWS authentication path. Bundling the AWS SDK jars in the binary distribution would be pure dead weight.
Modifications
kubernetesclientfrom23.0.0to26.0.0ingradle/libs.versions.toml.exclude(group = "software.amazon.awssdk")to every consumer oflibs.kubernetes.client.java(andlibs.kubernetes.client.java.api.fluent):pulsar-broker-auth-oidc/build.gradle.ktspulsar-functions/runtime/build.gradle.ktspulsar-functions/secrets/build.gradle.ktstests/integration/build.gradle.ktsio.kubernetes-client-java*jar version entries indistribution/server/src/assemble/LICENSE.bin.txtfrom23.0.0to26.0.0. No AWS SDK LICENSE entries were added because the jars are no longer bundled.The commit also pulls along a few unrelated in-flight changes in
tests/integration(joda-time test dep, TestNG suite handling that defers to--testsCLI filter, and small fixes inAbstractPulsarStandaloneK8STest) that were already staged on this branch.Verifying this change
This change is already covered by existing tests:
./gradlew checkBinaryLicensepasses (verifies no missing LICENSE/NOTICE entries against the producedapache-pulsar-*-bin.tar.gz, confirming the AWS SDK is no longer bundled)../gradlew spotlessCheck checkstyleMain checkstyleTestpasses on the modified modules.Does this pull request potentially affect one of the following parts:
The
io.kubernetes:client-javaruntime dependency moves from23.0.0to26.0.0. Transitivesoftware.amazon.awssdk:*andsoftware.amazon.eventstream:eventstream(newly introduced by 26.0.0) are excluded everywhereclient-javais consumed, so the binary distribution gains only the kubernetes-client version bump.