legacy-integration-tests is being created to hold LDAP Tests (or any other tests that won't play well with keeping threads clean)
it will have fork-mode=always on the maven-surefire-plugin
When sending, for example, to a predefined anycast address and queue
from a multicast (JMS topic) producer, the routed count on the address
is incremented, but the message count on the matching queue is not. No
indication is given at the client end that the messages failed to get
routed - the messages are just silently dropped.
Fixing this problem requires a slight semantic change. The broker is now
more strict in what it allows specifically with regards to
auto-creation. If, for example, a JMS application attempts to send a
message to a topic and the corresponding multicast address doesn't exist
already or the broker cannot automatically create it or update it then
sending the message will fail.
Also, part of this commit moves a chunk of auto-create logic into
ServerSession and adds an enum for auto-create results. Aside from
helping fix this specific issue this can serve as a foundation for
de-duplicating the auto-create logic spread across many of the protocol
implementations.
Fixes the CompareUpgradeTest by removing this unimportant difference from a fresh broker instances jolokia-access.xml file, given that we dont actually update jolokia-access.xml currently during upgrade.
Tweaks or unwinds earlier changes in aae65fd527 and 3e7cb24381
The issue identified with AMQP was under Transaction usage, and while opening and closing sessions.
It seems the leak would be released once the connection is closed.
We added a new testsuite under ./tests/leak-tests To fix and validate these issues
Configurations employing shared-storage with NFS are susceptible to
split-brain in certain scenarios. For example:
1) Primary loses network connection to NFS.
2) Backup activates.
3) Primary reconnects to NFS.
4) Split-brain.
In reality this situation is pretty unlikely due to the timing involved,
but the possibility still exists. Currently the file lock held by the
primary broker on the NFS share is essentially worthless in this
situation. This commit adds logic by which the timestamp of the lock
file is updated during activation and then routinely checked during
runtime to ensure consistency. This effectively mitigates split-brain in
this situation (and likely others). Here's how it works now.
1) Primary loses network connection to NFS.
2) Backup activates.
3) Primary reconnects to NFS.
4) Primary detects that the lock file's timestamp has been updated and
shuts itself down.
When the primary shuts down in step #4 the Topology on the backup can be
damaged. Protections were added for this via ARTEMIS-2868 but only for
the replicated use-case. This commit applies the protection for
removeMember() so that the Topology remains intact.
There are no tests for these changes as I cannot determine how to
properly simulate this use-case. However, there have never been robust,
automated tests for these kinds of NFS use-cases so this is not a
departure from the norm.
Adds a new module 'artemis-junit-5' which adds JUnit 5 Extensions for
unit testing. For backwards compability, 'artemis-junit' still uses
JUnit 4. Common stuff has been moved to 'artemis-junit-commons'. Work is
based on the initial PR
https://github.com/apache/activemq-artemis/pull/3436 by @luisalves00
In order to improve trouble-shooting for the MetricsManager there should
be additional logging and exceptions. In all, this commit contains the
following changes:
- Additional logging
- Throw an exception when registering meters if meters already exist
- Rename a few variables & methods to more clearly identify what they
are used for
- Upgrade Micrometer to 1.9.5
- Simplify/clarify a few blocks of code
- No longer pass the ManagementServiceImpl when registering the
metrics, but instead pass the Object the meter is observing (e.g.
broker, address, or queue)
- Use simple path instead of earlier workarounds.
- Add cleanup step instead to purge some output.
- Change back to single shared cache, reduces number and combined size
of caches, Checks job usually completes first and contains superset.
- Change the intial key prefix so as to force a new cache
This is caused by too many entries on the HashMap for ThreadLocals.
Also: I'm reviewing some readlock usage on the StorageManager to simplify things a little bit.
Minor upgrade for jboss-logging from 3.4.3 to 3.5.0
Patch upgrade for jboss-logging-annotations from 2.2.0.Final to 2.2.1.Final
Patch upgrade for jboss-logging-processor from 2.2.0.Final to 2.2.1.Final
Scripts:
- Fix the preapre-docker.sh to exit with 0 instead of 1 on success
On pom files:
- Change e2e-tests variable names to e2e-tests.xxxxxx for clarity on
e2e-tests variables
- Add e2e-tests.skipImageBuild variable to control if the docker image
will be build (defaults to not build)
- Add e2e-tests.dockerfile variable to specify the dockerfile to be
used (defaults to Dockerfile-centos)
- Bump testcontainers version to 1.16.3
- Add artemis distribution dependency since the docker image build
depends on it
On ContainerService class:
- Fix exposePorts and exporseFolder to use SELinux shared mode
otherwise the mount fails on machines with SELinux enabled
- Move the logic to use specific user on container from generic start
method to broker specific method to avoid affect other images
- Update the broker image name to a more generic name (activemq-artemis
instead of artemis-centos)
- Update the broker image tag to match with the project version in pom
file
Move all tests which are related to end-to-end testing from smoke-tests
module to a new module named e2e-tests.
These e2e tests are those which are dependent of ContainerService
class. ContainerService class uses artemis inside a container by using
the testcontainers library and for that reason these tests are usually
a quite slow and tecnically they are not a smoke test.
The new e2e-tests module is part of tests module but it is not enabled
by default and to get executed it requires the e2e-tests profile
specification on maven command.
Mainly refactoring the address docs. This commit has the following
changes:
- Remove examples for discouraged use-cases (e.g. using anycast and
multicast on the same address).
- Reword to use configuration terms wherever possible. For example,
instead of saying "point-to-point" (which is not a configuration term)
say "anycast". References to things like "point-to-point" and
"publish-subscribe" are still there since users are familiar with these
terms. They're just used much less often.
- Remove duplicate explanation of exclusive queues.
- Remove duplicate explanation of auto-create and auto-delete elements.
- Re-create graphics and include the master SVGs for potential updates
later.
- Give non-destructive queues its own chapter.
- Add details about specifying routing type using a message property.
- Update the styling on the user manual's cover page to look better.
- Lots of re-wording for clarity's sake.
- Re-order sub-sections for clarity's sake.
- Break up the address model and the settings documentation. The
settings documentation is large and deserves its own chapter. The
original anchor link is still available with a link to the new chapter.
In general the address-specific documentation should be much more clear,
concise, and consistent now.
JGroups 3.x hasn't been updated in some time now. The last release was
in April 2020 almost 2 years ago. Lots of protocols have been updated
and added and users are wanting to use them. There is also increasing
concern about using older components triggered mainly by other
recently-discovered high-profile vulnerabilities in the wider Open
Source Java community.
This commit bumps JGroups up to the latest release - 5.2.0.Final.
However, there is a cost associated with upgrading.
The old-style properties configuration is no longer supported. I think
it's unlikely that end-users are leveraging this because it is not
exposed via broker.xml. The JGroups XML configuration has been around
for a long time, is widely adopted, and is still supported. I expect
most (if not all) users are using this. However, a handful of tests
needed to be updated and/or removed to deal with this absence.
Some protocols and/or protocol properties are no longer supported. This
means that users may have to change their JGroups stack configurations
when they upgrade. For example, our own clustered-jgroups example had to
be updated or it wouldn't run properly.
MQTT 5 is an OASIS standard which debuted in March 2019. It boasts
numerous improvments over its predecessor (i.e. MQTT 3.1.1) which will
benefit users. These improvements are summarized in the specification
at:
https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901293
The specification describes all the behavior necessary for a client or
server to conform. The spec is highlighted with special "normative"
conformance statements which distill the descriptions into concise
terms. The specification provides a helpful summary of all these
statements. See:
https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901292
This commit implements all of the mandatory elements from the
specification and provides tests which are identified using the
corresponding normative conformance statement. All normative
conformance statements either have an explicit test or are noted in
comments with an explanation of why an explicit test doesn't exist. See
org.apache.activemq.artemis.tests.integration.mqtt5 for all those
details.
This commit also includes documentation about how to configure
everything related to the new MQTT 5 features.
Back in version 2.17.0 we began to provide Maven artifacts for Jakarta
Messaging client resources. This commit expands that support in the
following ways:
- Distribute a Jakarta Messaging 3.0 client with the broker (in the
'lib/client' directory alongside the JMS client.
- Update documentation.
- Add example using the Jakarta Messaging client.
- Update Artemis CLI to use core instead of JMS as it was causing
conflicts with the new Jarkarta Messaging client.
- Add example to build Jarkarta Messaging version of the JCA RA for
deployment into Jakarta EE 9 application servers.
The change in 90101f5b54 / #3595 didnt work
as expected since the existing enforcer check already wasnt working. It
isnt overriding the apache parent, which is checking for 3.0.x. Moving
the execution into the build element, alongside the java version check,
allows it to replace the parent execution and enforce 3.5.0+ is used.
As a follow-up to #3618/dc7de893747b90b627d729f9f18a758bb4dad9d5 update
checkstyle to the latest version, restoring the originally intended
"RightCurly" style, and updating all the code to properly adhere to the
style as enforced by the new checkstyle version.
The version of checkstyle we used before the aforementioned commit had
a bug which didn't properly enforced our intended "RightCurly" style
(see https://github.com/checkstyle/checkstyle/issues/6345). That commit
changed the style to accommodate the handful of unintended style
violations. This commit reverts that change for 2 main reasons:
- The style was always intended to use `alone` for both `METHOD_DEF`
and `CTOR_DEF`.
- There are over 1,000 existing uses of the intended style and around
30 violations of this style which were unintentionally allowed.
Reverting the style back to the original and cleaning up the unintented
violations makes the code more consistent and prevents further style
inconsistencies in the future.
There were a handful of other changes related to checkstyle bugs which
allowed unintended style violations. These were related to indentation
levels.
This closes#3619
(with some minor changes from Robbie to fix remaining violations)
- Remove assembly plugin downgrade from 7733a76649 in ARTEMIS-3296.
- Ensure bin descriptor marks key artemis setup/startup script executable file permissions, it wasnt
before as while aiming to it only defined inclusions for old files that no longer exist.
- Add mode fields to every area to make clear what they will be using, make formats consistent with doc.
- Update source release assembly to similarly mark key scripts with executable file permissions.
Retain older file permission copy behaviour via older plugin version, until such time
as the assembly descriptor config properly defines the required file permissions.
Updates parent pom, various plugins or deps, tidies up inconsistent versions
and consolidates to inherited version where possible, define properties for
some versions where not. Disables some problematic tests on JDK16+ for now.
Drops DS test dep back 1 version to remove a specific breakage affecting
multiple tests/modules, introduced after its upgrade in commit
9e70b26368.
Fixes issues with SaslKrb5LDAPSecurityTest by updating to latest Apache Directory
release which required some updates to the test to fix deprecation warnings and an
updates to commons.lang to fix issues with new namespace for StringUtils that will
work on JDK 8+ only.
- Remove duplicates dependency definition following e7e3c71511.
- Removes deprecated RELEASE version use, consolidate modules on single paho client version.
- Remove prerequisites entry as per warning, suggested enforcer rule already in place.
Change summary:
- Remove the existing Xalan-based XPath evaluator since Xalan appears
to be no longer maintained.
- Implement a JAXP XPath evaluator (from the ActiveMQ 5.x code-base).
- Pull in the changes from https://issues.apache.org/jira/browse/AMQ-5333
to enable configurable XML parser features.
- Add a method to the base Message interface to make it easier to get
the message body as a string. This relieves the filter from having
to deal with message implementation details.
- Update the Qpid JMS client to get the jms.validateSelector parameter.
I am also bringing a test I used to report https://issues.apache.org/jira/browse/PROTON-2297
Even though the issue here is on proton. There's no such thing as enough tests so I am keeping the test.
It add additional required fixes:
- Fixed uncommitted deleted tx records
- Fixed JDBC authorization on test
- Using property-based version for commons-dbcp2
- stopping thread pool after activation to allow JDBC lease locks to release the lock
- centralize JDBC network timeout configuration and save repeating it
- adding dbcp2 as the default pooled DataSource to be used
Replaces direct jdbc connections with dbcp2 datasource. Adds
configuration options to use alternative datasources and to alter the
parameters. While adding slight overhead, this vastly improves the
management and pooling capabilities with db connections.
The plugin-management provided 1.4.1 enforcer version can it seems interact oddly with the assembly plugin depending on what else is in use, leading to an NPE in some cases.
Update CI to only use the release profile for building examples on JDK8, use noRun profile otherwise. Does the exact same in terms of setting properties for the examples build, just doesnt engage the parent release profile which enforces JDK8.
Update netty version to 4.1.43.Final and netty-tcnative version to 2.0.26.Final.
Change restricted-security-client.policy because Netty 4.1.43.Final requires
access to two more files: /etc/os-release and /usr/lib/os-release.
This is needed to aid some lift and shift migration from activemq5 where non-java clients have support for older openwire protocols.
(cherry picked from commit d497cb6205a5bdbd508d18bead8f9e8e39d6b1ba)
When converting from AMQP to core and back again support annotations that
aren't able to be placed into Core message properties by storing the bytes
from encoding the types to AMQP encodings and then decoding them again
when converting back into AMQP messages.
Requires update to proton-j 0.33.2 for encoding fix
This reverts partially commit f8d3a8f2 to include only
the changes that makes possible to run tests with JDK 11:
compile on JDK 11 is outside the scope of the issue.
JDK 11 compilation requires Karaf upgrade, that will
break compatibility with Aether on integration-tests.
CVE-2018-10237 guava: Unbounded memory allocation in AtomicDoubleArray
and CompoundOrdering classes allow remote attackers to cause a denial
of service.
* Upgrading versions
* Adding wildfly-common dependency as jboss-logmanager now depends on it
for simple common operations such as getting hostname or process id
* Updating bootclasspath with wildfly-common
This reverts commit ad2ecd77d2.
This was causing an issue when starting the server:
```
java.lang.NoClassDefFoundError: org/wildfly/common/net/HostName
at org.jboss.logmanager.ExtLogRecord.<init>(ExtLogRecord.java:87)
at org.jboss.logmanager.Logger.log(Logger.java:796)
at org.jboss.logging.JBossLogManagerLogger.doLog(JBossLogManagerLogger.java:44)
at org.jboss.logging.Logger.logv(Logger.java:2226)
at org.apache.activemq.artemis.integration.bootstrap.ActiveMQBootstrapLogger_$logger.serverStarting(ActiveMQBootstrapLogger_$logger.java:35)
at org.apache.activemq.artemis.integration.FileBroker.start(FileBroker.java:68)
at org.apache.activemq.artemis.cli.commands.Run.execute(Run.java:85)
```
Update to latest proton-j release and refactor the dispostion code to use
the new type enums to better deal with the dispistions. Updates to Qpid JMS
0.37.0 which still uses the current netty 4.1.28.Final dependency.
With the current Maven config, the maven-source-plugin is executed twice, this results in the sources-jars being attached twice which leads the deploy goal in trying to upload the same sources jars twice to the repository. This slows down the build process and also fails on repositories that disallow updating of existing artifacts.
Additionally the "jar" goal is now replaced with "jar-no-fork" which prevents the maven life cycle being executed twice too.
Update the Qpid JMS and Proton dependencies to lastest and sync Netty
with the 4.1.28.Final version used by Qpid JMS to avoid clash that
breaks a test. Adds override of new Proton-J WritableBuffer API that
allows it to use the Netty String encoder when needed instead of the
slower default version.
Update Qpid JMS to v0.36.0
Proton-J to v0.29.0
Netty to 4.1.28.Final
Added an example to demonstrate how to configure and use openssl
Moved/Added netty-tcnative dependency to artemis-distribution
Changed artemis-jms-client-all pom to exclude io.netty from relocation
so that the native openssl can be loaded