This is an automated email from the ASF dual-hosted git repository.
djwang pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/cloudberry-pxf.git
The following commit(s) were added to refs/heads/main by this push:
new 36a77ba7 ASF: remove gradle-wrapper.jar file to make ASF compliant
(#81)
36a77ba7 is described below
commit 36a77ba7a821b164e6d4cb8c0d51f3111cfa28d9
Author: Nikolay Antonov <[email protected]>
AuthorDate: Wed Mar 18 07:42:14 2026 +0500
ASF: remove gradle-wrapper.jar file to make ASF compliant (#81)
* Remove gradle wrapper from ASF Releases and leave it in git repository
(mimic apache/calcite project).
* Fetch gradle wrapper during build phase (mimic apache/nessie)
* add gradle wrapper and gradle distribution checksum validation. Checksums
from https://gradle.org/release-checksums/
---
LICENSE | 11 ----
package/cloudberry-pxf-release.sh | 10 +++
server/.gitignore | 4 +-
server/Makefile | 22 ++++---
.../gradle/wrapper/gradle-6.8.2-wrapper.jar.sha256 | 1 +
server/gradle/wrapper/gradle-wrapper.jar | Bin 59203 -> 0 bytes
server/gradle/wrapper/gradle-wrapper.properties | 1 +
server/gradlew-install.sh | 70 +++++++++++++++++++++
8 files changed, 98 insertions(+), 21 deletions(-)
diff --git a/LICENSE b/LICENSE
index 3c1f33f2..01dc3133 100644
--- a/LICENSE
+++ b/LICENSE
@@ -291,14 +291,3 @@ CI/Test Templates:
ci/singlecluster/templates/ranger/install.properties
ci/singlecluster/templates/tez/conf/tez-site.xml
ci/singlecluster/templates/usersync/install.properties
-
-=======================================================================
-
-This product bundles Gradle Wrapper, which is licensed under
-the Apache License, Version 2.0.
-
- Copyright © Gradle, Inc.
-
- server/gradle/wrapper/gradle-wrapper.jar
-
-=======================================================================
\ No newline at end of file
diff --git a/package/cloudberry-pxf-release.sh
b/package/cloudberry-pxf-release.sh
index 4be96085..05614d89 100755
--- a/package/cloudberry-pxf-release.sh
+++ b/package/cloudberry-pxf-release.sh
@@ -560,6 +560,16 @@ section "Staging release: $TAG"
rm -rf "$TMP_DIR"
echo -e "Archive saved to: $TAR_NAME"
+ echo "Verifying tarball does not contain Gradle wrapper files..."
+ GRADLE_WRAPPER_FILES=$($DETECTED_TAR_TOOL -tzf "$TAR_NAME" | grep -E
'(gradle-wrapper\.jar)$' || true)
+ if [[ -n "$GRADLE_WRAPPER_FILES" ]]; then
+ echo "WARNING: Found Gradle wrapper files in tarball:"
+ echo "$GRADLE_WRAPPER_FILES"
+ echo "These files must be excluded from Apache source release artifacts."
+ else
+ echo "[OK] Tarball verified clean of Gradle wrapper files"
+ fi
+
# Verify that no macOS extended attribute files are included
if [[ "$DETECTED_PLATFORM" == "macOS" ]]; then
echo "Verifying tarball does not contain macOS-specific files..."
diff --git a/server/.gitignore b/server/.gitignore
index c22989cd..2cad5664 100644
--- a/server/.gitignore
+++ b/server/.gitignore
@@ -14,7 +14,6 @@ dist/
HELP.md
build/
-!gradle/wrapper/gradle-wrapper.jar
!**/src/main/**
!**/src/test/**
@@ -33,3 +32,6 @@ build/
*.iml
*.ipr
out/
+
+# ASF Policies doesn't allow complied binaries in the source tarballs
+gradle/wrapper/gradle-wrapper.jar
\ No newline at end of file
diff --git a/server/Makefile b/server/Makefile
index 4e6ee040..edd2cbb1 100644
--- a/server/Makefile
+++ b/server/Makefile
@@ -27,6 +27,10 @@ PXF_API_VERSION ?= $(shell cat $(PXF_ROOT_DIR)/api_version)
PXF_GRADLE_PROPERTIES = -Pversion=$(PXF_VERSION)
-PapiVersion=$(PXF_API_VERSION)
+.PHONY: prepare-gradle-wrapper
+prepare-gradle-wrapper:
+ @APP_HOME="$(CURDIR)" bash ./gradlew-install.sh
+
help:
@echo
@echo "Possible targets"
@@ -39,10 +43,10 @@ help:
@echo " - stage - build PXF server and stage resulting artifacts for
packaging"
@echo " - doc - creates aggregate javadoc under docs"
-all:
+all: prepare-gradle-wrapper
./gradlew $(PXF_GRADLE_PROPERTIES) clean stage
-compile:
+compile: prepare-gradle-wrapper
./gradlew $(PXF_GRADLE_PROPERTIES) compileJava
GRADLEW_TEST_PARAMS = test
@@ -56,21 +60,21 @@ ifneq "$(TEST)" ""
GRADLEW_TEST_PARAMS = :$(PROJECT):test --rerun-tasks --tests
$(TEST_PATH)
endif
-test unittest:
+test unittest: prepare-gradle-wrapper
@if [ -n '$(TEST)' ] && [ -z '${TEST_FILE}' ]; then \
echo 'Test $(TEST) was not found'; \
exit 1; \
fi
./gradlew $(PXF_GRADLE_PROPERTIES) ${GRADLEW_TEST_PARAMS}
-coverage:
+coverage: prepare-gradle-wrapper
./gradlew $(PXF_GRADLE_PROPERTIES) ${GRADLEW_TEST_PARAMS}
jacocoTestReport
@echo
@echo "Coverage reports can be found within each server module under
<module-name>/build/reports/jacoco"
@echo "For example, the pxf-service coverage report is located at
$(shell pwd)/pxf-service/build/reports/jacoco/test/html/index.html"
.PHONY: stage
-stage:
+stage: prepare-gradle-wrapper
./gradlew $(PXF_GRADLE_PROPERTIES) test stage
install -m 744 -d "build/stage/lib"
install -m 744 -d "build/stage/lib/native"
@@ -81,7 +85,7 @@ stage:
install -m 700 -d "build/stage/keytabs"
.PHONY: stage-notest
-stage-notest:
+stage-notest: prepare-gradle-wrapper
./gradlew $(PXF_GRADLE_PROPERTIES) stage -x test
install -m 744 -d "build/stage/lib"
install -m 744 -d "build/stage/lib/native"
@@ -91,7 +95,7 @@ stage-notest:
install -m 700 -d "build/stage/run"
install -m 700 -d "build/stage/keytabs"
-clean:
+clean: prepare-gradle-wrapper
./gradlew clean
rm -rf build
@@ -100,7 +104,7 @@ clean-all: clean
distclean maintainer-clean: clean
-doc:
+doc: prepare-gradle-wrapper
./gradlew $(PXF_GRADLE_PROPERTIES) aggregateJavadoc
.PHONY: install
@@ -120,5 +124,5 @@ install-server: stage-notest
cp -R build/stage/* "$(PXF_HOME)"
.PHONY: version
-version:
+version: prepare-gradle-wrapper
@./gradlew -q version
diff --git a/server/gradle/wrapper/gradle-6.8.2-wrapper.jar.sha256
b/server/gradle/wrapper/gradle-6.8.2-wrapper.jar.sha256
new file mode 100644
index 00000000..46143fb0
--- /dev/null
+++ b/server/gradle/wrapper/gradle-6.8.2-wrapper.jar.sha256
@@ -0,0 +1 @@
+e996d452d2645e70c01c11143ca2d3742734a28da2bf61f25c82bdc288c9e637
\ No newline at end of file
diff --git a/server/gradle/wrapper/gradle-wrapper.jar
b/server/gradle/wrapper/gradle-wrapper.jar
deleted file mode 100644
index e708b1c0..00000000
Binary files a/server/gradle/wrapper/gradle-wrapper.jar and /dev/null differ
diff --git a/server/gradle/wrapper/gradle-wrapper.properties
b/server/gradle/wrapper/gradle-wrapper.properties
index 2a563242..9027973d 100644
--- a/server/gradle/wrapper/gradle-wrapper.properties
+++ b/server/gradle/wrapper/gradle-wrapper.properties
@@ -3,3 +3,4 @@ distributionPath=wrapper/dists
distributionUrl=https\://services.gradle.org/distributions/gradle-6.8.2-bin.zip
zipStoreBase=GRADLE_USER_HOME
zipStorePath=wrapper/dists
+distributionSha256Sum=8de6efc274ab52332a9c820366dd5cf5fc9d35ec7078fd70c8ec6913431ee610
diff --git a/server/gradlew-install.sh b/server/gradlew-install.sh
new file mode 100755
index 00000000..e91a675f
--- /dev/null
+++ b/server/gradlew-install.sh
@@ -0,0 +1,70 @@
+#!/usr/bin/env bash
+#
+# Copyright (C) 2024 Dremio
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+# Download the gradle-wrapper.jar if necessary and verify its integrity.
+# This script is invoked by server/Makefile
+
+if [[ -z "${APP_HOME:-}" ]]; then
+ # set APP_HOME as parent directory of the current script
+ APP_HOME="$(cd -- "$(dirname -- "$0")" && pwd)"
+fi
+
+
+# Extract the Gradle version from gradle-wrapper.properties.
+GRADLE_DIST_VERSION="$(grep distributionUrl=
"$APP_HOME/gradle/wrapper/gradle-wrapper.properties" | sed
's/^.*gradle-\([0-9.]*\)-[a-z]*.zip$/\1/')"
+GRADLE_WRAPPER_SHA256="$APP_HOME/gradle/wrapper/gradle-wrapper-${GRADLE_DIST_VERSION}.jar.sha256"
+GRADLE_WRAPPER_JAR="$APP_HOME/gradle/wrapper/gradle-wrapper.jar"
+if [ -x "$(command -v sha256sum)" ] ; then
+ SHASUM="sha256sum"
+else
+ if [ -x "$(command -v shasum)" ] ; then
+ SHASUM="shasum -a 256"
+ else
+ echo "Neither sha256sum nor shasum are available, install either." >
/dev/stderr
+ exit 1
+ fi
+fi
+if [ ! -e "${GRADLE_WRAPPER_SHA256}" ]; then
+ # Delete the wrapper jar, if the checksum file does not exist.
+ rm -f "${GRADLE_WRAPPER_JAR}"
+fi
+if [ -e "${GRADLE_WRAPPER_JAR}" ]; then
+ # Verify the wrapper jar, if it exists, delete wrapper jar and checksum
file, if the checksums
+ # do not match.
+ JAR_CHECKSUM="$(${SHASUM} "${GRADLE_WRAPPER_JAR}" | cut -d\ -f1)"
+ EXPECTED="$(cat "${GRADLE_WRAPPER_SHA256}")"
+ if [ "${JAR_CHECKSUM}" != "${EXPECTED}" ]; then
+ rm -f "${GRADLE_WRAPPER_JAR}" "${GRADLE_WRAPPER_SHA256}"
+ fi
+fi
+if [ ! -e "${GRADLE_WRAPPER_SHA256}" ]; then
+ curl --location --output "${GRADLE_WRAPPER_SHA256}"
https://services.gradle.org/distributions/gradle-${GRADLE_DIST_VERSION}-wrapper.jar.sha256
|| exit 1
+fi
+if [ ! -e "${GRADLE_WRAPPER_JAR}" ]; then
+ # The Gradle version extracted from the `distributionUrl` property does not
contain ".0" patch
+ # versions. Need to append a ".0" in that case to download the wrapper jar.
+ GRADLE_VERSION="$(echo "$GRADLE_DIST_VERSION" | sed
's/^\([0-9]*[.][0-9]*\)$/\1.0/')"
+ curl --location --output "${GRADLE_WRAPPER_JAR}"
https://raw.githubusercontent.com/gradle/gradle/v${GRADLE_VERSION}/gradle/wrapper/gradle-wrapper.jar
|| exit 1
+ JAR_CHECKSUM="$(${SHASUM} "${GRADLE_WRAPPER_JAR}" | cut -d\ -f1)"
+ EXPECTED="$(cat "${GRADLE_WRAPPER_SHA256}")"
+ if [ "${JAR_CHECKSUM}" != "${EXPECTED}" ]; then
+ # If the (just downloaded) checksum and the downloaded wrapper jar do not
match, something
+ # really bad is going on.
+ echo "Expected sha256 of the downloaded gradle-wrapper.jar does not match
the downloaded sha256!" > /dev/stderr
+ exit 1
+ fi
+fi
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
