Re: Static OpenSSL lib licensing

2024-07-10 Thread Robert Young 
Hi Martijn,

Doh! I was looking at the netty-tcnative-openssl-static module, not the one
pulled in by Flink netty-tcnative-boringssl-static, which is of course
building BoringSSL not OpenSSL. So the legal issue stands.

Maybe there's a possibility to offer netty-tcnative-openssl-static as an
option, but it is not published by the netty project [1], Flink would have
to build it and take on that pain. Where the netty boringssl artefact will
be more battle tested by the wider community. Sounds like more
risk/maintenance than the current solution.

Thanks,
Rob

1. https://github.com/netty/netty-tcnative/issues/226

On Wed, Jul 10, 2024 at 7:24 PM Martijn Visser 
wrote:

> Hi Rob,
>
> While Netty TCNative has upgraded to Openssl 3, there are still references
> to BoringSSL [1]. Do you know if TCNative still uses BoringSSL as well in
> this version?
>
> Best regards,
>
> Martijn
>
> [1]
>
> https://github.com/netty/netty-tcnative/blob/netty-tcnative-parent-2.0.62.Final/license/LICENSE.boringssl.txt
>
> On Wed, Jul 10, 2024 at 3:54 AM Robert Young 
> wrote:
>
> > Hi,
> >
> > I see in flink-shaded main we depend
> > on 2.0.62.Final and we
> > currently avoid building/distributing flink-shaded-netty-tcnative-static
> > due to legal issues
> >
> > > This module is excluded by default since it is not compliant with the
> > apache license. https://issues.apache.org/jira/browse/LEGAL-393
> >
> > netty-tcnative 2.0.62.Final upgraded openssl to 3.1.2 [1]
> >
> > Openssl 3 introduced a license change to apache 2 [2] so I wondered if
> it's
> > now okay to build/deploy flink-shaded-netty-tcnative-static? Then we
> could
> > avoid having to build the static lib in the flink core end-to-end tests
> [3]
> > and include it in the flink binary distribution for users to access.
> >
> > 1.
> >
> >
> https://github.com/netty/netty-tcnative/blob/d70e48a56c4aaa8df86a7de2e275e51aa0cc43a1/pom.xml#L97
> > 2. https://www.openssl.org/docs/man3.0/man7/migration_guide.html
> > 3.
> >
> >
> https://github.com/apache/flink/blob/4e86d98437480377973f66600c2d5bda907589d6/flink-end-to-end-tests/test-scripts/common_ssl.sh#L82
> >
> > Thanks,
> > Rob Young
> >
>

Static OpenSSL lib licensing

2024-07-09 Thread Robert Young 
Hi,

I see in flink-shaded main we depend
on 2.0.62.Final and we
currently avoid building/distributing flink-shaded-netty-tcnative-static
due to legal issues

> This module is excluded by default since it is not compliant with the
apache license. https://issues.apache.org/jira/browse/LEGAL-393

netty-tcnative 2.0.62.Final upgraded openssl to 3.1.2 [1]

Openssl 3 introduced a license change to apache 2 [2] so I wondered if it's
now okay to build/deploy flink-shaded-netty-tcnative-static? Then we could
avoid having to build the static lib in the flink core end-to-end tests [3]
and include it in the flink binary distribution for users to access.

1.
https://github.com/netty/netty-tcnative/blob/d70e48a56c4aaa8df86a7de2e275e51aa0cc43a1/pom.xml#L97
2. https://www.openssl.org/docs/man3.0/man7/migration_guide.html
3.
https://github.com/apache/flink/blob/4e86d98437480377973f66600c2d5bda907589d6/flink-end-to-end-tests/test-scripts/common_ssl.sh#L82

Thanks,
Rob Young

flink-connector-kafka weekly CI job failing

2024-05-08 Thread Robert Young 
Hi,

I noticed the flink-connector-kafka weekly CI job is failing:

https://github.com/apache/flink-connector-kafka/actions/runs/8954222477

Looks like flink-connector-kafka main has a compile error against flink
1.20-SNAPSHOT, I tried locally and get a different compile failure

KafkaSerializerUpgradeTest.java:[23,45] cannot find symbol
[ERROR]   symbol:   class TypeSerializerMatchers
[ERROR]   location: package org.apache.flink.api.common.typeutils

Should 1.20-SNAPSHOT be removed from the weekly tests for now?

Thanks
Rob