[CELEBORN-906][BUILD] Aligning dependencies between SBT and Maven #1831
Conversation
cfmcgrady
changed the title
Codecov Report
@@ Coverage Diff @@
## main #1831 +/- ##
==========================================
+ Coverage 46.43% 46.48% +0.06%
==========================================
Files 163 163
Lines 10135 10143 +8
Branches 934 934
==========================================
+ Hits 4705 4714 +9
Misses 5118 5118
+ Partials 312 311 -1 see 2 files with indirect coverage changes 📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
project/CelebornBuild.scala
Outdated
| val ioDropwizardMetricsJvm = "io.dropwizard.metrics" % "metrics-jvm" % metricsVersion | ||
| val ioNetty = "io.netty" % "netty-all" % nettyVersion | ||
| val hadoopClientApi = "org.apache.hadoop" % "hadoop-client-api" % hadoopVersion excludeAll( | ||
| ExclusionRule("org.slf4j", "slf4j-api")) |
There was a problem hiding this comment.
does sbt support globally pin dep's version?
There was a problem hiding this comment.
Certainly, the SBT does allow for the specification of a forced dependency revision, e.g.
libraryDependencies ++= Seq(
"log4j" % "log4j" % "1.2.14" force()
)
However, the docs also point out it is advised against, as indicated by the following considerations:
- Forcing can create logical inconsistencies so it’s no longer recommended.
- this is an Ivy-only feature and cannot be included in a published pom.xml.
There was a problem hiding this comment.
another approach, Disable Transitivity
By default, these declarations fetch all project dependencies, transitively. In some instances, you may find that the dependencies listed for a project aren’t necessary for it to build. Projects using the Felix OSGI framework, for instance, only explicitly require its main jar to compile and run. Avoid fetching artifact dependencies with either intransitive() or notTransitive(), as in this example:
libraryDependencies += "org.apache.felix" % "org.apache.felix.framework" % "1.8.0" intransitive()
There was a problem hiding this comment.
Perform local testing. the intransitive() cannot achieve this functionality.
[warn] Found intransitive dependency (org.apache.hadoop:hadoop-client-api:3.2.4 intransitive) while publishMavenStyle is true, but Maven repositories
[warn] do not support intransitive dependencies. Use exclusions instead so transitive dependencies
[warn] will be correctly excluded in dependent projects.
There was a problem hiding this comment.
Let's use force() way.
- Forcing can create logical inconsistencies so it’s no longer recommended.
We know what we are doing, IMO, rules-based dependency derivation is more unpredictable.
- this is an Ivy-only feature and cannot be included in a published pom.xml.
It does not affect our use case, since we only publish client-shaded modules, without transitive deps.
There was a problem hiding this comment.
Explicitly Exclude from all deps looks ugly. dependencyOverrides seems as clean as force()? if yes, let's try this way.
There was a problem hiding this comment.
addressed in 269b9ce, it looks more clearly now.
There was a problem hiding this comment.
$ ./build/sbt -Pspark-3.3 celeborn-client-spark-3/dependencyTree | grep slf4j-api
[info] | | | +-org.slf4j:slf4j-api:1.7.36
[info] | | | | +-org.slf4j:slf4j-api:1.7.36
[info] | | | +-org.slf4j:slf4j-api:1.7.36
[info] | | | | +-org.slf4j:slf4j-api:1.7.36
...
There was a problem hiding this comment.
BTW, dependencyOverrides seems does not support pattern, e.g. io.netty:*, right?
|
FYI: Learn more: SBT Library Management - Eviction Warning. |
pom.xml
Outdated
| <exclusions> | ||
| <exclusion> | ||
| <groupId>io.netty</groupId> | ||
| <artifactId>netty-transport-native-epoll</artifactId> |
There was a problem hiding this comment.
seems we can simply exclude io.netty:* as we manage netty deps by ourselves
cfmcgrady
force-pushed
the
align-deps-2
branch
from
23a8396
to
269b9ce
Compare
…2-impl` from SBT profile `spark-3.4` ### What changes were proposed in this pull request? As title ### Why are the changes needed? To address the CI failure introduced in #1831, this pull request resolves the issue by removing the `log4j-slf4j2-impl` dependency from SBT profile `spark-3.4`. This change is prompted by the pinning of `slf4j-api` to version 1.7.36, rendering `log4j-slf4j2-impl` unnecessary. ``` [error] Test org.apache.spark.shuffle.celeborn.SortBasedPusherSuiteJ failed: java.lang.NoSuchMethodError: org.apache.logging.slf4j.Log4jLoggerFactory: method <init>()V not found, took 0.0 sec [error] at org.slf4j.impl.StaticLoggerBinder.<init>(StaticLoggerBinder.java:53) [error] at org.slf4j.impl.StaticLoggerBinder.<clinit>(StaticLoggerBinder.java:41) [error] at org.slf4j.LoggerFactory.bind(LoggerFactory.java:150) [error] at org.slf4j.LoggerFactory.performInitialization(LoggerFactory.java:124) [error] at org.slf4j.LoggerFactory.getILoggerFactory(LoggerFactory.java:417) [error] at org.slf4j.LoggerFactory.getLogger(LoggerFactory.java:362) [error] at org.slf4j.LoggerFactory.getLogger(LoggerFactory.java:3[88](https://github.com/apache/incubator-celeborn/actions/runs/5974971986/job/16210071148#step:4:89)) [error] at org.apache.spark.shuffle.celeborn.SortBasedPusherSuiteJ.<clinit>(SortBasedPusherSuiteJ.java:51) [error] ... [error] Test org.apache.spark.shuffle.celeborn.SortBasedPusherSuiteJ failed: java.lang.NoClassDefFoundError: Could not initialize class org.apache.spark.shuffle.celeborn.SortBasedPusherSuiteJ, took 0.0 sec [error] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [error] ... ``` ### Does this PR introduce _any_ user-facing change? No ### How was this patch tested? Pass GA Closes #1844 from cfmcgrady/celeborn-906-followup. Authored-by: Fu Chen <[email protected]> Signed-off-by: Cheng Pan <[email protected]>
…2-impl` from SBT profile `spark-3.4` ### What changes were proposed in this pull request? As title ### Why are the changes needed? To address the CI failure introduced in apache/celeborn#1831, this pull request resolves the issue by removing the `log4j-slf4j2-impl` dependency from SBT profile `spark-3.4`. This change is prompted by the pinning of `slf4j-api` to version 1.7.36, rendering `log4j-slf4j2-impl` unnecessary. ``` [error] Test org.apache.spark.shuffle.celeborn.SortBasedPusherSuiteJ failed: java.lang.NoSuchMethodError: org.apache.logging.slf4j.Log4jLoggerFactory: method <init>()V not found, took 0.0 sec [error] at org.slf4j.impl.StaticLoggerBinder.<init>(StaticLoggerBinder.java:53) [error] at org.slf4j.impl.StaticLoggerBinder.<clinit>(StaticLoggerBinder.java:41) [error] at org.slf4j.LoggerFactory.bind(LoggerFactory.java:150) [error] at org.slf4j.LoggerFactory.performInitialization(LoggerFactory.java:124) [error] at org.slf4j.LoggerFactory.getILoggerFactory(LoggerFactory.java:417) [error] at org.slf4j.LoggerFactory.getLogger(LoggerFactory.java:362) [error] at org.slf4j.LoggerFactory.getLogger(LoggerFactory.java:3[88](https://github.com/apache/incubator-celeborn/actions/runs/5974971986/job/16210071148#step:4:89)) [error] at org.apache.spark.shuffle.celeborn.SortBasedPusherSuiteJ.<clinit>(SortBasedPusherSuiteJ.java:51) [error] ... [error] Test org.apache.spark.shuffle.celeborn.SortBasedPusherSuiteJ failed: java.lang.NoClassDefFoundError: Could not initialize class org.apache.spark.shuffle.celeborn.SortBasedPusherSuiteJ, took 0.0 sec [error] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [error] ... ``` ### Does this PR introduce _any_ user-facing change? No ### How was this patch tested? Pass GA Closes #1844 from cfmcgrady/celeborn-906-followup. Authored-by: Fu Chen <[email protected]> Signed-off-by: Cheng Pan <[email protected]>
What changes were proposed in this pull request?
As title
Why are the changes needed?
This PR ensures dependency alignment between SBT and Maven, based on the audit results implemented in #1797
Does this PR introduce any user-facing change?
No
How was this patch tested?
Pass GA and Review