Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[2.29.x] Upgrade Solr & Zookeeper #6845

Open
wants to merge 6 commits into
base: 2.29.x
Choose a base branch
from
Open

[2.29.x] Upgrade Solr & Zookeeper #6845

wants to merge 6 commits into from
+95 −69

Conversation

alexabird
Copy link
Contributor

@alexabird alexabird commented Feb 7, 2025
edited
Loading

What does this PR do?

Cherry-pick upgrade solr commits from the 3.x branch + upgrade to the latest zookeeper to resolve the zookeeper CVEs

How should this be tested?

Run mvn org.commonjava.maven.plugins:directory-maven-plugin:highest-basedir@directories dependency-check:aggregate -B -pl '!distribution/docs, !platform/admin/modules/admin-modules-docs' -P '!itests' on project and ensure that zookeeper does not show up in CVE list.

Who is reviewing it?

@zkirksey
@glenhein

Select relevant component teams:

@codice/solr

Ask 2 committers to review/merge the PR and tag them here.

@jlcsmith
@derekwilhelm

Checklist:

  • Documentation Updated
  • Update / Add Threat Dragon models
  • Update / Add Unit Tests
  • Update / Add Integration Tests

Notes on Review Process

Please see Notes on Review Process for further guidance on requirements for merging and abbreviated reviews.

Review Comment Legend:

  • ✏️ (Pencil) This comment is a nitpick or style suggestion, no action required for approval. This comment should provide a suggestion either as an in line code snippet or a gist.
  • ❓ (Question Mark) This comment is to gain a clearer understanding of design or code choices, clarification is required but action may not be necessary for approval.
  • ❗ (Exclamation Mark) This comment is critical and requires clarification or action before approval.

@alexabird
Copy link
Contributor Author

build now

@alexabird alexabird changed the title Upgrade Solr & Zookeeper [2.29.x] Upgrade Solr & Zookeeper Feb 7, 2025
@cxddfbot
Copy link

cxddfbot commented Feb 7, 2025

Internal build has been started, your results will be available at build completion.

@cxddfbot
Copy link

cxddfbot commented Feb 7, 2025

Build FAILURE See the job results in legacy Jenkins UI or in Blue Ocean UI.

@alexabird
Copy link
Contributor Author

build now

@cxddfbot
Copy link

Internal build has been started, your results will be available at build completion.

@cxddfbot
Copy link

Build SUCCESS See the job results in legacy Jenkins UI or in Blue Ocean UI.

@alexabird alexabird requested a review from stustison as a code owner February 14, 2025 00:51
@cxddfbot
Copy link

Internal build has been started, your results will be available at build completion.

@cxddfbot
Copy link

Build SUCCESS See the job results in legacy Jenkins UI or in Blue Ocean UI.

derekwilhelm
derekwilhelm reviewed Feb 14, 2025
View reviewed changes
features/solr/src/main/feature/feature.xml
<bundle>mvn:org.eclipse.jetty.http2/http2-client/${jetty.version}</bundle>
<bundle>mvn:org.eclipse.jetty.http2/http2-http-client-transport/${jetty.version}</bundle>
<bundle>mvn:org.eclipse.jetty/jetty-client/${solr.jetty.version}</bundle>
<bundle>mvn:org.eclipse.jetty/jetty-alpn-client/${solr.jetty.version}</bundle>
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we add the jetty-alpn-java-client here as well since that is actually needed for JDK 9+ environments or is that no longer needed with this upgrade? Not all environments appear to need this but some certainly do if using the http2 client under the hood.

<bundle>mvn:org.eclipse.jetty/jetty-alpn-java-client/${solr.jetty.version}</bundle>

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@derekwilhelm derekwilhelm derekwilhelm left review comments

@glenhein glenhein glenhein approved these changes

@zkirksey zkirksey zkirksey approved these changes

@stustison stustison Awaiting requested review from stustison stustison is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@alexabird @cxddfbot @glenhein @derekwilhelm @zkirksey @pklinef