Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Steady maven plugin is throwing UnsupportedOperationException #583

Open
the-brownstone opened this issue Apr 24, 2023 · 3 comments
Open

Steady maven plugin is throwing UnsupportedOperationException #583

the-brownstone opened this issue Apr 24, 2023 · 3 comments

Comments

@the-brownstone
Copy link

Describe the bug
When running mvn -Dsteady steady:report it throws an UnsupportedOperationException due to an invalid environment variable key

IMPORTANT: please ensure that you do not refer to any internal or confidential information from your company/organization here. Also, please provide only references to public (open-source) projects on which the issue can be reproduced. Please do not include in the issue description any reference or link to non-public or otherwise proprietary information.

To Reproduce
Steps to reproduce the behavior:

In case of bugs happening on the client (when performing scans):

  1. Clone a java repo
  2. Add profile as per guideline -> https://eclipse.github.io/steady/user/tutorials/java_maven/
  3. Run plugin mvn -Dsteady steady:report
  4. See error

Expected behavior
No error should be thrown

Steady version

  • Steady version 3.2.5

In case of bugs happening on the client (when performing scans)

  • OS/version: Windows 10
  • Java JVM/version or Python version: JDK 11
  • Steady client (Maven plugin, Gradle plugin, CLI, setuptools plugin): Maven plugin
  • Console log(s) (with confidential information removed)
    2023-04-24 11:27:30,224 [main] [INFO ] shared.util.VulasConfiguration - Added configuration [MapConfiguration] from source [Transient-Config-Layer]
    2023-04-24 11:27:30,232 [main] [INFO ] shared.util.VulasConfiguration - Added configuration [SystemConfiguration] from source [System-Properties]
    2023-04-24 11:27:30,232 [main] [WARN ] shared.util.VulasConfiguration - Configuration key [ProgramFiles(x86)] removed due to illegal characters
    [WARNING] Error injecting: org.eclipse.steady.java.mvn.MvnPluginReport
    com.google.inject.ProvisionException: Unable to provision, see the following errors:
  1. Error injecting constructor, java.lang.UnsupportedOperationException
    at org.eclipse.steady.java.mvn.MvnPluginReport.(Unknown Source)
    while locating org.eclipse.steady.java.mvn.MvnPluginReport
    ...
    Caused by: java.lang.UnsupportedOperationException
    at java.util.Collections$UnmodifiableMap.remove (Collections.java:1460)
    at org.apache.commons.configuration.MapConfiguration.clearPropertyDirect (MapConfiguration.java:218)
    at org.apache.commons.configuration.AbstractConfiguration.clearProperty (AbstractConfiguration.java:505)
    at org.eclipse.steady.shared.util.VulasConfiguration.sanitize (VulasConfiguration.java:306)
    at org.eclipse.steady.shared.util.VulasConfiguration.addConfiguration (VulasConfiguration.java:272)
    at org.eclipse.steady.shared.util.VulasConfiguration.appendInitialConfigurations (VulasConfiguration.java:219)
  • URL of a public repo that can be used for reproducing (minimal example if possible)

Additional context
Add any other context about the problem here.

  • The problem lies in VulasConfiguration call to System.getenv() which returns an UnmodifiableMap
  • sanitize method attempts to clear any unsupported key (e.g., ProgramFiles(x86))
  • Additionally, there's a ConcurrentModificationException thrown when deleting and iterating through keys. This may also be replicated in testSanitize unit test by adding a new property at the end. For example pc.setProperty("new invalid key", "bar");
@serenaponta
Copy link
Contributor

Hi @the-brownstone,

the report goal generates a report based on the application data available in the backend as a result of running the other goals. It looks to me that you run such goal without any other first. The minimal requirement for generating a report is the execution of mvn -Dsteady compile steady:app [1] [2].

[1] https://eclipse.github.io/steady/user/manuals/analysis/#bill-of-material-analysis-app
[2] https://eclipse.github.io/steady/user/tutorials/java_maven/#app

@the-brownstone
Copy link
Author

@serenaponta thank you for highlighting that. However, upon running command mentioned above, it seems the same error is appearing due to unsupported environment variable key of ProgramFiles(x86).

Here's the shortened and redacted log file:
2023-04-25 09:53:08,598 [main] [INFO ] shared.util.VulasConfiguration - Added configuration [MapConfiguration] from source [Transient-Config-Layer]
2023-04-25 09:53:08,613 [main] [INFO ] shared.util.VulasConfiguration - Added configuration [SystemConfiguration] from source [System-Properties]
2023-04-25 09:53:08,613 [main] [WARN ] shared.util.VulasConfiguration - Configuration key [ProgramFiles(x86)] removed due to illegal characters
[WARNING] Error injecting: org.eclipse.steady.java.mvn.MvnPluginBom
com.google.inject.ProvisionException: Unable to provision, see the following errors:

  1. Error injecting constructor, java.lang.UnsupportedOperationException
    at org.eclipse.steady.java.mvn.MvnPluginBom.(Unknown Source)
    while locating org.eclipse.steady.java.mvn.MvnPluginBom

1 error
at com.google.inject.internal.InternalProvisionException.toProvisionException (InternalProvisionException.java:226)
at com.google.inject.internal.InjectorImpl$1.get (InjectorImpl.java:1053)
at com.google.inject.internal.InjectorImpl.getInstance (InjectorImpl.java:1086)
at org.eclipse.sisu.space.AbstractDeferredClass.get (AbstractDeferredClass.java:48)
...
Caused by: java.lang.UnsupportedOperationException
at java.util.Collections$UnmodifiableMap.remove (Collections.java:1460)
at org.apache.commons.configuration.MapConfiguration.clearPropertyDirect (MapConfiguration.java:218)
at org.apache.commons.configuration.AbstractConfiguration.clearProperty (AbstractConfiguration.java:505)
at org.eclipse.steady.shared.util.VulasConfiguration.sanitize (VulasConfiguration.java:306)
at org.eclipse.steady.shared.util.VulasConfiguration.addConfiguration (VulasConfiguration.java:272)
at org.eclipse.steady.shared.util.VulasConfiguration.appendInitialConfigurations (VulasConfiguration.java:219)
at org.eclipse.steady.shared.util.VulasConfiguration. (VulasConfiguration.java:140)
at org.eclipse.steady.java.mvn.AbstractVulasMojo. (AbstractVulasMojo.java:91)
at org.eclipse.steady.java.mvn.MvnPluginBom. (MvnPluginBom.java:35)
...
[IJ]-1-MojoFailed-[IJ]-source=CLI-[IJ]-goal=app-[IJ]-id=:🫙1.0.0-[IJ]-error=Failed to execute goal org.eclipse.steady:plugin-maven:3.2.5:app (default-cli) on project : Execution default-cli of goal org.eclipse.steady:plugin-maven:3.2.5:app failed: Unable to load the mojo 'app' (or one of its required components) from the plugin 'org.eclipse.steady:plugin-maven:3.2.5'
[IJ]-1-ProjectFailed-[IJ]-id=:🫙1.0.0
[IJ]-1-SessionEnded-[IJ]-id=unknown
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 7.801 s
[INFO] Finished at: 2023-04-25T09:53:08+08:00
[INFO] ------------------------------------------------------------------------
[IJ]-1-Unknown-[IJ]-event=org.apache.maven.execution.DefaultMavenExecutionResult@2d07aacc
[ERROR] Failed to execute goal org.eclipse.steady:plugin-maven:3.2.5:app (default-cli) on project : Execution default-cli of goal org.eclipse.steady:plugin-maven:3.2.5:app failed: Unable to load the mojo 'app' (or one of its required components) from the plugin 'org.eclipse.steady:plugin-maven:3.2.5': com.google.inject.ProvisionException: Unable to provision, see the following errors:
[ERROR]
[ERROR] 1) Error injecting constructor, java.lang.UnsupportedOperationException
[ERROR] at org.eclipse.steady.java.mvn.MvnPluginBom.(Unknown Source)
[ERROR] while locating org.eclipse.steady.java.mvn.MvnPluginBom
[ERROR] at ClassRealm[plugin>org.eclipse.steady:plugin-maven:3.2.5, parent: jdk.internal.loader.ClassLoaders$AppClassLoader@512ddf17] (via modules: org.eclipse.sisu.wire.WireModule -> org.eclipse.sisu.plexus.PlexusBindingModule)
[ERROR] while locating org.apache.maven.plugin.Mojo annotated with @com.google.inject.name.Named(value="org.eclipse.steady:plugin-maven:3.2.5:app")
[ERROR]
[ERROR] 1 error
[ERROR] role: org.apache.maven.plugin.Mojo
[ERROR] roleHint: org.eclipse.steady:plugin-maven:3.2.5:app
[ERROR] -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/PluginContainerException

@serenaponta serenaponta mentioned this issue Apr 27, 2023
Merged
@serenaponta
Copy link
Contributor

serenaponta commented Apr 28, 2023
edited
Loading

@the-brownstone, thanks for reporting and for the detailed description of the issue, i was able to replicate it only on a windows os. This is now fixed in master (version 2.3.6-SNAPSHOT) and will be part of the next release.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@serenaponta @the-brownstone