You are viewing a plain text version of this content. The canonical link for it is here.
Posted to github@beam.apache.org by GitBox <gi...@apache.org> on 2022/08/03 01:51:30 UTC
[GitHub] [beam] Firebeam opened a new issue, #22566: [Bug]: BC-FIPS compliant app breaks on Beam 2.39.0 when upgrading from 2.34.0
Firebeam opened a new issue, #22566:
URL: https://github.com/apache/beam/issues/22566
### What happened?
We're currently using a GCP Dataflow app which works fine under 2.34.0, but needs to remain FIPS compliant, this includes having bc-fips-1.0.2.1.jar in our classpath. When we tried to upgrade to 2.39.0, apparently this new version included the jar bcpkix-jdk15on:1.67, which collides with the FIPS implementation, according to this StackOverflow answer: [https://stackoverflow.com/a/71075642](https://stackoverflow.com/a/71075642)
The actual error is as follows:
`org.apache.beam.sdk.util.UserCodeException: java.lang.NoSuchMethodError: 'boolean org.bouncycastle.crypto.CryptoServicesRegistrar.isInApprovedOnlyMode()' at
org.apache.beam.sdk.util.UserCodeException.wrap(UserCodeException.java:39)`
Is there a way we can upgrade safely?
### Issue Priority
Priority: 2
### Issue Component
Component: io-java-gcp
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: github-unsubscribe@beam.apache.org.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [beam] Firebeam commented on issue #22566: [Bug]: BC-FIPS compliant app breaks on Beam 2.39.0 when upgrading from 2.34.0
Posted by GitBox <gi...@apache.org>.
Firebeam commented on issue #22566:
URL: https://github.com/apache/beam/issues/22566#issuecomment-1237434430
Ok, good news. The workaround, well, works. But there should be a disclaimer for known issue, IMO. Leaving that for consideration!
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: github-unsubscribe@beam.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [beam] johnjcasey commented on issue #22566: [Bug]: BC-FIPS compliant app breaks on Beam 2.39.0 when upgrading from 2.34.0
Posted by GitBox <gi...@apache.org>.
johnjcasey commented on issue #22566:
URL: https://github.com/apache/beam/issues/22566#issuecomment-1232010730
I see that we added a dependency on bcprov-jdk15on here: https://github.com/apache/beam/pull/17052, but I don't see the dependency on bcpkix-jdk15on
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: github-unsubscribe@beam.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [beam] Firebeam commented on issue #22566: [Bug]: BC-FIPS compliant app breaks on Beam 2.39.0 when upgrading from 2.34.0
Posted by GitBox <gi...@apache.org>.
Firebeam commented on issue #22566:
URL: https://github.com/apache/beam/issues/22566#issuecomment-1235909549
My mistake, the conflicting jar is bcprov-jdk15on, according to this answer. [https://stackoverflow.com/a/65134446](https://stackoverflow.com/a/65134446) I do see the bcpkix-jdk15on dependency on beam-sdks-java-io-google-cloud-platform:2.39.0, under the nested dependency google-cloud-firestore:3.1.0. I'll try removing the bcprov-jdk15on dependency via exclusion, I'd put upgrading aside for now.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: github-unsubscribe@beam.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org