LDEV-6105 - Add configurable Maven download policy (ignore/warn/error) with separate startup and runtime settings

Author: michaeloffner

core/src/main/java/lucee/runtime/config/maven/MavenUpdateProvider.java

@@ -38,6 +38,7 @@
 import lucee.runtime.converter.ConverterException;
 import lucee.runtime.converter.JSONConverter;
 import lucee.runtime.converter.JSONDateFormat;
+import lucee.runtime.engine.CFMLEngineImpl;
 import lucee.runtime.exp.PageException;
 import lucee.runtime.listener.SerializationSettings;
 import lucee.runtime.op.CastImpl;
@@ -120,6 +121,7 @@ private static Repository[] readReposFromEnvVar(String envVarName, Repository[]
 					repos.add(new Repository(null, new URL(s).toExternalForm(), Repository.TIMEOUT_5MINUTES, Repository.TIMEOUT_NEVER));
 				}
 				catch (Exception e) {
+					LogUtil.log(Log.LEVEL_WARN, "MavenUpdateProvider", "Invalid repository URL [" + s + "] in environment variable [" + envVarName + "]: " + e.getMessage());
 				}
 			}
 			if (repos.size() > 0) {
@@ -212,7 +214,8 @@ public List<Version> list() throws IOException, GeneralSecurityException, SAXExc
 				Exception e = exceptions.pop();
 				if (e instanceof GeneralSecurityException) throw (GeneralSecurityException) e;
 				else if (e instanceof SAXException) throw (SAXException) e;
-				throw ExceptionUtil.toIOException(e);
+
+				throw ExceptionUtil.toIOException(new IOException("Failed to list available versions from Maven repositories for [" + group + ":" + artifact + "]", e));
 			}
 
 			// Join all threads
@@ -229,14 +232,15 @@ public List<Version> list() throws IOException, GeneralSecurityException, SAXExc
 			return new ArrayList<>();
 		}
 		catch (UnknownHostException uhe) {
-			throw new IOException("cannot reach maven server", uhe);
+			throw new IOException("Cannot reach Maven server [" + uhe.getMessage() + "] " + "while resolving [" + group + ":" + artifact + "]. "
+					+ "Check your network connectivity and DNS configuration.", uhe);
 		}
 	}
 
 	public InputStream getCore(Version version) throws IOException, GeneralSecurityException, SAXException, PageException {
-
 		Map<String, Object> data = detail(version, "jar", true);
 		String strURL = Caster.toString(data.get("lco"), null);
+		assertDownloadAllowed(strURL);
 		if (!StringUtil.isEmpty(strURL)) {
 			// Use HTTPDownloader with DEBUG logging for Maven operations
 			return HTTPDownloader.get(new URL(strURL), null, null, CONNECTION_TIMEOUT, READ_TIMEOUT, null, Log.LEVEL_TRACE);
@@ -247,10 +251,14 @@ public InputStream getCore(Version version) throws IOException, GeneralSecurityE
 	public InputStream getLoader(Version version) throws IOException, GeneralSecurityException, SAXException, PageException {
 		Map<String, Object> data = detail(version, "jar", true);
 		String strURL = Caster.toString(data.get("jar"), null);
-		if (StringUtil.isEmpty(strURL)) throw new IOException("no jar for [" + version + "] found.");
+		if (StringUtil.isEmpty(strURL)) {
+			throw new IOException("No JAR artifact found for [" + group + ":" + artifact + ":" + version + "]. " + "Verify the version exists in the configured repositories.");
+		}
 
 		// Use HTTPDownloader with DEBUG logging for Maven operations
-		return HTTPDownloader.get(new URL(strURL), null, null, CONNECTION_TIMEOUT, READ_TIMEOUT, null, Log.LEVEL_TRACE);
+		URL url = new URL(strURL);
+		assertDownloadAllowed(strURL);
+		return HTTPDownloader.get(url, null, null, CONNECTION_TIMEOUT, READ_TIMEOUT, null, Log.LEVEL_TRACE);
 	}
 
 	/*
@@ -302,7 +310,8 @@ public Map<String, Object> detail(Version version, String requiredArtifactExtens
 					}
 					// read main
 					{
-						URL urlMain = new URL(repo.url + g + "/" + a + "/" + v + "/" + a + "-" + v + "." + requiredArtifactExtension);
+						String strURL = repo.url + g + "/" + a + "/" + v + "/" + a + "-" + v + "." + requiredArtifactExtension;
+						URL urlMain = new URL(strURL);
 						HTTPResponse rsp = HTTPDownloader.head(urlMain, CONNECTION_TIMEOUT, CONNECTION_TIMEOUT, Log.LEVEL_TRACE);
 						if (validSatusCode(rsp)) {
 							Map<String, Object> result = new LinkedHashMap<>();
@@ -341,8 +350,8 @@ public Map<String, Object> detail(Version version, String requiredArtifactExtens
 		catch (UnknownHostException uhe) {
 			throw new IOException("cannot reach maven server", uhe);
 		}
-		if (throwException) throw new IOException("could not find the artifact [" + requiredArtifactExtension + "] for [" + group + ":" + artifact + ":" + version
-				+ "] in the following repositories [" + toList(repos) + "]");
+		if (throwException) throw new IOException("Could not find the artifact [" + group + ":" + artifact + ":" + version + "] (type: " + requiredArtifactExtension
+				+ ") in any of the configured repositories: [" + toList(repos) + "]. " + "Verify the artifact coordinates and version are correct.");
 		return null;
 	}
 
@@ -494,4 +503,17 @@ public String toString() {
 			return "label:" + label + ";url:" + url + ";timeoutList:" + timeoutList + ";timeoutDetail:" + timeoutDetail;
 		}
 	}
+
+	private static void assertDownloadAllowed(String url) throws IOException {
+		int policy = CFMLEngineImpl.getActiveDownloadPolicy();
+		if (policy == CFMLEngineImpl.MAVEN_DOWNLOAD_POLICY_ERROR) {
+			throw new IOException("Maven download is blocked by policy. Attempted to download [" + url + "]. "
+					+ "To allow downloads, set the system property or environment variable " + "'lucee.maven.download.policy' to 'warn' or 'ignore'. "
+					+ "Alternatively, place the artifact manually in your local Maven repository (~/.m2/repository).");
+		}
+		else if (policy == CFMLEngineImpl.MAVEN_DOWNLOAD_POLICY_WARN) {
+			LogUtil.log(CFMLEngineImpl.MAVEN_DOWNLOAD_POLICY_LOG_LEVEL, "maven", "Downloading Maven artifact from [" + url + "]. Maven download policy is set to 'warn'. "
+					+ "Set 'lucee.maven.download.policy' to 'error' to block downloads " + "or 'ignore' to suppress this warning.");
+		}
+	}
 }

core/src/main/java/lucee/runtime/engine/CFMLEngineImpl.java

@@ -189,6 +189,14 @@ public final class CFMLEngineImpl implements CFMLEngine {
 
 	private static final boolean IS_WINDOWS = SystemUtil.isWindows();
 
+	public static final int MAVEN_DOWNLOAD_POLICY_STARTUP;
+	public static final int MAVEN_DOWNLOAD_POLICY_RUNTIME;
+	public static final int MAVEN_DOWNLOAD_POLICY_LOG_LEVEL;
+
+	public static final int MAVEN_DOWNLOAD_POLICY_ERROR = 2;
+	public static final int MAVEN_DOWNLOAD_POLICY_WARN = 1;
+	public static final int MAVEN_DOWNLOAD_POLICY_IGNORE = 0;
+
 	static {
 		System.setProperty("org.apache.commons.logging.Log", "org.apache.commons.logging.impl.NoOpLog");
 		System.setProperty("javax.xml.bind.context.factory", "com.sun.xml.bind.v2.ContextFactory");
@@ -222,6 +230,30 @@ public final class CFMLEngineImpl implements CFMLEngine {
 
 		// Disable reverse DNS lookups
 		System.setProperty("sun.net.useExclusiveBind", "false");
+
+		String tmp = Caster.toString(SystemUtil.getSystemPropOrEnvVar("lucee.maven.download.policy.startup", null), null);
+		if ("error".equals(tmp)) {
+			MAVEN_DOWNLOAD_POLICY_STARTUP = MAVEN_DOWNLOAD_POLICY_ERROR;
+		}
+		else if ("warn".equals(tmp) || "warning".equals(tmp)) {
+			MAVEN_DOWNLOAD_POLICY_STARTUP = MAVEN_DOWNLOAD_POLICY_WARN;
+		}
+		else {
+			MAVEN_DOWNLOAD_POLICY_STARTUP = MAVEN_DOWNLOAD_POLICY_IGNORE;
+		}
+
+		tmp = Caster.toString(SystemUtil.getSystemPropOrEnvVar("lucee.maven.download.policy.runtime", null), null);
+		if ("error".equals(tmp)) {
+			MAVEN_DOWNLOAD_POLICY_RUNTIME = MAVEN_DOWNLOAD_POLICY_ERROR;
+		}
+		else if ("warn".equals(tmp) || "warning".equals(tmp)) {
+			MAVEN_DOWNLOAD_POLICY_RUNTIME = MAVEN_DOWNLOAD_POLICY_WARN;
+		}
+		else {
+			MAVEN_DOWNLOAD_POLICY_RUNTIME = MAVEN_DOWNLOAD_POLICY_IGNORE;
+		}
+
+		MAVEN_DOWNLOAD_POLICY_LOG_LEVEL = LogUtil.toLevel(Caster.toString(SystemUtil.getSystemPropOrEnvVar("lucee.maven.download.policy.log.level", null), null), Log.LEVEL_ERROR);
 	}
 
 	public static final PrintStream CONSOLE_ERR = System.err;
@@ -274,25 +306,22 @@ private CFMLEngineImpl(CFMLEngineFactory factory, BundleCollection bc) {
 			try {
 				FunctionLibFactory.loadFromSystem(null);
 			}
-			catch (FunctionLibException e) {
-			}
+			catch (FunctionLibException e) {}
 		}, true).start();
 
 		ThreadUtil.getThread(() -> {
 			try {
 				TagLibFactory.loadFromSystem(null);
 			}
-			catch (TagLibException e) {
-			}
+			catch (TagLibException e) {}
 		}, true).start();
 
 		// Force localhost resolution early
 		ThreadUtil.getThread(() -> {
 			try {
 				Log4j2Engine.prepare();
 			}
-			catch (Exception e) {
-			}
+			catch (Exception e) {}
 		}, true).start();
 
 		/*
@@ -528,8 +557,7 @@ else if (installExtensions && (updateInfo.updateType == ConfigFactory.NEW_MINOR
 			try {
 				log = cs.getLog("deploy", true);
 			}
-			catch (PageException e) {
-			}
+			catch (PageException e) {}
 		}
 
 		touchMonitor(cs);
@@ -555,6 +583,18 @@ else if (installExtensions && (updateInfo.updateType == ConfigFactory.NEW_MINOR
 			LogUtil.log(cs, Log.LEVEL_INFO, "startup", "Start CFML Controller");
 			controler.start();
 		}
+
+	}
+
+	public static int getActiveDownloadPolicy() {
+		try {
+			CFMLEngine eng = CFMLEngineFactory.getInstance();
+			if (eng != null && eng.uptime() > 0) return MAVEN_DOWNLOAD_POLICY_RUNTIME;
+		}
+		catch (Exception e) {
+			// engine not registered yet = still starting up
+		}
+		return MAVEN_DOWNLOAD_POLICY_STARTUP;
 	}
 
 	private static void checkInvalidExtensions(CFMLEngineImpl eng, ConfigPro config, Set<ExtensionDefintion> extensionsToInstall, Set<String> extensionsToRemove) {
@@ -668,8 +708,7 @@ private int deployBundledExtension(ConfigServerImpl cs, boolean validate) {
 				try {
 					existingMap.put(ed.getSource().getName(), ed);
 				}
-				catch (ApplicationException e) {
-				}
+				catch (ApplicationException e) {}
 			}
 		}
 
@@ -1776,8 +1815,7 @@ private void onStartCall(ConfigPro config, boolean reload, boolean warmup) {
 				Resource rootdir = config.getRootDirectory();
 				listenerTemplateCFMLWebRoot = rootdir.getRealResource(context + "." + lucee.runtime.config.Constants.getCFMLComponentExtension());
 			}
-			catch (Exception e) {
-			}
+			catch (Exception e) {}
 		}
 
 		// dialect

core/src/main/java/lucee/runtime/mvn/MavenUtil.java

@@ -44,6 +44,7 @@
 import lucee.commons.net.HTTPUtil;
 import lucee.runtime.config.Config;
 import lucee.runtime.config.ConfigPro;
+import lucee.runtime.engine.CFMLEngineImpl;
 import lucee.runtime.exp.ApplicationException;
 import lucee.runtime.mvn.POMReader.Dependency;
 import lucee.runtime.op.Caster;
@@ -220,7 +221,8 @@ public static POM getDependency(Resource localDirectory, POMReader.Dependency rd
 				// v = resolvePlaceholders(pdm, v, pdm.getProperties());
 			}
 			if (v == null) {
-				throw new IOException("could not find version for dependency [" + g + ":" + a + "] in [" + current + "]");
+				throw new IOException("No version defined for dependency [" + g + ":" + a + "] in POM [" + current + "]. "
+						+ "Specify a version directly or ensure it is declared in <dependencyManagement>.");
 			}
 		}
 
@@ -503,7 +505,8 @@ else if ("optional".equals(placeholder)) {
 			if (!modifed) break;
 		}
 		if (value != null && value.indexOf("${") != -1) {
-			throw new IOException("Cannot resolve [" + value + "] for [" + pom + "], available properties are [" + ListUtil.toList(properties.keySet(), ", ") + "]");
+			throw new IOException("Cannot resolve placeholder in [" + value + "] for POM [" + pom + "]. " + "Available properties: [" + ListUtil.toList(properties.keySet(), ", ")
+					+ "]. " + "Ensure the property is defined in the POM, parent POM, or system properties.");
 		}
 		return value;
 	}
@@ -517,8 +520,7 @@ public static void downloadAsync(POM pom, Collection<Repository> repositories, S
 			try {
 				download(pom, repositories, type, log);
 			}
-			catch (IOException e) {
-			}
+			catch (IOException e) {}
 		}, true).start();
 	}
 
@@ -527,7 +529,7 @@ public static Resource download(POM pom, Collection<Repository> repositories, St
 
 		// file is empty or does not exist
 		if (!res.isFile()) {
-			// print.ds("--->" + pom.toString());
+
 			synchronized (SystemUtil.createToken("mvn", res.getAbsolutePath())) {
 				// file is empty or does not exist
 				if (!res.isFile()) {
@@ -553,7 +555,10 @@ public static Resource download(POM pom, Collection<Repository> repositories, St
 							download(pom, repositories, type, log);
 							return res;
 						}
-						throw new IOException("Failed to download [" + pom + "] ");
+
+						throw new IOException("Maven artifact [" + pom.getGroupId() + ":" + pom.getArtifactId() + ":" + pom.getVersion() + "] "
+								+ "is not available. A previous download attempt failed and is cached for " + (ARTIFACT_UNAVAILABLE_CACHE_DURATION / 60000) + " minutes. "
+								+ "Delete the '.lastUpdated' file in the local cache to retry immediately.");
 					}
 
 					String scriptName = pom.getGroupId().replace('.', '/') + "/" + pom.getArtifactId() + "/" + pom.getVersion() + "/" + pom.getArtifactId() + "-" + pom.getVersion()
@@ -563,19 +568,30 @@ public static Resource download(POM pom, Collection<Repository> repositories, St
 						if (repositories == null || repositories.isEmpty()) repositories = pom.getRepositories();
 
 						if (repositories == null || repositories.size() == 0) {
-							IOException ioe = new IOException("Failed to download java artifact [" + pom.toString() + "] for type [" + type + "]");
-							// "Failed to download java artifact [" + pom.toString() + "] for type [" + type + "], attempted
-							// endpoint(s): [" + sb + "]");
-							// if (cause != null) ExceptionUtil.initCauseEL(ioe, cause);
-							throw ioe;
+							throw new IOException("Failed to download Maven artifact [" + pom.getGroupId() + ":" + pom.getArtifactId() + ":" + pom.getVersion() + "] " + "(type: "
+									+ type + "). No repositories are configured. " + "Ensure at least one repository is defined in the POM or Lucee configuration.");
 						}
 						// url = pom.getArtifact(type, repositories);
 						//////// if (log != null) log.info("maven", "download [" + url + "]");
 						URL url;
 						CloseableHttpClient httpClient;
+						int policy = CFMLEngineImpl.getActiveDownloadPolicy();
 						for (Repository r: sort(repositories)) {
 							url = null;
 							httpClient = null;
+							if (policy == CFMLEngineImpl.MAVEN_DOWNLOAD_POLICY_ERROR) {
+								throw new IOException("Lucee is unable to resolve the Maven artifact [" + pom.getGroupId() + ":" + pom.getArtifactId() + ":" + pom.getVersion()
+										+ "] " + "(type: " + type + ") because Maven downloads are blocked by policy. "
+										+ "To allow downloads, set the system property or environment variable " + "'lucee.maven.download.policy' to 'warn' or 'ignore'. ");
+							}
+							else if (policy == CFMLEngineImpl.MAVEN_DOWNLOAD_POLICY_WARN) {
+								LogUtil.log(CFMLEngineImpl.MAVEN_DOWNLOAD_POLICY_LOG_LEVEL, "maven",
+										"Downloading Maven artifact [" + pom.getGroupId() + ":" + pom.getArtifactId() + ":" + pom.getVersion() + "] " + "(type: " + type
+												+ "). Maven download policy is set to 'warn'. "
+												+ "Set the system property or environment variable 'lucee.maven.download.policy' to "
+												+ "'error' to block downloads or 'ignore' to suppress this warning.");
+							}
+
 							try {
 								url = new URL(r.getUrl() + scriptName);
 								httpClient = HttpClients.createDefault();
@@ -634,13 +650,16 @@ public static Resource download(POM pom, Collection<Repository> repositories, St
 					}
 					catch (IOException ioe) {
 						createLastUpdated(res, info);
-						IOException ex = new IOException("Failed to download [ " + pom + ":" + type + "]");
+						IOException ex = new IOException("Failed to download Maven artifact [" + pom.getGroupId() + ":" + pom.getArtifactId() + ":" + pom.getVersion() + "] "
+								+ "(type: " + type + "). Check network connectivity and repository availability.");
 						ExceptionUtil.initCauseEL(ex, ioe);
 						// MUST add again ResourceUtil.deleteEmptyFoldersInside(pom.getLocalDirectory());
 						throw ex;
 					}
 					createLastUpdated(res, info);
-					throw new IOException("Failed to download [" + pom + ":" + type + "] from " + repositories.size() + " repositories");
+					throw new IOException("Failed to download Maven artifact [" + pom.getGroupId() + ":" + pom.getArtifactId() + ":" + pom.getVersion() + "] " + "(type: " + type
+							+ ") after trying all " + repositories.size() + " configured repositories. "
+							+ "Verify the artifact coordinates are correct and the repositories are accessible.");
 				}
 			}
 		}
@@ -703,17 +722,20 @@ public static POM toPOM(Resource localDirectory, Collection<Repository> reposito
 	}
 
 	public static int toScopes(String scopes) throws IOException {
-		if (StringUtil.isEmpty(scopes, true)) throw new IOException("there is no scope defined");
+		if (StringUtil.isEmpty(scopes, true))
+			throw new IOException("No Maven dependency scope defined. " + "Specify at least one scope from: compile, test, provided, runtime, system, import.");
 		return toScopes(ListUtil.listToStringArray(scopes, ','));
 	}
 
 	public static int toScopes(String[] scopes) throws IOException {
-		if (scopes.length == 0) throw new IOException("there is no scope defined");
+		if (scopes.length == 0) throw new IOException("No Maven dependency scope defined. " + "Specify at least one scope from: compile, test, provided, runtime, system, import.");
 
 		int rtn = 0, tmp;
 		for (String scope: scopes) {
 			tmp = toScope(scope, 0);
-			if (tmp == 0) throw new IOException("scope [" + scope + "] is not a supported scope, valid scope names are [compile,test,provided,runtime,system,import]");
+			if (tmp == 0) {
+				throw new IOException("Invalid Maven scope [" + scope.trim() + "]. " + "Supported values are: compile, test, provided, runtime, system, import.");
+			}
 			rtn += tmp;
 		}
 		return rtn;
@@ -1018,8 +1040,7 @@ public static Struct getMetaData(Config config, Class clazz, Struct defaultValue
 								data.setEL(KeyConstants._location, res.getAbsolutePath());
 								return data;
 							}
-							catch (Exception e) {
-							}
+							catch (Exception e) {}
 						}
 					}
 				}

loader/build.xml

@@ -2,7 +2,7 @@
 <project default="core" basedir="." name="Lucee" 
   xmlns:resolver="antlib:org.apache.maven.resolver.ant">
 
-  <property name="version" value="7.0.2.81-SNAPSHOT"/>
+  <property name="version" value="7.0.2.82-SNAPSHOT"/>
 
   <taskdef uri="antlib:org.apache.maven.resolver.ant" resource="org/apache/maven/resolver/ant/antlib.xml">
     <classpath>

loader/pom.xml

@@ -3,7 +3,7 @@
 
   <groupId>org.lucee</groupId>
   <artifactId>lucee</artifactId>
-  <version>7.0.2.81-SNAPSHOT</version>
+  <version>7.0.2.82-SNAPSHOT</version>
   <packaging>jar</packaging>
 
   <name>Lucee Loader Build</name>