Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
Martijn Hoekstra
@martijnhoekstra
in other words, that it worked in 2.12- was a bug
annoyingly, you now have to import com.twitter.finagle.{Status => _, _} or import com.twitter.finagle.http.{Status => httpStatus} and use httpStatus
(and possibly reflect on the life choices one made to that led to shadowing these names in the first place, regardless of whether breaking it to align with the spec is justified, or should have gone the other way round)
according to the spec, reflecting on life choices is always optional though
and may be unsafe
Alessandro Vermeulen
@spockz
I was always charmed by the fact that the package name was enough the distinctively identify a class. Otherwise you would get com.something.foo.bar.status.ComSomethingFooBarStatusThing... :(
Very existential question indeed :)
Martijn Hoekstra
@martijnhoekstra
the name is still enough, the shadowing behaviour just changed. The import rename is needed for the user not to get confused which one you mean. For the compiler just making sure the right one shadows the wrong one is sufficient.
Alessandro Vermeulen
@spockz
Yes sure
@martijnhoekstra I can make the MR to your branch, do you want separate commits for the changes in the different modules or is a single commit okay for you?
Martijn Hoekstra
@martijnhoekstra
I think separate commits is best. The base-http will need to be rebased still, so being able to cherry-pick indivuadually for a new PR will be useful
Alessandro Vermeulen
@spockz
I did not touch base-http
oh wait, I touched a test :+
But that is just for deprecation warnings
Alessandro Vermeulen
@spockz
martijnhoekstra/finagle#1 @martijnhoekstra <there you go, now for lunch
Let me know when/if a rebase is needed
Martijn Hoekstra
@martijnhoekstra
nice, thanks!
kamisama-rney
@kamisama-rney

Has anyone managed to get Finagle to run in FIPS 140-2 mode? I've built a custom version of Finagle using he tc-native library instead of BoringSSL but when I call

// Force FIPS 140-2 compliant TLS
 io.netty.internal.tcnative.SSL.fipsModeSet(1)

I get a java.lang.UnsatisfiedLinkError: io.netty.internal.tcnative.NativeStaticallyReferencedJniMethods.sslOpCipherServerPreference()

Matt Ellis
@Matt-Ellis98
Hey guys, has anyone tackled the challenge of documenting their api's with swagger when using finagle with thrift?
Arjan Topolovec
@arjantop
How do you do tracing with FInagle futures?
I have a function like this: def spanF[T](name: String)(f: => Future[T]): Future[T]
but the problem is that if I attach on complete callbacks to the future to complete the span
the span is not ended until the result of the future is used
so the span length can be 2x compared to the real execution time
how are you solving this?
Moses Nakamura
@mosesn
we don’t have a great solution to that problem. we don’t typically put blocking work in the follow-up callbacks
so it’s usually not off by more than some microseconds.
Alessandro Vermeulen
@spockz
@martijnhoekstra I would love to get 2.13 support for http in the October release. Can I help out with something else?
Moses Nakamura
@mosesn
@spockz to set expectations clearly, we’re trying to do the release in the next couple of days, so http will probably not make it in
Arjan Topolovec
@arjantop
@mosesn thank you for the answer. It is not something critical, was just curious.
Moses Nakamura
@mosesn
@arjantop +1. yeah, we’ve considered trying to address it, but it seems tough to do without mangling the API
kamisama-rney
@kamisama-rney
Okay, I finally figured out how to make Finagle FIPS 140-2 compliant. It was quite the chore creating a custom build of netty-tcnative that did a static link of the FIPS 140-2 compliant OpenSSL 1.0.2t library with all the correct fingerprint signatures.
Moses Nakamura
@mosesn
good work! I don’t think we’ve ever had to do that. what is FIPS 140-2 compliance used for?
Alessandro Vermeulen
@spockz
@mosesn thanks for the heads up. Then at least I want to get something in so we can review it and make it for November. I would like to add some JMH benchmarks for performance critical parts if you can identify them
kamisama-rney
@kamisama-rney
@mosesn FIPS 140-2 is a specific gov't network security standard required to pass FedRamp certification.
Moses Nakamura
@mosesn
@kamisama-rney ahhhh, I see. how would you feel about publishing how you accomplished it to a gist or a github repo?
@spockz how about taking a look at twitter/finagle#805 and seeing what kinds of benchmarks might be useful on the headermap?
Alessandro Vermeulen
@spockz
@mosesn sure. Good idea.
Someone said something about performance regressions a bit up. What was that related to? Maybe we can add some benchmarks for that as well?
Martijn Hoekstra
@martijnhoekstra
@spockz at the moment everything is bottlenecked on the 805 that @mosesn linked above. That PR is ready for re-review, I'm sure Bryce will find a few nicks for picking, so let's say that takes about a 3 days to go through. After that, the base-http PR needs to be rebased and reviewed. That will take, in my rough expectation, about a week when 805 is through. Then we can rebase the PR you issued against my repo for finagle-http. That looks pretty straightforward, so that probably can be pushed through pretty quickly.
in my guesstimation that means finagle-http should be in time for the November release
and we'll be home before Christmas
Alessandro Vermeulen
@spockz
@martijnhoekstra haha. That would make it a nice gift. How can I help?
jyanJing
@jyanJing
Hi folks, we are in the process of releasing finagle 19.10.0, the release job has started on Monday, Oct. 7th, the jars are already published, you shall be expecting a release notes coming out soon. Apologies for not keeping you posted before the release.
kamisama-rney
@kamisama-rney

@mosesn I'm happy to do a writeup on the steps once I get a few spare moments. It isn't that difficult a process once the steps are documented. Part of what made it so difficult was gathering all the information together.

It would also be nice to create two versions of Finagle, one with the netty-tcnative-boringssl-static library and the other with the simple netty-tcnative library where the native library is compiled by the library consumer since that's the approach I took. I now have a forked Finagle and Twitter Server repo using the netty-tcnative library.

Alessandro Vermeulen
@spockz
it should be possible to just exclude the boring ssl and include the statically compiled against your openssl version
kamisama-rney
@kamisama-rney
@spockz thanks for reminding me that I could do that. Forgot about the exclusion option on library dependencies. Works like a charm
Alessandro Vermeulen
@spockz
@kamisama-rney did you really need openssl 1.0.x for the FIPS compliance or could you get it with 1.1.x as well?
kamisama-rney
@kamisama-rney
@spockz Actually it must use either 1.0.1 or 1.0.2 according to the FIPS user guide. - https://www.openssl.org/docs/fips/UserGuide-2.0.pdf. The next version they are targeting for FIPS certification is 3.x which is under development.
Alessandro Vermeulen
@spockz
Ah right indeed