wombatu-kun opened a new issue, #19274:
URL: https://github.com/apache/hudi/issues/19274

   Inside a Maven module, RAT works. It is declared in the `<build><plugins>` 
of ~55 module poms and bound to the `compile` phase, so an ordinary build job 
does fail on a missing ASF header. Verified: planting a header-less `.java` in 
`hudi-io/src/main/java/` makes `mvn -pl hudi-io compile` exit 1.
   
   Outside a module there is no working gate. Each of those RAT runs is scoped 
to its own module's `basedir`, and the root aggregator does not declare the 
plugin in `<build><plugins>`, so the only run that ever scans the repository 
root is the direct `mvn apache-rat:check` goal invocation. That lives in 
exactly one place, `scripts/release/validate_source_rat.sh`, and that script 
always exits 0 no matter what RAT reports. Verified: a header-less file at the 
repository root is not caught by `mvn -pl hudi-io compile` (exit 0) but is 
caught by `mvn apache-rat:check` (exit 1).
   
   So `rfc/`, `scripts/`, `docker/`, the root-level files, and any new 
non-Maven top-level directory are effectively unchecked. On current master the 
`validate-source` job prints, in this order:
   
       [INFO] BUILD FAILURE
       [ERROR] Failed to execute goal ...apache-rat-plugin:0.16.1:check ... Too 
many files with unapproved license: 19
                Rat Check Failed. [ERROR]
               RAT Check Passed [OK]
   
   and the job is green. (Run 29146535016, job 86528961522, on master.)
   
   ### Why the failure does not propagate
   
       (bash -c "mvn apache-rat:check -DdeployArtifacts=true") || (echo -e 
"\t\t Rat Check Failed. [ERROR]\n\t\t Please run with --verbose to get 
details\n" && exit 1)
       echo -e "\t\tRAT Check Passed [OK]\n"
   
   The `exit 1` sits inside a `( ... )` subshell, so it exits the subshell, not 
the script. There is no `set -e`, so control falls through to the success 
message and the script returns the status of that final `echo`, which is 0. The 
guard announces the error and then cancels itself.
   
   ### The real violations this has been hiding
   
   `rfc/rfc-99/variant-appendix.md` and `rfc/rfc-99/vector-appendix.md` carry 
no ASF header. They are the only 2 of the 54 `rfc/**/*.md` files without one, 
and being outside any Maven module, nothing has ever flagged them.
   
   ### Why the count says 19, not 2
   
   17 of the 19 are phantom. The `validate-source` job runs 
`create_source_directory.sh hudi-tmp-repo` before the RAT step, leaving a full 
copy of the tree in the workspace. The RAT exclude in the root `pom.xml` is 
root-anchored:
   
       <exclude>hudi-trino-plugin/**</exclude>
   
   so it excludes `hudi-trino-plugin/` but not 
`hudi-tmp-repo/hudi-trino-plugin/`, and RAT scans the copy. Running `mvn 
apache-rat:check` on a plain checkout with no scratch copy reports `Unapproved: 
2` - exactly the two RFC appendices.
   
   ### Fix
   
   Propagate the failure (drop the subshell), make the RAT exclude match at any 
depth so the scratch copy is excluded too, and add the missing ASF header to 
the two RFC appendices.
   
   Related: #19266 is the same class of silently-inert guard, in the sibling 
binary-file check in the same job.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to