Skip to content

Fix build caching: remove generateSecretKeys dependency from test#1028

Open
ribafish wants to merge 1 commit intoapache:trunkfrom
ribafish:fix/generate-secret-keys-caching
Open

Fix build caching: remove generateSecretKeys dependency from test#1028
ribafish wants to merge 1 commit intoapache:trunkfrom
ribafish:fix/generate-secret-keys-caching

Conversation

@ribafish
Copy link
Copy Markdown

@ribafish ribafish commented Mar 25, 2026
edited
Loading

Summary

The test task depends on generateSecretKeys, which writes new random values to framework/security/config/security.properties on every build. Since this file is part of the main resource source set (config/ dirs are included via getDirectoryInActiveComponentsIfExists('config')), changing it causes cascading Gradle build cache misses for:

  • :compileTestGroovy — classpath includes main resources
  • :checkstyleMain — classpath includes sourceSets.main.output
  • :checkstyleTest — same reason
  • :test — classpath + test classes differ

This PR:

  1. Removes dependsOn 'generateSecretKeys' from the test task — the main security.properties is no longer mutated during build
  2. Adds a test-specific security.properties in framework/security/src/test/resources/ with fixed keys — this shadows the main config on the test classpath so unit tests that require JWT keys (e.g. ModelFormTest) continue to work

The generateSecretKeys task is unchanged and remains available for manual use (./gradlew generateSecretKeys) and as a dependency of loadAll.

ribafish added a commit to gradle/develocity-oss-projects that referenced this pull request Mar 25, 2026
@ribafish
Fix Apache OFBiz experiment: remove generateSecretKeys dependency
a895c14 
The generateSecretKeys task writes new random keys to security.properties
on every build, causing cascading cache misses for compileTestGroovy,
checkstyleMain, checkstyleTest, and test. Use a git hook to remove the
test dependency and provide fixed keys instead.

Upstream fix: apache/ofbiz-framework#1028
@jacopoc jacopoc self-assigned this Mar 25, 2026
@jacopoc jacopoc mentioned this pull request Mar 25, 2026
Merged
@jacopoc
Copy link
Copy Markdown
Contributor

jacopoc commented Mar 25, 2026

Hi @ribafish,
your report is valid, but I addressed it using a different strategy than the one you proposed.

I’ve merged my changes in PR #1029.
Please take a look and let me know if this resolves the issues you were experiencing.

Thank you!

@ribafish ribafish closed this Mar 26, 2026
@ribafish ribafish reopened this Mar 26, 2026
@ribafish
Fix build caching by removing generateSecretKeys dependency from test
4054eb6 
The test task previously depended on generateSecretKeys, which writes
new random values to security.properties on every build. Since this
file is part of the main resource source set, it causes cascading cache
misses for compileTestGroovy, checkstyleMain, checkstyleTest, and test.

Instead, provide a test-specific security.properties with fixed keys
in framework/security/src/test/resources/. This shadows the main config
on the test classpath, so unit tests that need JWT keys (e.g.
ModelFormTest) still work. The generateSecretKeys task remains available
for manual use and for the loadAll task.
@ribafish ribafish force-pushed the fix/generate-secret-keys-caching branch from d92eb60 to 4054eb6 Compare March 26, 2026 11:51
@ribafish
Copy link
Copy Markdown
Author

ribafish commented Mar 26, 2026

Thanks for the quick fix in #1029!

It does resolve the issue for local build cache reuse (two consecutive builds on the same machine) — the first build generates keys, the second sees them and skips.

However, it doesn't fully address cross-machine build cache reuse. On a fresh checkout the keys are empty, so generateSecretKeys still generates random values and mutates security.properties. Two different machines checking out the same commit will each generate different random keys, producing different processResources output and different cache keys for :compileTestGroovy, :checkstyleMain, :checkstyleTest, and :test.

This PR complements #1029 by removing generateSecretKeys from the build task graph entirely (it remains available for manual use and loadAll), and providing fixed test keys via a test resource file so that security.properties is never mutated during builds.

@ribafish ribafish mentioned this pull request Mar 27, 2026
Draft
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@jacopoc jacopoc

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ribafish @jacopoc