Support phasing off SecurityManager usage in favor of Java Agent

[kumargu]

Description

With Java agent as a replacement to security manager, we start enforcing access to UnixDomainSockets. On windows since UnixDomainSockets are used for loopback address windows builds are now starting to fail for skills and flow-framework.

Additionally for this plugin's integ test to work, it will need a new jvm args to be passed. this change also includes the JVM args included in build.gradle.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

[kumargu]

once this PR is green. I can try using agent "net.bytebuddy:byte-buddy:${versions.bytebuddy}"

[peterzhuamazon]

We can send similar PR to all repos or remove after RC1.
Better solution will be implementing opensearch-project/OpenSearch#17900 in RC2.

[andrross]

I think this should not be nested within allprojects?

[kumargu]

Yeah, i also think so. figuring that out.

[prudhvigodithi]

I have tested with this PR opensearch-project/OpenSearch#17900, just adding apply plugin: 'opensearch.java-agent' inside :opensearch-ml-plugin:yamlRestTest should solve the issue we dont have to add it across the gradle projects.

[kumargu]

I have tested with this PR opensearch-project/OpenSearch#17900, just adding apply plugin: 'opensearch.java-agent' inside :opensearch-ml-plugin:yamlRestTest should solve the issue we dont have to add it across the gradle projects.

that's only when opensearch-project/OpenSearch#17900 is merged?

[prudhvigodithi]

that's only when opensearch-project/OpenSearch#17900 is merged?

Yes Once merged, its under review hope to get the PR merged soon.
Thanks
@getsaurabh02

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 79.11%. Comparing base (82da998) to head (bcc0f72).
Report is 5 commits behind head on main.

Additional details and impacted files

@@             Coverage Diff              @@
##               main    #3724      +/-   ##
============================================
- Coverage     80.32%   79.11%   -1.22%     
- Complexity     7092     7115      +23     
============================================
  Files           621      623       +2     
  Lines         30937    31578     +641     
  Branches       3494     3571      +77     
============================================
+ Hits          24851    24983     +132     
- Misses         4574     5054     +480     
- Partials       1512     1541      +29     

Flag	Coverage Δ
ml-commons	79.11% <ø> (-1.22%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[dhrubo-os]

Just curious, if we are already doing this in the root gradle file, do we still need to do the same for all the modules?

[kumargu]

yup. one way to not do it across other modules is to include these on sub-projects, but that hasn't given me much of a success.

As-of-now, it seems like duplicating it across modules works. However this change in temporary to keep us unblocked. We may just define it at one place after this PR opensearch-project/OpenSearch#17900 is being merged and tested once.

[peterzhuamazon]

@prudhvigodithi opened:

• Use java-agent Gradle plugin to support phasing off SecurityManager usage in favor of Java Agent #3727

[peterzhuamazon]

Closing as #3727 is merged now. Thanks.