Skip to content

fix: use maven-metadata.xml to look up latest test framework version #1868

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
wenytang-ms merged 4 commits into from
Jun 3, 2026
Merged

fix: use maven-metadata.xml to look up latest test framework version #1868

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
b057cbd
fix: use maven-metadata.xml to look up the latest test framework version
wenytang-ms Jun 2, 2026
7c85940
test: guard against stale Maven Central data sources
wenytang-ms Jun 3, 2026
68b33a6
fix(review): address Copilot review feedback
wenytang-ms Jun 3, 2026
5763d0e
feat: route JUnit Jupiter 5 to the Platform 1.x line, JUnit 6 to 6.x
wenytang-ms Jun 3, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
111 changes: 111 additions & 0 deletions .github/workflows/health-check.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,111 @@
name: Health Check - Maven Central Data Sources

# Verifies that the upstream Maven Central data sources used by the
# "Enable Java Tests" download flow (see scripts/checkVersionSources.js)
# are still healthy. This catches situations like microsoft/vscode-java-test#1866,
# where the legacy search.maven.org Solr index was silently frozen and
# kept returning a pre-release as the "latest" stable version.
#
# - Runs on every PR and push to main so a code change cannot break the lookup.
# - Runs weekly so purely upstream changes are caught within days.
# - Can be triggered manually from the Actions tab.

on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
schedule:
# Monday 09:00 UTC.
- cron: '0 9 * * 1'
workflow_dispatch:

permissions:
contents: read
issues: write

jobs:
check-version-sources:
name: Check Maven Central version sources
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- uses: actions/checkout@v4

- name: Setup Node.js environment
uses: actions/setup-node@v4
with:
node-version: 20

- name: Run version source health check
run: node scripts/checkVersionSources.js

- name: Open issue on scheduled failure
if: failure() && github.event_name == 'schedule'
uses: actions/github-script@v7
with:
script: |
const runUrl = `${context.serverUrl}/${context.repo.owner}/${context.repo.repo}/actions/runs/${context.runId}`;
const title = '[health-check] Maven Central data source check failed';
const labelName = 'ci-health';
const body = [
'The scheduled health check for the Maven Central data sources used by',
'`scripts/checkVersionSources.js` failed.',
'',
`Failed run: ${runUrl}`,
'',
'This typically means one of the following:',
'- An upstream `maven-metadata.xml` is no longer reachable (HTTP 4xx/5xx).',
'- An upstream `<release>` tag has drifted to a pre-release version',
' (e.g. `-M3`, `-RC1`, `-beta-1`).',
'- A jar download URL is no longer reachable.',
'',
'See microsoft/vscode-java-test#1866 for the original failure mode.',
'',
'Please investigate before users start hitting the broken download.',
].join('\n');

// Ensure the label exists so issues.create({ labels: [...] }) does not 422.
try {
await github.rest.issues.createLabel({
owner: context.repo.owner,
repo: context.repo.repo,
name: labelName,
color: 'd93f0b',
description: 'Automated CI health-check failure',
});
core.info(`Created label "${labelName}".`);
} catch (err) {
if (err.status === 422) {
core.info(`Label "${labelName}" already exists.`);
} else {
throw err;
}
}

const { data: existing } = await github.rest.issues.listForRepo({
owner: context.repo.owner,
repo: context.repo.repo,
state: 'open',
labels: labelName,
per_page: 100,
});
const alreadyOpen = existing.find((issue) => issue.title === title);
if (alreadyOpen) {
await github.rest.issues.createComment({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: alreadyOpen.number,
body: `Health check failed again. Run: ${runUrl}`,
});
core.info(`Commented on existing issue #${alreadyOpen.number}.`);
} else {
const { data: created } = await github.rest.issues.create({
owner: context.repo.owner,
repo: context.repo.repo,
title,
body,
labels: [labelName],
});
Comment thread
wenytang-ms marked this conversation as resolved.
core.info(`Opened issue #${created.number}.`);
}
209 changes: 209 additions & 0 deletions scripts/checkVersionSources.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,209 @@
// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT license.

/**
* Health check for the Maven Central data sources that
* `src/commands/testDependenciesCommands.ts` relies on for the
* "Enable Java Tests" download flow.
*
* For every artifact that vscode-java-test fetches at runtime, this script:
*
* 1. Downloads the artifact's `maven-metadata.xml` from repo1.maven.org.
* 2. Extracts the `<release>` element and asserts it is a stable version
* (dot-separated digits only — no `-M3`, `-RC1`, `-beta-1`, etc.).
* 3. Issues an HTTP HEAD against the resolved `.jar` download URL and
* asserts a 2xx response.
*
* This guards against silent upstream drift, e.g.
* - the data source moving / being deprecated (microsoft/vscode-java-test#1866,
* where the legacy search.maven.org Solr index was frozen for ~a year
* and kept returning a milestone build as the "latest"),
* - a maintainer accidentally publishing a pre-release as `<release>`,
* - the jar layout under repo1.maven.org changing.
*
* Runs on PRs (so a code change that breaks the lookup never lands) and
* on a weekly cron (so a purely upstream change is caught within days
* instead of months).
*
* Pure Node, no dependencies — works before `npm install` runs.
*/

'use strict';

const ARTIFACTS = [
// JUnit 5 / Jupiter (the path that originally surfaced #1866).
// The console-standalone GAV publishes two coexisting release lines
// (1.x for legacy Jupiter 5, 6.x for Jupiter 6). The extension routes
// TestKind.JUnit5 to the 1.x line and TestKind.JUnit6 to the 6.x line,
// so the health check covers both.
{
groupId: 'org.junit.platform',
artifactId: 'junit-platform-console-standalone',
versionLine: '1',
},
{
groupId: 'org.junit.platform',
artifactId: 'junit-platform-console-standalone',
versionLine: '6',
},

// JUnit 4 + its hamcrest-core dependency.
{ groupId: 'junit', artifactId: 'junit' },
// hamcrest-core is pinned to 1.3 in the extension; verify both that 1.3
// still resolves and that the artifact metadata is reachable.
{ groupId: 'org.hamcrest', artifactId: 'hamcrest-core', pinnedVersion: '1.3' },

// TestNG + its transitive deps that we ship.
{ groupId: 'org.testng', artifactId: 'testng' },
{ groupId: 'com.beust', artifactId: 'jcommander' },
{ groupId: 'org.slf4j', artifactId: 'slf4j-api' },
];

const MAX_ATTEMPTS = 3;
const RETRY_BASE_DELAY_MS = 2000;
const REQUEST_TIMEOUT_MS = 15000;

const STABLE_VERSION_REGEX = /^\d+(\.\d+)*$/;

function groupPath(groupId) {
return groupId.split('.').join('/');
}

function metadataUrl(groupId, artifactId) {
return `https://repo1.maven.org/maven2/${groupPath(groupId)}/${artifactId}/maven-metadata.xml`;
}

function jarUrl(groupId, artifactId, version) {
return `https://repo1.maven.org/maven2/${groupPath(groupId)}/${artifactId}/${version}/${artifactId}-${version}.jar`;
}

function sleep(ms) {
return new Promise((resolve) => setTimeout(resolve, ms));
}

async function fetchWithRetry(url, init) {
let lastError;
for (let attempt = 1; attempt <= MAX_ATTEMPTS; attempt++) {
const controller = new AbortController();
const timer = setTimeout(() => controller.abort(), REQUEST_TIMEOUT_MS);
try {
const response = await fetch(url, { ...init, signal: controller.signal });
clearTimeout(timer);
return response;
} catch (err) {
clearTimeout(timer);
lastError = err;
if (attempt < MAX_ATTEMPTS) {
const delay = RETRY_BASE_DELAY_MS * attempt;
console.warn(` ! attempt ${attempt}/${MAX_ATTEMPTS} for ${url} failed: ${err.message}. Retrying in ${delay}ms...`);
await sleep(delay);
}
}
}
throw lastError;
}

function parseLatestStableVersion(xml, versionLine) {
if (versionLine === undefined) {
const releaseMatch = xml.match(/<release>([^<]+)<\/release>/);
if (releaseMatch && STABLE_VERSION_REGEX.test(releaseMatch[1])) {
return releaseMatch[1];
}
}
const lineRegex = versionLine !== undefined
? new RegExp(`^${versionLine.replace(/\./g, '\\.')}(\\.|$)`)
: undefined;
const versions = [];
const versionRegex = /<version>([^<]+)<\/version>/g;
let match;
while ((match = versionRegex.exec(xml)) !== null) {
versions.push(match[1]);
}
for (let i = versions.length - 1; i >= 0; i--) {
const candidate = versions[i];
if (!STABLE_VERSION_REGEX.test(candidate)) {
continue;
}
if (lineRegex && !lineRegex.test(candidate)) {
continue;
}
return candidate;
}
return undefined;
}

async function checkArtifact(artifact) {
const { groupId, artifactId, pinnedVersion, versionLine } = artifact;
const scope = versionLine ? ` (${versionLine}.x line)` : '';
console.log(`\n== ${groupId}:${artifactId}${scope} ==`);

const metaUrl = metadataUrl(groupId, artifactId);
console.log(` GET ${metaUrl}`);
const metaResponse = await fetchWithRetry(metaUrl);
if (!metaResponse.ok) {
throw new Error(`maven-metadata.xml returned HTTP ${metaResponse.status} ${metaResponse.statusText}`);
}
const xml = await metaResponse.text();

if (versionLine === undefined) {
const releaseMatch = xml.match(/<release>([^<]+)<\/release>/);
if (releaseMatch) {
const rawRelease = releaseMatch[1];
if (!STABLE_VERSION_REGEX.test(rawRelease)) {
console.warn(` ! <release> is a pre-release: "${rawRelease}". Falling back to <versions> scan.`);
}
} else {
console.warn(' ! <release> tag missing — relying entirely on <versions> fallback.');
}
}

const latestStable = parseLatestStableVersion(xml, versionLine);
if (!latestStable) {
throw new Error(`No stable version found${scope} in maven-metadata.xml.`);
}
console.log(` ok latest stable version${scope} = ${latestStable}`);

const versionsToProbe = pinnedVersion && pinnedVersion !== latestStable
? [latestStable, pinnedVersion]
: [latestStable];

for (const version of versionsToProbe) {
const downloadUrl = jarUrl(groupId, artifactId, version);
console.log(` HEAD ${downloadUrl}`);
const headResponse = await fetchWithRetry(downloadUrl, { method: 'HEAD' });
if (!headResponse.ok) {
throw new Error(`jar HEAD returned HTTP ${headResponse.status} ${headResponse.statusText} for ${downloadUrl}`);
}
console.log(` ok jar reachable (HTTP ${headResponse.status})`);
}
}

async function main() {
console.log('Checking Maven Central data sources for vscode-java-test...');
const failures = [];
for (const artifact of ARTIFACTS) {
try {
await checkArtifact(artifact);
} catch (err) {
failures.push({ artifact, error: err });
console.error(` FAIL ${artifact.groupId}:${artifact.artifactId} — ${err.message}`);
}
}

console.log('\n----');
if (failures.length === 0) {
console.log(`All ${ARTIFACTS.length} artifacts healthy.`);
return;
}

console.error(`${failures.length} of ${ARTIFACTS.length} artifact checks FAILED:`);
for (const { artifact, error } of failures) {
console.error(` - ${artifact.groupId}:${artifact.artifactId}: ${error.message}`);
}
process.exit(1);
}

main().catch((err) => {
console.error('Unexpected error:', err);
process.exit(1);
});
Loading
Loading