[NSE-687]Try to upgrade log4j

[PHILO-HE]

No description provided.

[github-actions]

Thanks for opening a pull request!

Could you open an issue for this pull request on Github Issues?

https://github.com/oap-project/native-sql-engine/issues

Then could you also rename commit message and pull request title in the following format?

[NSE-${ISSUES_ID}] ${detailed message}

See also:

• Other pull requests

[zhouyuan]

@weiting-chen

[weiting-chen]

@PHILO-HE
I did this before, the compile can pass with -DskipTests
But it cannot pass lots of Spark's unit tests which use some log4j 1.2 classes.
Check the detailed testing resulting in GitHub action.

[weiting-chen]

Let's address this issue to Gazelle v1.4 release.
Btw, please make sure to use log4j 2.17.1.
log4j 2.17.0 still has the security mitigation issue.

[PHILO-HE]

Hi @weiting-chen, thanks for your reminding.
This drafted patch looks workable. I will refine it and bump to 2.17.1 according to your suggestion.

[weiting-chen]

-Phadoop-2.7.4 is required since the default Hadoop version has been changed to 3.2.0.

[PHILO-HE]

Just reverted the changes. Thanks!

[weiting-chen]

Change version to 2.17.1

[PHILO-HE]

Just changed the version to 2.17.1. Thanks!

[PHILO-HE]

@weiting-chen, please have a validation on Jenkins uint tests. You mentioned there is a change in Jenkins script that needs to be reset for upgrade test.

[weiting-chen]

@weiting-chen, please have a validation on Jenkins uint tests. You mentioned there is a change in Jenkins script that needs to be reset for upgrade test.

Done to update Jenkins script, please help to submit an unit test request in Jenkins to verify if the PR can also work in Jenkins.

[github-actions]

#687

[zhouyuan]

@weiting-chen will merge this first to get jenkins running