Add @SuppressWarnings("removal") to not fail the build with -Werror f…

…or some JDKs (opensearch-project#11923) (opensearch-project#11930)

(cherry picked from commit 411b279)

Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

client/sniffer/src/main/java/org/opensearch/client/sniff/Sniffer.java

@@ -305,6 +305,7 @@ public void shutdown() {
         }
     }
 
+    @SuppressWarnings("removal")
     static class SnifferThreadFactory implements ThreadFactory {
         private final AtomicInteger threadNumber = new AtomicInteger(1);
         private final String namePrefix;

libs/common/src/test/java/org/opensearch/common/annotation/processor/CompilerSupport.java

@@ -43,6 +43,7 @@ default CompilerResult compile(String name, String... names) {
         return compileWithPackage(ApiAnnotationProcessorTests.class.getPackageName(), name, names);
     }
 
+    @SuppressWarnings("removal")
     default CompilerResult compileWithPackage(String pck, String name, String... names) {
         final JavaCompiler compiler = ToolProvider.getSystemJavaCompiler();
         final DiagnosticCollector<JavaFileObject> collector = new DiagnosticCollector<>();

libs/nio/src/main/java/org/opensearch/nio/ServerChannelContext.java

@@ -129,6 +129,7 @@ private void configureSocket(ServerSocket socket) throws IOException {
         socket.setReuseAddress(config.tcpReuseAddress());
     }
 
+    @SuppressWarnings("removal")
     protected static SocketChannel accept(ServerSocketChannel serverSocketChannel) throws IOException {
         try {
             assert serverSocketChannel.isBlocking() == false;

libs/nio/src/main/java/org/opensearch/nio/SocketChannelContext.java

@@ -388,6 +388,7 @@ private void configureSocket(Socket socket, boolean isConnectComplete) throws IO
         }
     }
 
+    @SuppressWarnings("removal")
     private static void connect(SocketChannel socketChannel, InetSocketAddress remoteAddress) throws IOException {
         try {
             AccessController.doPrivileged((PrivilegedExceptionAction<Boolean>) () -> socketChannel.connect(remoteAddress));

libs/plugin-classloader/src/main/java/org/opensearch/plugins/ExtendedPluginsClassLoader.java

@@ -65,6 +65,7 @@ protected Class<?> findClass(String name) throws ClassNotFoundException {
     /**
      * Return a new classloader across the parent and extended loaders.
      */
+    @SuppressWarnings("removal")
     public static ExtendedPluginsClassLoader create(ClassLoader parent, List<ClassLoader> extendedLoaders) {
         return AccessController.doPrivileged(
             (PrivilegedAction<ExtendedPluginsClassLoader>) () -> new ExtendedPluginsClassLoader(parent, extendedLoaders)

libs/secure-sm/src/main/java/org/opensearch/secure_sm/SecureSM.java

@@ -76,6 +76,7 @@
  * @see <a href="http://cs.oswego.edu/pipermail/concurrency-interest/2009-August/006508.html">
  *         http://cs.oswego.edu/pipermail/concurrency-interest/2009-August/006508.html</a>
  */
+@SuppressWarnings("removal")
 public class SecureSM extends SecurityManager {
 
     private final String[] classesThatCanExit;

libs/secure-sm/src/main/java/org/opensearch/secure_sm/SecuredForkJoinWorkerThreadFactory.java

@@ -18,6 +18,7 @@
 import java.util.concurrent.ForkJoinPool.ForkJoinWorkerThreadFactory;
 import java.util.concurrent.ForkJoinWorkerThread;
 
+@SuppressWarnings("removal")
 public class SecuredForkJoinWorkerThreadFactory implements ForkJoinWorkerThreadFactory {
     static AccessControlContext contextWithPermissions(Permission... perms) {
         Permissions permissions = new Permissions();

libs/secure-sm/src/test/java/org/opensearch/secure_sm/SecureSMTests.java

@@ -41,6 +41,7 @@
 import junit.framework.TestCase;
 
 /** Simple tests for SecureSM */
+@SuppressWarnings("removal")
 public class SecureSMTests extends TestCase {
     static {
         // install a mock security policy:

modules/ingest-geoip/src/main/java/org/opensearch/ingest/geoip/GeoIpProcessor.java

@@ -218,6 +218,7 @@ Set<Property> getProperties() {
         return properties;
     }
 
+    @SuppressWarnings("removal")
     private Map<String, Object> retrieveCityGeoData(InetAddress ipAddress) {
         SpecialPermission.check();
         CityResponse response = AccessController.doPrivileged(
@@ -305,6 +306,7 @@ private Map<String, Object> retrieveCityGeoData(InetAddress ipAddress) {
         return geoData;
     }
 
+    @SuppressWarnings("removal")
     private Map<String, Object> retrieveCountryGeoData(InetAddress ipAddress) {
         SpecialPermission.check();
         CountryResponse response = AccessController.doPrivileged(
@@ -351,6 +353,7 @@ private Map<String, Object> retrieveCountryGeoData(InetAddress ipAddress) {
         return geoData;
     }
 
+    @SuppressWarnings("removal")
     private Map<String, Object> retrieveAsnGeoData(InetAddress ipAddress) {
         SpecialPermission.check();
         AsnResponse response = AccessController.doPrivileged(

modules/lang-expression/src/main/java/org/opensearch/script/expression/ExpressionScriptEngine.java

@@ -170,6 +170,7 @@ public String getType() {
         return NAME;
     }
 
+    @SuppressWarnings("removal")
     @Override
     public <T> T compile(String scriptName, String scriptSource, ScriptContext<T> context, Map<String, String> params) {
         // classloader created here

modules/lang-mustache/src/main/java/org/opensearch/script/mustache/MustacheScriptEngine.java

@@ -128,6 +128,7 @@ private class MustacheExecutableScript extends TemplateScript {
             this.params = params;
         }
 
+        @SuppressWarnings("removal")
         @Override
         public String execute() {
             final StringWriter writer = new StringWriter();

modules/lang-painless/spi/src/main/java/org/opensearch/painless/spi/WhitelistLoader.java

@@ -513,6 +513,7 @@ public static Whitelist loadFromResourceFiles(Class<?> resource, Map<String, Whi
             }
         }
 
+        @SuppressWarnings("removal")
         ClassLoader loader = AccessController.doPrivileged((PrivilegedAction<ClassLoader>) resource::getClassLoader);
 
         return new Whitelist(loader, allowlistClasses, allowlistStatics, allowlistClassBindings, Collections.emptyList());

modules/lang-painless/src/main/java/org/opensearch/painless/LambdaBootstrap.java

@@ -501,6 +501,7 @@ private static void endLambdaClass(ClassWriter cw) {
      * Defines the {@link Class} for the lambda class using the same {@link Compiler.Loader}
      * that originally defined the class for the Painless script.
      */
+    @SuppressWarnings("removal")
     private static Class<?> createLambdaClass(Compiler.Loader loader, ClassWriter cw, Type lambdaClassType) {
 
         byte[] classBytes = cw.toByteArray();

modules/lang-painless/src/main/java/org/opensearch/painless/PainlessScriptEngine.java

@@ -67,6 +67,7 @@
 /**
  * Implementation of a ScriptEngine for the Painless language.
  */
+@SuppressWarnings("removal")
 public final class PainlessScriptEngine implements ScriptEngine {
 
     /**

modules/lang-painless/src/main/java/org/opensearch/painless/lookup/PainlessLookupBuilder.java

@@ -2189,6 +2189,7 @@ private void generateBridgeMethod(PainlessClassBuilder painlessClassBuilder, Pai
             bridgeClassWriter.visitEnd();
 
             try {
+                @SuppressWarnings("removal")
                 BridgeLoader bridgeLoader = AccessController.doPrivileged(new PrivilegedAction<BridgeLoader>() {
                     @Override
                     public BridgeLoader run() {

modules/lang-painless/src/test/java/org/opensearch/painless/DocFieldsPhaseTests.java

@@ -48,6 +48,7 @@
 public class DocFieldsPhaseTests extends ScriptTestCase {
     PainlessLookup lookup = PainlessLookupBuilder.buildFromWhitelists(Whitelist.BASE_WHITELISTS);
 
+    @SuppressWarnings("removal")
     ScriptScope compile(String script) {
         Compiler compiler = new Compiler(
             MockDocTestScript.CONTEXT.instanceClazz,

modules/repository-url/src/main/java/org/opensearch/common/blobstore/url/URLBlobContainer.java

@@ -157,6 +157,7 @@ public void writeBlobAtomic(String blobName, InputStream inputStream, long blobS
         throw new UnsupportedOperationException("URL repository doesn't support this operation");
     }
 
+    @SuppressWarnings("removal")
     @SuppressForbidden(reason = "We call connect in doPrivileged and provide SocketPermission")
     private static InputStream getInputStream(URL url) throws IOException {
         try {

modules/systemd/src/main/java/org/opensearch/systemd/Libsystemd.java

@@ -40,6 +40,7 @@
 /**
  * Provides access to the native method sd_notify from libsystemd.
  */
+@SuppressWarnings("removal")
 class Libsystemd {
 
     static {

plugins/crypto-kms/src/main/java/org/opensearch/crypto/kms/SocketAccess.java

@@ -19,6 +19,7 @@
  * {@link SocketPermission} 'connect' to establish connections. This class wraps the operations requiring access in
  * {@link AccessController#doPrivileged(PrivilegedAction)} blocks.
  */
+@SuppressWarnings("removal")
 public final class SocketAccess {
 
     private SocketAccess() {}

plugins/discovery-ec2/src/main/java/org/opensearch/discovery/ec2/SocketAccess.java

@@ -46,6 +46,7 @@
  * {@link SocketPermission} 'connect' to establish connections. This class wraps the operations requiring access in
  * {@link AccessController#doPrivileged(PrivilegedAction)} blocks.
  */
+@SuppressWarnings("removal")
 final class SocketAccess {
 
     private SocketAccess() {}

plugins/repository-azure/src/main/java/org/opensearch/repositories/azure/SocketAccess.java

@@ -49,6 +49,7 @@
  * {@link SocketPermission} 'connect' to establish connections. This class wraps the operations requiring access in
  * {@link AccessController#doPrivileged(PrivilegedAction)} blocks.
  */
+@SuppressWarnings("removal")
 public final class SocketAccess {
 
     private SocketAccess() {}

plugins/repository-gcs/src/main/java/org/opensearch/repositories/gcs/SocketAccess.java

@@ -48,6 +48,7 @@
  * needs {@link SocketPermission} 'connect' to establish connections. This class wraps the operations requiring access
  * in {@link AccessController#doPrivileged(PrivilegedAction)} blocks.
  */
+@SuppressWarnings("removal")
 final class SocketAccess {
 
     private SocketAccess() {}

plugins/repository-s3/src/main/java/org/opensearch/repositories/s3/SocketAccess.java

@@ -46,6 +46,7 @@
  * {@link SocketPermission} 'connect' to establish connections. This class wraps the operations requiring access in
  * {@link AccessController#doPrivileged(PrivilegedAction)} blocks.
  */
+@SuppressWarnings("removal")
 public final class SocketAccess {
 
     private SocketAccess() {}

server/src/internalClusterTest/java/org/opensearch/action/admin/ReloadSecureSettingsIT.java

@@ -449,6 +449,7 @@ public void onFailure(Exception e) {
         }
     }
 
+    @SuppressWarnings("removal")
     private SecureSettings writeEmptyKeystore(Environment environment, char[] password) throws Exception {
         final KeyStoreWrapper keyStoreWrapper = KeyStoreWrapper.create();
         try {

server/src/main/java/org/opensearch/SpecialPermission.java

@@ -98,6 +98,7 @@ public SpecialPermission(String name, String actions) {
     /**
      * Check that the current stack has {@link SpecialPermission} access according to the {@link SecurityManager}.
      */
+    @SuppressWarnings("removal")
     public static void check() {
         SecurityManager sm = System.getSecurityManager();
         if (sm != null) {

server/src/main/java/org/opensearch/bootstrap/BootstrapChecks.java

@@ -718,6 +718,7 @@ public final BootstrapCheckResult check(BootstrapContext context) {
             return BootstrapCheckResult.success();
         }
 
+        @SuppressWarnings("removal")
         boolean isAllPermissionGranted() {
             final SecurityManager sm = System.getSecurityManager();
             assert sm != null;

server/src/main/java/org/opensearch/bootstrap/BootstrapInfo.java

@@ -128,6 +128,7 @@ public Object remove(Object key) {
     /**
      * Returns a read-only view of all system properties
      */
+    @SuppressWarnings("removal")
     public static Dictionary<Object, Object> getSystemProperties() {
         SecurityManager sm = System.getSecurityManager();
         if (sm != null) {

server/src/main/java/org/opensearch/bootstrap/OpenSearch.java

@@ -83,6 +83,7 @@ class OpenSearch extends EnvironmentAwareCommand {
     /**
      * Main entry point for starting opensearch
      */
+    @SuppressWarnings("removal")
     public static void main(final String[] args) throws Exception {
         overrideDnsCachePolicyProperties();
         /*

server/src/main/java/org/opensearch/bootstrap/OpenSearchPolicy.java

@@ -53,6 +53,7 @@
  *
  * @opensearch.internal
  **/
+@SuppressWarnings("removal")
 final class OpenSearchPolicy extends Policy {
 
     /** template policy file, the one used in tests */

server/src/main/java/org/opensearch/bootstrap/OpenSearchUncaughtExceptionHandler.java

@@ -98,6 +98,7 @@ void onNonFatalUncaught(final String threadName, final Throwable t) {
         Terminal.DEFAULT.flush();
     }
 
+    @SuppressWarnings("removal")
     void halt(int status) {
         AccessController.doPrivileged(new PrivilegedHaltAction(status));
     }

server/src/main/java/org/opensearch/bootstrap/Security.java

@@ -119,6 +119,7 @@
  *
  * @opensearch.internal
  */
+@SuppressWarnings("removal")
 final class Security {
     /** no instantiation */
     private Security() {}

server/src/main/java/org/opensearch/common/util/concurrent/OpenSearchExecutors.java

@@ -395,6 +395,7 @@ static class OpenSearchThreadFactory implements ThreadFactory {
         final AtomicInteger threadNumber = new AtomicInteger(1);
         final String namePrefix;
 
+        @SuppressWarnings("removal")
         OpenSearchThreadFactory(String namePrefix) {
             this.namePrefix = namePrefix;
             SecurityManager s = System.getSecurityManager();

server/src/main/java/org/opensearch/index/store/remote/utils/TransferManager.java

@@ -75,6 +75,7 @@ public IndexInput fetchBlob(BlobFetchRequest blobFetchRequest) throws IOExceptio
         }
     }
 
+    @SuppressWarnings("removal")
     private static FileCachedIndexInput createIndexInput(FileCache fileCache, BlobContainer blobContainer, BlobFetchRequest request) {
         // We need to do a privileged action here in order to fetch from remote
         // and write to the local file cache in case this is invoked as a side

server/src/main/java/org/opensearch/monitor/jvm/JvmInfo.java

@@ -217,6 +217,7 @@ private static boolean usingBundledJdkOrJre() {
         }
     }
 
+    @SuppressWarnings("removal")
     public static JvmInfo jvmInfo() {
         SecurityManager sm = System.getSecurityManager();
         if (sm != null) {

server/src/main/java/org/opensearch/plugins/PluginSecurity.java

@@ -135,6 +135,7 @@ static String formatPermission(Permission permission) {
     /**
      * Parses plugin policy into a set of permissions. Each permission is formatted for output to users.
      */
+    @SuppressWarnings("removal")
     public static Set<String> parsePermissions(Path file, Path tmpDir) throws IOException {
         // create a zero byte file for "comparison"
         // this is necessary because the default policy impl automatically grants two permissions:

server/src/main/java/org/opensearch/plugins/PluginsService.java

@@ -682,6 +682,7 @@ static void checkBundleJarHell(Set<URL> classpath, Bundle bundle, Map<String, Se
         }
     }
 
+    @SuppressWarnings("removal")
     private Plugin loadBundle(Bundle bundle, Map<String, Plugin> loaded) {
         String name = bundle.plugin.getName();
 

server/src/main/java/org/opensearch/search/lookup/LeafDocLookup.java

@@ -78,6 +78,7 @@ public void setDocument(int docId) {
         this.docId = docId;
     }
 
+    @SuppressWarnings("removal")
     @Override
     public ScriptDocValues<?> get(Object key) {
         // assume its a string...

server/src/test/java/org/opensearch/bootstrap/OpenSearchPolicyTests.java

@@ -49,6 +49,7 @@ public class OpenSearchPolicyTests extends OpenSearchTestCase {
     /**
      * test restricting privileges to no permissions actually works
      */
+    @SuppressWarnings("removal")
     public void testRestrictPrivileges() {
         assumeTrue("test requires security manager", System.getSecurityManager() != null);
         try {

server/src/test/java/org/opensearch/bootstrap/SecurityTests.java

@@ -72,6 +72,7 @@ public void testEnsureRegularFile() throws IOException {
     }
 
     /** can't execute processes */
+    @SuppressWarnings("removal")
     public void testProcessExecution() throws Exception {
         assumeTrue("test requires security manager", System.getSecurityManager() != null);
         try {

server/src/test/java/org/opensearch/index/shard/StoreRecoveryTests.java

@@ -270,6 +270,7 @@ public void testStatsDirWrapper() throws IOException {
         IOUtils.close(dir, target);
     }
 
+    @SuppressWarnings("removal")
     public boolean hardLinksSupported(Path path) throws IOException {
         try {
             Files.createFile(path.resolve("foo.bar"));

test/framework/src/main/java/org/opensearch/bootstrap/BootstrapForTesting.java

@@ -84,6 +84,7 @@
  * The idea is to mimic as much as possible what happens with ES in production
  * mode (e.g. assign permissions and install security manager the same way)
  */
+@SuppressWarnings("removal")
 public class BootstrapForTesting {
 
     // TODO: can we share more code with the non-test side here

test/framework/src/main/java/org/opensearch/mockito/plugin/PriviledgedMockMaker.java

@@ -31,6 +31,7 @@
  * Mockito plugin which wraps the Mockito calls into priviledged execution blocks and respects
  * SecurityManager presence.
  */
+@SuppressWarnings("removal")
 @SuppressForbidden(reason = "allow URL#getFile() to be used in tests")
 public class PriviledgedMockMaker implements MockMaker {
     private static AccessControlContext context;

test/framework/src/main/java/org/opensearch/test/FeatureFlagSetter.java

@@ -46,13 +46,15 @@ public static synchronized void clear() {
     private static final Logger LOGGER = LogManager.getLogger(FeatureFlagSetter.class);
     private final Set<String> flags = ConcurrentCollections.newConcurrentSet();
 
+    @SuppressWarnings("removal")
     @SuppressForbidden(reason = "Enables setting of feature flags")
     private void setFlag(String flag) {
         flags.add(flag);
         AccessController.doPrivileged((PrivilegedAction<String>) () -> System.setProperty(flag, "true"));
         LOGGER.info("set feature_flag={}", flag);
     }
 
+    @SuppressWarnings("removal")
     @SuppressForbidden(reason = "Clears the set feature flags")
     private void clearAll() {
         for (String flag : flags) {

test/framework/src/main/java/org/opensearch/test/disruption/LongGCDisruption.java

@@ -252,7 +252,7 @@ public TimeValue expectedTimeToHeal() {
      * returns true if some live threads were found. The caller is expected to call this method
      * until no more "live" are found.
      */
-    @SuppressWarnings("deprecation") // suspends/resumes threads intentionally
+    @SuppressWarnings({ "deprecation", "removal" }) // suspends/resumes threads intentionally
     @SuppressForbidden(reason = "suspends/resumes threads intentionally")
     protected boolean suspendThreads(Set<Thread> nodeThreads) {
         Thread[] allThreads = null;
@@ -360,7 +360,7 @@ protected void onBlockDetected(ThreadInfo blockedThread, @Nullable ThreadInfo bl
         );
     }
 
-    @SuppressWarnings("deprecation") // suspends/resumes threads intentionally
+    @SuppressWarnings({ "deprecation", "removal" }) // suspends/resumes threads intentionally
     @SuppressForbidden(reason = "suspends/resumes threads intentionally")
     protected void resumeThreads(Set<Thread> threads) {
         for (Thread thread : threads) {