Integrated: 8353185: Introduce the concept of upgradeable files in context of JEP 493

[Severin Gehwolf]

On Wed, 2 Apr 2025 18:39:57 GMT, Severin Gehwolf <sgehwolf at openjdk.org> wrote:

> For JEP 493-enabled builds there are no JMODs. Certain files come from the installed JDK image when a user creates a custom run-time from it. This is problematic for example for files that often come from a different package (e.g. `cacerts` file for Linux distro builds of OpenJDK packaged as RPMs), or more generally when they get updated out-of-band of the JDK build itself like the tzupdater tool.
> 
> When that happens the hash sum recorded at JDK build time of those files no longer match, causing `jlink` to fail. I propose to allow for those files to get "upgraded" should this happen. The way this works is as follows:
> 
> 1. The list of upgradeable files is configured by a resource file in `jdk.jlink` on a per module basis. Right now, only two files from the `java.base` module will be allowed to be upgraded with a link from the current run-time image.
> 2. For those files the hash sum checks are skipped.
> 
> **Testing**
> 
> - [x] GHA
> - [x] `jdk/tools/jlink` jtreg tests (also on [GHA](https://github.com/jerboaa/jdk/actions/runs/14376644254))
> - [x] Some manual tests with updated `tzdb.dat` and `cacerts` files.
> 
> Thoughts?

This pull request has now been integrated.

Changeset: 4e24dc00
Author:    Severin Gehwolf <sgehwolf at openjdk.org>
URL:       https://git.openjdk.org/jdk/commit/4e24dc003c2304041b342371adf430b120a9fec8
Stats:     254 lines in 5 files changed: 250 ins; 0 del; 4 mod

8353185: Introduce the concept of upgradeable files in context of JEP 493

Reviewed-by: clanger, ihse, alanb

-------------

PR: https://git.openjdk.org/jdk/pull/24388