I play with GraalVM, running Python from Java
import org.graalvm.polyglot.*;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
public class HelloPolyglot {
public static void main(String[] args) {
System.out.println("Hello Java!");
try (Context context = Context.create()) {
context.eval("python", "print('Hello Python!')");
context.eval("python", "import sys; print(sys.version)");
String pyFilename = "./health.py";
// Java 11 API
try {
String s = Files.readString(Path.of(pyFilename));
context.eval("python", s);
} catch ( IOException e){
log("IOException "+e);
}
}
}
public static void log(String s){
System.out.println(s);
}
}
And I get this long output
But mainly these 3 lines
Operation is not allowed for:
Exception in thread "main" org.graalvm.polyglot.PolyglotException: java.lang.SecurityException: Operation is not allowed for:
at org.graalvm.truffle/com.oracle.truffle.polyglot.FileSystems.forbidden(FileSystems.java:1345)
Yes, it is clear that running Python script from file is "forbidden", but what to do about that?
/Library/Java/JavaVirtualMachines/graalvm-ce-java11-21.1.0/Contents/Home/bin/java -javaagent:/Applications/IntelliJ IDEA CE.app/Contents/lib/idea_rt.jar=54943:/Applications/IntelliJ IDEA CE.app/Contents/bin -Dfile.encoding=UTF-8 -classpath /Users/paul.verest/Workspaces/Java/GraalVMProject2/target/classes HelloPolyglot
Hello Java!
Hello Python!
3.8.5 (Fri Jun 25 17:55:09 CST 2021)
[Graal, GraalVM CE, Java 11.0.11]
Traceback (most recent call last):
"Unnamed", line 4, in <module 'Unnamed'>
"/importlib/_bootstrap.py", line 1109, in __import__
"/importlib/_bootstrap.py", line 1030, in _gcd_import
"/importlib/_bootstrap.py", line 1007, in _find_and_load
"/importlib/_bootstrap.py", line 971, in _find_and_load_unlocked
"/importlib/_bootstrap.py", line 914, in _find_spec
"/importlib/_bootstrap_external.py", line 1346, in find_spec
"/importlib/_bootstrap_external.py", line 1315, in _get_spec
"/importlib/_bootstrap_external.py", line 1279, in _path_importer_cache
Operation is not allowed for:
Exception in thread "main" org.graalvm.polyglot.PolyglotException: java.lang.SecurityException: Operation is not allowed for:
at org.graalvm.truffle/com.oracle.truffle.polyglot.FileSystems.forbidden(FileSystems.java:1345)
at org.graalvm.truffle/com.oracle.truffle.polyglot.FileSystems.access$1200(FileSystems.java:83)
at org.graalvm.truffle/com.oracle.truffle.polyglot.FileSystems$DeniedIOFileSystem.toAbsolutePath(FileSystems.java:1039)
at org.graalvm.truffle/com.oracle.truffle.api.TruffleFile.toAbsolutePathImpl(TruffleFile.java:2089)
at org.graalvm.truffle/com.oracle.truffle.api.TruffleFile.getAbsoluteFile(TruffleFile.java:519)
at org.graalvm.truffle/com.oracle.truffle.api.TruffleLanguage$Env.getCurrentWorkingDirectory(TruffleLanguage.java:3032)
at com.oracle.graal.python.runtime.EmulatedPosixSupport.getcwd(EmulatedPosixSupport.java:1124)
at com.oracle.graal.python.runtime.EmulatedPosixSupportGen$PosixSupportLibraryExports$Cached.getcwd(EmulatedPosixSupportGen.java:776)
at com.oracle.graal.python.builtins.modules.PosixModuleBuiltins$GetcwdNode.getcwd(PosixModuleBuiltins.java:1177)
at com.oracle.graal.python.builtins.modules.PosixModuleBuiltinsFactory$GetcwdNodeFactory$GetcwdNodeGen.executeAndSpecialize(PosixModuleBuiltinsFactory.java:3885)
at com.oracle.graal.python.builtins.modules.PosixModuleBuiltinsFactory$GetcwdNodeFactory$GetcwdNodeGen.execute(PosixModuleBuiltinsFactory.java:3871)
at com.oracle.graal.python.nodes.function.builtins.BuiltinCallNode$BuiltinAnyCallNode.execute(BuiltinCallNode.java:64)
at com.oracle.graal.python.nodes.function.BuiltinFunctionRootNode.execute(BuiltinFunctionRootNode.java:302)
at <python> <module 'Unnamed'>(Unnamed:4:111-118)
at org.graalvm.sdk/org.graalvm.polyglot.Context.eval(Context.java:379)
at HelloPolyglot.main(HelloPolyglot.java:21)
Original Internal Error:
java.lang.SecurityException: Operation is not allowed for:
at org.graalvm.truffle/com.oracle.truffle.polyglot.FileSystems.forbidden(FileSystems.java:1345)
at org.graalvm.truffle/com.oracle.truffle.polyglot.FileSystems.access$1200(FileSystems.java:83)
at org.graalvm.truffle/com.oracle.truffle.polyglot.FileSystems$DeniedIOFileSystem.toAbsolutePath(FileSystems.java:1039)
.........
at com.oracle.graal.python.nodes.control.TopLevelExceptionHandler.run(TopLevelExceptionHandler.java:249)
at com.oracle.graal.python.nodes.control.TopLevelExceptionHandler.execute(TopLevelExceptionHandler.java:133)
at jdk.internal.vm.compiler/org.graalvm.compiler.truffle.runtime.OptimizedCallTarget.executeRootNode(OptimizedCallTarget.java:613)
at jdk.internal.vm.compiler/org.graalvm.compiler.truffle.runtime.OptimizedCallTarget.profiledPERoot(OptimizedCallTarget.java:584)
at jdk.internal.vm.compiler/org.graalvm.compiler.truffle.runtime.OptimizedCallTarget.callBoundary(OptimizedCallTarget.java:534)
at jdk.internal.vm.compiler/org.graalvm.compiler.truffle.runtime.OptimizedCallTarget.doInvoke(OptimizedCallTarget.java:518)
at jdk.internal.vm.compiler/org.graalvm.compiler.truffle.runtime.OptimizedCallTarget.callIndirect(OptimizedCallTarget.java:463)
at jdk.internal.vm.compiler/org.graalvm.compiler.truffle.runtime.OptimizedCallTarget.call(OptimizedCallTarget.java:444)
at org.graalvm.truffle/com.oracle.truffle.polyglot.PolyglotContextImpl.eval(PolyglotContextImpl.java:1050)
at org.graalvm.sdk/org.graalvm.polyglot.Context.eval(Context.java:353)
at org.graalvm.sdk/org.graalvm.polyglot.Context.eval(Context.java:379)
at HelloPolyglot.main(HelloPolyglot.java:21)
Caused by: Attached Guest Language Frames (11)
Process finished with exit code 1
You need to give the context the permission for IO. For experimenting, you can just give it all permissions like so:
Context.newBuilder().allowAllAccess(true).build()
In production, you may want to restrict the permissions.
This may be useful resource for further experiments: https://medium.com/graalvm/supercharge-your-java-apps-with-python-ec5d30634d18