Scan jars found in `drivers` and `jarDirs` - and only allow jdbc and hsm drivers

Description

Currently nodes can add anything to the system classpath using the `drivers` and `jarDirs` folders.

This has subtle unintended consequences because it impacts how transaction verification is run.
(Tx verification is run in a classloader who's parent is the system classloader.)

The proposal is to scan these extra jars.
If anything other then jdbc drivers or hsm drivers (on enterprise) is found, then log a warning and also expose this to the health check tool.
Maybe add a default setting to stop the node in such a case, and nodes can opt-in if they need for some reason to add something.

To make it even more tight we could only allow the jdbc driver and hsm driver actually in use by the node.

Assignee

Unassigned

Reporter

Tudor Malene

Labels

None

Sprint

None

Epic Link

None

Priority

Medium

Engineering Teams

None

Fix versions

None

Affects versions

None

Ported to...

None

Story Points / Dev Days

None

Build cut

None

Feature Team

Select team
Configure