When using the Gradle `bootBuildImage` task or Maven
`spring-boot:build-image` goal on a Linux distribution with SELinux
enabled, binding the Docker socket in the builder container might
fail. This commit disables the `label` security policy in the builder
container to prevent this type of failure.
Fixes gh-32000
This commit removes the requirement that `docker.publishRegistry`
configuration must be provided when an image is published by the Gradle
or Maven plugin.
Fixes gh-28844
This commit adds validation of any buildpacks that are specified for
image building to match them against buildpacks that are bundled in
the builder. If an image buildpack's ID, version, and one layer
hash match the same information stored in a label on the builder
image, that buildpack won't be added and the buildpack bundled in
the builder will be used instead. This reduces the chance of adding to
the total count of layers in a builder image unnecessarily.
Fixes gh-31233
This commit adds configuration to the Maven and Gradle plugins to
allow specifying the names of build and launch cache volumes provided
to the CNB builder.
See gh-28292
This commit adds configuration to the Maven and Gradle plugins to
allow specifying multiple tag to be created that refer to the built
image.
See gh-27613
Adding a label to the ephemeral builder image cloned from the base
builder image eliminates contention between builds that are run
concurrently. Without this label, concurrent builds could result in
a race condition in the Docker daemon if the ephemeral builder image
shared by builds was deleted by both builds at exactly the same time.
Fixes gh-27888
This commit adds configuration to the Maven and Gradle plugins to
allow specifying the network mode to be provided to the image
building goal and task.
See gh-27486
An upgrade to Apache Commons Compress allows the build plugins to write
the launch script to the fat jar as a proper preamble, making the file
compatible with more jar and zip tooling.
Fixes gh-22336
When a custom buildpack is provided for image building, the contents
of the buildpack directory, tgz file, or image are copied as tar
entries to a new layer in the ephemeral builder image. Prior to this
commit, only file entries from the buildpack source were copied as
builder layer tar entries; intermediate directory entries from the
source were not copied. This results in directories being created in
the builder container using default permissions. This worked on most
Linux-like OSs where the default permissions allow others-read
access. On some OSs like Arch Linux where the default directory
permissions do not allow others-read, this prevented the lifecycle
processes from reading the buildpack files.
This commit explicitly creates all intermediate directory tar entries
in the builder image layer to ensure that the buildpack directories
and files can be read by the lifecycle processes.
Fixes gh-26658
Update `ImageName` and `ImageReference` to use distinct regex patterns
to parse specific parts of the value. Prior to this commit a single
regex pattern was used which could hang given certain input strings.
Fixes gh-23115
This commit copies the file mode along with other attributes when
copying files from the source archive to the build container while
building an image using the Gradle plugin. This preserves file
permissions on any resources included in the source archive.
Fixes gh-25915
dreis2211
Phillip Webb
Scott Frederick
Marc Wrobel
Andy Wilkinson
Moritz Halbritter
Stephane Nicoll
Yanming Zhou
Julian Liebig
Rafael Ceccone
izeye
Jeroen Meijer
weixsun