This commit corrects the order.toml file that is generated and added
to the builder when building an image using custom buildpacks with the
Maven or Gradle plugin in order to support buildpacks that depend on
detection as a group.
Fixes gh-25378
This commit adds configuration to the Maven and Gradle plugins to
allow a list of volume mount bindings to be provided to the image
building goal and task. This enables service bindings to be mounted
in the builder image that are recognized by buildpacks to support
custom certificates, build tool configuration, APM integration, and
other buildpack features.
Fixes gh-23518
This commit adds configuration to the Maven and Gradle plugins to
allow a list of buildpacks to be provided to the image building
goal and task.
Fixes gh-21722
Previously, when building a layered jar, the Gradle plugin only
considered a configuration's direct dependencies when identifying
project dependencies. This resulted in transitive project dependencies
being missed when deciding which dependencies belong in the
application layer.
This commit updates ResolvedDependencies to consider all projects
from the root project when collecting the IDs of local projects. This
ensures that any project dependency, no matter where it appears in the
dependency graph, is successfully identified.
Fixes gh-25163
Update `build.gradle` files to ensure that `junit-platform-launcher` is
a `testRuntimeOnly` dependency. This ensures that tests can be run from
Eclipse.
Closes gh-25074
Previously, when an authenticated Docker builder registry was
configured in the Maven or Gradle plugin and the builder and run
images specified different registries, the authentication credentials
would be sent to both registries. This could cause confusion if both
registries don't recognize the same credentials. This commit enforces
that both images are in the same registry when authentication
is configured.
Fixes gh-24552
Previously, unlike the application plugin's run task, our bootRun task
ignored the project's Java toolchain. This meant that the application
was run on a JVM with the same Java version as the one being used by
Gradle itself. This could result in a failure if the application
required a more modern JVM.
This commit updates the plugin to configure the bootRun task's
JavaLauncher convention to be one derived from the project's Java
toolchain. Toolchain support was introduced in Gradle 6.7 so this is
only done when using Gradle 6.7 and later.
Fixes gh-24517
Previously, bootRun assumed that the Java version of the JVM that would
run the application would be the same as the Java version of the JVM
that is running the build. This assumption does not hold true when
Gradle's toolchain support is used to configure tasks that fork a new
JVM to use a version other than that being used by Gradle itself.
This commit updates the BootRun task to query the JavaLauncher property
when determining the version of Java on which the application will be
run. Toolchain support and the JavaLauncher property are new in Gradle
6.7. To support earlier versions of Gradle, NoSuchMethodError is caught
we continue as if no JavaLauncher has been configured and use the local
JVM's Java version.
Fixes gh-24512
This commit removes the `layout` and `layoutFactory` parameters
from the `build-image` goal in the Maven plugin while retaining
them for the `repackage` goal. The `build-image` goal currently
only supports jar archives, so allowing other layout types to be
configured for the goal could cause confusion.
Fixes gh-24105
Update jar `Handler` fallback logic to directly support Tomcat
'jar:war:file' URLs. This commit allows contents to be accessed without
the JDK needing to extracted the nested jar to the temporary folder.
Closes gh-24553
Update the jar `Handler` class to support a non-reflective fallback
mechanism when possible. The updated code attempts to capture a regular
jar URL before our handler is installed. It can then use that URL as
context when creating the a fallback URL. The JDK jar `Handler` will
be copied from the context URL to the fallback URL.
Without this commit, resolving new Tomcat URLs of the form
`jar:war:file:...` would result in an ugly "Illegal reflective access"
warning.
Fixes gh-18631
Prior to this commit, running the bootBuildImage Gradle task on a
project configured for war packaging would result in a jar file being
built and used in the image instead of the war file. With this commit
an error will be thrown from the plugin in this case.
Fixes gh-24521
This commit sets the pull policy to `IF_NOT_PRESENT` where possible
in integration tests for the Maven and Gradle plugins to reduce
the number of times the default Paketo builder and run images are
pulled from Docker Hub.
Fixes gh-24113
When a Configuration is copied, any before and after resolve actions
that are registered with its ResolvableDependencies are also copied
over. This means that, when a copied configuration is resolved the
resolution actions may be called on a ResolvableDependencies instances
that isn't the one to which they were added.
Previously, the above-described Gradle behaviour would result in
BootJar accessed the ResolvedConfiguration of a Configuration that may
not have yet been resolved. At best this would trigger Configuration
resolution and at worst it would fail. A failure could occur if the
configuration had been copied so that it could be made resolvable.
The afterResolve action would then try to access the
ResolvedConfiguration of the original Configuration. This would trigger
a resolution attempt that fails due to the original configuration being
marked as unresolvable.
This commit updates the afterResolve action in BootJar to check that
the ResolvableDependencies with which it is called matches the
ResolvableDependencies with which it was original registered. Only
when the two match, and therefore the configuration has actually been
resolved, does processing proceed.
Fixes gh-24072
A test case would fail to accurately capture the contents
of the layers.idx file unless the test project contained
at least one non-project snapshot dependency, which was only
true when the Spring Boot version was a snapshot.
See gh-23463
Update `MetadataCollector` merge logic so that previous items are no
longer added if the current round contains a property of the same name.
Fixes gh-23916
Ensure that metadata sourced from inner-types is not deleted when
performing an incremental compile. Prior to this commit, the source
type was searched using the `Outer$Inner` format. This is not supported
`Elements.getTypeElement` so we now convert the names to `Outer.Inner`.
Closes gh-10886
Docker daemon authorization plugins reject POST or PUT requests that have a
content type `application/json` header but no content length header. This
commit ensures that a content length header is provided in these cases.
This is a cherry-pick of the changes in d5b2836ec9
which were lost in a forward-merge.
Fixes gh-23957
Docker daemon authorization plugins reject POST or PUT requests that have a
content type `application/json` header but no content length header. This
commit ensures that a content length header is provided in these cases.
Fixes gh-22840
This commit removes `<version>` from the Maven Plugin documentation
where it makes sense so that versions aren't hardcoded unnecessarily.
Rather, a plugin or dependency management should be in place so those
are not needed.
Closes gh-23909
Update the `AbstractJarWriter` so that it can directly build the layer
index as entries are written. Prior to this commit, a layer tracking
was handled by a decorator class which was broken because it didn't
override enough methods. Since `AbstractJarWriter` has quite a complex
API, it seems sensible to have it handle the layer index directly,
removing the need for a decorator entirely.
Fixes gh-23801
Previously, when building a layered jar with Maven, dependencies
on modules in the same build were treated the same as any other
dependency, being included in the dependencies or snapshot dependencies
layer based on their version.
This commit updates the default layering when using Maven to include
dependencies on modules in the same build in the application layer by
default. The XML schema has also been updated to allow the layer to be
customized using new <includeModuleDependencies/> and
<excludeModuleDependencies/> elements rather than relying on including
and excluding them via a group:artifact:version pattern.
Closes gh-23463
This commit adds support for platform API 0.4 when invoking a CNB
builder in the Maven and Gradle plugins. If the builder advertises
that it supports platform API 0.4 then that version will be
requested when invoking lifecycle phases. Otherwise the plugins
will fall back to requesting platform API 0.3.
Requesting platform API 0.4 when invoking builder lifecycle phases
has the primary benefit of making it easier to pass command-line
arguments to the default process in the generated image.
Fixes gh-23692
This commit polishes the javadoc for Maven plugin classes now that
the plugin reference docs link to the javadoc. Visibility of some
MOJO parameter class getters and setters were also changed for
consistency.
See gh-21555
This commit modifies the documentation generated for the
Maven plugin to include links to javadoc when Spring
Boot types are mentioned. Some javadoc was also polished
to improve the generated docs.
Fixes gh-21555
Previously, when building a layered jar with Gradle, project
dependencies were treated the same as any other dependency, being
included in the dependencies or snapshot dependencies layer based
on their version.
This commit updates the default layering when using Gradle to include
project dependencies in the application layer by default. The DSL has
also been updated to allow their layer to be customized using new
includeProjectDependencies() and excludeProjectDependencies() methods
rather than relying on including and excluding them via a
group:artifact:version pattern.
Closes gh-23431
The CNB specifications allow builders to support multiple platform
API versions. The supported versions are published in the builder
image metadata as an array of version numbers, while a single
supported version number was published in earlier builder metadata.
These changes read the supported versions from the builder metadata
and fall back to the single version if the array is not present.
A CNB_PLATFORM_API environment variable is set on each lifecycle
phase invocation to request a specific version as recommended in
the CNB platform spec.
Fixes gh-23682
This commit updates the default builder image used by the Maven
and Gradle plugins image-building goal and task to use the latest
Paketo builder image. The builder image is pulled from Docker Hub
instead of Google Container Registry by default.
See gh-23628
This commit qualifies examples of configuring the CNB builder to clarify
that the examples apply to use of the default Paketo builder, and adds links
to the official Paketo docs for more details.
Fixes gh-19967
A docker registry running in testcontainers behaves
differently in CI vs running locally. Disabling the tests for
now while working on getting them running reliably in CI.
See gh-21001
This commit adds options to the Maven and Gradle plugins to publish
to a Docker registry the image generated by the image-building goal
and task.
The Docker registry auth configuration added in an earlier commit
was modified to accept separate auth configs for the builder/run
image and the generated image, since it is likely these images will
be stored in separate registries or repositories with distinct
auth required for each.
Fixes gh-21001
We generate metadata for `@Endpoint` annotated types so the annotation
processor need to indicate that it supports the endpoint annotation.
See gh-23580
Previously, the configuration property annotation processor declared
that it supported all annotation types. This hurt performance and
prevented incremental builds with Gradle when compiling source code
containing source-retention annotations.
This commit updates its supported annotation types to be only
`@ConfigurationProperties` and `@Configuration`. The latter is declared
to allow binding third-party classes returned from a `@Bean` method.
Fixes gh-23580
Rather than using the extension directly, introduced a dedicated
annotation will enable customization of the compatibility tests that
are run via attributes on the annotation. For example, it will allow
certain test classes to run their tests with Gradle's configuration
cache enabled while others disable it.
Closes gh-23532
Previously the artifact's version was used. In an artifact's version,
SNAPSHOT is replaced with the timestamped version number of a specific
snapshot. As a result, it no longer matches the *:*:*SNAPSHOT pattern.
This commit replaces switches to using the artifact's base version.
This preserves the SNAPSHOT in the version number. For non-snapshot
artifacts, the version and base version are identical.
Fixes gh-23533
Previously, BootJar would resolves all of a project's configurations
when building a layered jar. This was unnecessarily broad as it was
likely to include configurations that had contributed nothing to the
jar's classpath.
This commit replaces the configuration resolution with an afterResolve
action that populates the ResolvedDependencies in response to a
configuration being resolved. This allows the resolved dependencies to
be populated from all of the configurations that were resolved as part
of determining the jars classpath and no more.
Closes gh-23528
Prior to this commit, the bootBuildInfo was configured eagerly.
Configuring it lazily prevent this task from being configured when not
explicitly needed. Also, the 'classes' and 'bootJar' tasks are now
lazily configured, as the bootBuildInfo task was causing them to be
configured eagerly.
See gh-23435
This commit adds the ability to configure the Maven and Gradle
plugins to use a remote Docker daemon using build file
configuration, as an alternative to setting environment variables
to specify remote host connection details.
Fixes gh-23400
This commit adds the ability to configure Docker image registry
authentication credentials in the Maven and Gradle plugins. The
authentication credentials are passed to the Docker daemon with
all daemon API calls, and the daemon forwards the credentials to the
image registry when necessary. This makes it possible to use
builder and run images stored in a private Docker registry.
See gh-22972
Rename `@ConfigurationPropertiesImport` to
`@ImportAsConfigurationPropertiesBean` and also refine the registrar
so that it can be used with type directly annotated with
`@ConfigurationProperties`.
Closes gh-23172
Update `JarFileEntries` so that the interface is obtained rather than
the concrete implementation. This allows `JarEntry` values to be used
without causing a ClassCastException.
Closes gh-19041
Update the performance improvements to push certificate loading
and storage into the `JarFileEntries` class. This allows us to
keep certificates without needing to cache all entry data. We
now also keep certificates and code signers in a dedicated class
which is set whenever the full jar stream as been read, even if
the contained values are `null`. The logic that assumes META-INF
entries are not signed has been removed in favor of delegating to
the streamed entry results.
See gh-19041
Update Spring Boot nested JarFile support to improve the performance of
signed jars. Prior to this commit, `certificates` and `codeSigners`
were read by streaming the entire jar whenever the existing values
were `null`. Unfortunately, the contract for `getCertificates` and
get `getCodeSigners` states that `null` is a valid return value. This
meant that full jar streaming would occur whenever either method was
called on an entry that had no result. The problem was further
exacerbated by the fact that entries might not be cached.
See gh-19041
This commit updates the Gradle Plugin to filter dependencies based on
the Spring-Boot-Jar-Type entry in their manifest. Jars with a
Spring-Boot-Jar-Type of dependencies-starter are excluded. Unlike the
Maven plugin, jars with a type of annotation-processor are not
excluded. It is not necessary with Gradle as use of the
annotationProcessor configuration for such dependencies already ensures
that they are not included.
See gh-22036
This commit updates the Maven Plugin to filter dependencies based on
the Spring-Boot-Jar-Type entry in their manifest. Jars with a
Spring-Boot-Jar-Type of dependencies-starter or annotation-processor
are excluded.
See gh-22036
Previously, PropertiesLauncher would close each archive that it
iterated over when creating its ClassLoader. This was not aligned
with JarLauncher's behaviour and left the ClassLoader with closed
archives. The close was introduced in [1] and became more apparent
following the change to fail operations on closed archives [2].
This commit updates Launcher to remove the close() that was added in
[1]. This aligns the behavior of PropertiesLauncher with JarLauncher
and ensures that the ClassLoader does not have entries backed by
closed archives on its classpath.
Fixes gh-23165
[1] ad72f86bdb
[2] ed7a5db174
Add repeatable `@ImportConfigurationPropertiesBean` annotation that can
be used to import types and treat them as `@ConfigurationProperties`
beans. This annotation is specifically designed to support third-party
classes that can't contain any Spring annotations.
Closes gh-23172
In some cases, a call to the Docker image load API will fail but
return a 200 OK response status code and an empty response. This
commit detects that the response from this call is empty and
treats this condition as an error instead of a silent failure.
Fixes gh-23130
This commit changes the path used to invoke lifecycle binaries in
CNB builders from `/lifecycle` to `/cnb/lifecycle` to conform to
the CNB spec. This will ensure the build plugin image-building
goals and tasks are compatible with future versions of builders
that may not support both paths.
See gh-23009
Update `BuildImageMojo` so that commons HTTP wire logging is configured
to ERROR. Without this update, running `mvn -X` will produce a great
deal of logging since by default HTTP Client logs all bytes transfered
at DEBUG and Maven will enable DEBUG for all logs.
Closes gh-22674
Update `Repackager` to ensure that `getLayout` is called before we
backup the source file. This restores earlier behavior that some
custom `ModuleFactory` implementations were relying on.
Closes gh-22995