Previously, Spring Boot's modules published Gradle Module Metadata
(GMM) the declared a platform dependency on spring-boot-dependencies.
This provided versions for each module's own dependencies but also had
they unwanted side-effect of pulling in spring-boot-dependencies
constraints which would influence the version of other dependencies
declared in the same configuration. This was undesirable as users
should be able to opt in to this level of dependency management, either
by using the dependency management plugin or by using Gradle's built-in
support via a platform dependency on spring-boot-dependencies.
This commit reworks how Spring Boot's build uses
spring-boot-dependencies and spring-boot-parent to provide its own
dependency management. Configurations that aren't seen by consumers are
configured to extend a dependencyManagement configuration that has an
enforced platform dependency on spring-boot-parent. This enforces
spring-boot-parent's version constraints on Spring Boot's build without
making them visible to consumers. To ensure that the versions that
Spring Boot has been built against are visible to consumers, the
Maven publication that produces pom files and GMM for the published
modules is configured to use the resolved versions from the module's
runtime classpath.
Fixes gh-21911
This commit adds a runImage property to the Maven plugin build-image
goal and the Gradle bootBuildImage task. The property allows the user
to override the run image reference provided in the builder metadata
with an alternate run image. The runImage property can be specified
in the build file or on the command line.
Fixes gh-21534
This commit changes the NamedPipeSocket used for communication with
a local Docker daemon to use a non-blocking AsynchronousByteChannel
instead of a blocking RandomAccessFile, modeled after a similar
change to the docker-java project. This eliminates the potential for
a blocking call to hang indefinitely.
Fixes gh-21672
Update `LaunchedURLClassLoader` so that packages defined from exploded
archive folders have manifest attributes applied to them. Prior to this
calling `package.getImplementationTitle()` would only return the a
manifiest attribute when running non-exploded.
The root cause of this issue is the way that `URLClassLoader` handles
the different URL types. For URLs that reference a jar the manifest is
available. For URLs that reference a folder it isn't. When running
exploded we use a URL that references to the `BOOT-INF/classes` folder
directly. To fix the issue we now attempt to detect when `definePackage`
is being called directly, and replace `null` entries with actual
manifest values.
Fixes gh-21705
This commit improves the error messages returned by the Spring Boot
build plugins when a 5xx status code is returned from the Docker
API while attempting to build an image. If the error response has
contents containing a JSON structure with a "message" key, the value
associated with that key will be included in the exception message
and in the build plugin output error.
Fixes gh-21515
Previously, if the Spring Boot build plugins got a connection error
when attempting to communicate with a Docker daemon (for example,
when the daemon isn't running), the error message made it appear that
the daemon returned an HTTP error code. This commit makes a connection
error distinct from an HTTP error response code to make it easier for
the user to diagnose the root cause of the problem.
Fixes gh-21554
Previously, the productionRuntimeClasspath configuration was created
without any attributes. This caused problems with multi-project
dependency resolution as there was insufficient information for Gradle
to determine which variant of a dependency should be used by the
productionRuntimeClasspath configuration.
This commit updates the configuration to have three attributes, each
configured with the same values as those of Gradle's own
runtimeClasspathConfiguration.
Fixes gh-21549
Prior to this commit, a default tag of 'latest' was used when no tag
was included in the builder image name used when building an image in
the Maven and Gradle plugins, but the tag for the run image was left
empty if it was not provided. This resulted in errors when pulling
the run image from an image repository. This commit applies the
same tag defaulting logic to the run image name.
Fixes gh-21532
This commit updates the MavenPublishingConventions to use HTTPS to
link to the Apache license. The configuration of NoHTTP has also
been reworked so that it will correctly find usch uses of http://
URLs.
Closes gh-21459
Prior to this commit, the published Maven POMs would not pass the Maven
Central mandatory checks.
This commit adds the missing project name and description metadata for
most artifacts. The Spring Boot Gradle plugin artifact was also missing
this information and this is now added in the plugin metadata itself.
This is also updating the project page URL which is now hosted directly
on spring.io.
Fixes gh-21457
Prior to this commit, if a DOCKER_HOST environment variable was present
when attempting to communicate with a Docker daemon, it was assumed
that the value of that variable was an address that could be used to
create an HTTP connection to a remote daemon. In some cases, the value
of the variable is the path to a local socket file, which would cause
the HTTP connection to fail.
This commit adds additional validation of the value of the DOCKER_HOST
environment variable to determine whether it is a remote address or
a local socket file and create the appropriate connection type.
Fixes gh-21173
Prior to this commit, the build tool plugins set the environment
variable BP_JAVA_VERSION when invoking the CNB builder to set the
version of the JDK/JRE that the builder should use in the created
image.
With CNB API 0.3, the convention changed the name of this environment
variable to BP_JVM_VERSION. This commit updates the build tool
plugins to match the newer convention.
See gh-21273
This commit modifies the buildpack platform invocation logic used by
the build plugins to invoke the single creator lifecycle introduced in
the CNB API 0.3, instead of invoking discrete lifecycle phases
separately. It also removes support for CNB API 0.2.
Fixes gh-21273
The warnings will be addressed by gh-20759. CreateBootStartScripts
must be excluded from the classes that are validated by the
ValidatePlugins task. It is invalid, but only for Gradle 6.4. gh-20759
will cause it to only be used with Gradle 6.3 and earlier.
See gh-21329
Add converter support for `javax.time.Period` including:
String -> Period
Number -> Period
Period -> String
Period to Number conversion is not supported since `Period` has no
ability to deduce the number of calendar days in the period.
See gh-21136
This commit changes the default builder image from
`cloudfoundry/cnb:bionic-platform-api-0.2` to
`gcr.io/paketo-buildpacks/builder:base-platform-api-0.3`. It also
uses a `paketo-buildpacks/builder` image instead of a
`cloudfoundry/cnb` image to test compatibility with lifecycle v2
and uses paketo naming instead of cloudfoundry when mocking builder
interactions.
Some adjustments to lifecycle phases were also made to align more
closely with the pack CLI.
Fixes gh-21066
Previously, only root auto-configuration classes could be excluded
eagerly via an AutoConfigurationImportFilter. Any configuration class
loaded as a result of processing a particular auto-configuration were
parsed and checked as usual.
This commit makes use of the `getExclusionFilter` callback to expand
this filter to all candidates that are considered. The annotation
processor has also be expanded to generate metadata for non-root
configuration classes.
Closes gh-12157
Update `JarFile` so that `super.close()` is called early so that the
file is not left open. Since we re-implement `JarFile` methods to work
directly on the underlying `RandomAccessDataFile`, it should be safe
to close immediately.
Closes gh-21177
Previously, the developmentOnly configuration, typically used for
Devtools, had to be declared manually. The BootJar and BootWar tasks
then had a property, excludeDevtools, that could be used to control
whether or not Devtools would be excluded from the executable archive.
This commit updates the reaction to the Java plugin being applied to
automatically create the developmentOnly configuration. The classpaths
of bootJar and bootWar are then configured not to include the contents
of the developmentOnly configuration. As a result of this, the
excludeDevtools property is no longer needed and has been deprecated.
Its default has also been changed from true to false to make it easy
to opt in to Devtools, when configured as a development-only
dependency, being included in executable jars and wars by adding
developmentOnly to the classpath of the archive task.
Closes gh-16599
Update `JarFile` so that `super.close()` is called early so that the
file is not left open. Since we re-implement `JarFile` methods to work
directly on the underlying `RandomAccessDataFile`, it should be safe
to close immediately.
See gh-21126
This commit removes changes the timestamp used when writing the
classpath and layers index files in the Gradle plugin to be the
current timestamp unless `preserveFileTimestamps=true`. It also
polishes some duplication in the handling of entry attributes
when creating the fat archive and adds a test to verify that
the Gradle plugin uses the same fixed timestamp constant as
Gradle uses internally.
See gh-21005
Prior to this commit, when the Maven plugin copied
spring-boot-loader.jar to a repackaged archive the timestamps of class
files were preserved but the timestamps of directories were not
preserved. This resulted in the directories having a current timestamp.
This commit copies the directory timestamps from spring-boot-loader.jar
to the repackaged archive and adds tests to verify the proper
behavior.
See gh-20927
Update `JarURLConnection` to ensure that when connections are opened
a new copy of the JarFile is provided.
Prior to this commit, a single `JarFile` instance was shared which meant
that it could be accidental closed if accessed via
`JarURLConnection.getJarFile()`. If the underlying jar file is closed
then it's possible for a `NoClassDefFoundError` to be thrown if running
on JDK 11 with an active `SecurityManager`.
Closes gh-17796
This commit harmonizes the change made to @DefaultValue to the
annotation processor. If such annotation is added to a scalar value with
no value at all, no default value is produced.
Closes gh-18917
This commit ensures that file permissions are set on entries that the
Gradle plugin adds to an archive. It also reverts the constant date
and time used for added entries to a previous value to ensure a time
zone offset is not applied.
See gh-20927
This commit adds examples for configuring the default builder to use
an HTTP/HTTPS proxy when building OCI images using the Maven or Gradle
plugin.
Fixes gh-19984
ExecutableArchiveLauncher.createClassLoader(Iterator) calls
createClassLoader(URL) method with 'super'. This means overriding
createClassLoader(URL) is not possible without also overriding
createClassLoader(Iterator). The switch to 'this' enables that.
See gh-20851
This commit moves Maven plugin content from several sections in the
main Spring Boot reference documentation to the plugin-specific
documentation.
Fixes gh-19165
Update the Gralde plugin so that layered jars now use the regular "flat"
format. The layers.idx file now describes which layer each file should
be placed.
See gh-20813
Co-authored-by: Phillip Webb <pwebb@pivotal.io>
Update the Maven plugin so that layered jars now use the regular "flat"
format. The layers.idx file now describes which layer each file should
be placed.
See gh-20813
Co-authored-by: Phillip Webb <pwebb@pivotal.io>
Create a dedicated layer that is used to hold the launcher support
classes. The layer sits between `dependencies` and
`snapshot-dependencies` so that the layer is sensible for both
SNAPSHOT and RELEASE versions of Spring Boot
Closes gh-20529
Simplify layer customization logic for both Maven and Gradle and
refactor some internals of the Gradle plugin.
Both Maven and Gradle now use a simpler customization format that
consists of `application`, `dependencies` and `layer order` sections.
The `application`, `dependencies` configurations support one or more
`into` blocks that are used to select content for a specific layer.
Closes gh-20526
This commit adds support for Cloud Native Buildpacks builder platform
API 0.3, which is the latest platform API available currently. Support
for platform API 0.1 has been removed, adopting the policy of the pack
CLI to support the current platform API version and one version prior.
Fixes gh-20757
CNB builder images are now being tagged in a manner that indicates
the version of the platform API implemented. This allows Spring Boot
to default to a builder tag that guarantees API compatibility while
allowing for updates to bundled buildpacks.
Fixes gh-20171
This commit adds documentation for the configuration required to
use a remote Docker daemon with the `build-image` Maven goal or the
`bootBuildImage` Gradle task.
See gh-20538
Prior to this commit, the build plugin goal/task for building images
required a locally running Docker daemon that was accessed via a
non-networked socket or pipe.
This commit adds support for remote Docker daemons at a location
specified by the environment variable `DOCKER_HOST`. Additional
environment variables `DOCKER_TLS_VERIFY` and `DOCKER_CERT_PATH`
are recognized for configuring a secure TLS connection to the daemon.
Fixes gh-20538
This commit provides a versioned xsd for the layers configuration of the
Maven plugin. The version starts at `2.3` to match with the Spring Boot
feature release in which this was introduced.
Closes gh-20663
This commit adds support for setting the image name and builder
parameters of the Gradle bootBuildImage task using command-line
options as an alternative to DSL configuration.
See gh-20520
This commit enables javadoc generator for the Spring Boot Maven plugin.
This also harmonizes the structure of the documentation, with an `/api`
and a `/reference` root directories for the javadoc and the reference
guide respectively.
Closes gh-20127