Update the `AbstractJarWriter` so that it can directly build the layer
index as entries are written. Prior to this commit, a layer tracking
was handled by a decorator class which was broken because it didn't
override enough methods. Since `AbstractJarWriter` has quite a complex
API, it seems sensible to have it handle the layer index directly,
removing the need for a decorator entirely.
Fixes gh-23801
Previously, when building a layered jar with Maven, dependencies
on modules in the same build were treated the same as any other
dependency, being included in the dependencies or snapshot dependencies
layer based on their version.
This commit updates the default layering when using Maven to include
dependencies on modules in the same build in the application layer by
default. The XML schema has also been updated to allow the layer to be
customized using new <includeModuleDependencies/> and
<excludeModuleDependencies/> elements rather than relying on including
and excluding them via a group:artifact:version pattern.
Closes gh-23463
This commit adds support for platform API 0.4 when invoking a CNB
builder in the Maven and Gradle plugins. If the builder advertises
that it supports platform API 0.4 then that version will be
requested when invoking lifecycle phases. Otherwise the plugins
will fall back to requesting platform API 0.3.
Requesting platform API 0.4 when invoking builder lifecycle phases
has the primary benefit of making it easier to pass command-line
arguments to the default process in the generated image.
Fixes gh-23692
This commit polishes the javadoc for Maven plugin classes now that
the plugin reference docs link to the javadoc. Visibility of some
MOJO parameter class getters and setters were also changed for
consistency.
See gh-21555
This commit modifies the documentation generated for the
Maven plugin to include links to javadoc when Spring
Boot types are mentioned. Some javadoc was also polished
to improve the generated docs.
Fixes gh-21555
Previously, when building a layered jar with Gradle, project
dependencies were treated the same as any other dependency, being
included in the dependencies or snapshot dependencies layer based
on their version.
This commit updates the default layering when using Gradle to include
project dependencies in the application layer by default. The DSL has
also been updated to allow their layer to be customized using new
includeProjectDependencies() and excludeProjectDependencies() methods
rather than relying on including and excluding them via a
group:artifact:version pattern.
Closes gh-23431
The CNB specifications allow builders to support multiple platform
API versions. The supported versions are published in the builder
image metadata as an array of version numbers, while a single
supported version number was published in earlier builder metadata.
These changes read the supported versions from the builder metadata
and fall back to the single version if the array is not present.
A CNB_PLATFORM_API environment variable is set on each lifecycle
phase invocation to request a specific version as recommended in
the CNB platform spec.
Fixes gh-23682
This commit updates the default builder image used by the Maven
and Gradle plugins image-building goal and task to use the latest
Paketo builder image. The builder image is pulled from Docker Hub
instead of Google Container Registry by default.
See gh-23628
This commit qualifies examples of configuring the CNB builder to clarify
that the examples apply to use of the default Paketo builder, and adds links
to the official Paketo docs for more details.
Fixes gh-19967
A docker registry running in testcontainers behaves
differently in CI vs running locally. Disabling the tests for
now while working on getting them running reliably in CI.
See gh-21001
This commit adds options to the Maven and Gradle plugins to publish
to a Docker registry the image generated by the image-building goal
and task.
The Docker registry auth configuration added in an earlier commit
was modified to accept separate auth configs for the builder/run
image and the generated image, since it is likely these images will
be stored in separate registries or repositories with distinct
auth required for each.
Fixes gh-21001
We generate metadata for `@Endpoint` annotated types so the annotation
processor need to indicate that it supports the endpoint annotation.
See gh-23580
Previously, the configuration property annotation processor declared
that it supported all annotation types. This hurt performance and
prevented incremental builds with Gradle when compiling source code
containing source-retention annotations.
This commit updates its supported annotation types to be only
`@ConfigurationProperties` and `@Configuration`. The latter is declared
to allow binding third-party classes returned from a `@Bean` method.
Fixes gh-23580
Rather than using the extension directly, introduced a dedicated
annotation will enable customization of the compatibility tests that
are run via attributes on the annotation. For example, it will allow
certain test classes to run their tests with Gradle's configuration
cache enabled while others disable it.
Closes gh-23532
Previously the artifact's version was used. In an artifact's version,
SNAPSHOT is replaced with the timestamped version number of a specific
snapshot. As a result, it no longer matches the *:*:*SNAPSHOT pattern.
This commit replaces switches to using the artifact's base version.
This preserves the SNAPSHOT in the version number. For non-snapshot
artifacts, the version and base version are identical.
Fixes gh-23533
Previously, BootJar would resolves all of a project's configurations
when building a layered jar. This was unnecessarily broad as it was
likely to include configurations that had contributed nothing to the
jar's classpath.
This commit replaces the configuration resolution with an afterResolve
action that populates the ResolvedDependencies in response to a
configuration being resolved. This allows the resolved dependencies to
be populated from all of the configurations that were resolved as part
of determining the jars classpath and no more.
Closes gh-23528
Prior to this commit, the bootBuildInfo was configured eagerly.
Configuring it lazily prevent this task from being configured when not
explicitly needed. Also, the 'classes' and 'bootJar' tasks are now
lazily configured, as the bootBuildInfo task was causing them to be
configured eagerly.
See gh-23435
This commit adds the ability to configure the Maven and Gradle
plugins to use a remote Docker daemon using build file
configuration, as an alternative to setting environment variables
to specify remote host connection details.
Fixes gh-23400
This commit adds the ability to configure Docker image registry
authentication credentials in the Maven and Gradle plugins. The
authentication credentials are passed to the Docker daemon with
all daemon API calls, and the daemon forwards the credentials to the
image registry when necessary. This makes it possible to use
builder and run images stored in a private Docker registry.
See gh-22972
Rename `@ConfigurationPropertiesImport` to
`@ImportAsConfigurationPropertiesBean` and also refine the registrar
so that it can be used with type directly annotated with
`@ConfigurationProperties`.
Closes gh-23172
Update `JarFileEntries` so that the interface is obtained rather than
the concrete implementation. This allows `JarEntry` values to be used
without causing a ClassCastException.
Closes gh-19041
Update the performance improvements to push certificate loading
and storage into the `JarFileEntries` class. This allows us to
keep certificates without needing to cache all entry data. We
now also keep certificates and code signers in a dedicated class
which is set whenever the full jar stream as been read, even if
the contained values are `null`. The logic that assumes META-INF
entries are not signed has been removed in favor of delegating to
the streamed entry results.
See gh-19041
Update Spring Boot nested JarFile support to improve the performance of
signed jars. Prior to this commit, `certificates` and `codeSigners`
were read by streaming the entire jar whenever the existing values
were `null`. Unfortunately, the contract for `getCertificates` and
get `getCodeSigners` states that `null` is a valid return value. This
meant that full jar streaming would occur whenever either method was
called on an entry that had no result. The problem was further
exacerbated by the fact that entries might not be cached.
See gh-19041
This commit updates the Gradle Plugin to filter dependencies based on
the Spring-Boot-Jar-Type entry in their manifest. Jars with a
Spring-Boot-Jar-Type of dependencies-starter are excluded. Unlike the
Maven plugin, jars with a type of annotation-processor are not
excluded. It is not necessary with Gradle as use of the
annotationProcessor configuration for such dependencies already ensures
that they are not included.
See gh-22036
This commit updates the Maven Plugin to filter dependencies based on
the Spring-Boot-Jar-Type entry in their manifest. Jars with a
Spring-Boot-Jar-Type of dependencies-starter or annotation-processor
are excluded.
See gh-22036
Previously, PropertiesLauncher would close each archive that it
iterated over when creating its ClassLoader. This was not aligned
with JarLauncher's behaviour and left the ClassLoader with closed
archives. The close was introduced in [1] and became more apparent
following the change to fail operations on closed archives [2].
This commit updates Launcher to remove the close() that was added in
[1]. This aligns the behavior of PropertiesLauncher with JarLauncher
and ensures that the ClassLoader does not have entries backed by
closed archives on its classpath.
Fixes gh-23165
[1] ad72f86bdb
[2] ed7a5db174
Add repeatable `@ImportConfigurationPropertiesBean` annotation that can
be used to import types and treat them as `@ConfigurationProperties`
beans. This annotation is specifically designed to support third-party
classes that can't contain any Spring annotations.
Closes gh-23172
In some cases, a call to the Docker image load API will fail but
return a 200 OK response status code and an empty response. This
commit detects that the response from this call is empty and
treats this condition as an error instead of a silent failure.
Fixes gh-23130
This commit changes the path used to invoke lifecycle binaries in
CNB builders from `/lifecycle` to `/cnb/lifecycle` to conform to
the CNB spec. This will ensure the build plugin image-building
goals and tasks are compatible with future versions of builders
that may not support both paths.
See gh-23009
Update `BuildImageMojo` so that commons HTTP wire logging is configured
to ERROR. Without this update, running `mvn -X` will produce a great
deal of logging since by default HTTP Client logs all bytes transfered
at DEBUG and Maven will enable DEBUG for all logs.
Closes gh-22674
Update `Repackager` to ensure that `getLayout` is called before we
backup the source file. This restores earlier behavior that some
custom `ModuleFactory` implementations were relying on.
Closes gh-22995
This commit adds a check to the `layertools extract` command to
ensure that the jar file being processed is readable and has a
valid directory.
Fixes gh-22993
Create a new `JarFileWrapper` class so that we can wrap and existing
`JarFile` and offer a version that can be safely closed.
Prior to this commit, we provided wrapper functionality in the `JarFile`
class itself. Unfortunately, because we override `close` and also create
a lot of wrappers this caused memory issues when running on Java 11.
With Java 11 `java.util.zip.ZipFile` class uses `FinalizableResource`
for any implementation that overrides `close()`. This means that any
wrapper classes will not be garbage collected until the JVM finalizer
thread runs.
Closes gh-22991
Andy Wilkinson
Phillip Webb
olivier.antoine
Scott Frederick
Stephane Nicoll
Andy Wilkinson
Johnny Lim
Emily Casey
dreis2211
Santhoshkumar. P
Lukas Cardot
Sebastiaan Fernandez
姜为
mathieufortin01
EruDev
Martin Chalupa
Jean-Baptiste Nizet