Skip to content

Commit

Permalink
Merge pull request #73 from lexemmens/feature/vuln_and_builda_args
Browse files Browse the repository at this point in the history 
Upgrade dependency versions and add build arguments
  • Loading branch information
@lexemmens
lexemmens committed Apr 5, 2023
2 parents e848688 + 5dc8b54 commit f64cd5b
Show file tree
Hide file tree
Showing 11 changed files with 306 additions and 53 deletions.
7 changes: 7 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,11 @@
## Changelog
### 1.13.0 (05-04-2022)
#### Improvements
* ([#59](https://github.com/lexemmens/podman-maven-plugin/issues/59) - Support for build arguments)

#### Bugs
* ([#74](https://github.com/lexemmens/podman-maven-plugin/issues/74) - Fixed cataloguing of artifacts when catloguing is skipped of no valid images are present)

### 1.12.0 (21-02-2023)
#### Improvements
* ([#69](https://github.com/lexemmens/podman-maven-plugin/issues/69)) - Add SELinux support when building container images (RHEL8/CentOS8)
Expand Down
24 changes: 24 additions & 0 deletions docs/modules/ROOT/pages/goals/build.adoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -93,6 +93,15 @@ When this option is specified _and_ `pullAlways` is also specified, builds will
|<<labels,labels>>
|A collection of labels to add to this image. They are specified in the typical maven property format.

|<<args,args>>
|Specifies one or more build arguments and their value, which will be interpolated in instructions read from the
Containerfiles in the same way that environment variables are, but which will not be added to environment variable
list in the resulting image’s configuration.

**Syntax**: `<arg>value</arg>`

**See**: https://docs.podman.io/en/latest/markdown/podman-build.1.html#build-arg-arg-value

|tagWithMavenProjectVersion
|When set to `true`, the resulting container image will be tagged with the current version of the Maven project.

Expand Down Expand Up @@ -133,6 +142,10 @@ Supported values are:
</tags>
<createLatestTag>true</createLatestTag>
<format>OCI</format>
<args>
<buildArg1>buildArgValue1</buildArg1>
<buildArg2>buildArgValue2</buildArg2>
</args>
</build>
</image>
</images>
Expand Down Expand Up @@ -164,6 +177,17 @@ Labels are a mechanism for applying metadata to container images. Labels can be

NOTE: As of version 1.7.1 label values are always stored between double quotes to allow values with spaces.

=== Build arguments
:navtitle: Build Arguments
[#args]

Specifies one or more build arguments and their value, which will be interpolated in instructions read from the
Containerfiles in the same way that environment variables are, but which will not be added to environment variable
list in the resulting image’s configuration.

Build arguments can also be specified via System Properties, using the syntax: `podman.buildArg.exampleBuildArgument=buildArgumentValue`. Do note that System Properties are global and take precedence over the arguments that are configured
in the build configuration for each image.

=== Key format recommendations
[#keyformatrecommendations]
:navtitle: Key format recommendations
Expand Down
89 changes: 61 additions & 28 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -104,7 +104,19 @@
<dependency>
<groupId>org.apache.maven.plugin-tools</groupId>
<artifactId>maven-plugin-annotations</artifactId>
<version>3.6.0</version>
<version>3.7.1</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-model</artifactId>
<version>${maven.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-settings</artifactId>
<version>${maven.version}</version>
<scope>provided</scope>
</dependency>

Expand All @@ -118,25 +130,25 @@
<dependency>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter-api</artifactId>
<version>5.9.1</version>
<version>5.9.2</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter-engine</artifactId>
<version>5.9.1</version>
<version>5.9.2</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter</artifactId>
<version>5.9.1</version>
<version>5.9.2</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.mockito</groupId>
<artifactId>mockito-core</artifactId>
<version>4.8.0</version>
<version>5.1.1</version>
<scope>test</scope>
</dependency>
<dependency>
Expand All @@ -148,15 +160,15 @@
<dependency>
<groupId>org.mockito</groupId>
<artifactId>mockito-junit-jupiter</artifactId>
<version>4.8.0</version>
<version>5.1.1</version>
<scope>test</scope>
</dependency>

<!-- Required for running tests from Intellij -->
<dependency>
<groupId>org.junit.vintage</groupId>
<artifactId>junit-vintage-engine</artifactId>
<version>5.9.1</version>
<version>5.9.2</version>
<scope>test</scope>
</dependency>
<dependency>
Expand All @@ -174,47 +186,77 @@
<plugins>
<plugin>
<artifactId>maven-clean-plugin</artifactId>
<version>3.1.0</version>
<version>3.2.0</version>
</plugin>
<plugin>
<artifactId>maven-resources-plugin</artifactId>
<version>3.0.2</version>
<version>3.3.0</version>
</plugin>
<plugin>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.8.0</version>
<version>3.10.1</version>
</plugin>
<plugin>
<artifactId>maven-plugin-plugin</artifactId>
<version>3.6.0</version>
<version>3.7.1</version>
</plugin>
<plugin>
<artifactId>maven-surefire-plugin</artifactId>
<version>2.22.1</version>
<version>3.0.0-M9</version>
</plugin>
<plugin>
<artifactId>maven-failsafe-plugin</artifactId>
<version>3.0.0-M9</version>
</plugin>
<plugin>
<artifactId>maven-jar-plugin</artifactId>
<version>3.0.2</version>
<version>3.3.0</version>
</plugin>
<plugin>
<artifactId>maven-release-plugin</artifactId>
<version>3.0.0.M7</version>
</plugin>
<plugin>
<artifactId>maven-install-plugin</artifactId>
<version>2.5.2</version>
<version>3.1.0</version>
</plugin>
<plugin>
<artifactId>maven-deploy-plugin</artifactId>
<version>2.8.2</version>
<version>3.1.0</version>
</plugin>
<plugin>
<artifactId>maven-invoker-plugin</artifactId>
<version>3.1.0</version>
<version>3.5.0</version>
</plugin>
<plugin>
<artifactId>maven-source-plugin</artifactId>
<version>3.2.1</version>
</plugin>
<plugin>
<artifactId>maven-javadoc-plugin</artifactId>
<version>3.5.0</version>
</plugin>
<plugin>
<groupId>org.codehaus.plexus</groupId>
<artifactId>plexus-component-metadata</artifactId>
<version>2.1.1</version>
</plugin>
<plugin>
<groupId>org.jacoco</groupId>
<artifactId>jacoco-maven-plugin</artifactId>
<version>0.8.8</version>
</plugin>
<plugin>
<groupId>org.sonatype.plugins</groupId>
<artifactId>nexus-staging-maven-plugin</artifactId>
<version>1.6.13</version>
</plugin>
</plugins>
</pluginManagement>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-plugin-plugin</artifactId>
<version>3.6.0</version>
<configuration>
<skipErrorNoDescriptorsFound>true</skipErrorNoDescriptorsFound>
</configuration>
Expand All @@ -230,7 +272,6 @@
<plugin>
<groupId>org.codehaus.plexus</groupId>
<artifactId>plexus-component-metadata</artifactId>
<version>2.1.0</version>
<executions>
<execution>
<goals>
Expand All @@ -251,7 +292,6 @@
<plugin>
<groupId>org.jacoco</groupId>
<artifactId>jacoco-maven-plugin</artifactId>
<version>0.8.5</version>
<executions>
<execution>
<goals>
Expand All @@ -271,16 +311,13 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<version>2.22.2</version>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-failsafe-plugin</artifactId>
<version>2.22.2</version>
</plugin>
<plugin>
<artifactId>maven-deploy-plugin</artifactId>
<version>2.8.2</version>
<executions>
<execution>
<id>default-deploy</id>
Expand All @@ -294,7 +331,6 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-release-plugin</artifactId>
<version>2.5.3</version>
<configuration>
<localCheckout>true</localCheckout>
<pushChanges>false</pushChanges>
Expand All @@ -305,19 +341,18 @@
<dependency>
<groupId>org.apache.maven.scm</groupId>
<artifactId>maven-scm-api</artifactId>
<version>1.11.2</version>
<version>2.0.0.M3</version>
</dependency>
<dependency>
<groupId>org.apache.maven.scm</groupId>
<artifactId>maven-scm-provider-gitexe</artifactId>
<version>1.11.2</version>
<version>2.0.0.M3</version>
</dependency>
</dependencies>
</plugin>
<plugin>
<groupId>org.sonatype.plugins</groupId>
<artifactId>nexus-staging-maven-plugin</artifactId>
<version>1.6.8</version>
<extensions>true</extensions>
<configuration>
<serverId>ossrh</serverId>
Expand All @@ -328,7 +363,6 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId>
<version>3.2.1</version>
<executions>
<execution>
<id>attach-sources</id>
Expand All @@ -341,7 +375,6 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<version>3.2.0</version>
<configuration>
<source>8</source>
</configuration>
Expand Down
37 changes: 19 additions & 18 deletions src/main/java/nl/lexemmens/podman/BuildMojo.java
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
package nl.lexemmens.podman;

import nl.lexemmens.podman.config.image.AbstractImageConfiguration;
import nl.lexemmens.podman.config.image.single.SingleImageConfiguration;
import nl.lexemmens.podman.helper.MultiStageBuildOutputHelper;
import nl.lexemmens.podman.service.ServiceHub;
Expand Down Expand Up @@ -154,34 +155,34 @@ private void tagFinalImage(SingleImageConfiguration image, ServiceHub hub) throw
}

private void catalogContainers(List<SingleImageConfiguration> images, ServiceHub hub) throws MojoExecutionException {
List<String> containerCatalog = getContainerCatalog(images);
if (containerCatalog.isEmpty()) {
getLog().info("No containers were catalogued.");
return;
}

containerCatalog.add(0, CATALOG_HEADER);

String catalogFileName = String.format("%s.txt", CATALOG_ARTIFACT_NAME);
Path catalogPath = Paths.get(project.getBuild().getDirectory(), catalogFileName);
try {
Files.write(catalogPath, containerCatalog);
} catch (IOException e) {
getLog().error("Failed to write catalog file! Caught: " + e.getMessage());
throw new MojoExecutionException(e.getMessage(), e);
}

if (skipCatalog) {
getLog().info("Skipping attaching of catalog artifact.");
} else {
getLog().info("Attaching catalog artifact: " + catalogPath);
List<String> containerCatalog = getContainerCatalog(images);
if (containerCatalog.isEmpty()) {
getLog().info("No containers were catalogued.");
return;
}

containerCatalog.add(0, CATALOG_HEADER);

String catalogFileName = String.format("%s.txt", CATALOG_ARTIFACT_NAME);
Path catalogPath = Paths.get(project.getBuild().getDirectory(), catalogFileName);
try {
Files.write(catalogPath, containerCatalog);
} catch (IOException e) {
getLog().error("Failed to write catalog file! Caught: " + e.getMessage());
throw new MojoExecutionException(e.getMessage(), e);
}

getLog().info("Attaching catalog artifact: " + catalogPath);
hub.getMavenProjectHelper().attachArtifact(project, "txt", CATALOG_ARTIFACT_NAME, catalogPath.toFile());
}
}

private List<String> getContainerCatalog(List<SingleImageConfiguration> images) {
return images.stream()
.filter(AbstractImageConfiguration::isValid)
.map(this::singleImageConfigurationToFullImageList)
.flatMap(Collection::stream)
.collect(Collectors.toList());
Expand Down
2 changes: 0 additions & 2 deletions src/main/java/nl/lexemmens/podman/command/podman/AbstractPodmanCommand.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,8 +21,6 @@ public abstract class AbstractPodmanCommand extends AbstractCommand {
private static final String BASE_COMMAND = "podman";
private static final String ROOT_CMD = "--root=";
private static final String RUNROOT_CMD = "--runroot=";
private static final String CGROUP_MANAGER = "--cgroup-manager";

private final boolean redirectError;
private final List<String> command;

Expand Down
Loading

0 comments on commit f64cd5b

Please sign in to comment.