Docker build fix [MOSIP-44274]

[GOKULRAJ136]

Summary by CodeRabbit

• Chores
  • Upgraded Maven in the build environment to a newer patch release.
  • Removed obsolete Java 21-specific build variants and related artifacts to simplify and slim down build outputs.
  • Revised repository and distribution endpoints and snapshot settings to streamline publishing and deployment configuration.

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

Walkthrough

Maven download in artifacts/Dockerfile bumped from 3.8.8 → 3.8.9. artifacts/pom.xml swaps repository and distributionManagement endpoints and snapshot flags, and removes many Java‑21-specific properties and artifactItem entries while retaining non‑Java21 artifacts and minor formatting tweaks.

Changes

Cohort / File(s)	Summary
Dockerfile Maven bump artifacts/Dockerfile	Maven version updated 3.8.8 → 3.8.9: download URL and tarball names changed; extraction and cleanup steps adjusted accordingly.
POM repository & artifact cleanup artifacts/pom.xml	Repository entries and distributionManagement URLs swapped and snapshot flags toggled; numerous Java‑21-specific properties and artifactItem entries removed; retained non‑Java21 artifacts and slight indentation/formatting changes.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Poem

🐰 I hopped through Dockerfiles at night,

Swapped a Maven link to make it light.
POM blossoms pruned — Java‑21 set free,
Core artifacts stayed snug as can be.
A tiny hop, a cleaner tree 🌿

🚥 Pre-merge checks | ✅ 3 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title 'Docker build fix' is vague and does not clearly describe the specific changes made. While a Docker file was modified, the title doesn't convey that Maven was updated or repository configurations were changed in pom.xml.	Consider a more specific title such as 'Update Maven to 3.8.9 and consolidate repository configuration' that better reflects the actual scope of changes across both Dockerfile and pom.xml.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Merge Conflict Detection	✅ Passed	✅ No merge conflicts detected when merging into develop

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (3)

artifacts/pom.xml (3)

221-229: Undefined properties will cause build failure.

This artifactItem references ${auth-adapter-java-21.version} and ${auth-adapter-java-21.location}, but these properties are not defined in the <properties> section. According to the summary, Java 21 variant properties were removed, but this artifactItem block was not removed.

This will cause Maven to either fail the build or use literal unresolved property strings as values.

🐛 Proposed fix: Remove the orphaned artifactItem

-				<artifactItem>
-					<groupId>io.mosip.kernel</groupId>
-					<artifactId>kernel-auth-adapter</artifactId>
-					<version>${auth-adapter-java-21.version}</version>
-					<outputDirectory>${auth-adapter-java-21.location}</outputDirectory>
-						<!-- Keep the destination filename consistent with the original -->
-					<destFileName>kernel-auth-adapter.jar</destFileName>
-					<type>jar</type>
-				</artifactItem>

---

261-269: Duplicate artifactItem entry.

This kernel-smsserviceprovider-msg91 artifactItem is identical to the one at lines 242-249. This will copy the same artifact twice unnecessarily.

🧹 Proposed fix: Remove the duplicate block

-<!-- artifactItem section for smsserviceprovider -->
-				<artifactItem>
-					<groupId>io.mosip.kernel</groupId>
-					<artifactId>kernel-smsserviceprovider-msg91</artifactId>
-					<version>${kernel-smsserviceprovider.version}</version>
-					 <outputDirectory>${kernel-smsserviceprovider.location}</outputDirectory> 
-					<destFileName>${kernel-smsserviceprovider.fileName}</destFileName>
-					<type>jar</type>
-				</artifactItem>

---

289-297: Undefined properties will cause build failure.

This artifactItem references ${kernel-virusscanner-clamav-java-21.version} and ${kernel-virusscanner-clamav-java-21.location}, but these properties are not defined. The Java 21 variant properties were removed but this artifactItem was not updated.

🐛 Proposed fix: Use the existing non-Java-21 properties

 <!-- artifactItem section for virusscanner -->
 				<artifactItem>
 					<groupId>io.mosip.kernel</groupId>
 					<artifactId>kernel-virusscanner-clamav</artifactId>
-					<version>${kernel-virusscanner-clamav-java-21.version}</version>
-					 <outputDirectory>${kernel-virusscanner-clamav-java-21.location}</outputDirectory> 
+					<version>${kernel-virusscanner-clamav.version}</version>
+					 <outputDirectory>${kernel-virusscanner-clamav.location}</outputDirectory> 
 					<destFileName>${kernel-virusscanner-clamav.fileName}</destFileName>
 					<type>jar</type>
 				</artifactItem>				

🤖 Fix all issues with AI agents

In `@artifacts/pom.xml`:
- Around line 37-56: Update the ossrh repository configuration: in the
repository with id "ossrh" replace the incorrect <url> value
"https://central.sonatype.com/repositories/snapshots" with the correct Sonatype
snapshots URL "https://central.sonatype.com/repository/maven-snapshots/" by
editing the <url> element inside the ossrh <repository> block in the pom.xml.

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

artifacts/Dockerfile (1)

217-217: ⚠️ Potential issue | 🔴 Critical

Build is failing — SNAPSHOT artifact not found.

The pipeline reports that io.mosip.kernel:kernel-auth-adapter:jar:1.2.1-SNAPSHOT cannot be resolved from https://central.sonatype.com/repositories/snapshots. This is the actual build-breaking error. The Maven version bump alone does not fix this.

The root cause is likely in pom.xml (repository URL or artifact version configuration). Please ensure the correct snapshot repository URL is configured and the referenced artifact version is published there.

🧹 Nitpick comments (2)

artifacts/Dockerfile (2)

39-41: Pipeline warns about legacy ENV format.

The linter flags these lines for using the legacy ENV key value syntax instead of ENV key=value. While these aren't part of this change, since this is a Docker build fix PR, it would be a good time to clean them up.

Suggested fix

-ENV MAVEN_HOME /usr/local/maven
-ENV PATH $MAVEN_HOME/bin:$PATH
-ENV JAVA_HOME /usr/lib/jvm/java-11-openjdk-amd64
+ENV MAVEN_HOME=/usr/local/maven
+ENV PATH=$MAVEN_HOME/bin:$PATH
+ENV JAVA_HOME=/usr/lib/jvm/java-11-openjdk-amd64

---

31-32: Upgrade Maven from 3.8.9 (EOL) to 3.9.12 (current stable).

Maven 3.8.9 and before has reached end-of-life and is no longer supported. New plugin releases require Maven 3.9.0 or later. Maven 3.9.12 is the latest stable release and is fully compatible with Java 11 (used in this Dockerfile).

Additionally, dlcdn.apache.org may eventually remove EOL versions from the CDN distribution.

Suggested upgrade to Maven 3.9.12

-wget https://dlcdn.apache.org/maven/maven-3/3.8.9/binaries/apache-maven-3.8.9-bin.tar.gz &&\
-tar -xzf apache-maven-3.8.9-bin.tar.gz && mv apache-maven-3.8.9 /usr/local/maven && rm apache-maven-3.8.9-bin.tar.gz &&\
+wget https://dlcdn.apache.org/maven/maven-3/3.9.12/binaries/apache-maven-3.9.12-bin.tar.gz &&\
+tar -xzf apache-maven-3.9.12-bin.tar.gz && mv apache-maven-3.9.12 /usr/local/maven && rm apache-maven-3.9.12-bin.tar.gz &&\

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)

artifacts/pom.xml (2)

221-229: ⚠️ Potential issue | 🔴 Critical

Build breakage: undefined properties ${auth-adapter-java-21.version} and ${auth-adapter-java-21.location}.

The Java-21 properties were removed from <properties>, but this artifactItem still references them. Maven will not resolve these, causing the build to fail. This block should be removed along with the other Java-21 artifact items.

Proposed fix — remove the orphaned artifactItem

-				<artifactItem>
-					<groupId>io.mosip.kernel</groupId>
-					<artifactId>kernel-auth-adapter</artifactId>
-					<version>${auth-adapter-java-21.version}</version>
-					<outputDirectory>${auth-adapter-java-21.location}</outputDirectory>
-						<!-- Keep the destination filename consistent with the original -->
-					<destFileName>kernel-auth-adapter.jar</destFileName>
-					<type>jar</type>
-				</artifactItem>

---

289-297: ⚠️ Potential issue | 🔴 Critical

Build breakage: undefined properties ${kernel-virusscanner-clamav-java-21.version} and ${kernel-virusscanner-clamav-java-21.location}.

Same issue as the auth-adapter block above. The Java-21 properties were removed, but this artifactItem still references them. Update to use the base properties or remove this block.

Proposed fix — use the existing non-java-21 properties

 				<artifactItem>
 					<groupId>io.mosip.kernel</groupId>
 					<artifactId>kernel-virusscanner-clamav</artifactId>
-					<version>${kernel-virusscanner-clamav-java-21.version}</version>
-					 <outputDirectory>${kernel-virusscanner-clamav-java-21.location}</outputDirectory> 
+					<version>${kernel-virusscanner-clamav.version}</version>
+					 <outputDirectory>${kernel-virusscanner-clamav.location}</outputDirectory> 
 					<destFileName>${kernel-virusscanner-clamav.fileName}</destFileName>
 					<type>jar</type>
 				</artifactItem>				

Alternatively, if this was a Java-21 variant that's no longer needed, remove the entire block.

🧹 Nitpick comments (1)

artifacts/pom.xml (1)

261-269: Duplicate artifactItem for kernel-smsserviceprovider-msg91.

This block (lines 261–269) is identical to lines 242–249. Remove one to avoid downloading the same artifact twice.

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (3)

artifacts/pom.xml (3)

221-229: ⚠️ Potential issue | 🔴 Critical

Build will fail — auth-adapter-java-21 properties are undefined.

This artifactItem block references ${auth-adapter-java-21.version} and ${auth-adapter-java-21.location}, but the corresponding properties were removed in this PR. Maven will leave these as literal unexpanded strings, causing the dependency resolution and file copy to fail.

Either remove this entire block (consistent with the stated goal of dropping Java 21 variants) or re-add the properties.

Suggested fix: remove the orphaned artifactItem

-				<artifactItem>
-					<groupId>io.mosip.kernel</groupId>
-					<artifactId>kernel-auth-adapter</artifactId>
-					<version>${auth-adapter-java-21.version}</version>
-					<outputDirectory>${auth-adapter-java-21.location}</outputDirectory>
-						<!-- Keep the destination filename consistent with the original -->
-					<destFileName>kernel-auth-adapter.jar</destFileName>
-					<type>jar</type>
-				</artifactItem>

---

289-297: ⚠️ Potential issue | 🔴 Critical

Build will fail — kernel-virusscanner-clamav-java-21 properties are undefined.

Same issue as the auth-adapter block above: ${kernel-virusscanner-clamav-java-21.version} and ${kernel-virusscanner-clamav-java-21.location} are referenced here but their property definitions were removed. This block should either be removed or updated to use the non-java-21 properties.

Suggested fix: use the standard (non-java-21) properties

 				<artifactItem>
 					<groupId>io.mosip.kernel</groupId>
 					<artifactId>kernel-virusscanner-clamav</artifactId>
-					<version>${kernel-virusscanner-clamav-java-21.version}</version>
-					 <outputDirectory>${kernel-virusscanner-clamav-java-21.location}</outputDirectory> 
+					<version>${kernel-virusscanner-clamav.version}</version>
+					 <outputDirectory>${kernel-virusscanner-clamav.location}</outputDirectory> 
 					<destFileName>${kernel-virusscanner-clamav.fileName}</destFileName>
 					<type>jar</type>
 				</artifactItem>				

---

261-269: ⚠️ Potential issue | 🟡 Minor

Duplicate artifactItem for kernel-smsserviceprovider-msg91.

This block (lines 262–269) is an exact duplicate of lines 242–249. It will cause Maven to download and copy the same artifact twice. Remove one of them.

Suggested fix

-<!-- artifactItem section for smsserviceprovider -->
-				<artifactItem>
-					<groupId>io.mosip.kernel</groupId>
-					<artifactId>kernel-smsserviceprovider-msg91</artifactId>
-					<version>${kernel-smsserviceprovider.version}</version>
-					 <outputDirectory>${kernel-smsserviceprovider.location}</outputDirectory> 
-					<destFileName>${kernel-smsserviceprovider.fileName}</destFileName>
-					<type>jar</type>
-				</artifactItem>

🧹 Nitpick comments (2)

artifacts/pom.xml (2)

157-167: certify-plugin.location is defined three times (lines 158, 162, 167).

In Maven properties, the last definition wins, so the first two are dead. This is confusing and error-prone. Keep a single definition.

Suggested fix

  		<!-- certify sunbird plugin -->
-		<certify-plugin.location>/usr/share/nginx/html/artifactory/libs-release-local/certify/certify-plugin</certify-plugin.location>
 <!--		<certify-sunbird-plugin.version>0.3.0-SNAPSHOT</certify-sunbird-plugin.version>-->
 <!--		<certify-sunbird-plugin.fileName>certify-sunbird-plugin.jar</certify-sunbird-plugin.fileName>-->
 		<!-- certify mosip identity plugin -->
-		<certify-plugin.location>/usr/share/nginx/html/artifactory/libs-release-local/certify/certify-plugin</certify-plugin.location>
+		<certify-plugin.location>/usr/share/nginx/html/artifactory/libs-release-local/certify/certify-plugin</certify-plugin.location>
 		<certify-mosip-identity-plugin.version>0.3.0-SNAPSHOT</certify-mosip-identity-plugin.version>
 		<certify-mosip-identity-plugin.fileName>certify-mosip-identity-plugin.jar</certify-mosip-identity-plugin.fileName>
 
         <!-- certify mock plugin -->
-		<certify-plugin.location>/usr/share/nginx/html/artifactory/libs-release-local/certify/certify-plugin</certify-plugin.location>
 		<certify-mock-plugin.version>0.3.1-SNAPSHOT</certify-mock-plugin.version>

---

70-71: Typo in comment: "apadter" → "adapter".

-		<!-- kernel-auth-apadter -->
+		<!-- kernel-auth-adapter -->