Create proxy Docker image with Gradle

This CL adds two ways to build an docker image with gradle:

1) Adds a :proxy:deployJar task that builds an uber jar that contains all runtime dependencies. The jar can then be add to a docker image by calling docker with the added Dockerfile. The base image for this image can be both distroless java or openjdk:alpine.

2) Uses the Gradle distribution plugin to build a distribution tar file that contains all dependencies (as separate jar files) and a run script that sets up the classpath before calling the main class. Then the docker application plugin can build a docker image (with the dockerBuildImage task) using the application tar file. This only works with openjdk:alpline base image as the distroless java image does not contain a shell and therefore the script created by the distribution plugin cannot be launched.

We may later decide to use one of the method and remove the other.

Also adds an outcast test pattern that caused the tests to be flaky.

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=222145192

gradle/build.gradle

@@ -3,6 +3,7 @@ plugins {
   // Config helper for annotation processors such as AutoValue and Dagger.
   // Ensures that source code is generated at an appropriate location.
   id 'net.ltgt.apt' version '0.19' apply false
+  id 'com.bmuschko.docker-java-application' version '4.0.4' apply false
 }
 
 // Only do linting if the build is successful.
@@ -14,6 +15,7 @@ ext.javatestsDir = "${rootDir}/../javatests"
 
 subprojects {
   repositories {
+    jcenter()
     mavenCentral()
   }
 

gradle/core/build.gradle

@@ -14,6 +14,7 @@ def outcastTestPatterns = [
     "google/registry/batch/DeleteContactsAndHostsActionTest.*",
     "google/registry/batch/RefreshDnsOnHostRenameActionTest.*",
     "google/registry/flows/CheckApiActionTest.*",
+    "google/registry/flows/EppLifecycleDomainTest.*",
     "google/registry/flows/EppLifecycleHostTest.*",
     "google/registry/flows/domain/DomainAllocateFlowTest.*",
     "google/registry/flows/domain/DomainApplicationCreateFlowTest.*",
@@ -213,11 +214,6 @@ dependencies {
   maybeRuntime 'org.slf4j:slf4j-api:1.7.16'
   maybeRuntime 'org.tukaani:xz:1.5'
   maybeRuntime 'org.xerial.snappy:snappy-java:1.1.4-M3'
-  maybeRuntime 'org.mortbay.jetty:jetty-util:6.1.26'
-  maybeRuntime 'org.slf4j:slf4j-api:1.7.16'
-  maybeRuntime 'org.tukaani:xz:1.5'
-  maybeRuntime 'org.xerial.snappy:snappy-java:1.1.4-M3'
-  testCompile 'org.yaml:snakeyaml:1.17'
   compile 'xerces:xmlParserAPIs:2.6.2'
   compile 'xpp3:xpp3:1.1.4c'
 

gradle/proxy/Dockerfile

@@ -0,0 +1,5 @@
+# TODO(jianglai): Peg to a specific sha256 hash to enable reproducible build.
+FROM gcr.io/distroless/java
+ADD build/libs/proxy_server.jar .
+ENTRYPOINT ["java", "-jar", "proxy_server.jar"]
+EXPOSE 30000 30001 30002 30010 30012

gradle/proxy/build.gradle

@@ -1,5 +1,16 @@
-plugins {
-  id 'application'
+apply plugin: 'com.google.osdetector'
+apply plugin: 'application'
+apply plugin: 'com.bmuschko.docker-java-application'
+
+// TODO(jianglai): use plugins block once the osdetctor v1.6.0 works with it.
+// see: https://github.com/google/osdetector-gradle-plugin/issues/15
+buildscript {
+  repositories {
+    mavenCentral()
+  }
+  dependencies {
+    classpath 'com.google.gradle:osdetector-gradle-plugin:1.6.0'
+  }
 }
 
 sourceSets {
@@ -13,6 +24,25 @@ sourceSets {
 
 mainClassName = 'google.registry.proxy.ProxyServer'
 
+task deployJar(type: Jar) {
+  manifest {
+    attributes 'Main-Class': 'google.registry.proxy.ProxyServer'
+  }
+  baseName = 'proxy_server'
+  version = null
+  from {
+    configurations.runtimeClasspath.collect {
+      it.isDirectory() ? it : zipTree(it)
+    }
+  }
+  // Excludes signature files that accompany some dependency jars, like
+  // bonuncycastle. It they are present, only classes from those signed jars are
+  // made available to the class loader.
+  // see https://discuss.gradle.org/t/signing-a-custom-gradle-plugin-thats-downloaded-by-the-build-system-from-github/1365
+  exclude "META-INF/*.SF", "META-INF/*.DSA", "META-INF/*.RSA"
+  with jar
+}
+
 dependencies {
   compile 'com.beust:jcommander:1.48'
   compile 'com.fasterxml.jackson.core:jackson-annotations:2.8.9'
@@ -27,7 +57,6 @@ dependencies {
   compile 'com.google.code.findbugs:jsr305:3.0.2'
   compile 'com.google.dagger:dagger:2.15'
   compile 'com.google.flogger:flogger:0.1'
-  compile 'com.google.guava:guava-jdk5:17.0'
   compile 'com.google.guava:guava:27.0-jre'
   compile 'com.google.http-client:google-http-client:1.27.0'
   compile 'com.google.monitoring-client:metrics:1.0.4'
@@ -45,8 +74,9 @@ dependencies {
   compile project(':util')
 
   runtime 'com.google.flogger:flogger-system-backend:0.1'
-  runtime 'io.netty:netty-tcnative-boringssl-static:2.0.20.Final'
   runtime 'com.google.auto.value:auto-value:1.6.2'
+  runtime group: 'io.netty', name: 'netty-tcnative-boringssl-static',
+      version: '2.0.20.Final', classifier: osdetector.classifier
 
   testCompile 'com.google.monitoring-client:contrib:1.0.4'
   testCompile 'com.google.truth:truth:0.42'
@@ -63,3 +93,11 @@ dependencies {
   annotationProcessor 'com.google.dagger:dagger-compiler:2.15'
   testAnnotationProcessor 'com.google.dagger:dagger-compiler:2.15'
 }
+
+docker {
+  javaApplication {
+    // TODO(jianglai): Peg to a specific hash to enable reproducible build.
+    baseImage = 'openjdk:8-jre-alpine'
+    ports = [30000, 30001, 30002, 30011, 30012]
+  }
+}

gradle/util/build.gradle

@@ -4,7 +4,6 @@ dependencies {
   compile 'com.google.code.findbugs:jsr305:3.0.2'
   compile 'com.google.dagger:dagger:2.15'
   compile 'com.google.flogger:flogger:0.1'
-  compile 'com.google.guava:guava-jdk5:17.0'
   compile 'com.google.guava:guava:25.1-jre'
   compile 'com.google.re2j:re2j:1.1'
   compile 'com.ibm.icu:icu4j:57.1'