Create proxy Docker image with Gradle

This CL adds two ways to build an docker image with gradle:

1) Adds a :proxy:deployJar task that builds an uber jar that contains all runtime dependencies. The jar can then be add to a docker image by calling docker with the added Dockerfile. The base image for this image can be both distroless java or openjdk:alpine.

2) Uses the Gradle distribution plugin to build a distribution tar file that contains all dependencies (as separate jar files) and a run script that sets up the classpath before calling the main class. Then the docker application plugin can build a docker image (with the dockerBuildImage task) using the application tar file. This only works with openjdk:alpline base image as the distroless java image does not contain a shell and therefore the script created by the distribution plugin cannot be launched.

We may later decide to use one of the method and remove the other.

Also adds an outcast test pattern that caused the tests to be flaky.

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=222145192
This commit is contained in:
jianglai 2018-11-19 15:03:00 -08:00
parent 118367dc6b
commit f46f817f9e
5 changed files with 50 additions and 10 deletions

View file

@ -3,6 +3,7 @@ plugins {
// Config helper for annotation processors such as AutoValue and Dagger.
// Ensures that source code is generated at an appropriate location.
id 'net.ltgt.apt' version '0.19' apply false
id 'com.bmuschko.docker-java-application' version '4.0.4' apply false
}
// Only do linting if the build is successful.
@ -14,6 +15,7 @@ ext.javatestsDir = "${rootDir}/../javatests"
subprojects {
repositories {
jcenter()
mavenCentral()
}

View file

@ -14,6 +14,7 @@ def outcastTestPatterns = [
"google/registry/batch/DeleteContactsAndHostsActionTest.*",
"google/registry/batch/RefreshDnsOnHostRenameActionTest.*",
"google/registry/flows/CheckApiActionTest.*",
"google/registry/flows/EppLifecycleDomainTest.*",
"google/registry/flows/EppLifecycleHostTest.*",
"google/registry/flows/domain/DomainAllocateFlowTest.*",
"google/registry/flows/domain/DomainApplicationCreateFlowTest.*",
@ -213,11 +214,6 @@ dependencies {
maybeRuntime 'org.slf4j:slf4j-api:1.7.16'
maybeRuntime 'org.tukaani:xz:1.5'
maybeRuntime 'org.xerial.snappy:snappy-java:1.1.4-M3'
maybeRuntime 'org.mortbay.jetty:jetty-util:6.1.26'
maybeRuntime 'org.slf4j:slf4j-api:1.7.16'
maybeRuntime 'org.tukaani:xz:1.5'
maybeRuntime 'org.xerial.snappy:snappy-java:1.1.4-M3'
testCompile 'org.yaml:snakeyaml:1.17'
compile 'xerces:xmlParserAPIs:2.6.2'
compile 'xpp3:xpp3:1.1.4c'

5
gradle/proxy/Dockerfile Normal file
View file

@ -0,0 +1,5 @@
# TODO(jianglai): Peg to a specific sha256 hash to enable reproducible build.
FROM gcr.io/distroless/java
ADD build/libs/proxy_server.jar .
ENTRYPOINT ["java", "-jar", "proxy_server.jar"]
EXPOSE 30000 30001 30002 30010 30012

View file

@ -1,5 +1,16 @@
plugins {
id 'application'
apply plugin: 'com.google.osdetector'
apply plugin: 'application'
apply plugin: 'com.bmuschko.docker-java-application'
// TODO(jianglai): use plugins block once the osdetctor v1.6.0 works with it.
// see: https://github.com/google/osdetector-gradle-plugin/issues/15
buildscript {
repositories {
mavenCentral()
}
dependencies {
classpath 'com.google.gradle:osdetector-gradle-plugin:1.6.0'
}
}
sourceSets {
@ -13,6 +24,25 @@ sourceSets {
mainClassName = 'google.registry.proxy.ProxyServer'
task deployJar(type: Jar) {
manifest {
attributes 'Main-Class': 'google.registry.proxy.ProxyServer'
}
baseName = 'proxy_server'
version = null
from {
configurations.runtimeClasspath.collect {
it.isDirectory() ? it : zipTree(it)
}
}
// Excludes signature files that accompany some dependency jars, like
// bonuncycastle. It they are present, only classes from those signed jars are
// made available to the class loader.
// see https://discuss.gradle.org/t/signing-a-custom-gradle-plugin-thats-downloaded-by-the-build-system-from-github/1365
exclude "META-INF/*.SF", "META-INF/*.DSA", "META-INF/*.RSA"
with jar
}
dependencies {
compile 'com.beust:jcommander:1.48'
compile 'com.fasterxml.jackson.core:jackson-annotations:2.8.9'
@ -27,7 +57,6 @@ dependencies {
compile 'com.google.code.findbugs:jsr305:3.0.2'
compile 'com.google.dagger:dagger:2.15'
compile 'com.google.flogger:flogger:0.1'
compile 'com.google.guava:guava-jdk5:17.0'
compile 'com.google.guava:guava:27.0-jre'
compile 'com.google.http-client:google-http-client:1.27.0'
compile 'com.google.monitoring-client:metrics:1.0.4'
@ -45,8 +74,9 @@ dependencies {
compile project(':util')
runtime 'com.google.flogger:flogger-system-backend:0.1'
runtime 'io.netty:netty-tcnative-boringssl-static:2.0.20.Final'
runtime 'com.google.auto.value:auto-value:1.6.2'
runtime group: 'io.netty', name: 'netty-tcnative-boringssl-static',
version: '2.0.20.Final', classifier: osdetector.classifier
testCompile 'com.google.monitoring-client:contrib:1.0.4'
testCompile 'com.google.truth:truth:0.42'
@ -63,3 +93,11 @@ dependencies {
annotationProcessor 'com.google.dagger:dagger-compiler:2.15'
testAnnotationProcessor 'com.google.dagger:dagger-compiler:2.15'
}
docker {
javaApplication {
// TODO(jianglai): Peg to a specific hash to enable reproducible build.
baseImage = 'openjdk:8-jre-alpine'
ports = [30000, 30001, 30002, 30011, 30012]
}
}

View file

@ -4,7 +4,6 @@ dependencies {
compile 'com.google.code.findbugs:jsr305:3.0.2'
compile 'com.google.dagger:dagger:2.15'
compile 'com.google.flogger:flogger:0.1'
compile 'com.google.guava:guava-jdk5:17.0'
compile 'com.google.guava:guava:25.1-jre'
compile 'com.google.re2j:re2j:1.1'
compile 'com.ibm.icu:icu4j:57.1'