From f46f817f9ed954ebec4d9ac034d377ad4e1983f5 Mon Sep 17 00:00:00 2001
From: jianglai <jianglai@google.com>
Date: Mon, 19 Nov 2018 15:03:00 -0800
Subject: [PATCH] Create proxy Docker image with Gradle

This CL adds two ways to build an docker image with gradle:

1) Adds a :proxy:deployJar task that builds an uber jar that contains all runtime dependencies. The jar can then be add to a docker image by calling docker with the added Dockerfile. The base image for this image can be both distroless java or openjdk:alpine.

2) Uses the Gradle distribution plugin to build a distribution tar file that contains all dependencies (as separate jar files) and a run script that sets up the classpath before calling the main class. Then the docker application plugin can build a docker image (with the dockerBuildImage task) using the application tar file. This only works with openjdk:alpline base image as the distroless java image does not contain a shell and therefore the script created by the distribution plugin cannot be launched.

We may later decide to use one of the method and remove the other.

Also adds an outcast test pattern that caused the tests to be flaky.

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=222145192
---
 gradle/build.gradle       |  2 ++
 gradle/core/build.gradle  |  6 +----
 gradle/proxy/Dockerfile   |  5 +++++
 gradle/proxy/build.gradle | 46 +++++++++++++++++++++++++++++++++++----
 gradle/util/build.gradle  |  1 -
 5 files changed, 50 insertions(+), 10 deletions(-)
 create mode 100644 gradle/proxy/Dockerfile

diff --git a/gradle/build.gradle b/gradle/build.gradle
index aa96311c6..9627978d6 100644
--- a/gradle/build.gradle
+++ b/gradle/build.gradle
@@ -3,6 +3,7 @@ plugins {
   // Config helper for annotation processors such as AutoValue and Dagger.
   // Ensures that source code is generated at an appropriate location.
   id 'net.ltgt.apt' version '0.19' apply false
+  id 'com.bmuschko.docker-java-application' version '4.0.4' apply false
 }
 
 // Only do linting if the build is successful.
@@ -14,6 +15,7 @@ ext.javatestsDir = "${rootDir}/../javatests"
 
 subprojects {
   repositories {
+    jcenter()
     mavenCentral()
   }
 
diff --git a/gradle/core/build.gradle b/gradle/core/build.gradle
index 8f1621b44..ad7045cee 100644
--- a/gradle/core/build.gradle
+++ b/gradle/core/build.gradle
@@ -14,6 +14,7 @@ def outcastTestPatterns = [
     "google/registry/batch/DeleteContactsAndHostsActionTest.*",
     "google/registry/batch/RefreshDnsOnHostRenameActionTest.*",
     "google/registry/flows/CheckApiActionTest.*",
+    "google/registry/flows/EppLifecycleDomainTest.*",
     "google/registry/flows/EppLifecycleHostTest.*",
     "google/registry/flows/domain/DomainAllocateFlowTest.*",
     "google/registry/flows/domain/DomainApplicationCreateFlowTest.*",
@@ -213,11 +214,6 @@ dependencies {
   maybeRuntime 'org.slf4j:slf4j-api:1.7.16'
   maybeRuntime 'org.tukaani:xz:1.5'
   maybeRuntime 'org.xerial.snappy:snappy-java:1.1.4-M3'
-  maybeRuntime 'org.mortbay.jetty:jetty-util:6.1.26'
-  maybeRuntime 'org.slf4j:slf4j-api:1.7.16'
-  maybeRuntime 'org.tukaani:xz:1.5'
-  maybeRuntime 'org.xerial.snappy:snappy-java:1.1.4-M3'
-  testCompile 'org.yaml:snakeyaml:1.17'
   compile 'xerces:xmlParserAPIs:2.6.2'
   compile 'xpp3:xpp3:1.1.4c'
 
diff --git a/gradle/proxy/Dockerfile b/gradle/proxy/Dockerfile
new file mode 100644
index 000000000..bad276559
--- /dev/null
+++ b/gradle/proxy/Dockerfile
@@ -0,0 +1,5 @@
+# TODO(jianglai): Peg to a specific sha256 hash to enable reproducible build.
+FROM gcr.io/distroless/java
+ADD build/libs/proxy_server.jar .
+ENTRYPOINT ["java", "-jar", "proxy_server.jar"]
+EXPOSE 30000 30001 30002 30010 30012
diff --git a/gradle/proxy/build.gradle b/gradle/proxy/build.gradle
index a1f6e51f1..9c39ca44f 100644
--- a/gradle/proxy/build.gradle
+++ b/gradle/proxy/build.gradle
@@ -1,5 +1,16 @@
-plugins {
-  id 'application'
+apply plugin: 'com.google.osdetector'
+apply plugin: 'application'
+apply plugin: 'com.bmuschko.docker-java-application'
+
+// TODO(jianglai): use plugins block once the osdetctor v1.6.0 works with it.
+// see: https://github.com/google/osdetector-gradle-plugin/issues/15
+buildscript {
+  repositories {
+    mavenCentral()
+  }
+  dependencies {
+    classpath 'com.google.gradle:osdetector-gradle-plugin:1.6.0'
+  }
 }
 
 sourceSets {
@@ -13,6 +24,25 @@ sourceSets {
 
 mainClassName = 'google.registry.proxy.ProxyServer'
 
+task deployJar(type: Jar) {
+  manifest {
+    attributes 'Main-Class': 'google.registry.proxy.ProxyServer'
+  }
+  baseName = 'proxy_server'
+  version = null
+  from {
+    configurations.runtimeClasspath.collect {
+      it.isDirectory() ? it : zipTree(it)
+    }
+  }
+  // Excludes signature files that accompany some dependency jars, like
+  // bonuncycastle. It they are present, only classes from those signed jars are
+  // made available to the class loader.
+  // see https://discuss.gradle.org/t/signing-a-custom-gradle-plugin-thats-downloaded-by-the-build-system-from-github/1365
+  exclude "META-INF/*.SF", "META-INF/*.DSA", "META-INF/*.RSA"
+  with jar
+}
+
 dependencies {
   compile 'com.beust:jcommander:1.48'
   compile 'com.fasterxml.jackson.core:jackson-annotations:2.8.9'
@@ -27,7 +57,6 @@ dependencies {
   compile 'com.google.code.findbugs:jsr305:3.0.2'
   compile 'com.google.dagger:dagger:2.15'
   compile 'com.google.flogger:flogger:0.1'
-  compile 'com.google.guava:guava-jdk5:17.0'
   compile 'com.google.guava:guava:27.0-jre'
   compile 'com.google.http-client:google-http-client:1.27.0'
   compile 'com.google.monitoring-client:metrics:1.0.4'
@@ -45,8 +74,9 @@ dependencies {
   compile project(':util')
 
   runtime 'com.google.flogger:flogger-system-backend:0.1'
-  runtime 'io.netty:netty-tcnative-boringssl-static:2.0.20.Final'
   runtime 'com.google.auto.value:auto-value:1.6.2'
+  runtime group: 'io.netty', name: 'netty-tcnative-boringssl-static',
+      version: '2.0.20.Final', classifier: osdetector.classifier
 
   testCompile 'com.google.monitoring-client:contrib:1.0.4'
   testCompile 'com.google.truth:truth:0.42'
@@ -63,3 +93,11 @@ dependencies {
   annotationProcessor 'com.google.dagger:dagger-compiler:2.15'
   testAnnotationProcessor 'com.google.dagger:dagger-compiler:2.15'
 }
+
+docker {
+  javaApplication {
+    // TODO(jianglai): Peg to a specific hash to enable reproducible build.
+    baseImage = 'openjdk:8-jre-alpine'
+    ports = [30000, 30001, 30002, 30011, 30012]
+  }
+}
diff --git a/gradle/util/build.gradle b/gradle/util/build.gradle
index 2151600bc..04dd7686e 100644
--- a/gradle/util/build.gradle
+++ b/gradle/util/build.gradle
@@ -4,7 +4,6 @@ dependencies {
   compile 'com.google.code.findbugs:jsr305:3.0.2'
   compile 'com.google.dagger:dagger:2.15'
   compile 'com.google.flogger:flogger:0.1'
-  compile 'com.google.guava:guava-jdk5:17.0'
   compile 'com.google.guava:guava:25.1-jre'
   compile 'com.google.re2j:re2j:1.1'
   compile 'com.ibm.icu:icu4j:57.1'