jib | 🏗 Build container images for your Java applications | Continuous Deployment library

 by   GoogleContainerTools Java Version: v3.3.2-maven License: Apache-2.0

kandi X-RAY | jib Summary

kandi X-RAY | jib Summary

jib is a Java library typically used in Devops, Continuous Deployment, Gradle, Docker, Maven applications. jib has no bugs, it has no vulnerabilities, it has build file available, it has a Permissive License and it has high support. You can download it from GitHub, Maven.

Jib builds optimized Docker and OCI images for your Java applications without a Docker daemon - and without deep mastery of Docker best-practices. It is available as plugins for Maven and Gradle and as a Java library. Maven: See documentation for jib-maven-plugin. Gradle: See documentation for jib-gradle-plugin. Jib Core: A general-purpose container-building library for Java. Jib CLI: A command-line interface for building images that uses Jib Core. For more information, check out the official blog post or watch this talk (slides).
Support
    Quality
      Security
        License
          Reuse

            kandi-support Support

              jib has a highly active ecosystem.
              It has 12824 star(s) with 1392 fork(s). There are 332 watchers for this library.
              OutlinedDot
              It had no major release in the last 12 months.
              There are 143 open issues and 1400 have been closed. On average issues are closed in 21 days. There are 26 open pull requests and 0 closed requests.
              OutlinedDot
              It has a negative sentiment in the developer community.
              The latest version of jib is v3.3.2-maven

            kandi-Quality Quality

              jib has 0 bugs and 0 code smells.

            kandi-Security Security

              jib has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.
              jib code analysis shows 0 unresolved vulnerabilities.
              There are 0 security hotspots that need review.

            kandi-License License

              jib is licensed under the Apache-2.0 License. This license is Permissive.
              Permissive licenses have the least restrictions, and you can use them in most projects.

            kandi-Reuse Reuse

              jib releases are available to install and integrate.
              Deployable package is available in Maven.
              Build file is available. You can build the component from source.
              Installation instructions are available. Examples and code snippets are not available.
              It has 56842 lines of code, 4123 functions and 670 files.
              It has medium code complexity. Code complexity directly impacts maintainability of the code.

            Top functions reviewed by kandi - BETA

            kandi has reviewed jib and discovered the below as its top functions. This is intended to give you an instant insight into jib implemented functionality, and help decide if they suit your requirements.
            • Build a JavaContainerBuilder .
            • Builds a list of layers from a file specification .
            • Builds the project artifacts .
            • Build docker .
            • Build an image .
            • Build the tar image .
            • Updates an image builder with the given container configuration template .
            • Pull the base image manifest .
            • Extracts a docker image from a tar archive .
            • Run the build .
            Get all kandi verified functions for this library.

            jib Key Features

            No Key Features are available at this moment for jib.

            jib Examples and Code Snippets

            No Code Snippets are available at this moment for jib.

            Community Discussions

            QUESTION

            Including files (NOT classpath resource) in Quarkus Native
            Asked 2022-Apr-08 at 06:02

            In Quarkus, to include random files as classpath resource, we use quarkus.native.resources.includes (https://quarkus.io/guides/writing-native-applications-tips#including-resources).

            How to include files in the file system? I.e. something read using new File(thePath).

            If we use Jib, we simply put those files inside src/main/jib. But that's for non-native.

            ...

            ANSWER

            Answered 2022-Apr-08 at 06:02

            Building a native binary has nothing to do with adding files to the file system of the target platform.

            If your goal is to create a container image using the native binary and also add files to the container image's filesystem, then you can use Quarkus with Jib and the files to src/main/jib (as you mentioned). These files will be included on the built container image as described here.

            Source https://stackoverflow.com/questions/71787633

            QUESTION

            Best practices while building docker images for spring boot app via gradle
            Asked 2022-Mar-31 at 18:39

            I am planning to use gradle as build tool with docker for containerizing spring boot applications.

            I currently have one question regarding best practices/pros/cons from:
            a. from general perspective as a best practice.
            b. from CI /CD perspective.

            I have understood that I can do it in three ways:

            1. Do gradle build by running command on your host machine + then dockerize your spring boot app

            eg:

            ...

            ANSWER

            Answered 2022-Mar-31 at 18:39

            After almost 7 years of building Docker images from Gradle, long before Docker became a commonplace thing, I’ve never done option 2. I’ve done options 1 and 3, primarily 3.

            The problem with #1 is that you lose the information from your Gradle project that can be used to build the image, like the location of the jar file and the project name (there are several others). You end up redefining them on the command line, and the result could be very different.

            The problem with #2 is the loss of developer productivity and conflating responsibilities. I can’t imagine building a Docker image every time I made a change to the code. Gradle is a build tool, Docker is a delivery mechanism, and they have different goals.

            There are many articles that you can find online for building Docker images that apply equally well to Spring applications. Most notably:

            1. Use layers to avoid rebuilding code not changed.
            2. Use a Gradle Docker plugin to integrate Docker build within Gradle. I’m not sure if the Spring Boot plugin has integrated Docker build task now, if so, use that.
            3. Use a JRE as base instead of JDK if your code can live with that. Many projects don’t need JDK to run.

            Source https://stackoverflow.com/questions/71697307

            QUESTION

            How to quickly detect and remove log4j classes from our code base and the base image? "mvn dependency:tree" does not check base image
            Asked 2022-Mar-21 at 09:08

            We are building an app based on Red Hat JBoss AMQ 6. We wrap some Java code around the base image to provide extra functionalities which are lacking in AMQ 6.

            Now, when the CVE of Log4j stroke, we found that this component is vulnerable because it uses log4j 1.x. Now I don't just mean our Java code uses it, but also the base image of Red Hat AMQ 6 uses it. As AMQ 6 is EOL now, Red Hat does not provide support anymore, so there will not be official releases with fix.

            So, how do I remove vulnerable log4j 1.x classes from:

            • my Java code
            • the base image

            ?

            I am building with jib maven plugin.

            It seems mvn dependency:tree only gives info about our Java wrapper code, not about the base image. And I don't understand what does the "+" and "-" mean while it gives output like this:

            ...

            ANSWER

            Answered 2022-Mar-21 at 09:08
            Step 1: Dealing with our wrapping Java code base

            For our code, we do:

            Source https://stackoverflow.com/questions/70333482

            QUESTION

            Google Jib - Is it possible to run a linux command at container startup using CMD/ENTRYPOINT?
            Asked 2022-Mar-16 at 14:38

            Is it possible to run a linux command whenever container starts from jib image using cmd or entrypoint or any other mechanism in jib maven plugin and then start the java process ?

            In my case i want to run this command:

            ...

            ANSWER

            Answered 2022-Mar-16 at 14:38

            You can always set a custom entrypoint using . You can start a shell script, run a different program, etc. Sometimes, you may want to use the feature to copy a script (and give executable permissions to it).

            See here for some ideas to run a shell script:

            Another option is to define your own to use a shell. (Therefore, you need a base image that includes a shell binary (such as /bin/bash). Note that the default base image prior to Jib 3.0 was Distroless and did not include a shell program. OTOH, Jib 3.0+ doesn't use Distroless.) In this method, you'll need to know the right Java runtime classpath and the main class to use in your JVM launch command. To help this, starting with Jib >= 3.1, Jib creates two JVM argument files inside a built image; they will hold, respectively, the classpath and the main class inside a built image.

            Knowing the entrypoint, you can write a shell script (my-entrypoint.sh):

            Source https://stackoverflow.com/questions/69254438

            QUESTION

            503 from server: Service Unavailable: Back-end server is at capacity
            Asked 2022-Mar-07 at 17:47

            I'm trying to build a jib based container with gradle.

            I'm getting a 503 error when it tries to GET an xml file from jfrog.org.

            ...

            ANSWER

            Answered 2022-Mar-07 at 17:47

            Heard back from Jfrog support.

            The repo https://repo.jfrog.org/artifactory/ has been deprecated.

            Replace it with: https://repo1.maven.org/maven2

            Source https://stackoverflow.com/questions/71355153

            QUESTION

            jib - customized entrypoint can only remove classes at runtime, but will fail 3pp vulnerability check before deployment
            Asked 2022-Feb-25 at 16:45

            I am using Jib to pull a base image, add my wrapper java code to it, and build my image on top of that. Due to the widely known log4j CVE in December 2021, we are looking for a way to remove the vulnerable classes. (Now more CVEs are found in 2022, one of them has a score of 10.0, the highest possible. See https://www.cvedetails.com/vulnerability-list/vendor_id-45/product_id-37215/Apache-Log4j.html)

            The base image is near EOL, so the provider answered that they would not release a new version; besides, log4j 1.x also reached EOL long before. But the current situation is that we have no plan of upgrading the base image to next version, so removing the classes seem to be the only way now.

            The base image will use /opt/amq/bin/launch.sh as entrypoint. And I have found that I can use customized entrypoint to run a script before that, which removes the classes. Like /opt/amq/bin/my_script.sh, and in that I have run_fix.sh && /opt/amq/bin/launch.sh.

            Then I realized that even this would work by mitigating the risk when the application is actually running, the vulnerability scan(part of security process) will still raise alarms while examining the image binary, as this is a static process done before the image is uploaded to the docker registry for production, way before actually running it. They can only be removed at the moment when the application runs, aka at runtime.

            Can jib pre-process the base image while doing Maven build(mvn clean install -Pdocker-build) instead of only allowing it at runtime? According to what I have read, I understand it's a big NO, and there's no plugin for it yet.

            ...

            ANSWER

            Answered 2022-Feb-25 at 16:45

            By the design of container images, it is impossible for anyone or any tool to physically remove files from an already existing container image. Images are immutable. The best you can try is "mark deletion" with some special "whiteout" file (.wh.xyz), which a container runtime will hide the target files at runtime.

            However, I am not sure if your vulnerability scanner will take the effect of whiteout files into account during scanning. Hopefully it does. If it doesn't, the only option I can think of is to re-create your own base image.

            Take a look at this Stack Overflow answer for more details.

            Source https://stackoverflow.com/questions/71249883

            QUESTION

            How to decide Quarkus application arguments in Kubernetes at run-time?
            Asked 2022-Feb-21 at 20:35

            I've built a Quarkus 2.7.1 console application using picocli that includes several subcommands. I'd like to be able to run this application within a Kubernetes cluster and decide its arguments at run-time. This is so that I can use the same container image to run the application in different modes within the cluster.

            To get things started I added the JIB extension and tried setting the arguments using a configuration value quarkus.jib.jvm-arguments. Unfortunately it seems like this configuration value is locked at build-time so I'm unable to update this at run-time.

            Next I tried setting quarkus.args while using default settings for JIB. The configuration value documentation makes it sound general enough for the job but it doesn't seem to have an affect when the application is run in the container. Since most references to this configuration value in documentation are in the context of Dev Mode I'm wondering if this may be disabled outside of that.

            How can I get this application running in a container image with its arguments decided at run-time?

            ...

            ANSWER

            Answered 2022-Feb-16 at 16:11

            I was able to find a solution to the problem with a bit of experimenting this morning.

            With the quarkus-container-image-docker extension (instead of quarkus.jib.jvm-arguments) I was able to take the template Dockerfile.jvm and extend it to pass through arguments to the CLI. The only line that needed changing was the ENTRYPOINT (details included in the snippet below). I changed the ENTRYPOINT form (from exec to shell) and added an environment variable as an argument to pass-through program arguments.

            Source https://stackoverflow.com/questions/71118896

            QUESTION

            Container Creation Fails with Jib after upgrading to 2.7.0.Final
            Asked 2022-Feb-14 at 06:46

            The container creation fails with the message "Error": "OCI runtime create failed: container_linux.go:380: starting container process caused: exec: "/deployments/run-java.sh": stat /deployments/run-java.sh: no such file or directory: unknown",

            The whole process works fine when I change the Quarkus version from 2.7.0.Final to 2.6.3.Final.

            I am using jib to generate the image. Please let me know if I am missing anything.

            ...

            ANSWER

            Answered 2022-Feb-14 at 06:46

            This is due to the change in base image that went in with Quarkus 2.7. See the relevant entry in the migration guide. The new base image does not contain the /deployments/run-java.sh shell script.

            You can go back to the base image used in previous Quarkus versions using quarkus.jib.base-jvm-image=fabric8/java-alpine-openjdk11-jre

            Source https://stackoverflow.com/questions/71107654

            QUESTION

            JIB with GitHub Actions
            Asked 2022-Feb-10 at 08:29
            Introduction

            I am currently create a GitHub Actions with that build a container automatically.

            And I'm wondering if it's possible to create a GitHub action that automatically builds the container without adding JIB in the project's pom.xml ?

            If we can t do this, can you show me how?

            ...

            ANSWER

            Answered 2022-Jan-31 at 15:26

            We are obliged to configure the pom.xml, we cannot do otherwise.

            You can go here: https://github.com/GoogleContainerTools/jib to get more information about JIB.

            Source https://stackoverflow.com/questions/70928372

            QUESTION

            GitHub Actions: Error 401 Unauthorized in JIB maven plugin
            Asked 2022-Feb-09 at 23:46
            Introduction

            I am currently to create a composite GitHub Actions that build a container from Java project with JIB and publish it automatically to a GitHub Packages and Maven Central.

            Problematic

            But I got this error when I try to run it:

            ...

            ANSWER

            Answered 2022-Feb-09 at 23:46

            Everything looks good. Jib retrieved credentials from -Dto.auth.{username|password}.

            Source https://stackoverflow.com/questions/71045302

            Community Discussions, Code Snippets contain sources that include Stack Exchange Network

            Vulnerabilities

            No vulnerabilities reported

            Install jib

            Maven - See the jib-maven-plugin Quickstart. Gradle - See the jib-gradle-plugin Quickstart. Jib Core - See the Jib Core Quickstart. Jib CLI - See the Jib CLI doc.
            Maven - See the jib-maven-plugin Quickstart.
            Gradle - See the jib-gradle-plugin Quickstart.
            Jib Core - See the Jib Core Quickstart.
            Jib CLI - See the Jib CLI doc.

            Support

            We welcome contributions! Here's how you can contribute:.
            Find more information at:

            Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items

            Find more libraries

            Stay Updated

            Subscribe to our newsletter for trending solutions and developer bootcamps

            Agree to Sign up and Terms & Conditions

            Share this Page

            share link