IK.AM

@making's tech note

Use a Private Maven Repository when building Java app images on Tanzu Application Platform

🗃 {Dev/CaaS/Kubernetes/TAP}
🏷 Kubernetes 🏷 Maven 🏷 TAP 🏷 Tanzu 🏷 Tanzu Build Service 🏷 kpack 
🗓 Updated at 2023-01-27T04:00:37Z  🗓 Created at 2022-12-16T04:41:41Z {✒️️ Edit  ⏰ History  🗑 Delete}  🇯🇵 Original entry

⚠️ The content of this article is not supported by VMware. Any issues arising from the content of this article are your responsibility and please do not contact VMware Support.

A note for when deploying Java applications with the Private Maven Repository on TAP.

Assumed to be used for cache purposes or internal library hosting.

Here is the reference document.
https://docs.vmware.com/en/VMware-Tanzu-Application-Platform/1.3/tap/GUID-tanzu-build-service-tbs-workload-config.html

Install Maven Repository

Here we use the lightweight https://github.com/jenkins-x/bucketrepo as a Private Maven Repository.

Install bucektrepo using Helm Chart.

helm repo add jx3 https://jenkins-x-charts.github.io/repo
helm repo update

Generate manifest with helm template command

helm template bucketrepo jx3/bucketrepo -n bucketrepo --set secrets.adminUser.username=admin --set secrets.adminUser.password=changeme > bucketrepo.yaml

Deploy bucketrepo

kubectl create ns bucketrepo
kubectl apply -n bucketrepo -f bucketrepo.yaml

Check Pods

$ kubectl get pod -n bucketrepo
NAME                                     READY   STATUS    RESTARTS   AGE
bucketrepo-bucketrepo-5f8fcd86f7-xxkgz   1/1     Running   0          32s

Check Services

$ kubectl get svc -n bucketrepo 
NAME         TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)   AGE
bucketrepo   ClusterIP   10.96.131.38   <none>        80/TCP    87s

Prepare settings.xml

Here, describe the setting to use bucketrepo as the mirror repository in settings.xml and set it to Secret in the following format.

cat <<EOF > settings-xml.yaml
apiVersion: v1
kind: Secret
metadata:
  name: settings-xml
type: service.binding/maven
stringData:
  type: maven
  settings.xml: |
    <settings xmlns="http://maven.apache.org/SETTINGS/1.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 https://maven.apache.org/xsd/settings-1.0.0.xsd">
      <servers>
        <server>
          <id>bucketrepo</id>
          <username>admin</username>
          <password>changeme</password>
        </server>
      </servers>

      <mirrors>
        <mirror>
          <id>bucketrepo</id>
          <name>bucketrepo</name>
          <url>http://bucketrepo.bucketrepo.svc.cluster.local/bucketrepo</url>
          <mirrorOf>*</mirrorOf>
        </mirror>
      </mirrors>
    </settings>
EOF

Create this Secret in the namespace where you create your Workload.

kubectl apply -f settings-xml.yaml -n demo

Create a Workload

Refer to the Secret that sets settings.xml in buildServiceBindings param

tanzu apps workload apply tanzu-java-web-app \
  -n demo\
  --git-repo https://github.com/vmware-tanzu/application-accelerator-samples \
  --git-branch main \
  --sub-path tanzu-java-web-app \
  --type web \
  --app tanzu-java-web-app \
  --param-yaml buildServiceBindings='[{"name": "settings-xml", "kind": "Secret"}]' \
  --annotation autoscaling.knative.dev/minScale=1 \
  -y

Since there is no cache in the bucketrepo for the first time, it takes about the same amount of time as a normal build without a mirror repository.

$ kubectl logs -n demo tanzu-java-web-app-build-1-build-pod -c build | grep 'BUILD SUCCESS' -B 1 -A 4
      [INFO] ------------------------------------------------------------------------
      [INFO] BUILD SUCCESS
      [INFO] ------------------------------------------------------------------------
      [INFO] Total time:  02:17 min
      [INFO] Finished at: 2022-12-14T04:00:19Z
      [INFO] ------------------------------------------------------------------------

Delete the Workload once so that the cache by Build Service disappears.

tanzu apps workload delete -n demo tanzu-java-web-app -y

Create the Workload again

tanzu apps workload apply tanzu-java-web-app \
  -n demo\
  --git-repo https://github.com/vmware-tanzu/application-accelerator-samples \
  --git-branch main \
  --sub-path tanzu-java-web-app \
  --type web \
  --app tanzu-java-web-app \
  --param-yaml buildServiceBindings='[{"name": "settings-xml", "kind": "Secret"}]' \
  --annotation autoscaling.knative.dev/minScale=1 \
  -y

Build completed in 10 seconds without caching by Build Service. So fast!

$ kubectl logs -n demo tanzu-java-web-app-build-1-build-pod -c build | grep 'BUILD SUCCESS' -B 1 -A 4
      [INFO] ------------------------------------------------------------------------
      [INFO] BUILD SUCCESS
      [INFO] ------------------------------------------------------------------------
      [INFO] Total time:  10.674 s
      [INFO] Finished at: 2022-12-14T04:09:05Z
      [INFO] ------------------------------------------------------------------------

To use this settings.xml during testing, you need to configure Tekton (Pipeline) separately.

Like bellow:

apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
  name: maven-test-pipeline
  labels:
    apps.tanzu.vmware.com/pipeline: test
    apps.tanzu.vmware.com/language: java
spec:
  params:
  - name: source-url
  - name: source-revision
  tasks:
  - name: test
    params:
    - name: source-url
      value: $(params.source-url)
    - name: source-revision
      value: $(params.source-revision)
    taskSpec:
      volumes:
      - name: settings-xml
        secret:
          secretName: settings-xml
      params:
      - name: source-url
      - name: source-revision
      steps:
      - name: test
        image: eclipse-temurin:17
        volumeMounts:
        - mountPath: /opt/maven
          name: settings-xml
          readOnly: true
        script: |-
          set -ex
          cd `mktemp -d`
          curl -s $(params.source-url) | tar -m -xzvf -
          ./mvnw clean test -V -s /opt/maven/settings.xml