search

GradleUp / shadow

Gradle plugin to create fat/uber JARs, apply file transforms, and relocate packages for applications and libraries. Gradle version of Maven's Shade plugin.
https://www.gradleup.com/shadow/
Apache License 2.0
3.73k stars 393 forks source link

a way to create fatjar with bouncy castle #227

Closed magg closed 8 years ago

magg commented 8 years ago

I think this pretty much impossible, according to my research on google

I get errors when running, saying my own class has unsigned entries - com/oracle/miggonza/host_validation/domain/Resource.class

Shadow Version

1.2.3

Gradle Version

2.14

Gradle Build Script(s)

buildscript {
repositories {
mavenCentral()
jcenter()
}

dependencies {
classpath 'com.github.jengelman.gradle.plugins:shadow:1.2.3'
}
}

apply plugin: 'java'
apply plugin: 'eclipse'
apply plugin: 'idea'
apply plugin: 'application'
apply plugin: 'com.github.johnrengelman.shadow'

mainClassName = 'com.oracle.miggonza.host_validation.HostValidation'
version = '0.0.1-SNAPSHOT'

jar {
manifest {
attributes 'Implementation-Title': 'Host Validator', 'Implementation-Version': version
}
}

shadowJar {
mergeServiceFiles()
baseName = project.name
manifest {
attributes 'Main-Class': 'com.oracle.miggonza.host_validation.HostValidation'
}

}

sourceCompatibility = 1.7
targetCompatibility = 1.7

repositories {
mavenCentral()
maven { url "https://repo.spring.io/libs-snapshot" }

jcenter()

}

dependencies {

compile "commons-codec:commons-codec:1.10"
compile 'org.apache.commons:commons-csv:1.1'
compile "commons-cli:commons-cli:1.2"
compile 'log4j:log4j:1.2.17'
compile 'org.slf4j:slf4j-log4j12:1.7.18'
compile group: 'com.jcraft', name: 'jzlib', version: '1.1.3'
shadow group: 'org.bouncycastle', name: 'bcprov-jdk15on', version: '1.54'
shadow group: 'org.bouncycastle', name: 'bcprov-jdk15on', version: '1.54'

compile "com.hierynomus:sshj:0.15.0"

// proprietary jars
compile fileTree(dir: 'lib', include: '*.jar')

}

eclipse {
classpath {
containers.remove('org.eclipse.jdt.launching.JRE_CONTAINER')
containers 'org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8'
}
}

task wrapper(type: Wrapper) {
gradleVersion = '2.14'
}

Content of Shadow JAR (jar tf <jar file> - post link to GIST if too long)

https://gist.github.com/anonymous/bab20d1c065837897c5dae2632c43576

johnrengelman commented 8 years ago

You can't bundle a cryptographic library. They have to be signed for the JVM to load them, and the signature is destroyed when merged into the shadow jar.

johnrengelman commented 8 years ago

It is possible to do this using the shadow configuration. I've done this a number of times. Not sure what the error regarding your class is about. I would suspect you'll get that error if you run with a normal JAR and classpath.

magg commented 8 years ago

Oh I see

how would you run it then?

johnrengelman commented 8 years ago

Somehow the bouncycastle lib is ending up in your shadow jar even though you are declaring in on the shadow configuration. It's probably coming in from a transitive dependency. You could try excluding bouncycastle explicitly to se if that helps.

shadowJar {
  dependencies {
    exclude(dependency('org.bouncycastle:bcprov-jdk15on'))
  }
}
ddskolla commented 5 years ago

Still a bit unclear on if it's possible to make bouncycastle like crypto libs as an external dependency to the fat jar. The convo above seems to be incomplete somehow in this fact ? I tried many different ways of configuring shadow dependencies with no luck. The doco here : https://imperceptiblethoughts.com/shadow/configuration/#configuring-the-runtime-classpath seems to explain exactly what i want but was unable to get it going as the BC dependency always ended up in the final jar.