carlossg
commented
1 year ago this is documented in https://github.com/carlossg/docker-maven#installed-packages
Closed seanmmills closed 4 hours ago
carlossg
commented
1 year ago this is documented in https://github.com/carlossg/docker-maven#installed-packages
seanmmills
commented
1 year ago this is documented in https://github.com/carlossg/docker-maven#installed-packages
I saw that, but even the 2 images with it documented as having ssh, don't have it any longer. Since the prepare phase of the maven-release-plugin requires it, shouldn't the Dockerfiles be updated to install it?
The only image with ssh installed is the first one in the console snippet below.
M635295~(:|✔) % docker run -it --rm --entrypoint=/bin/bash maven:3.8-eclipse-temurin-17
root@9c611061e743:/# which ssh
/usr/bin/ssh
root@9c611061e743:/# exit
exit
M635295~(:|✔) % docker run -it --rm --entrypoint=/bin/bash maven:3-eclipse-temurin-17
root@d2a96dddc94b:/# which ssh
root@d2a96dddc94b:/# exit
exit
M635295~(:|✔) % docker run -it --rm --entrypoint=/bin/bash maven:3-eclipse-temurin-20
root@98a75e977a70:/# which ssh
root@98a75e977a70:/# exit
exit
M635295~(:|✔) % docker run -it --rm --entrypoint=/bin/bash maven:3-eclipse-temurin-19
root@690138b501db:/# which ssh
root@690138b501db:/# exit
exit
M635295~(:|✔) %
you have outdated images cached
❯ docker run -it --rm --entrypoint=/bin/bash maven:3.8-eclipse-temurin-17 ssh -V
Unable to find image 'maven:3.8-eclipse-temurin-17' locally
3.8-eclipse-temurin-17: Pulling from library/maven
10ac4908093d: Already exists
6df15e605e38: Already exists
2db012dd504c: Pull complete
8fa912900627: Pull complete
ec28444188f6: Pull complete
b09ac0d3a787: Pull complete
89710259c749: Pull complete
41a53e760871: Pull complete
Digest: sha256:76789e7bf6713b7fe617b0e72ccf1e0cc23425bc41610c878f13a9b2ffd2127d
Status: Downloaded newer image for maven:3.8-eclipse-temurin-17
/usr/bin/ssh: /usr/bin/ssh: cannot execute binary fileI've noticed that there was a problem with the tests and ssh is not installed in any image, fixed in #380 My guess is that upstream images removed it at some point
carlossg
commented
1 year ago Since the prepare phase of the maven-release-plugin requires it
only if you use git over ssh with native implementation, there is also the java implementation https://maven.apache.org/scm/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/index.html
seanmmills
commented
1 year ago Ah okay, makes more sense now. I purged my images and see the same now. Updating hundreds of projects to use jgit is not feasible for our development teams. We'd be forced to maintain our own maven images which is something I like to avoid. Would you consider a PR if I were to add ssh to all the Dockerfiles and resolve any tests?
timothystone
commented
1 year ago Any updates on this? Seems like a legitimate need for expected compatibility of core Maven plugins.
Maybe jgit is a workaround, but it can be troublesome in numerous edge cases. Seems I recall GPG signing was a problem in the past. It would be good for the project to have an official "Yay" or "Nay" on resolution of this issue. I see the documentation and the note "that upstream images removed it at some point."
I'm not adverse to maintaining my own image, but some organizations are not equipped.
timothystone
commented
1 year ago Would you consider a PR if I were to add
sshto all the Dockerfiles and resolve any tests?
OSS invites PRs @seanmmills. I suggest forking and opening the PR to solicit comments from the maintainers. No harm is done. Others can pull from your work should the maintainers opt out of the need.
There’s a strong argument for maintaining bespoke images as an organization if needs are not met by the publicly available project. This is not always possible depending in the organization’s access or desire to maintain and secure registries, i.e., Artifactory/Nexus/DockerHub/GitHub
I see the position many take with core Maven plugins need of ssh and agree a Maven image should tack toward tooling in support of said plugins, though I will defer to the maintainers if there is an explicit project goal being met.
carlossg
commented
1 year ago I'd rather not add ssh given that none of the upstream jdk images include it. That said, if enough people vote for this issue (with 👍 reactions at the top) I would accept a PR for it
MartinMeinhold
commented
9 months ago I'd rather not add ssh given that none of the upstream jdk images include it.
Out of curiosity: what's the reason for the negative sentiment towards shipping the native ssh client?
I think I understand why the upstream image doesn't want to ship it, mostly likely due to different use cases of a plain Java image. Maven on the other side seems to always having to interact with external systems one way or another and providing a CLI that works with most VCS systems out of the box seems like a reasonable idea to me.
GauthierPLM
commented
8 months ago I agree with @MartinMeinhold: maven integrates VCS support via various plugins, most famously the Maven Release plugin, which is a core maven plugin.
This change between Maven 3.8 and 3.9 images means many build pipeline will be broken as the release plugin won't be working anymore if SSH was used to push back commits (this is how I discovered this change). Meanwhile, it's not mentioned anywhere and up to user to discover that this image is no longer supporting git over SSH.
While it makes sense that a JDK image does not include SSH (since it's usually not needed), not having it in a build tool natively supporting VCS using SSH (most notably Git) feel much more surprising.
Latest images don't have
sshwhich is required by themaven-release-pluginI found the issue on
maven:3-eclipse-temurin-17, but I spot checked several others and each had the same issue.