paketo-buildpacks / libjvm

A library and helper applications that form the basis for building the different Paketo-style JVM-providing buildpacks
Apache License 2.0
19 stars 21 forks source link

Provide an option to use run image with preinstalled JRE/JVM #31

Closed vkochnev closed 4 years ago

vkochnev commented 4 years ago

Can you provide an option to use run image with preinstalled Java? This will allow to use security team pre-approved base images with Java. Now we cannot actually make use of buildpacks.

nebhale commented 4 years ago

@vkochnev Thanks for your request. Unfortunately, supporting pre-installed JVMs isn't in the spirit of the Cloud Native Buildpacks project and therefore we won't be doing this.

To give you a little context, Stacks (the base image analog for Cloud Native Buildpacks) should only provide ABI-compatible software. The JVM has never been (and admittedly never claimed to be) ABI compatible between releases. Therefore it is unsafe for us to rebase an application's image that has a JVM in it without retesting the entire thing from scratch.

We provide Cloud Native Buildpacks for a number of popular JVM distributions

and if there is another OpenJDK-based freely distributable distribution that you'd like us to support, please feel free to open an issue about it. If you can't use one of the seven current distributions, you'd be better off creating your own buildpack to provide the enterprise sanctioned binaries you can use. libjvm does the heavy lifting and If you look at BellSoft Liberica for example, you'll find that the entire buildpack code is contained in a single Golang file and a list of dependencies.

vkochnev commented 4 years ago

@nebhale I understand the rationale and appreciate your explanation. Creation of a custom buildpack definitely doesn't look too difficult and we will check if it is worth investing in this. Or maybe we'll use another approach. Thanks!

nebhale commented 4 years ago

@vkochnev Please keep in touch and let us know either how it goes or how we can help you. As you can see, it’s not a technical issue (we’d have already done it if it was!), but a philosophical one. We work with many enterprises that have these kinds of requirements and I’m interested in hearing what ended up being acceptable for yours.