feat: use debian base image for java-library-generation
#3817
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
product-auto-label
bot
added
size: m
|
|
blakeli0
reviewed
May 29, 2025
| @@ -34,27 +34,7 @@ RUN mvn install -B -ntp -DskipTests -Dclirr.skip -Dcheckstyle.skip | |||
| RUN cp "/root/.m2/repository/com/google/api/gapic-generator-java/${DOCKER_GAPIC_GENERATOR_VERSION}/gapic-generator-java-${DOCKER_GAPIC_GENERATOR_VERSION}.jar" \ | |||
| "./gapic-generator-java.jar" | |||
|
|
|||
| FROM docker.io/library/alpine:3.21.2@sha256:56fa17d2a7e7f168a043a2712e63aed1f8543aeafdcee47c58dcffe38ed51099 as glibc-compat | |||
There was a problem hiding this comment.
Can you remind me why we chose alpine in the first place?
There was a problem hiding this comment.
Alpine is promoted as a lightweight base image that happens to be secure due to it's smaller attack surface.
Moving to debian-slim gives us a slightly heavier image but compatible with glibc.
zhumin8
reviewed
May 30, 2025
|
|
||
| # 3.12.7-alpine3.20 | ||
| FROM us-docker.pkg.dev/artifact-foundry-prod/docker-3p-trusted/python@sha256:b83d5ec7274bee17d2f4bd0bfbb082f156241e4513f0a37c70500e1763b1d90d as final | ||
| # 3.12.3-slim-bookworm |
There was a problem hiding this comment.
Is this older version of the public image above? docker.io/library/python:3.13.2-slim
There was a problem hiding this comment.
It unfortunately is, since Airlock has a delay. I thought it's a good temporary base image in the meantime.
I'm planning to update to the slim image I requested to import into Airlock.
zhumin8
approved these changes
May 30, 2025
jinseopkim0
approved these changes
May 30, 2025
blakeli0
approved these changes
May 30, 2025
zhumin8
pushed a commit
that referenced
this pull request
Jun 2, 2025
🤖 I have created a release *beep* *boop* --- <details><summary>2.59.0</summary> ## [2.59.0](v2.58.0...v2.59.0) (2025-06-02) ### Features * add logic to set universe domain to ServiceAccountJwtAccessCredentials ([#3806](#3806)) ([5b45708](5b45708)) * use debian base image for `java-library-generation` ([#3817](#3817)) ([94d0b30](94d0b30)) ### Bug Fixes * manage graalvm image versions via Hermetic Build templates _only_ ([#3800](#3800)) ([244c5dc](244c5dc)) ### Dependencies * update dependency com.google.oauth-client:google-oauth-client-bom to v1.39.0 ([#3813](#3813)) ([196a7ca](196a7ca)) * update google api dependencies ([#3791](#3791)) ([45ef2e0](45ef2e0)) * update google auth library dependencies to v1.36.0 ([#3814](#3814)) ([07f834a](07f834a)) * update grpc dependencies to 1.71.0 ([#3807](#3807)) ([49a7ae5](49a7ae5)) * Upgrade Protobuf-Java to v3.25.8 ([#3810](#3810)) ([ab90662](ab90662)) </details> --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com>
lqiu96
pushed a commit
that referenced
this pull request
Jun 10, 2025
This PR switches the base image of `java-library-generation` to `python-3.13.2-slim`, based on `debian-slim`. https://hub.docker.com/layers/library/python/3.13.2-slim/images/sha256-8feb1b384bf6755cd1a180d65ec065c742aa1602f026993c33475be6ade2fb2e Our image is an infrastructure image not meant to be used by our final users. This solves the ongoing "compatibility layer" problems previously caused by our [GLIBC compatibility layer](https://github.com/googleapis/sdk-platform-java/blob/b87fd5e1af37af01cff1a51e3e50efcf048a3c27/.cloudbuild/library_generation/library_generation.Dockerfile#L37-L55). For context on this change: [doc](https://docs.google.com/document/d/1wI5VZG5gMCkt4ZyvL6wbf2IeyJrY9pFthFVuAY1kfWw/edit?resourcekey=0-aIfwb5NHqpBlQnbYsD19qw&tab=t.0#heading=h.7xlry2sxrwzj)
lqiu96
pushed a commit
that referenced
this pull request
Jun 10, 2025
🤖 I have created a release *beep* *boop* --- <details><summary>2.59.0</summary> ## [2.59.0](v2.58.0...v2.59.0) (2025-06-02) ### Features * add logic to set universe domain to ServiceAccountJwtAccessCredentials ([#3806](#3806)) ([5b45708](5b45708)) * use debian base image for `java-library-generation` ([#3817](#3817)) ([94d0b30](94d0b30)) ### Bug Fixes * manage graalvm image versions via Hermetic Build templates _only_ ([#3800](#3800)) ([244c5dc](244c5dc)) ### Dependencies * update dependency com.google.oauth-client:google-oauth-client-bom to v1.39.0 ([#3813](#3813)) ([196a7ca](196a7ca)) * update google api dependencies ([#3791](#3791)) ([45ef2e0](45ef2e0)) * update google auth library dependencies to v1.36.0 ([#3814](#3814)) ([07f834a](07f834a)) * update grpc dependencies to 1.71.0 ([#3807](#3807)) ([49a7ae5](49a7ae5)) * Upgrade Protobuf-Java to v3.25.8 ([#3810](#3810)) ([ab90662](ab90662)) </details> --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com>
svc-squareup-copybara
pushed a commit
to cashapp/misk
that referenced
this pull request
Jun 26, 2025
| Package | Type | Package file | Manager | Update | Change | |---|---|---|---|---|---| | [com.google.api.grpc:proto-google-common-protos](https://github.com/googleapis/sdk-platform-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2.58.2` -> `2.59.0` | | [com.google.api:gax](https://github.com/googleapis/sdk-platform-java) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2.67.2` -> `2.68.0` | | [com.google.errorprone:error_prone_annotations](https://errorprone.info) ([source](https://github.com/google/error-prone)) | dependencies | misk/gradle/libs.versions.toml | gradle | minor | `2.38.0` -> `2.39.0` | | [org.jetbrains.kotlinx.binary-compatibility-validator](https://github.com/Kotlin/binary-compatibility-validator) | plugin | misk/gradle/libs.versions.toml | gradle | minor | `0.17.0` -> `0.18.0` | | [com.autonomousapps.dependency-analysis](https://github.com/autonomousapps/dependency-analysis-android-gradle-plugin) | plugin | misk/gradle/libs.versions.toml | gradle | minor | `2.18.0` -> `2.19.0` | | [software.amazon.awssdk:sdk-core](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.69` -> `2.31.70` | | [software.amazon.awssdk:sqs](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.69` -> `2.31.70` | | [software.amazon.awssdk:dynamodb-enhanced](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.69` -> `2.31.70` | | [software.amazon.awssdk:dynamodb](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.69` -> `2.31.70` | | [software.amazon.awssdk:aws-core](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.69` -> `2.31.70` | | [software.amazon.awssdk:bom](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.69` -> `2.31.70` | | [software.amazon.awssdk:auth](https://aws.amazon.com/sdkforjava) | dependencies | misk/gradle/libs.versions.toml | gradle | patch | `2.31.69` -> `2.31.70` | --- ### Release Notes <details> <summary>googleapis/sdk-platform-java (com.google.api.grpc:proto-google-common-protos)</summary> ### [`v2.59.0`](https://github.com/googleapis/sdk-platform-java/blob/HEAD/CHANGELOG.md#2590-2025-06-02) ##### Features - add logic to set universe domain to ServiceAccountJwtAccessCredentials ([#​3806](googleapis/sdk-platform-java#3806)) ([5b45708](googleapis/sdk-platform-java@5b45708)) - use debian base image for `java-library-generation` ([#​3817](googleapis/sdk-platform-java#3817)) ([94d0b30](googleapis/sdk-platform-java@94d0b30)) ##### Bug Fixes - manage graalvm image versions via Hermetic Build templates *only* ([#​3800](googleapis/sdk-platform-java#3800)) ([244c5dc](googleapis/sdk-platform-java@244c5dc)) ##### Dependencies - update dependency com.google.oauth-client:google-oauth-client-bom to v1.39.0 ([#​3813](googleapis/sdk-platform-java#3813)) ([196a7ca](googleapis/sdk-platform-java@196a7ca)) - update google api dependencies ([#​3791](googleapis/sdk-platform-java#3791)) ([45ef2e0](googleapis/sdk-platform-java@45ef2e0)) - update google auth library dependencies to v1.36.0 ([#​3814](googleapis/sdk-platform-java#3814)) ([07f834a](googleapis/sdk-platform-java@07f834a)) - update grpc dependencies to 1.71.0 ([#​3807](googleapis/sdk-platform-java#3807)) ([49a7ae5](googleapis/sdk-platform-java@49a7ae5)) - Upgrade Protobuf-Java to v3.25.8 ([#​3810](googleapis/sdk-platform-java#3810)) ([ab90662](googleapis/sdk-platform-java@ab90662)) </details> <details> <summary>google/error-prone (com.google.errorprone:error_prone_annotations)</summary> ### [`v2.39.0`](https://github.com/google/error-prone/releases/tag/v2.39.0): Error Prone 2.39.0 Changes: - Temporarily downgrade to Guava 33.4.0 ([#​5108](google/error-prone#5108)) Checks: - [`BooleanLiteral`](https://errorprone.info/bugpattern/BooleanLiteral): Prefer `true` to `Boolean.TRUE` - [`ExpensiveLenientFormatString`](https://errorprone.info/bugpattern/ExpensiveLenientFormatString): Renamed from `PreconditionsExpensiveString`, detects unnecessary calls to `String.format` in the arguments of lenient formatting methods. - [`UnnecessaryQualifier`](https://errorprone.info/bugpattern/UnnecessaryQualifier): Detects `@Qualifier` or `@BindingAnnotation` annotations that have no effect, and can be removed Issues: [#​4996](google/error-prone#4996), [#​5045](google/error-prone#5045) Full changelog: google/error-prone@v2.38.0...v2.39.0 </details> <details> <summary>Kotlin/binary-compatibility-validator (org.jetbrains.kotlinx.binary-compatibility-validator)</summary> ### [`v0.18.0`](https://github.com/Kotlin/binary-compatibility-validator/releases/tag/0.18.0) [Compare Source](Kotlin/binary-compatibility-validator@0.17.0...0.18.0) #### What's Changed - Supported KLIB cross compilation enabled in Kotlin 2.1.0 [#​299](Kotlin/binary-compatibility-validator#299) - Fixed issue with early properties evaluation [#​286](Kotlin/binary-compatibility-validator#286) - Started excluding local classes created by Parcelize [#​300](Kotlin/binary-compatibility-validator#300) Thanks to [@​TheMrMilchmann](https://github.com/TheMrMilchmann), [@​osipxd](https://github.com/osipxd), and [@​Goooler](https://github.com/Goooler) for their contributions! </details> <details> <summary>autonomousapps/dependency-analysis-android-gradle-plugin (com.autonomousapps.dependency-analysis)</summary> ### [`v2.19.0`](https://github.com/autonomousapps/dependency-analysis-android-gradle-plugin/blob/HEAD/CHANGELOG.md#Version-2190) - \[Feat]: support advices for Android test fixtures source sets - \[Feat]: support typesafe project accessors in IssueHandler - \[Fix]: bump kotlin-metadata-jvm to 2.1.21 to support K2.2 projects. - \[Chore]: move publishing to new `central.sonatype.com` repo. </details> --- ### Configuration 📅 **Schedule**: Branch creation - "after 6pm every weekday,before 2am every weekday" in timezone Australia/Melbourne, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Never, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). GitOrigin-RevId: d85db8eca9307834b88f72100e0026a94e3b4aa2
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR switches the base image of
java-library-generationtopython-3.13.2-slim, based ondebian-slim.https://hub.docker.com/layers/library/python/3.13.2-slim/images/sha256-8feb1b384bf6755cd1a180d65ec065c742aa1602f026993c33475be6ade2fb2e
Our image is an infrastructure image not meant to be used by our final users.
This solves the ongoing "compatibility layer" problems previously caused by our GLIBC compatibility layer.
For context on this change: doc