diff --git a/ci/java-builder/Dockerfile b/ci/java-builder/Dockerfile index 9a8f128..4828e4f 100644 --- a/ci/java-builder/Dockerfile +++ b/ci/java-builder/Dockerfile @@ -4,17 +4,18 @@ # Contains: Java 21, Maven 3.9.9, common dependencies, OWASP NVD database. # # Build: -# docker build -t 192.168.1.72/kollect-tools/java-builder:latest ci/java-builder/ +# docker build -t 192.168.1.72/kollect-tools/ci/java-builder:latest ci/java-builder/ # # Usage in CI: # container: -# image: 192.168.1.72/kollect-tools/java-builder:latest +# image: 192.168.1.72/kollect-tools/ci/java-builder:latest -ARG JAVA_VERSION=21 +ARG JAVA_VERSION=25 FROM eclipse-temurin:${JAVA_VERSION}-jdk-jammy ARG MAVEN_VERSION=3.9.14 -ARG OWASP_DC_VERSION=12.1.0 +ARG OWASP_DC_VERSION=12.1.1 +ARG NVD_API_KEY="" # ───────────────────────────────────────────────────────────────────── # System dependencies # ───────────────────────────────────────────────────────────────────── @@ -59,6 +60,7 @@ ENV OWASP_DATA_DIR=/opt/owasp/dependency-check-data RUN mkdir -p "${OWASP_DATA_DIR}" \ && mvn org.owasp:dependency-check-maven:${OWASP_DC_VERSION}:update-only \ -DdataDirectory="${OWASP_DATA_DIR}" \ + ${NVD_API_KEY:+-DnvdApiKey="${NVD_API_KEY}"} \ -q || true # ───────────────────────────────────────────────────────────────────── diff --git a/ci/java-builder/README.md b/ci/java-builder/README.md index 22c88db..8f7ec00 100644 --- a/ci/java-builder/README.md +++ b/ci/java-builder/README.md @@ -15,8 +15,8 @@ Pre-baked build environment for KollectAI-ETL backend and plugin CI jobs. ## Build ```bash -docker build -t 192.168.1.72/kollect-tools/java-builder:latest ci/java-builder/ -docker push 192.168.1.72/kollect-tools/java-builder:latest +docker build -t 192.168.1.72/kollect-tools/ci/java-builder:latest ci/java-builder/ +docker push 192.168.1.72/kollect-tools/ci/java-builder:latest ``` ### Build args @@ -35,7 +35,7 @@ jobs: test: runs-on: ubuntu-latest container: - image: 192.168.1.72/kollect-tools/java-builder:latest + image: 192.168.1.72/kollect-tools/ci/java-builder:latest steps: - uses: actions/checkout@v6 - run: ./mvnw -f backend/etl/pom.xml test -Dgroups=unit -q @@ -46,8 +46,8 @@ jobs: Rebuild weekly to keep the OWASP NVD database fresh: ```bash -docker build --no-cache -t 192.168.1.72/kollect-tools/java-builder:latest ci/java-builder/ -docker push 192.168.1.72/kollect-tools/java-builder:latest +docker build --no-cache -t 192.168.1.72/kollect-tools/ci/java-builder:latest ci/java-builder/ +docker push 192.168.1.72/kollect-tools/ci/java-builder:latest ``` When `pom.xml` files change (new dependencies), rebuild to update the cached deps layer.