History

Fadhli Azhari f9fb4ce4cd build: add frontend-builder image and bake buf into java-builder ci/frontend-builder (new): Node 24 + pnpm 10 + buf 1.55 + global @bufbuild/protoc-gen-es 2.4 + Playwright chromium runtime libs + ORAS. Used by KollectAI-ETL frontend CI to run TS proto codegen locally (buf.gen.yaml uses `local: protoc-gen-es`) instead of the rate-limited BSR remote-plugin path. ci/java-builder: added the standalone buf binary so `buf lint` runs in CI without an inline curl install. Backend Java codegen stays in the Maven build (protobuf-maven-plugin), so no protoc plugins are added to this image. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-28 15:06:00 +08:00
..
Dockerfile	build: add frontend-builder image and bake buf into java-builder	2026-04-28 15:06:00 +08:00
README.md	build: add frontend-builder image and bake buf into java-builder	2026-04-28 15:06:00 +08:00

Fadhli Azhari f9fb4ce4cd build: add frontend-builder image and bake buf into java-builder

ci/frontend-builder (new): Node 24 + pnpm 10 + buf 1.55 + global
@bufbuild/protoc-gen-es 2.4 + Playwright chromium runtime libs +
ORAS. Used by KollectAI-ETL frontend CI to run TS proto codegen
locally (buf.gen.yaml uses `local: protoc-gen-es`) instead of the
rate-limited BSR remote-plugin path.

ci/java-builder: added the standalone buf binary so `buf lint` runs
in CI without an inline curl install. Backend Java codegen stays in
the Maven build (protobuf-maven-plugin), so no protoc plugins are
added to this image.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-04-28 15:06:00 +08:00

Dockerfile

build: add frontend-builder image and bake buf into java-builder

2026-04-28 15:06:00 +08:00

README.md

build: add frontend-builder image and bake buf into java-builder

2026-04-28 15:06:00 +08:00

README.md

Java Builder — CI Image

Pre-baked build environment for KollectAI-ETL backend and plugin CI jobs.

What's included

Java 21 (Eclipse Temurin)
Maven 3.9.9
Pre-cached Maven dependencies (Spring Boot, Flink, MyBatis, etc.)
Pre-installed plugin-api in local Maven repo
OWASP NVD database snapshot
Node.js + pnpm (via corepack)
buf CLI — for buf lint parity with pre-push
ORAS CLI (Harbor artifact uploads)
git, jq, curl

Note: Backend Java protobuf codegen lives in the Maven build via protobuf-maven-plugin, not buf — so this image deliberately omits protoc plugins. For TypeScript proto codegen and frontend CI jobs use the frontend-builder image.

Build

docker build -t 192.168.1.72/kollect-tools/ci/java-builder:latest ci/java-builder/
docker push 192.168.1.72/kollect-tools/ci/java-builder:latest

Build args

Arg	Default	Description
`JAVA_VERSION`	`25`	Eclipse Temurin JDK version
`MAVEN_VERSION`	`3.9.14`	Maven version
`OWASP_DC_VERSION`	`12.1.1`	OWASP Dependency-Check version
`NODE_MAJOR`	`24`	Node.js major version
`PNPM_VERSION`	`10.15.0`	pnpm version (corepack-activated)
`BUF_VERSION`	`1.55.0`	buf CLI version
`ORAS_VERSION`	`1.2.2`	ORAS CLI version
`NVD_API_KEY`	(empty)	Optional NVD API key — speeds up the OWASP database update during image build

Usage in CI

jobs:
  test:
    runs-on: ubuntu-latest
    container:
      image: 192.168.1.72/kollect-tools/ci/java-builder:latest
    steps:
      - uses: actions/checkout@v6
      - run: ./mvnw -f backend/etl/pom.xml test -Dgroups=unit -q

Maintenance

Rebuild weekly to keep the OWASP NVD database fresh:

docker build --no-cache -t 192.168.1.72/kollect-tools/ci/java-builder:latest ci/java-builder/
docker push 192.168.1.72/kollect-tools/ci/java-builder:latest

When pom.xml files change (new dependencies), rebuild to update the cached deps layer.