Skip to content

Commit

Permalink
[issue#2686] Skip adding signature files to the generated uber jar
Browse files Browse the repository at this point in the history
  • Loading branch information
jaikiran authored and gsmet committed Oct 1, 2019
1 parent 0624b8b commit a722f67
Show file tree
Hide file tree
Showing 3 changed files with 111 additions and 1 deletion.
Original file line number Diff line number Diff line change
Expand Up @@ -272,6 +272,7 @@ private void buildRunner(FileSystem runnerZipFs, CurateOutcome curateOutcome, Au
if (uberJar) {
try (FileSystem artifactFs = ZipUtils.newFileSystem(resolvedDep)) {
for (final Path root : artifactFs.getRootDirectories()) {
final Path metaInfDir = root.resolve("META-INF");
Files.walkFileTree(root, EnumSet.of(FileVisitOption.FOLLOW_LINKS), Integer.MAX_VALUE,
new SimpleFileVisitor<Path>() {
@Override
Expand All @@ -288,7 +289,17 @@ public FileVisitResult preVisitDirectory(Path dir, BasicFileAttributes attrs)
public FileVisitResult visitFile(Path file, BasicFileAttributes attrs)
throws IOException {
final String relativePath = toUri(root.relativize(file));
//if this has been transfomed we do not copy it
// if it's a signature file (under the <jar>/META-INF directory),
// then we don't add it to the uber jar
if (isBlockOrSF(relativePath) &&
file.relativize(metaInfDir).getNameCount() == 1) {
if (log.isDebugEnabled()) {
log.debug("Signature file " + file.toAbsolutePath() + " from app " +
"dependency " + appDep + " will not be included in uberjar");
}
return FileVisitResult.CONTINUE;
}
//if this has been transformed we do not copy it
boolean transformed = transformedFromThisArchive != null
&& transformedFromThisArchive.contains(relativePath);
if (!transformed) {
Expand Down Expand Up @@ -562,4 +573,15 @@ private static StringBuilder toUri(StringBuilder b, Path path, int seg) {
}
return b;
}

// same as the impl in sun.security.util.SignatureFileVerifier#isBlockOrSF()
private static boolean isBlockOrSF(final String s) {
if (s == null) {
return false;
}
return s.endsWith(".SF")
|| s.endsWith(".DSA")
|| s.endsWith(".RSA")
|| s.endsWith(".EC");
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,87 @@
package io.quarkus.creator.phase.runnerjar.test;

import static org.junit.jupiter.api.Assertions.assertNotNull;
import static org.junit.jupiter.api.Assertions.assertNull;
import static org.junit.jupiter.api.Assertions.assertTrue;

import java.nio.file.Files;
import java.nio.file.Path;
import java.util.HashSet;
import java.util.Properties;
import java.util.Set;
import java.util.jar.JarFile;

import io.quarkus.bootstrap.resolver.TsArtifact;
import io.quarkus.bootstrap.resolver.TsJar;
import io.quarkus.creator.AppCreator;
import io.quarkus.creator.phase.runnerjar.RunnerJarOutcome;

/**
* Tests uber jar generation through {@link io.quarkus.creator.phase.runnerjar.RunnerJarPhase}
*/
public class UberRunnerJarOutcomeTest extends CreatorOutcomeTestBase {

private static final Set<String> SIGNATURE_FILES = new HashSet<>();

static {
SIGNATURE_FILES.add("META-INF/signature.SF");
SIGNATURE_FILES.add("META-INF/signature.DSA");
SIGNATURE_FILES.add("META-INF/signature.RSA");
SIGNATURE_FILES.add("META-INF/signature.EC");
}

@Override
protected void initProps(final Properties props) {
super.initProps(props);
// enable uber jar
props.put("runner-jar.uber-jar", "true");
}

@Override
protected TsArtifact modelApp() {
// generate a jar which has files that are considered signature files.
// note that we do not add real signatures to the jar and instead
// we just use the well-known signature filename extensions, in this test
final TsJar signedJar = new TsJar();
// add the signature files
for (final String sigFile : SIGNATURE_FILES) {
signedJar.addEntry("content doesn't matter, just the file name extension does", sigFile);
}
// add some random files
signedJar.addEntry("some file", "a/b/c/d/e.txt");
signedJar.addEntry("some file", "a/b/foo.SF");
final TsArtifact signedArtifact = TsArtifact.jar("signed-dep");
signedArtifact.setContent(signedJar);

final TsJar regularJar = new TsJar();
regularJar.addEntry("hello world", "META-INF/helloworld.txt");
regularJar.addEntry("hello world2", "a/helloworld2.txt");
final TsArtifact regularArtifact = TsArtifact.jar("regular-dep");
regularArtifact.setContent(regularJar);

final TsArtifact appJar = TsArtifact.jar("app").addDependency(signedArtifact).addDependency(regularArtifact);
return appJar;
}

@Override
protected void testCreator(final AppCreator creator) throws Exception {
final RunnerJarOutcome outcome = creator.resolveOutcome(RunnerJarOutcome.class);

final Path runnerJar = outcome.getRunnerJar();
assertTrue(Files.exists(runnerJar), "Runner jar " + runnerJar + " is missing");
try (final JarFile jar = new JarFile(runnerJar.toFile())) {
// verify the signature files are absent
for (final String sigFile : SIGNATURE_FILES) {
assertNull(jar.getEntry(sigFile), sigFile + " was expected to be absent in the uberjar, but is present");
}
// other files should be present
assertNotNull(jar.getEntry("a/b/c/d/e.txt"), "a/b/c/d/e.txt is missing from uberjar");
assertNotNull(jar.getEntry("a/b/foo.SF"), "a/b/foo.SF is missing from uberjar");

assertNotNull(jar.getEntry("a/helloworld2.txt"), "a/helloworld2.txt is missing from uberjar");
assertNotNull(jar.getEntry("META-INF/helloworld.txt"), "META-INF/helloworld.txt is missing from uberjar");

}

}
}
1 change: 1 addition & 0 deletions docs/src/main/asciidoc/maven-tooling.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -463,6 +463,7 @@ When building an Uber-Jar you can specify entries that you want to exclude from

<1> The entries are relative to the root of the generated Uber-Jar. You can specify multiple entries by adding extra `<ignoredEntry>` elements.

Uber-Jar creation by default excludes link:https://docs.oracle.com/javase/tutorial/deployment/jar/intro.html[signature files] that might be present in the dependencies of the application.

Uber-Jar's final name is configurable via a Maven's build settings `finalName` option or via a `finalName` configuration option as shown below.

Expand Down

0 comments on commit a722f67

Please sign in to comment.