MavenSupportSpec

Differences between revisions 16 and 17
Revision 16 as of 2008-09-11 13:46:21
Size: 13791
Editor: lns-bzn-48f-81-56-218-246
Comment:
Revision 17 as of 2008-09-26 10:11:14
Size: 12394
Editor: lns-bzn-48f-81-56-218-246
Comment:
Deletions are marked like this. Additions are marked like this.
Line 4: Line 4:
 * '''Packages affected''': maven2, lib*-java  * '''Packages affected''': none (only new packages)
Line 8: Line 8:
A lot of Java applications use Maven (and associated maven plugins) as their build system. In order to package this software as appropriate Debian packages, a lot of changes need to be applied to the usual Maven process, in particular to avoid the online dependency resolving feature of Maven. The solution is to patch Maven so that it supports an offline mode, and to provide extra information needed by Maven in Java library packages. A lot of Java applications use Maven (and associated maven plugins) as their build system. In order to package this software as appropriate Debian packages, a lot of changes need to be applied to the usual Maven process, in particular to avoid the online dependency resolving feature of Maven. This document presents a solution to this problem and details the minimal work needed before we can start packaging a minimal Maven project.
Line 20: Line 20:
 * Alan in an Ubuntu developer. He wants to package Geronimo in universe, but Geronimo uses Maven. He uses our modified Maven, the packaged Java libraries and Maven plugins to write a fully-offline and repeatable package, compatible with our buildd system.
 * Betty is a Java developer. She wants to use Maven to build her own Java software. Fortunately, the new Maven doesn't prevent her from using Maven the usual way, setting up a local repository that downloads and updates files from the online Maven repositories.		  * Alan in an Ubuntu developer. He wants to package Geronimo in universe, but Geronimo uses Maven. He is able to use the Maven packaging method and the already-packaged Java libraries and Maven plugins to write a fully-offline and repeatable package, compatible with our buildd system.
 * Betty is a Java developer. She wants to use Maven to build her own Java software. Fortunately, this method doesn't modify Maven in any way so it doesn't prevent her from using Maven the usual way, setting up a local repository that downloads and updates files from the online Maven repositories.
Line 25: Line 25:
Software using Maven to build is usually very large and requires lots of dependencies. In order to be useful, the modified Maven will require lots of external packaging work to have all the required Java libraries available. This might just be the visible tip of the iceberg. Software using Maven to build is usually very large and requires lots of dependencies. Even once the basic blocks described in this document are in place, packaging any large Java software will require lots of external packaging work to have all the required Java libraries available as proper Debian packages to build-depend from. So keep in mind that this might just be the visible tip of the iceberg.
Line 29: Line 29:
=== Identified incompatibilities with buildd === === Why we can't just call maven in debian/rules ===
Line 33: Line 33:
 * Maven relies on specific versions of libraries: in the .pom files, each artifact can depend on a very specific version of a given JAR, which is usually different from the one in the Ubuntu repositories. A dependency mapping system needs to be supported in order to match the very specific required version with the installed one while keeping Maven happy.
Line 35: Line 34:
=== Additional issues === === How to use maven in a debian package ===
Line 37: Line 36:
 * .pom files shipping: these files need to be available for maven to resolve dependencies and build order. We have to either ship them with each Java library we package, or as a big blob of .pom files together with the source, or have a way of reconstructing them from existing Debian Depends information before calling maven.
 * Maven plugins: we'll need to package the most common Maven plugins, and make Maven support the use of these system-installed plugins.		 The proposed method is based on two principles:
 * Simulate a complete Maven local repository in a debian/mvn_repo directory by shipping all required POM files and replace every JAR with a symbolic link to the corresponding system-installed library
 * Call mvn using the "-o" (offline mode) to avoid any superfluous online freshness check and the "-s" option to make it use the mvn_repo directory as its repository.
Line 40: Line 40:
=== Design 1: using JPackage patchset to Maven === How do you know what is necessary to put in the mvn_repo directory ? Just let maven build it from scratch for you, and then proceed in replacing all JARs by symbolic links. Since you can't just ship symbolic links in the diff.gz file, you need to have a script that will recreate them for you before building. Here is the method to follow, step-by-step:
 * Create an empty debian/mvn_repo directory
 * Create a debian/mvn_settings.xml file with <localRepository>./debian/mvn_repo</localRepository>
 * Run the Maven commands required to build the software, with the "-s debian/mvn_settings.xml" parameter (example: "mvn -s debian/mvn_settings.xml package"). That will download everything required by maven (POMs and JARs) into debian/mvn_repo.
 * Add a "link_mvn_repo" target to debian/rules that must run before any mvn call (build)
 * In the "clean" target of debian/rules, add a line to remove all links in mvn_repo (after mvn clean calls)
 * In debian/rules, call mvn with the "-o" and "-s debian/mvn_settings.xml" parameters
 * For all JARs in debian/mvn_repo, check that you have an acceptable corresponding JAR in an existing package (if not, you'll have to package that first). Remove the JAR from mvn_repo, and add a line in the link_mvn_repo target that will create a link to the system-installed equivalent (example: ln -s /usr/share/java/plexus-utils.jar debian/mvn_repo/org/codehaus/plexus/plexus-utils/1.0.4/plexus-utils-1.0.4.jar). Add the corresponding build dep to debian/control.
 * The package will be policy-compliant when there is no more JARs in mvn_repo !
Line 42: Line 50:
==== The Fedora implementation ==== === Potential issues ===
Line 44: Line 52:
JPackage patched maven to solve these issues. They provide a mvn-jpp wrapper that enables those patches:
 * Really offline run
 * JPP repository support: makes maven use system-installed JARs
 * depmap.xml: maps whatever is in the POM file to the location of the library in the filesystem. Each package adds its own dependencies in a central file that is used by mvn-jpp, so it rarely needs a specific dependency map spec.		  * Maven relies on specific versions of libraries: in the .pom files, each artifact can depend on a very specific version of a given JAR, which is usually different from the one in the Ubuntu repositories. Extra care in testing is needed to double-check that using a slightly different JAR version doesn't make it break at build or at runtime.
Line 49: Line 54:
Then they ship .pom files in various ways : in a big maven2-common-poms package for the libraries that don't ship them yet, and together with Java libraries in their package. The package-provided ones are preferred in case of conflict. === Alternative solutions (for reference) ===
Line 51: Line 56:
See the [[http://cvs.fedoraproject.org/viewcvs/rpms/maven2/F-9/|patches]] and the README here:
[[http://fedoraproject.org/wiki/Java/JPPMavenReadme]].		 ==== JPackage patchset to Maven ====
Line 54: Line 58:
Each Java package must provides:
 * jars in /usr/share/java/...
 * .pom files corresponding to each jar as /usr/share/maven2/poms/JPP.path.to-jarname.pom
 * depmap file fragments in /etc/maven/fragments/ mapping .pom artifacts to the real jars
 * a postinst regenerating /etc/maven/maven2-depmap.xml from all depmap fragments in /etc/maven/fragments/		 The JPackage patchset is implemented in Fedora. It patches maven so that, when called with specific options, it supports using JARs installed in /usr/share/java directly. The POM files are shipped together with the Java libraries. A depmap.xml file converts Maven artifact names to system file locations. It is built from depmap fragments shipped with each Java library.
Line 60: Line 60:
The maven2 package provides:
 * An /usr/share/maven2/repository/JPP -> /usr/share/java symlink		 The advantage of this solution is to ship Maven-related information inside the Java library packages themselves, and rely on that system to automatically find the required JARs. However, it requires a heavy patch on Maven that must be maintained, a basic infrastructure that is very costly to put in place (refresh every JAR), and the system might be brittle because it doesn't freeze the POM information in a state that is necessarily compatible with the build you are trying to make (debugging of dependency issues is more complicated).
Line 63: Line 62:
The maven2-common-poms package provides:
 * Various .pom files in /usr/share/maven2/default_poms/
 * A versionless depmap for all those poms /etc/maven/maven2-versionless-depmap.xml
 * A /usr/share/java/maven2/default_poms -> /usr/share/maven2/default_poms symlink		 ==== Packaging Aware Maven Proxy ====
Line 68: Line 64:
The patches we would need to port are: maven2-jpprepolayout.patch, maven2-JPackageRepositoryLayout.java and maven2-MavenJPackageDepmap.java In this approach, we would run a Maven proxy that would solve all dependency mapping and let Maven build a repository at build-time that downloads artifacts from the system itself. Maven would be run with a settings file that point to the local proxy, and the maven proxy would be launched prior to launching a maven build process.
Line 70: Line 66:
Here are the extra options defined in the patchset:

 * maven2.offline.mode - This property tells maven to use the pre-configured jpackage repositories.
 * maven2.ignore.versions - This property tells maven to ignore versions when looking at the dependency map.
 * maven2.usejppjars - With this property supplied, maven will try to use jpackage jars whenever possible. It's main intention is to allow users to use /usr/share/java files when available, and fetch jars from the net if not. It may be combined with the above two.
 * maven2.jpp.depmap.file - This option tells maven where to find custom dependency mappings

To enable a buildd-compatible mode, you should run with the -Dmaven2.offline.mode -Dmaven2.ignore.versions -Dmaven2.usejppjars options. That is what the mvn-jpp wrapper does.

==== Known problems with the JPackage implementation ====

 * Fedora shipped a maven2-common-poms package as a workaround for existing libraries that don't ship the required .pom and depmap fragments. It's probably cleaner to fix all affected packages in the release cycle where this would be implemented.
 * Fedora uses a single maven-depmap.xml file regenerated at postinstall from fragments. It might be cleaner to patch the patchset so that it supports directly reading into a depmap.d directory.
 * Depmap fragments (and the resulting autogenerated maven-depmap.xml) are located in /etc/maven. Since those aren't configuration files but rather information needed to integrate the library with maven, it should probably be located somewhere in /usr/share to conform to FHS and Debian policy.
 * We might now want to make all Java libraries depend on maven2, so we might not want to use "maven2" for the poms and depmap fragments locations

==== Using the JPP patchset in Debian/Ubuntu ====

A new maven2 must be released with:

 * Modify the JPP patchset to fix the known problems above
 * Apply the JPP patchset to maven
 * (optional) provide a mvn-jpp wrapper or equivalent
 * Create /usr/share/maven2/repository/JPP -> /usr/share/java symlink
 * Built-in common maven plugins

Existing Java libraries must be modified to provide:

 * .pom files (one for each jar artifact)
 * a depmap fragment
 * Call the depmap regeneration script if we keep the Fedora way of handling fragments

==== Known issues with this design ====

.pom files and depmap fragments duplicate information found in debian/control and others. It's probably too complicated to patch the JPP patchset to look into /var/lib/pkg for dependency info. What could be done in the future is writing some dh_javapom helper that would help generating the pom and depmap fragment for a Java library package.

==== Proof-of-concept ====

The goal of this proof-of-concept is to be able to build a buildd-compatible debian package from a basic helloWorld maven2 project.

At this moment, we fail to run a basic 'mvn compile' command in JPP-mode on the helloWorld project. We have a [[https://launchpad.net/~ubuntu-java/+archive|JPP-patched maven2]] and a tar file with everything that should have been installed by other packages. Then we hit an error, please help ! [[https://wiki.ubuntu.com/JavaTeam/MavenJppTesting|MavenJppTesting]] describes how to arrive where we stand right now.

=== Design 2: Packaging Aware Maven Proxy ===

When building a package a proxy may be specified by launching maven with the "-s" command line option as follows:

mvn -s path_to_settings_file

Packages relying on maven in their build process would need to provide a settings.xml file with a proxies section as follows specifying a well know port (9567 in this example):

{{{
  ...
  <proxies>
      <proxy>
          <active>true</active>
          <protocol>http</protocol>
          <host>localhost</host>
          <port>9567</port>
          <username></username>
          <password></password>
      </proxy>
  </proxies>
  ...
}}}

The maven proxy would be launched prior to launching a maven build process and would have the following features:		 The proxy would need to have the following features:
Line 142: Line 73:
=== Design 3 : the KISS solution ===

Design 1 requires a lot of infrastructure and also requires maintaining an important patch / Maven upstream. Design 2 requires no Maven mod but is a little magic, I'll believe it can be done when a proof-of-concept will be shown. Here is an alternative solution, that requires no pre-existing infrastructure in the java deps and is very simple.

The idea is to use Maven to download the necessary Maven items into a virgin Maven repository, then replace all JARs in that repository with links to the system-installed JARs. Package that, and run maven in offline mode ("mvn -o") in debian/rules to avoid any superfluous download at build time.

In more details, to package a Maven-based software, you follow these steps:
 * Create a debian/m2_repo directory
 * Create a debian/mysettings.xml file with <localRepository>$SRCDIR/debian/m2_repo</localRepository>
 * Run "mvn -s mysettings.xml compile/clean/package..." normally to build the software. That will download everything required by maven (POMs and JARs) into debian/m2_repo.
 * Add a "create_links_in_repo" target to debian/rules that must run before any mvn call (build)
 * In the "clean" target of debian/rules, add a line to remove all links in m2_repo (after mvn clean calls)
 * For all JARs in debian/m2_repo, check that you have an acceptable corresponding JAR in an existing package (if not, you'll have to package that too). Remove the JAR from m2_repo, and add a line in the create_links_in_repo target that will create a link to the system-installed equivalent (example: ln -s /usr/share/java/plexus-utils.jar debian/m2_repo/org/codehaus/plexus/plexus-utils/1.0.4/plexus-utils-1.0.4.jar). Add the corresponding build dep to debian/control.
 * You are done when there is no more JARs in m2_repo !
 * Then you can use "mvn -o -s debian/mysettings.xml compile/clean/package..." in your debian/rules.

The obvious drawback of this approach is the size of the debian directory with all those useless POM files in it.

The obvious advantage of this approach is its simplicity. You know what JARs you have in m2_repo that you must have as proper build dependencies. You can have incremental builds with real JARs still in m2_repo to test if using a link to a slightly different JAR version breaks something or not. It doesn't require any structural change and can be used right now. Of course, we are missing a lot of basic build-depends that all Maven projects use (example: the maven-compiler-plugin) so the first packager will have a hard time packaging everything needed for even a basic project. But that's a common drawback for all the approaches.		 The advantages of this approach is that it doesn't require any Maven patching. However, building the maven proxy is complex, and starting a localhost daemon in parallel to a build might not be the best solution for buildds.
Line 164: Line 77:
=== Choosing the right design === The chosen approach doesn't require any specific development or infrastructure by itself. However, it would be good to provide at least the mimimal build dependencies required by even the simplest helloWorld maven project. Indeed, simply calling the Maven "clean", "compile" or "package" targets requires some dependencies to be present, and at the very least those should be packaged and available for the first Maven packager to use.
Line 166: Line 79:
At this point we need to choose the right design, before going further in implementation. === Maven dependencies for a helloWorld project ===

(in bold, non-existing packages)

||<rowbgcolor="#cccccc"> '''Target''' || '''Artifacts''' ||
|| clean || '''maven-clean-plugin''' '''file-management''' '''maven-shared-io''' plexus-utils ||
|| compile || '''maven-resources-plugin''' '''maven-compiler-plugin''' plexus-compiler-api plexus-compiler-javac plexus-utils plexus-compiler-manager ||
|| test || junit '''surefire-junit''' '''surefire-api''' '''surefire-booter''' '''maven-surefire-plugin''' plexus-utils ||
|| package || commons-lang '''maven-archiver''' '''maven-jar-plugin''' '''plexus-archiver''' plexus-utils '''plexus-io''' ||

=== Bootstrapping ===

Fortunately we don't really need maven to build those missing basic blocks. They can be built using ant with minimal effort. Here is a breakdown of the order in which the new packages can be created. maven-plugin-testing-harness.jar is optional, needed only to enable testing in the maven plugins build.

||<rowbgcolor="#cccccc"> '''JAR''' || '''Runtime & Compile depends''' || '''Testing depends''' ||
||<-3 #eeeeee> Level 0 (can be done using current archive) ||
|| surefire-api.jar || commons-lang plexus-utils || jmock ||
|| plexus-archiver.jar || plexus-component-api plexus-container-default plexus-utils || junit ||
|| plexus-io.jar || plexus-component-api plexus-container-default || junit ||
|| maven-shared-io.jar || classworlds junit maven wagon-provider-api plexus-utils plexus-container-default || easymock ||
||<#FFEBBB> maven-plugin-testing-harness.jar || maven junit || ||
||<-3 #eeeeee> Level 1 (needs level 0) ||
|| surefire-booter.jar || surefire-api plexus-utils || jmock ||
|| surefire-junit.jar || surefire-api || jmock ||
|| file-management.jar || classworlds maven maven-shared-io wagon-provider-api plexus-container-default plexus-utils || junit ||
|| maven-archiver.jar || maven plexus-archiver plexus-utils || ||
|| maven-resources-plugin.jar || maven || maven-plugin-testing-harness ||
|| maven-compiler-plugin.jar || classworlds junit maven plexus-compiler-api plexus-compiler-manager plexus-container-default plexus-utils plexus-compiler-javac || jsch commons-cli doxia-sink-api maven-plugin-testing-harness wagon-file wagon-http-lightweight wagon-provider-api wagon-ssh plexus-interactivity-api ||
||<-3 #eeeeee> Level 2 (needs level 1) ||
|| maven-surefire-plugin.jar || maven surefire-booter || jmock ||
|| maven-jar-plugin.jar || commons-lang maven-archiver plexus-io plexus-utils || maven-plugin-testing-harness ||
|| maven-clean-plugin.jar || classworlds junit file-management maven-shared-io maven wagon-provider-api plexus-container-default plexus-utils || jsch commons-cli doxia-sink-api maven-plugin-testing-harness wagon-file wagon-http-lightweight wagon-ssh plexus-archiver plexus-interactivity-api ||

If this spec is accepted, packaging-needed bugs would be filed (first Level 0 ones, then Level 1...)

=== Directions for packagers ===

==== Location for Maven-specific libraries ====

Lots of dependencies are Maven-specific, in particular the Maven plugins. It might make sense not to ship those libraries into /usr/share/java but rather as a subdirectory of /usr/share/maven2. Since we use links from m2_repo, from our point of view the location doesn't matter, and it would avoid crowding the /usr/share/java directory with JARs that can only be called by Maven. Note that it might even be possible to configure Maven so that it automatically includes JARs in /usr/share/maven2/plugins to its classpath, reducing the work needed to link always-present artifacts from mvn_repo.
Line 170: Line 122:
In order to test the new maven features, we need a fake "hello world" maven project to package and (in case of Design 1) probably a few fake Java libraries dependencies packaged with the required .pom files and depmap fragments. Testing it on large packages will not be possible before most of the Java libraries are modified or packaged. We should provide Debian packaging for a minimal helloWorld Maven project.
Line 174: Line 126:
None.

Summary

A lot of Java applications use Maven (and associated maven plugins) as their build system. In order to package this software as appropriate Debian packages, a lot of changes need to be applied to the usual Maven process, in particular to avoid the online dependency resolving feature of Maven. This document presents a solution to this problem and details the minimal work needed before we can start packaging a minimal Maven project.

Release Note

The infrastructure making it possible to package Maven-based Java applications like Geronimo or Glassfish in main or universe is now in place.

Rationale

Most recent complex Java applications leverage ASF's Maven system and artifact repository to ease the dependency resolving and building of their software. Unfortunately the usual Maven process downloads/updates needed artifacts (JARs), Maven plugins and build/runtime dependency information (.pom files) from the Maven repositories on the Intenet into a local repository cache and works from there. This is incompatible with the way our buildd system works, and with the idea of repeatable builds in general. Given the power of the Maven plugins-based build system, working around Maven to build those complex packages without it is almost impossible.

Use Cases

  • Alan in an Ubuntu developer. He wants to package Geronimo in universe, but Geronimo uses Maven. He is able to use the Maven packaging method and the already-packaged Java libraries and Maven plugins to write a fully-offline and repeatable package, compatible with our buildd system.
  • Betty is a Java developer. She wants to use Maven to build her own Java software. Fortunately, this method doesn't modify Maven in any way so it doesn't prevent her from using Maven the usual way, setting up a local repository that downloads and updates files from the online Maven repositories.

Assumptions

Software using Maven to build is usually very large and requires lots of dependencies. Even once the basic blocks described in this document are in place, packaging any large Java software will require lots of external packaging work to have all the required Java libraries available as proper Debian packages to build-depend from. So keep in mind that this might just be the visible tip of the iceberg.

Design

Why we can't just call maven in debian/rules

  • Online dependency download/update: Maven downloads needed build/runtime dependency information (.pom files) and resulting artifacts (Java libraries and Maven plugins) from Maven repositories on the Internet. For each item already present in the local repository, it checks if the version is up to date. We need to provide all those dependencies as part of the source or as packaged build dependencies, and disable Maven freshness check.
  • Use of a specific repository: Maven doesn't use the libraries installed in /usr/share/java, it only uses its own local repository. Since the required Java libraries build dependencies will be pulled as packages, Maven needs to make use of those.

How to use maven in a debian package

The proposed method is based on two principles:

  • Simulate a complete Maven local repository in a debian/mvn_repo directory by shipping all required POM files and replace every JAR with a symbolic link to the corresponding system-installed library
  • Call mvn using the "-o" (offline mode) to avoid any superfluous online freshness check and the "-s" option to make it use the mvn_repo directory as its repository.

How do you know what is necessary to put in the mvn_repo directory ? Just let maven build it from scratch for you, and then proceed in replacing all JARs by symbolic links. Since you can't just ship symbolic links in the diff.gz file, you need to have a script that will recreate them for you before building. Here is the method to follow, step-by-step:

  • Create an empty debian/mvn_repo directory

  • Create a debian/mvn_settings.xml file with <localRepository>./debian/mvn_repo</localRepository>

  • Run the Maven commands required to build the software, with the "-s debian/mvn_settings.xml" parameter (example: "mvn -s debian/mvn_settings.xml package"). That will download everything required by maven (POMs and JARs) into debian/mvn_repo.
  • Add a "link_mvn_repo" target to debian/rules that must run before any mvn call (build)
  • In the "clean" target of debian/rules, add a line to remove all links in mvn_repo (after mvn clean calls)
  • In debian/rules, call mvn with the "-o" and "-s debian/mvn_settings.xml" parameters
  • For all JARs in debian/mvn_repo, check that you have an acceptable corresponding JAR in an existing package (if not, you'll have to package that first). Remove the JAR from mvn_repo, and add a line in the link_mvn_repo target that will create a link to the system-installed equivalent (example: ln -s /usr/share/java/plexus-utils.jar debian/mvn_repo/org/codehaus/plexus/plexus-utils/1.0.4/plexus-utils-1.0.4.jar). Add the corresponding build dep to debian/control.
  • The package will be policy-compliant when there is no more JARs in mvn_repo !

Potential issues

  • Maven relies on specific versions of libraries: in the .pom files, each artifact can depend on a very specific version of a given JAR, which is usually different from the one in the Ubuntu repositories. Extra care in testing is needed to double-check that using a slightly different JAR version doesn't make it break at build or at runtime.

Alternative solutions (for reference)

JPackage patchset to Maven

The JPackage patchset is implemented in Fedora. It patches maven so that, when called with specific options, it supports using JARs installed in /usr/share/java directly. The POM files are shipped together with the Java libraries. A depmap.xml file converts Maven artifact names to system file locations. It is built from depmap fragments shipped with each Java library.

The advantage of this solution is to ship Maven-related information inside the Java library packages themselves, and rely on that system to automatically find the required JARs. However, it requires a heavy patch on Maven that must be maintained, a basic infrastructure that is very costly to put in place (refresh every JAR), and the system might be brittle because it doesn't freeze the POM information in a state that is necessarily compatible with the build you are trying to make (debugging of dependency issues is more complicated).

Packaging Aware Maven Proxy

In this approach, we would run a Maven proxy that would solve all dependency mapping and let Maven build a repository at build-time that downloads artifacts from the system itself. Maven would be run with a settings file that point to the local proxy, and the maven proxy would be launched prior to launching a maven build process.

The proxy would need to have the following features:

  • Generate pom.xml files upon request according to debian packaging dependencies
  • Map request artifact versions to existing artifact versions
  • Serve jar files from /usr/share/java
  • Block access to the internet

The advantages of this approach is that it doesn't require any Maven patching. However, building the maven proxy is complex, and starting a localhost daemon in parallel to a build might not be the best solution for buildds.

Implementation

The chosen approach doesn't require any specific development or infrastructure by itself. However, it would be good to provide at least the mimimal build dependencies required by even the simplest helloWorld maven project. Indeed, simply calling the Maven "clean", "compile" or "package" targets requires some dependencies to be present, and at the very least those should be packaged and available for the first Maven packager to use.

Maven dependencies for a helloWorld project

(in bold, non-existing packages)

Target

Artifacts

clean

maven-clean-plugin file-management maven-shared-io plexus-utils

compile

maven-resources-plugin maven-compiler-plugin plexus-compiler-api plexus-compiler-javac plexus-utils plexus-compiler-manager

test

junit surefire-junit surefire-api surefire-booter maven-surefire-plugin plexus-utils

package

commons-lang maven-archiver maven-jar-plugin plexus-archiver plexus-utils plexus-io

Bootstrapping

Fortunately we don't really need maven to build those missing basic blocks. They can be built using ant with minimal effort. Here is a breakdown of the order in which the new packages can be created. maven-plugin-testing-harness.jar is optional, needed only to enable testing in the maven plugins build.

JAR

Runtime & Compile depends

Testing depends

Level 0 (can be done using current archive)

surefire-api.jar

commons-lang plexus-utils

jmock

plexus-archiver.jar

plexus-component-api plexus-container-default plexus-utils

junit

plexus-io.jar

plexus-component-api plexus-container-default

junit

maven-shared-io.jar

classworlds junit maven wagon-provider-api plexus-utils plexus-container-default

easymock

maven-plugin-testing-harness.jar

maven junit

Level 1 (needs level 0)

surefire-booter.jar

surefire-api plexus-utils

jmock

surefire-junit.jar

surefire-api

jmock

file-management.jar

classworlds maven maven-shared-io wagon-provider-api plexus-container-default plexus-utils

junit

maven-archiver.jar

maven plexus-archiver plexus-utils

maven-resources-plugin.jar

maven

maven-plugin-testing-harness

maven-compiler-plugin.jar

classworlds junit maven plexus-compiler-api plexus-compiler-manager plexus-container-default plexus-utils plexus-compiler-javac

jsch commons-cli doxia-sink-api maven-plugin-testing-harness wagon-file wagon-http-lightweight wagon-provider-api wagon-ssh plexus-interactivity-api

Level 2 (needs level 1)

maven-surefire-plugin.jar

maven surefire-booter

jmock

maven-jar-plugin.jar

commons-lang maven-archiver plexus-io plexus-utils

maven-plugin-testing-harness

maven-clean-plugin.jar

classworlds junit file-management maven-shared-io maven wagon-provider-api plexus-container-default plexus-utils

jsch commons-cli doxia-sink-api maven-plugin-testing-harness wagon-file wagon-http-lightweight wagon-ssh plexus-archiver plexus-interactivity-api

If this spec is accepted, packaging-needed bugs would be filed (first Level 0 ones, then Level 1...)

Directions for packagers

Location for Maven-specific libraries

Lots of dependencies are Maven-specific, in particular the Maven plugins. It might make sense not to ship those libraries into /usr/share/java but rather as a subdirectory of /usr/share/maven2. Since we use links from m2_repo, from our point of view the location doesn't matter, and it would avoid crowding the /usr/share/java directory with JARs that can only be called by Maven. Note that it might even be possible to configure Maven so that it automatically includes JARs in /usr/share/maven2/plugins to its classpath, reducing the work needed to link always-present artifacts from mvn_repo.

Test/Demo Plan

We should provide Debian packaging for a minimal helloWorld Maven project.

Outstanding Issues

None.

Discussion

I noticed the following tools which may be of some use too ? :

Hope this helps -- OlivierBerger

afaict those tools make installable debian binary packages but cannot be used to create packaging compliant with the buildd rules (no access to the Internet, all must be built from source and existing dependencies, no binaries in source) and therefore probably can't be used -- ThierryCarrez

CategorySpec

JavaTeam/Specs/MavenSupportSpec (last edited 2009-01-07 18:40:18 by 121)