This page explains how to use Cloud Build to build and test Java-based applications, store built artifacts in a Maven repository in Artifact Registry, and generate build provenance information.
Before you begin
- Be familiar with creating Java-based applications.
- Be familiar with Maven
- Have your Java project ready.
- Be familiar with how to write a Cloud Build configuration file.
- Have a Maven repository in Artifact Registry. If you do not have one, create a new repository.
- To run the
gcloudcommands in this page, install the Google Cloud CLI.
You can configure Cloud Build to build Java applications using the
maven image from Docker Hub.
To execute your tasks in the
maven image, specify the URL of the
image and the tagged version of the image in the
name field of your build
config file. If you don't specify the image tag, Cloud Build
latest image by default. Cloud Build starts the image
name by using the image's default entrypoint. To override the
default entrypoint and to invoke
maven as an entrypoint, specify
mvn in the
The following build config file specifies the
entrypoint for the
maven image and prints the build tool version:
steps: - name: maven:3.3-jdk-8 entrypoint: mvn args: ['--version']
In your project root directory, create a build config file named
maven test, which downloads dependencies, builds the applications, and runs any tests specified in your source code. The
argsfield of a build step takes a list of arguments and passes them to the image referenced by the
In your build config file, add
argsfield to invoke
steps: - name: maven:3.3-jdk-8 entrypoint: mvn args: ['test']
Package application: To package your application into a JAR file for your
mavenimage, specify the
packagecommand in the
packagecommand builds a JAR file in
The following build step packages your Java application:
steps: - name: maven:3.3-jdk-8 entrypoint: mvn args: ['package','-Dmaven.test.skip=true']
Upload to Artifact Registry:
Cloud Build generates Supply chain Levels for Software Artifacts (SLSA) build provenance information for standalone Maven packages when you upload artifacts to Artifact Registry using the
mavenArtifactsfield in your Cloud Build config file.
In your build config file, use the
mavenArtifactsfield to specify your application file path and your Maven repository in Artifact Registry:
artifacts: mavenArtifacts: - repository: 'https://location-maven.pkg.dev/project-id/repository-name' path: 'app-path' artifactId: 'build-artifact' groupId: 'group-id' version: 'version'
Replace the following values:
- location: the location for your repository in Artifact Registry.
- project-id: the ID of the Google Cloud project that contains your Artifact Registry repository.
- repository-name: the name of your Maven repository in Artifact Registry.
- app-path: the path to your packaged application.
- build-artifact: the name of your package file created from your build step.
- group-id: uniquely identifies your project across all Maven projects, in the format
com.mycompany.app. For more information, see the Maven guide to naming conventions.
- version: the version number for your application, formatted in numbers and dots like
Optional: Enable provenance for regional builds
If you are using a regional build, add the
requestedVerifyOptionfield in the
optionsin your build config file. Set the value to
VERIFIEDto enable provenance metadata generation. If you don't add
requestedVerifyOption: VERIFIED, Cloud Build generates provenance for global builds only.
options: requestedVerifyOption: VERIFIED
Once your build completes, you can view repository details in Artifact Registry.
- Learn how to view build results.
- Learn how to safeguard builds.
- Learn how to perform blue/green deployments on Compute Engine.
- Learn how to build and containerize Java applications.
- Learn how to deploy an application on Cloud Run.
- Learn how to deploy an application on GKE.
- Learn how to troubleshoot build errors.