Build and test Java applications

This page explains how to use Cloud Build to build and test Java-based applications, store built artifacts in a Maven repository in Artifact Registry, and generate build provenance information.

Before you begin

Using the maven image

You can configure Cloud Build to build Java applications using the maven image from Docker Hub.

To execute your tasks in the maven image, specify the URL of the image and the tagged version of the image in the name field of your build config file. If you don't specify the image tag, Cloud Build uses the latest image by default. Cloud Build starts the image specified in name by using the image's default entrypoint. To override the default entrypoint and to invoke maven as an entrypoint, specify mvn in the entrypoint field.

The following build config file specifies the entrypoint for the maven image and prints the build tool version:

          - name: maven:3.3-jdk-8
            entrypoint: mvn
            args: ['--version']

Configuring Java builds

  1. In your project root directory, create a build config file named cloudbuild.yaml.

  2. Run tests: maven provides maven test, which downloads dependencies, builds the applications, and runs any tests specified in your source code. The args field of a build step takes a list of arguments and passes them to the image referenced by the name field.

    In your build config file, add test to the args field to invoke test within maven:

         - name: maven:3.3-jdk-8
           entrypoint: mvn
           args: ['test']
  3. Package application: To package your application into a JAR file for your maven image, specify the package command in the args field. The package command builds a JAR file in /workspace/target/.

    The following build step packages your Java application:

         - name: maven:3.3-jdk-8
           entrypoint: mvn
           args: ['package','-Dmaven.test.skip=true']
  4. Upload to Artifact Registry:

    In your build config file, use the mavenArtifacts field to specify your application path and your Maven repository in Artifact Registry:

      - repository: ''
        path: 'app-path'
        artifactId: 'build-artifact'
        groupId: 'group-id'
        version: 'version'

    Replace the following values:

    • location: the location for your repository in Artifact Registry.
    • project-id: the ID of the Google Cloud project that contains your Artifact Registry repository.
    • repository-name: the name of your Maven repository in Artifact Registry.
    • app-path: the path to your packaged application.
    • build-artifact: the name of your package file created from your build step.
    • group-id: uniquely identifies your project across all Maven projects, in the format For more information, see the Maven guide to naming conventions.
    • version: the version number for your application, formatted in numbers and dots like 1.0.1.
  5. Optional: Enable provenance generation

    Cloud Build can generate verifiable Supply chain Levels for Software Artifacts (SLSA) build provenance metadata to help secure your continuous integration pipeline.

    To enable provenance generation, add requestedVerifyOption: VERIFIED to the options section in your config file.

  6. Start your build: manually or using build triggers.

    Once your build completes, you can view repository details in Artifact Registry.

    You can also view build provenance metadata and validate provenance.

What's next