Jib: Consider options for setting image creation time while maintaining reproducibility

this sounds infeasible.

Why? I think this thread brings up some feasible suggestions https://groups.google.com/forum/#!msg/istio-dev/nuv6UaBFGDk/sR-dfoc9CgAJ, like making it user configurable (which would let people do things like tie image creation time to a specific commit's timestamp)

If you don't think it's worth it we can close this issue.

Tycho, a set of extensions to Maven for building Eclipse/OSGi bundles that we use for CT4E, generates a timestamp using a pluggable provider. Tycho provides a git-based timestamp provider that uses JGit to determine the timestamp of the last commit within a project directory.

This is it in action in CT4E: the tycho-packaging-plugin is responsible for generating the .jar files with the version and timestamp. This is the class that actually generates the version and timestamp.

Since there are a lot of issues asking about this, we should probably provide a solution for users. Proposal:

Add a useCurrentTimestamp configuration that would set created on the container to the current time. For example, in Maven:

<configuration>
  <container>
    <useCurrentTimestamp>true</useCurrentTimestamp>
  </container>
</configuration>

When using this configuration, the build log will also display a warning saying that the image is not reproducible because useCurrentTimestamp is enabled.

This is not letting users add their own timestamps because we would have to most likely implement custom parsers to convert into the format that is necessary for the container configuration.

It doesn't work, when I config just like this :

<plugin>
     <groupId>com.google.cloud.tools</groupId>
     <artifactId>jib-maven-plugin</artifactId>
     <version>0.9.6</version>
     <configuration>
         <to>
              <image>myimage</image>
          </to>
          <container>
              <useCurrentTimestamp>true</useCurrentTimestamp>
          </container>
     </configuration>
</plugin>

the error log :
[ERROR] Failed to execute goal com.google.cloud.tools:jib-maven-plugin:0.9.6:dockerBuild (default-cli) on project jib-demo: Unable to parse configuration of mojo com.google.cloud.tools:jib-maven-plugin:0.9.6:dockerBuild for parameter useCurrentTimestamp: Cannot find 'useCurrentTimestamp' in class com.google.cloud.tools.jib.maven.JibPluginConfiguration$ContainerParameters -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/PluginConfigurationException

Hi @lovelivestyle1102 , this is currently in the works and will be available in version 0.9.7.

Where can I get this version?

@lovelivestyle1102 It isn't available yet because some changes are unfinished (including this one), but it'll hopefully be out some time this week. When that happens you'll be able to use the new version by changing the <version> in your pom.xml from 0.9.6 to 0.9.7.

I compile it from the master by myself, 0.9.7 version can't get it from the maven repository.

@lovelivestyle1102 I see you are willing to build Jib from source and use it in the other projects of yours to use the latest unstable features of Jib. In that case, you'll probably want to install (i.e., putting) the Jib SNAPSHOT JAR into your local Maven repository (~/.m2/repository), which can be done by ./mvnw clean install inside the jib-maven-plugin directory. Currently, Jib SNAPSHOT version is 0.9.7-SNAPSHOT (this can change frequently, see https://github.com/GoogleContainerTools/jib/blob/master/jib-maven-plugin/pom.xml#L6), so after you install the SNAPSHOT JAR, you'll put that version in your project to start using it:

<plugin>
     <groupId>com.google.cloud.tools</groupId>
     <artifactId>jib-maven-plugin</artifactId>
     <version>0.9.7-SNAPSHOT</version>
     <configuration>

@lovelivestyle1102 version 0.9.7 has been released and you should be able to just use that now

@Geethree @cwensel @zeusbaba you can now use the useCurrentTimestamp configuration to use the current timestamp:

<configuration>
  <container>
    <useCurrentTimestamp>true</useCurrentTimestamp>
  </container>
</configuration>

With the following plugin configuration, while issuing "mvn jib:dockerBuild" I get an image appearing as created 49 years ago.

<plugin>
    <groupId>com.google.cloud.tools</groupId>
    <artifactId>jib-maven-plugin</artifactId>
    <version>1.1.2</version>
    <configuration>
        <to>
            <image>${artifactId}</image>
        </to>
        <container>
            <useCurrentTimestamp>true</useCurrentTimestamp>
            <jvmFlags>
                <jvmFlag>-Xmx128m</jvmFlag>
            </jvmFlags>
        </container>
    </configuration>
</plugin>

@jbprek I cannot reproduce it. Are you defining the jib.container.useCurrentTimestamp Maven property or the system property by any chance? Using

     <plugin>
          <groupId>com.google.cloud.tools</groupId>
          <artifactId>jib-maven-plugin</artifactId>
          <version>1.1.2</version>
          <configuration>
              <to>
                  <image>testingtimestamp</image>
              </to>
              <container>
                  <useCurrentTimestamp>true</useCurrentTimestamp>
                  <jvmFlags>
                      <jvmFlag>-Xmx128m</jvmFlag>
                  </jvmFlags>
              </container>
          </configuration>
      </plugin>

I can see it sets the current timestamp.

$ mvn --file=pom-test2.xml jib:dockerBuild
[INFO] Scanning for projects...
[INFO] 
[INFO] -------------------------< example:helloworld >-------------------------
[INFO] Building A B C 1
[INFO] --------------------------------[ jar ]---------------------------------
[INFO] 
[INFO] --- jib-maven-plugin:1.1.2:dockerBuild (default-cli) @ helloworld ---
[WARNING] Setting image creation time to current time; your image may not be reproducible.
[INFO] 
[INFO] Containerizing application to Docker daemon as testingtimestamp...
[INFO] 
[INFO] Container entrypoint set to [java, -Xmx128m, -cp, /app/resources:/app/classes:/app/libs/*, example.HelloWorld]
[INFO] 
[INFO] Built image to Docker daemon as testingtimestamp
[INFO] Executing tasks:
[INFO] [==============================] 100.0% complete
[INFO] 
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time:  2.925 s
[INFO] Finished at: 2019-05-06T17:20:11-04:00
[INFO] ------------------------------------------------------------------------
$ docker images
REPOSITORY                 TAG                 IMAGE ID            CREATED             SIZE
testingtimestamp           latest              59251925b533        5 seconds ago       128MB

anyone hitting this from google, the <useCurrentTimestamp>true</useCurrentTimestamp> option is now <creationTime>USE_CURRENT_TIMESTAMP</creationTime>

i.e.

<container>
    <creationTime>USE_CURRENT_TIMESTAMP</creationTime>
</container>

Yes that was deprecated and you are using the updated config. You can always look at the README for the most up to date config, and track updates in the CHANGELOG

In general we try to follow semantic versioning, if you have upgraded from 1.x.x to 2.x.x there is a possibility of changing apis.

Note, the new <creationTime> parameter allows setting a fixed timestamp in addition to using USE_CURRENT_TIMESTAMP. Also, see this FAQ.