-
Type:
Bug
-
Status: Resolved
-
Priority:
Minor
-
Resolution: Fixed
-
Affects Version/s: None
-
Fix Version/s: 10.3.0, nuxeo-11.0.0
-
Component/s: ARender
-
Tags:
-
Team:PLATFORM
We would like to have a Maven BOM for ARender HMI.
Context
We want to use spring-security-oauth2-client in our integration.
The version we're gonna use (5.2.2.RELEASE) depends on Spring Framework 5.2.3.RELEASE while HMI depends respectively on 5.2.2.RELEASE and 5.2.4.RELEASE.
While building our Docker image on top of arender-hmi, we need to copy the needed dependencies for our connector, such as our java client. When we depend on spring-security-oauth2-client, we also copy the Spring artifacts, but the artifacts are already present in the image which could lead to issues/conflicts at runtime.
Request
To prevent such a thing to happen, we want to leverage Maven dependency tree resolution.
Our connector will import this BOM and then depend on the stuff it needs. In the case of artifacts conflict, like arender-hmi/spring-webmvc and spring-security-oauth2-client/spring-webmvc, the import of the BOM will force the usage of spring-webmvc version declared for ARender HMI.
Example
You can find below the one we wrote to complete the POC we made about this subject.
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> <modelVersion>4.0.0</modelVersion> <parent> <groupId>com.nuxeo.arender</groupId> <artifactId>nuxeo-arender-connector-code</artifactId> <version>10.2.0-SNAPSHOT</version> </parent> <!-- bom is needed in order to depend on spring-security-oauth2-client without depending on another version of spring --> <artifactId>arender-bom</artifactId> <packaging>pom</packaging> <name>ARender Previewer BOM</name> <properties> <!-- properties were copied from arender-root --> <commons-io.version>2.6</commons-io.version> <commons-lang3.version>3.4</commons-lang3.version> <jackson.version>2.9.8</jackson.version> <kotlin-stdlib.version>1.3.50</kotlin-stdlib.version> <org.springframework.version>5.2.4.RELEASE</org.springframework.version> <spring.security.version>5.2.2.RELEASE</spring.security.version> </properties> <dependencyManagement> <dependencies> <dependency> <groupId>commons-io</groupId> <artifactId>commons-io</artifactId> <version>${commons-io.version}</version> </dependency> <dependency> <groupId>org.apache.commons</groupId> <artifactId>commons-lang3</artifactId> <version>${commons-lang3.version}</version> </dependency> <dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-annotations</artifactId> <version>${jackson.version}</version> </dependency> <dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-core</artifactId> <version>${jackson.version}</version> </dependency> <dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-databind</artifactId> <version>${jackson.version}</version> </dependency> <dependency> <groupId>org.jetbrains.kotlin</groupId> <artifactId>kotlin-stdlib</artifactId> <version>${kotlin-stdlib.version}</version> </dependency> <!-- Spring dependencies --> <dependency> <groupId>org.springframework</groupId> <artifactId>spring-framework-bom</artifactId> <version>${org.springframework.version}</version> <type>pom</type> <scope>import</scope> </dependency> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-bom</artifactId> <version>${spring.security.version}</version> <type>pom</type> <scope>import</scope> </dependency> </dependencies> </dependencyManagement> </project>
