How to cache maven repo when building Spring Boot docker image on Jenkins

Question

I'm trying to build docker images for a Spring Boot application (2.3.6.RELEASE) using the spring-boot-maven-plugin build-image goal (buildpacks), but it's downloading the internet everytime! Is there a way to mount the .m2 directory to the buildpack, so it can use dependencies from the cache?

sudo ./mvnw -pl ${PROJECT_NAME} org.springframework.boot:spring-boot-maven-plugin:2.3.6.RELEASE:build-image -DskipTests=true"

I'm using the ecs jenkins plugin (https://plugins.jenkins.io/amazon-ecs/) and binding the .m2 directory and the docker socket:

Update: Ok I think the issue is I'm mounting the .m2 directory to /home/jenkins/.m2, but I'm executing the build-image goal with sudo to give the command access to docker daemon, and the default maven repo location is ~/.m2. If I execute it without sudo I get the following error:

[INFO] Building image 'docker.io/library/tellus-emergency-lighting:dev-SNAPSHOT'
[INFO] 
[INFO] I/O exception (java.io.IOException) caught when processing request to {}->docker://localhost:2376: com.sun.jna.LastErrorException: [13] Permission denied
[INFO] Retrying request to {}->docker://localhost:2376
[INFO] I/O exception (java.io.IOException) caught when processing request to {}->docker://localhost:2376: com.sun.jna.LastErrorException: [13] Permission denied
[INFO] Retrying request to {}->docker://localhost:2376
[INFO] I/O exception (java.io.IOException) caught when processing request to {}->docker://localhost:2376: com.sun.jna.LastErrorException: [13] Permission denied
[INFO] Retrying request to {}->docker://localhost:2376
[INFO]  > Pulling builder image 'gcr.io/paketo-buildpacks/builder:base-platform-api-0.3' 100%
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time:  7.685 s
[INFO] Finished at: 2020-11-23T23:19:19Z
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.springframework.boot:spring-boot-maven-plugin:2.3.6.RELEASE:build-image (default-cli) on project tellus-emergency-lighting: Execution default-cli of goal org.springframework.boot:spring-boot-maven-plugin:2.3.6.RELEASE:build-image failed: Connection to the Docker daemon at 'localhost' failed with error "[13] Permission denied"; ensure the Docker daemon is running and accessible: com.sun.jna.LastErrorException: [13] Permission denied -> [Help 1]

Is there some way I can execute it without sudo?

I also tried adding -Dmaven.repo.local=/home/jenkins/.m2, but that didn't seem to help (it still downloads the dependencies again):

sudo ./mvnw -pl ${PROJECT_NAME} org.springframework.boot:spring-boot-maven-plugin:build-image -DskipTests=true -Dmaven.repo.local=/home/jenkins/.m2

Here's my ECS agent dockerfile:

FROM jenkins/inbound-agent as builder

FROM ubuntu:20.04

#################################################
# Inspired by
# https://github.com/cloudbees/java-build-tools-dockerfile/blob/master/Dockerfile
#################################################


#================================================
# Customize sources for apt-get
#================================================
RUN DISTRIB_CODENAME=$(cat /etc/*release* | grep DISTRIB_CODENAME | cut -f2 -d'=') \
    && echo "deb http://archive.ubuntu.com/ubuntu ${DISTRIB_CODENAME} main universe\n" > /etc/apt/sources.list \
    && echo "deb http://archive.ubuntu.com/ubuntu ${DISTRIB_CODENAME}-updates main universe\n" >> /etc/apt/sources.list \
    && echo "deb http://security.ubuntu.com/ubuntu ${DISTRIB_CODENAME}-security main universe\n" >> /etc/apt/sources.list

RUN apt-get update -qqy \
  && apt-get -qqy --no-install-recommends install software-properties-common \
  && add-apt-repository -y ppa:git-core/ppa

#========================
# Miscellaneous packages
# iproute which is surprisingly not available in ubuntu:15.04 but is available in ubuntu:latest
# OpenJDK11
# groff is for aws-cli
# tree is convenient for troubleshooting builds
#========================
RUN apt-get update -qqy \
  && apt-get -qqy --no-install-recommends install \
    iproute2 \
    openssh-client ssh-askpass\
    ca-certificates \
    gpg gpg-agent \
    openjdk-11-jdk \
    tar zip unzip \
    wget curl \
    git \
    build-essential \
    less nano tree \
    jq \
    python3 python3-pip groff \
    rsync \
  && apt-get clean

#  && sed -i 's/securerandom\.source=file:\/dev\/random/securerandom\.source=file:\/dev\/urandom/' ./usr/lib/jvm/java-11-openjdk-amd64/jre/lib/security/java.security

# Update pip after install
RUN pip3 install --upgrade pip setuptools

RUN pip3 install yq

#==========
# Docker
#==========

RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -

RUN add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable"

RUN apt-get -qqy install --no-install-recommends docker-ce docker-ce-cli containerd.io

RUN apt-get update

RUN apt-get install sudo -y


#==========
# Maven
#==========
ENV MAVEN_VERSION 3.6.3

RUN curl -fsSL http://archive.apache.org/dist/maven/maven-3/$MAVEN_VERSION/binaries/apache-maven-$MAVEN_VERSION-bin.tar.gz | tar xzf - -C /usr/share \
  && mv /usr/share/apache-maven-$MAVEN_VERSION /usr/share/maven \
  && ln -s /usr/share/maven/bin/mvn /usr/bin/mvn

ENV MAVEN_HOME /usr/share/maven

#==========
# Gradle
#==========

ENV GRADLE_VERSION 6.5.1

RUN wget -q https://services.gradle.org/distributions/gradle-${GRADLE_VERSION}-bin.zip -P /tmp \
  && unzip -d /opt/gradle /tmp/gradle-${GRADLE_VERSION}-bin.zip \
  && ln -s /opt/gradle/gradle-${GRADLE_VERSION}/bin/gradle /usr/bin/gradle \
  && rm /tmp/gradle-${GRADLE_VERSION}-bin.zip

#========================================
# Add normal user with passwordless sudo
#========================================
RUN useradd jenkins --shell /bin/bash --create-home \
  && usermod -a -G sudo jenkins \
  && echo 'ALL ALL = (ALL) NOPASSWD: ALL' >> /etc/sudoers \
  && echo 'jenkins ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers \
  && echo 'jenkins:secret' | chpasswd

#====================================
# AWS CLI
#====================================
RUN pip3 install awscli

# compatibility with CloudBees AWS CLI Plugin which expects pip to be installed as user
RUN mkdir -p /home/jenkins/.local/bin/ \
  && ln -s /usr/local/bin/pip /home/jenkins/.local/bin/pip \
  && chown -R jenkins:jenkins /home/jenkins/.local

#====================================
# Kubernetes CLI
# See https://storage.googleapis.com/kubernetes-release/release/stable.txt
#====================================
RUN curl https://storage.googleapis.com/kubernetes-release/release/v1.19.3/bin/linux/amd64/kubectl -o /usr/local/bin/kubectl && chmod +x /usr/local/bin/kubectl

#==========
# Slave
#==========

COPY --from=builder /usr/local/bin/jenkins-slave /usr/local/bin/jenkins-agent
COPY --from=builder /usr/share/jenkins/agent.jar /usr/share/jenkins/agent.jar

USER root

RUN chmod +x /usr/local/bin/jenkins-agent \
  && ln -s /usr/local/bin/jenkins-agent /usr/local/bin/jenkins-slave
RUN chmod 644 /usr/share/jenkins/agent.jar \
  && ln -sf /usr/share/jenkins/agent.jar /usr/share/jenkins/slave.jar

USER jenkins

ENTRYPOINT ["jenkins-agent"]

Answer 1

There's probably a better way to do it, but I got it working by adding: -Dmaven.repo.local=/home/jenkins/.m2/repository, so:

sudo ./mvnw -pl ${PROJECT_NAME} org.springframework.boot:spring-boot-maven-plugin:2.3.6.RELEASE:build-image -Dmaven.repo.local=/home/jenkins/.m2/repository -DskipTests=true"