Add Artifacts Manifest Extension

[Timthetic]

Before this PR

Automatic discovery of the "main container image" has been deprecated for a while now.

After this PR

==COMMIT_MSG==
Explicitly list main container image in artifacts extension
==COMMIT_MSG==

Possible downsides?

[changelog-app]

Generate changelog in changelog/@unreleased

What do the change types mean?

• feature: A new feature of the service.
• improvement: An incremental improvement in the functionality or operation of the service.
• fix: Remedies the incorrect behaviour of a component of the service in a backwards-compatible way.
• break: Has the potential to break consumers of this service's API, inclusive of both Palantir services
  and external consumers of the service's API (e.g. customer-written software or integrations).
• deprecation: Advertises the intention to remove service functionality without any change to the
  operation of the service itself.
• manualTask: Requires the possibility of manual intervention (running a script, eyeballing configuration,
  performing database surgery, ...) at the time of upgrade for it to succeed.
• migration: A fully automatic upgrade migration task with no engineer input required.

Note: only one type should be chosen.

How are new versions calculated?

• ❗The break and manual task changelog types will result in a major release!
• 🐛 The fix changelog type will result in a minor release in most cases, and a patch release version for patch branches. This behaviour is configurable in autorelease.
• ✨ All others will result in a minor version release.

Type

• Feature
• Improvement
• Fix
• Break
• Deprecation
• Manual task
• Migration

Description

add artifacts manifest extension

Check the box to generate changelog(s)

• Generate changelog entry

[iamdanfox]

nice - could we include a mention (and maybe example) in the README so that if people search for this they'll find something?

[iamdanfox]

Looks neat to me! Just need a real +1 from @CRogers / other BE infra maintainer

Invalidated by push of 5180fc0

[felixdesouza]

Thanks for putting this together.

A few comments below.

Can you also add a test to CreateManifestTaskIntegrationSpec, so we can be sure that it works when invoked via the buildscript? It will also ensure that we don't inadvertently break this feature in the future.

[felixdesouza]

as a safety mechanism, I think we should check to see if there is any artifacts extension currently, and then throw telling users to use the new thing instead of silently failing. As whatever they put before will be clobbered.

[felixdesouza]

is it artifacts or artifact ? going from the above statement:

You can specify container images that your product requires using the artifacts declaration on the distribution

[felixdesouza]

let's make this a DomainObjectSet. You can get an instance of one via project.getObjects().domainObjectSet(). It allows you to have listeners on things and some convenient methods which I will discuss below.

[felixdesouza]

you would also set up your configureEach/whenObjectAdded here.

[felixdesouza]

nit: private

[felixdesouza]

I don't believe you want to do this here, because there's nothing stopping people from using the getArtifacts() method and adding to the set directly.

You can either:

• remove direct access to getArtifacts() by making it private/package-private - although this might not be foolproof considering that gradle buildscripts can access things
• or, use a configureEach or whenObjectAdded on the named domain object set. Then it doesn't matter how ArtifactLocator ends up in the set, it will then be validated before anyone can do anything with it.

[felixdesouza]

You should make this a managed type. This will allow you to have lazily set properties and not have to get/set in an afterEvaluate in your consumers. Yes, it is different from all the others, however, it's a bit of a pain to migrate all the others.

This will crop up in your PR when you try to use this new thing.

[felixdesouza]

You will then have to have a separate type for json serialization, but you won't have to expose that to consumers.

[Timthetic]

Huh, looks like the docs aren't there for Gradle 8.8. For myself, I'm linking them for 7.6.2: https://docs.gradle.org/7.6.2/userguide/custom_gradle_types.html#managed_types

[felixdesouza]

this simplifies to just:

create the ArtifactLocator

You will need to do something like project.getObjects().newInstance(ArtifactLocator.class) to make Gradle instantiate and "managed" your managed type for you.

configure it

can just do your project.configure(artifactLocator, closure), and you don't have to worry about wrapping that in a provider since the underlying type is lazy

just add it

add it to the domain object set, and the validation in the configureEach or whenObjectAdded will take over.

[felixdesouza]

you should also add a artifact(Action<ArtifactLocator> action) { ... } method. That gives you a type safe way of adding it to the set when using Java. Buildscript will likely pick the Closure form.

Instead of project.configure(...) you end up just doing action.execute(locator).

[felixdesouza]

With the whole managed type thing, it becomes a lot more cumbersome for consumers to make this as it needs to be instantiated via gradle. So you should get rid of this method and make them use the closure/action methods below.

[iamdanfox]

if we go down the whole 'managed type' route, is it still convenient to interact with these APIs from other java codebases??

[felixdesouza]

yes, it's how all new(er) plugins are written and also preferred way from Gradle. You have all the lazy safe mutators via map and flatMap etc.

As argued in some other comment, not having Property means that you can never be sure when the value of things inside ArtifactLocator is finally set. Depending on when your plugin is applied and when someone or something might change the value that ArtifactLocator depends on, means that you often end up having to write afterEvaluate which mostly sucks.

[felixdesouza]

is there any point of having the user specify oci ? is it always oci?

Regardless of whether I think we include it or not. We should document what other options there are and what effect it has.

[Timthetic]

I added some notes about this in the readme, but the short answer is that I wanted to match what we do in the SLS spec. I'd prefer being a little verbose over baking in an assumption that "oci" will be the only type we ever support

[felixdesouza]

For manifest consumers, it might be worth giving a snippet of what this does to the manifest.yml file. Doesn't have to be the whole file, just the basic required ones and what it adds to the extensions object or whatever it's supposed to be.

[felixdesouza]

please inline

[felixdesouza]

talked offline, please rephrase

[felixdesouza]

offline: get rid of serializable and don't use this in the gradle type

Invalidated by push of b1aacdf

[felixdesouza]

👍