encrypt/obfuscate/secure quarkus app on compile

[nimo23]

Description
Actually, we can use jvm or native mode when compiling quarkus projects. These can be distributed to cloud servers or devices. Would be nice if quarkus provides integration of something like proGuard or protector4J to secure the app on compile.

Implementation ideas
For example, the quarkus secure build can be used by a new task:
./mvnw compile quarkus:guard

[bolodecenouracomcafe]

I have the same need, it would be nice if the maven proguard plug-in worked with Quarkus in native mode.

https://github.com/wvengen/proguard-maven-plugin

In addition to the safety benefit, ProGuard also helps to decrease the size of the jar.

[bolodecenouracomcafe]

I asked to Proguard team and they answered: "Optimizing and name-obfuscating server-side applications is generally not useful, unless you are really concerned about the application size."

[gsmet]

It can be done as an external project but I really would prefer we don't include any obfuscation-related features inside Quarkus proper.

Closing it for now.

If someone wants to work on it and needs additional extension points, we can certainly talk about it in specific issues.

[devprojectsme]

Dear @gsmet ,

I do realize it is "not recommended" to comment on the closed issue, but am not sure it would be any better to open the new once for this.

My question is: in the fast-jar packaging mode, Quarkus creates the generated-bytecode.jar file. This file contains classes with the references to the actual app code under quarkus-app\app path. Hence obfuscating the app jar part under that path is not sufficient. Obfuscation frameworks do not allow separate obfuscation of different parts. You have mentioned this could be done externally, but I am not sure how to proceed with that. Could you please provide a small hint to it?

Thanks in advance!