diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 363f2141..9c3a6771 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -1,3 +1,4 @@
+---
#
# Copyright (c) 2023 T-Systems International GmbH
# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation
@@ -41,10 +42,17 @@ on:
- '**/*.md'
# Manual workflow trigger
workflow_dispatch:
-
-# the docker registry and namespace
-env:
- IMAGE_NAMESPACE: "tractusx"
+ inputs:
+ deploy_maven:
+ description: 'whether maven packages should be deployed (default: false)'
+ default: 'false'
+ required: false
+ type: string
+ deploy_docker:
+ description: 'whether docker images should be deployed (default: true)'
+ default: 'true'
+ required: false
+ type: string
# If build is triggered several times, e.g., through subsequent pushes
# into the same PR, cancel the previous runs, see below
@@ -63,6 +71,20 @@ jobs:
strategy:
fail-fast: false
steps:
+
+ # Determine the right target docker repo
+ - name: Check github repository and set docker repo
+ id: set-docker-repo
+ run: |
+ echo "REGISTRY=docker.io" >> $GITHUB_OUTPUT;
+ echo "REPO=tractusx" >> $GITHUB_OUTPUT;
+ if [ "${{ github.repository }}" != "eclipse-tractusx/knowledge-agents-edc" ];
+ then
+ echo "REGISTRY=ghcr.io" >> $GITHUB_OUTPUT
+ echo "REPO=ghcr.io/${{ github.repository }}" >> $GITHUB_OUTPUT
+ fi
+ exit 0
+
# Get the Code
- name: Checkout repository
uses: actions/checkout@v3
@@ -72,27 +94,28 @@ jobs:
# Setup build environment
- uses: ./.github/actions/setup-java
- # Enabled deployment access (if either running on main or a version tag on eclipse-tractusx)
+ # Enable deployment access (on demand or main branch and version tags only)
- name: Login to GitHub Container Registry
- if: ${{ github.repository == 'eclipse-tractusx/knowledge-agents' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')) }}
+ if: ${{ ( github.event.inputs.deploy_docker == 'true' || github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v') ) }}
uses: docker/login-action@v2
with:
+ registry: ${{ steps.set-docker-repo.outputs.REGISTRY }}
# Use existing DockerHub credentials present as secrets
- username: ${{ secrets.DOCKER_HUB_USER }}
- password: ${{ secrets.DOCKER_HUB_TOKEN }}
+ username: ${{ secrets.DOCKER_HUB_USER || github.actor }}
+ password: ${{ secrets.DOCKER_HUB_TOKEN || secrets.GITHUB_TOKEN }}
- # Run Maven Deploy (if either running on main or a version tag on eclipse-tractusx)
+ # Run Maven Deploy (on demand or if either running on main or a version tag)
- name: Deploy Java via Maven
- if: ${{ github.repository == 'eclipse-tractusx/knowledge-agents' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')) }}
+ if: ${{ ( github.event.inputs.deploy_maven == 'true' || github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v') ) }}
run: |
- ./mvnw -s settings.xml deploy
+ ./mvnw -s settings.xml deploy -DaltDeploymentRepository=github::default::https://maven.pkg.github.com/${{ github.repository }}
env:
GITHUB_ACTOR: ${{ github.actor }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# Run Maven Install (otherwise)
- name: Build Java via Maven
- if: ${{ github.repository != 'eclipse-tractusx/knowledge-agents' || (github.ref != 'refs/heads/main' && !startsWith(github.ref, 'refs/tags/v')) }}
+ if: ${{ ( github.event.inputs.deploy_maven != 'true' && github.ref != 'refs/heads/main' && !startsWith(github.ref, 'refs/tags/v') ) }}
run: |
./mvnw -s settings.xml install
env:
@@ -105,7 +128,7 @@ jobs:
uses: docker/metadata-action@v4
with:
images: |
- ${{ env.IMAGE_NAMESPACE }}/conforming-agent
+ ${{ steps.set-docker-repo.outputs.REPO }}/conforming-agent
# Automatically prepare image tags; See action docs for more examples.
# semver patter will generate tags like these for example :1 :1.2 :1.2.3
tags: |
@@ -114,7 +137,7 @@ jobs:
type=semver,pattern={{version}}
type=semver,pattern={{major}}
type=semver,pattern={{major}}.{{minor}}
- type=raw,value=1.10.2-SNAPSHOT,enable=${{ github.ref == format('refs/heads/{0}', 'main') }}
+ type=raw,value=1.10.2-SNAPSHOT,enable=${{ github.event.inputs.deploy_docker == 'true' || github.ref == format('refs/heads/{0}', 'main') }}
type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'main') }}
# build in any case, but push only main and version tag settings
@@ -124,19 +147,19 @@ jobs:
context: conforming/.
file: conforming/src/main/docker/Dockerfile
# Build image for verification purposes on every trigger event. Only push if event is not a PR
- push: ${{ github.repository == 'eclipse-tractusx/knowledge-agents' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')) }}
+ push: ${{ ( github.event.inputs.deploy_docker == 'true' || github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v') ) }}
tags: ${{ steps.meta-conf.outputs.tags }}
labels: ${{ steps.meta-conf.outputs.labels }}
# Important step to push image description to DockerHub - since this is version independent, we always take it from main
- name: Update Docker Hub description for Conforming Agent
- if: ${{ github.repository == 'eclipse-tractusx/knowledge-agents' && github.ref == 'refs/heads/main' }}
+ if: ${{ steps.set-docker-repo.outputs.REPO == 'docker.io' && github.ref == 'refs/heads/main' }}
uses: peter-evans/dockerhub-description@v3
with:
readme-filepath: conforming/README.md
- username: ${{ secrets.DOCKER_HUB_USER }}
- password: ${{ secrets.DOCKER_HUB_TOKEN }}
- repository: ${{ env.IMAGE_NAMESPACE }}/conforming-agent
+ username: ${{ secrets.DOCKER_HUB_USER || github.actor }}
+ password: ${{ secrets.DOCKER_HUB_TOKEN || secrets.GITHUB_TOKEN }}
+ repository: ${{ steps.set-docker-repo.outputs.REPO }}/conforming-agent
# Create SemVer or ref tags dependent of trigger event
- name: Docker Meta Remoting
@@ -144,7 +167,7 @@ jobs:
uses: docker/metadata-action@v4
with:
images: |
- ${{ env.IMAGE_NAMESPACE }}/remoting-agent
+ ${{ steps.set-docker-repo.outputs.REPO }}/remoting-agent
# Automatically prepare image tags; See action docs for more examples.
# semver patter will generate tags like these for example :1 :1.2 :1.2.3
tags: |
@@ -153,7 +176,7 @@ jobs:
type=semver,pattern={{version}}
type=semver,pattern={{major}}
type=semver,pattern={{major}}.{{minor}}
- type=raw,value=1.10.2-SNAPSHOT,enable=${{ github.ref == format('refs/heads/{0}', 'main') }}
+ type=raw,value=1.10.2-SNAPSHOT,enable=${{ github.event.inputs.deploy_docker == 'true' || github.ref == format('refs/heads/{0}', 'main') }}
type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'main') }}
# build in any case, but push only main and version tag settings
@@ -163,19 +186,19 @@ jobs:
context: remoting/.
file: remoting/src/main/docker/Dockerfile
# Build image for verification purposes on every trigger event. Only push if event is not a PR
- push: ${{ github.repository == 'eclipse-tractusx/knowledge-agents' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')) }}
+ push: ${{ ( github.event.inputs.deploy_docker == 'true' || github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v') ) }}
tags: ${{ steps.meta-remote.outputs.tags }}
labels: ${{ steps.meta-remote.outputs.labels }}
# Important step to push image description to DockerHub - since this is version independent, we always take it from main
- name: Update Docker Hub description for Remoting Agent
- if: ${{ github.repository == 'eclipse-tractusx/knowledge-agents' && github.ref == 'refs/heads/main' }}
+ if: ${{ steps.set-docker-repo.outputs.REPO == 'docker.io' && github.ref == 'refs/heads/main' }}
uses: peter-evans/dockerhub-description@v3
with:
readme-filepath: remoting/README.md
- username: ${{ secrets.DOCKER_HUB_USER }}
- password: ${{ secrets.DOCKER_HUB_TOKEN }}
- repository: ${{ env.IMAGE_NAMESPACE }}/remoting-agent
+ username: ${{ secrets.DOCKER_HUB_USER || github.actor }}
+ password: ${{ secrets.DOCKER_HUB_TOKEN || secrets.GITHUB_TOKEN }}
+ repository: ${{ steps.set-docker-repo.outputs.REPO }}/remoting-agent
# Create SemVer or ref tags dependent of trigger event
- name: Docker Meta Provisioning
@@ -183,7 +206,7 @@ jobs:
uses: docker/metadata-action@v4
with:
images: |
- ${{ env.IMAGE_NAMESPACE }}/provisioning-agent
+ ${{ steps.set-docker-repo.outputs.REPO }}/provisioning-agent
# Automatically prepare image tags; See action docs for more examples.
# semver patter will generate tags like these for example :1 :1.2 :1.2.3
tags: |
@@ -192,7 +215,7 @@ jobs:
type=semver,pattern={{version}}
type=semver,pattern={{major}}
type=semver,pattern={{major}}.{{minor}}
- type=raw,value=1.10.2-SNAPSHOT,enable=${{ github.ref == format('refs/heads/{0}', 'main') }}
+ type=raw,value=1.10.2-SNAPSHOT,enable=${{ github.event.inputs.deploy_docker == 'true' || github.ref == format('refs/heads/{0}', 'main') }}
type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'main') }}
# build in any case, but push only main and version tag settings
@@ -202,17 +225,16 @@ jobs:
context: provisioning/.
file: provisioning/src/main/docker/Dockerfile
# Build image for verification purposes on every trigger event. Only push if event is not a PR
- push: ${{ github.repository == 'eclipse-tractusx/knowledge-agents' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')) }}
+ push: ${{ ( github.event.inputs.deploy_docker == 'true' || github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v') ) }}
tags: ${{ steps.meta-prov.outputs.tags }}
labels: ${{ steps.meta-prov.outputs.labels }}
# Important step to push image description to DockerHub - since this is version independent, we always take it from main
- name: Update Docker Hub description for Provisioning Agent
- if: ${{ github.repository == 'eclipse-tractusx/knowledge-agents' && github.ref == 'refs/heads/main' }}
+ if: ${{ steps.set-docker-repo.outputs.REPO == 'docker.io' && github.ref == 'refs/heads/main' }}
uses: peter-evans/dockerhub-description@v3
with:
readme-filepath: provisioning/README.md
- username: ${{ secrets.DOCKER_HUB_USER }}
- password: ${{ secrets.DOCKER_HUB_TOKEN }}
- repository: ${{ env.IMAGE_NAMESPACE }}/provisioning-agent
-
+ username: ${{ secrets.DOCKER_HUB_USER || github.actor }}
+ password: ${{ secrets.DOCKER_HUB_TOKEN || secrets.GITHUB_TOKEN }}
+ repository: ${{ steps.set-docker-repo.outputs.REPO }}/provisioning-agent
diff --git a/.github/workflows/helm-chart-lint.yml b/.github/workflows/helm-chart-lint.yml
index ff7a7b44..92375570 100644
--- a/.github/workflows/helm-chart-lint.yml
+++ b/.github/workflows/helm-chart-lint.yml
@@ -1,3 +1,4 @@
+---
#
# Copyright (c) 2022, 2023 Contributors to the Eclipse Foundation
#
@@ -98,7 +99,7 @@ jobs:
- name: Build Java/Docker via Maven
run: |
- ./mvnw -s settings.xml deploy -Drepo=kind-registry:5000/tractusx/ -Dmaven.deploy.skip -DskipTests -Pwith-docker-image
+ ./mvnw -s settings.xml deploy -Drepo=kind-registry:5000/tractusx/ -Dmaven.deploy.skip -DskipTests -Pwith-docker-image
if: github.event_name != 'pull_request' || env.CHART_CHANGED == 'true'
# install the chart to the kind cluster and run helm test
@@ -119,7 +120,7 @@ jobs:
# Upgrade the released chart version with the locally available chart
# default value for event_name != workflow_dispatch
- - name: Run helm upgrade on provisioning agent
+ - name: Run helm upgrade on provisioning agent
run: |
helm repo add tractusx-dev https://eclipse-tractusx.github.io/charts/dev
helm install provisioning tractusx-dev/provisioning-agent --version ${{ github.event.inputs.upgrade_from }} --set=image.registry=kind-registry:5000/
diff --git a/.github/workflows/helm-chart-release.yml b/.github/workflows/helm-chart-release.yml
index e28e285a..f663d797 100644
--- a/.github/workflows/helm-chart-release.yml
+++ b/.github/workflows/helm-chart-release.yml
@@ -1,3 +1,4 @@
+---
#
# Copyright (c) 2022, 2023 Contributors to the Eclipse Foundation
#
diff --git a/.github/workflows/kics.yml b/.github/workflows/kics.yml
index 6d9db321..5c174f27 100644
--- a/.github/workflows/kics.yml
+++ b/.github/workflows/kics.yml
@@ -1,3 +1,4 @@
+---
#
# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation
#
@@ -17,16 +18,15 @@
# SPDX-License-Identifier: Apache-2.0
#
----
name: "KICS"
on:
push:
- branches:
- - main
- - 'release/*'
+ branches:
+ - main
+ - 'release/*'
pull_request:
- branches:
+ branches:
- main
- 'release/*'
@@ -48,22 +48,22 @@ jobs:
steps:
- uses: actions/checkout@v3.5.2
-#
-# Take out
-# - the "Always" Image Pull Policy Rule (caa3479d-885d-4882-9aac-95e5e78ef5c2) because depending on the deployment/rollout scenarios, other policies are more reasonable.
-# - the "LimitRange" Namespace Rule (4a20ebac-1060-4c81-95d1-1f7f620e983b) because the target namespace may define that external to the Chart.
-# - the "ResourceQuota" Namespace Rule (48a5beba-e4c0-4584-a2aa-e6894e4cf424) because the target namespace may define that external to the Chart.
-# - the "Digest" Image Requirement (7c81d34c-8e5a-402b-9798-9f442630e678) can be realised for releases, but not the mainline
-# - the "AppArmorProfile" Requirement (8b36775e-183d-4d46-b0f7-96a6f34a723f) is still a beta functionality
-# - the "Administrative Boundaries" Info (e84eaf4d-2f45-47b2-abe8-e581b06deb66) would not be visible
-#
+ #
+ # Take out
+ # - the "Always" Image Pull Policy Rule (caa3479d-885d-4882-9aac-95e5e78ef5c2) because depending on the deployment/rollout scenarios, other policies are more reasonable.
+ # - the "LimitRange" Namespace Rule (4a20ebac-1060-4c81-95d1-1f7f620e983b) because the target namespace may define that external to the Chart.
+ # - the "ResourceQuota" Namespace Rule (48a5beba-e4c0-4584-a2aa-e6894e4cf424) because the target namespace may define that external to the Chart.
+ # - the "Digest" Image Requirement (7c81d34c-8e5a-402b-9798-9f442630e678) can be realised for releases, but not the mainline
+ # - the "AppArmorProfile" Requirement (8b36775e-183d-4d46-b0f7-96a6f34a723f) is still a beta functionality
+ # - the "Administrative Boundaries" Info (e84eaf4d-2f45-47b2-abe8-e581b06deb66) would not be visible
+ #
- name: KICS scan
uses: checkmarx/kics-github-action@v1.7.0
with:
path: "."
fail_on: high
disable_secrets: true
- output_path: kicsResults/
+ output_path: kicsResults/
exclude_queries: caa3479d-885d-4882-9aac-95e5e78ef5c2,4a20ebac-1060-4c81-95d1-1f7f620e983b,48a5beba-e4c0-4584-a2aa-e6894e4cf424,7c81d34c-8e5a-402b-9798-9f442630e678,8b36775e-183d-4d46-b0f7-96a6f34a723f,e84eaf4d-2f45-47b2-abe8-e581b06deb66
output_formats: "json,sarif"
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
index e67f77fc..a8e92b62 100644
--- a/.github/workflows/trivy.yml
+++ b/.github/workflows/trivy.yml
@@ -1,3 +1,4 @@
+---
#
# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation
#
@@ -17,7 +18,6 @@
# SPDX-License-Identifier: Apache-2.0
#
----
name: "Trivy"
on:
@@ -25,7 +25,7 @@ on:
- cron: "0 0 * * *"
workflow_dispatch:
workflow_run:
- workflows: [ "Build" ]
+ workflows: ["Build"]
branches:
- main
tags:
@@ -71,35 +71,52 @@ jobs:
sarif_file: "trivy-results-config.sarif"
trivy:
- needs: [ git-sha7 ]
+ needs: [git-sha7]
permissions:
actions: read
contents: read
security-events: write
runs-on: ubuntu-latest
strategy:
- fail-fast: false # continue scanning other images although if the other has been vulnerable
+ # continue scanning other images although if the other has been vulnerable
+ fail-fast: false
matrix:
image:
- provisioning-agent
- remoting-agent
- conforming-agent
steps:
+
+ # Determine the right target docker repo
+ - name: Check github repository and set docker repo
+ id: set-docker-repo
+ run: |
+ echo "REGISTRY=docker.io" >> $GITHUB_OUTPUT;
+ echo "REPO=tractusx" >> $GITHUB_OUTPUT;
+ if [ "${{ github.repository }}" != "eclipse-tractusx/knowledge-agents-edc" ];
+ then
+ echo "REGISTRY=ghcr.io" >> $GITHUB_OUTPUT
+ echo "REPO=ghcr.io/${{ github.repository }}" >> $GITHUB_OUTPUT
+ fi
+ exit 0
+
- uses: actions/checkout@v3.5.2
- # We need to login
+ # Enable repository access (on main branch and version tags only)
- name: Login to GitHub Container Registry
+ if: ${{ ( github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v') ) }}
uses: docker/login-action@v2
with:
+ registry: ${{ steps.set-docker-repo.outputs.REGISTRY }}
# Use existing DockerHub credentials present as secrets
- username: ${{ secrets.DOCKER_HUB_USER }}
- password: ${{ secrets.DOCKER_HUB_TOKEN }}
+ username: ${{ secrets.DOCKER_HUB_USER || github.actor }}
+ password: ${{ secrets.DOCKER_HUB_TOKEN || secrets.GITHUB_TOKEN }}
- ## This step will fail if the docker images is not found
+ # This step will fail if the docker images is not found
- name: "Check if image exists"
id: imageCheck
run: |
- docker manifest inspect tractusx/${{ matrix.image }}:${{ needs.git-sha7.outputs.value }}
+ docker manifest inspect ${{ steps.set-docker-repo.outputs.REPO }}/${{ matrix.image }}:${{ needs.git-sha7.outputs.value }}
continue-on-error: true
## the next two steps will only execute if the image exists check was successful
@@ -107,7 +124,7 @@ jobs:
if: success() && steps.imageCheck.outcome != 'failure'
uses: aquasecurity/trivy-action@master
with:
- image-ref: "tractusx/${{ matrix.image }}:${{ needs.git-sha7.outputs.value }}"
+ image-ref: "${{ steps.set-docker-repo.outputs.REPO }}/${{ matrix.image }}:${{ needs.git-sha7.outputs.value }}"
format: "sarif"
output: "trivy-results-${{ matrix.image }}.sarif"
exit-code: "1"
diff --git a/.github/workflows/veracode.yml b/.github/workflows/veracode.yml
index 9755768d..512c7c23 100644
--- a/.github/workflows/veracode.yml
+++ b/.github/workflows/veracode.yml
@@ -1,3 +1,4 @@
+---
#
# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation
#
@@ -17,7 +18,6 @@
# SPDX-License-Identifier: Apache-2.0
#
----
name: "Veracode"
on:
@@ -49,20 +49,19 @@ jobs:
- name: Verify proper formatting
run: ./mvnw spotless:check
-###
-# Standalone applications have all dependencies in their jar
-###
+ ###
+ # Standalone applications have all dependencies in their jar
+ ###
build_standalone:
runs-on: ubuntu-latest
- needs: [ secret-presence, verify-formatting ]
+ needs: [secret-presence, verify-formatting]
permissions:
contents: read
strategy:
fail-fast: false
matrix:
- variant: [ { dir: remoting, name: remoting-agent },
- { dir: conforming, name: conforming-agent }
- ]
+ variant: [{dir: remoting, name: remoting-agent},
+ {dir: conforming, name: conforming-agent}]
steps:
# Set-Up
- uses: actions/checkout@v3.5.2
@@ -90,23 +89,22 @@ jobs:
vid: ${{ secrets.ORG_VERACODE_API_ID }}
vkey: ${{ secrets.ORG_VERACODE_API_KEY }}
-###
-# Embedded applications need dependencies being provided.
-# Expecially wrt. Spring 5.3.28 Web there is an open HIGH vulnerability regarding
-# org/springframework/remoting/httpinvoker which will not be fixed
-# so we manipulate the jar in the docker environment directly and exclude
-# the dependency from the scan
-###
+ ###
+ # Embedded applications need dependencies being provided.
+ # Expecially wrt. Spring 5.3.28 Web there is an open HIGH vulnerability regarding
+ # org/springframework/remoting/httpinvoker which will not be fixed
+ # so we manipulate the jar in the docker environment directly and exclude
+ # the dependency from the scan
+ ###
build_embedded:
runs-on: ubuntu-latest
- needs: [ secret-presence, verify-formatting ]
+ needs: [secret-presence, verify-formatting]
permissions:
contents: read
strategy:
fail-fast: false
matrix:
- variant: [ { dir: provisioning, name: provisioning-agent },
- ]
+ variant: [{dir: provisioning, name: provisioning-agent}]
steps:
# Set-Up
- uses: actions/checkout@v3.5.2
@@ -132,4 +130,4 @@ jobs:
version: ${{ matrix.variant.name }}-${{ github.sha }}
filepath: ${{ matrix.variant.dir }}/target/${{ matrix.variant.name }}.tar.gz
vid: ${{ secrets.ORG_VERACODE_API_ID }}
- vkey: ${{ secrets.ORG_VERACODE_API_KEY }}
\ No newline at end of file
+ vkey: ${{ secrets.ORG_VERACODE_API_KEY }}
diff --git a/remoting/pom.xml b/remoting/pom.xml
index 3280cf32..8306749a 100644
--- a/remoting/pom.xml
+++ b/remoting/pom.xml
@@ -295,6 +295,13 @@
META-INF
+
+ src/main/resources/META-INF/services
+
+ org.eclipse.rdf4j.sail.config.SailFactory
+
+ META-INF/services
+
diff --git a/remoting/src/main/docker/Dockerfile b/remoting/src/main/docker/Dockerfile
index 5947ea64..14a9c860 100644
--- a/remoting/src/main/docker/Dockerfile
+++ b/remoting/src/main/docker/Dockerfile
@@ -21,7 +21,7 @@
FROM openjdk:22-jdk-slim AS build
-COPY target/original-remoting-agent-*-SNAPSHOT.jar /opt/lib/
+COPY target/original-remoting-agent-*.jar /opt/lib/
COPY target/lib/guava-*.jar /opt/lib/
COPY target/lib/netty-*.jar /opt/lib/
COPY target/lib/jetty-*.jar /opt/lib/