Merge pull request DSpace#11739 from bram-atmire/11621-java-21-only

Update minimum Java requirement to JDK 21

Author: tdonohue

.github/workflows/build.yml

@@ -24,7 +24,7 @@ jobs:
           # NOTE: Unit Tests include a retry for occasionally failing tests
           #  - surefire.rerunFailingTestsCount => try again for flakey tests, and keep track of/report on number of retries
           - type: "Unit Tests"
-            java: 17
+            java: 21
             mvnflags: "-DskipUnitTests=false -Dsurefire.rerunFailingTestsCount=2"
             resultsdir: "**/target/surefire-reports/**"
           # NOTE: ITs skip all code validation checks, as they are already done by Unit Test job.
@@ -34,7 +34,7 @@ jobs:
           #  - xml.skip          => Skip all XML/XSLT validation by xml-maven-plugin
           #  - failsafe.rerunFailingTestsCount => try again for flakey tests, and keep track of/report on number of retries
           - type: "Integration Tests"
-            java: 17
+            java: 21
             mvnflags: "-DskipIntegrationTests=false -Denforcer.skip=true -Dcheckstyle.skip=true -Dlicense.skip=true -Dxml.skip=true -Dfailsafe.rerunFailingTestsCount=2"
             resultsdir: "**/target/failsafe-reports/**"
       # Do NOT exit immediately if one matrix job fails

.github/workflows/codescan.yml

@@ -41,7 +41,7 @@ jobs:
       - name: Install JDK
         uses: actions/setup-java@v4
         with:
-          java-version: 17
+          java-version: 21
           distribution: 'temurin'
 
       # Initializes the CodeQL tools for scanning.

.github/workflows/reusable-docker-build.yml

@@ -122,8 +122,13 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
 
       # https://github.com/docker/setup-buildx-action
+      # For PR builds of images that depend on dspace-dependencies (dspace-prod, dspace-test, dspace-cli),
+      # use the 'docker' driver so buildx can access images loaded into the local Docker daemon.
+      # For all other builds, use the default 'docker-container' driver.
       - name: Setup Docker Buildx
         uses: docker/setup-buildx-action@v3
+        with:
+          driver: ${{ (matrix.isPr && (inputs.build_id == 'dspace-prod' || inputs.build_id == 'dspace-test' || inputs.build_id == 'dspace-cli')) && 'docker' || 'docker-container' }}
 
       # https://github.com/docker/metadata-action
       # Extract metadata used for Docker images in all build steps below
@@ -135,6 +140,29 @@ jobs:
           tags: ${{ env.IMAGE_TAGS }}
           flavor: ${{ env.TAGS_FLAVOR }}
 
+      #--------------------------------------------------------------------
+      # For PR builds that depend on dspace-dependencies (dspace-prod, dspace-cli,
+      # dspace-test), download and load the dspace-dependencies image from the
+      # artifact uploaded by the dspace-dependencies job. This ensures that
+      # PR builds use the freshly built dependencies image rather than pulling
+      # an outdated version from the registry.
+      # NOTE: Only these three build_ids use dspace-dependencies as a base image.
+      # Other builds (dspace-solr, dspace-postgres-loadsql) have independent Dockerfiles.
+      #--------------------------------------------------------------------
+      # https://github.com/actions/download-artifact
+      - name: Download dspace-dependencies image artifact
+        if: ${{ matrix.isPr && (inputs.build_id == 'dspace-prod' || inputs.build_id == 'dspace-test' || inputs.build_id == 'dspace-cli') && matrix.arch == 'linux/amd64' }}
+        uses: actions/download-artifact@v4
+        with:
+          name: docker-image-dspace-dependencies-linux-amd64
+          path: /tmp/docker
+
+      - name: Load dspace-dependencies image into Docker
+        if: ${{ matrix.isPr && (inputs.build_id == 'dspace-prod' || inputs.build_id == 'dspace-test' || inputs.build_id == 'dspace-cli') && matrix.arch == 'linux/amd64' }}
+        run: |
+          docker image load --input /tmp/docker/dspace-dependencies.tar
+          docker image ls | grep dspace-dependencies || true
+
       #--------------------------------------------------------------------
       # First, for all branch commits (non-PRs) we build the image & upload
       # to GitHub Container Registry (GHCR). After uploading the image
@@ -199,27 +227,53 @@ jobs:
       # Build local image (again) and store in a TAR file in /tmp directory
       # This step is only done for AMD64, as that's the only image we use in our automated testing (at this time).
       # NOTE: This step cannot be combined with the build above as it's a different type of output.
-      - name: Build and push image to local TAR file
-        if: ${{ matrix.arch == 'linux/amd64'}}
+      # For non-PR builds OR builds that don't depend on dspace-dependencies, use docker-container driver
+      # with direct tarball export. This includes: dspace-dependencies, dspace-solr, dspace-postgres-loadsql
+      - name: Build and push image to local TAR file (docker-container driver)
+        if: ${{ matrix.arch == 'linux/amd64' && (!matrix.isPr || (inputs.build_id != 'dspace-prod' && inputs.build_id != 'dspace-test' && inputs.build_id != 'dspace-cli')) }}
         uses: docker/build-push-action@v5
         with:
           build-contexts: |
             ${{ inputs.dockerfile_additional_contexts }}
           context: ${{ inputs.dockerfile_context }}
           file: ${{ inputs.dockerfile_path }}
-          # Tell DSpace's Docker files to use the build registry instead of DockerHub
+          # Use GHCR as build registry to avoid DockerHub rate limits
           build-args:
             DOCKER_REGISTRY=${{ env.DOCKER_BUILD_REGISTRY }}
           platforms: ${{ matrix.arch }}
           tags: ${{ steps.meta_build.outputs.tags }}
           labels: ${{ steps.meta_build.outputs.labels }}
-          # Use GitHub cache to load cached Docker images and cache the results of this build
-          # This decreases the number of images we need to fetch from DockerHub
+          # Cache Docker layers in GitHub Actions cache to speed up builds
+          # and reduce pulls from DockerHub
           cache-from: type=gha,scope=${{ inputs.build_id }}
           cache-to: type=gha,scope=${{ inputs.build_id }},mode=min
-          # Export image to a local TAR file
+          # Export to TAR for use in automated testing jobs
           outputs: type=docker,dest=/tmp/${{ inputs.build_id }}.tar
 
+      # For PR builds of images that depend on dspace-dependencies (dspace-prod, dspace-cli, dspace-test),
+      # use docker driver which can access the locally loaded dspace-dependencies image.
+      # The docker driver doesn't support tarball export, so we use 'load: true' and then 'docker save'.
+      - name: Build image (docker driver for local dependencies access)
+        if: ${{ matrix.arch == 'linux/amd64' && matrix.isPr && (inputs.build_id == 'dspace-prod' || inputs.build_id == 'dspace-test' || inputs.build_id == 'dspace-cli') }}
+        uses: docker/build-push-action@v5
+        with:
+          build-contexts: |
+            ${{ inputs.dockerfile_additional_contexts }}
+          context: ${{ inputs.dockerfile_context }}
+          file: ${{ inputs.dockerfile_path }}
+          # Use GHCR as build registry to avoid DockerHub rate limits
+          build-args:
+            DOCKER_REGISTRY=${{ env.DOCKER_BUILD_REGISTRY }}
+          tags: ${{ steps.meta_build.outputs.tags }}
+          labels: ${{ steps.meta_build.outputs.labels }}
+          # Load into local Docker daemon (docker driver doesn't support direct TAR export)
+          load: true
+
+      - name: Save image to TAR file (for docker driver builds)
+        if: ${{ matrix.arch == 'linux/amd64' && matrix.isPr && (inputs.build_id == 'dspace-prod' || inputs.build_id == 'dspace-test' || inputs.build_id == 'dspace-cli') }}
+        run: |
+          docker save -o /tmp/${{ inputs.build_id }}.tar ${{ steps.meta_build.outputs.tags }}
+
       # Upload the local docker image (in TAR file) to a build Artifact
       # This step is only done for AMD64, as that's the only image we use in our automated testing (at this time).
       - name: Upload local image TAR to artifact

Dockerfile

@@ -3,9 +3,9 @@
 #
 # - note: default tag for branch: dspace/dspace: dspace/dspace:latest
 
-# This Dockerfile uses JDK17 by default.
+# This Dockerfile uses JDK21 by default.
 # To build with other versions, use "--build-arg JDK_VERSION=[value]"
-ARG JDK_VERSION=17
+ARG JDK_VERSION=21
 # The Docker version tag to build from
 ARG DSPACE_VERSION=latest
 # The Docker registry to use for DSpace images. Defaults to "docker.io"

Dockerfile.cli

@@ -3,9 +3,9 @@
 #
 # - note: default tag for branch: dspace/dspace-cli: dspace/dspace-cli:latest
 
-# This Dockerfile uses JDK17 by default.
+# This Dockerfile uses JDK21 by default.
 # To build with other versions, use "--build-arg JDK_VERSION=[value]"
-ARG JDK_VERSION=17
+ARG JDK_VERSION=21
 # The Docker version tag to build from
 ARG DSPACE_VERSION=latest
 # The Docker registry to use for DSpace images. Defaults to "docker.io"

Dockerfile.dependencies

@@ -2,9 +2,9 @@
 # The purpose of this image is to make the build for dspace/dspace run faster
 #
 
-# This Dockerfile uses JDK17 by default.
+# This Dockerfile uses JDK21 by default.
 # To build with other versions, use "--build-arg JDK_VERSION=[value]"
-ARG JDK_VERSION=17
+ARG JDK_VERSION=21
 
 # Step 1 - Download all Dependencies
 FROM docker.io/maven:3-eclipse-temurin-${JDK_VERSION} AS build

Dockerfile.test

@@ -5,9 +5,9 @@
 #
 # This image is meant for TESTING/DEVELOPMENT ONLY as it deploys the old v6 REST API under HTTP (not HTTPS)
 
-# This Dockerfile uses JDK17 by default.
+# This Dockerfile uses JDK21 by default.
 # To build with other versions, use "--build-arg JDK_VERSION=[value]"
-ARG JDK_VERSION=17
+ARG JDK_VERSION=21
 # The Docker version tag to build from
 ARG DSPACE_VERSION=latest
 # The Docker registry to use for DSpace images. Defaults to "docker.io"

dspace-api/pom.xml

@@ -528,7 +528,7 @@
         </dependency>
         <dependency>
             <groupId>org.mockito</groupId>
-            <artifactId>mockito-inline</artifactId>
+            <artifactId>mockito-core</artifactId>
             <scope>test</scope>
         </dependency>
         <dependency>
@@ -769,11 +769,13 @@
             <version>20231013</version>
         </dependency>
 
-        <!-- Useful for testing command-line tools -->
+        <!-- Useful for testing command-line tools that call System.exit() -->
+        <!-- Note: system-lambda replaces system-rules for Java 21 compatibility -->
+        <!-- (system-rules uses SecurityManager which is removed in Java 21) -->
         <dependency>
             <groupId>com.github.stefanbirkner</groupId>
-            <artifactId>system-rules</artifactId>
-            <version>1.19.0</version>
+            <artifactId>system-lambda</artifactId>
+            <version>1.2.1</version>
             <scope>test</scope>
         </dependency>
 

dspace-api/src/main/java/org/dspace/administer/CreateAdministrator.java

@@ -191,7 +191,7 @@ protected void negotiateAdministratorDetails(CommandLine line)
 
                 if (language != null) {
                     language = language.trim();
-                    language = I18nUtil.getSupportedLocale(new Locale(language)).getLanguage();
+                    language = I18nUtil.getSupportedLocale(Locale.of(language)).getLanguage();
                 }
             }
 

dspace-api/src/main/java/org/dspace/app/packager/Packager.java

@@ -126,14 +126,39 @@ public class Packager {
     protected boolean submit = true;
     protected boolean userInteractionEnabled = true;
 
-    // die from illegal command line
+    /**
+     * Signal a usage error and exit.
+     * Throws PackagerExitException instead of calling System.exit() directly
+     * to allow for proper testing when called via reflection.
+     *
+     * @param msg the error message to display
+     */
     protected static void usageError(String msg) {
         System.out.println(msg);
         System.out.println(" (run with -h flag for details)");
-        System.exit(1);
+        throw new PackagerExitException(1, msg);
     }
 
+    /**
+     * Main entry point. When called via ScriptLauncher, exceptions will be
+     * caught and handled by the launcher. For success, the method returns normally.
+     * For errors, PackagerExitException is thrown and propagates up.
+     *
+     * @param argv command line arguments
+     * @throws Exception if an error occurs
+     */
     public static void main(String[] argv) throws Exception {
+        runPackager(argv);
+    }
+
+    /**
+     * Main packager logic, separated from main() to allow testing.
+     * Throws PackagerExitException instead of calling System.exit() directly.
+     *
+     * @param argv command line arguments
+     * @throws Exception if an error occurs
+     */
+    protected static void runPackager(String[] argv) throws Exception {
         Options options = new Options();
         options.addOption("p", "parent", true,
                           "Handle(s) of parent Community or Collection into which to ingest object (repeatable)");
@@ -236,7 +261,7 @@ public static void main(String[] argv) throws Exception {
                     System.out.println("  " + pn[i]);
                 }
             }
-            System.exit(0);
+            return;
         }
 
         //look for flag to disable all user interaction
@@ -303,7 +328,7 @@ public static void main(String[] argv) throws Exception {
             System.err.println("Error - missing a REQUIRED argument or option.\n");
             HelpFormatter myhelp = new HelpFormatter();
             myhelp.printHelp("PackageManager  [options]  package-file|-\n", options);
-            System.exit(0);
+            return;
         }
 
         // find the EPerson, assign to context
@@ -362,13 +387,16 @@ public static void main(String[] argv) throws Exception {
 
                     //commit all changes & exit successfully
                     context.complete();
-                    System.exit(0);
+                    return;
+                } catch (PackagerExitException e) {
+                    // Re-throw PackagerExitException as-is
+                    throw e;
                 } catch (Exception e) {
                     // abort all operations
                     e.printStackTrace();
                     context.abort();
                     System.out.println(e);
-                    System.exit(1);
+                    throw new PackagerExitException(1);
                 }
             }
 
@@ -409,13 +437,16 @@ public static void main(String[] argv) throws Exception {
 
                 //commit all changes & exit successfully
                 context.complete();
-                System.exit(0);
+                return;
+            } catch (PackagerExitException e) {
+                // Re-throw PackagerExitException as-is
+                throw e;
             } catch (Exception e) {
                 // abort all operations
                 e.printStackTrace();
                 context.abort();
                 System.out.println(e);
-                System.exit(1);
+                throw new PackagerExitException(1);
             }
         } else {
             // else, if DISSEMINATE mode
@@ -438,7 +469,7 @@ public static void main(String[] argv) throws Exception {
             //disseminate the requested object
             myPackager.disseminate(context, dip, dso, pkgParams, sourceFile);
         }
-        System.exit(0);
+        return;
     }
 
     /**
@@ -469,7 +500,7 @@ protected void ingest(Context context, PackageIngester sip, PackageParameters pk
 
         if (!pkgFile.exists()) {
             System.out.println("\nERROR: Package located at " + sourceFile + " does not exist!");
-            System.exit(1);
+            throw new PackagerExitException(1, "Package file does not exist: " + sourceFile);
         }
 
         System.out.println("\nIngesting package located at " + sourceFile);
@@ -665,7 +696,7 @@ protected void replace(Context context, PackageIngester sip, PackageParameters p
 
         if (!pkgFile.exists()) {
             System.out.println("\nPackage located at " + sourceFile + " does not exist!");
-            System.exit(1);
+            throw new PackagerExitException(1, "Package file does not exist: " + sourceFile);
         }
 
         System.out.println("\nReplacing DSpace object(s) with package located at " + sourceFile);