Chainguard Libraries for Java

Learn how to migrate a Java application from Maven Central to Chainguard Libraries while verifying dependency coverage and provenance.

Cancel Apply

rate limit

Code not recognized.

About this course

This hands-on demo course walks through migrating a containerized Java application from Maven Central to Chainguard Libraries for Java. You will rebuild the same Spring Boot application in three stages: first using upstream Maven and runtime images, then switching dependency sourcing to Chainguard Libraries, and finally migrating to Chainguard build and runtime container images.

Along the way, you will generate short-lived pull tokens with chainctl, configure Maven using a custom settings.xml, securely pass credentials using Docker BuildKit secrets, and verify dependency coverage using chainctl libraries verify. The course concludes with a walkthrough of Chainguard’s SPDX-formatted provenance files, demonstrating how to trace dependencies back to their source and build metadata.

At the end of the course, you will be able to:

  • Build a containerized Java application using upstream Maven and runtime images
  • Migrate a Java build from Maven Central to Chainguard Libraries without modifying application source code
  • Configure Maven to prefer Chainguard Libraries while optionally falling back to Maven Central
  • Securely pass Maven credentials using Docker BuildKit secrets
  • Verify dependency sourcing and coverage using chainctl libraries verify
  • Interpret verification coverage results and understand why coverage may not be 100%
  • Retrieve and inspect SPDX provenance files for Chainguard Java libraries
  • Trace a dependency back to its source repository and commit metadata

Curriculum

  • Java demo kickoff: From Maven Central to Chainguard Libraries
  • What we are building (and why it is containerized)
  • Baseline build: Upstream images + Maven Central
  • Switch dependency sourcing: Add Chainguard Libraries for Java
  • Full Chainguard mode: Chainguard Containers + Chainguard Libraries
  • Provenance for Java libraries
  • Cleanup and next steps

About this course

This hands-on demo course walks through migrating a containerized Java application from Maven Central to Chainguard Libraries for Java. You will rebuild the same Spring Boot application in three stages: first using upstream Maven and runtime images, then switching dependency sourcing to Chainguard Libraries, and finally migrating to Chainguard build and runtime container images.

Along the way, you will generate short-lived pull tokens with chainctl, configure Maven using a custom settings.xml, securely pass credentials using Docker BuildKit secrets, and verify dependency coverage using chainctl libraries verify. The course concludes with a walkthrough of Chainguard’s SPDX-formatted provenance files, demonstrating how to trace dependencies back to their source and build metadata.

At the end of the course, you will be able to:

  • Build a containerized Java application using upstream Maven and runtime images
  • Migrate a Java build from Maven Central to Chainguard Libraries without modifying application source code
  • Configure Maven to prefer Chainguard Libraries while optionally falling back to Maven Central
  • Securely pass Maven credentials using Docker BuildKit secrets
  • Verify dependency sourcing and coverage using chainctl libraries verify
  • Interpret verification coverage results and understand why coverage may not be 100%
  • Retrieve and inspect SPDX provenance files for Chainguard Java libraries
  • Trace a dependency back to its source repository and commit metadata

Curriculum

  • Java demo kickoff: From Maven Central to Chainguard Libraries
  • What we are building (and why it is containerized)
  • Baseline build: Upstream images + Maven Central
  • Switch dependency sourcing: Add Chainguard Libraries for Java
  • Full Chainguard mode: Chainguard Containers + Chainguard Libraries
  • Provenance for Java libraries
  • Cleanup and next steps