If you run many (Java) micro services in your cluster, dependency management can be a challenge. With many developers working on many different workloads in your cluster, a mistake in for example adding the test scope is easily made. Configuring every repository to have strict policies on which library is allowed on the classpath (like the Maven Enforcer Plugin) may be desirable, but can be a challenge to implement.

A simpler solution I implemented runs a script to check all my workloads in the kubernetes (test) environment on undesired libraries. You could run this script now and again manually, or put it in a cronjob: combined with something like a slack or e-mail alert could point out unwanted libraries to you regularly.

This script expects you to have all your jars in a specific folder, which is not necessarily how you have set up your image, so check on that. Other than that, configure your unwanted libraries and enjoy!

#!/bin/bash

# Check all the pods in the namespace whether or not these have unwanted libraries on the specified classpath. 

NAMESPACE=$1
CLASSPATH=$2
FILES="assertj junit spring-test lombok"

for pod in $(kubectl get pods -n $NAMESPACE -o jsonpath='{.items[*].metadata.name}'); do
  echo "Checking pod: $pod"
  librariesInPod=$(kubectl exec -n $NAMESPACE "$pod" -- ls "$CLASSPATH" 2>/dev/null)
  for file in $FILES; do
    if echo "$librariesInPod" | grep -q "$file"; then
      echo "  -> Found '$file' in $pod"
    fi
  done
done