This repository has been archived by the owner on Jul 31, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
118 lines (93 loc) · 4.01 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
FROM kappnav/base-runtime:8-jre-ubi-min-alt2 as liberty
ARG LIBERTY_VERSION=19.0.0.12
ARG LIBERTY_SHA=b3a613cbad764a10ae57719ff9818c3bcfefdf8e
ARG LIBERTY_DOWNLOAD_URL=https://repo1.maven.org/maven2/io/openliberty/openliberty-runtime/$LIBERTY_VERSION/openliberty-runtime-$LIBERTY_VERSION.zip
LABEL maintainer="Arthur De Magalhaes" vendor="Open Liberty" url="https://openliberty.io/" github="https://github.com/OpenLiberty/ci.docker"
COPY helpers /opt/ol/helpers
# Install Open Liberty
RUN microdnf -y install shadow-utils wget unzip \
&& wget -q $LIBERTY_DOWNLOAD_URL -U UA-Open-Liberty-Docker -O /tmp/wlp.zip \
&& echo "$LIBERTY_SHA /tmp/wlp.zip" > /tmp/wlp.zip.sha1 \
&& sha1sum -c /tmp/wlp.zip.sha1 \
&& unzip -q /tmp/wlp.zip -d /opt/ol \
&& rm /tmp/wlp.zip \
&& rm /tmp/wlp.zip.sha1 \
&& adduser -u 1001 -r -g root -s /usr/sbin/nologin default \
&& microdnf -y remove shadow-utils wget unzip \
&& microdnf clean all \
&& chown -R 1001:0 /opt/ol/wlp \
&& chmod -R g+rw /opt/ol/wlp
# Set Path Shortcuts
ENV PATH=/opt/ol/wlp/bin:/opt/ol/docker/:/opt/ol/helpers/build:$PATH \
LOG_DIR=/logs \
WLP_OUTPUT_DIR=/opt/ol/wlp/output \
WLP_SKIP_MAXPERMSIZE=true
# Configure WebSphere Liberty
RUN /opt/ol/wlp/bin/server create \
&& rm -rf $WLP_OUTPUT_DIR/.classCache /output/workarea
# Create symlinks && set permissions for non-root user
RUN mkdir /logs \
&& mkdir -p /opt/ol/wlp/usr/shared/resources/lib.index.cache \
&& ln -s /opt/ol/wlp/usr/shared/resources/lib.index.cache /lib.index.cache \
&& mkdir -p $WLP_OUTPUT_DIR/defaultServer \
&& ln -s $WLP_OUTPUT_DIR/defaultServer /output \
&& ln -s /opt/ol/wlp/usr/servers/defaultServer /config \
&& mkdir -p /config/configDropins/defaults \
&& mkdir -p /config/configDropins/overrides \
&& ln -s /opt/ol/wlp /liberty \
&& chown -R 1001:0 /config \
&& chmod -R g+rw /config \
&& chown -R 1001:0 /logs \
&& chmod -R g+rw /logs \
&& chown -R 1001:0 /opt/ol/wlp/usr \
&& chmod -R g+rw /opt/ol/wlp/usr \
&& chown -R 1001:0 /opt/ol/wlp/output \
&& chmod -R g+rw /opt/ol/wlp/output \
&& chown -R 1001:0 /opt/ol/helpers \
&& chmod -R g+rw /opt/ol/helpers \
&& mkdir /etc/wlp \
&& chown -R 1001:0 /etc/wlp \
&& chmod -R g+rw /etc/wlp \
&& echo "<server description=\"Default Server\"><httpEndpoint id=\"defaultHttpEndpoint\" host=\"*\" /></server>" > /config/configDropins/defaults/open-default-port.xml
#These settings are needed so that we can run as a different user than 1001 after server warmup
ENV RANDFILE=/tmp/.rnd \
IBM_JAVA_OPTIONS="-Xshareclasses:name=liberty,nonfatal,cacheDir=/output/.classCache/ ${IBM_JAVA_OPTIONS}"
USER 1001
EXPOSE 9080 9443
ENV KEYSTORE_REQUIRED true
ENTRYPOINT ["/opt/ol/helpers/runtime/docker-server.sh"]
CMD ["/opt/ol/wlp/bin/server", "run", "defaultServer"]
FROM maven:3.6.1-ibmjava-8 as builder
COPY src /src
COPY pom.xml /
RUN mvn install
FROM liberty
ARG VERSION
ARG BUILD_DATE
ARG COMMIT
LABEL name="Application Navigator" \
vendor="kAppNav" \
version=$VERSION \
release=$VERSION \
created=$BUILD_DATE \
commit=$COMMIT \
summary="APIs image for Application Navigator" \
description="This image contains the APIs for Application Navigator"
COPY --from=builder --chown=1001:0 /target/liberty/wlp/usr/servers/defaultServer /config/
COPY --chown=1001:0 licenses/ /licenses/
USER root
RUN microdnf install -y yum \
&& yum update -y \
&& microdnf remove yum
# Make the home dir writeable so that kubectl can use it for its cache.
RUN mkdir /home/default \
&& chown -R 1001:0 /home/default \
&& chmod -R g+rw /home/default
RUN ARCH=$(uname -p) \
&& if [ "$ARCH" != "ppc64le" ] && [ "$ARCH" != "s390x" ]; then \
ARCH="amd64" ; \
fi \
&& curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/${ARCH}/kubectl \
&& chmod ug+x ./kubectl \
&& mv ./kubectl /usr/local/bin/kubectl
USER 1001