From 4e3a77254cff1d4db970c5d0640c3d5421eb59cb Mon Sep 17 00:00:00 2001 From: Joe Ferguson Date: Thu, 6 Dec 2018 14:30:26 -0800 Subject: [PATCH] Remove variants based on EOL jre 10 Debian has removed openjdk-10 from the Debian archive (which causes those to fail), and Oracle no longer supports it (to my knowledge). --- .travis.yml | 4 - 8.5/jre10-slim/Dockerfile | 167 -------------------------------------- 8.5/jre10/Dockerfile | 167 -------------------------------------- 9.0/jre10-slim/Dockerfile | 167 -------------------------------------- 9.0/jre10/Dockerfile | 167 -------------------------------------- 5 files changed, 672 deletions(-) delete mode 100644 8.5/jre10-slim/Dockerfile delete mode 100644 8.5/jre10/Dockerfile delete mode 100644 9.0/jre10-slim/Dockerfile delete mode 100644 9.0/jre10/Dockerfile diff --git a/.travis.yml b/.travis.yml index 12fd6fe03..904a4dcfa 100644 --- a/.travis.yml +++ b/.travis.yml @@ -7,15 +7,11 @@ env: - VERSION=9.0 VARIANT=jre8 - VERSION=9.0 VARIANT=jre11-slim - VERSION=9.0 VARIANT=jre11 - - VERSION=9.0 VARIANT=jre10-slim - - VERSION=9.0 VARIANT=jre10 - VERSION=8.5 VARIANT=jre8-slim - VERSION=8.5 VARIANT=jre8-alpine - VERSION=8.5 VARIANT=jre8 - VERSION=8.5 VARIANT=jre11-slim - VERSION=8.5 VARIANT=jre11 - - VERSION=8.5 VARIANT=jre10-slim - - VERSION=8.5 VARIANT=jre10 - VERSION=7 VARIANT=jre8-slim - VERSION=7 VARIANT=jre8-alpine - VERSION=7 VARIANT=jre8 diff --git a/8.5/jre10-slim/Dockerfile b/8.5/jre10-slim/Dockerfile deleted file mode 100644 index f030a9b4f..000000000 --- a/8.5/jre10-slim/Dockerfile +++ /dev/null @@ -1,167 +0,0 @@ -FROM openjdk:10-jre-slim - -ENV CATALINA_HOME /usr/local/tomcat -ENV PATH $CATALINA_HOME/bin:$PATH -RUN mkdir -p "$CATALINA_HOME" -WORKDIR $CATALINA_HOME - -# let "Tomcat Native" live somewhere isolated -ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib -ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR - -# runtime dependencies for Tomcat Native Libraries -# Tomcat Native 1.2+ requires a newer version of OpenSSL than debian:jessie has available -# > checking OpenSSL library version >= 1.0.2... -# > configure: error: Your version of OpenSSL is not compatible with this version of tcnative -# see http://tomcat.10.x6.nabble.com/VOTE-Release-Apache-Tomcat-8-0-32-tp5046007p5046024.html (and following discussion) -# and https://github.com/docker-library/tomcat/pull/31 -ENV OPENSSL_VERSION 1.1.0j-1~deb9u1 -RUN set -ex; \ - currentVersion="$(dpkg-query --show --showformat '${Version}\n' openssl)"; \ - if dpkg --compare-versions "$currentVersion" '<<' "$OPENSSL_VERSION"; then \ - if ! grep -q stretch /etc/apt/sources.list; then \ -# only add stretch if we're not already building from within stretch - { \ - echo 'deb http://deb.debian.org/debian stretch main'; \ - echo 'deb http://security.debian.org stretch/updates main'; \ - echo 'deb http://deb.debian.org/debian stretch-updates main'; \ - } > /etc/apt/sources.list.d/stretch.list; \ - { \ -# add a negative "Pin-Priority" so that we never ever get packages from stretch unless we explicitly request them - echo 'Package: *'; \ - echo 'Pin: release n=stretch*'; \ - echo 'Pin-Priority: -10'; \ - echo; \ -# ... except OpenSSL, which is the reason we're here - echo 'Package: openssl libssl*'; \ - echo "Pin: version $OPENSSL_VERSION"; \ - echo 'Pin-Priority: 990'; \ - } > /etc/apt/preferences.d/stretch-openssl; \ - fi; \ - apt-get update; \ - apt-get install -y --no-install-recommends openssl="$OPENSSL_VERSION"; \ - rm -rf /var/lib/apt/lists/*; \ - fi - -RUN apt-get update && apt-get install -y --no-install-recommends \ - libapr1 \ - && rm -rf /var/lib/apt/lists/* - -# see https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/KEYS -# see also "update.sh" (https://github.com/docker-library/tomcat/blob/master/update.sh) -ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 61B832AC2F1C5A90F0F9B00A1C506407564C17A3 713DA88BE50911535FE716F5208B0AB1D63011C7 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23 - -ENV TOMCAT_MAJOR 8 -ENV TOMCAT_VERSION 8.5.35 -ENV TOMCAT_SHA512 1084c067eec2bd27ed2aa5a3729cdc27d0beddbc41968a7004754e75dd88a6703f5fc0e3a01f262cfe2b5d13ed58c95dca1c43bc5ae8789141a11e11f72edd89 - -ENV TOMCAT_TGZ_URLS \ -# https://issues.apache.org/jira/browse/INFRA-8753?focusedCommentId=14735394#comment-14735394 - https://www.apache.org/dyn/closer.cgi?action=download&filename=tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz \ -# if the version is outdated, we might have to pull from the dist/archive :/ - https://www-us.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz \ - https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz \ - https://archive.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz - -ENV TOMCAT_ASC_URLS \ - https://www.apache.org/dyn/closer.cgi?action=download&filename=tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc \ -# not all the mirrors actually carry the .asc files :'( - https://www-us.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc \ - https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc \ - https://archive.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc - -RUN set -eux; \ - \ - savedAptMark="$(apt-mark showmanual)"; \ - apt-get update; \ - \ - apt-get install -y --no-install-recommends gnupg dirmngr; \ - \ - export GNUPGHOME="$(mktemp -d)"; \ - for key in $GPG_KEYS; do \ - gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \ - done; \ - \ - apt-get install -y --no-install-recommends wget ca-certificates; \ - \ - success=; \ - for url in $TOMCAT_TGZ_URLS; do \ - if wget -O tomcat.tar.gz "$url"; then \ - success=1; \ - break; \ - fi; \ - done; \ - [ -n "$success" ]; \ - \ - echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ - \ - success=; \ - for url in $TOMCAT_ASC_URLS; do \ - if wget -O tomcat.tar.gz.asc "$url"; then \ - success=1; \ - break; \ - fi; \ - done; \ - [ -n "$success" ]; \ - \ - gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ - tar -xvf tomcat.tar.gz --strip-components=1; \ - rm bin/*.bat; \ - rm tomcat.tar.gz*; \ - command -v gpgconf && gpgconf --kill all || :; \ - rm -rf "$GNUPGHOME"; \ - \ - nativeBuildDir="$(mktemp -d)"; \ - tar -xvf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ - apt-get install -y --no-install-recommends \ - dpkg-dev \ - gcc \ - libapr1-dev \ - libssl-dev \ - make \ - "openjdk-${JAVA_VERSION%%[.~bu-]*}-jdk=$JAVA_DEBIAN_VERSION" \ - ; \ - ( \ - export CATALINA_HOME="$PWD"; \ - cd "$nativeBuildDir/native"; \ - gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ - ./configure \ - --build="$gnuArch" \ - --libdir="$TOMCAT_NATIVE_LIBDIR" \ - --prefix="$CATALINA_HOME" \ - --with-apr="$(which apr-1-config)" \ - --with-java-home="$(docker-java-home)" \ - --with-ssl=yes; \ - make -j "$(nproc)"; \ - make install; \ - ); \ - rm -rf "$nativeBuildDir"; \ - rm bin/tomcat-native.tar.gz; \ - \ -# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies - apt-mark auto '.*' > /dev/null; \ - [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \ - apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ - rm -rf /var/lib/apt/lists/*; \ - \ -# sh removes env vars it doesn't support (ones with periods) -# https://github.com/docker-library/tomcat/issues/77 - find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ - \ -# fix permissions (especially for running as non-root) -# https://github.com/docker-library/tomcat/issues/35 - chmod -R +rX .; \ - chmod 777 logs work - -# verify Tomcat Native is working properly -RUN set -e \ - && nativeLines="$(catalina.sh configtest 2>&1)" \ - && nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')" \ - && nativeLines="$(echo "$nativeLines" | sort -u)" \ - && if ! echo "$nativeLines" | grep 'INFO: Loaded APR based Apache Tomcat Native library' >&2; then \ - echo >&2 "$nativeLines"; \ - exit 1; \ - fi - -EXPOSE 8080 -CMD ["catalina.sh", "run"] diff --git a/8.5/jre10/Dockerfile b/8.5/jre10/Dockerfile deleted file mode 100644 index 70c28fae1..000000000 --- a/8.5/jre10/Dockerfile +++ /dev/null @@ -1,167 +0,0 @@ -FROM openjdk:10-jre - -ENV CATALINA_HOME /usr/local/tomcat -ENV PATH $CATALINA_HOME/bin:$PATH -RUN mkdir -p "$CATALINA_HOME" -WORKDIR $CATALINA_HOME - -# let "Tomcat Native" live somewhere isolated -ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib -ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR - -# runtime dependencies for Tomcat Native Libraries -# Tomcat Native 1.2+ requires a newer version of OpenSSL than debian:jessie has available -# > checking OpenSSL library version >= 1.0.2... -# > configure: error: Your version of OpenSSL is not compatible with this version of tcnative -# see http://tomcat.10.x6.nabble.com/VOTE-Release-Apache-Tomcat-8-0-32-tp5046007p5046024.html (and following discussion) -# and https://github.com/docker-library/tomcat/pull/31 -ENV OPENSSL_VERSION 1.1.0j-1~deb9u1 -RUN set -ex; \ - currentVersion="$(dpkg-query --show --showformat '${Version}\n' openssl)"; \ - if dpkg --compare-versions "$currentVersion" '<<' "$OPENSSL_VERSION"; then \ - if ! grep -q stretch /etc/apt/sources.list; then \ -# only add stretch if we're not already building from within stretch - { \ - echo 'deb http://deb.debian.org/debian stretch main'; \ - echo 'deb http://security.debian.org stretch/updates main'; \ - echo 'deb http://deb.debian.org/debian stretch-updates main'; \ - } > /etc/apt/sources.list.d/stretch.list; \ - { \ -# add a negative "Pin-Priority" so that we never ever get packages from stretch unless we explicitly request them - echo 'Package: *'; \ - echo 'Pin: release n=stretch*'; \ - echo 'Pin-Priority: -10'; \ - echo; \ -# ... except OpenSSL, which is the reason we're here - echo 'Package: openssl libssl*'; \ - echo "Pin: version $OPENSSL_VERSION"; \ - echo 'Pin-Priority: 990'; \ - } > /etc/apt/preferences.d/stretch-openssl; \ - fi; \ - apt-get update; \ - apt-get install -y --no-install-recommends openssl="$OPENSSL_VERSION"; \ - rm -rf /var/lib/apt/lists/*; \ - fi - -RUN apt-get update && apt-get install -y --no-install-recommends \ - libapr1 \ - && rm -rf /var/lib/apt/lists/* - -# see https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/KEYS -# see also "update.sh" (https://github.com/docker-library/tomcat/blob/master/update.sh) -ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 61B832AC2F1C5A90F0F9B00A1C506407564C17A3 713DA88BE50911535FE716F5208B0AB1D63011C7 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23 - -ENV TOMCAT_MAJOR 8 -ENV TOMCAT_VERSION 8.5.35 -ENV TOMCAT_SHA512 1084c067eec2bd27ed2aa5a3729cdc27d0beddbc41968a7004754e75dd88a6703f5fc0e3a01f262cfe2b5d13ed58c95dca1c43bc5ae8789141a11e11f72edd89 - -ENV TOMCAT_TGZ_URLS \ -# https://issues.apache.org/jira/browse/INFRA-8753?focusedCommentId=14735394#comment-14735394 - https://www.apache.org/dyn/closer.cgi?action=download&filename=tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz \ -# if the version is outdated, we might have to pull from the dist/archive :/ - https://www-us.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz \ - https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz \ - https://archive.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz - -ENV TOMCAT_ASC_URLS \ - https://www.apache.org/dyn/closer.cgi?action=download&filename=tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc \ -# not all the mirrors actually carry the .asc files :'( - https://www-us.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc \ - https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc \ - https://archive.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc - -RUN set -eux; \ - \ - savedAptMark="$(apt-mark showmanual)"; \ - apt-get update; \ - \ - apt-get install -y --no-install-recommends gnupg dirmngr; \ - \ - export GNUPGHOME="$(mktemp -d)"; \ - for key in $GPG_KEYS; do \ - gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \ - done; \ - \ - apt-get install -y --no-install-recommends wget ca-certificates; \ - \ - success=; \ - for url in $TOMCAT_TGZ_URLS; do \ - if wget -O tomcat.tar.gz "$url"; then \ - success=1; \ - break; \ - fi; \ - done; \ - [ -n "$success" ]; \ - \ - echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ - \ - success=; \ - for url in $TOMCAT_ASC_URLS; do \ - if wget -O tomcat.tar.gz.asc "$url"; then \ - success=1; \ - break; \ - fi; \ - done; \ - [ -n "$success" ]; \ - \ - gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ - tar -xvf tomcat.tar.gz --strip-components=1; \ - rm bin/*.bat; \ - rm tomcat.tar.gz*; \ - command -v gpgconf && gpgconf --kill all || :; \ - rm -rf "$GNUPGHOME"; \ - \ - nativeBuildDir="$(mktemp -d)"; \ - tar -xvf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ - apt-get install -y --no-install-recommends \ - dpkg-dev \ - gcc \ - libapr1-dev \ - libssl-dev \ - make \ - "openjdk-${JAVA_VERSION%%[.~bu-]*}-jdk=$JAVA_DEBIAN_VERSION" \ - ; \ - ( \ - export CATALINA_HOME="$PWD"; \ - cd "$nativeBuildDir/native"; \ - gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ - ./configure \ - --build="$gnuArch" \ - --libdir="$TOMCAT_NATIVE_LIBDIR" \ - --prefix="$CATALINA_HOME" \ - --with-apr="$(which apr-1-config)" \ - --with-java-home="$(docker-java-home)" \ - --with-ssl=yes; \ - make -j "$(nproc)"; \ - make install; \ - ); \ - rm -rf "$nativeBuildDir"; \ - rm bin/tomcat-native.tar.gz; \ - \ -# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies - apt-mark auto '.*' > /dev/null; \ - [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \ - apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ - rm -rf /var/lib/apt/lists/*; \ - \ -# sh removes env vars it doesn't support (ones with periods) -# https://github.com/docker-library/tomcat/issues/77 - find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ - \ -# fix permissions (especially for running as non-root) -# https://github.com/docker-library/tomcat/issues/35 - chmod -R +rX .; \ - chmod 777 logs work - -# verify Tomcat Native is working properly -RUN set -e \ - && nativeLines="$(catalina.sh configtest 2>&1)" \ - && nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')" \ - && nativeLines="$(echo "$nativeLines" | sort -u)" \ - && if ! echo "$nativeLines" | grep 'INFO: Loaded APR based Apache Tomcat Native library' >&2; then \ - echo >&2 "$nativeLines"; \ - exit 1; \ - fi - -EXPOSE 8080 -CMD ["catalina.sh", "run"] diff --git a/9.0/jre10-slim/Dockerfile b/9.0/jre10-slim/Dockerfile deleted file mode 100644 index b92a2b1fb..000000000 --- a/9.0/jre10-slim/Dockerfile +++ /dev/null @@ -1,167 +0,0 @@ -FROM openjdk:10-jre-slim - -ENV CATALINA_HOME /usr/local/tomcat -ENV PATH $CATALINA_HOME/bin:$PATH -RUN mkdir -p "$CATALINA_HOME" -WORKDIR $CATALINA_HOME - -# let "Tomcat Native" live somewhere isolated -ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib -ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR - -# runtime dependencies for Tomcat Native Libraries -# Tomcat Native 1.2+ requires a newer version of OpenSSL than debian:jessie has available -# > checking OpenSSL library version >= 1.0.2... -# > configure: error: Your version of OpenSSL is not compatible with this version of tcnative -# see http://tomcat.10.x6.nabble.com/VOTE-Release-Apache-Tomcat-8-0-32-tp5046007p5046024.html (and following discussion) -# and https://github.com/docker-library/tomcat/pull/31 -ENV OPENSSL_VERSION 1.1.0j-1~deb9u1 -RUN set -ex; \ - currentVersion="$(dpkg-query --show --showformat '${Version}\n' openssl)"; \ - if dpkg --compare-versions "$currentVersion" '<<' "$OPENSSL_VERSION"; then \ - if ! grep -q stretch /etc/apt/sources.list; then \ -# only add stretch if we're not already building from within stretch - { \ - echo 'deb http://deb.debian.org/debian stretch main'; \ - echo 'deb http://security.debian.org stretch/updates main'; \ - echo 'deb http://deb.debian.org/debian stretch-updates main'; \ - } > /etc/apt/sources.list.d/stretch.list; \ - { \ -# add a negative "Pin-Priority" so that we never ever get packages from stretch unless we explicitly request them - echo 'Package: *'; \ - echo 'Pin: release n=stretch*'; \ - echo 'Pin-Priority: -10'; \ - echo; \ -# ... except OpenSSL, which is the reason we're here - echo 'Package: openssl libssl*'; \ - echo "Pin: version $OPENSSL_VERSION"; \ - echo 'Pin-Priority: 990'; \ - } > /etc/apt/preferences.d/stretch-openssl; \ - fi; \ - apt-get update; \ - apt-get install -y --no-install-recommends openssl="$OPENSSL_VERSION"; \ - rm -rf /var/lib/apt/lists/*; \ - fi - -RUN apt-get update && apt-get install -y --no-install-recommends \ - libapr1 \ - && rm -rf /var/lib/apt/lists/* - -# see https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/KEYS -# see also "update.sh" (https://github.com/docker-library/tomcat/blob/master/update.sh) -ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 61B832AC2F1C5A90F0F9B00A1C506407564C17A3 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23 - -ENV TOMCAT_MAJOR 9 -ENV TOMCAT_VERSION 9.0.13 -ENV TOMCAT_SHA512 526ee4dea8e149bf4423860e1a74e47bc0b3c1b97dff35a25ce8e811d26a5c3f12de527bd05eec99d684e4d149304f08c09ce41a6ee71e8ea19c798202d478a4 - -ENV TOMCAT_TGZ_URLS \ -# https://issues.apache.org/jira/browse/INFRA-8753?focusedCommentId=14735394#comment-14735394 - https://www.apache.org/dyn/closer.cgi?action=download&filename=tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz \ -# if the version is outdated, we might have to pull from the dist/archive :/ - https://www-us.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz \ - https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz \ - https://archive.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz - -ENV TOMCAT_ASC_URLS \ - https://www.apache.org/dyn/closer.cgi?action=download&filename=tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc \ -# not all the mirrors actually carry the .asc files :'( - https://www-us.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc \ - https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc \ - https://archive.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc - -RUN set -eux; \ - \ - savedAptMark="$(apt-mark showmanual)"; \ - apt-get update; \ - \ - apt-get install -y --no-install-recommends gnupg dirmngr; \ - \ - export GNUPGHOME="$(mktemp -d)"; \ - for key in $GPG_KEYS; do \ - gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \ - done; \ - \ - apt-get install -y --no-install-recommends wget ca-certificates; \ - \ - success=; \ - for url in $TOMCAT_TGZ_URLS; do \ - if wget -O tomcat.tar.gz "$url"; then \ - success=1; \ - break; \ - fi; \ - done; \ - [ -n "$success" ]; \ - \ - echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ - \ - success=; \ - for url in $TOMCAT_ASC_URLS; do \ - if wget -O tomcat.tar.gz.asc "$url"; then \ - success=1; \ - break; \ - fi; \ - done; \ - [ -n "$success" ]; \ - \ - gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ - tar -xvf tomcat.tar.gz --strip-components=1; \ - rm bin/*.bat; \ - rm tomcat.tar.gz*; \ - command -v gpgconf && gpgconf --kill all || :; \ - rm -rf "$GNUPGHOME"; \ - \ - nativeBuildDir="$(mktemp -d)"; \ - tar -xvf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ - apt-get install -y --no-install-recommends \ - dpkg-dev \ - gcc \ - libapr1-dev \ - libssl-dev \ - make \ - "openjdk-${JAVA_VERSION%%[.~bu-]*}-jdk=$JAVA_DEBIAN_VERSION" \ - ; \ - ( \ - export CATALINA_HOME="$PWD"; \ - cd "$nativeBuildDir/native"; \ - gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ - ./configure \ - --build="$gnuArch" \ - --libdir="$TOMCAT_NATIVE_LIBDIR" \ - --prefix="$CATALINA_HOME" \ - --with-apr="$(which apr-1-config)" \ - --with-java-home="$(docker-java-home)" \ - --with-ssl=yes; \ - make -j "$(nproc)"; \ - make install; \ - ); \ - rm -rf "$nativeBuildDir"; \ - rm bin/tomcat-native.tar.gz; \ - \ -# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies - apt-mark auto '.*' > /dev/null; \ - [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \ - apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ - rm -rf /var/lib/apt/lists/*; \ - \ -# sh removes env vars it doesn't support (ones with periods) -# https://github.com/docker-library/tomcat/issues/77 - find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ - \ -# fix permissions (especially for running as non-root) -# https://github.com/docker-library/tomcat/issues/35 - chmod -R +rX .; \ - chmod 777 logs work - -# verify Tomcat Native is working properly -RUN set -e \ - && nativeLines="$(catalina.sh configtest 2>&1)" \ - && nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')" \ - && nativeLines="$(echo "$nativeLines" | sort -u)" \ - && if ! echo "$nativeLines" | grep 'INFO: Loaded APR based Apache Tomcat Native library' >&2; then \ - echo >&2 "$nativeLines"; \ - exit 1; \ - fi - -EXPOSE 8080 -CMD ["catalina.sh", "run"] diff --git a/9.0/jre10/Dockerfile b/9.0/jre10/Dockerfile deleted file mode 100644 index b5232fdb2..000000000 --- a/9.0/jre10/Dockerfile +++ /dev/null @@ -1,167 +0,0 @@ -FROM openjdk:10-jre - -ENV CATALINA_HOME /usr/local/tomcat -ENV PATH $CATALINA_HOME/bin:$PATH -RUN mkdir -p "$CATALINA_HOME" -WORKDIR $CATALINA_HOME - -# let "Tomcat Native" live somewhere isolated -ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib -ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR - -# runtime dependencies for Tomcat Native Libraries -# Tomcat Native 1.2+ requires a newer version of OpenSSL than debian:jessie has available -# > checking OpenSSL library version >= 1.0.2... -# > configure: error: Your version of OpenSSL is not compatible with this version of tcnative -# see http://tomcat.10.x6.nabble.com/VOTE-Release-Apache-Tomcat-8-0-32-tp5046007p5046024.html (and following discussion) -# and https://github.com/docker-library/tomcat/pull/31 -ENV OPENSSL_VERSION 1.1.0j-1~deb9u1 -RUN set -ex; \ - currentVersion="$(dpkg-query --show --showformat '${Version}\n' openssl)"; \ - if dpkg --compare-versions "$currentVersion" '<<' "$OPENSSL_VERSION"; then \ - if ! grep -q stretch /etc/apt/sources.list; then \ -# only add stretch if we're not already building from within stretch - { \ - echo 'deb http://deb.debian.org/debian stretch main'; \ - echo 'deb http://security.debian.org stretch/updates main'; \ - echo 'deb http://deb.debian.org/debian stretch-updates main'; \ - } > /etc/apt/sources.list.d/stretch.list; \ - { \ -# add a negative "Pin-Priority" so that we never ever get packages from stretch unless we explicitly request them - echo 'Package: *'; \ - echo 'Pin: release n=stretch*'; \ - echo 'Pin-Priority: -10'; \ - echo; \ -# ... except OpenSSL, which is the reason we're here - echo 'Package: openssl libssl*'; \ - echo "Pin: version $OPENSSL_VERSION"; \ - echo 'Pin-Priority: 990'; \ - } > /etc/apt/preferences.d/stretch-openssl; \ - fi; \ - apt-get update; \ - apt-get install -y --no-install-recommends openssl="$OPENSSL_VERSION"; \ - rm -rf /var/lib/apt/lists/*; \ - fi - -RUN apt-get update && apt-get install -y --no-install-recommends \ - libapr1 \ - && rm -rf /var/lib/apt/lists/* - -# see https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/KEYS -# see also "update.sh" (https://github.com/docker-library/tomcat/blob/master/update.sh) -ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 61B832AC2F1C5A90F0F9B00A1C506407564C17A3 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23 - -ENV TOMCAT_MAJOR 9 -ENV TOMCAT_VERSION 9.0.13 -ENV TOMCAT_SHA512 526ee4dea8e149bf4423860e1a74e47bc0b3c1b97dff35a25ce8e811d26a5c3f12de527bd05eec99d684e4d149304f08c09ce41a6ee71e8ea19c798202d478a4 - -ENV TOMCAT_TGZ_URLS \ -# https://issues.apache.org/jira/browse/INFRA-8753?focusedCommentId=14735394#comment-14735394 - https://www.apache.org/dyn/closer.cgi?action=download&filename=tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz \ -# if the version is outdated, we might have to pull from the dist/archive :/ - https://www-us.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz \ - https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz \ - https://archive.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz - -ENV TOMCAT_ASC_URLS \ - https://www.apache.org/dyn/closer.cgi?action=download&filename=tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc \ -# not all the mirrors actually carry the .asc files :'( - https://www-us.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc \ - https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc \ - https://archive.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc - -RUN set -eux; \ - \ - savedAptMark="$(apt-mark showmanual)"; \ - apt-get update; \ - \ - apt-get install -y --no-install-recommends gnupg dirmngr; \ - \ - export GNUPGHOME="$(mktemp -d)"; \ - for key in $GPG_KEYS; do \ - gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \ - done; \ - \ - apt-get install -y --no-install-recommends wget ca-certificates; \ - \ - success=; \ - for url in $TOMCAT_TGZ_URLS; do \ - if wget -O tomcat.tar.gz "$url"; then \ - success=1; \ - break; \ - fi; \ - done; \ - [ -n "$success" ]; \ - \ - echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ - \ - success=; \ - for url in $TOMCAT_ASC_URLS; do \ - if wget -O tomcat.tar.gz.asc "$url"; then \ - success=1; \ - break; \ - fi; \ - done; \ - [ -n "$success" ]; \ - \ - gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ - tar -xvf tomcat.tar.gz --strip-components=1; \ - rm bin/*.bat; \ - rm tomcat.tar.gz*; \ - command -v gpgconf && gpgconf --kill all || :; \ - rm -rf "$GNUPGHOME"; \ - \ - nativeBuildDir="$(mktemp -d)"; \ - tar -xvf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ - apt-get install -y --no-install-recommends \ - dpkg-dev \ - gcc \ - libapr1-dev \ - libssl-dev \ - make \ - "openjdk-${JAVA_VERSION%%[.~bu-]*}-jdk=$JAVA_DEBIAN_VERSION" \ - ; \ - ( \ - export CATALINA_HOME="$PWD"; \ - cd "$nativeBuildDir/native"; \ - gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ - ./configure \ - --build="$gnuArch" \ - --libdir="$TOMCAT_NATIVE_LIBDIR" \ - --prefix="$CATALINA_HOME" \ - --with-apr="$(which apr-1-config)" \ - --with-java-home="$(docker-java-home)" \ - --with-ssl=yes; \ - make -j "$(nproc)"; \ - make install; \ - ); \ - rm -rf "$nativeBuildDir"; \ - rm bin/tomcat-native.tar.gz; \ - \ -# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies - apt-mark auto '.*' > /dev/null; \ - [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \ - apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ - rm -rf /var/lib/apt/lists/*; \ - \ -# sh removes env vars it doesn't support (ones with periods) -# https://github.com/docker-library/tomcat/issues/77 - find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ - \ -# fix permissions (especially for running as non-root) -# https://github.com/docker-library/tomcat/issues/35 - chmod -R +rX .; \ - chmod 777 logs work - -# verify Tomcat Native is working properly -RUN set -e \ - && nativeLines="$(catalina.sh configtest 2>&1)" \ - && nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')" \ - && nativeLines="$(echo "$nativeLines" | sort -u)" \ - && if ! echo "$nativeLines" | grep 'INFO: Loaded APR based Apache Tomcat Native library' >&2; then \ - echo >&2 "$nativeLines"; \ - exit 1; \ - fi - -EXPOSE 8080 -CMD ["catalina.sh", "run"]