diff --git a/10.0/jdk11/openj9-focal/Dockerfile b/10.0/jdk11/openj9-focal/Dockerfile new file mode 100644 index 000000000..4e835f703 --- /dev/null +++ b/10.0/jdk11/openj9-focal/Dockerfile @@ -0,0 +1,150 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-11-jdk-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.0.14 +ENV TOMCAT_SHA512 c2d2ad5ed17f7284e3aac5415774a8ef35434f14dbd9a87bc7230d8bfdbe9aa1258b97a59fa5c4030e4c973e4d93d29d20e40b6254347dbb66fae269ff4a61a5 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + dirmngr \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://issues.apache.org/jira/browse/INFRA-8753?focusedCommentId=14735394#comment-14735394 + "https://www.apache.org/dyn/closer.cgi?action=download&filename=$distFile" \ +# if the version is outdated (or we're grabbing the .asc file), we might have to pull from the dist/archive :/ + "https://downloads.apache.org/$distFile" \ + "https://www-us.apache.org/dist/$distFile" \ + "https://www.apache.org/dist/$distFile" \ + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + command -v gpgconf && gpgconf --kill all || :; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl=yes \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 777 logs temp work; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.0/jdk16/openj9-focal/Dockerfile b/10.0/jdk16/openj9-focal/Dockerfile new file mode 100644 index 000000000..2986ec98e --- /dev/null +++ b/10.0/jdk16/openj9-focal/Dockerfile @@ -0,0 +1,150 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-16-jdk-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.0.14 +ENV TOMCAT_SHA512 c2d2ad5ed17f7284e3aac5415774a8ef35434f14dbd9a87bc7230d8bfdbe9aa1258b97a59fa5c4030e4c973e4d93d29d20e40b6254347dbb66fae269ff4a61a5 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + dirmngr \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://issues.apache.org/jira/browse/INFRA-8753?focusedCommentId=14735394#comment-14735394 + "https://www.apache.org/dyn/closer.cgi?action=download&filename=$distFile" \ +# if the version is outdated (or we're grabbing the .asc file), we might have to pull from the dist/archive :/ + "https://downloads.apache.org/$distFile" \ + "https://www-us.apache.org/dist/$distFile" \ + "https://www.apache.org/dist/$distFile" \ + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + command -v gpgconf && gpgconf --kill all || :; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl=yes \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 777 logs temp work; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.0/jdk17/openj9-focal/Dockerfile b/10.0/jdk17/openj9-focal/Dockerfile new file mode 100644 index 000000000..93e5031fa --- /dev/null +++ b/10.0/jdk17/openj9-focal/Dockerfile @@ -0,0 +1,150 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-17-jdk-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.0.14 +ENV TOMCAT_SHA512 c2d2ad5ed17f7284e3aac5415774a8ef35434f14dbd9a87bc7230d8bfdbe9aa1258b97a59fa5c4030e4c973e4d93d29d20e40b6254347dbb66fae269ff4a61a5 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + dirmngr \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://issues.apache.org/jira/browse/INFRA-8753?focusedCommentId=14735394#comment-14735394 + "https://www.apache.org/dyn/closer.cgi?action=download&filename=$distFile" \ +# if the version is outdated (or we're grabbing the .asc file), we might have to pull from the dist/archive :/ + "https://downloads.apache.org/$distFile" \ + "https://www-us.apache.org/dist/$distFile" \ + "https://www.apache.org/dist/$distFile" \ + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + command -v gpgconf && gpgconf --kill all || :; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl=yes \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 777 logs temp work; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.0/jdk8/openj9-focal/Dockerfile b/10.0/jdk8/openj9-focal/Dockerfile new file mode 100644 index 000000000..cb88c158c --- /dev/null +++ b/10.0/jdk8/openj9-focal/Dockerfile @@ -0,0 +1,150 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-8-jdk-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.0.14 +ENV TOMCAT_SHA512 c2d2ad5ed17f7284e3aac5415774a8ef35434f14dbd9a87bc7230d8bfdbe9aa1258b97a59fa5c4030e4c973e4d93d29d20e40b6254347dbb66fae269ff4a61a5 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + dirmngr \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://issues.apache.org/jira/browse/INFRA-8753?focusedCommentId=14735394#comment-14735394 + "https://www.apache.org/dyn/closer.cgi?action=download&filename=$distFile" \ +# if the version is outdated (or we're grabbing the .asc file), we might have to pull from the dist/archive :/ + "https://downloads.apache.org/$distFile" \ + "https://www-us.apache.org/dist/$distFile" \ + "https://www.apache.org/dist/$distFile" \ + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + command -v gpgconf && gpgconf --kill all || :; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl=yes \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 777 logs temp work; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.0/jre11/openj9-focal/Dockerfile b/10.0/jre11/openj9-focal/Dockerfile new file mode 100644 index 000000000..255a8b8e2 --- /dev/null +++ b/10.0/jre11/openj9-focal/Dockerfile @@ -0,0 +1,43 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-11-jre-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.0.14 +ENV TOMCAT_SHA512 c2d2ad5ed17f7284e3aac5415774a8ef35434f14dbd9a87bc7230d8bfdbe9aa1258b97a59fa5c4030e4c973e4d93d29d20e40b6254347dbb66fae269ff4a61a5 + +COPY --from=tomcat:10.0.14-jdk11-openj9-focal $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.0/jre16/openj9-focal/Dockerfile b/10.0/jre16/openj9-focal/Dockerfile new file mode 100644 index 000000000..30dffd7d3 --- /dev/null +++ b/10.0/jre16/openj9-focal/Dockerfile @@ -0,0 +1,43 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-16-jre-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.0.14 +ENV TOMCAT_SHA512 c2d2ad5ed17f7284e3aac5415774a8ef35434f14dbd9a87bc7230d8bfdbe9aa1258b97a59fa5c4030e4c973e4d93d29d20e40b6254347dbb66fae269ff4a61a5 + +COPY --from=tomcat:10.0.14-jdk16-openj9-focal $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.0/jre17/openj9-focal/Dockerfile b/10.0/jre17/openj9-focal/Dockerfile new file mode 100644 index 000000000..f9f0392f5 --- /dev/null +++ b/10.0/jre17/openj9-focal/Dockerfile @@ -0,0 +1,43 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-17-jre-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.0.14 +ENV TOMCAT_SHA512 c2d2ad5ed17f7284e3aac5415774a8ef35434f14dbd9a87bc7230d8bfdbe9aa1258b97a59fa5c4030e4c973e4d93d29d20e40b6254347dbb66fae269ff4a61a5 + +COPY --from=tomcat:10.0.14-jdk17-openj9-focal $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.0/jre8/openj9-focal/Dockerfile b/10.0/jre8/openj9-focal/Dockerfile new file mode 100644 index 000000000..16e904ba3 --- /dev/null +++ b/10.0/jre8/openj9-focal/Dockerfile @@ -0,0 +1,43 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-8-jre-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.0.14 +ENV TOMCAT_SHA512 c2d2ad5ed17f7284e3aac5415774a8ef35434f14dbd9a87bc7230d8bfdbe9aa1258b97a59fa5c4030e4c973e4d93d29d20e40b6254347dbb66fae269ff4a61a5 + +COPY --from=tomcat:10.0.14-jdk8-openj9-focal $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk11/openj9-focal/Dockerfile b/10.1/jdk11/openj9-focal/Dockerfile new file mode 100644 index 000000000..a06e20857 --- /dev/null +++ b/10.1/jdk11/openj9-focal/Dockerfile @@ -0,0 +1,150 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-11-jdk-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.0-M8 +ENV TOMCAT_SHA512 ef4e086cb244d0a7ef6fbe662a551dd0e7520947e198505252600756055f64d43cb1e75fd7158978fec5908d893c3c560b100f4dd70b15dcaa677bedf2fde449 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + dirmngr \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://issues.apache.org/jira/browse/INFRA-8753?focusedCommentId=14735394#comment-14735394 + "https://www.apache.org/dyn/closer.cgi?action=download&filename=$distFile" \ +# if the version is outdated (or we're grabbing the .asc file), we might have to pull from the dist/archive :/ + "https://downloads.apache.org/$distFile" \ + "https://www-us.apache.org/dist/$distFile" \ + "https://www.apache.org/dist/$distFile" \ + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + command -v gpgconf && gpgconf --kill all || :; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl=yes \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 777 logs temp work; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk16/openj9-focal/Dockerfile b/10.1/jdk16/openj9-focal/Dockerfile new file mode 100644 index 000000000..9807d6995 --- /dev/null +++ b/10.1/jdk16/openj9-focal/Dockerfile @@ -0,0 +1,150 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-16-jdk-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.0-M8 +ENV TOMCAT_SHA512 ef4e086cb244d0a7ef6fbe662a551dd0e7520947e198505252600756055f64d43cb1e75fd7158978fec5908d893c3c560b100f4dd70b15dcaa677bedf2fde449 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + dirmngr \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://issues.apache.org/jira/browse/INFRA-8753?focusedCommentId=14735394#comment-14735394 + "https://www.apache.org/dyn/closer.cgi?action=download&filename=$distFile" \ +# if the version is outdated (or we're grabbing the .asc file), we might have to pull from the dist/archive :/ + "https://downloads.apache.org/$distFile" \ + "https://www-us.apache.org/dist/$distFile" \ + "https://www.apache.org/dist/$distFile" \ + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + command -v gpgconf && gpgconf --kill all || :; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl=yes \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 777 logs temp work; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk17/openj9-focal/Dockerfile b/10.1/jdk17/openj9-focal/Dockerfile new file mode 100644 index 000000000..78753fb0f --- /dev/null +++ b/10.1/jdk17/openj9-focal/Dockerfile @@ -0,0 +1,150 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-17-jdk-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.0-M8 +ENV TOMCAT_SHA512 ef4e086cb244d0a7ef6fbe662a551dd0e7520947e198505252600756055f64d43cb1e75fd7158978fec5908d893c3c560b100f4dd70b15dcaa677bedf2fde449 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + dirmngr \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://issues.apache.org/jira/browse/INFRA-8753?focusedCommentId=14735394#comment-14735394 + "https://www.apache.org/dyn/closer.cgi?action=download&filename=$distFile" \ +# if the version is outdated (or we're grabbing the .asc file), we might have to pull from the dist/archive :/ + "https://downloads.apache.org/$distFile" \ + "https://www-us.apache.org/dist/$distFile" \ + "https://www.apache.org/dist/$distFile" \ + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + command -v gpgconf && gpgconf --kill all || :; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl=yes \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 777 logs temp work; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jre11/openj9-focal/Dockerfile b/10.1/jre11/openj9-focal/Dockerfile new file mode 100644 index 000000000..3d78951fa --- /dev/null +++ b/10.1/jre11/openj9-focal/Dockerfile @@ -0,0 +1,43 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-11-jre-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.0-M8 +ENV TOMCAT_SHA512 ef4e086cb244d0a7ef6fbe662a551dd0e7520947e198505252600756055f64d43cb1e75fd7158978fec5908d893c3c560b100f4dd70b15dcaa677bedf2fde449 + +COPY --from=tomcat:10.1.0-M8-jdk11-openj9-focal $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jre16/openj9-focal/Dockerfile b/10.1/jre16/openj9-focal/Dockerfile new file mode 100644 index 000000000..fc83a06c4 --- /dev/null +++ b/10.1/jre16/openj9-focal/Dockerfile @@ -0,0 +1,43 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-16-jre-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.0-M8 +ENV TOMCAT_SHA512 ef4e086cb244d0a7ef6fbe662a551dd0e7520947e198505252600756055f64d43cb1e75fd7158978fec5908d893c3c560b100f4dd70b15dcaa677bedf2fde449 + +COPY --from=tomcat:10.1.0-M8-jdk16-openj9-focal $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jre17/openj9-focal/Dockerfile b/10.1/jre17/openj9-focal/Dockerfile new file mode 100644 index 000000000..296e749e3 --- /dev/null +++ b/10.1/jre17/openj9-focal/Dockerfile @@ -0,0 +1,43 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-17-jre-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.0-M8 +ENV TOMCAT_SHA512 ef4e086cb244d0a7ef6fbe662a551dd0e7520947e198505252600756055f64d43cb1e75fd7158978fec5908d893c3c560b100f4dd70b15dcaa677bedf2fde449 + +COPY --from=tomcat:10.1.0-M8-jdk17-openj9-focal $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/8.5/jdk11/openj9-focal/Dockerfile b/8.5/jdk11/openj9-focal/Dockerfile new file mode 100644 index 000000000..364e1866f --- /dev/null +++ b/8.5/jdk11/openj9-focal/Dockerfile @@ -0,0 +1,150 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-11-jdk-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-8/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 5C3C5F3E314C866292F359A8F3AD5C94A67F707E 765908099ACF92702C7D949BFA0C35EA8AA299F1 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23 + +ENV TOMCAT_MAJOR 8 +ENV TOMCAT_VERSION 8.5.73 +ENV TOMCAT_SHA512 4d33760d007acc5271ba0f946d2be96f6146d4632e411c9b72d351fc49d08355e8b84b051713a2f580e0f633cbe4409b7e9bb0e62f3af8d1094c6e4b3fdb96f0 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + dirmngr \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://issues.apache.org/jira/browse/INFRA-8753?focusedCommentId=14735394#comment-14735394 + "https://www.apache.org/dyn/closer.cgi?action=download&filename=$distFile" \ +# if the version is outdated (or we're grabbing the .asc file), we might have to pull from the dist/archive :/ + "https://downloads.apache.org/$distFile" \ + "https://www-us.apache.org/dist/$distFile" \ + "https://www.apache.org/dist/$distFile" \ + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + command -v gpgconf && gpgconf --kill all || :; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl=yes \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 777 logs temp work; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/8.5/jdk16/openj9-focal/Dockerfile b/8.5/jdk16/openj9-focal/Dockerfile new file mode 100644 index 000000000..bd773a2cf --- /dev/null +++ b/8.5/jdk16/openj9-focal/Dockerfile @@ -0,0 +1,150 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-16-jdk-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-8/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 5C3C5F3E314C866292F359A8F3AD5C94A67F707E 765908099ACF92702C7D949BFA0C35EA8AA299F1 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23 + +ENV TOMCAT_MAJOR 8 +ENV TOMCAT_VERSION 8.5.73 +ENV TOMCAT_SHA512 4d33760d007acc5271ba0f946d2be96f6146d4632e411c9b72d351fc49d08355e8b84b051713a2f580e0f633cbe4409b7e9bb0e62f3af8d1094c6e4b3fdb96f0 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + dirmngr \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://issues.apache.org/jira/browse/INFRA-8753?focusedCommentId=14735394#comment-14735394 + "https://www.apache.org/dyn/closer.cgi?action=download&filename=$distFile" \ +# if the version is outdated (or we're grabbing the .asc file), we might have to pull from the dist/archive :/ + "https://downloads.apache.org/$distFile" \ + "https://www-us.apache.org/dist/$distFile" \ + "https://www.apache.org/dist/$distFile" \ + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + command -v gpgconf && gpgconf --kill all || :; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl=yes \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 777 logs temp work; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/8.5/jdk17/openj9-focal/Dockerfile b/8.5/jdk17/openj9-focal/Dockerfile new file mode 100644 index 000000000..95667f8da --- /dev/null +++ b/8.5/jdk17/openj9-focal/Dockerfile @@ -0,0 +1,150 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-17-jdk-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-8/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 5C3C5F3E314C866292F359A8F3AD5C94A67F707E 765908099ACF92702C7D949BFA0C35EA8AA299F1 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23 + +ENV TOMCAT_MAJOR 8 +ENV TOMCAT_VERSION 8.5.73 +ENV TOMCAT_SHA512 4d33760d007acc5271ba0f946d2be96f6146d4632e411c9b72d351fc49d08355e8b84b051713a2f580e0f633cbe4409b7e9bb0e62f3af8d1094c6e4b3fdb96f0 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + dirmngr \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://issues.apache.org/jira/browse/INFRA-8753?focusedCommentId=14735394#comment-14735394 + "https://www.apache.org/dyn/closer.cgi?action=download&filename=$distFile" \ +# if the version is outdated (or we're grabbing the .asc file), we might have to pull from the dist/archive :/ + "https://downloads.apache.org/$distFile" \ + "https://www-us.apache.org/dist/$distFile" \ + "https://www.apache.org/dist/$distFile" \ + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + command -v gpgconf && gpgconf --kill all || :; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl=yes \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 777 logs temp work; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/8.5/jdk8/openj9-focal/Dockerfile b/8.5/jdk8/openj9-focal/Dockerfile new file mode 100644 index 000000000..83825ac91 --- /dev/null +++ b/8.5/jdk8/openj9-focal/Dockerfile @@ -0,0 +1,150 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-8-jdk-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-8/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 5C3C5F3E314C866292F359A8F3AD5C94A67F707E 765908099ACF92702C7D949BFA0C35EA8AA299F1 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23 + +ENV TOMCAT_MAJOR 8 +ENV TOMCAT_VERSION 8.5.73 +ENV TOMCAT_SHA512 4d33760d007acc5271ba0f946d2be96f6146d4632e411c9b72d351fc49d08355e8b84b051713a2f580e0f633cbe4409b7e9bb0e62f3af8d1094c6e4b3fdb96f0 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + dirmngr \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://issues.apache.org/jira/browse/INFRA-8753?focusedCommentId=14735394#comment-14735394 + "https://www.apache.org/dyn/closer.cgi?action=download&filename=$distFile" \ +# if the version is outdated (or we're grabbing the .asc file), we might have to pull from the dist/archive :/ + "https://downloads.apache.org/$distFile" \ + "https://www-us.apache.org/dist/$distFile" \ + "https://www.apache.org/dist/$distFile" \ + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + command -v gpgconf && gpgconf --kill all || :; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl=yes \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 777 logs temp work; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/8.5/jre11/openj9-focal/Dockerfile b/8.5/jre11/openj9-focal/Dockerfile new file mode 100644 index 000000000..cdef0a022 --- /dev/null +++ b/8.5/jre11/openj9-focal/Dockerfile @@ -0,0 +1,43 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-11-jre-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-8/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 5C3C5F3E314C866292F359A8F3AD5C94A67F707E 765908099ACF92702C7D949BFA0C35EA8AA299F1 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23 + +ENV TOMCAT_MAJOR 8 +ENV TOMCAT_VERSION 8.5.73 +ENV TOMCAT_SHA512 4d33760d007acc5271ba0f946d2be96f6146d4632e411c9b72d351fc49d08355e8b84b051713a2f580e0f633cbe4409b7e9bb0e62f3af8d1094c6e4b3fdb96f0 + +COPY --from=tomcat:8.5.73-jdk11-openj9-focal $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/8.5/jre16/openj9-focal/Dockerfile b/8.5/jre16/openj9-focal/Dockerfile new file mode 100644 index 000000000..7ec4ab5f7 --- /dev/null +++ b/8.5/jre16/openj9-focal/Dockerfile @@ -0,0 +1,43 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-16-jre-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-8/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 5C3C5F3E314C866292F359A8F3AD5C94A67F707E 765908099ACF92702C7D949BFA0C35EA8AA299F1 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23 + +ENV TOMCAT_MAJOR 8 +ENV TOMCAT_VERSION 8.5.73 +ENV TOMCAT_SHA512 4d33760d007acc5271ba0f946d2be96f6146d4632e411c9b72d351fc49d08355e8b84b051713a2f580e0f633cbe4409b7e9bb0e62f3af8d1094c6e4b3fdb96f0 + +COPY --from=tomcat:8.5.73-jdk16-openj9-focal $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/8.5/jre17/openj9-focal/Dockerfile b/8.5/jre17/openj9-focal/Dockerfile new file mode 100644 index 000000000..ca8871773 --- /dev/null +++ b/8.5/jre17/openj9-focal/Dockerfile @@ -0,0 +1,43 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-17-jre-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-8/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 5C3C5F3E314C866292F359A8F3AD5C94A67F707E 765908099ACF92702C7D949BFA0C35EA8AA299F1 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23 + +ENV TOMCAT_MAJOR 8 +ENV TOMCAT_VERSION 8.5.73 +ENV TOMCAT_SHA512 4d33760d007acc5271ba0f946d2be96f6146d4632e411c9b72d351fc49d08355e8b84b051713a2f580e0f633cbe4409b7e9bb0e62f3af8d1094c6e4b3fdb96f0 + +COPY --from=tomcat:8.5.73-jdk17-openj9-focal $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/8.5/jre8/openj9-focal/Dockerfile b/8.5/jre8/openj9-focal/Dockerfile new file mode 100644 index 000000000..ab314eaaf --- /dev/null +++ b/8.5/jre8/openj9-focal/Dockerfile @@ -0,0 +1,43 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-8-jre-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-8/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 5C3C5F3E314C866292F359A8F3AD5C94A67F707E 765908099ACF92702C7D949BFA0C35EA8AA299F1 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23 + +ENV TOMCAT_MAJOR 8 +ENV TOMCAT_VERSION 8.5.73 +ENV TOMCAT_SHA512 4d33760d007acc5271ba0f946d2be96f6146d4632e411c9b72d351fc49d08355e8b84b051713a2f580e0f633cbe4409b7e9bb0e62f3af8d1094c6e4b3fdb96f0 + +COPY --from=tomcat:8.5.73-jdk8-openj9-focal $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk11/openj9-focal/Dockerfile b/9.0/jdk11/openj9-focal/Dockerfile new file mode 100644 index 000000000..3fbee44d1 --- /dev/null +++ b/9.0/jdk11/openj9-focal/Dockerfile @@ -0,0 +1,150 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-11-jdk-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.56 +ENV TOMCAT_SHA512 b4c2c85891e84f0fbd8fec889ef0890d68a2bfa53eb31d4d39fcf5758aa483694af7ac27533ea4bc3fc3fdae56f2fa9c018d4acf872574c0ec5e37bb443599ce + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + dirmngr \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://issues.apache.org/jira/browse/INFRA-8753?focusedCommentId=14735394#comment-14735394 + "https://www.apache.org/dyn/closer.cgi?action=download&filename=$distFile" \ +# if the version is outdated (or we're grabbing the .asc file), we might have to pull from the dist/archive :/ + "https://downloads.apache.org/$distFile" \ + "https://www-us.apache.org/dist/$distFile" \ + "https://www.apache.org/dist/$distFile" \ + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + command -v gpgconf && gpgconf --kill all || :; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl=yes \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 777 logs temp work; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk16/openj9-focal/Dockerfile b/9.0/jdk16/openj9-focal/Dockerfile new file mode 100644 index 000000000..5299244f7 --- /dev/null +++ b/9.0/jdk16/openj9-focal/Dockerfile @@ -0,0 +1,150 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-16-jdk-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.56 +ENV TOMCAT_SHA512 b4c2c85891e84f0fbd8fec889ef0890d68a2bfa53eb31d4d39fcf5758aa483694af7ac27533ea4bc3fc3fdae56f2fa9c018d4acf872574c0ec5e37bb443599ce + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + dirmngr \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://issues.apache.org/jira/browse/INFRA-8753?focusedCommentId=14735394#comment-14735394 + "https://www.apache.org/dyn/closer.cgi?action=download&filename=$distFile" \ +# if the version is outdated (or we're grabbing the .asc file), we might have to pull from the dist/archive :/ + "https://downloads.apache.org/$distFile" \ + "https://www-us.apache.org/dist/$distFile" \ + "https://www.apache.org/dist/$distFile" \ + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + command -v gpgconf && gpgconf --kill all || :; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl=yes \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 777 logs temp work; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk17/openj9-focal/Dockerfile b/9.0/jdk17/openj9-focal/Dockerfile new file mode 100644 index 000000000..48a7bc7ab --- /dev/null +++ b/9.0/jdk17/openj9-focal/Dockerfile @@ -0,0 +1,150 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-17-jdk-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.56 +ENV TOMCAT_SHA512 b4c2c85891e84f0fbd8fec889ef0890d68a2bfa53eb31d4d39fcf5758aa483694af7ac27533ea4bc3fc3fdae56f2fa9c018d4acf872574c0ec5e37bb443599ce + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + dirmngr \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://issues.apache.org/jira/browse/INFRA-8753?focusedCommentId=14735394#comment-14735394 + "https://www.apache.org/dyn/closer.cgi?action=download&filename=$distFile" \ +# if the version is outdated (or we're grabbing the .asc file), we might have to pull from the dist/archive :/ + "https://downloads.apache.org/$distFile" \ + "https://www-us.apache.org/dist/$distFile" \ + "https://www.apache.org/dist/$distFile" \ + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + command -v gpgconf && gpgconf --kill all || :; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl=yes \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 777 logs temp work; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk8/openj9-focal/Dockerfile b/9.0/jdk8/openj9-focal/Dockerfile new file mode 100644 index 000000000..0cddcc82b --- /dev/null +++ b/9.0/jdk8/openj9-focal/Dockerfile @@ -0,0 +1,150 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-8-jdk-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.56 +ENV TOMCAT_SHA512 b4c2c85891e84f0fbd8fec889ef0890d68a2bfa53eb31d4d39fcf5758aa483694af7ac27533ea4bc3fc3fdae56f2fa9c018d4acf872574c0ec5e37bb443599ce + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + dirmngr \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://issues.apache.org/jira/browse/INFRA-8753?focusedCommentId=14735394#comment-14735394 + "https://www.apache.org/dyn/closer.cgi?action=download&filename=$distFile" \ +# if the version is outdated (or we're grabbing the .asc file), we might have to pull from the dist/archive :/ + "https://downloads.apache.org/$distFile" \ + "https://www-us.apache.org/dist/$distFile" \ + "https://www.apache.org/dist/$distFile" \ + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + command -v gpgconf && gpgconf --kill all || :; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl=yes \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 777 logs temp work; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jre11/openj9-focal/Dockerfile b/9.0/jre11/openj9-focal/Dockerfile new file mode 100644 index 000000000..8add35ad5 --- /dev/null +++ b/9.0/jre11/openj9-focal/Dockerfile @@ -0,0 +1,43 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-11-jre-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.56 +ENV TOMCAT_SHA512 b4c2c85891e84f0fbd8fec889ef0890d68a2bfa53eb31d4d39fcf5758aa483694af7ac27533ea4bc3fc3fdae56f2fa9c018d4acf872574c0ec5e37bb443599ce + +COPY --from=tomcat:9.0.56-jdk11-openj9-focal $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jre16/openj9-focal/Dockerfile b/9.0/jre16/openj9-focal/Dockerfile new file mode 100644 index 000000000..0bacd871f --- /dev/null +++ b/9.0/jre16/openj9-focal/Dockerfile @@ -0,0 +1,43 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-16-jre-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.56 +ENV TOMCAT_SHA512 b4c2c85891e84f0fbd8fec889ef0890d68a2bfa53eb31d4d39fcf5758aa483694af7ac27533ea4bc3fc3fdae56f2fa9c018d4acf872574c0ec5e37bb443599ce + +COPY --from=tomcat:9.0.56-jdk16-openj9-focal $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jre17/openj9-focal/Dockerfile b/9.0/jre17/openj9-focal/Dockerfile new file mode 100644 index 000000000..3bc3dbc43 --- /dev/null +++ b/9.0/jre17/openj9-focal/Dockerfile @@ -0,0 +1,43 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-17-jre-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.56 +ENV TOMCAT_SHA512 b4c2c85891e84f0fbd8fec889ef0890d68a2bfa53eb31d4d39fcf5758aa483694af7ac27533ea4bc3fc3fdae56f2fa9c018d4acf872574c0ec5e37bb443599ce + +COPY --from=tomcat:9.0.56-jdk17-openj9-focal $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jre8/openj9-focal/Dockerfile b/9.0/jre8/openj9-focal/Dockerfile new file mode 100644 index 000000000..83c33ded4 --- /dev/null +++ b/9.0/jre8/openj9-focal/Dockerfile @@ -0,0 +1,43 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-8-jre-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.56 +ENV TOMCAT_SHA512 b4c2c85891e84f0fbd8fec889ef0890d68a2bfa53eb31d4d39fcf5758aa483694af7ac27533ea4bc3fc3fdae56f2fa9c018d4acf872574c0ec5e37bb443599ce + +COPY --from=tomcat:9.0.56-jdk8-openj9-focal $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/Dockerfile.template b/Dockerfile.template index 14d2d32d7..4c2ae6432 100644 --- a/Dockerfile.template +++ b/Dockerfile.template @@ -5,6 +5,7 @@ vendor_variant | ( startswith("openjdk") or startswith("temurin") + or startswith("openj9") ) ; def major: diff --git a/from.jq b/from.jq index 08ac95de9..ea85d2145 100644 --- a/from.jq +++ b/from.jq @@ -16,6 +16,8 @@ def from: "openjdk:" + java_version + "-" + java_variant + ltrimstr("openjdk") elif . == "corretto" and java_variant == "jdk" then "amazoncorretto:" + java_version + elif . == "openj9-focal" then + "ibm-semeru-runtimes:" + "open-" + java_version + "-" + java_variant + "-focal" elif test("^temurin-") then "eclipse-temurin:" + java_version + "-" + java_variant + ltrimstr("temurin") else diff --git a/versions.json b/versions.json index a49016f50..800d7a350 100644 --- a/versions.json +++ b/versions.json @@ -8,7 +8,11 @@ "jdk17/openjdk-slim-buster", "jdk17/corretto", "jdk17/temurin-focal", + "jdk17/openj9-focal", + "jre17/openj9-focal", "jdk16/temurin-focal", + "jdk16/openj9-focal", + "jre16/openj9-focal", "jdk11/openjdk-bullseye", "jre11/openjdk-bullseye", "jdk11/openjdk-buster", @@ -20,6 +24,8 @@ "jdk11/corretto", "jdk11/temurin-focal", "jre11/temurin-focal", + "jdk11/openj9-focal", + "jre11/openj9-focal", "jdk8/openjdk-bullseye", "jre8/openjdk-bullseye", "jdk8/openjdk-buster", @@ -30,7 +36,9 @@ "jre8/openjdk-slim-buster", "jdk8/corretto", "jdk8/temurin-focal", - "jre8/temurin-focal" + "jre8/temurin-focal", + "jdk8/openj9-focal", + "jre8/openj9-focal" ], "version": "10.0.14" }, @@ -43,7 +51,11 @@ "jdk17/openjdk-slim-buster", "jdk17/corretto", "jdk17/temurin-focal", + "jdk17/openj9-focal", + "jre17/openj9-focal", "jdk16/temurin-focal", + "jdk16/openj9-focal", + "jre16/openj9-focal", "jdk11/openjdk-bullseye", "jre11/openjdk-bullseye", "jdk11/openjdk-buster", @@ -54,7 +66,9 @@ "jre11/openjdk-slim-buster", "jdk11/corretto", "jdk11/temurin-focal", - "jre11/temurin-focal" + "jre11/temurin-focal", + "jdk11/openj9-focal", + "jre11/openj9-focal" ], "version": "10.1.0-M8" }, @@ -67,7 +81,11 @@ "jdk17/openjdk-slim-buster", "jdk17/corretto", "jdk17/temurin-focal", + "jdk17/openj9-focal", + "jre17/openj9-focal", "jdk16/temurin-focal", + "jdk16/openj9-focal", + "jre16/openj9-focal", "jdk11/openjdk-bullseye", "jre11/openjdk-bullseye", "jdk11/openjdk-buster", @@ -79,6 +97,8 @@ "jdk11/corretto", "jdk11/temurin-focal", "jre11/temurin-focal", + "jdk11/openj9-focal", + "jre11/openj9-focal", "jdk8/openjdk-bullseye", "jre8/openjdk-bullseye", "jdk8/openjdk-buster", @@ -89,7 +109,9 @@ "jre8/openjdk-slim-buster", "jdk8/corretto", "jdk8/temurin-focal", - "jre8/temurin-focal" + "jre8/temurin-focal", + "jdk8/openj9-focal", + "jre8/openj9-focal" ], "version": "8.5.73" }, @@ -102,7 +124,11 @@ "jdk17/openjdk-slim-buster", "jdk17/corretto", "jdk17/temurin-focal", + "jdk17/openj9-focal", + "jre17/openj9-focal", "jdk16/temurin-focal", + "jdk16/openj9-focal", + "jre16/openj9-focal", "jdk11/openjdk-bullseye", "jre11/openjdk-bullseye", "jdk11/openjdk-buster", @@ -114,6 +140,8 @@ "jdk11/corretto", "jdk11/temurin-focal", "jre11/temurin-focal", + "jdk11/openj9-focal", + "jre11/openj9-focal", "jdk8/openjdk-bullseye", "jre8/openjdk-bullseye", "jdk8/openjdk-buster", @@ -124,7 +152,9 @@ "jre8/openjdk-slim-buster", "jdk8/corretto", "jdk8/temurin-focal", - "jre8/temurin-focal" + "jre8/temurin-focal", + "jdk8/openj9-focal", + "jre8/openj9-focal" ], "version": "9.0.56" } diff --git a/versions.sh b/versions.sh index a70bf039d..0b82e4ad0 100755 --- a/versions.sh +++ b/versions.sh @@ -17,7 +17,7 @@ bashbrew --version > /dev/null allVariants='[]' for javaVersion in 17 16 11 8; do # OpenJDK, followed by all other variants alphabetically - for vendorVariant in openjdk{,-slim}-{bullseye,buster} corretto temurin-focal; do + for vendorVariant in openjdk{,-slim}-{bullseye,buster} corretto temurin-focal openj9-focal; do for javaVariant in {jdk,jre}"$javaVersion"; do export variant="$javaVariant/$vendorVariant" if image="$(jq -nr '