From 1d5b421c857a719c1df712868ab7574954dbb466 Mon Sep 17 00:00:00 2001 From: Pawel Veselov Date: Fri, 5 May 2023 01:34:16 +0200 Subject: [PATCH 1/2] 10.1 with jdk17 corretto --- 8.5/jdk11/corretto-al2/Dockerfile | 35 ++++++++++++++++++++------- 8.5/jdk17/corretto-al2/Dockerfile | 35 ++++++++++++++++++++------- 8.5/jdk8/corretto-al2/Dockerfile | 35 ++++++++++++++++++++------- 9.0/jdk11/corretto-al2/Dockerfile | 35 ++++++++++++++++++++------- 9.0/jdk17/corretto-al2/Dockerfile | 35 ++++++++++++++++++++------- 9.0/jdk8/corretto-al2/Dockerfile | 35 ++++++++++++++++++++------- Dockerfile.template | 39 ++++++++++++++++++++++++------- shared.jq | 2 +- versions.json | 2 ++ 9 files changed, 196 insertions(+), 57 deletions(-) diff --git a/8.5/jdk11/corretto-al2/Dockerfile b/8.5/jdk11/corretto-al2/Dockerfile index e929ca7c8..2c462a2c9 100644 --- a/8.5/jdk11/corretto-al2/Dockerfile +++ b/8.5/jdk11/corretto-al2/Dockerfile @@ -26,10 +26,29 @@ ENV TOMCAT_SHA512 c31c794092b160c5b0099f4dfb5cf17d711d93ae68a60e414691dba65ad80c RUN set -eux; \ \ # http://yum.baseurl.org/wiki/YumDB.html - if ! command -v yumdb > /dev/null; then \ - yum install -y --setopt=skip_missing_names_on_install=False yum-utils; \ - yumdb set reason dep yum-utils; \ - fi; \ + # solves yum/dnf incompatibility + # https://bugzilla.redhat.com/show_bug.cgi?id=1682969 + # _mark_package {0|1} + # 0 means dependency + # 1 means user + _mark_package() { \ + if command dnf --version > /dev/null; then \ + p="${1/0/group}"; \ + p="${p/1/install}"; \ + shift; \ + dnf mark "$p" "$@"; \ + else \ + if ! command -v yumdb > /dev/null; then \ + yum install -y --setopt=skip_missing_names_on_install=False yum-utils; \ + yumdb set reason dep yum-utils; \ + fi; \ + p="${1/0/dep}"; \ + p="${p/1/user}"; \ + shift; \ + yumdb set reason "$p" "$@"; \ + fi; \ + }; \ + export -f _mark_package; \ # a helper function to "yum install" things, but only if they aren't installed (and to set their "reason" to "dep" so "yum autoremove" can purge them for us) _yum_install_temporary() { ( set -eu +x; \ local pkg todo=''; \ @@ -40,11 +59,11 @@ RUN set -eux; \ done; \ if [ -n "$todo" ]; then \ set -x; \ - yum install -y --setopt=skip_missing_names_on_install=False $todo; \ - yumdb set reason dep $todo; \ + yum install -y --allowerasing --setopt=skip_missing_names_on_install=False $todo; \ + _mark_package 0 $todo; \ fi; \ ) }; \ - _yum_install_temporary gzip tar; \ + _yum_install_temporary gzip tar gnupg2; \ \ ddist() { \ local f="$1"; shift; \ @@ -123,7 +142,7 @@ RUN set -eux; \ | xargs -rt rpm --query --whatprovides \ | sort -u \ | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ - | xargs -r yumdb set reason user \ + | xargs -r bash -c '_mark_package 1 "$@"' _ \ ; \ \ # clean up anything added temporarily and not later marked as necessary diff --git a/8.5/jdk17/corretto-al2/Dockerfile b/8.5/jdk17/corretto-al2/Dockerfile index 6c69bf2e0..91983882d 100644 --- a/8.5/jdk17/corretto-al2/Dockerfile +++ b/8.5/jdk17/corretto-al2/Dockerfile @@ -26,10 +26,29 @@ ENV TOMCAT_SHA512 c31c794092b160c5b0099f4dfb5cf17d711d93ae68a60e414691dba65ad80c RUN set -eux; \ \ # http://yum.baseurl.org/wiki/YumDB.html - if ! command -v yumdb > /dev/null; then \ - yum install -y --setopt=skip_missing_names_on_install=False yum-utils; \ - yumdb set reason dep yum-utils; \ - fi; \ + # solves yum/dnf incompatibility + # https://bugzilla.redhat.com/show_bug.cgi?id=1682969 + # _mark_package {0|1} + # 0 means dependency + # 1 means user + _mark_package() { \ + if command dnf --version > /dev/null; then \ + p="${1/0/group}"; \ + p="${p/1/install}"; \ + shift; \ + dnf mark "$p" "$@"; \ + else \ + if ! command -v yumdb > /dev/null; then \ + yum install -y --setopt=skip_missing_names_on_install=False yum-utils; \ + yumdb set reason dep yum-utils; \ + fi; \ + p="${1/0/dep}"; \ + p="${p/1/user}"; \ + shift; \ + yumdb set reason "$p" "$@"; \ + fi; \ + }; \ + export -f _mark_package; \ # a helper function to "yum install" things, but only if they aren't installed (and to set their "reason" to "dep" so "yum autoremove" can purge them for us) _yum_install_temporary() { ( set -eu +x; \ local pkg todo=''; \ @@ -40,11 +59,11 @@ RUN set -eux; \ done; \ if [ -n "$todo" ]; then \ set -x; \ - yum install -y --setopt=skip_missing_names_on_install=False $todo; \ - yumdb set reason dep $todo; \ + yum install -y --allowerasing --setopt=skip_missing_names_on_install=False $todo; \ + _mark_package 0 $todo; \ fi; \ ) }; \ - _yum_install_temporary gzip tar; \ + _yum_install_temporary gzip tar gnupg2; \ \ ddist() { \ local f="$1"; shift; \ @@ -123,7 +142,7 @@ RUN set -eux; \ | xargs -rt rpm --query --whatprovides \ | sort -u \ | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ - | xargs -r yumdb set reason user \ + | xargs -r bash -c '_mark_package 1 "$@"' _ \ ; \ \ # clean up anything added temporarily and not later marked as necessary diff --git a/8.5/jdk8/corretto-al2/Dockerfile b/8.5/jdk8/corretto-al2/Dockerfile index 695eba8ea..a1bfc1218 100644 --- a/8.5/jdk8/corretto-al2/Dockerfile +++ b/8.5/jdk8/corretto-al2/Dockerfile @@ -26,10 +26,29 @@ ENV TOMCAT_SHA512 c31c794092b160c5b0099f4dfb5cf17d711d93ae68a60e414691dba65ad80c RUN set -eux; \ \ # http://yum.baseurl.org/wiki/YumDB.html - if ! command -v yumdb > /dev/null; then \ - yum install -y --setopt=skip_missing_names_on_install=False yum-utils; \ - yumdb set reason dep yum-utils; \ - fi; \ + # solves yum/dnf incompatibility + # https://bugzilla.redhat.com/show_bug.cgi?id=1682969 + # _mark_package {0|1} + # 0 means dependency + # 1 means user + _mark_package() { \ + if command dnf --version > /dev/null; then \ + p="${1/0/group}"; \ + p="${p/1/install}"; \ + shift; \ + dnf mark "$p" "$@"; \ + else \ + if ! command -v yumdb > /dev/null; then \ + yum install -y --setopt=skip_missing_names_on_install=False yum-utils; \ + yumdb set reason dep yum-utils; \ + fi; \ + p="${1/0/dep}"; \ + p="${p/1/user}"; \ + shift; \ + yumdb set reason "$p" "$@"; \ + fi; \ + }; \ + export -f _mark_package; \ # a helper function to "yum install" things, but only if they aren't installed (and to set their "reason" to "dep" so "yum autoremove" can purge them for us) _yum_install_temporary() { ( set -eu +x; \ local pkg todo=''; \ @@ -40,11 +59,11 @@ RUN set -eux; \ done; \ if [ -n "$todo" ]; then \ set -x; \ - yum install -y --setopt=skip_missing_names_on_install=False $todo; \ - yumdb set reason dep $todo; \ + yum install -y --allowerasing --setopt=skip_missing_names_on_install=False $todo; \ + _mark_package 0 $todo; \ fi; \ ) }; \ - _yum_install_temporary gzip tar; \ + _yum_install_temporary gzip tar gnupg2; \ \ ddist() { \ local f="$1"; shift; \ @@ -123,7 +142,7 @@ RUN set -eux; \ | xargs -rt rpm --query --whatprovides \ | sort -u \ | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ - | xargs -r yumdb set reason user \ + | xargs -r bash -c '_mark_package 1 "$@"' _ \ ; \ \ # clean up anything added temporarily and not later marked as necessary diff --git a/9.0/jdk11/corretto-al2/Dockerfile b/9.0/jdk11/corretto-al2/Dockerfile index 24d9453aa..a6c099870 100644 --- a/9.0/jdk11/corretto-al2/Dockerfile +++ b/9.0/jdk11/corretto-al2/Dockerfile @@ -26,10 +26,29 @@ ENV TOMCAT_SHA512 0e173fc2a76404c41c571c50a1956a2b867870d767200bd30f48d89bf04a4b RUN set -eux; \ \ # http://yum.baseurl.org/wiki/YumDB.html - if ! command -v yumdb > /dev/null; then \ - yum install -y --setopt=skip_missing_names_on_install=False yum-utils; \ - yumdb set reason dep yum-utils; \ - fi; \ + # solves yum/dnf incompatibility + # https://bugzilla.redhat.com/show_bug.cgi?id=1682969 + # _mark_package {0|1} + # 0 means dependency + # 1 means user + _mark_package() { \ + if command dnf --version > /dev/null; then \ + p="${1/0/group}"; \ + p="${p/1/install}"; \ + shift; \ + dnf mark "$p" "$@"; \ + else \ + if ! command -v yumdb > /dev/null; then \ + yum install -y --setopt=skip_missing_names_on_install=False yum-utils; \ + yumdb set reason dep yum-utils; \ + fi; \ + p="${1/0/dep}"; \ + p="${p/1/user}"; \ + shift; \ + yumdb set reason "$p" "$@"; \ + fi; \ + }; \ + export -f _mark_package; \ # a helper function to "yum install" things, but only if they aren't installed (and to set their "reason" to "dep" so "yum autoremove" can purge them for us) _yum_install_temporary() { ( set -eu +x; \ local pkg todo=''; \ @@ -40,11 +59,11 @@ RUN set -eux; \ done; \ if [ -n "$todo" ]; then \ set -x; \ - yum install -y --setopt=skip_missing_names_on_install=False $todo; \ - yumdb set reason dep $todo; \ + yum install -y --allowerasing --setopt=skip_missing_names_on_install=False $todo; \ + _mark_package 0 $todo; \ fi; \ ) }; \ - _yum_install_temporary gzip tar; \ + _yum_install_temporary gzip tar gnupg2; \ \ ddist() { \ local f="$1"; shift; \ @@ -123,7 +142,7 @@ RUN set -eux; \ | xargs -rt rpm --query --whatprovides \ | sort -u \ | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ - | xargs -r yumdb set reason user \ + | xargs -r bash -c '_mark_package 1 "$@"' _ \ ; \ \ # clean up anything added temporarily and not later marked as necessary diff --git a/9.0/jdk17/corretto-al2/Dockerfile b/9.0/jdk17/corretto-al2/Dockerfile index bb69bdaf0..46d011fb6 100644 --- a/9.0/jdk17/corretto-al2/Dockerfile +++ b/9.0/jdk17/corretto-al2/Dockerfile @@ -26,10 +26,29 @@ ENV TOMCAT_SHA512 0e173fc2a76404c41c571c50a1956a2b867870d767200bd30f48d89bf04a4b RUN set -eux; \ \ # http://yum.baseurl.org/wiki/YumDB.html - if ! command -v yumdb > /dev/null; then \ - yum install -y --setopt=skip_missing_names_on_install=False yum-utils; \ - yumdb set reason dep yum-utils; \ - fi; \ + # solves yum/dnf incompatibility + # https://bugzilla.redhat.com/show_bug.cgi?id=1682969 + # _mark_package {0|1} + # 0 means dependency + # 1 means user + _mark_package() { \ + if command dnf --version > /dev/null; then \ + p="${1/0/group}"; \ + p="${p/1/install}"; \ + shift; \ + dnf mark "$p" "$@"; \ + else \ + if ! command -v yumdb > /dev/null; then \ + yum install -y --setopt=skip_missing_names_on_install=False yum-utils; \ + yumdb set reason dep yum-utils; \ + fi; \ + p="${1/0/dep}"; \ + p="${p/1/user}"; \ + shift; \ + yumdb set reason "$p" "$@"; \ + fi; \ + }; \ + export -f _mark_package; \ # a helper function to "yum install" things, but only if they aren't installed (and to set their "reason" to "dep" so "yum autoremove" can purge them for us) _yum_install_temporary() { ( set -eu +x; \ local pkg todo=''; \ @@ -40,11 +59,11 @@ RUN set -eux; \ done; \ if [ -n "$todo" ]; then \ set -x; \ - yum install -y --setopt=skip_missing_names_on_install=False $todo; \ - yumdb set reason dep $todo; \ + yum install -y --allowerasing --setopt=skip_missing_names_on_install=False $todo; \ + _mark_package 0 $todo; \ fi; \ ) }; \ - _yum_install_temporary gzip tar; \ + _yum_install_temporary gzip tar gnupg2; \ \ ddist() { \ local f="$1"; shift; \ @@ -123,7 +142,7 @@ RUN set -eux; \ | xargs -rt rpm --query --whatprovides \ | sort -u \ | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ - | xargs -r yumdb set reason user \ + | xargs -r bash -c '_mark_package 1 "$@"' _ \ ; \ \ # clean up anything added temporarily and not later marked as necessary diff --git a/9.0/jdk8/corretto-al2/Dockerfile b/9.0/jdk8/corretto-al2/Dockerfile index dee47d507..24bddafad 100644 --- a/9.0/jdk8/corretto-al2/Dockerfile +++ b/9.0/jdk8/corretto-al2/Dockerfile @@ -26,10 +26,29 @@ ENV TOMCAT_SHA512 0e173fc2a76404c41c571c50a1956a2b867870d767200bd30f48d89bf04a4b RUN set -eux; \ \ # http://yum.baseurl.org/wiki/YumDB.html - if ! command -v yumdb > /dev/null; then \ - yum install -y --setopt=skip_missing_names_on_install=False yum-utils; \ - yumdb set reason dep yum-utils; \ - fi; \ + # solves yum/dnf incompatibility + # https://bugzilla.redhat.com/show_bug.cgi?id=1682969 + # _mark_package {0|1} + # 0 means dependency + # 1 means user + _mark_package() { \ + if command dnf --version > /dev/null; then \ + p="${1/0/group}"; \ + p="${p/1/install}"; \ + shift; \ + dnf mark "$p" "$@"; \ + else \ + if ! command -v yumdb > /dev/null; then \ + yum install -y --setopt=skip_missing_names_on_install=False yum-utils; \ + yumdb set reason dep yum-utils; \ + fi; \ + p="${1/0/dep}"; \ + p="${p/1/user}"; \ + shift; \ + yumdb set reason "$p" "$@"; \ + fi; \ + }; \ + export -f _mark_package; \ # a helper function to "yum install" things, but only if they aren't installed (and to set their "reason" to "dep" so "yum autoremove" can purge them for us) _yum_install_temporary() { ( set -eu +x; \ local pkg todo=''; \ @@ -40,11 +59,11 @@ RUN set -eux; \ done; \ if [ -n "$todo" ]; then \ set -x; \ - yum install -y --setopt=skip_missing_names_on_install=False $todo; \ - yumdb set reason dep $todo; \ + yum install -y --allowerasing --setopt=skip_missing_names_on_install=False $todo; \ + _mark_package 0 $todo; \ fi; \ ) }; \ - _yum_install_temporary gzip tar; \ + _yum_install_temporary gzip tar gnupg2; \ \ ddist() { \ local f="$1"; shift; \ @@ -123,7 +142,7 @@ RUN set -eux; \ | xargs -rt rpm --query --whatprovides \ | sort -u \ | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ - | xargs -r yumdb set reason user \ + | xargs -r bash -c '_mark_package 1 "$@"' _ \ ; \ \ # clean up anything added temporarily and not later marked as necessary diff --git a/Dockerfile.template b/Dockerfile.template index 4eeabc7e2..7a4af7f2c 100644 --- a/Dockerfile.template +++ b/Dockerfile.template @@ -95,10 +95,29 @@ RUN set -eux; \ ; \ {{ ) else ( -}} # http://yum.baseurl.org/wiki/YumDB.html - if ! command -v yumdb > /dev/null; then \ - yum install -y --setopt=skip_missing_names_on_install=False yum-utils; \ - yumdb set reason dep yum-utils; \ - fi; \ + # solves yum/dnf incompatibility + # https://bugzilla.redhat.com/show_bug.cgi?id=1682969 + # _mark_package {0|1} + # 0 means dependency + # 1 means user + _mark_package() { \ + if command dnf --version > /dev/null; then \ + p="${1/0/group}"; \ + p="${p/1/install}"; \ + shift; \ + dnf mark "$p" "$@"; \ + else \ + if ! command -v yumdb > /dev/null; then \ + yum install -y --setopt=skip_missing_names_on_install=False yum-utils; \ + yumdb set reason dep yum-utils; \ + fi; \ + p="${1/0/dep}"; \ + p="${p/1/user}"; \ + shift; \ + yumdb set reason "$p" "$@"; \ + fi; \ + }; \ + export -f _mark_package; \ # a helper function to "yum install" things, but only if they aren't installed (and to set their "reason" to "dep" so "yum autoremove" can purge them for us) _yum_install_temporary() { ( set -eu +x; \ local pkg todo=''; \ @@ -109,11 +128,11 @@ RUN set -eux; \ done; \ if [ -n "$todo" ]; then \ set -x; \ - yum install -y --setopt=skip_missing_names_on_install=False $todo; \ - yumdb set reason dep $todo; \ + yum install -y --allowerasing --setopt=skip_missing_names_on_install=False $todo; \ + _mark_package 0 $todo; \ fi; \ ) }; \ - _yum_install_temporary gzip tar; \ + _yum_install_temporary gzip tar gnupg2; \ {{ ) end -}} \ ddist() { \ @@ -177,7 +196,11 @@ RUN set -eux; \ apr-devel \ gcc \ make \ +{{ if has_openssl_ge_3(vendor_variant) then ( -}} + openssl-devel \ +{{ ) else ( -}} openssl11-devel \ +{{ ) end -}} ; \ {{ ) end -}} ( \ @@ -232,7 +255,7 @@ RUN set -eux; \ | xargs -rt rpm --query --whatprovides \ | sort -u \ | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ - | xargs -r yumdb set reason user \ + | xargs -r bash -c '_mark_package 1 "$@"' _ \ ; \ \ # clean up anything added temporarily and not later marked as necessary diff --git a/shared.jq b/shared.jq index ae521752c..c14bd00e8 100644 --- a/shared.jq +++ b/shared.jq @@ -33,7 +33,7 @@ def has_openssl_ge_3(variant): # https://github.com/apache/tomcat-native/commit/f7930fa16f095717cfc641a8d24e60c343765adc variant | ( # amazonlinux - contains("al2") # corretto + ( contains("al2") and contains("al20") |not ) # corretto # debian or contains("bullseye") # openjdk or contains("buster") # openjdk diff --git a/versions.json b/versions.json index be621788d..ff386a97c 100644 --- a/versions.json +++ b/versions.json @@ -4,6 +4,8 @@ "variants": [ "jdk17/temurin-jammy", "jre17/temurin-jammy", + "jdk17/corretto-al2023", + "jre17/corretto-al2023", "jdk11/temurin-jammy", "jre11/temurin-jammy" ], From fc95340b8f483a588276d917e802d5ffd38e8095 Mon Sep 17 00:00:00 2001 From: Pawel Veselov Date: Fri, 5 May 2023 01:38:47 +0200 Subject: [PATCH 2/2] Added actual docker files --- 10.1/jdk17/corretto-al2023/Dockerfile | 175 ++++++++++++++++++++++++++ 10.1/jre17/corretto-al2023/Dockerfile | 43 +++++++ 2 files changed, 218 insertions(+) create mode 100644 10.1/jdk17/corretto-al2023/Dockerfile create mode 100644 10.1/jre17/corretto-al2023/Dockerfile diff --git a/10.1/jdk17/corretto-al2023/Dockerfile b/10.1/jdk17/corretto-al2023/Dockerfile new file mode 100644 index 000000000..40a718a64 --- /dev/null +++ b/10.1/jdk17/corretto-al2023/Dockerfile @@ -0,0 +1,175 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:17-al2023-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.8 +ENV TOMCAT_SHA512 bf1a80582d3fc6e7e32c8b72f6b9c2703d39832a8a337f660b8c201196a555c717647825b495169bef61845a1905507b10d62c2d76dfd8ca180bcd49e44d0d5e + +RUN set -eux; \ + \ +# http://yum.baseurl.org/wiki/YumDB.html + # solves yum/dnf incompatibility + # https://bugzilla.redhat.com/show_bug.cgi?id=1682969 + # _mark_package {0|1} + # 0 means dependency + # 1 means user + _mark_package() { \ + if command dnf --version > /dev/null; then \ + p="${1/0/group}"; \ + p="${p/1/install}"; \ + shift; \ + dnf mark "$p" "$@"; \ + else \ + if ! command -v yumdb > /dev/null; then \ + yum install -y --setopt=skip_missing_names_on_install=False yum-utils; \ + yumdb set reason dep yum-utils; \ + fi; \ + p="${1/0/dep}"; \ + p="${p/1/user}"; \ + shift; \ + yumdb set reason "$p" "$@"; \ + fi; \ + }; \ + export -f _mark_package; \ +# a helper function to "yum install" things, but only if they aren't installed (and to set their "reason" to "dep" so "yum autoremove" can purge them for us) + _yum_install_temporary() { ( set -eu +x; \ + local pkg todo=''; \ + for pkg; do \ + if ! rpm --query "$pkg" > /dev/null 2>&1; then \ + todo="$todo $pkg"; \ + fi; \ + done; \ + if [ -n "$todo" ]; then \ + set -x; \ + yum install -y --allowerasing --setopt=skip_missing_names_on_install=False $todo; \ + _mark_package 0 $todo; \ + fi; \ + ) }; \ + _yum_install_temporary gzip tar gnupg2; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://issues.apache.org/jira/browse/INFRA-8753?focusedCommentId=14735394#comment-14735394 + "https://www.apache.org/dyn/closer.cgi?action=download&filename=$distFile" \ +# if the version is outdated (or we're grabbing the .asc file), we might have to pull from the dist/archive :/ + "https://downloads.apache.org/$distFile" \ + "https://www-us.apache.org/dist/$distFile" \ + "https://www.apache.org/dist/$distFile" \ + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + _yum_install_temporary \ + apr-devel \ + gcc \ + make \ + openssl-devel \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# mark any explicit dependencies as manually installed + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt rpm --query --whatprovides \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r bash -c '_mark_package 1 "$@"' _ \ + ; \ + \ +# clean up anything added temporarily and not later marked as necessary + yum autoremove -y; \ + yum clean all; \ + rm -rf /var/cache/yum; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jre17/corretto-al2023/Dockerfile b/10.1/jre17/corretto-al2023/Dockerfile new file mode 100644 index 000000000..69dccc1b1 --- /dev/null +++ b/10.1/jre17/corretto-al2023/Dockerfile @@ -0,0 +1,43 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:17-al2023-jre + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.8 +ENV TOMCAT_SHA512 bf1a80582d3fc6e7e32c8b72f6b9c2703d39832a8a337f660b8c201196a555c717647825b495169bef61845a1905507b10d62c2d76dfd8ca180bcd49e44d0d5e + +COPY --from=tomcat:10.1.8-jdk17-corretto-al2023 $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + xargs -rt yum install -y --setopt=skip_missing_names_on_install=False < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + yum clean all; \ + rm -rf /var/cache/yum + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"]