-
-
Notifications
You must be signed in to change notification settings - Fork 102
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
docker: Alpine 320 Static Dockerfile (#3648)
- Loading branch information
1 parent
d801284
commit bf78273
Showing
1 changed file
with
46 additions
and
0 deletions.
There are no files selected for viewing
46 changes: 46 additions & 0 deletions
46
...ble/playbooks/AdoptOpenJDK_Unix_Playbook/roles/DockerStatic/Dockerfiles/Dockerfile.alp320
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
FROM alpine:3.20 | ||
|
||
RUN apk --update add bash shadow openssh-server openssh-client unzip zip wget git curl make gcc perl xvfb \ | ||
libxrender libxi libxtst procps musl-dev perl-doc alsa-lib libx11 msttcorefonts-installer fontconfig libxext freetype zlib fakeroot gnupg | ||
|
||
# Add SSL Test packages | ||
RUN apk --update add openssl gnutls gnutls-dev gnutls-utils nss nss-dev nss-tools | ||
|
||
RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -P "" | ||
|
||
## Ensure Fonts Are Updated (Issue https://github.com/adoptium/infrastructure/issues/3039) | ||
RUN update-ms-fonts | ||
|
||
# Get latest jdk21 ga | ||
RUN wget -q 'https://api.adoptium.net/v3/binary/latest/21/ga/alpine-linux/x64/jdk/hotspot/normal/eclipse?project=jdk' -O /tmp/jdk21.tar.gz | ||
RUN gpg --keyserver keyserver.ubuntu.com --recv-keys 3B04D753C9050D9A5D343F39843C48A565F8F04B | ||
# Get sig file for latest jdk21 ga | ||
RUN wget -q `curl -s 'https://api.adoptium.net/v3/assets/feature_releases/21/ga?architecture=x64&heap_size=normal&image_type=jdk&jvm_impl=hotspot&os=alpine-linux&page=0&page_size=1&project=jdk&vendor=eclipse' | grep signature_link | awk '{split($0,a,"\""); print a[4]}'` -O /tmp/jdk21.sig | ||
RUN gpg --verify /tmp/jdk21.sig /tmp/jdk21.tar.gz | ||
RUN mkdir -p /usr/lib/jvm/jdk21 && tar -xpzf /tmp/jdk21.tar.gz -C /usr/lib/jvm/jdk21 --strip-components=1 | ||
|
||
# Install ant and ant-contrib. | ||
RUN wget -O /tmp/ant.zip 'https://archive.apache.org/dist/ant/binaries/apache-ant-1.10.9-bin.zip' | ||
RUN wget -O /tmp/ant-contrib.tgz https://sourceforge.net/projects/ant-contrib/files/ant-contrib/ant-contrib-1.0b2/ant-contrib-1.0b2-bin.tar.gz | ||
RUN echo "d085f59349edf22a93d835aa30aea2521ed39bdb99d57d941f1ebd8d115a561bb28aecc781915ff2a0d9f7caf7bae536cdda0910bb432b2a4bce8b7b90c2903b /tmp/ant.zip" > /tmp/ant.sha512 | ||
RUN echo "0fd2771dca2b8b014a4cb3246715b32e20ad5d26754186d82eee781507a183d5e63064890b95eb27c091c93c1209528a0b18a6d7e6901899319492a7610e74ad /tmp/ant-contrib.tgz" >> /tmp/ant.sha512 | ||
RUN sha512sum -c /tmp/ant.sha512 | ||
RUN unzip -q -d /usr/local /tmp/ant.zip | ||
RUN tar xpfz /tmp/ant-contrib.tgz -C /usr/local/apache-ant-1.10.9/lib --strip-components=2 ant-contrib/lib/ant-contrib.jar | ||
RUN ln -s /usr/local/apache-ant-1.10.9/bin/ant /usr/bin/ant | ||
|
||
# Create user jenkins with random password. Prevents locked user account that makes SSH'ing into | ||
# the container impossible. | ||
RUN groupadd -g 10001 jenkins | ||
RUN useradd -p $(tr -dc A-Za-z0-9 </dev/urandom | head -c 16) -s /bin/bash -m -d /home/jenkins -u 10000 -g 10001 jenkins | ||
RUN mkdir /home/jenkins/.ssh | ||
RUN echo "Jenkins_User_SSHKey" > /home/jenkins/.ssh/authorized_keys | ||
RUN chown -R jenkins:jenkins /home/jenkins/.ssh | ||
RUN chmod -R "g=,o=" /home/jenkins/.ssh | ||
|
||
# Remove temporary files. | ||
RUN rm -rf /tmp/jdk21.tar.gz /tmp/ant* /tmp/ant-contrib* /tmp/jdk21.sig | ||
|
||
# Start container with docker run -p 2222:22 UUID. | ||
CMD ["/usr/sbin/sshd","-D"] | ||
EXPOSE 22 |