mirror of
https://github.com/octoleo/plantuml-server.git
synced 2024-12-22 00:38:54 +00:00
update docker base images and reduce size
There were same base image and naming changes for the jetty and tomcat images plantuml-server uses => plantuml-server uses a pretty old and vulnerable images. - update base images for jetty and tomcat - add a alpine version for jetty (not tomcat has no official alpine version) - add autoremove and clean commands after graphviz installation. This reduces the images by about ~280 MB
This commit is contained in:
parent
323aad1525
commit
5d7c4e1a03
@ -1,4 +1,4 @@
|
||||
FROM maven:3-jdk-11-slim AS builder
|
||||
FROM maven:3-eclipse-temurin-11 AS builder
|
||||
|
||||
COPY pom.xml /app/
|
||||
COPY src/main /app/src/main/
|
||||
@ -8,7 +8,7 @@ RUN mvn --batch-mode --define java.net.useSystemProxies=true package
|
||||
|
||||
########################################################################################
|
||||
|
||||
FROM jetty:11.0.15-jre11-slim
|
||||
FROM jetty:11.0.15-jre11
|
||||
|
||||
# Proxy and OldProxy need empty path segments support in URIs
|
||||
# Hence: allow AMBIGUOUS_EMPTY_SEGMENT
|
||||
@ -16,8 +16,10 @@ FROM jetty:11.0.15-jre11-slim
|
||||
RUN sed -i 's/# jetty\.httpConfig\.uriCompliance=DEFAULT/jetty.httpConfig.uriCompliance=DEFAULT,AMBIGUOUS_EMPTY_SEGMENT/g' /var/lib/jetty/start.d/server.ini
|
||||
|
||||
USER root
|
||||
|
||||
RUN apt-get update && \
|
||||
apt-get install -y --no-install-recommends \
|
||||
curl \
|
||||
fonts-noto-cjk \
|
||||
libgd3 \
|
||||
&& \
|
||||
@ -29,7 +31,6 @@ ARG GRAPHVIZ_VERSION=8.0.2
|
||||
ARG GRAPHVIZ_BUILD_DIR=/tmp/graphiz-build
|
||||
RUN apt-get update && \
|
||||
apt-get install -y --no-install-recommends \
|
||||
curl \
|
||||
build-essential \
|
||||
libexpat1-dev \
|
||||
libgd-dev \
|
||||
@ -49,6 +50,8 @@ RUN apt-get update && \
|
||||
libgd-dev \
|
||||
zlib1g-dev \
|
||||
&& \
|
||||
apt-get autoremove -y && \
|
||||
apt-get clean & \
|
||||
rm -rf /var/lib/apt/lists/* && \
|
||||
rm -rf $GRAPHVIZ_BUILD_DIR
|
||||
|
||||
@ -63,11 +66,11 @@ RUN rm -rf $WEBAPP_PATH && \
|
||||
COPY --from=builder /app/target/plantuml.war /plantuml.war
|
||||
COPY ROOT.jetty.xml $WEBAPP_PATH/ROOT.xml
|
||||
|
||||
ENTRYPOINT ["/entrypoint.sh"]
|
||||
# Openshift https://docs.openshift.com/container-platform/4.9/openshift_images/create-images.html#images-create-guide-openshift_create-images
|
||||
USER root
|
||||
RUN chgrp -R 0 $JETTY_BASE && chmod -R g=u $JETTY_BASE
|
||||
RUN chgrp -R 0 /tmp && chmod -R g=u /tmp
|
||||
USER jetty
|
||||
|
||||
ENTRYPOINT ["/entrypoint.sh"]
|
||||
VOLUME ["/tmp/jetty"]
|
||||
|
72
Dockerfile.jetty-alpine
Normal file
72
Dockerfile.jetty-alpine
Normal file
@ -0,0 +1,72 @@
|
||||
FROM maven:3-eclipse-temurin-11-alpine AS builder
|
||||
|
||||
COPY pom.xml /app/
|
||||
COPY src/main /app/src/main/
|
||||
|
||||
WORKDIR /app
|
||||
RUN mvn --batch-mode --define java.net.useSystemProxies=true package
|
||||
|
||||
########################################################################################
|
||||
|
||||
FROM jetty:11.0.15-jre11-alpine-eclipse-temurin
|
||||
|
||||
# Proxy and OldProxy need empty path segments support in URIs
|
||||
# Hence: allow AMBIGUOUS_EMPTY_SEGMENT
|
||||
# Changes are only active if `/generate-jetty-start.sh` is called!
|
||||
RUN sed -i 's/# jetty\.httpConfig\.uriCompliance=DEFAULT/jetty.httpConfig.uriCompliance=DEFAULT,AMBIGUOUS_EMPTY_SEGMENT/g' /var/lib/jetty/start.d/server.ini
|
||||
|
||||
USER root
|
||||
|
||||
RUN apk add --no-cache \
|
||||
curl \
|
||||
font-noto-cjk \
|
||||
libgd \
|
||||
&& \
|
||||
/generate-jetty-start.sh
|
||||
|
||||
#RUN apk add --no-cache graphviz
|
||||
ARG GRAPHVIZ_VERSION=8.0.2
|
||||
ARG GRAPHVIZ_BUILD_DIR=/tmp/graphiz-build
|
||||
RUN apk add --no-cache \
|
||||
g++ \
|
||||
libexpat \
|
||||
make \
|
||||
zlib \
|
||||
&& \
|
||||
mkdir -p $GRAPHVIZ_BUILD_DIR && \
|
||||
cd $GRAPHVIZ_BUILD_DIR && \
|
||||
curl -o graphviz.tar.gz https://gitlab.com/api/v4/projects/4207231/packages/generic/graphviz-releases/${GRAPHVIZ_VERSION}/graphviz-${GRAPHVIZ_VERSION}.tar.gz && \
|
||||
tar -xzf graphviz.tar.gz && \
|
||||
cd graphviz-$GRAPHVIZ_VERSION && \
|
||||
./configure && \
|
||||
make && \
|
||||
make install && \
|
||||
apk del --no-cache \
|
||||
g++ \
|
||||
libexpat \
|
||||
make \
|
||||
zlib \
|
||||
&& \
|
||||
rm -rf $GRAPHVIZ_BUILD_DIR
|
||||
|
||||
COPY docker-entrypoint.jetty.sh /entrypoint.sh
|
||||
RUN chmod +x /entrypoint.sh
|
||||
|
||||
USER jetty
|
||||
|
||||
ENV WEBAPP_PATH=$JETTY_BASE/webapps
|
||||
RUN rm -rf $WEBAPP_PATH && \
|
||||
mkdir -p $WEBAPP_PATH
|
||||
COPY --from=builder /app/target/plantuml.war /plantuml.war
|
||||
COPY ROOT.jetty.xml $WEBAPP_PATH/ROOT.xml
|
||||
|
||||
# Openshift https://docs.openshift.com/container-platform/4.9/openshift_images/create-images.html#images-create-guide-openshift_create-images
|
||||
USER root
|
||||
RUN chgrp -R 0 $JETTY_BASE && \
|
||||
chmod -R g=u $JETTY_BASE
|
||||
RUN chgrp -R 0 /tmp && \
|
||||
chmod -R g=u /tmp
|
||||
USER jetty
|
||||
|
||||
ENTRYPOINT ["/entrypoint.sh"]
|
||||
VOLUME ["/tmp/jetty"]
|
@ -1,4 +1,4 @@
|
||||
FROM maven:3-jdk-11-slim AS builder
|
||||
FROM maven:3-eclipse-temurin-11 AS builder
|
||||
|
||||
COPY pom.xml /app/
|
||||
COPY src/main /app/src/main/
|
||||
@ -8,10 +8,11 @@ RUN mvn --batch-mode --define java.net.useSystemProxies=true -Dapache-jsp.scope=
|
||||
|
||||
########################################################################################
|
||||
|
||||
FROM tomcat:10-jdk11-openjdk-slim
|
||||
FROM tomcat:10-jdk11
|
||||
|
||||
RUN apt-get update && \
|
||||
apt-get install -y --no-install-recommends \
|
||||
curl \
|
||||
fonts-noto-cjk \
|
||||
libgd3 \
|
||||
&& \
|
||||
@ -22,7 +23,6 @@ ARG GRAPHVIZ_VERSION=8.0.2
|
||||
ARG GRAPHVIZ_BUILD_DIR=/tmp/graphiz-build
|
||||
RUN apt-get update && \
|
||||
apt-get install -y --no-install-recommends \
|
||||
curl \
|
||||
build-essential \
|
||||
libexpat1-dev \
|
||||
libgd-dev \
|
||||
@ -42,6 +42,8 @@ RUN apt-get update && \
|
||||
libgd-dev \
|
||||
zlib1g-dev \
|
||||
&& \
|
||||
apt-get autoremove -y && \
|
||||
apt-get clean & \
|
||||
rm -rf /var/lib/apt/lists/* && \
|
||||
rm -rf $GRAPHVIZ_BUILD_DIR
|
||||
|
||||
@ -53,8 +55,8 @@ RUN rm -rf $WEBAPP_PATH && \
|
||||
mkdir -p $WEBAPP_PATH
|
||||
COPY --from=builder /app/target/plantuml.war /plantuml.war
|
||||
|
||||
# Openshift https://docs.openshift.com/container-platform/4.9/openshift_images/create-images.html#images-create-guide-openshift_create-images
|
||||
RUN chgrp -R 0 $CATALINA_HOME && chmod -R g=u $CATALINA_HOME
|
||||
|
||||
ENTRYPOINT ["/entrypoint.sh"]
|
||||
CMD ["catalina.sh", "run"]
|
||||
# Openshift https://docs.openshift.com/container-platform/4.9/openshift_images/create-images.html#images-create-guide-openshift_create-images
|
||||
USER root
|
||||
RUN chgrp -R 0 $CATALINA_HOME && chmod -R g=u $CATALINA_HOME
|
||||
|
Loading…
Reference in New Issue
Block a user