mirror of
https://github.com/octoleo/plantuml-server.git
synced 2024-12-22 16:58:54 +00:00
update docker base images and reduce size
There were same base image and naming changes for the jetty and tomcat images plantuml-server uses => plantuml-server uses a pretty old and vulnerable images. - update base images for jetty and tomcat - add a alpine version for jetty (not tomcat has no official alpine version) - add autoremove and clean commands after graphviz installation. This reduces the images by about ~280 MB
This commit is contained in:
parent
323aad1525
commit
5d7c4e1a03
@ -1,4 +1,4 @@
|
|||||||
FROM maven:3-jdk-11-slim AS builder
|
FROM maven:3-eclipse-temurin-11 AS builder
|
||||||
|
|
||||||
COPY pom.xml /app/
|
COPY pom.xml /app/
|
||||||
COPY src/main /app/src/main/
|
COPY src/main /app/src/main/
|
||||||
@ -8,7 +8,7 @@ RUN mvn --batch-mode --define java.net.useSystemProxies=true package
|
|||||||
|
|
||||||
########################################################################################
|
########################################################################################
|
||||||
|
|
||||||
FROM jetty:11.0.15-jre11-slim
|
FROM jetty:11.0.15-jre11
|
||||||
|
|
||||||
# Proxy and OldProxy need empty path segments support in URIs
|
# Proxy and OldProxy need empty path segments support in URIs
|
||||||
# Hence: allow AMBIGUOUS_EMPTY_SEGMENT
|
# Hence: allow AMBIGUOUS_EMPTY_SEGMENT
|
||||||
@ -16,8 +16,10 @@ FROM jetty:11.0.15-jre11-slim
|
|||||||
RUN sed -i 's/# jetty\.httpConfig\.uriCompliance=DEFAULT/jetty.httpConfig.uriCompliance=DEFAULT,AMBIGUOUS_EMPTY_SEGMENT/g' /var/lib/jetty/start.d/server.ini
|
RUN sed -i 's/# jetty\.httpConfig\.uriCompliance=DEFAULT/jetty.httpConfig.uriCompliance=DEFAULT,AMBIGUOUS_EMPTY_SEGMENT/g' /var/lib/jetty/start.d/server.ini
|
||||||
|
|
||||||
USER root
|
USER root
|
||||||
|
|
||||||
RUN apt-get update && \
|
RUN apt-get update && \
|
||||||
apt-get install -y --no-install-recommends \
|
apt-get install -y --no-install-recommends \
|
||||||
|
curl \
|
||||||
fonts-noto-cjk \
|
fonts-noto-cjk \
|
||||||
libgd3 \
|
libgd3 \
|
||||||
&& \
|
&& \
|
||||||
@ -29,7 +31,6 @@ ARG GRAPHVIZ_VERSION=8.0.2
|
|||||||
ARG GRAPHVIZ_BUILD_DIR=/tmp/graphiz-build
|
ARG GRAPHVIZ_BUILD_DIR=/tmp/graphiz-build
|
||||||
RUN apt-get update && \
|
RUN apt-get update && \
|
||||||
apt-get install -y --no-install-recommends \
|
apt-get install -y --no-install-recommends \
|
||||||
curl \
|
|
||||||
build-essential \
|
build-essential \
|
||||||
libexpat1-dev \
|
libexpat1-dev \
|
||||||
libgd-dev \
|
libgd-dev \
|
||||||
@ -49,6 +50,8 @@ RUN apt-get update && \
|
|||||||
libgd-dev \
|
libgd-dev \
|
||||||
zlib1g-dev \
|
zlib1g-dev \
|
||||||
&& \
|
&& \
|
||||||
|
apt-get autoremove -y && \
|
||||||
|
apt-get clean & \
|
||||||
rm -rf /var/lib/apt/lists/* && \
|
rm -rf /var/lib/apt/lists/* && \
|
||||||
rm -rf $GRAPHVIZ_BUILD_DIR
|
rm -rf $GRAPHVIZ_BUILD_DIR
|
||||||
|
|
||||||
@ -63,11 +66,11 @@ RUN rm -rf $WEBAPP_PATH && \
|
|||||||
COPY --from=builder /app/target/plantuml.war /plantuml.war
|
COPY --from=builder /app/target/plantuml.war /plantuml.war
|
||||||
COPY ROOT.jetty.xml $WEBAPP_PATH/ROOT.xml
|
COPY ROOT.jetty.xml $WEBAPP_PATH/ROOT.xml
|
||||||
|
|
||||||
ENTRYPOINT ["/entrypoint.sh"]
|
|
||||||
# Openshift https://docs.openshift.com/container-platform/4.9/openshift_images/create-images.html#images-create-guide-openshift_create-images
|
# Openshift https://docs.openshift.com/container-platform/4.9/openshift_images/create-images.html#images-create-guide-openshift_create-images
|
||||||
USER root
|
USER root
|
||||||
RUN chgrp -R 0 $JETTY_BASE && chmod -R g=u $JETTY_BASE
|
RUN chgrp -R 0 $JETTY_BASE && chmod -R g=u $JETTY_BASE
|
||||||
RUN chgrp -R 0 /tmp && chmod -R g=u /tmp
|
RUN chgrp -R 0 /tmp && chmod -R g=u /tmp
|
||||||
USER jetty
|
USER jetty
|
||||||
|
|
||||||
|
ENTRYPOINT ["/entrypoint.sh"]
|
||||||
VOLUME ["/tmp/jetty"]
|
VOLUME ["/tmp/jetty"]
|
||||||
|
72
Dockerfile.jetty-alpine
Normal file
72
Dockerfile.jetty-alpine
Normal file
@ -0,0 +1,72 @@
|
|||||||
|
FROM maven:3-eclipse-temurin-11-alpine AS builder
|
||||||
|
|
||||||
|
COPY pom.xml /app/
|
||||||
|
COPY src/main /app/src/main/
|
||||||
|
|
||||||
|
WORKDIR /app
|
||||||
|
RUN mvn --batch-mode --define java.net.useSystemProxies=true package
|
||||||
|
|
||||||
|
########################################################################################
|
||||||
|
|
||||||
|
FROM jetty:11.0.15-jre11-alpine-eclipse-temurin
|
||||||
|
|
||||||
|
# Proxy and OldProxy need empty path segments support in URIs
|
||||||
|
# Hence: allow AMBIGUOUS_EMPTY_SEGMENT
|
||||||
|
# Changes are only active if `/generate-jetty-start.sh` is called!
|
||||||
|
RUN sed -i 's/# jetty\.httpConfig\.uriCompliance=DEFAULT/jetty.httpConfig.uriCompliance=DEFAULT,AMBIGUOUS_EMPTY_SEGMENT/g' /var/lib/jetty/start.d/server.ini
|
||||||
|
|
||||||
|
USER root
|
||||||
|
|
||||||
|
RUN apk add --no-cache \
|
||||||
|
curl \
|
||||||
|
font-noto-cjk \
|
||||||
|
libgd \
|
||||||
|
&& \
|
||||||
|
/generate-jetty-start.sh
|
||||||
|
|
||||||
|
#RUN apk add --no-cache graphviz
|
||||||
|
ARG GRAPHVIZ_VERSION=8.0.2
|
||||||
|
ARG GRAPHVIZ_BUILD_DIR=/tmp/graphiz-build
|
||||||
|
RUN apk add --no-cache \
|
||||||
|
g++ \
|
||||||
|
libexpat \
|
||||||
|
make \
|
||||||
|
zlib \
|
||||||
|
&& \
|
||||||
|
mkdir -p $GRAPHVIZ_BUILD_DIR && \
|
||||||
|
cd $GRAPHVIZ_BUILD_DIR && \
|
||||||
|
curl -o graphviz.tar.gz https://gitlab.com/api/v4/projects/4207231/packages/generic/graphviz-releases/${GRAPHVIZ_VERSION}/graphviz-${GRAPHVIZ_VERSION}.tar.gz && \
|
||||||
|
tar -xzf graphviz.tar.gz && \
|
||||||
|
cd graphviz-$GRAPHVIZ_VERSION && \
|
||||||
|
./configure && \
|
||||||
|
make && \
|
||||||
|
make install && \
|
||||||
|
apk del --no-cache \
|
||||||
|
g++ \
|
||||||
|
libexpat \
|
||||||
|
make \
|
||||||
|
zlib \
|
||||||
|
&& \
|
||||||
|
rm -rf $GRAPHVIZ_BUILD_DIR
|
||||||
|
|
||||||
|
COPY docker-entrypoint.jetty.sh /entrypoint.sh
|
||||||
|
RUN chmod +x /entrypoint.sh
|
||||||
|
|
||||||
|
USER jetty
|
||||||
|
|
||||||
|
ENV WEBAPP_PATH=$JETTY_BASE/webapps
|
||||||
|
RUN rm -rf $WEBAPP_PATH && \
|
||||||
|
mkdir -p $WEBAPP_PATH
|
||||||
|
COPY --from=builder /app/target/plantuml.war /plantuml.war
|
||||||
|
COPY ROOT.jetty.xml $WEBAPP_PATH/ROOT.xml
|
||||||
|
|
||||||
|
# Openshift https://docs.openshift.com/container-platform/4.9/openshift_images/create-images.html#images-create-guide-openshift_create-images
|
||||||
|
USER root
|
||||||
|
RUN chgrp -R 0 $JETTY_BASE && \
|
||||||
|
chmod -R g=u $JETTY_BASE
|
||||||
|
RUN chgrp -R 0 /tmp && \
|
||||||
|
chmod -R g=u /tmp
|
||||||
|
USER jetty
|
||||||
|
|
||||||
|
ENTRYPOINT ["/entrypoint.sh"]
|
||||||
|
VOLUME ["/tmp/jetty"]
|
@ -1,4 +1,4 @@
|
|||||||
FROM maven:3-jdk-11-slim AS builder
|
FROM maven:3-eclipse-temurin-11 AS builder
|
||||||
|
|
||||||
COPY pom.xml /app/
|
COPY pom.xml /app/
|
||||||
COPY src/main /app/src/main/
|
COPY src/main /app/src/main/
|
||||||
@ -8,10 +8,11 @@ RUN mvn --batch-mode --define java.net.useSystemProxies=true -Dapache-jsp.scope=
|
|||||||
|
|
||||||
########################################################################################
|
########################################################################################
|
||||||
|
|
||||||
FROM tomcat:10-jdk11-openjdk-slim
|
FROM tomcat:10-jdk11
|
||||||
|
|
||||||
RUN apt-get update && \
|
RUN apt-get update && \
|
||||||
apt-get install -y --no-install-recommends \
|
apt-get install -y --no-install-recommends \
|
||||||
|
curl \
|
||||||
fonts-noto-cjk \
|
fonts-noto-cjk \
|
||||||
libgd3 \
|
libgd3 \
|
||||||
&& \
|
&& \
|
||||||
@ -22,7 +23,6 @@ ARG GRAPHVIZ_VERSION=8.0.2
|
|||||||
ARG GRAPHVIZ_BUILD_DIR=/tmp/graphiz-build
|
ARG GRAPHVIZ_BUILD_DIR=/tmp/graphiz-build
|
||||||
RUN apt-get update && \
|
RUN apt-get update && \
|
||||||
apt-get install -y --no-install-recommends \
|
apt-get install -y --no-install-recommends \
|
||||||
curl \
|
|
||||||
build-essential \
|
build-essential \
|
||||||
libexpat1-dev \
|
libexpat1-dev \
|
||||||
libgd-dev \
|
libgd-dev \
|
||||||
@ -42,6 +42,8 @@ RUN apt-get update && \
|
|||||||
libgd-dev \
|
libgd-dev \
|
||||||
zlib1g-dev \
|
zlib1g-dev \
|
||||||
&& \
|
&& \
|
||||||
|
apt-get autoremove -y && \
|
||||||
|
apt-get clean & \
|
||||||
rm -rf /var/lib/apt/lists/* && \
|
rm -rf /var/lib/apt/lists/* && \
|
||||||
rm -rf $GRAPHVIZ_BUILD_DIR
|
rm -rf $GRAPHVIZ_BUILD_DIR
|
||||||
|
|
||||||
@ -53,8 +55,8 @@ RUN rm -rf $WEBAPP_PATH && \
|
|||||||
mkdir -p $WEBAPP_PATH
|
mkdir -p $WEBAPP_PATH
|
||||||
COPY --from=builder /app/target/plantuml.war /plantuml.war
|
COPY --from=builder /app/target/plantuml.war /plantuml.war
|
||||||
|
|
||||||
|
# Openshift https://docs.openshift.com/container-platform/4.9/openshift_images/create-images.html#images-create-guide-openshift_create-images
|
||||||
|
RUN chgrp -R 0 $CATALINA_HOME && chmod -R g=u $CATALINA_HOME
|
||||||
|
|
||||||
ENTRYPOINT ["/entrypoint.sh"]
|
ENTRYPOINT ["/entrypoint.sh"]
|
||||||
CMD ["catalina.sh", "run"]
|
CMD ["catalina.sh", "run"]
|
||||||
# Openshift https://docs.openshift.com/container-platform/4.9/openshift_images/create-images.html#images-create-guide-openshift_create-images
|
|
||||||
USER root
|
|
||||||
RUN chgrp -R 0 $CATALINA_HOME && chmod -R g=u $CATALINA_HOME
|
|
||||||
|
Loading…
Reference in New Issue
Block a user