-
Notifications
You must be signed in to change notification settings - Fork 476
/
Dockerfile-windows.template
95 lines (87 loc) · 4.03 KB
/
Dockerfile-windows.template
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
FROM mcr.microsoft.com/windows/{{ env.windowsVariant }}:{{ env.windowsRelease }}
{{ if env.windowsVariant == "servercore" then ( -}}
# $ProgressPreference: https://github.com/PowerShell/PowerShell/issues/2138#issuecomment-251261324
SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
# enable TLS 1.2
# https://docs.microsoft.com/en-us/system-center/vmm/install-tls?view=sc-vmm-1801
# https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-protocols-in-ad-fs#enable-tls-12
RUN Write-Host 'Enabling TLS 1.2 (https://githubengineering.com/crypto-removal-notice/) ...'; \
$tls12RegBase = 'HKLM:\\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2'; \
if (Test-Path $tls12RegBase) { throw ('"{0}" already exists!' -f $tls12RegBase) }; \
New-Item -Path ('{0}/Client' -f $tls12RegBase) -Force; \
New-Item -Path ('{0}/Server' -f $tls12RegBase) -Force; \
New-ItemProperty -Path ('{0}/Client' -f $tls12RegBase) -Name 'DisabledByDefault' -PropertyType DWORD -Value 0 -Force; \
New-ItemProperty -Path ('{0}/Client' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force; \
New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'DisabledByDefault' -PropertyType DWORD -Value 0 -Force; \
New-ItemProperty -Path ('{0}/Server' -f $tls12RegBase) -Name 'Enabled' -PropertyType DWORD -Value 1 -Force; \
Write-Host 'Complete.'
ENV JAVA_HOME C:\\openjdk-{{ env.version }}
RUN $newPath = ('{0}\bin;{1}' -f $env:JAVA_HOME, $env:PATH); \
Write-Host ('Updating PATH: {0}' -f $newPath); \
setx /M PATH $newPath; \
Write-Host 'Complete.'
{{ ) else ( -}}
SHELL ["cmd", "/s", "/c"]
ENV JAVA_HOME C:\\openjdk-{{ env.version }}
# "ERROR: Access to the registry path is denied."
USER ContainerAdministrator
RUN echo Updating PATH: %JAVA_HOME%\bin;%PATH% \
&& setx /M PATH %JAVA_HOME%\bin;%PATH% \
&& echo Complete.
USER ContainerUser
{{ ) end -}}
# https://jdk.java.net/
# >
# > Java Development Kit builds, from Oracle
# >
ENV JAVA_VERSION {{ .version }}
{{ if env.windowsVariant == "servercore" then ( -}}
{{ # TODO $env:PROCESSOR_ARCHITECTURE for arm64v8 someday (https://superuser.com/a/1441469/101945) -}}
ENV JAVA_URL {{ .[env.javaType].arches["windows-amd64"].url }}
{{ if .[env.javaType].arches["windows-amd64"] | has("sha256") then ( -}}
ENV JAVA_SHA256 {{ .[env.javaType].arches["windows-amd64"].sha256 }}
{{ ) else "" end -}}
{{ ) else "" end -}}
{{ if env.windowsVariant == "servercore" then ( -}}
RUN Write-Host ('Downloading {0} ...' -f $env:JAVA_URL); \
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; \
Invoke-WebRequest -Uri $env:JAVA_URL -OutFile 'openjdk.zip'; \
{{ if .[env.javaType].arches["windows-amd64"] | has("sha256") then ( -}}
Write-Host ('Verifying sha256 ({0}) ...' -f $env:JAVA_SHA256); \
if ((Get-FileHash openjdk.zip -Algorithm sha256).Hash -ne $env:JAVA_SHA256) { \
Write-Host 'FAILED!'; \
exit 1; \
}; \
{{ ) else ( -}}
# TODO signature? checksum?
{{ ) end -}}
\
Write-Host 'Expanding ...'; \
New-Item -ItemType Directory -Path C:\temp | Out-Null; \
Expand-Archive openjdk.zip -DestinationPath C:\temp; \
Move-Item -Path C:\temp\* -Destination $env:JAVA_HOME; \
Remove-Item C:\temp; \
\
Write-Host 'Removing ...'; \
Remove-Item openjdk.zip -Force; \
\
Write-Host 'Verifying install ...'; \
{{ if env.javaType == "jdk" then ( -}}
Write-Host ' javac --version'; javac --version; \
{{ ) else "" end -}}
Write-Host ' java --version'; java --version; \
\
Write-Host 'Complete.'
{{ ) else ( -}}
COPY --from=openjdk:{{ .version | gsub("[+]"; "-") }}-{{ env.javaType }}-windowsservercore-{{ env.windowsRelease }} $JAVA_HOME $JAVA_HOME
RUN echo Verifying install ... \
{{ if env.javaType == "jdk" then ( -}}
&& echo javac --version && javac --version \
{{ ) else "" end -}}
&& echo java --version && java --version \
&& echo Complete.
{{ ) end -}}
{{ if env.javaType == "jdk" then ( -}}
# "jshell" is an interactive REPL for Java (see https://en.wikipedia.org/wiki/JShell)
CMD ["jshell"]
{{ ) else "" end -}}