diff --git a/10.1/jdk11/corretto-al2023/Dockerfile b/10.1/jdk11/corretto-al2023/Dockerfile new file mode 100644 index 000000000..eb5f37555 --- /dev/null +++ b/10.1/jdk11/corretto-al2023/Dockerfile @@ -0,0 +1,152 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:11-al2023-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ + local pkg todo=''; \ + for pkg; do \ + if ! rpm --query "$pkg" > /dev/null 2>&1; then \ + todo="$todo $pkg"; \ + fi; \ + done; \ + if [ -n "$todo" ]; then \ + set -x; \ + dnf install -y $todo; \ + dnf mark remove $todo; \ + fi; \ + ) }; \ + _install_temporary gzip tar; \ +# gnupg2-minimal (installed by default) conflicts with gnupg2 and does not include dirmngr so cannot fetch keys + dnf install -y --allowerasing gnupg2; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + _install_temporary \ + apr-devel \ + findutils \ + gcc \ + make \ + openssl-devel \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt rpm --query --whatprovides \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r dnf mark install \ + ; \ + \ +# clean up anything added temporarily and not later marked as necessary + dnf autoremove -y; \ + dnf clean all; \ + rm -rf /var/cache/dnf; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk11/corretto-alpine3.16/Dockerfile b/10.1/jdk11/corretto-alpine3.16/Dockerfile new file mode 100644 index 000000000..c7ee9f504 --- /dev/null +++ b/10.1/jdk11/corretto-alpine3.16/Dockerfile @@ -0,0 +1,133 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:11-alpine3.16-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl3-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ +# https://git.alpinelinux.org/aports/tree/main/openssl3/APKBUILD?h=3.16-stable#n23 ("sonameprefix") +# see also "apk info --all libssl3" ("so:openssl3:so:libssl.so.3=3" under "provides:") + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { if ($1 ~ /libssl|libcrypto/) { print "so:openssl3:so:" $1 } else { print "so:" $1 } }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk11/corretto-alpine3.17/Dockerfile b/10.1/jdk11/corretto-alpine3.17/Dockerfile new file mode 100644 index 000000000..bfaa2c0ab --- /dev/null +++ b/10.1/jdk11/corretto-alpine3.17/Dockerfile @@ -0,0 +1,131 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:11-alpine3.17-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl3-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk11/corretto-alpine3.18/Dockerfile b/10.1/jdk11/corretto-alpine3.18/Dockerfile new file mode 100644 index 000000000..2ad8bf645 --- /dev/null +++ b/10.1/jdk11/corretto-alpine3.18/Dockerfile @@ -0,0 +1,131 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:11-alpine3.18-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl3-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk11/corretto-alpine3.19/Dockerfile b/10.1/jdk11/corretto-alpine3.19/Dockerfile new file mode 100644 index 000000000..077e75910 --- /dev/null +++ b/10.1/jdk11/corretto-alpine3.19/Dockerfile @@ -0,0 +1,131 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:11-alpine3.19-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl3-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk11/sapmachine/Dockerfile b/10.1/jdk11/sapmachine/Dockerfile new file mode 100644 index 000000000..0f0aaa4f4 --- /dev/null +++ b/10.1/jdk11/sapmachine/Dockerfile @@ -0,0 +1,145 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM sapmachine:11 + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk11/semeru-jammy/Dockerfile b/10.1/jdk11/semeru-jammy/Dockerfile new file mode 100644 index 000000000..7585e8c49 --- /dev/null +++ b/10.1/jdk11/semeru-jammy/Dockerfile @@ -0,0 +1,145 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-11-jdk-jammy + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk11/temurin-alpine/Dockerfile b/10.1/jdk11/temurin-alpine/Dockerfile new file mode 100644 index 000000000..ab897852b --- /dev/null +++ b/10.1/jdk11/temurin-alpine/Dockerfile @@ -0,0 +1,135 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:11-jdk-alpine + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl3-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk11/temurin-jammy/Dockerfile b/10.1/jdk11/temurin-jammy/Dockerfile index 757783fbf..e9f96a9dc 100644 --- a/10.1/jdk11/temurin-jammy/Dockerfile +++ b/10.1/jdk11/temurin-jammy/Dockerfile @@ -102,6 +102,15 @@ RUN set -eux; \ rm -rf "$nativeBuildDir"; \ rm bin/tomcat-native.tar.gz; \ \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ # reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies apt-mark auto '.*' > /dev/null; \ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ @@ -119,15 +128,6 @@ RUN set -eux; \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ rm -rf /var/lib/apt/lists/*; \ \ -# sh removes env vars it doesn't support (ones with periods) -# https://github.com/docker-library/tomcat/issues/77 - find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ - \ -# fix permissions (especially for running as non-root) -# https://github.com/docker-library/tomcat/issues/35 - chmod -R +rX .; \ - chmod 1777 logs temp work; \ - \ # smoke test catalina.sh version diff --git a/10.1/jdk11/temurin-ubi9-minimal/Dockerfile b/10.1/jdk11/temurin-ubi9-minimal/Dockerfile new file mode 100644 index 000000000..8161a0517 --- /dev/null +++ b/10.1/jdk11/temurin-ubi9-minimal/Dockerfile @@ -0,0 +1,158 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:11-jdk-ubi9-minimal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ +# removing dnf after it is installed gets really hairy, so we'll just live with it (since we need it for "dnf mark") + microdnf install -y dnf; \ +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ + local pkg todo=''; \ + for pkg; do \ + if ! rpm --query "$pkg" > /dev/null 2>&1; then \ + todo="$todo $pkg"; \ + fi; \ + done; \ + if [ -n "$todo" ]; then \ + set -x; \ + dnf install -y $todo; \ + dnf mark remove $todo; \ + fi; \ + ) }; \ + _install_temporary gzip tar; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + _install_temporary \ + apr-devel \ + findutils \ + gcc \ + make \ + openssl-devel \ +# "gcc: error: /usr/lib/rpm/redhat/redhat-hardened-cc1: No such file or directory" + redhat-rpm-config \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt rpm --query --whatprovides \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r dnf mark install \ + ; \ + \ +# clean up anything added temporarily and not later marked as necessary + dnf autoremove -y; \ + dnf clean all; \ + rm -rf /var/cache/dnf; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk17/corretto-al2023/Dockerfile b/10.1/jdk17/corretto-al2023/Dockerfile new file mode 100644 index 000000000..0db74491e --- /dev/null +++ b/10.1/jdk17/corretto-al2023/Dockerfile @@ -0,0 +1,152 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:17-al2023-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ + local pkg todo=''; \ + for pkg; do \ + if ! rpm --query "$pkg" > /dev/null 2>&1; then \ + todo="$todo $pkg"; \ + fi; \ + done; \ + if [ -n "$todo" ]; then \ + set -x; \ + dnf install -y $todo; \ + dnf mark remove $todo; \ + fi; \ + ) }; \ + _install_temporary gzip tar; \ +# gnupg2-minimal (installed by default) conflicts with gnupg2 and does not include dirmngr so cannot fetch keys + dnf install -y --allowerasing gnupg2; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + _install_temporary \ + apr-devel \ + findutils \ + gcc \ + make \ + openssl-devel \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt rpm --query --whatprovides \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r dnf mark install \ + ; \ + \ +# clean up anything added temporarily and not later marked as necessary + dnf autoremove -y; \ + dnf clean all; \ + rm -rf /var/cache/dnf; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk17/corretto-alpine3.16/Dockerfile b/10.1/jdk17/corretto-alpine3.16/Dockerfile new file mode 100644 index 000000000..1f9f4b445 --- /dev/null +++ b/10.1/jdk17/corretto-alpine3.16/Dockerfile @@ -0,0 +1,133 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:17-alpine3.16-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl3-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ +# https://git.alpinelinux.org/aports/tree/main/openssl3/APKBUILD?h=3.16-stable#n23 ("sonameprefix") +# see also "apk info --all libssl3" ("so:openssl3:so:libssl.so.3=3" under "provides:") + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { if ($1 ~ /libssl|libcrypto/) { print "so:openssl3:so:" $1 } else { print "so:" $1 } }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk17/corretto-alpine3.17/Dockerfile b/10.1/jdk17/corretto-alpine3.17/Dockerfile new file mode 100644 index 000000000..63f45802a --- /dev/null +++ b/10.1/jdk17/corretto-alpine3.17/Dockerfile @@ -0,0 +1,131 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:17-alpine3.17-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl3-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk17/corretto-alpine3.18/Dockerfile b/10.1/jdk17/corretto-alpine3.18/Dockerfile new file mode 100644 index 000000000..d1f6e8bfb --- /dev/null +++ b/10.1/jdk17/corretto-alpine3.18/Dockerfile @@ -0,0 +1,131 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:17-alpine3.18-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl3-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk17/corretto-alpine3.19/Dockerfile b/10.1/jdk17/corretto-alpine3.19/Dockerfile new file mode 100644 index 000000000..e0c9bb0c3 --- /dev/null +++ b/10.1/jdk17/corretto-alpine3.19/Dockerfile @@ -0,0 +1,131 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:17-alpine3.19-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl3-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk17/sapmachine/Dockerfile b/10.1/jdk17/sapmachine/Dockerfile new file mode 100644 index 000000000..09d89c069 --- /dev/null +++ b/10.1/jdk17/sapmachine/Dockerfile @@ -0,0 +1,145 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM sapmachine:17 + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk17/semeru-jammy/Dockerfile b/10.1/jdk17/semeru-jammy/Dockerfile new file mode 100644 index 000000000..6a1a3f1d9 --- /dev/null +++ b/10.1/jdk17/semeru-jammy/Dockerfile @@ -0,0 +1,145 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-17-jdk-jammy + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk17/temurin-alpine/Dockerfile b/10.1/jdk17/temurin-alpine/Dockerfile new file mode 100644 index 000000000..826b35191 --- /dev/null +++ b/10.1/jdk17/temurin-alpine/Dockerfile @@ -0,0 +1,135 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:17-jdk-alpine + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl3-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk17/temurin-jammy/Dockerfile b/10.1/jdk17/temurin-jammy/Dockerfile index 984b087bd..8f24559e8 100644 --- a/10.1/jdk17/temurin-jammy/Dockerfile +++ b/10.1/jdk17/temurin-jammy/Dockerfile @@ -102,6 +102,15 @@ RUN set -eux; \ rm -rf "$nativeBuildDir"; \ rm bin/tomcat-native.tar.gz; \ \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ # reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies apt-mark auto '.*' > /dev/null; \ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ @@ -119,15 +128,6 @@ RUN set -eux; \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ rm -rf /var/lib/apt/lists/*; \ \ -# sh removes env vars it doesn't support (ones with periods) -# https://github.com/docker-library/tomcat/issues/77 - find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ - \ -# fix permissions (especially for running as non-root) -# https://github.com/docker-library/tomcat/issues/35 - chmod -R +rX .; \ - chmod 1777 logs temp work; \ - \ # smoke test catalina.sh version diff --git a/10.1/jdk17/temurin-ubi9-minimal/Dockerfile b/10.1/jdk17/temurin-ubi9-minimal/Dockerfile new file mode 100644 index 000000000..7f52d49af --- /dev/null +++ b/10.1/jdk17/temurin-ubi9-minimal/Dockerfile @@ -0,0 +1,158 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:17-jdk-ubi9-minimal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ +# removing dnf after it is installed gets really hairy, so we'll just live with it (since we need it for "dnf mark") + microdnf install -y dnf; \ +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ + local pkg todo=''; \ + for pkg; do \ + if ! rpm --query "$pkg" > /dev/null 2>&1; then \ + todo="$todo $pkg"; \ + fi; \ + done; \ + if [ -n "$todo" ]; then \ + set -x; \ + dnf install -y $todo; \ + dnf mark remove $todo; \ + fi; \ + ) }; \ + _install_temporary gzip tar; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + _install_temporary \ + apr-devel \ + findutils \ + gcc \ + make \ + openssl-devel \ +# "gcc: error: /usr/lib/rpm/redhat/redhat-hardened-cc1: No such file or directory" + redhat-rpm-config \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt rpm --query --whatprovides \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r dnf mark install \ + ; \ + \ +# clean up anything added temporarily and not later marked as necessary + dnf autoremove -y; \ + dnf clean all; \ + rm -rf /var/cache/dnf; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk21/corretto-al2023/Dockerfile b/10.1/jdk21/corretto-al2023/Dockerfile new file mode 100644 index 000000000..8ed15322e --- /dev/null +++ b/10.1/jdk21/corretto-al2023/Dockerfile @@ -0,0 +1,152 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:21-al2023-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ + local pkg todo=''; \ + for pkg; do \ + if ! rpm --query "$pkg" > /dev/null 2>&1; then \ + todo="$todo $pkg"; \ + fi; \ + done; \ + if [ -n "$todo" ]; then \ + set -x; \ + dnf install -y $todo; \ + dnf mark remove $todo; \ + fi; \ + ) }; \ + _install_temporary gzip tar; \ +# gnupg2-minimal (installed by default) conflicts with gnupg2 and does not include dirmngr so cannot fetch keys + dnf install -y --allowerasing gnupg2; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + _install_temporary \ + apr-devel \ + findutils \ + gcc \ + make \ + openssl-devel \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt rpm --query --whatprovides \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r dnf mark install \ + ; \ + \ +# clean up anything added temporarily and not later marked as necessary + dnf autoremove -y; \ + dnf clean all; \ + rm -rf /var/cache/dnf; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk21/corretto-alpine3.16/Dockerfile b/10.1/jdk21/corretto-alpine3.16/Dockerfile new file mode 100644 index 000000000..cb52be4b5 --- /dev/null +++ b/10.1/jdk21/corretto-alpine3.16/Dockerfile @@ -0,0 +1,133 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:21-alpine3.16-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl3-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ +# https://git.alpinelinux.org/aports/tree/main/openssl3/APKBUILD?h=3.16-stable#n23 ("sonameprefix") +# see also "apk info --all libssl3" ("so:openssl3:so:libssl.so.3=3" under "provides:") + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { if ($1 ~ /libssl|libcrypto/) { print "so:openssl3:so:" $1 } else { print "so:" $1 } }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk21/corretto-alpine3.17/Dockerfile b/10.1/jdk21/corretto-alpine3.17/Dockerfile new file mode 100644 index 000000000..073b06de3 --- /dev/null +++ b/10.1/jdk21/corretto-alpine3.17/Dockerfile @@ -0,0 +1,131 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:21-alpine3.17-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl3-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk21/corretto-alpine3.18/Dockerfile b/10.1/jdk21/corretto-alpine3.18/Dockerfile new file mode 100644 index 000000000..532c15d48 --- /dev/null +++ b/10.1/jdk21/corretto-alpine3.18/Dockerfile @@ -0,0 +1,131 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:21-alpine3.18-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl3-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk21/corretto-alpine3.19/Dockerfile b/10.1/jdk21/corretto-alpine3.19/Dockerfile new file mode 100644 index 000000000..a056f6596 --- /dev/null +++ b/10.1/jdk21/corretto-alpine3.19/Dockerfile @@ -0,0 +1,131 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:21-alpine3.19-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl3-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk21/sapmachine/Dockerfile b/10.1/jdk21/sapmachine/Dockerfile new file mode 100644 index 000000000..5f11fa151 --- /dev/null +++ b/10.1/jdk21/sapmachine/Dockerfile @@ -0,0 +1,145 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM sapmachine:21 + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk21/semeru-jammy/Dockerfile b/10.1/jdk21/semeru-jammy/Dockerfile new file mode 100644 index 000000000..9809bc121 --- /dev/null +++ b/10.1/jdk21/semeru-jammy/Dockerfile @@ -0,0 +1,145 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-21-jdk-jammy + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk21/temurin-alpine/Dockerfile b/10.1/jdk21/temurin-alpine/Dockerfile new file mode 100644 index 000000000..e7083e263 --- /dev/null +++ b/10.1/jdk21/temurin-alpine/Dockerfile @@ -0,0 +1,135 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:21-jdk-alpine + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl3-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk21/temurin-jammy/Dockerfile b/10.1/jdk21/temurin-jammy/Dockerfile index 9294e8473..076857688 100644 --- a/10.1/jdk21/temurin-jammy/Dockerfile +++ b/10.1/jdk21/temurin-jammy/Dockerfile @@ -102,6 +102,15 @@ RUN set -eux; \ rm -rf "$nativeBuildDir"; \ rm bin/tomcat-native.tar.gz; \ \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ # reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies apt-mark auto '.*' > /dev/null; \ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ @@ -119,15 +128,6 @@ RUN set -eux; \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ rm -rf /var/lib/apt/lists/*; \ \ -# sh removes env vars it doesn't support (ones with periods) -# https://github.com/docker-library/tomcat/issues/77 - find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ - \ -# fix permissions (especially for running as non-root) -# https://github.com/docker-library/tomcat/issues/35 - chmod -R +rX .; \ - chmod 1777 logs temp work; \ - \ # smoke test catalina.sh version diff --git a/10.1/jdk21/temurin-ubi9-minimal/Dockerfile b/10.1/jdk21/temurin-ubi9-minimal/Dockerfile new file mode 100644 index 000000000..36139c42e --- /dev/null +++ b/10.1/jdk21/temurin-ubi9-minimal/Dockerfile @@ -0,0 +1,158 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:21-jdk-ubi9-minimal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ +# removing dnf after it is installed gets really hairy, so we'll just live with it (since we need it for "dnf mark") + microdnf install -y dnf; \ +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ + local pkg todo=''; \ + for pkg; do \ + if ! rpm --query "$pkg" > /dev/null 2>&1; then \ + todo="$todo $pkg"; \ + fi; \ + done; \ + if [ -n "$todo" ]; then \ + set -x; \ + dnf install -y $todo; \ + dnf mark remove $todo; \ + fi; \ + ) }; \ + _install_temporary gzip tar; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + _install_temporary \ + apr-devel \ + findutils \ + gcc \ + make \ + openssl-devel \ +# "gcc: error: /usr/lib/rpm/redhat/redhat-hardened-cc1: No such file or directory" + redhat-rpm-config \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt rpm --query --whatprovides \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r dnf mark install \ + ; \ + \ +# clean up anything added temporarily and not later marked as necessary + dnf autoremove -y; \ + dnf clean all; \ + rm -rf /var/cache/dnf; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk22/corretto-al2023/Dockerfile b/10.1/jdk22/corretto-al2023/Dockerfile new file mode 100644 index 000000000..d27520ee6 --- /dev/null +++ b/10.1/jdk22/corretto-al2023/Dockerfile @@ -0,0 +1,152 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:22-al2023-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ + local pkg todo=''; \ + for pkg; do \ + if ! rpm --query "$pkg" > /dev/null 2>&1; then \ + todo="$todo $pkg"; \ + fi; \ + done; \ + if [ -n "$todo" ]; then \ + set -x; \ + dnf install -y $todo; \ + dnf mark remove $todo; \ + fi; \ + ) }; \ + _install_temporary gzip tar; \ +# gnupg2-minimal (installed by default) conflicts with gnupg2 and does not include dirmngr so cannot fetch keys + dnf install -y --allowerasing gnupg2; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + _install_temporary \ + apr-devel \ + findutils \ + gcc \ + make \ + openssl-devel \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt rpm --query --whatprovides \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r dnf mark install \ + ; \ + \ +# clean up anything added temporarily and not later marked as necessary + dnf autoremove -y; \ + dnf clean all; \ + rm -rf /var/cache/dnf; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk22/corretto-alpine3.16/Dockerfile b/10.1/jdk22/corretto-alpine3.16/Dockerfile new file mode 100644 index 000000000..6678a656c --- /dev/null +++ b/10.1/jdk22/corretto-alpine3.16/Dockerfile @@ -0,0 +1,133 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:22-alpine3.16-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl3-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ +# https://git.alpinelinux.org/aports/tree/main/openssl3/APKBUILD?h=3.16-stable#n23 ("sonameprefix") +# see also "apk info --all libssl3" ("so:openssl3:so:libssl.so.3=3" under "provides:") + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { if ($1 ~ /libssl|libcrypto/) { print "so:openssl3:so:" $1 } else { print "so:" $1 } }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk22/corretto-alpine3.17/Dockerfile b/10.1/jdk22/corretto-alpine3.17/Dockerfile new file mode 100644 index 000000000..9c743da89 --- /dev/null +++ b/10.1/jdk22/corretto-alpine3.17/Dockerfile @@ -0,0 +1,131 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:22-alpine3.17-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl3-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk22/corretto-alpine3.18/Dockerfile b/10.1/jdk22/corretto-alpine3.18/Dockerfile new file mode 100644 index 000000000..48b0f6665 --- /dev/null +++ b/10.1/jdk22/corretto-alpine3.18/Dockerfile @@ -0,0 +1,131 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:22-alpine3.18-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl3-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk22/corretto-alpine3.19/Dockerfile b/10.1/jdk22/corretto-alpine3.19/Dockerfile new file mode 100644 index 000000000..43042abbe --- /dev/null +++ b/10.1/jdk22/corretto-alpine3.19/Dockerfile @@ -0,0 +1,131 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:22-alpine3.19-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl3-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk22/sapmachine/Dockerfile b/10.1/jdk22/sapmachine/Dockerfile new file mode 100644 index 000000000..e90ddca99 --- /dev/null +++ b/10.1/jdk22/sapmachine/Dockerfile @@ -0,0 +1,145 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM sapmachine:22 + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk22/temurin-alpine/Dockerfile b/10.1/jdk22/temurin-alpine/Dockerfile new file mode 100644 index 000000000..d91d6c681 --- /dev/null +++ b/10.1/jdk22/temurin-alpine/Dockerfile @@ -0,0 +1,135 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:22-jdk-alpine + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl3-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk22/temurin-jammy/Dockerfile b/10.1/jdk22/temurin-jammy/Dockerfile new file mode 100644 index 000000000..cee924e9e --- /dev/null +++ b/10.1/jdk22/temurin-jammy/Dockerfile @@ -0,0 +1,149 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:22-jdk-jammy + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk22/temurin-ubi9-minimal/Dockerfile b/10.1/jdk22/temurin-ubi9-minimal/Dockerfile new file mode 100644 index 000000000..e03449b9f --- /dev/null +++ b/10.1/jdk22/temurin-ubi9-minimal/Dockerfile @@ -0,0 +1,158 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:22-jdk-ubi9-minimal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ +# removing dnf after it is installed gets really hairy, so we'll just live with it (since we need it for "dnf mark") + microdnf install -y dnf; \ +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ + local pkg todo=''; \ + for pkg; do \ + if ! rpm --query "$pkg" > /dev/null 2>&1; then \ + todo="$todo $pkg"; \ + fi; \ + done; \ + if [ -n "$todo" ]; then \ + set -x; \ + dnf install -y $todo; \ + dnf mark remove $todo; \ + fi; \ + ) }; \ + _install_temporary gzip tar; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + _install_temporary \ + apr-devel \ + findutils \ + gcc \ + make \ + openssl-devel \ +# "gcc: error: /usr/lib/rpm/redhat/redhat-hardened-cc1: No such file or directory" + redhat-rpm-config \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt rpm --query --whatprovides \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r dnf mark install \ + ; \ + \ +# clean up anything added temporarily and not later marked as necessary + dnf autoremove -y; \ + dnf clean all; \ + rm -rf /var/cache/dnf; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk23/openjdk-bookworm/Dockerfile b/10.1/jdk23/openjdk-bookworm/Dockerfile new file mode 100644 index 000000000..0b8e17c14 --- /dev/null +++ b/10.1/jdk23/openjdk-bookworm/Dockerfile @@ -0,0 +1,145 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM openjdk:23-jdk-bookworm + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk23/openjdk-oraclelinux9/Dockerfile b/10.1/jdk23/openjdk-oraclelinux9/Dockerfile new file mode 100644 index 000000000..afaa16c7b --- /dev/null +++ b/10.1/jdk23/openjdk-oraclelinux9/Dockerfile @@ -0,0 +1,154 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM openjdk:23-jdk-oraclelinux9 + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ +# removing dnf after it is installed gets really hairy, so we'll just live with it (since we need it for "dnf mark") + microdnf install -y dnf; \ +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ + local pkg todo=''; \ + for pkg; do \ + if ! rpm --query "$pkg" > /dev/null 2>&1; then \ + todo="$todo $pkg"; \ + fi; \ + done; \ + if [ -n "$todo" ]; then \ + set -x; \ + dnf install -y $todo; \ + dnf mark remove $todo; \ + fi; \ + ) }; \ + _install_temporary gzip tar; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + _install_temporary \ + apr-devel \ + findutils \ + gcc \ + make \ + openssl-devel \ +# "gcc: error: /usr/lib/rpm/redhat/redhat-hardened-cc1: No such file or directory" + redhat-rpm-config \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt rpm --query --whatprovides \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r dnf mark install \ + ; \ + \ +# clean up anything added temporarily and not later marked as necessary + dnf autoremove -y; \ + dnf clean all; \ + rm -rf /var/cache/dnf; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk23/openjdk-slim-bookworm/Dockerfile b/10.1/jdk23/openjdk-slim-bookworm/Dockerfile new file mode 100644 index 000000000..b3da67fd0 --- /dev/null +++ b/10.1/jdk23/openjdk-slim-bookworm/Dockerfile @@ -0,0 +1,145 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM openjdk:23-jdk-slim-bookworm + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jre11/semeru-jammy/Dockerfile b/10.1/jre11/semeru-jammy/Dockerfile new file mode 100644 index 000000000..8ecf7bb96 --- /dev/null +++ b/10.1/jre11/semeru-jammy/Dockerfile @@ -0,0 +1,43 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-11-jre-jammy + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +COPY --from=tomcat:10.1.20-jdk11-semeru-jammy $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jre11/temurin-alpine/Dockerfile b/10.1/jre11/temurin-alpine/Dockerfile new file mode 100644 index 000000000..7fd3bdba6 --- /dev/null +++ b/10.1/jre11/temurin-alpine/Dockerfile @@ -0,0 +1,46 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:11-jre-alpine + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +COPY --from=tomcat:10.1.20-jdk11-temurin-alpine $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + deps="$(cat "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt")"; \ + apk add --no-cache --virtual .tomcat-native-deps $deps + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/10.1/jre11/temurin-ubi9-minimal/Dockerfile b/10.1/jre11/temurin-ubi9-minimal/Dockerfile new file mode 100644 index 000000000..916e9b1e2 --- /dev/null +++ b/10.1/jre11/temurin-ubi9-minimal/Dockerfile @@ -0,0 +1,49 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:11-jre-ubi9-minimal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +COPY --from=tomcat:10.1.20-jdk11-temurin-ubi9-minimal $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ +# no xargs in al20XX and ubiX-minimal /o\ + deps="$(cat "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt")"; \ + microdnf install -y $deps; \ + microdnf clean all; \ + rm -rf /var/cache/dnf + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/10.1/jre17/semeru-jammy/Dockerfile b/10.1/jre17/semeru-jammy/Dockerfile new file mode 100644 index 000000000..d8dde50eb --- /dev/null +++ b/10.1/jre17/semeru-jammy/Dockerfile @@ -0,0 +1,43 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-17-jre-jammy + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +COPY --from=tomcat:10.1.20-jdk17-semeru-jammy $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jre17/temurin-alpine/Dockerfile b/10.1/jre17/temurin-alpine/Dockerfile new file mode 100644 index 000000000..8f78f321f --- /dev/null +++ b/10.1/jre17/temurin-alpine/Dockerfile @@ -0,0 +1,46 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:17-jre-alpine + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +COPY --from=tomcat:10.1.20-jdk17-temurin-alpine $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + deps="$(cat "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt")"; \ + apk add --no-cache --virtual .tomcat-native-deps $deps + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/10.1/jre17/temurin-ubi9-minimal/Dockerfile b/10.1/jre17/temurin-ubi9-minimal/Dockerfile new file mode 100644 index 000000000..8ca938efb --- /dev/null +++ b/10.1/jre17/temurin-ubi9-minimal/Dockerfile @@ -0,0 +1,49 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:17-jre-ubi9-minimal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +COPY --from=tomcat:10.1.20-jdk17-temurin-ubi9-minimal $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ +# no xargs in al20XX and ubiX-minimal /o\ + deps="$(cat "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt")"; \ + microdnf install -y $deps; \ + microdnf clean all; \ + rm -rf /var/cache/dnf + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/10.1/jre21/semeru-jammy/Dockerfile b/10.1/jre21/semeru-jammy/Dockerfile new file mode 100644 index 000000000..df1e5ba4f --- /dev/null +++ b/10.1/jre21/semeru-jammy/Dockerfile @@ -0,0 +1,43 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-21-jre-jammy + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +COPY --from=tomcat:10.1.20-jdk21-semeru-jammy $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/10.1/jre21/temurin-alpine/Dockerfile b/10.1/jre21/temurin-alpine/Dockerfile new file mode 100644 index 000000000..7a1bcdf2d --- /dev/null +++ b/10.1/jre21/temurin-alpine/Dockerfile @@ -0,0 +1,46 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:21-jre-alpine + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +COPY --from=tomcat:10.1.20-jdk21-temurin-alpine $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + deps="$(cat "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt")"; \ + apk add --no-cache --virtual .tomcat-native-deps $deps + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/10.1/jre21/temurin-ubi9-minimal/Dockerfile b/10.1/jre21/temurin-ubi9-minimal/Dockerfile new file mode 100644 index 000000000..a248fb70f --- /dev/null +++ b/10.1/jre21/temurin-ubi9-minimal/Dockerfile @@ -0,0 +1,49 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:21-jre-ubi9-minimal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +COPY --from=tomcat:10.1.20-jdk21-temurin-ubi9-minimal $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ +# no xargs in al20XX and ubiX-minimal /o\ + deps="$(cat "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt")"; \ + microdnf install -y $deps; \ + microdnf clean all; \ + rm -rf /var/cache/dnf + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/10.1/jre22/temurin-alpine/Dockerfile b/10.1/jre22/temurin-alpine/Dockerfile new file mode 100644 index 000000000..9d3602bc7 --- /dev/null +++ b/10.1/jre22/temurin-alpine/Dockerfile @@ -0,0 +1,46 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:22-jre-alpine + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +COPY --from=tomcat:10.1.20-jdk22-temurin-alpine $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + deps="$(cat "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt")"; \ + apk add --no-cache --virtual .tomcat-native-deps $deps + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/10.1/jre22/temurin-jammy/Dockerfile b/10.1/jre22/temurin-jammy/Dockerfile new file mode 100644 index 000000000..c84973026 --- /dev/null +++ b/10.1/jre22/temurin-jammy/Dockerfile @@ -0,0 +1,47 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:22-jre-jammy + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +COPY --from=tomcat:10.1.20-jdk22-temurin-jammy $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/10.1/jre22/temurin-ubi9-minimal/Dockerfile b/10.1/jre22/temurin-ubi9-minimal/Dockerfile new file mode 100644 index 000000000..1667e712a --- /dev/null +++ b/10.1/jre22/temurin-ubi9-minimal/Dockerfile @@ -0,0 +1,49 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:22-jre-ubi9-minimal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.20 +ENV TOMCAT_SHA512 6728a28b93c4ef457ed90b8fcaa71a60f9739c4531c59a245879d2075db94c6bac336ea5a28748364df0f81a155d52b0839ecdd0c09adafdea29942a85b265b4 + +COPY --from=tomcat:10.1.20-jdk22-temurin-ubi9-minimal $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ +# no xargs in al20XX and ubiX-minimal /o\ + deps="$(cat "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt")"; \ + microdnf install -y $deps; \ + microdnf clean all; \ + rm -rf /var/cache/dnf + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/11.0/jdk21/corretto-al2023/Dockerfile b/11.0/jdk21/corretto-al2023/Dockerfile new file mode 100644 index 000000000..16b22e819 --- /dev/null +++ b/11.0/jdk21/corretto-al2023/Dockerfile @@ -0,0 +1,152 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:21-al2023-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 11 +ENV TOMCAT_VERSION 11.0.0-M18 +ENV TOMCAT_SHA512 ede300764e82166316f6bf0561a5469dfdfad118e90a8ea7644b834ce933760574df2fa54347b9bf5206049456d2cc17f06a3e5936838561ced5b022fe2c3053 + +RUN set -eux; \ + \ +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ + local pkg todo=''; \ + for pkg; do \ + if ! rpm --query "$pkg" > /dev/null 2>&1; then \ + todo="$todo $pkg"; \ + fi; \ + done; \ + if [ -n "$todo" ]; then \ + set -x; \ + dnf install -y $todo; \ + dnf mark remove $todo; \ + fi; \ + ) }; \ + _install_temporary gzip tar; \ +# gnupg2-minimal (installed by default) conflicts with gnupg2 and does not include dirmngr so cannot fetch keys + dnf install -y --allowerasing gnupg2; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + _install_temporary \ + apr-devel \ + findutils \ + gcc \ + make \ + openssl-devel \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt rpm --query --whatprovides \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r dnf mark install \ + ; \ + \ +# clean up anything added temporarily and not later marked as necessary + dnf autoremove -y; \ + dnf clean all; \ + rm -rf /var/cache/dnf; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/11.0/jdk21/corretto-alpine3.16/Dockerfile b/11.0/jdk21/corretto-alpine3.16/Dockerfile new file mode 100644 index 000000000..ca49122e1 --- /dev/null +++ b/11.0/jdk21/corretto-alpine3.16/Dockerfile @@ -0,0 +1,133 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:21-alpine3.16-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 11 +ENV TOMCAT_VERSION 11.0.0-M18 +ENV TOMCAT_SHA512 ede300764e82166316f6bf0561a5469dfdfad118e90a8ea7644b834ce933760574df2fa54347b9bf5206049456d2cc17f06a3e5936838561ced5b022fe2c3053 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl3-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ +# https://git.alpinelinux.org/aports/tree/main/openssl3/APKBUILD?h=3.16-stable#n23 ("sonameprefix") +# see also "apk info --all libssl3" ("so:openssl3:so:libssl.so.3=3" under "provides:") + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { if ($1 ~ /libssl|libcrypto/) { print "so:openssl3:so:" $1 } else { print "so:" $1 } }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/11.0/jdk21/corretto-alpine3.17/Dockerfile b/11.0/jdk21/corretto-alpine3.17/Dockerfile new file mode 100644 index 000000000..1748a1eb6 --- /dev/null +++ b/11.0/jdk21/corretto-alpine3.17/Dockerfile @@ -0,0 +1,131 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:21-alpine3.17-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 11 +ENV TOMCAT_VERSION 11.0.0-M18 +ENV TOMCAT_SHA512 ede300764e82166316f6bf0561a5469dfdfad118e90a8ea7644b834ce933760574df2fa54347b9bf5206049456d2cc17f06a3e5936838561ced5b022fe2c3053 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl3-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/11.0/jdk21/corretto-alpine3.18/Dockerfile b/11.0/jdk21/corretto-alpine3.18/Dockerfile new file mode 100644 index 000000000..c0aa9ca23 --- /dev/null +++ b/11.0/jdk21/corretto-alpine3.18/Dockerfile @@ -0,0 +1,131 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:21-alpine3.18-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 11 +ENV TOMCAT_VERSION 11.0.0-M18 +ENV TOMCAT_SHA512 ede300764e82166316f6bf0561a5469dfdfad118e90a8ea7644b834ce933760574df2fa54347b9bf5206049456d2cc17f06a3e5936838561ced5b022fe2c3053 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl3-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/11.0/jdk21/corretto-alpine3.19/Dockerfile b/11.0/jdk21/corretto-alpine3.19/Dockerfile new file mode 100644 index 000000000..8c1ba2199 --- /dev/null +++ b/11.0/jdk21/corretto-alpine3.19/Dockerfile @@ -0,0 +1,131 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:21-alpine3.19-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 11 +ENV TOMCAT_VERSION 11.0.0-M18 +ENV TOMCAT_SHA512 ede300764e82166316f6bf0561a5469dfdfad118e90a8ea7644b834ce933760574df2fa54347b9bf5206049456d2cc17f06a3e5936838561ced5b022fe2c3053 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl3-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/11.0/jdk21/sapmachine/Dockerfile b/11.0/jdk21/sapmachine/Dockerfile new file mode 100644 index 000000000..13a8fa14f --- /dev/null +++ b/11.0/jdk21/sapmachine/Dockerfile @@ -0,0 +1,145 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM sapmachine:21 + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 11 +ENV TOMCAT_VERSION 11.0.0-M18 +ENV TOMCAT_SHA512 ede300764e82166316f6bf0561a5469dfdfad118e90a8ea7644b834ce933760574df2fa54347b9bf5206049456d2cc17f06a3e5936838561ced5b022fe2c3053 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/11.0/jdk21/semeru-jammy/Dockerfile b/11.0/jdk21/semeru-jammy/Dockerfile new file mode 100644 index 000000000..838fe5843 --- /dev/null +++ b/11.0/jdk21/semeru-jammy/Dockerfile @@ -0,0 +1,145 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-21-jdk-jammy + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 11 +ENV TOMCAT_VERSION 11.0.0-M18 +ENV TOMCAT_SHA512 ede300764e82166316f6bf0561a5469dfdfad118e90a8ea7644b834ce933760574df2fa54347b9bf5206049456d2cc17f06a3e5936838561ced5b022fe2c3053 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/11.0/jdk21/temurin-alpine/Dockerfile b/11.0/jdk21/temurin-alpine/Dockerfile new file mode 100644 index 000000000..01592c80a --- /dev/null +++ b/11.0/jdk21/temurin-alpine/Dockerfile @@ -0,0 +1,135 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:21-jdk-alpine + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 11 +ENV TOMCAT_VERSION 11.0.0-M18 +ENV TOMCAT_SHA512 ede300764e82166316f6bf0561a5469dfdfad118e90a8ea7644b834ce933760574df2fa54347b9bf5206049456d2cc17f06a3e5936838561ced5b022fe2c3053 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl3-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/11.0/jdk21/temurin-jammy/Dockerfile b/11.0/jdk21/temurin-jammy/Dockerfile index c0200fca6..005334334 100644 --- a/11.0/jdk21/temurin-jammy/Dockerfile +++ b/11.0/jdk21/temurin-jammy/Dockerfile @@ -102,6 +102,15 @@ RUN set -eux; \ rm -rf "$nativeBuildDir"; \ rm bin/tomcat-native.tar.gz; \ \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ # reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies apt-mark auto '.*' > /dev/null; \ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ @@ -119,15 +128,6 @@ RUN set -eux; \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ rm -rf /var/lib/apt/lists/*; \ \ -# sh removes env vars it doesn't support (ones with periods) -# https://github.com/docker-library/tomcat/issues/77 - find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ - \ -# fix permissions (especially for running as non-root) -# https://github.com/docker-library/tomcat/issues/35 - chmod -R +rX .; \ - chmod 1777 logs temp work; \ - \ # smoke test catalina.sh version diff --git a/11.0/jdk21/temurin-ubi9-minimal/Dockerfile b/11.0/jdk21/temurin-ubi9-minimal/Dockerfile new file mode 100644 index 000000000..f3edb2bc2 --- /dev/null +++ b/11.0/jdk21/temurin-ubi9-minimal/Dockerfile @@ -0,0 +1,158 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:21-jdk-ubi9-minimal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 11 +ENV TOMCAT_VERSION 11.0.0-M18 +ENV TOMCAT_SHA512 ede300764e82166316f6bf0561a5469dfdfad118e90a8ea7644b834ce933760574df2fa54347b9bf5206049456d2cc17f06a3e5936838561ced5b022fe2c3053 + +RUN set -eux; \ + \ +# removing dnf after it is installed gets really hairy, so we'll just live with it (since we need it for "dnf mark") + microdnf install -y dnf; \ +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ + local pkg todo=''; \ + for pkg; do \ + if ! rpm --query "$pkg" > /dev/null 2>&1; then \ + todo="$todo $pkg"; \ + fi; \ + done; \ + if [ -n "$todo" ]; then \ + set -x; \ + dnf install -y $todo; \ + dnf mark remove $todo; \ + fi; \ + ) }; \ + _install_temporary gzip tar; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + _install_temporary \ + apr-devel \ + findutils \ + gcc \ + make \ + openssl-devel \ +# "gcc: error: /usr/lib/rpm/redhat/redhat-hardened-cc1: No such file or directory" + redhat-rpm-config \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt rpm --query --whatprovides \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r dnf mark install \ + ; \ + \ +# clean up anything added temporarily and not later marked as necessary + dnf autoremove -y; \ + dnf clean all; \ + rm -rf /var/cache/dnf; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/11.0/jdk22/corretto-al2023/Dockerfile b/11.0/jdk22/corretto-al2023/Dockerfile new file mode 100644 index 000000000..69ed8d0cc --- /dev/null +++ b/11.0/jdk22/corretto-al2023/Dockerfile @@ -0,0 +1,152 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:22-al2023-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 11 +ENV TOMCAT_VERSION 11.0.0-M18 +ENV TOMCAT_SHA512 ede300764e82166316f6bf0561a5469dfdfad118e90a8ea7644b834ce933760574df2fa54347b9bf5206049456d2cc17f06a3e5936838561ced5b022fe2c3053 + +RUN set -eux; \ + \ +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ + local pkg todo=''; \ + for pkg; do \ + if ! rpm --query "$pkg" > /dev/null 2>&1; then \ + todo="$todo $pkg"; \ + fi; \ + done; \ + if [ -n "$todo" ]; then \ + set -x; \ + dnf install -y $todo; \ + dnf mark remove $todo; \ + fi; \ + ) }; \ + _install_temporary gzip tar; \ +# gnupg2-minimal (installed by default) conflicts with gnupg2 and does not include dirmngr so cannot fetch keys + dnf install -y --allowerasing gnupg2; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + _install_temporary \ + apr-devel \ + findutils \ + gcc \ + make \ + openssl-devel \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt rpm --query --whatprovides \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r dnf mark install \ + ; \ + \ +# clean up anything added temporarily and not later marked as necessary + dnf autoremove -y; \ + dnf clean all; \ + rm -rf /var/cache/dnf; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/11.0/jdk22/corretto-alpine3.16/Dockerfile b/11.0/jdk22/corretto-alpine3.16/Dockerfile new file mode 100644 index 000000000..e8de37bee --- /dev/null +++ b/11.0/jdk22/corretto-alpine3.16/Dockerfile @@ -0,0 +1,133 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:22-alpine3.16-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 11 +ENV TOMCAT_VERSION 11.0.0-M18 +ENV TOMCAT_SHA512 ede300764e82166316f6bf0561a5469dfdfad118e90a8ea7644b834ce933760574df2fa54347b9bf5206049456d2cc17f06a3e5936838561ced5b022fe2c3053 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl3-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ +# https://git.alpinelinux.org/aports/tree/main/openssl3/APKBUILD?h=3.16-stable#n23 ("sonameprefix") +# see also "apk info --all libssl3" ("so:openssl3:so:libssl.so.3=3" under "provides:") + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { if ($1 ~ /libssl|libcrypto/) { print "so:openssl3:so:" $1 } else { print "so:" $1 } }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/11.0/jdk22/corretto-alpine3.17/Dockerfile b/11.0/jdk22/corretto-alpine3.17/Dockerfile new file mode 100644 index 000000000..ca9c06330 --- /dev/null +++ b/11.0/jdk22/corretto-alpine3.17/Dockerfile @@ -0,0 +1,131 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:22-alpine3.17-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 11 +ENV TOMCAT_VERSION 11.0.0-M18 +ENV TOMCAT_SHA512 ede300764e82166316f6bf0561a5469dfdfad118e90a8ea7644b834ce933760574df2fa54347b9bf5206049456d2cc17f06a3e5936838561ced5b022fe2c3053 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl3-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/11.0/jdk22/corretto-alpine3.18/Dockerfile b/11.0/jdk22/corretto-alpine3.18/Dockerfile new file mode 100644 index 000000000..f66a63dd0 --- /dev/null +++ b/11.0/jdk22/corretto-alpine3.18/Dockerfile @@ -0,0 +1,131 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:22-alpine3.18-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 11 +ENV TOMCAT_VERSION 11.0.0-M18 +ENV TOMCAT_SHA512 ede300764e82166316f6bf0561a5469dfdfad118e90a8ea7644b834ce933760574df2fa54347b9bf5206049456d2cc17f06a3e5936838561ced5b022fe2c3053 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl3-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/11.0/jdk22/corretto-alpine3.19/Dockerfile b/11.0/jdk22/corretto-alpine3.19/Dockerfile new file mode 100644 index 000000000..c8aaf9756 --- /dev/null +++ b/11.0/jdk22/corretto-alpine3.19/Dockerfile @@ -0,0 +1,131 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:22-alpine3.19-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 11 +ENV TOMCAT_VERSION 11.0.0-M18 +ENV TOMCAT_SHA512 ede300764e82166316f6bf0561a5469dfdfad118e90a8ea7644b834ce933760574df2fa54347b9bf5206049456d2cc17f06a3e5936838561ced5b022fe2c3053 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl3-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/11.0/jdk22/sapmachine/Dockerfile b/11.0/jdk22/sapmachine/Dockerfile new file mode 100644 index 000000000..4ed796217 --- /dev/null +++ b/11.0/jdk22/sapmachine/Dockerfile @@ -0,0 +1,145 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM sapmachine:22 + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 11 +ENV TOMCAT_VERSION 11.0.0-M18 +ENV TOMCAT_SHA512 ede300764e82166316f6bf0561a5469dfdfad118e90a8ea7644b834ce933760574df2fa54347b9bf5206049456d2cc17f06a3e5936838561ced5b022fe2c3053 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/11.0/jdk22/temurin-alpine/Dockerfile b/11.0/jdk22/temurin-alpine/Dockerfile new file mode 100644 index 000000000..2a4d28b52 --- /dev/null +++ b/11.0/jdk22/temurin-alpine/Dockerfile @@ -0,0 +1,135 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:22-jdk-alpine + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 11 +ENV TOMCAT_VERSION 11.0.0-M18 +ENV TOMCAT_SHA512 ede300764e82166316f6bf0561a5469dfdfad118e90a8ea7644b834ce933760574df2fa54347b9bf5206049456d2cc17f06a3e5936838561ced5b022fe2c3053 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl3-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/11.0/jdk22/temurin-jammy/Dockerfile b/11.0/jdk22/temurin-jammy/Dockerfile new file mode 100644 index 000000000..468ebe032 --- /dev/null +++ b/11.0/jdk22/temurin-jammy/Dockerfile @@ -0,0 +1,149 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:22-jdk-jammy + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 11 +ENV TOMCAT_VERSION 11.0.0-M18 +ENV TOMCAT_SHA512 ede300764e82166316f6bf0561a5469dfdfad118e90a8ea7644b834ce933760574df2fa54347b9bf5206049456d2cc17f06a3e5936838561ced5b022fe2c3053 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/11.0/jdk22/temurin-ubi9-minimal/Dockerfile b/11.0/jdk22/temurin-ubi9-minimal/Dockerfile new file mode 100644 index 000000000..077797412 --- /dev/null +++ b/11.0/jdk22/temurin-ubi9-minimal/Dockerfile @@ -0,0 +1,158 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:22-jdk-ubi9-minimal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 11 +ENV TOMCAT_VERSION 11.0.0-M18 +ENV TOMCAT_SHA512 ede300764e82166316f6bf0561a5469dfdfad118e90a8ea7644b834ce933760574df2fa54347b9bf5206049456d2cc17f06a3e5936838561ced5b022fe2c3053 + +RUN set -eux; \ + \ +# removing dnf after it is installed gets really hairy, so we'll just live with it (since we need it for "dnf mark") + microdnf install -y dnf; \ +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ + local pkg todo=''; \ + for pkg; do \ + if ! rpm --query "$pkg" > /dev/null 2>&1; then \ + todo="$todo $pkg"; \ + fi; \ + done; \ + if [ -n "$todo" ]; then \ + set -x; \ + dnf install -y $todo; \ + dnf mark remove $todo; \ + fi; \ + ) }; \ + _install_temporary gzip tar; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + _install_temporary \ + apr-devel \ + findutils \ + gcc \ + make \ + openssl-devel \ +# "gcc: error: /usr/lib/rpm/redhat/redhat-hardened-cc1: No such file or directory" + redhat-rpm-config \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt rpm --query --whatprovides \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r dnf mark install \ + ; \ + \ +# clean up anything added temporarily and not later marked as necessary + dnf autoremove -y; \ + dnf clean all; \ + rm -rf /var/cache/dnf; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/11.0/jdk23/openjdk-bookworm/Dockerfile b/11.0/jdk23/openjdk-bookworm/Dockerfile new file mode 100644 index 000000000..a0b5e399c --- /dev/null +++ b/11.0/jdk23/openjdk-bookworm/Dockerfile @@ -0,0 +1,145 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM openjdk:23-jdk-bookworm + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 11 +ENV TOMCAT_VERSION 11.0.0-M18 +ENV TOMCAT_SHA512 ede300764e82166316f6bf0561a5469dfdfad118e90a8ea7644b834ce933760574df2fa54347b9bf5206049456d2cc17f06a3e5936838561ced5b022fe2c3053 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/11.0/jdk23/openjdk-oraclelinux9/Dockerfile b/11.0/jdk23/openjdk-oraclelinux9/Dockerfile new file mode 100644 index 000000000..446a71d87 --- /dev/null +++ b/11.0/jdk23/openjdk-oraclelinux9/Dockerfile @@ -0,0 +1,154 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM openjdk:23-jdk-oraclelinux9 + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 11 +ENV TOMCAT_VERSION 11.0.0-M18 +ENV TOMCAT_SHA512 ede300764e82166316f6bf0561a5469dfdfad118e90a8ea7644b834ce933760574df2fa54347b9bf5206049456d2cc17f06a3e5936838561ced5b022fe2c3053 + +RUN set -eux; \ + \ +# removing dnf after it is installed gets really hairy, so we'll just live with it (since we need it for "dnf mark") + microdnf install -y dnf; \ +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ + local pkg todo=''; \ + for pkg; do \ + if ! rpm --query "$pkg" > /dev/null 2>&1; then \ + todo="$todo $pkg"; \ + fi; \ + done; \ + if [ -n "$todo" ]; then \ + set -x; \ + dnf install -y $todo; \ + dnf mark remove $todo; \ + fi; \ + ) }; \ + _install_temporary gzip tar; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + _install_temporary \ + apr-devel \ + findutils \ + gcc \ + make \ + openssl-devel \ +# "gcc: error: /usr/lib/rpm/redhat/redhat-hardened-cc1: No such file or directory" + redhat-rpm-config \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt rpm --query --whatprovides \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r dnf mark install \ + ; \ + \ +# clean up anything added temporarily and not later marked as necessary + dnf autoremove -y; \ + dnf clean all; \ + rm -rf /var/cache/dnf; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/11.0/jdk23/openjdk-slim-bookworm/Dockerfile b/11.0/jdk23/openjdk-slim-bookworm/Dockerfile new file mode 100644 index 000000000..0ec8d56d4 --- /dev/null +++ b/11.0/jdk23/openjdk-slim-bookworm/Dockerfile @@ -0,0 +1,145 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM openjdk:23-jdk-slim-bookworm + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 11 +ENV TOMCAT_VERSION 11.0.0-M18 +ENV TOMCAT_SHA512 ede300764e82166316f6bf0561a5469dfdfad118e90a8ea7644b834ce933760574df2fa54347b9bf5206049456d2cc17f06a3e5936838561ced5b022fe2c3053 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/11.0/jre21/semeru-jammy/Dockerfile b/11.0/jre21/semeru-jammy/Dockerfile new file mode 100644 index 000000000..ec5f441e1 --- /dev/null +++ b/11.0/jre21/semeru-jammy/Dockerfile @@ -0,0 +1,43 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-21-jre-jammy + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 11 +ENV TOMCAT_VERSION 11.0.0-M18 +ENV TOMCAT_SHA512 ede300764e82166316f6bf0561a5469dfdfad118e90a8ea7644b834ce933760574df2fa54347b9bf5206049456d2cc17f06a3e5936838561ced5b022fe2c3053 + +COPY --from=tomcat:11.0.0-M18-jdk21-semeru-jammy $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/11.0/jre21/temurin-alpine/Dockerfile b/11.0/jre21/temurin-alpine/Dockerfile new file mode 100644 index 000000000..98f617c6e --- /dev/null +++ b/11.0/jre21/temurin-alpine/Dockerfile @@ -0,0 +1,46 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:21-jre-alpine + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 11 +ENV TOMCAT_VERSION 11.0.0-M18 +ENV TOMCAT_SHA512 ede300764e82166316f6bf0561a5469dfdfad118e90a8ea7644b834ce933760574df2fa54347b9bf5206049456d2cc17f06a3e5936838561ced5b022fe2c3053 + +COPY --from=tomcat:11.0.0-M18-jdk21-temurin-alpine $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + deps="$(cat "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt")"; \ + apk add --no-cache --virtual .tomcat-native-deps $deps + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/11.0/jre21/temurin-ubi9-minimal/Dockerfile b/11.0/jre21/temurin-ubi9-minimal/Dockerfile new file mode 100644 index 000000000..0fc62e7a6 --- /dev/null +++ b/11.0/jre21/temurin-ubi9-minimal/Dockerfile @@ -0,0 +1,49 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:21-jre-ubi9-minimal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 11 +ENV TOMCAT_VERSION 11.0.0-M18 +ENV TOMCAT_SHA512 ede300764e82166316f6bf0561a5469dfdfad118e90a8ea7644b834ce933760574df2fa54347b9bf5206049456d2cc17f06a3e5936838561ced5b022fe2c3053 + +COPY --from=tomcat:11.0.0-M18-jdk21-temurin-ubi9-minimal $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ +# no xargs in al20XX and ubiX-minimal /o\ + deps="$(cat "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt")"; \ + microdnf install -y $deps; \ + microdnf clean all; \ + rm -rf /var/cache/dnf + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/11.0/jre22/temurin-alpine/Dockerfile b/11.0/jre22/temurin-alpine/Dockerfile new file mode 100644 index 000000000..c03981124 --- /dev/null +++ b/11.0/jre22/temurin-alpine/Dockerfile @@ -0,0 +1,46 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:22-jre-alpine + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 11 +ENV TOMCAT_VERSION 11.0.0-M18 +ENV TOMCAT_SHA512 ede300764e82166316f6bf0561a5469dfdfad118e90a8ea7644b834ce933760574df2fa54347b9bf5206049456d2cc17f06a3e5936838561ced5b022fe2c3053 + +COPY --from=tomcat:11.0.0-M18-jdk22-temurin-alpine $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + deps="$(cat "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt")"; \ + apk add --no-cache --virtual .tomcat-native-deps $deps + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/11.0/jre22/temurin-jammy/Dockerfile b/11.0/jre22/temurin-jammy/Dockerfile new file mode 100644 index 000000000..bf1df30dd --- /dev/null +++ b/11.0/jre22/temurin-jammy/Dockerfile @@ -0,0 +1,47 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:22-jre-jammy + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 11 +ENV TOMCAT_VERSION 11.0.0-M18 +ENV TOMCAT_SHA512 ede300764e82166316f6bf0561a5469dfdfad118e90a8ea7644b834ce933760574df2fa54347b9bf5206049456d2cc17f06a3e5936838561ced5b022fe2c3053 + +COPY --from=tomcat:11.0.0-M18-jdk22-temurin-jammy $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/11.0/jre22/temurin-ubi9-minimal/Dockerfile b/11.0/jre22/temurin-ubi9-minimal/Dockerfile new file mode 100644 index 000000000..e3c7a4c0f --- /dev/null +++ b/11.0/jre22/temurin-ubi9-minimal/Dockerfile @@ -0,0 +1,49 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:22-jre-ubi9-minimal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 11 +ENV TOMCAT_VERSION 11.0.0-M18 +ENV TOMCAT_SHA512 ede300764e82166316f6bf0561a5469dfdfad118e90a8ea7644b834ce933760574df2fa54347b9bf5206049456d2cc17f06a3e5936838561ced5b022fe2c3053 + +COPY --from=tomcat:11.0.0-M18-jdk22-temurin-ubi9-minimal $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ +# no xargs in al20XX and ubiX-minimal /o\ + deps="$(cat "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt")"; \ + microdnf install -y $deps; \ + microdnf clean all; \ + rm -rf /var/cache/dnf + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk11/corretto-al2/Dockerfile b/9.0/jdk11/corretto-al2/Dockerfile index 44badf1d9..59d8e6260 100644 --- a/9.0/jdk11/corretto-al2/Dockerfile +++ b/9.0/jdk11/corretto-al2/Dockerfile @@ -30,8 +30,8 @@ RUN set -eux; \ yum install -y --setopt=skip_missing_names_on_install=False yum-utils; \ yumdb set reason dep yum-utils; \ fi; \ -# a helper function to "yum install" things, but only if they aren't installed (and to set their "reason" to "dep" so "yum autoremove" can purge them for us) - _yum_install_temporary() { ( set -eu +x; \ +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ local pkg todo=''; \ for pkg; do \ if ! rpm --query "$pkg" > /dev/null 2>&1; then \ @@ -44,7 +44,7 @@ RUN set -eux; \ yumdb set reason dep $todo; \ fi; \ ) }; \ - _yum_install_temporary gzip tar; \ + _install_temporary gzip tar; \ \ ddist() { \ local f="$1"; shift; \ @@ -88,8 +88,9 @@ RUN set -eux; \ \ nativeBuildDir="$(mktemp -d)"; \ tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ - _yum_install_temporary \ + _install_temporary \ apr-devel \ + findutils \ gcc \ make \ openssl11-devel \ @@ -112,6 +113,15 @@ RUN set -eux; \ rm -rf "$nativeBuildDir"; \ rm bin/tomcat-native.tar.gz; \ \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ # mark any explicit dependencies as manually installed find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ @@ -128,15 +138,6 @@ RUN set -eux; \ yum clean all; \ rm -rf /var/cache/yum; \ \ -# sh removes env vars it doesn't support (ones with periods) -# https://github.com/docker-library/tomcat/issues/77 - find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ - \ -# fix permissions (especially for running as non-root) -# https://github.com/docker-library/tomcat/issues/35 - chmod -R +rX .; \ - chmod 1777 logs temp work; \ - \ # smoke test catalina.sh version diff --git a/9.0/jdk11/corretto-al2023/Dockerfile b/9.0/jdk11/corretto-al2023/Dockerfile new file mode 100644 index 000000000..b4aba8da9 --- /dev/null +++ b/9.0/jdk11/corretto-al2023/Dockerfile @@ -0,0 +1,153 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:11-al2023-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ + local pkg todo=''; \ + for pkg; do \ + if ! rpm --query "$pkg" > /dev/null 2>&1; then \ + todo="$todo $pkg"; \ + fi; \ + done; \ + if [ -n "$todo" ]; then \ + set -x; \ + dnf install -y $todo; \ + dnf mark remove $todo; \ + fi; \ + ) }; \ + _install_temporary gzip tar; \ +# gnupg2-minimal (installed by default) conflicts with gnupg2 and does not include dirmngr so cannot fetch keys + dnf install -y --allowerasing gnupg2; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + _install_temporary \ + apr-devel \ + findutils \ + gcc \ + make \ + openssl-devel \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt rpm --query --whatprovides \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r dnf mark install \ + ; \ + \ +# clean up anything added temporarily and not later marked as necessary + dnf autoremove -y; \ + dnf clean all; \ + rm -rf /var/cache/dnf; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk11/corretto-alpine3.16/Dockerfile b/9.0/jdk11/corretto-alpine3.16/Dockerfile new file mode 100644 index 000000000..e380170fc --- /dev/null +++ b/9.0/jdk11/corretto-alpine3.16/Dockerfile @@ -0,0 +1,132 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:11-alpine3.16-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk11/corretto-alpine3.17/Dockerfile b/9.0/jdk11/corretto-alpine3.17/Dockerfile new file mode 100644 index 000000000..6e73c3d8d --- /dev/null +++ b/9.0/jdk11/corretto-alpine3.17/Dockerfile @@ -0,0 +1,132 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:11-alpine3.17-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk11/corretto-alpine3.18/Dockerfile b/9.0/jdk11/corretto-alpine3.18/Dockerfile new file mode 100644 index 000000000..91c87c7c0 --- /dev/null +++ b/9.0/jdk11/corretto-alpine3.18/Dockerfile @@ -0,0 +1,132 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:11-alpine3.18-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk11/corretto-alpine3.19/Dockerfile b/9.0/jdk11/corretto-alpine3.19/Dockerfile new file mode 100644 index 000000000..406756a00 --- /dev/null +++ b/9.0/jdk11/corretto-alpine3.19/Dockerfile @@ -0,0 +1,132 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:11-alpine3.19-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk11/sapmachine/Dockerfile b/9.0/jdk11/sapmachine/Dockerfile new file mode 100644 index 000000000..e45624806 --- /dev/null +++ b/9.0/jdk11/sapmachine/Dockerfile @@ -0,0 +1,146 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM sapmachine:11 + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk11/semeru-focal/Dockerfile b/9.0/jdk11/semeru-focal/Dockerfile new file mode 100644 index 000000000..362e22f5a --- /dev/null +++ b/9.0/jdk11/semeru-focal/Dockerfile @@ -0,0 +1,146 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-11-jdk-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk11/semeru-jammy/Dockerfile b/9.0/jdk11/semeru-jammy/Dockerfile new file mode 100644 index 000000000..a99218291 --- /dev/null +++ b/9.0/jdk11/semeru-jammy/Dockerfile @@ -0,0 +1,146 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-11-jdk-jammy + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk11/temurin-alpine/Dockerfile b/9.0/jdk11/temurin-alpine/Dockerfile new file mode 100644 index 000000000..de281fb03 --- /dev/null +++ b/9.0/jdk11/temurin-alpine/Dockerfile @@ -0,0 +1,136 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:11-jdk-alpine + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk11/temurin-focal/Dockerfile b/9.0/jdk11/temurin-focal/Dockerfile index 4f792f9b2..7286e7c22 100644 --- a/9.0/jdk11/temurin-focal/Dockerfile +++ b/9.0/jdk11/temurin-focal/Dockerfile @@ -103,6 +103,15 @@ RUN set -eux; \ rm -rf "$nativeBuildDir"; \ rm bin/tomcat-native.tar.gz; \ \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ # reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies apt-mark auto '.*' > /dev/null; \ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ @@ -120,15 +129,6 @@ RUN set -eux; \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ rm -rf /var/lib/apt/lists/*; \ \ -# sh removes env vars it doesn't support (ones with periods) -# https://github.com/docker-library/tomcat/issues/77 - find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ - \ -# fix permissions (especially for running as non-root) -# https://github.com/docker-library/tomcat/issues/35 - chmod -R +rX .; \ - chmod 1777 logs temp work; \ - \ # smoke test catalina.sh version diff --git a/9.0/jdk11/temurin-jammy/Dockerfile b/9.0/jdk11/temurin-jammy/Dockerfile index 9a2c1c3ad..ead5b23fe 100644 --- a/9.0/jdk11/temurin-jammy/Dockerfile +++ b/9.0/jdk11/temurin-jammy/Dockerfile @@ -103,6 +103,15 @@ RUN set -eux; \ rm -rf "$nativeBuildDir"; \ rm bin/tomcat-native.tar.gz; \ \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ # reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies apt-mark auto '.*' > /dev/null; \ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ @@ -120,15 +129,6 @@ RUN set -eux; \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ rm -rf /var/lib/apt/lists/*; \ \ -# sh removes env vars it doesn't support (ones with periods) -# https://github.com/docker-library/tomcat/issues/77 - find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ - \ -# fix permissions (especially for running as non-root) -# https://github.com/docker-library/tomcat/issues/35 - chmod -R +rX .; \ - chmod 1777 logs temp work; \ - \ # smoke test catalina.sh version diff --git a/9.0/jdk11/temurin-ubi9-minimal/Dockerfile b/9.0/jdk11/temurin-ubi9-minimal/Dockerfile new file mode 100644 index 000000000..90f4ed8d8 --- /dev/null +++ b/9.0/jdk11/temurin-ubi9-minimal/Dockerfile @@ -0,0 +1,159 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:11-jdk-ubi9-minimal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ +# removing dnf after it is installed gets really hairy, so we'll just live with it (since we need it for "dnf mark") + microdnf install -y dnf; \ +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ + local pkg todo=''; \ + for pkg; do \ + if ! rpm --query "$pkg" > /dev/null 2>&1; then \ + todo="$todo $pkg"; \ + fi; \ + done; \ + if [ -n "$todo" ]; then \ + set -x; \ + dnf install -y $todo; \ + dnf mark remove $todo; \ + fi; \ + ) }; \ + _install_temporary gzip tar; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + _install_temporary \ + apr-devel \ + findutils \ + gcc \ + make \ + openssl-devel \ +# "gcc: error: /usr/lib/rpm/redhat/redhat-hardened-cc1: No such file or directory" + redhat-rpm-config \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt rpm --query --whatprovides \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r dnf mark install \ + ; \ + \ +# clean up anything added temporarily and not later marked as necessary + dnf autoremove -y; \ + dnf clean all; \ + rm -rf /var/cache/dnf; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk17/corretto-al2/Dockerfile b/9.0/jdk17/corretto-al2/Dockerfile index 9cacebff3..4500fe544 100644 --- a/9.0/jdk17/corretto-al2/Dockerfile +++ b/9.0/jdk17/corretto-al2/Dockerfile @@ -30,8 +30,8 @@ RUN set -eux; \ yum install -y --setopt=skip_missing_names_on_install=False yum-utils; \ yumdb set reason dep yum-utils; \ fi; \ -# a helper function to "yum install" things, but only if they aren't installed (and to set their "reason" to "dep" so "yum autoremove" can purge them for us) - _yum_install_temporary() { ( set -eu +x; \ +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ local pkg todo=''; \ for pkg; do \ if ! rpm --query "$pkg" > /dev/null 2>&1; then \ @@ -44,7 +44,7 @@ RUN set -eux; \ yumdb set reason dep $todo; \ fi; \ ) }; \ - _yum_install_temporary gzip tar; \ + _install_temporary gzip tar; \ \ ddist() { \ local f="$1"; shift; \ @@ -88,8 +88,9 @@ RUN set -eux; \ \ nativeBuildDir="$(mktemp -d)"; \ tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ - _yum_install_temporary \ + _install_temporary \ apr-devel \ + findutils \ gcc \ make \ openssl11-devel \ @@ -112,6 +113,15 @@ RUN set -eux; \ rm -rf "$nativeBuildDir"; \ rm bin/tomcat-native.tar.gz; \ \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ # mark any explicit dependencies as manually installed find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ @@ -128,15 +138,6 @@ RUN set -eux; \ yum clean all; \ rm -rf /var/cache/yum; \ \ -# sh removes env vars it doesn't support (ones with periods) -# https://github.com/docker-library/tomcat/issues/77 - find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ - \ -# fix permissions (especially for running as non-root) -# https://github.com/docker-library/tomcat/issues/35 - chmod -R +rX .; \ - chmod 1777 logs temp work; \ - \ # smoke test catalina.sh version diff --git a/9.0/jdk17/corretto-al2023/Dockerfile b/9.0/jdk17/corretto-al2023/Dockerfile new file mode 100644 index 000000000..d7767913c --- /dev/null +++ b/9.0/jdk17/corretto-al2023/Dockerfile @@ -0,0 +1,153 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:17-al2023-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ + local pkg todo=''; \ + for pkg; do \ + if ! rpm --query "$pkg" > /dev/null 2>&1; then \ + todo="$todo $pkg"; \ + fi; \ + done; \ + if [ -n "$todo" ]; then \ + set -x; \ + dnf install -y $todo; \ + dnf mark remove $todo; \ + fi; \ + ) }; \ + _install_temporary gzip tar; \ +# gnupg2-minimal (installed by default) conflicts with gnupg2 and does not include dirmngr so cannot fetch keys + dnf install -y --allowerasing gnupg2; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + _install_temporary \ + apr-devel \ + findutils \ + gcc \ + make \ + openssl-devel \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt rpm --query --whatprovides \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r dnf mark install \ + ; \ + \ +# clean up anything added temporarily and not later marked as necessary + dnf autoremove -y; \ + dnf clean all; \ + rm -rf /var/cache/dnf; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk17/corretto-alpine3.16/Dockerfile b/9.0/jdk17/corretto-alpine3.16/Dockerfile new file mode 100644 index 000000000..178964cc0 --- /dev/null +++ b/9.0/jdk17/corretto-alpine3.16/Dockerfile @@ -0,0 +1,132 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:17-alpine3.16-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk17/corretto-alpine3.17/Dockerfile b/9.0/jdk17/corretto-alpine3.17/Dockerfile new file mode 100644 index 000000000..8a85818cb --- /dev/null +++ b/9.0/jdk17/corretto-alpine3.17/Dockerfile @@ -0,0 +1,132 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:17-alpine3.17-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk17/corretto-alpine3.18/Dockerfile b/9.0/jdk17/corretto-alpine3.18/Dockerfile new file mode 100644 index 000000000..a5c0ab67e --- /dev/null +++ b/9.0/jdk17/corretto-alpine3.18/Dockerfile @@ -0,0 +1,132 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:17-alpine3.18-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk17/corretto-alpine3.19/Dockerfile b/9.0/jdk17/corretto-alpine3.19/Dockerfile new file mode 100644 index 000000000..68e74bb1f --- /dev/null +++ b/9.0/jdk17/corretto-alpine3.19/Dockerfile @@ -0,0 +1,132 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:17-alpine3.19-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk17/sapmachine/Dockerfile b/9.0/jdk17/sapmachine/Dockerfile new file mode 100644 index 000000000..302551e39 --- /dev/null +++ b/9.0/jdk17/sapmachine/Dockerfile @@ -0,0 +1,146 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM sapmachine:17 + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk17/semeru-focal/Dockerfile b/9.0/jdk17/semeru-focal/Dockerfile new file mode 100644 index 000000000..2d078d04d --- /dev/null +++ b/9.0/jdk17/semeru-focal/Dockerfile @@ -0,0 +1,146 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-17-jdk-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk17/semeru-jammy/Dockerfile b/9.0/jdk17/semeru-jammy/Dockerfile new file mode 100644 index 000000000..37b72f5a2 --- /dev/null +++ b/9.0/jdk17/semeru-jammy/Dockerfile @@ -0,0 +1,146 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-17-jdk-jammy + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk17/temurin-alpine/Dockerfile b/9.0/jdk17/temurin-alpine/Dockerfile new file mode 100644 index 000000000..661718ea8 --- /dev/null +++ b/9.0/jdk17/temurin-alpine/Dockerfile @@ -0,0 +1,136 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:17-jdk-alpine + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk17/temurin-focal/Dockerfile b/9.0/jdk17/temurin-focal/Dockerfile index 50b58ea0c..6d2341278 100644 --- a/9.0/jdk17/temurin-focal/Dockerfile +++ b/9.0/jdk17/temurin-focal/Dockerfile @@ -103,6 +103,15 @@ RUN set -eux; \ rm -rf "$nativeBuildDir"; \ rm bin/tomcat-native.tar.gz; \ \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ # reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies apt-mark auto '.*' > /dev/null; \ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ @@ -120,15 +129,6 @@ RUN set -eux; \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ rm -rf /var/lib/apt/lists/*; \ \ -# sh removes env vars it doesn't support (ones with periods) -# https://github.com/docker-library/tomcat/issues/77 - find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ - \ -# fix permissions (especially for running as non-root) -# https://github.com/docker-library/tomcat/issues/35 - chmod -R +rX .; \ - chmod 1777 logs temp work; \ - \ # smoke test catalina.sh version diff --git a/9.0/jdk17/temurin-jammy/Dockerfile b/9.0/jdk17/temurin-jammy/Dockerfile index b7d7d7c4e..230f4589f 100644 --- a/9.0/jdk17/temurin-jammy/Dockerfile +++ b/9.0/jdk17/temurin-jammy/Dockerfile @@ -103,6 +103,15 @@ RUN set -eux; \ rm -rf "$nativeBuildDir"; \ rm bin/tomcat-native.tar.gz; \ \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ # reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies apt-mark auto '.*' > /dev/null; \ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ @@ -120,15 +129,6 @@ RUN set -eux; \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ rm -rf /var/lib/apt/lists/*; \ \ -# sh removes env vars it doesn't support (ones with periods) -# https://github.com/docker-library/tomcat/issues/77 - find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ - \ -# fix permissions (especially for running as non-root) -# https://github.com/docker-library/tomcat/issues/35 - chmod -R +rX .; \ - chmod 1777 logs temp work; \ - \ # smoke test catalina.sh version diff --git a/9.0/jdk17/temurin-ubi9-minimal/Dockerfile b/9.0/jdk17/temurin-ubi9-minimal/Dockerfile new file mode 100644 index 000000000..46ad4bd3d --- /dev/null +++ b/9.0/jdk17/temurin-ubi9-minimal/Dockerfile @@ -0,0 +1,159 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:17-jdk-ubi9-minimal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ +# removing dnf after it is installed gets really hairy, so we'll just live with it (since we need it for "dnf mark") + microdnf install -y dnf; \ +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ + local pkg todo=''; \ + for pkg; do \ + if ! rpm --query "$pkg" > /dev/null 2>&1; then \ + todo="$todo $pkg"; \ + fi; \ + done; \ + if [ -n "$todo" ]; then \ + set -x; \ + dnf install -y $todo; \ + dnf mark remove $todo; \ + fi; \ + ) }; \ + _install_temporary gzip tar; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + _install_temporary \ + apr-devel \ + findutils \ + gcc \ + make \ + openssl-devel \ +# "gcc: error: /usr/lib/rpm/redhat/redhat-hardened-cc1: No such file or directory" + redhat-rpm-config \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt rpm --query --whatprovides \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r dnf mark install \ + ; \ + \ +# clean up anything added temporarily and not later marked as necessary + dnf autoremove -y; \ + dnf clean all; \ + rm -rf /var/cache/dnf; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk21/corretto-al2/Dockerfile b/9.0/jdk21/corretto-al2/Dockerfile index ee7d1c753..029eb8c0f 100644 --- a/9.0/jdk21/corretto-al2/Dockerfile +++ b/9.0/jdk21/corretto-al2/Dockerfile @@ -30,8 +30,8 @@ RUN set -eux; \ yum install -y --setopt=skip_missing_names_on_install=False yum-utils; \ yumdb set reason dep yum-utils; \ fi; \ -# a helper function to "yum install" things, but only if they aren't installed (and to set their "reason" to "dep" so "yum autoremove" can purge them for us) - _yum_install_temporary() { ( set -eu +x; \ +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ local pkg todo=''; \ for pkg; do \ if ! rpm --query "$pkg" > /dev/null 2>&1; then \ @@ -44,7 +44,7 @@ RUN set -eux; \ yumdb set reason dep $todo; \ fi; \ ) }; \ - _yum_install_temporary gzip tar; \ + _install_temporary gzip tar; \ \ ddist() { \ local f="$1"; shift; \ @@ -88,8 +88,9 @@ RUN set -eux; \ \ nativeBuildDir="$(mktemp -d)"; \ tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ - _yum_install_temporary \ + _install_temporary \ apr-devel \ + findutils \ gcc \ make \ openssl11-devel \ @@ -112,6 +113,15 @@ RUN set -eux; \ rm -rf "$nativeBuildDir"; \ rm bin/tomcat-native.tar.gz; \ \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ # mark any explicit dependencies as manually installed find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ @@ -128,15 +138,6 @@ RUN set -eux; \ yum clean all; \ rm -rf /var/cache/yum; \ \ -# sh removes env vars it doesn't support (ones with periods) -# https://github.com/docker-library/tomcat/issues/77 - find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ - \ -# fix permissions (especially for running as non-root) -# https://github.com/docker-library/tomcat/issues/35 - chmod -R +rX .; \ - chmod 1777 logs temp work; \ - \ # smoke test catalina.sh version diff --git a/9.0/jdk21/corretto-al2023/Dockerfile b/9.0/jdk21/corretto-al2023/Dockerfile new file mode 100644 index 000000000..fa0453dee --- /dev/null +++ b/9.0/jdk21/corretto-al2023/Dockerfile @@ -0,0 +1,153 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:21-al2023-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ + local pkg todo=''; \ + for pkg; do \ + if ! rpm --query "$pkg" > /dev/null 2>&1; then \ + todo="$todo $pkg"; \ + fi; \ + done; \ + if [ -n "$todo" ]; then \ + set -x; \ + dnf install -y $todo; \ + dnf mark remove $todo; \ + fi; \ + ) }; \ + _install_temporary gzip tar; \ +# gnupg2-minimal (installed by default) conflicts with gnupg2 and does not include dirmngr so cannot fetch keys + dnf install -y --allowerasing gnupg2; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + _install_temporary \ + apr-devel \ + findutils \ + gcc \ + make \ + openssl-devel \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt rpm --query --whatprovides \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r dnf mark install \ + ; \ + \ +# clean up anything added temporarily and not later marked as necessary + dnf autoremove -y; \ + dnf clean all; \ + rm -rf /var/cache/dnf; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk21/corretto-alpine3.16/Dockerfile b/9.0/jdk21/corretto-alpine3.16/Dockerfile new file mode 100644 index 000000000..e47aedeb8 --- /dev/null +++ b/9.0/jdk21/corretto-alpine3.16/Dockerfile @@ -0,0 +1,132 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:21-alpine3.16-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk21/corretto-alpine3.17/Dockerfile b/9.0/jdk21/corretto-alpine3.17/Dockerfile new file mode 100644 index 000000000..2fbf97986 --- /dev/null +++ b/9.0/jdk21/corretto-alpine3.17/Dockerfile @@ -0,0 +1,132 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:21-alpine3.17-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk21/corretto-alpine3.18/Dockerfile b/9.0/jdk21/corretto-alpine3.18/Dockerfile new file mode 100644 index 000000000..1cc920bbd --- /dev/null +++ b/9.0/jdk21/corretto-alpine3.18/Dockerfile @@ -0,0 +1,132 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:21-alpine3.18-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk21/corretto-alpine3.19/Dockerfile b/9.0/jdk21/corretto-alpine3.19/Dockerfile new file mode 100644 index 000000000..30b7871d1 --- /dev/null +++ b/9.0/jdk21/corretto-alpine3.19/Dockerfile @@ -0,0 +1,132 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:21-alpine3.19-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk21/sapmachine/Dockerfile b/9.0/jdk21/sapmachine/Dockerfile new file mode 100644 index 000000000..20045a73f --- /dev/null +++ b/9.0/jdk21/sapmachine/Dockerfile @@ -0,0 +1,146 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM sapmachine:21 + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk21/semeru-focal/Dockerfile b/9.0/jdk21/semeru-focal/Dockerfile new file mode 100644 index 000000000..094456603 --- /dev/null +++ b/9.0/jdk21/semeru-focal/Dockerfile @@ -0,0 +1,146 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-21-jdk-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk21/semeru-jammy/Dockerfile b/9.0/jdk21/semeru-jammy/Dockerfile new file mode 100644 index 000000000..cbe6af774 --- /dev/null +++ b/9.0/jdk21/semeru-jammy/Dockerfile @@ -0,0 +1,146 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-21-jdk-jammy + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk21/temurin-alpine/Dockerfile b/9.0/jdk21/temurin-alpine/Dockerfile new file mode 100644 index 000000000..a985c0a1a --- /dev/null +++ b/9.0/jdk21/temurin-alpine/Dockerfile @@ -0,0 +1,136 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:21-jdk-alpine + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk21/temurin-jammy/Dockerfile b/9.0/jdk21/temurin-jammy/Dockerfile index 986966806..6d1b44c36 100644 --- a/9.0/jdk21/temurin-jammy/Dockerfile +++ b/9.0/jdk21/temurin-jammy/Dockerfile @@ -103,6 +103,15 @@ RUN set -eux; \ rm -rf "$nativeBuildDir"; \ rm bin/tomcat-native.tar.gz; \ \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ # reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies apt-mark auto '.*' > /dev/null; \ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ @@ -120,15 +129,6 @@ RUN set -eux; \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ rm -rf /var/lib/apt/lists/*; \ \ -# sh removes env vars it doesn't support (ones with periods) -# https://github.com/docker-library/tomcat/issues/77 - find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ - \ -# fix permissions (especially for running as non-root) -# https://github.com/docker-library/tomcat/issues/35 - chmod -R +rX .; \ - chmod 1777 logs temp work; \ - \ # smoke test catalina.sh version diff --git a/9.0/jdk21/temurin-ubi9-minimal/Dockerfile b/9.0/jdk21/temurin-ubi9-minimal/Dockerfile new file mode 100644 index 000000000..c5c44e344 --- /dev/null +++ b/9.0/jdk21/temurin-ubi9-minimal/Dockerfile @@ -0,0 +1,159 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:21-jdk-ubi9-minimal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ +# removing dnf after it is installed gets really hairy, so we'll just live with it (since we need it for "dnf mark") + microdnf install -y dnf; \ +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ + local pkg todo=''; \ + for pkg; do \ + if ! rpm --query "$pkg" > /dev/null 2>&1; then \ + todo="$todo $pkg"; \ + fi; \ + done; \ + if [ -n "$todo" ]; then \ + set -x; \ + dnf install -y $todo; \ + dnf mark remove $todo; \ + fi; \ + ) }; \ + _install_temporary gzip tar; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + _install_temporary \ + apr-devel \ + findutils \ + gcc \ + make \ + openssl-devel \ +# "gcc: error: /usr/lib/rpm/redhat/redhat-hardened-cc1: No such file or directory" + redhat-rpm-config \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt rpm --query --whatprovides \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r dnf mark install \ + ; \ + \ +# clean up anything added temporarily and not later marked as necessary + dnf autoremove -y; \ + dnf clean all; \ + rm -rf /var/cache/dnf; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk22/corretto-al2023/Dockerfile b/9.0/jdk22/corretto-al2023/Dockerfile new file mode 100644 index 000000000..e92e4b692 --- /dev/null +++ b/9.0/jdk22/corretto-al2023/Dockerfile @@ -0,0 +1,153 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:22-al2023-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ + local pkg todo=''; \ + for pkg; do \ + if ! rpm --query "$pkg" > /dev/null 2>&1; then \ + todo="$todo $pkg"; \ + fi; \ + done; \ + if [ -n "$todo" ]; then \ + set -x; \ + dnf install -y $todo; \ + dnf mark remove $todo; \ + fi; \ + ) }; \ + _install_temporary gzip tar; \ +# gnupg2-minimal (installed by default) conflicts with gnupg2 and does not include dirmngr so cannot fetch keys + dnf install -y --allowerasing gnupg2; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + _install_temporary \ + apr-devel \ + findutils \ + gcc \ + make \ + openssl-devel \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt rpm --query --whatprovides \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r dnf mark install \ + ; \ + \ +# clean up anything added temporarily and not later marked as necessary + dnf autoremove -y; \ + dnf clean all; \ + rm -rf /var/cache/dnf; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk22/corretto-alpine3.16/Dockerfile b/9.0/jdk22/corretto-alpine3.16/Dockerfile new file mode 100644 index 000000000..c9ba3aa78 --- /dev/null +++ b/9.0/jdk22/corretto-alpine3.16/Dockerfile @@ -0,0 +1,132 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:22-alpine3.16-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk22/corretto-alpine3.17/Dockerfile b/9.0/jdk22/corretto-alpine3.17/Dockerfile new file mode 100644 index 000000000..c1cf5f17f --- /dev/null +++ b/9.0/jdk22/corretto-alpine3.17/Dockerfile @@ -0,0 +1,132 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:22-alpine3.17-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk22/corretto-alpine3.18/Dockerfile b/9.0/jdk22/corretto-alpine3.18/Dockerfile new file mode 100644 index 000000000..1d968f66b --- /dev/null +++ b/9.0/jdk22/corretto-alpine3.18/Dockerfile @@ -0,0 +1,132 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:22-alpine3.18-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk22/corretto-alpine3.19/Dockerfile b/9.0/jdk22/corretto-alpine3.19/Dockerfile new file mode 100644 index 000000000..67cc2554c --- /dev/null +++ b/9.0/jdk22/corretto-alpine3.19/Dockerfile @@ -0,0 +1,132 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:22-alpine3.19-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk22/sapmachine/Dockerfile b/9.0/jdk22/sapmachine/Dockerfile new file mode 100644 index 000000000..586e463ee --- /dev/null +++ b/9.0/jdk22/sapmachine/Dockerfile @@ -0,0 +1,146 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM sapmachine:22 + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk22/temurin-alpine/Dockerfile b/9.0/jdk22/temurin-alpine/Dockerfile new file mode 100644 index 000000000..af359d15b --- /dev/null +++ b/9.0/jdk22/temurin-alpine/Dockerfile @@ -0,0 +1,136 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:22-jdk-alpine + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk22/temurin-jammy/Dockerfile b/9.0/jdk22/temurin-jammy/Dockerfile new file mode 100644 index 000000000..1c32acfa4 --- /dev/null +++ b/9.0/jdk22/temurin-jammy/Dockerfile @@ -0,0 +1,150 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:22-jdk-jammy + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk22/temurin-ubi9-minimal/Dockerfile b/9.0/jdk22/temurin-ubi9-minimal/Dockerfile new file mode 100644 index 000000000..8878e46c8 --- /dev/null +++ b/9.0/jdk22/temurin-ubi9-minimal/Dockerfile @@ -0,0 +1,159 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:22-jdk-ubi9-minimal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ +# removing dnf after it is installed gets really hairy, so we'll just live with it (since we need it for "dnf mark") + microdnf install -y dnf; \ +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ + local pkg todo=''; \ + for pkg; do \ + if ! rpm --query "$pkg" > /dev/null 2>&1; then \ + todo="$todo $pkg"; \ + fi; \ + done; \ + if [ -n "$todo" ]; then \ + set -x; \ + dnf install -y $todo; \ + dnf mark remove $todo; \ + fi; \ + ) }; \ + _install_temporary gzip tar; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + _install_temporary \ + apr-devel \ + findutils \ + gcc \ + make \ + openssl-devel \ +# "gcc: error: /usr/lib/rpm/redhat/redhat-hardened-cc1: No such file or directory" + redhat-rpm-config \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt rpm --query --whatprovides \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r dnf mark install \ + ; \ + \ +# clean up anything added temporarily and not later marked as necessary + dnf autoremove -y; \ + dnf clean all; \ + rm -rf /var/cache/dnf; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk23/openjdk-bookworm/Dockerfile b/9.0/jdk23/openjdk-bookworm/Dockerfile new file mode 100644 index 000000000..bbd444912 --- /dev/null +++ b/9.0/jdk23/openjdk-bookworm/Dockerfile @@ -0,0 +1,146 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM openjdk:23-jdk-bookworm + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk23/openjdk-bullseye/Dockerfile b/9.0/jdk23/openjdk-bullseye/Dockerfile new file mode 100644 index 000000000..a4765c9d6 --- /dev/null +++ b/9.0/jdk23/openjdk-bullseye/Dockerfile @@ -0,0 +1,146 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM openjdk:23-jdk-bullseye + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk23/openjdk-oraclelinux8/Dockerfile b/9.0/jdk23/openjdk-oraclelinux8/Dockerfile new file mode 100644 index 000000000..adbaff294 --- /dev/null +++ b/9.0/jdk23/openjdk-oraclelinux8/Dockerfile @@ -0,0 +1,155 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM openjdk:23-jdk-oraclelinux8 + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ +# removing dnf after it is installed gets really hairy, so we'll just live with it (since we need it for "dnf mark") + microdnf install -y dnf; \ +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ + local pkg todo=''; \ + for pkg; do \ + if ! rpm --query "$pkg" > /dev/null 2>&1; then \ + todo="$todo $pkg"; \ + fi; \ + done; \ + if [ -n "$todo" ]; then \ + set -x; \ + dnf install -y $todo; \ + dnf mark remove $todo; \ + fi; \ + ) }; \ + _install_temporary gzip tar; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + _install_temporary \ + apr-devel \ + findutils \ + gcc \ + make \ + openssl-devel \ +# "gcc: error: /usr/lib/rpm/redhat/redhat-hardened-cc1: No such file or directory" + redhat-rpm-config \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt rpm --query --whatprovides \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r dnf mark install \ + ; \ + \ +# clean up anything added temporarily and not later marked as necessary + dnf autoremove -y; \ + dnf clean all; \ + rm -rf /var/cache/dnf; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk23/openjdk-oraclelinux9/Dockerfile b/9.0/jdk23/openjdk-oraclelinux9/Dockerfile new file mode 100644 index 000000000..d0e3137b9 --- /dev/null +++ b/9.0/jdk23/openjdk-oraclelinux9/Dockerfile @@ -0,0 +1,155 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM openjdk:23-jdk-oraclelinux9 + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ +# removing dnf after it is installed gets really hairy, so we'll just live with it (since we need it for "dnf mark") + microdnf install -y dnf; \ +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ + local pkg todo=''; \ + for pkg; do \ + if ! rpm --query "$pkg" > /dev/null 2>&1; then \ + todo="$todo $pkg"; \ + fi; \ + done; \ + if [ -n "$todo" ]; then \ + set -x; \ + dnf install -y $todo; \ + dnf mark remove $todo; \ + fi; \ + ) }; \ + _install_temporary gzip tar; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + _install_temporary \ + apr-devel \ + findutils \ + gcc \ + make \ + openssl-devel \ +# "gcc: error: /usr/lib/rpm/redhat/redhat-hardened-cc1: No such file or directory" + redhat-rpm-config \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt rpm --query --whatprovides \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r dnf mark install \ + ; \ + \ +# clean up anything added temporarily and not later marked as necessary + dnf autoremove -y; \ + dnf clean all; \ + rm -rf /var/cache/dnf; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk23/openjdk-slim-bookworm/Dockerfile b/9.0/jdk23/openjdk-slim-bookworm/Dockerfile new file mode 100644 index 000000000..fe9f8d488 --- /dev/null +++ b/9.0/jdk23/openjdk-slim-bookworm/Dockerfile @@ -0,0 +1,146 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM openjdk:23-jdk-slim-bookworm + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk23/openjdk-slim-bullseye/Dockerfile b/9.0/jdk23/openjdk-slim-bullseye/Dockerfile new file mode 100644 index 000000000..ef5e99e77 --- /dev/null +++ b/9.0/jdk23/openjdk-slim-bullseye/Dockerfile @@ -0,0 +1,146 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM openjdk:23-jdk-slim-bullseye + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk8/corretto-al2/Dockerfile b/9.0/jdk8/corretto-al2/Dockerfile index 6039b749d..cca4fad72 100644 --- a/9.0/jdk8/corretto-al2/Dockerfile +++ b/9.0/jdk8/corretto-al2/Dockerfile @@ -30,8 +30,8 @@ RUN set -eux; \ yum install -y --setopt=skip_missing_names_on_install=False yum-utils; \ yumdb set reason dep yum-utils; \ fi; \ -# a helper function to "yum install" things, but only if they aren't installed (and to set their "reason" to "dep" so "yum autoremove" can purge them for us) - _yum_install_temporary() { ( set -eu +x; \ +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ local pkg todo=''; \ for pkg; do \ if ! rpm --query "$pkg" > /dev/null 2>&1; then \ @@ -44,7 +44,7 @@ RUN set -eux; \ yumdb set reason dep $todo; \ fi; \ ) }; \ - _yum_install_temporary gzip tar; \ + _install_temporary gzip tar; \ \ ddist() { \ local f="$1"; shift; \ @@ -88,8 +88,9 @@ RUN set -eux; \ \ nativeBuildDir="$(mktemp -d)"; \ tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ - _yum_install_temporary \ + _install_temporary \ apr-devel \ + findutils \ gcc \ make \ openssl11-devel \ @@ -112,6 +113,15 @@ RUN set -eux; \ rm -rf "$nativeBuildDir"; \ rm bin/tomcat-native.tar.gz; \ \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ # mark any explicit dependencies as manually installed find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ @@ -128,15 +138,6 @@ RUN set -eux; \ yum clean all; \ rm -rf /var/cache/yum; \ \ -# sh removes env vars it doesn't support (ones with periods) -# https://github.com/docker-library/tomcat/issues/77 - find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ - \ -# fix permissions (especially for running as non-root) -# https://github.com/docker-library/tomcat/issues/35 - chmod -R +rX .; \ - chmod 1777 logs temp work; \ - \ # smoke test catalina.sh version diff --git a/9.0/jdk8/corretto-al2023/Dockerfile b/9.0/jdk8/corretto-al2023/Dockerfile new file mode 100644 index 000000000..0d8937f00 --- /dev/null +++ b/9.0/jdk8/corretto-al2023/Dockerfile @@ -0,0 +1,153 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:8-al2023-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ + local pkg todo=''; \ + for pkg; do \ + if ! rpm --query "$pkg" > /dev/null 2>&1; then \ + todo="$todo $pkg"; \ + fi; \ + done; \ + if [ -n "$todo" ]; then \ + set -x; \ + dnf install -y $todo; \ + dnf mark remove $todo; \ + fi; \ + ) }; \ + _install_temporary gzip tar; \ +# gnupg2-minimal (installed by default) conflicts with gnupg2 and does not include dirmngr so cannot fetch keys + dnf install -y --allowerasing gnupg2; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + _install_temporary \ + apr-devel \ + findutils \ + gcc \ + make \ + openssl-devel \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt rpm --query --whatprovides \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r dnf mark install \ + ; \ + \ +# clean up anything added temporarily and not later marked as necessary + dnf autoremove -y; \ + dnf clean all; \ + rm -rf /var/cache/dnf; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk8/corretto-alpine3.16/Dockerfile b/9.0/jdk8/corretto-alpine3.16/Dockerfile new file mode 100644 index 000000000..2fe3812b0 --- /dev/null +++ b/9.0/jdk8/corretto-alpine3.16/Dockerfile @@ -0,0 +1,132 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:8-alpine3.16-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk8/corretto-alpine3.17/Dockerfile b/9.0/jdk8/corretto-alpine3.17/Dockerfile new file mode 100644 index 000000000..181d860f4 --- /dev/null +++ b/9.0/jdk8/corretto-alpine3.17/Dockerfile @@ -0,0 +1,132 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:8-alpine3.17-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk8/corretto-alpine3.18/Dockerfile b/9.0/jdk8/corretto-alpine3.18/Dockerfile new file mode 100644 index 000000000..af4770e96 --- /dev/null +++ b/9.0/jdk8/corretto-alpine3.18/Dockerfile @@ -0,0 +1,132 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:8-alpine3.18-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk8/corretto-alpine3.19/Dockerfile b/9.0/jdk8/corretto-alpine3.19/Dockerfile new file mode 100644 index 000000000..e4a45f3a1 --- /dev/null +++ b/9.0/jdk8/corretto-alpine3.19/Dockerfile @@ -0,0 +1,132 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:8-alpine3.19-jdk + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk8/semeru-focal/Dockerfile b/9.0/jdk8/semeru-focal/Dockerfile new file mode 100644 index 000000000..710fd5dc9 --- /dev/null +++ b/9.0/jdk8/semeru-focal/Dockerfile @@ -0,0 +1,146 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-8-jdk-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk8/semeru-jammy/Dockerfile b/9.0/jdk8/semeru-jammy/Dockerfile new file mode 100644 index 000000000..f469ae212 --- /dev/null +++ b/9.0/jdk8/semeru-jammy/Dockerfile @@ -0,0 +1,146 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-8-jdk-jammy + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk8/temurin-alpine/Dockerfile b/9.0/jdk8/temurin-alpine/Dockerfile new file mode 100644 index 000000000..4a86c2649 --- /dev/null +++ b/9.0/jdk8/temurin-alpine/Dockerfile @@ -0,0 +1,136 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:8-jdk-alpine + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .fetch-deps gnupg; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if wget -O "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk8/temurin-focal/Dockerfile b/9.0/jdk8/temurin-focal/Dockerfile index 236016d4e..67ad6ab36 100644 --- a/9.0/jdk8/temurin-focal/Dockerfile +++ b/9.0/jdk8/temurin-focal/Dockerfile @@ -103,6 +103,15 @@ RUN set -eux; \ rm -rf "$nativeBuildDir"; \ rm bin/tomcat-native.tar.gz; \ \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ # reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies apt-mark auto '.*' > /dev/null; \ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ @@ -120,15 +129,6 @@ RUN set -eux; \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ rm -rf /var/lib/apt/lists/*; \ \ -# sh removes env vars it doesn't support (ones with periods) -# https://github.com/docker-library/tomcat/issues/77 - find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ - \ -# fix permissions (especially for running as non-root) -# https://github.com/docker-library/tomcat/issues/35 - chmod -R +rX .; \ - chmod 1777 logs temp work; \ - \ # smoke test catalina.sh version diff --git a/9.0/jdk8/temurin-jammy/Dockerfile b/9.0/jdk8/temurin-jammy/Dockerfile index 1c04aa2ff..4c9540c40 100644 --- a/9.0/jdk8/temurin-jammy/Dockerfile +++ b/9.0/jdk8/temurin-jammy/Dockerfile @@ -103,6 +103,15 @@ RUN set -eux; \ rm -rf "$nativeBuildDir"; \ rm bin/tomcat-native.tar.gz; \ \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ # reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies apt-mark auto '.*' > /dev/null; \ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ @@ -120,15 +129,6 @@ RUN set -eux; \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ rm -rf /var/lib/apt/lists/*; \ \ -# sh removes env vars it doesn't support (ones with periods) -# https://github.com/docker-library/tomcat/issues/77 - find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ - \ -# fix permissions (especially for running as non-root) -# https://github.com/docker-library/tomcat/issues/35 - chmod -R +rX .; \ - chmod 1777 logs temp work; \ - \ # smoke test catalina.sh version diff --git a/9.0/jdk8/temurin-ubi9-minimal/Dockerfile b/9.0/jdk8/temurin-ubi9-minimal/Dockerfile new file mode 100644 index 000000000..fbfbfaafe --- /dev/null +++ b/9.0/jdk8/temurin-ubi9-minimal/Dockerfile @@ -0,0 +1,159 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:8-jdk-ubi9-minimal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +RUN set -eux; \ + \ +# removing dnf after it is installed gets really hairy, so we'll just live with it (since we need it for "dnf mark") + microdnf install -y dnf; \ +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ + local pkg todo=''; \ + for pkg; do \ + if ! rpm --query "$pkg" > /dev/null 2>&1; then \ + todo="$todo $pkg"; \ + fi; \ + done; \ + if [ -n "$todo" ]; then \ + set -x; \ + dnf install -y $todo; \ + dnf mark remove $todo; \ + fi; \ + ) }; \ + _install_temporary gzip tar; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + _install_temporary \ + apr-devel \ + findutils \ + gcc \ + make \ + openssl-devel \ +# "gcc: error: /usr/lib/rpm/redhat/redhat-hardened-cc1: No such file or directory" + redhat-rpm-config \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# mark any explicit dependencies as manually installed + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ && $(NF-1) != "=>" { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt rpm --query --whatprovides \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r dnf mark install \ + ; \ + \ +# clean up anything added temporarily and not later marked as necessary + dnf autoremove -y; \ + dnf clean all; \ + rm -rf /var/cache/dnf; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/9.0/jre11/semeru-focal/Dockerfile b/9.0/jre11/semeru-focal/Dockerfile new file mode 100644 index 000000000..a38cf8cad --- /dev/null +++ b/9.0/jre11/semeru-focal/Dockerfile @@ -0,0 +1,43 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-11-jre-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +COPY --from=tomcat:9.0.87-jdk11-semeru-focal $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jre11/semeru-jammy/Dockerfile b/9.0/jre11/semeru-jammy/Dockerfile new file mode 100644 index 000000000..1ecb44788 --- /dev/null +++ b/9.0/jre11/semeru-jammy/Dockerfile @@ -0,0 +1,43 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-11-jre-jammy + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +COPY --from=tomcat:9.0.87-jdk11-semeru-jammy $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jre11/temurin-alpine/Dockerfile b/9.0/jre11/temurin-alpine/Dockerfile new file mode 100644 index 000000000..bb447cfa3 --- /dev/null +++ b/9.0/jre11/temurin-alpine/Dockerfile @@ -0,0 +1,46 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:11-jre-alpine + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +COPY --from=tomcat:9.0.87-jdk11-temurin-alpine $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + deps="$(cat "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt")"; \ + apk add --no-cache --virtual .tomcat-native-deps $deps + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/9.0/jre11/temurin-ubi9-minimal/Dockerfile b/9.0/jre11/temurin-ubi9-minimal/Dockerfile new file mode 100644 index 000000000..ff32dc2c0 --- /dev/null +++ b/9.0/jre11/temurin-ubi9-minimal/Dockerfile @@ -0,0 +1,49 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:11-jre-ubi9-minimal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +COPY --from=tomcat:9.0.87-jdk11-temurin-ubi9-minimal $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ +# no xargs in al20XX and ubiX-minimal /o\ + deps="$(cat "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt")"; \ + microdnf install -y $deps; \ + microdnf clean all; \ + rm -rf /var/cache/dnf + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/9.0/jre17/semeru-focal/Dockerfile b/9.0/jre17/semeru-focal/Dockerfile new file mode 100644 index 000000000..f3d7ab111 --- /dev/null +++ b/9.0/jre17/semeru-focal/Dockerfile @@ -0,0 +1,43 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-17-jre-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +COPY --from=tomcat:9.0.87-jdk17-semeru-focal $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jre17/semeru-jammy/Dockerfile b/9.0/jre17/semeru-jammy/Dockerfile new file mode 100644 index 000000000..dcc8e7223 --- /dev/null +++ b/9.0/jre17/semeru-jammy/Dockerfile @@ -0,0 +1,43 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-17-jre-jammy + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +COPY --from=tomcat:9.0.87-jdk17-semeru-jammy $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jre17/temurin-alpine/Dockerfile b/9.0/jre17/temurin-alpine/Dockerfile new file mode 100644 index 000000000..d95a8e5f3 --- /dev/null +++ b/9.0/jre17/temurin-alpine/Dockerfile @@ -0,0 +1,46 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:17-jre-alpine + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +COPY --from=tomcat:9.0.87-jdk17-temurin-alpine $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + deps="$(cat "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt")"; \ + apk add --no-cache --virtual .tomcat-native-deps $deps + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/9.0/jre17/temurin-ubi9-minimal/Dockerfile b/9.0/jre17/temurin-ubi9-minimal/Dockerfile new file mode 100644 index 000000000..d90744c28 --- /dev/null +++ b/9.0/jre17/temurin-ubi9-minimal/Dockerfile @@ -0,0 +1,49 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:17-jre-ubi9-minimal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +COPY --from=tomcat:9.0.87-jdk17-temurin-ubi9-minimal $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ +# no xargs in al20XX and ubiX-minimal /o\ + deps="$(cat "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt")"; \ + microdnf install -y $deps; \ + microdnf clean all; \ + rm -rf /var/cache/dnf + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/9.0/jre21/semeru-focal/Dockerfile b/9.0/jre21/semeru-focal/Dockerfile new file mode 100644 index 000000000..cb5502af3 --- /dev/null +++ b/9.0/jre21/semeru-focal/Dockerfile @@ -0,0 +1,43 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-21-jre-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +COPY --from=tomcat:9.0.87-jdk21-semeru-focal $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jre21/semeru-jammy/Dockerfile b/9.0/jre21/semeru-jammy/Dockerfile new file mode 100644 index 000000000..9d42c8807 --- /dev/null +++ b/9.0/jre21/semeru-jammy/Dockerfile @@ -0,0 +1,43 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-21-jre-jammy + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +COPY --from=tomcat:9.0.87-jdk21-semeru-jammy $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jre21/temurin-alpine/Dockerfile b/9.0/jre21/temurin-alpine/Dockerfile new file mode 100644 index 000000000..cb146aea1 --- /dev/null +++ b/9.0/jre21/temurin-alpine/Dockerfile @@ -0,0 +1,46 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:21-jre-alpine + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +COPY --from=tomcat:9.0.87-jdk21-temurin-alpine $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + deps="$(cat "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt")"; \ + apk add --no-cache --virtual .tomcat-native-deps $deps + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/9.0/jre21/temurin-ubi9-minimal/Dockerfile b/9.0/jre21/temurin-ubi9-minimal/Dockerfile new file mode 100644 index 000000000..2547adcad --- /dev/null +++ b/9.0/jre21/temurin-ubi9-minimal/Dockerfile @@ -0,0 +1,49 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:21-jre-ubi9-minimal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +COPY --from=tomcat:9.0.87-jdk21-temurin-ubi9-minimal $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ +# no xargs in al20XX and ubiX-minimal /o\ + deps="$(cat "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt")"; \ + microdnf install -y $deps; \ + microdnf clean all; \ + rm -rf /var/cache/dnf + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/9.0/jre22/temurin-alpine/Dockerfile b/9.0/jre22/temurin-alpine/Dockerfile new file mode 100644 index 000000000..a9750553f --- /dev/null +++ b/9.0/jre22/temurin-alpine/Dockerfile @@ -0,0 +1,46 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:22-jre-alpine + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +COPY --from=tomcat:9.0.87-jdk22-temurin-alpine $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + deps="$(cat "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt")"; \ + apk add --no-cache --virtual .tomcat-native-deps $deps + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/9.0/jre22/temurin-jammy/Dockerfile b/9.0/jre22/temurin-jammy/Dockerfile new file mode 100644 index 000000000..b332ac841 --- /dev/null +++ b/9.0/jre22/temurin-jammy/Dockerfile @@ -0,0 +1,47 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:22-jre-jammy + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +COPY --from=tomcat:9.0.87-jdk22-temurin-jammy $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/9.0/jre22/temurin-ubi9-minimal/Dockerfile b/9.0/jre22/temurin-ubi9-minimal/Dockerfile new file mode 100644 index 000000000..b388cee26 --- /dev/null +++ b/9.0/jre22/temurin-ubi9-minimal/Dockerfile @@ -0,0 +1,49 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:22-jre-ubi9-minimal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +COPY --from=tomcat:9.0.87-jdk22-temurin-ubi9-minimal $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ +# no xargs in al20XX and ubiX-minimal /o\ + deps="$(cat "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt")"; \ + microdnf install -y $deps; \ + microdnf clean all; \ + rm -rf /var/cache/dnf + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/9.0/jre8/corretto-al2023/Dockerfile b/9.0/jre8/corretto-al2023/Dockerfile new file mode 100644 index 000000000..2c0f6325d --- /dev/null +++ b/9.0/jre8/corretto-al2023/Dockerfile @@ -0,0 +1,45 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:8-al2023-jre + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +COPY --from=tomcat:9.0.87-jdk8-corretto-al2023 $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ +# no xargs in al20XX and ubiX-minimal /o\ + deps="$(cat "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt")"; \ + dnf install -y $deps; \ + dnf clean all; \ + rm -rf /var/cache/dnf + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jre8/corretto-alpine3.16/Dockerfile b/9.0/jre8/corretto-alpine3.16/Dockerfile new file mode 100644 index 000000000..2c841b3d7 --- /dev/null +++ b/9.0/jre8/corretto-alpine3.16/Dockerfile @@ -0,0 +1,42 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:8-alpine3.16-jre + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +COPY --from=tomcat:9.0.87-jdk8-corretto-alpine3.16 $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + deps="$(cat "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt")"; \ + apk add --no-cache --virtual .tomcat-native-deps $deps + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jre8/corretto-alpine3.17/Dockerfile b/9.0/jre8/corretto-alpine3.17/Dockerfile new file mode 100644 index 000000000..e39dcb51e --- /dev/null +++ b/9.0/jre8/corretto-alpine3.17/Dockerfile @@ -0,0 +1,42 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:8-alpine3.17-jre + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +COPY --from=tomcat:9.0.87-jdk8-corretto-alpine3.17 $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + deps="$(cat "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt")"; \ + apk add --no-cache --virtual .tomcat-native-deps $deps + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jre8/corretto-alpine3.18/Dockerfile b/9.0/jre8/corretto-alpine3.18/Dockerfile new file mode 100644 index 000000000..bb8109841 --- /dev/null +++ b/9.0/jre8/corretto-alpine3.18/Dockerfile @@ -0,0 +1,42 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:8-alpine3.18-jre + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +COPY --from=tomcat:9.0.87-jdk8-corretto-alpine3.18 $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + deps="$(cat "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt")"; \ + apk add --no-cache --virtual .tomcat-native-deps $deps + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jre8/corretto-alpine3.19/Dockerfile b/9.0/jre8/corretto-alpine3.19/Dockerfile new file mode 100644 index 000000000..46aa091aa --- /dev/null +++ b/9.0/jre8/corretto-alpine3.19/Dockerfile @@ -0,0 +1,42 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM amazoncorretto:8-alpine3.19-jre + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +COPY --from=tomcat:9.0.87-jdk8-corretto-alpine3.19 $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + deps="$(cat "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt")"; \ + apk add --no-cache --virtual .tomcat-native-deps $deps + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jre8/semeru-focal/Dockerfile b/9.0/jre8/semeru-focal/Dockerfile new file mode 100644 index 000000000..2e148bdfc --- /dev/null +++ b/9.0/jre8/semeru-focal/Dockerfile @@ -0,0 +1,43 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-8-jre-focal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +COPY --from=tomcat:9.0.87-jdk8-semeru-focal $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jre8/semeru-jammy/Dockerfile b/9.0/jre8/semeru-jammy/Dockerfile new file mode 100644 index 000000000..1550e89da --- /dev/null +++ b/9.0/jre8/semeru-jammy/Dockerfile @@ -0,0 +1,43 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ibm-semeru-runtimes:open-8-jre-jammy + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +COPY --from=tomcat:9.0.87-jdk8-semeru-jammy $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 +CMD ["catalina.sh", "run"] diff --git a/9.0/jre8/temurin-alpine/Dockerfile b/9.0/jre8/temurin-alpine/Dockerfile new file mode 100644 index 000000000..449893ad6 --- /dev/null +++ b/9.0/jre8/temurin-alpine/Dockerfile @@ -0,0 +1,46 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:8-jre-alpine + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +COPY --from=tomcat:9.0.87-jdk8-temurin-alpine $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + deps="$(cat "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt")"; \ + apk add --no-cache --virtual .tomcat-native-deps $deps + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/9.0/jre8/temurin-ubi9-minimal/Dockerfile b/9.0/jre8/temurin-ubi9-minimal/Dockerfile new file mode 100644 index 000000000..66eba4198 --- /dev/null +++ b/9.0/jre8/temurin-ubi9-minimal/Dockerfile @@ -0,0 +1,49 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:8-jre-ubi9-minimal + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.87 +ENV TOMCAT_SHA512 71a64fe805aab89ef4798571d860a3c9a4f751f808921559a9249305abb205836de33ab89bb33b625a77f799f193d6bffbe94aadf293866df756d708f5bfb933 + +COPY --from=tomcat:9.0.87-jdk8-temurin-ubi9-minimal $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ +# no xargs in al20XX and ubiX-minimal /o\ + deps="$(cat "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt")"; \ + microdnf install -y $deps; \ + microdnf clean all; \ + rm -rf /var/cache/dnf + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/Dockerfile.template b/Dockerfile.template index c288f7c9a..7a2be6b7e 100644 --- a/Dockerfile.template +++ b/Dockerfile.template @@ -63,14 +63,25 @@ RUN set -eux; \ curl \ gnupg \ ; \ +{{ ) elif is_alpine then ( -}} + apk add --no-cache --virtual .fetch-deps gnupg; \ {{ ) else ( -}} +{{ if is_yum then ( -}} # http://yum.baseurl.org/wiki/YumDB.html if ! command -v yumdb > /dev/null; then \ yum install -y --setopt=skip_missing_names_on_install=False yum-utils; \ yumdb set reason dep yum-utils; \ fi; \ -# a helper function to "yum install" things, but only if they aren't installed (and to set their "reason" to "dep" so "yum autoremove" can purge them for us) - _yum_install_temporary() { ( set -eu +x; \ +{{ if vendor_variant | contains("oraclelinux7") then ( -}} +# TODO there's an odd bug on Oracle Linux where installing "cpp" (which gets pulled in as a dependency of "gcc") and then marking it as automatically-installed will result in the "filesystem" package being removed during "yum autoremove" (which then fails), so we set it as manually-installed to compensate + yumdb set reason user filesystem; \ +{{ ) else "" end -}} +{{ ) elif vendor_variant | variant_is_microdnf then ( -}} +# removing dnf after it is installed gets really hairy, so we'll just live with it (since we need it for "dnf mark") + microdnf install -y dnf; \ +{{ ) else "" end -}} +# a helper function to install things, but only if they aren't installed (and to mark them so "autoremove" can purge them for us) + _install_temporary() { ( set -eu +x; \ local pkg todo=''; \ for pkg; do \ if ! rpm --query "$pkg" > /dev/null 2>&1; then \ @@ -79,11 +90,20 @@ RUN set -eux; \ done; \ if [ -n "$todo" ]; then \ set -x; \ +{{ if is_yum then ( -}} yum install -y --setopt=skip_missing_names_on_install=False $todo; \ yumdb set reason dep $todo; \ +{{ ) else ( -}} + dnf install -y $todo; \ + dnf mark remove $todo; \ +{{ ) end -}} fi; \ ) }; \ - _yum_install_temporary gzip tar; \ + _install_temporary gzip tar; \ +{{ if vendor_variant | contains("al20") then ( -}} +# gnupg2-minimal (installed by default) conflicts with gnupg2 and does not include dirmngr so cannot fetch keys + dnf install -y --allowerasing gnupg2; \ +{{ ) else "" end -}} {{ ) end -}} \ ddist() { \ @@ -100,7 +120,7 @@ RUN set -eux; \ # if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ ; do \ - if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + if {{ if is_alpine then "wget -O" else "curl -fL -o" end }} "$f" "$distUrl" && [ -s "$f" ]; then \ success=1; \ break; \ fi; \ @@ -109,7 +129,7 @@ RUN set -eux; \ }; \ \ ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ - echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum {{ if is_alpine then "-c" else "--strict --check" end }} -; \ ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ export GNUPGHOME="$(mktemp -d)"; \ for key in $GPG_KEYS; do \ @@ -119,7 +139,7 @@ RUN set -eux; \ tar -xf tomcat.tar.gz --strip-components=1; \ rm bin/*.bat; \ rm tomcat.tar.gz*; \ -{{ if vendor_variant | contains("al2") then "" else ( -}} +{{ if vendor_variant | variant_is_al2 or contains("oraclelinux7") then "" else ( -}} gpgconf --kill all; \ {{ ) end -}} rm -rf "$GNUPGHOME"; \ @@ -139,23 +159,45 @@ RUN set -eux; \ libssl-dev \ make \ ; \ +{{ ) elif is_alpine then ( -}} + apk add --no-cache --virtual .build-deps \ + apr-dev \ + dpkg-dev dpkg \ + gcc \ + libc-dev \ + make \ +{{ if is_native_ge_2 then ( -}} + openssl3-dev \ +{{ ) else ( -}} + openssl-dev \ +{{ ) end -}} + ; \ {{ ) else ( -}} - _yum_install_temporary \ + _install_temporary \ apr-devel \ + findutils \ gcc \ make \ +{{ if vendor_variant | variant_is_al2 then ( -}} openssl11-devel \ +{{ ) else ( -}} + openssl-devel \ +{{ ) end -}} +{{ if vendor_variant | variant_is_microdnf then ( -}} +# "gcc: error: /usr/lib/rpm/redhat/redhat-hardened-cc1: No such file or directory" + redhat-rpm-config \ +{{ ) else "" end -}} ; \ {{ ) end -}} ( \ export CATALINA_HOME="$PWD"; \ cd "$nativeBuildDir/native"; \ -{{ if is_apt then ( -}} +{{ if is_apt or is_alpine then ( -}} gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ {{ ) else "" end -}} aprConfig="$(command -v apr-1-config)"; \ ./configure \ -{{ if is_apt then ( -}} +{{ if is_apt or is_alpine then ( -}} --build="$gnuArch" \ {{ ) else "" end -}} --libdir="$TOMCAT_NATIVE_LIBDIR" \ @@ -173,6 +215,17 @@ RUN set -eux; \ rm -rf "$nativeBuildDir"; \ rm bin/tomcat-native.tar.gz; \ \ +{{ if is_alpine then "" else ( -}} +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +{{ ) end -}} +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ {{ if is_apt then ( -}} # reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies apt-mark auto '.*' > /dev/null; \ @@ -190,6 +243,24 @@ RUN set -eux; \ \ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ rm -rf /var/lib/apt/lists/*; \ +{{ ) elif is_alpine then ( -}} +# mark any explicit dependencies as manually installed + deps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive "$TOMCAT_NATIVE_LIBDIR" \ + | tr ',' '\n' \ + | sort -u \ +{{ if is_native_ge_2 and (vendor_variant | contains("alpine3.15") or contains("alpine3.16")) then ( -}} +# https://git.alpinelinux.org/aports/tree/main/openssl3/APKBUILD?h=3.16-stable#n23 ("sonameprefix") +# see also "apk info --all libssl3" ("so:openssl3:so:libssl.so.3=3" under "provides:") + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { if ($1 ~ /libssl|libcrypto/) { print "so:openssl3:so:" $1 } else { print "so:" $1 } }' \ +{{ ) else ( -}} + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ +{{ ) end -}} + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + )"; \ + apk add --no-network --virtual .tomcat-native-deps $deps; \ + \ + apk del --no-network .fetch-deps .build-deps; \ {{ ) else ( -}} # mark any explicit dependencies as manually installed find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ @@ -199,24 +270,15 @@ RUN set -eux; \ | xargs -rt rpm --query --whatprovides \ | sort -u \ | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ - | xargs -r yumdb set reason user \ + | xargs -r {{ if is_yum then "yumdb set reason user" else "dnf mark install" end }} \ ; \ \ # clean up anything added temporarily and not later marked as necessary - yum autoremove -y; \ - yum clean all; \ - rm -rf /var/cache/yum; \ + {{ if is_yum then "yum" else "dnf" end }} autoremove -y; \ + {{ if is_yum then "yum" else "dnf" end }} clean all; \ + rm -rf /var/cache/{{ if is_yum then "yum" else "dnf" end }}; \ {{ ) end -}} \ -# sh removes env vars it doesn't support (ones with periods) -# https://github.com/docker-library/tomcat/issues/77 - find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ - \ -# fix permissions (especially for running as non-root) -# https://github.com/docker-library/tomcat/issues/35 - chmod -R +rX .; \ - chmod 1777 logs temp work; \ - \ # smoke test catalina.sh version {{ ) else ( -}} @@ -226,10 +288,19 @@ RUN set -eux; \ apt-get update; \ xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ rm -rf /var/lib/apt/lists/* +{{ ) elif is_alpine then ( -}} + deps="$(cat "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt")"; \ + apk add --no-cache --virtual .tomcat-native-deps $deps +{{ ) elif vendor_variant | contains("al20") or contains("ubi") then ( -}} +# no xargs in al20XX and ubiX-minimal /o\ + deps="$(cat "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt")"; \ + {{ if vendor_variant | variant_is_microdnf then "microdnf" else "dnf" end }} install -y $deps; \ + {{ if vendor_variant | variant_is_microdnf then "microdnf" else "dnf" end }} clean all; \ + rm -rf /var/cache/dnf {{ ) else ( -}} - xargs -rt yum install -y --setopt=skip_missing_names_on_install=False < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ - yum clean all; \ - rm -rf /var/cache/yum + xargs -rt {{ if is_yum then "yum" elif vendor_variant | variant_is_microdnf then "microdnf" else "dnf" end }} install -y{{ if is_yum then " --setopt=skip_missing_names_on_install=False" else "" end }} < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + {{ if is_yum then "yum" elif vendor_variant | variant_is_microdnf then "microdnf" else "dnf" end }} clean all; \ + rm -rf /var/cache/{{ if is_yum then "yum" else "dnf" end }} {{ ) end -}} {{ ) end -}} diff --git a/from.jq b/from.jq index 631ef8bd7..3b9ad4ae7 100644 --- a/from.jq +++ b/from.jq @@ -18,6 +18,10 @@ def from: "amazoncorretto:" + java_version + ltrimstr("corretto") + "-" + java_variant elif test("^openjdk-") then "openjdk:" + java_version + "-" + java_variant + ltrimstr("openjdk") + elif test("^sapmachine$") and java_variant == "jdk" then + "sapmachine:" + java_version + elif test("^semeru-") then + "ibm-semeru-runtimes:open-" + java_version + "-" + java_variant + ltrimstr("semeru") elif test("^temurin-") then "eclipse-temurin:" + java_version + "-" + java_variant + ltrimstr("temurin") else diff --git a/generate-stackbrew-library.sh b/generate-stackbrew-library.sh index 246acc9c1..ea3d68740 100755 --- a/generate-stackbrew-library.sh +++ b/generate-stackbrew-library.sh @@ -87,9 +87,10 @@ for version; do declare -A vendorAliases=() defaultTemurinVariant= for aliasToRegex in \ - 'corretto:^corretto-' \ - 'openjdk:openjdk-(?!slim)' 'openjdk-slim:^openjdk-slim' \ - 'temurin:^temurin-' \ + 'corretto:^corretto-(?!alpine)' 'corretto-alpine:^corretto-alpine' \ + 'openjdk:openjdk-(?!slim|alpine)' 'openjdk-slim:^openjdk-slim' 'openjdk-alpine:^openjdk-alpine' \ + 'semeru:^semeru-' \ + 'temurin:^temurin-(?!alpine)' 'temurin-alpine:^temurin-alpine' \ ; do alias="${aliasToRegex%%:*}" regex="${aliasToRegex#$alias:}" diff --git a/shared.jq b/shared.jq index 20a0a759b..632b0ca90 100644 --- a/shared.jq +++ b/shared.jq @@ -16,9 +16,26 @@ def is_supported_java_version(java): java >= 8 end ; +def is_alpine: + vendor_variant | contains("alpine") +; +def variant_is_al2: # NOT al20XX + contains("al2") and (contains("al20") | not) +; +def is_yum: + vendor_variant | ( + variant_is_al2 + or contains("oraclelinux7") + ) +; +def variant_is_microdnf: + contains("oraclelinux") or contains("ubi") +; def is_apt: vendor_variant | ( - contains("al2") + variant_is_microdnf + or contains("al2") + or contains("alpine") ) | not ; def is_native_ge_2: @@ -31,10 +48,13 @@ def has_openssl_ge_3(variant): # https://github.com/apache/tomcat-native/commit/f7930fa16f095717cfc641a8d24e60c343765adc variant | ( # amazonlinux - contains("al2") # corretto + variant_is_al2 # corretto # debian or contains("bullseye") # openjdk or contains("buster") # openjdk + # oraclelinux + or contains("oraclelinux7") # openjdk + or contains("oraclelinux8") # openjdk # ubuntu or contains("focal") # temurin ) | not diff --git a/versions.json b/versions.json index f039266a3..d050a511d 100644 --- a/versions.json +++ b/versions.json @@ -4,10 +4,61 @@ "variants": [ "jdk21/temurin-jammy", "jre21/temurin-jammy", + "jdk21/temurin-alpine", + "jre21/temurin-alpine", + "jdk21/temurin-ubi9-minimal", + "jre21/temurin-ubi9-minimal", + "jdk21/corretto-al2023", + "jdk21/corretto-alpine3.19", + "jdk21/corretto-alpine3.18", + "jdk21/corretto-alpine3.17", + "jdk21/corretto-alpine3.16", + "jdk21/sapmachine", + "jdk21/semeru-jammy", + "jre21/semeru-jammy", "jdk17/temurin-jammy", "jre17/temurin-jammy", + "jdk17/temurin-alpine", + "jre17/temurin-alpine", + "jdk17/temurin-ubi9-minimal", + "jre17/temurin-ubi9-minimal", + "jdk17/corretto-al2023", + "jdk17/corretto-alpine3.19", + "jdk17/corretto-alpine3.18", + "jdk17/corretto-alpine3.17", + "jdk17/corretto-alpine3.16", + "jdk17/sapmachine", + "jdk17/semeru-jammy", + "jre17/semeru-jammy", "jdk11/temurin-jammy", - "jre11/temurin-jammy" + "jre11/temurin-jammy", + "jdk11/temurin-alpine", + "jre11/temurin-alpine", + "jdk11/temurin-ubi9-minimal", + "jre11/temurin-ubi9-minimal", + "jdk11/corretto-al2023", + "jdk11/corretto-alpine3.19", + "jdk11/corretto-alpine3.18", + "jdk11/corretto-alpine3.17", + "jdk11/corretto-alpine3.16", + "jdk11/sapmachine", + "jdk11/semeru-jammy", + "jre11/semeru-jammy", + "jdk23/openjdk-bookworm", + "jdk23/openjdk-slim-bookworm", + "jdk23/openjdk-oraclelinux9", + "jdk22/temurin-jammy", + "jre22/temurin-jammy", + "jdk22/temurin-alpine", + "jre22/temurin-alpine", + "jdk22/temurin-ubi9-minimal", + "jre22/temurin-ubi9-minimal", + "jdk22/corretto-al2023", + "jdk22/corretto-alpine3.19", + "jdk22/corretto-alpine3.18", + "jdk22/corretto-alpine3.17", + "jdk22/corretto-alpine3.16", + "jdk22/sapmachine" ], "version": "10.1.20" }, @@ -15,7 +66,34 @@ "sha512": "ede300764e82166316f6bf0561a5469dfdfad118e90a8ea7644b834ce933760574df2fa54347b9bf5206049456d2cc17f06a3e5936838561ced5b022fe2c3053", "variants": [ "jdk21/temurin-jammy", - "jre21/temurin-jammy" + "jre21/temurin-jammy", + "jdk21/temurin-alpine", + "jre21/temurin-alpine", + "jdk21/temurin-ubi9-minimal", + "jre21/temurin-ubi9-minimal", + "jdk21/corretto-al2023", + "jdk21/corretto-alpine3.19", + "jdk21/corretto-alpine3.18", + "jdk21/corretto-alpine3.17", + "jdk21/corretto-alpine3.16", + "jdk21/sapmachine", + "jdk21/semeru-jammy", + "jre21/semeru-jammy", + "jdk23/openjdk-bookworm", + "jdk23/openjdk-slim-bookworm", + "jdk23/openjdk-oraclelinux9", + "jdk22/temurin-jammy", + "jre22/temurin-jammy", + "jdk22/temurin-alpine", + "jre22/temurin-alpine", + "jdk22/temurin-ubi9-minimal", + "jre22/temurin-ubi9-minimal", + "jdk22/corretto-al2023", + "jdk22/corretto-alpine3.19", + "jdk22/corretto-alpine3.18", + "jdk22/corretto-alpine3.17", + "jdk22/corretto-alpine3.16", + "jdk22/sapmachine" ], "version": "11.0.0-M18" }, @@ -24,22 +102,100 @@ "variants": [ "jdk21/temurin-jammy", "jre21/temurin-jammy", + "jdk21/temurin-alpine", + "jre21/temurin-alpine", + "jdk21/temurin-ubi9-minimal", + "jre21/temurin-ubi9-minimal", + "jdk21/corretto-al2023", "jdk21/corretto-al2", + "jdk21/corretto-alpine3.19", + "jdk21/corretto-alpine3.18", + "jdk21/corretto-alpine3.17", + "jdk21/corretto-alpine3.16", + "jdk21/sapmachine", + "jdk21/semeru-jammy", + "jre21/semeru-jammy", + "jdk21/semeru-focal", + "jre21/semeru-focal", "jdk17/temurin-jammy", "jre17/temurin-jammy", "jdk17/temurin-focal", "jre17/temurin-focal", + "jdk17/temurin-alpine", + "jre17/temurin-alpine", + "jdk17/temurin-ubi9-minimal", + "jre17/temurin-ubi9-minimal", + "jdk17/corretto-al2023", "jdk17/corretto-al2", + "jdk17/corretto-alpine3.19", + "jdk17/corretto-alpine3.18", + "jdk17/corretto-alpine3.17", + "jdk17/corretto-alpine3.16", + "jdk17/sapmachine", + "jdk17/semeru-jammy", + "jre17/semeru-jammy", + "jdk17/semeru-focal", + "jre17/semeru-focal", "jdk11/temurin-jammy", "jre11/temurin-jammy", "jdk11/temurin-focal", "jre11/temurin-focal", + "jdk11/temurin-alpine", + "jre11/temurin-alpine", + "jdk11/temurin-ubi9-minimal", + "jre11/temurin-ubi9-minimal", + "jdk11/corretto-al2023", "jdk11/corretto-al2", + "jdk11/corretto-alpine3.19", + "jdk11/corretto-alpine3.18", + "jdk11/corretto-alpine3.17", + "jdk11/corretto-alpine3.16", + "jdk11/sapmachine", + "jdk11/semeru-jammy", + "jre11/semeru-jammy", + "jdk11/semeru-focal", + "jre11/semeru-focal", "jdk8/temurin-jammy", "jre8/temurin-jammy", "jdk8/temurin-focal", "jre8/temurin-focal", - "jdk8/corretto-al2" + "jdk8/temurin-alpine", + "jre8/temurin-alpine", + "jdk8/temurin-ubi9-minimal", + "jre8/temurin-ubi9-minimal", + "jdk8/corretto-al2023", + "jre8/corretto-al2023", + "jdk8/corretto-al2", + "jdk8/corretto-alpine3.19", + "jre8/corretto-alpine3.19", + "jdk8/corretto-alpine3.18", + "jre8/corretto-alpine3.18", + "jdk8/corretto-alpine3.17", + "jre8/corretto-alpine3.17", + "jdk8/corretto-alpine3.16", + "jre8/corretto-alpine3.16", + "jdk8/semeru-jammy", + "jre8/semeru-jammy", + "jdk8/semeru-focal", + "jre8/semeru-focal", + "jdk23/openjdk-bookworm", + "jdk23/openjdk-bullseye", + "jdk23/openjdk-slim-bookworm", + "jdk23/openjdk-slim-bullseye", + "jdk23/openjdk-oraclelinux9", + "jdk23/openjdk-oraclelinux8", + "jdk22/temurin-jammy", + "jre22/temurin-jammy", + "jdk22/temurin-alpine", + "jre22/temurin-alpine", + "jdk22/temurin-ubi9-minimal", + "jre22/temurin-ubi9-minimal", + "jdk22/corretto-al2023", + "jdk22/corretto-alpine3.19", + "jdk22/corretto-alpine3.18", + "jdk22/corretto-alpine3.17", + "jdk22/corretto-alpine3.16", + "jdk22/sapmachine" ], "version": "9.0.87" } diff --git a/versions.sh b/versions.sh index d76818f38..f9eb8a5d6 100755 --- a/versions.sh +++ b/versions.sh @@ -26,12 +26,25 @@ _bashbrew_list() { } allVariants='[]' -for javaVersion in 21 17 11 8; do +# LTS versions in descending order followed by all other versions (also in descending order) +for javaVersion in \ + 21 \ + 17 \ + 11 \ + 8 \ + 23 \ + 22 \ + 20 \ + 19 \ + 18 \ +; do # Eclipse Temurin, followed by OpenJDK, and then all other variants alphabetically for vendorVariant in \ - temurin-{jammy,focal} \ - openjdk{,-slim}-{bookworm,bullseye,buster} \ - corretto-al2 \ + temurin-{jammy,focal,alpine,ubi9-minimal} \ + openjdk-{{,slim-}{bookworm,bullseye,buster},alpine{3.19,3.18,3.17,3.16},oraclelinux{9,8}} \ + corretto-{al2023,al2,alpine{3.19,3.18,3.17,3.16}} \ + sapmachine \ + semeru-{jammy,focal} \ ; do for javaVariant in {jdk,jre}"$javaVersion"; do export variant="$javaVariant/$vendorVariant"