60 строки
2.1 KiB
Docker
60 строки
2.1 KiB
Docker
ARG INSTALLER_IMAGE="mcr.microsoft.com/cbl-mariner/base/core"
|
|
ARG INSTALLER_TAG="2.0"
|
|
ARG BASE_IMAGE="mcr.microsoft.com/cbl-mariner/distroless/base"
|
|
ARG BASE_TAG="2.0"
|
|
|
|
FROM ${INSTALLER_IMAGE}:${INSTALLER_TAG} AS installer
|
|
|
|
ARG JDK_URL="https://aka.ms/download-jdk/microsoft-jdk-17-linux-ARCH.tar.gz"
|
|
|
|
# Add dynamically linked packages: zlib
|
|
# Distroless base image already has tzdata ca-certificates openssl glibc
|
|
# Create a non-root user and group (just like .NET's image)
|
|
RUN mkdir /staging \
|
|
&& tdnf update -y \
|
|
&& tdnf install -y --releasever=2.0 --installroot /staging zlib \
|
|
&& tdnf install -y gawk shadow-utils ca-certificates tar \
|
|
&& groupadd --system --gid=101 app \
|
|
&& adduser --uid 101 --gid 101 --shell /bin/false --system app \
|
|
&& install -d -m 0755 -o 101 -g 101 "/staging/home/app" \
|
|
&& rootOrAppRegex='^\(root\|app\):' \
|
|
&& cat /etc/passwd | grep $rootOrAppRegex > "/staging/etc/passwd" \
|
|
&& cat /etc/group | grep $rootOrAppRegex > "/staging/etc/group"
|
|
|
|
# Get JDK
|
|
RUN mkdir -p /usr/lib/jvm && \
|
|
if [ $(uname -m) = "x86_64" ]; then \
|
|
JDK_URL=${JDK_URL/ARCH/x64}; \
|
|
else \
|
|
JDK_URL=${JDK_URL/ARCH/aarch64}; \
|
|
fi && \
|
|
curl --silent -L ${JDK_URL} -o /jdk.tar.gz && \
|
|
tar -xzf /jdk.tar.gz -C / && \
|
|
rm /jdk.tar.gz && \
|
|
mv /jdk-1* /usr/jdk
|
|
|
|
# Clean up staging
|
|
RUN rm -rf /staging/etc/tdnf \
|
|
&& rm -rf /staging/run/* \
|
|
&& rm -rf /staging/var/cache/tdnf \
|
|
&& rm -rf /staging/var/lib/rpm \
|
|
&& rm -rf /staging/usr/share/doc \
|
|
&& rm -rf /staging/usr/share/man \
|
|
&& rm -rf /usr/jdk/man /usr/jdk/lib/src.zip \
|
|
&& find /staging/var/log -type f -size +0 -delete
|
|
|
|
FROM ${BASE_IMAGE}:${BASE_TAG}
|
|
|
|
LABEL "Author"="Microsoft"
|
|
LABEL "Support"="Microsoft OpenJDK Support <openjdk-support@microsoft.com>"
|
|
|
|
COPY --from=installer /staging/ /
|
|
COPY --from=installer /usr/jdk/ /usr/jdk/
|
|
COPY --from=installer --chown=101:101 /staging/home/app /home/app
|
|
|
|
ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8'
|
|
ENV JAVA_HOME=/usr/jdk
|
|
ENV PATH="$PATH:$JAVA_HOME/bin"
|
|
|
|
ENTRYPOINT [ "/usr/jdk/bin/java" ]
|