From a24f0bf39e2e60ec108e0dbed38086165c576e2d Mon Sep 17 00:00:00 2001 From: Esta Nagy Date: Fri, 15 Dec 2023 21:44:20 +0100 Subject: [PATCH] Swap base image to UBI9 Minimal (#160) - Updates Docker base image to JRE 17 UBI9 Minimal - Removes deprecated references from Gradle configuration Signed-off-by: Esta Nagy --- build.gradle | 38 +++++++++++++++++++------------------- src/docker/Dockerfile | 6 ++++-- 2 files changed, 23 insertions(+), 21 deletions(-) diff --git a/build.gradle b/build.gradle index 49ce025..611083c 100644 --- a/build.gradle +++ b/build.gradle @@ -61,30 +61,30 @@ java { sourceCompatibility = JavaVersion.VERSION_17 } -tasks.register('copyDockerfile', Copy) { +tasks.register("copyDockerfile", Copy) { inputs.file("src/docker/Dockerfile") - outputs.file("${buildDir}/docker/Dockerfile") + outputs.file(layout.buildDirectory.file("docker/Dockerfile").get().asFile) from file("src/docker/Dockerfile") - into file("${buildDir}/docker/") + into layout.buildDirectory.dir("docker").get().asFile rename { - 'Dockerfile' + "Dockerfile" } dependsOn(":build") } -tasks.register('prepareDocker', Copy) { +tasks.register("prepareDocker", Copy) { inputs.file(configurations.lowkey.asFileTree.singleFile) - outputs.file("${buildDir}/docker/lowkey-vault.jar") + outputs.file(layout.buildDirectory.file("docker/lowkey-vault.jar").get().asFile) from configurations.lowkey.asFileTree.singleFile - into file("${buildDir}/docker/") + into layout.buildDirectory.dir("docker").get().asFile rename { - 'lowkey-vault.jar' + "lowkey-vault.jar" } dependsOn(":copyDockerfile") } tasks.register('createDockerBuildx', Exec) { - workingDir "${buildDir}/docker/" + workingDir layout.buildDirectory.dir("docker").get().asFile commandLine "docker", "buildx", "create", "--use" @@ -96,12 +96,12 @@ tasks.register('createDockerBuildx', Exec) { dependsOn(":prepareDocker") } -tasks.register('buildDocker', Exec) { - inputs.dir("${buildDir}/docker/") - workingDir "${buildDir}/docker/" +tasks.register("buildDocker", Exec) { + inputs.dir(layout.buildDirectory.dir("docker").get().asFile) + workingDir layout.buildDirectory.dir("docker").get().asFile - commandLine "docker", "buildx", "build", "--platform", "linux/arm64,linux/amd64,linux/arm/v7", - "--pull", "-t", "nagyesta/lowkey-vault:${libs.versions.lowkeyVault.get()}-jammy", "." + commandLine "docker", "buildx", "build", "--platform", "linux/arm64,linux/amd64", + "--pull", "-t", "nagyesta/lowkey-vault:${libs.versions.lowkeyVault.get()}-ubi9-minimal", "." standardOutput = new ByteArrayOutputStream() ext.output = { @@ -110,12 +110,12 @@ tasks.register('buildDocker', Exec) { dependsOn(":createDockerBuildx") } -tasks.register('buildDockerPush', Exec) { - inputs.dir("${buildDir}/docker/") - workingDir "${buildDir}/docker/" +tasks.register("buildDockerPush", Exec) { + inputs.dir(layout.buildDirectory.dir("docker").get().asFile) + workingDir layout.buildDirectory.dir("docker").get().asFile - commandLine "docker", "buildx", "build", "--platform", "linux/arm64,linux/amd64,linux/arm/v7", - "--push", "-t", "nagyesta/lowkey-vault:${libs.versions.lowkeyVault.get()}-jammy", "." + commandLine "docker", "buildx", "build", "--platform", "linux/arm64,linux/amd64", + "--push", "-t", "nagyesta/lowkey-vault:${libs.versions.lowkeyVault.get()}-ubi9-minimal", "." standardOutput = new ByteArrayOutputStream() ext.output = { diff --git a/src/docker/Dockerfile b/src/docker/Dockerfile index a91ec63..2320af6 100644 --- a/src/docker/Dockerfile +++ b/src/docker/Dockerfile @@ -1,8 +1,10 @@ -FROM eclipse-temurin:17.0.9_9-jre-jammy +FROM eclipse-temurin:17.0.9_9-jre-ubi9-minimal LABEL maintainer="nagyesta@gmail.com" EXPOSE 8443:8443 ADD lowkey-vault.jar /lowkey-vault.jar -RUN addgroup --system lowkey && adduser --system lowkey --ingroup lowkey +RUN microdnf install shadow-utils +RUN groupadd -r -g 1000 lowkey \ + && useradd -r -u 1000 -g lowkey -m -d /opt/lowkey -s /bin/bash lowkey RUN chown -R lowkey:lowkey "/lowkey-vault.jar" RUN chmod 555 "/lowkey-vault.jar" RUN mkdir "/import"