-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile.05.manual
More file actions
106 lines (83 loc) · 3.53 KB
/
Dockerfile.05.manual
File metadata and controls
106 lines (83 loc) · 3.53 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
# ------------------------------------------------------------
# Stage: build
# Purpose: manual build using SDKMAN to install Java and Maven, then compile the app
# Base image: ubuntu:jammy (SDKMAN will install Java/Maven)
# Maven profile: -Pprod
# Artifact: target/hello-world-*-SNAPSHOT.jar
# Notes: BUILDER_UID/BUILDER_GID control file ownership; use --mount=type=cache for /home/builder/.m2
# ------------------------------------------------------------
FROM ubuntu:jammy AS stage-build
ARG JAVA_VERSION="21.0.2-tem"
ARG MAVEN_VERSION="3.9.6"
ARG BUILDER_UID=2000
ARG BUILDER_GID=2000
LABEL maintainer="Emmanuel Bruno <emmanuel.bruno@univ-tln.fr>"
LABEL description="Java Hello World Application - multi-stage build (SDKMAN)"
LABEL version="0.1.0-SNAPSHOT"
LABEL license="MIT"
# Install dependencies (as root)
RUN apt-get update && \
apt-get install --yes --quiet --no-install-recommends \
ca-certificates \
curl \
unzip \
zip \
bash && \
rm -rf /var/lib/apt/lists/*
# Create builder user with fixed UID/GID
RUN groupadd -g ${BUILDER_GID} builder \
&& useradd -m -u ${BUILDER_UID} -g builder -s /bin/bash builder
USER builder
ENV HOME=/home/builder
ENV SDKMAN_DIR="$HOME/.sdkman"
ENV PATH="$SDKMAN_DIR/bin:$SDKMAN_DIR/candidates/java/current/bin:$SDKMAN_DIR/candidates/maven/current/bin:$PATH"
SHELL ["/bin/bash", "-c"]
# Install SDKMAN + Java + Maven (as builder)
RUN curl -s "https://get.sdkman.io" | bash && \
source "$SDKMAN_DIR/bin/sdkman-init.sh" && \
sdk install java "$JAVA_VERSION" && \
sdk install maven "$MAVEN_VERSION" && \
rm -rf "$SDKMAN_DIR/archives/*" "$SDKMAN_DIR/tmp/*"
WORKDIR /app
# Copy wrapper
COPY --chown=builder:builder mvnw ./
COPY --chown=builder:builder .mvn .mvn
# Copy POM first
COPY --chown=builder:builder pom.xml ./
# Resolve dependencies using cache (correct UID/GID)
RUN --mount=type=cache,target=/home/builder/.m2,uid=${BUILDER_UID},gid=${BUILDER_GID} \
source "$SDKMAN_DIR/bin/sdkman-init.sh" && \
./mvnw --batch-mode dependency:resolve
# Copy source
COPY --chown=builder:builder src ./src
# Build
RUN --mount=type=cache,target=/home/builder/.m2,uid=${BUILDER_UID},gid=${BUILDER_GID} \
source "$SDKMAN_DIR/bin/sdkman-init.sh" && \
./mvnw --batch-mode -Pprod -DskipTests clean package
# ------------------------------------------------------------
# Stage: runtime
# Purpose: provide runtime using Temurin JRE with same UID/GID as build user
# Base image: eclipse-temurin:21.0.9_10-jre-noble
# Copies: /app/app.jar and /app/libs from build stage
# Notes: create runtime user with same UID/GID to avoid permission issues
# ------------------------------------------------------------
FROM eclipse-temurin:21.0.9_10-jre-noble AS stage-runtime
ARG BUILDER_UID=2000
ARG BUILDER_GID=2000
LABEL maintainer="Emmanuel Bruno <emmanuel.bruno@univ-tln.fr>"
LABEL description="Java Hello World Application - multi-stage runtime"
# Create same user in runtime (same UID/GID)
RUN groupadd -g ${BUILDER_GID} appuser \
&& useradd -m -u ${BUILDER_UID} -g appuser -s /bin/bash appuser
WORKDIR /app
COPY --from=stage-build /app/target/hello-world-*-SNAPSHOT.jar /app/app.jar
COPY --from=stage-build /app/target/libs /app/libs
RUN chown -R appuser:appuser /app
# Install generic entrypoint script and make executable
COPY entrypoint.sh /usr/local/bin/entrypoint.sh
RUN chmod +x /usr/local/bin/entrypoint.sh || true
USER appuser
ENV HOME=/home/appuser
ENV JAVA_OPTS="-XX:+UseContainerSupport -XX:MaxRAMPercentage=75.0"
# Use generic exec-form entrypoint
ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]