Skip to content

Commit

Permalink
refactor(docker): Modernize docker without liferay
Browse files Browse the repository at this point in the history 
- Docker now is direct based on Tomcat image
- Base system no need more special customizations as using default
  Tomcat definitions

Signed-off-by: Helio Chissini de Castro <[email protected]>
  • Loading branch information
@heliocastro
heliocastro committed Jul 14, 2024
1 parent 447c89c commit 8b68eff
Show file tree
Hide file tree
Showing 4 changed files with 22 additions and 188 deletions.
30 changes: 2 additions & 28 deletions .github/workflows/docker_deploy.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,32 +56,6 @@ jobs:
id: pom_version
run: |
echo "SW360_VERSION=$(mvn help:evaluate -Dexpression=revision -q -DforceStdout)" >> "$GITHUB_OUTPUT"
base_image:
name: SW360 Base image
runs-on: ubuntu-latest
permissions:
contents: read
packages: write

steps:
- name: Checkout default branch
uses: actions/checkout@v4
- name: Set environment variables
run: |
cat .versions >> $GITHUB_ENV
- name: Build base image
uses: heliocastro/docker-build-control@v1
with:
name: base
token: ${{ secrets.GITHUB_TOKEN }}
version: ${{ env.JAVA_VERSION }}-jdk-${{ env.UBUNTU_VERSION }}
invalidate-cache: ${{ inputs.invalidate-cache }}
debug: ${{ inputs.debug }}
build-args: |
LIFERAY_VERSION=${{ env.LIFERAY_VERSION }}
LIFERAY_SOURCE=${{ env.LIFERAY_SOURCE }}
JAVA_VERSION=${{ env.JAVA_VERSION }}
UBUNTU_VERSION=${{ env.UBUNTU_VERSION }}
thrift_image:
name: Build SW360 Thrift image
Expand Down Expand Up @@ -110,7 +84,7 @@ jobs:
binary_image:
name: SW360 Binary
needs: [sw360_version, base_image, thrift_image]
needs: [sw360_version, thrift_image]
runs-on: ubuntu-latest
permissions:
contents: read
Expand Down Expand Up @@ -142,7 +116,7 @@ jobs:
runtime_image:
name: SW360 Runtime image
needs: [sw360_version, base_image, binary_image]
needs: [sw360_version, binary_image]
runs-on: ubuntu-latest
permissions:
contents: read
Expand Down
142 changes: 16 additions & 126 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,81 +10,7 @@
#
# SPDX-License-Identifier: EPL-2.0

#-----------------------------------------------------------------------------------
# Base image
# We need use JDK, JRE is not enough as Liferay do runtime changes and require javac
ARG JAVA_VERSION=17
ARG UBUNTU_VERSION=jammy

# Use OpenJDK Eclipe Temurin Ubuntu LTS
FROM eclipse-temurin:$JAVA_VERSION-jdk-$UBUNTU_VERSION as base

ENV LANG=en_US.UTF-8
ENV LANGUAGE=en_US:en
ENV LC_ALL=en_US.UTF-8

# Set versions as arguments
ARG LIFERAY_VERSION
ARG LIFERAY_SOURCE

ENV LIFERAY_HOME=/app/sw360
ENV LIFERAY_INSTALL=/app/sw360

ARG USERNAME=sw360
ARG USER_ID=1000
ARG USER_GID=$USER_ID
ARG HOMEDIR=/workspace
ENV HOME=$HOMEDIR

# Base system
RUN --mount=type=cache,target=/var/cache/apt \
apt-get update -qq \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
ca-certificates \
curl \
dos2unix \
gnupg2 \
iproute2 \
iputils-ping \
less \
libarchive-tools \
locales \
lsof \
netbase \
openssl \
procps \
tzdata \
sudo \
unzip \
zip \
&& rm -rf /var/lib/apt/lists/*

# Prepare system for non-priv user
RUN groupadd --gid $USER_GID $USERNAME \
&& useradd \
--uid $USER_ID \
--gid $USER_GID \
--shell /bin/bash \
--home-dir $HOMEDIR \
--create-home $USERNAME

# sudo support
RUN echo "$USERNAME ALL=(root) NOPASSWD:ALL" > /etc/sudoers.d/$USERNAME \
&& chmod 0440 /etc/sudoers.d/$USERNAME

# Unpack liferay as sw360 and link current tomcat version
# to tomcat to make future proof updates
RUN --mount=type=cache,target=/var/cache/deps \
mkdir -p /app/sw360 \
&& if [ ! -f /var/cache/deps/"$LIFERAY_SOURCE" ]; then \
curl -o /var/cache/deps/"$LIFERAY_SOURCE" -JL https://github.com/liferay/liferay-portal/releases/download/"$LIFERAY_VERSION"/"$LIFERAY_SOURCE"; \
fi \
&& tar -xzf /var/cache/deps/"$LIFERAY_SOURCE" -C /app/sw360 --strip-components=1 \
&& chown -R $USERNAME:$USERNAME /app \
&& ln -s /app/sw360/tomcat-* /app/sw360/tomcat

WORKDIR /app/sw360
ENTRYPOINT [ "/bin/bash" ]
ARG TOMCAT_VERSION=10-jre17-temurin-jammy

#--------------------------------------------------------------------------------------------------
# Thrift
Expand Down Expand Up @@ -113,19 +39,15 @@ RUN --mount=type=tmpfs,target=/build \
--mount=type=cache,target=/var/cache/deps \
./build_thrift.sh

FROM scratch AS thrift
FROM scratch AS localthrift
COPY --from=sw360thriftbuild /usr/local/bin/thrift /usr/local/bin/thrift

#--------------------------------------------------------------------------------------------------
# SW360 Build Test image
# Base image to build with test

FROM maven:3-eclipse-temurin-17 as sw360test

COPY --from=thrift /usr/local/bin/thrift /usr/bin

# Thanks to Liferay, we need fix the java version
ENV _JAVA_OPTIONS='-Djdk.util.zip.disableZip64ExtraFieldValidation=true'
COPY --from=localthrift /usr/local/bin/thrift /usr/bin

SHELL ["/bin/bash", "-c"]

Expand All @@ -148,13 +70,10 @@ RUN --mount=type=cache,target=/var/cache/apt \
# So when decide to use as development, only this last stage
# is triggered by buildkit images

FROM maven:3.9-eclipse-temurin-17 as sw360build
FROM maven:3-eclipse-temurin-17 as sw360build

ARG COUCHDB_HOST=localhost

# Thanks to Liferay, we need fix the java version
ENV _JAVA_OPTIONS='-Djdk.util.zip.disableZip64ExtraFieldValidation=true'

WORKDIR /build

SHELL ["/bin/bash", "-c"]
Expand All @@ -178,7 +97,7 @@ COPY scripts/docker-config/set_proxy.sh /usr/local/bin/setup_maven_proxy
RUN chmod a+x /usr/local/bin/setup_maven_proxy \
&& setup_maven_proxy

COPY --from=thrift /usr/local/bin/thrift /usr/bin
COPY --from=localthrift /usr/local/bin/thrift /usr/bin

RUN --mount=type=bind,target=/build/sw360,rw \
--mount=type=cache,target=/root/.m2 \
Expand All @@ -187,19 +106,17 @@ RUN --mount=type=bind,target=/build/sw360,rw \
&& set -a \
&& source /run/secrets/sw360 \
&& envsubst < scripts/docker-config/couchdb.properties.template | tee scripts/docker-config/etc_sw360/couchdb.properties \
&& envsubst < scripts/docker-config/couchdb-lucene.ini | tee third-party/couchdb-lucene/src/main/resources/couchdb-lucene.ini \
&& set +a \
&& cp scripts/docker-config/etc_sw360/couchdb.properties build-configuration/resources/ \
&& cp -a scripts/docker-config/etc_sw360 /etc/sw360 \
&& mkdir /etc/sw360/manager \
&& envsubst < scripts/docker-config/manager/tomcat-users.xml | tee /etc/sw360/manager/tomcat-users.xml \
&& mvn clean package \
-P deploy \
-Dbase.deploy.dir="${PWD}" \
-Dtest=org.eclipse.sw360.rest.resourceserver.restdocs.* \
-Dsurefire.failIfNoSpecifiedTests=false \
-Dbase.deploy.dir=. \
-Djars.deploy.dir=/sw360_deploy \
-Dliferay.deploy.dir=/sw360_deploy \
-Dbackend.deploy.dir=/sw360_tomcat_webapps \
-Drest.deploy.dir=/sw360_tomcat_webapps \
-Dhelp-docs=true
Expand All @@ -218,50 +135,23 @@ COPY --from=sw360build /sw360_tomcat_webapps /sw360_tomcat_webapps

#--------------------------------------------------------------------------------------------------
# Runtime image
FROM base AS sw360

ARG DEBUG
ARG USERNAME=sw360
FROM tomcat:$TOMCAT_VERSION as sw360

WORKDIR /app/

# Make sw360 dir owned byt the user
RUN chown -R $USERNAME:$USERNAME /app/sw360

USER $USERNAME
ARG TOMCAT_DIR=/usr/local/tomcat

# Modified etc
COPY --chown=$USERNAME:$USERNAME --from=binaries /etc/sw360 /etc/sw360
# Downloaded jar dependencies
COPY --chown=$USERNAME:$USERNAME --from=binaries /sw360_deploy/* /app/sw360/deploy
COPY --from=binaries /etc/sw360 /etc/sw360
# Streamlined wars
COPY --chown=$USERNAME:$USERNAME --from=binaries /sw360_tomcat_webapps/slim-wars/*.war /app/sw360/tomcat/webapps/
COPY --from=binaries /sw360_tomcat_webapps/slim-wars/*.war ${TOMCAT_DIR}/webapps/
# org.eclipse.sw360 jar artifacts
COPY --chown=$USERNAME:$USERNAME --from=binaries /sw360_tomcat_webapps/*.jar /app/sw360/tomcat/webapps/
COPY --from=binaries /sw360_tomcat_webapps/*.jar ${TOMCAT_DIR}/webapps/
# Shared streamlined jar libs
COPY --chown=$USERNAME:$USERNAME --from=binaries /sw360_tomcat_webapps/libs/*.jar /app/sw360/tomcat/shared/

# Make catalina understand shared directory
RUN dos2unix /app/sw360/tomcat/conf/catalina.properties \
&& sed -i "s,shared.loader=,shared.loader=/app/sw360/tomcat/shared/*.jar,g" /app/sw360/tomcat/conf/catalina.properties

# Copy liferay/sw360 config files
COPY --chown=$USERNAME:$USERNAME ./scripts/docker-config/portal-ext.properties /app/sw360/portal-ext.properties
COPY --chown=$USERNAME:$USERNAME ./scripts/docker-config/entry_point.sh /app/entry_point.sh
COPY --from=binaries /sw360_tomcat_webapps/libs/*.jar ${TOMCAT_DIR}/lib/

# Tomcat manager for debugging portlets
COPY --chown=$USERNAME:$USERNAME --from=tomcat:9.0.56-jdk17 /usr/local/tomcat/webapps.dist/manager /app/sw360/tomcat/webapps/manager
RUN --mount=type=bind,target=/build/sw360,rw \
if [ DEBUG ]; then \
cp /etc/sw360/manager/tomcat-users.xml /app/sw360/tomcat/conf/tomcat-users.xml ; \
cp /build/sw360/scripts/docker-config/manager/context.xml /app/sw360/tomcat/webapps/manager/META-INF/context.xml ; \
else \
mv /app/sw360/tomcat/webapps/manager /app/sw360/tomcat/webapps/manager.disabled ; \
fi

STOPSIGNAL SIGINT

WORKDIR /app/sw360

ENTRYPOINT [ "/app/entry_point.sh" ]
mv ${TOMCAT_DIR}/webapps.dist/manager ${TOMCAT_DIR}/webapps/manager \
&& cp /etc/sw360/manager/tomcat-users.xml ${TOMCAT_DIR}/conf/tomcat-users.xml \
&& cp /build/sw360/scripts/docker-config/manager/context.xml ${TOMCAT_DIR}/webapps/manager/META-INF/context.xml

WORKDIR ${TOMCAT_DIR}
28 changes: 1 addition & 27 deletions docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,6 @@ services:
restart: unless-stopped
container_name: sw360
depends_on:
- postgresdb
- couchdb
ports:
- "8080:8080"
Expand All @@ -26,31 +25,6 @@ services:
- document_library:/app/sw360/data/document_library
- ./config:/app/sw360/config

postgresdb:
image: "postgres:16"
restart: unless-stopped
environment:
- POSTGRES_USER=liferay
- POSTGRES_PASSWORD=liferay
- POSTGRES_DB=lportal
volumes:
- postgres:/var/lib/postgresql/data/
ports:
- "5438:5432"
logging:
options:
max-size: 10m
max-file: "2"
healthcheck:
test:
[
"CMD-SHELL",
"pg_isready --dbname $$POSTGRES_DB --username $$POSTGRES_USER",
]
interval: 10s
timeout: 5s
retries: 5

couchdb:
image: couchdb
restart: unless-stopped
Expand All @@ -64,7 +38,7 @@ services:
- couchdb:/opt/couchdb/data
healthcheck:
test: ["CMD-SHELL", "curl --fail -s http://couchdb:5984/_up"]
interval: 10s
interval: 30s
timeout: 5s
retries: 5

Expand Down
10 changes: 3 additions & 7 deletions docker_build.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,6 @@ set -e -o pipefail

DOCKER_IMAGE_ROOT="${DOCKER_IMAGE_ROOT:-ghcr.io/eclipse-sw360}"
SECRETS=${SECRETS:-"$PWD/scripts/docker-config/default_secrets"}
SW360_VERSION=${SW360_VERSION:-18-development}
export DOCKER_PLATFORM DOCKER_IMAGE_ROOT GIT_REVISION SECRETS

# ---------------------------
Expand All @@ -67,7 +66,7 @@ image_build() {
shift
version="$1"
shift

docker buildx build \
--target "$target" \
--tag "${DOCKER_IMAGE_ROOT}/$name:$version" \
Expand All @@ -76,16 +75,13 @@ image_build() {
"$@" .
}

image_build base sw360/base "$SW360_VERSION" --build-arg LIFERAY_VERSION="$LIFERAY_VERSION" --build-arg LIFERAY_SOURCE="$LIFERAY_SOURCE" "$@"

image_build thrift sw360/thrift "$THRIFT_VERSION" --build-arg THRIFT_VERSION="$THRIFT_VERSION" "$@"
image_build localthrift sw360/thrift "$THRIFT_VERSION" --build-arg THRIFT_VERSION="$THRIFT_VERSION" "$@"

image_build sw360test sw360/test "$SW360_VERSION" "$@"

image_build binaries sw360/binaries "$SW360_VERSION" --build-arg MAVEN_VERSION="$MAVEN_VERSION" \
--secret id=sw360,src="$SECRETS" \
--build-context "thrift=docker-image://${DOCKER_IMAGE_ROOT}/sw360/thrift:latest" "$@"
--build-context "thrift=docker-image://${DOCKER_IMAGE_ROOT}/sw360/thrift:$THRIFT_VERSION" "$@"

image_build sw360 sw360 "$SW360_VERSION" \
--build-context "base=docker-image://${DOCKER_IMAGE_ROOT}/sw360/base:latest" \
--build-context "binaries=docker-image://${DOCKER_IMAGE_ROOT}/sw360/binaries:latest" "$@"

0 comments on commit 8b68eff

Please sign in to comment.