From 0123088615b2bb68a27fec459d1f2aadfdcce00b Mon Sep 17 00:00:00 2001 From: Mykyta Shevelov Date: Tue, 7 May 2024 17:59:10 -0300 Subject: [PATCH] NEXUS-42436 Java 17 - Create Java 17 runtime based docker image (#176) * add Java 17 * add debug logs * Revert "add debug logs" This reverts commit 26fd884d6b01a573e03c67e7cfc351eef374018e. --- Dockerfile.java17 | 91 ++++++++++++++++++++++++++++++ Dockerfile.rh.ubi.java17 | 104 +++++++++++++++++++++++++++++++++++ Jenkinsfile-Internal-Release | 9 ++- Jenkinsfile-Release | 26 ++++++++- Jenkinsfile.rh | 3 +- 5 files changed, 228 insertions(+), 5 deletions(-) create mode 100644 Dockerfile.java17 create mode 100644 Dockerfile.rh.ubi.java17 diff --git a/Dockerfile.java17 b/Dockerfile.java17 new file mode 100644 index 00000000..91e15a74 --- /dev/null +++ b/Dockerfile.java17 @@ -0,0 +1,91 @@ +# Copyright (c) 2016-present Sonatype, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FROM registry.access.redhat.com/ubi8/ubi-minimal + +LABEL name="Nexus Repository Manager" \ + maintainer="Sonatype " \ + vendor=Sonatype \ + version="3.67.1-01" \ + release="3.67.1" \ + url="https://sonatype.com" \ + summary="The Nexus Repository Manager server \ + with universal support for popular component formats." \ + description="The Nexus Repository Manager server \ + with universal support for popular component formats." \ + run="docker run -d --name NAME \ + -p 8081:8081 \ + IMAGE" \ + stop="docker stop NAME" \ + com.sonatype.license="Apache License, Version 2.0" \ + com.sonatype.name="Nexus Repository Manager base image" \ + io.k8s.description="The Nexus Repository Manager server \ + with universal support for popular component formats." \ + io.k8s.display-name="Nexus Repository Manager" \ + io.openshift.expose-services="8081:8081" \ + io.openshift.tags="Sonatype,Nexus,Repository Manager" + +ARG NEXUS_VERSION=3.67.1-01 +ARG JAVA_VERSION=java17 +ARG NEXUS_DOWNLOAD_URL=https://download.sonatype.com/nexus/3/nexus-${NEXUS_VERSION}-${JAVA_VERSION}-unix.tar.gz +ARG NEXUS_DOWNLOAD_SHA256_HASH=c152a3082a71ab2ed9b370df6d41c757178ec024db31b81b79806cb2ac6a7a6d + +# configure nexus runtime +ENV SONATYPE_DIR=/opt/sonatype +ENV NEXUS_HOME=${SONATYPE_DIR}/nexus \ + NEXUS_DATA=/nexus-data \ + NEXUS_CONTEXT='' \ + SONATYPE_WORK=${SONATYPE_DIR}/sonatype-work \ + DOCKER_TYPE='rh-docker' + +# Install Java & tar +RUN microdnf update -y \ + && microdnf --setopt=install_weak_deps=0 --setopt=tsflags=nodocs install -y \ + java-17-openjdk-headless tar procps shadow-utils gzip \ + && microdnf clean all \ + && groupadd --gid 200 -r nexus \ + && useradd --uid 200 -r nexus -g nexus -s /bin/false -d /opt/sonatype/nexus -c 'Nexus Repository Manager user' + +WORKDIR ${SONATYPE_DIR} + +# Download nexus & setup directories +RUN curl -L ${NEXUS_DOWNLOAD_URL} --output nexus-${NEXUS_VERSION}-${JAVA_VERSION}-unix.tar.gz \ + && echo "${NEXUS_DOWNLOAD_SHA256_HASH} nexus-${NEXUS_VERSION}-${JAVA_VERSION}-unix.tar.gz" > nexus-${NEXUS_VERSION}-${JAVA_VERSION}-unix.tar.gz.sha256 \ + && sha256sum -c nexus-${NEXUS_VERSION}-${JAVA_VERSION}-unix.tar.gz.sha256 \ + && tar -xvf nexus-${NEXUS_VERSION}-${JAVA_VERSION}-unix.tar.gz \ + && rm -f nexus-${NEXUS_VERSION}-${JAVA_VERSION}-unix.tar.gz nexus-${NEXUS_VERSION}-${JAVA_VERSION}-unix.tar.gz.sha256 \ + && mv nexus-${NEXUS_VERSION} $NEXUS_HOME \ + && chown -R nexus:nexus ${SONATYPE_WORK} \ + && mv ${SONATYPE_WORK}/nexus3 ${NEXUS_DATA} \ + && ln -s ${NEXUS_DATA} ${SONATYPE_WORK}/nexus3 + +# Removing java memory settings from nexus.vmoptions since now we use INSTALL4J_ADD_VM_PARAMS +RUN sed -i '/^-Xms/d;/^-Xmx/d;/^-XX:MaxDirectMemorySize/d' $NEXUS_HOME/bin/nexus.vmoptions + +RUN echo "#!/bin/bash" >> ${SONATYPE_DIR}/start-nexus-repository-manager.sh \ + && echo "cd /opt/sonatype/nexus" >> ${SONATYPE_DIR}/start-nexus-repository-manager.sh \ + && echo "exec ./bin/nexus run" >> ${SONATYPE_DIR}/start-nexus-repository-manager.sh \ + && chmod a+x ${SONATYPE_DIR}/start-nexus-repository-manager.sh \ + && sed -e '/^nexus-context/ s:$:${NEXUS_CONTEXT}:' -i ${NEXUS_HOME}/etc/nexus-default.properties + +RUN microdnf remove -y gzip shadow-utils + +VOLUME ${NEXUS_DATA} + +EXPOSE 8081 +USER nexus + +ENV INSTALL4J_ADD_VM_PARAMS="-Xms2703m -Xmx2703m -XX:MaxDirectMemorySize=2703m -Djava.util.prefs.userRoot=${NEXUS_DATA}/javaprefs" + +CMD ["/opt/sonatype/nexus/bin/nexus", "run"] diff --git a/Dockerfile.rh.ubi.java17 b/Dockerfile.rh.ubi.java17 new file mode 100644 index 00000000..13e3eff1 --- /dev/null +++ b/Dockerfile.rh.ubi.java17 @@ -0,0 +1,104 @@ +# Copyright (c) 2016-present Sonatype, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FROM registry.access.redhat.com/ubi8/ubi-minimal + +LABEL name="Nexus Repository Manager" \ + vendor=Sonatype \ + maintainer="Sonatype " \ + version="3.67.1-01" \ + release="3.67.1" \ + url="https://sonatype.com" \ + summary="The Nexus Repository Manager server \ + with universal support for popular component formats." \ + description="The Nexus Repository Manager server \ + with universal support for popular component formats." \ + run="docker run -d --name NAME \ + -p 8081:8081 \ + IMAGE" \ + stop="docker stop NAME" \ + com.sonatype.license="Apache License, Version 2.0" \ + com.sonatype.name="Nexus Repository Manager base image" \ + io.k8s.description="The Nexus Repository Manager server \ + with universal support for popular component formats." \ + io.k8s.display-name="Nexus Repository Manager" \ + io.openshift.expose-services="8081:8081" \ + io.openshift.tags="Sonatype,Nexus,Repository Manager" + +ARG NEXUS_VERSION=3.67.1-01 +ARG JAVA_VERSION=java17 +ARG NEXUS_DOWNLOAD_URL=https://download.sonatype.com/nexus/3/nexus-${NEXUS_VERSION}-${JAVA_VERSION}-unix.tar.gz +ARG NEXUS_DOWNLOAD_SHA256_HASH=c152a3082a71ab2ed9b370df6d41c757178ec024db31b81b79806cb2ac6a7a6d + +# configure nexus runtime +ENV SONATYPE_DIR=/opt/sonatype +ENV NEXUS_HOME=${SONATYPE_DIR}/nexus \ + NEXUS_DATA=/nexus-data \ + NEXUS_CONTEXT='' \ + SONATYPE_WORK=${SONATYPE_DIR}/sonatype-work \ + DOCKER_TYPE='rh-docker' + +# Install java & setup user +RUN microdnf update -y \ + && microdnf --setopt=install_weak_deps=0 --setopt=tsflags=nodocs install -y \ + java-17-openjdk-headless tar procps shadow-utils gzip \ + && microdnf clean all \ + && groupadd --gid 200 -r nexus \ + && useradd --uid 200 -r nexus -g nexus -s /bin/false -d /opt/sonatype/nexus -c 'Nexus Repository Manager user' + +# Red Hat Certified Container commands +COPY rh-docker / +RUN usermod -a -G root nexus \ + && chmod -R 0755 /licenses \ + && chmod 0755 /help.1 \ + && chmod 0755 /uid_entrypoint.sh \ + && chmod 0755 /uid_template.sh \ + && bash /uid_template.sh \ + && chmod 0664 /etc/passwd + +WORKDIR ${SONATYPE_DIR} + +# Download nexus & setup directories +RUN curl -L ${NEXUS_DOWNLOAD_URL} --output nexus-${NEXUS_VERSION}-${JAVA_VERSION}-unix.tar.gz \ + && echo "${NEXUS_DOWNLOAD_SHA256_HASH} nexus-${NEXUS_VERSION}-${JAVA_VERSION}-unix.tar.gz" > nexus-${NEXUS_VERSION}-${JAVA_VERSION}-unix.tar.gz.sha256 \ + && sha256sum -c nexus-${NEXUS_VERSION}-${JAVA_VERSION}-unix.tar.gz.sha256 \ + && tar -xvf nexus-${NEXUS_VERSION}-${JAVA_VERSION}-unix.tar.gz \ + && rm -f nexus-${NEXUS_VERSION}-${JAVA_VERSION}-unix.tar.gz nexus-${NEXUS_VERSION}-${JAVA_VERSION}-unix.tar.gz.sha256 \ + && mv nexus-${NEXUS_VERSION} $NEXUS_HOME \ + && chown -R nexus:nexus ${SONATYPE_WORK} \ + && mv ${SONATYPE_WORK}/nexus3 ${NEXUS_DATA} \ + && ln -s ${NEXUS_DATA} ${SONATYPE_WORK}/nexus3 + +# Removing java memory settings from nexus.vmoptions since now we use INSTALL4J_ADD_VM_PARAMS +RUN sed -i '/^-Xms/d;/^-Xmx/d;/^-XX:MaxDirectMemorySize/d' $NEXUS_HOME/bin/nexus.vmoptions + +# Legacy start script +RUN echo "#!/bin/bash" >> ${SONATYPE_DIR}/start-nexus-repository-manager.sh \ + && echo "cd /opt/sonatype/nexus" >> ${SONATYPE_DIR}/start-nexus-repository-manager.sh \ + && echo "exec ./bin/nexus run" >> ${SONATYPE_DIR}/start-nexus-repository-manager.sh \ + && chmod a+x ${SONATYPE_DIR}/start-nexus-repository-manager.sh \ + && sed -e '/^nexus-context/ s:$:${NEXUS_CONTEXT}:' -i ${NEXUS_HOME}/etc/nexus-default.properties + +# Cleanup +RUN microdnf remove -y gzip shadow-utils + +VOLUME ${NEXUS_DATA} + +EXPOSE 8081 +USER nexus + +ENV INSTALL4J_ADD_VM_PARAMS="-Xms2703m -Xmx2703m -XX:MaxDirectMemorySize=2703m -Djava.util.prefs.userRoot=${NEXUS_DATA}/javaprefs" + +ENTRYPOINT ["/uid_entrypoint.sh"] +CMD ["/opt/sonatype/nexus/bin/nexus", "run"] diff --git a/Jenkinsfile-Internal-Release b/Jenkinsfile-Internal-Release index 57f5a0ec..0c5e42b0 100644 --- a/Jenkinsfile-Internal-Release +++ b/Jenkinsfile-Internal-Release @@ -8,7 +8,8 @@ import com.sonatype.jenkins.pipeline.OsTools String OPENJDK8 = 'OpenJDK 8' String OPENJDK11 = 'OpenJDK 11' -List javaVersions = [OPENJDK8, OPENJDK11] +String OPENJDK17 = 'OpenJDK 17' +List javaVersions = [OPENJDK8, OPENJDK11, OPENJDK17] properties([ parameters([ @@ -45,6 +46,7 @@ node('ubuntu-zion') { OsTools.runSafe(this, "git checkout ${branch}") updateRepositoryManagerVersion("${pwd()}/Dockerfile", 'java8') updateRepositoryManagerVersion("${pwd()}/Dockerfile.java11", 'java11') + updateRepositoryManagerVersion("${pwd()}/Dockerfile.java17", 'java17') version = getShortVersion(params.nexus_repository_manager_version) } } @@ -53,6 +55,8 @@ node('ubuntu-zion') { def dockerfilePath = 'Dockerfile' if (params.java_version == OPENJDK11) { dockerfilePath = 'Dockerfile.java11' + } else if (params.java_version == OPENJDK17) { + dockerfilePath = 'Dockerfile.java17' } def baseImage = extractBaseImage(dockerfilePath) def baseImageRefFactory = load 'scripts/BaseImageReference.groovy' @@ -87,6 +91,9 @@ node('ubuntu-zion') { if (params.java_version == OPENJDK11) { sh "docker tag ${imageId} docker-all.repo.sonatype.com/sonatype-internal/nexus3:${version}-java11" sh "docker push docker-all.repo.sonatype.com/sonatype-internal/nexus3:${version}-java11" + } else if (params.java_version == OPENJDK17) { + sh "docker tag ${imageId} docker-all.repo.sonatype.com/sonatype-internal/nexus3:${version}-java17" + sh "docker push docker-all.repo.sonatype.com/sonatype-internal/nexus3:${version}-java17" } else { sh "docker tag ${imageId} docker-all.repo.sonatype.com/sonatype-internal/nexus3:${version}" sh "docker push docker-all.repo.sonatype.com/sonatype-internal/nexus3:${version}" diff --git a/Jenkinsfile-Release b/Jenkinsfile-Release index 3512c635..653cddd8 100644 --- a/Jenkinsfile-Release +++ b/Jenkinsfile-Release @@ -10,7 +10,8 @@ import com.sonatype.jenkins.shared.Expectation String OPENJDK8 = 'OpenJDK 8' String OPENJDK11 = 'OpenJDK 11' -List javaVersions = [OPENJDK8, OPENJDK11] +String OPENJDK17 = 'OpenJDK 17' +List javaVersions = [OPENJDK8, OPENJDK11, OPENJDK17] properties([ parameters([ @@ -24,7 +25,7 @@ properties([ ]) node('ubuntu-zion') { - def commitId, commitDate, version, imageId, branch, dockerFileLocations, dockerJava11FileLocations + def commitId, commitDate, version, imageId, branch, dockerFileLocations, dockerJava11FileLocations, dockerJava17FileLocations def organization = 'sonatype', gitHubRepository = 'docker-nexus3', credentialsId = 'jenkins-github', @@ -32,7 +33,8 @@ node('ubuntu-zion') { archiveName = 'docker-nexus3', dockerHubRepository = 'nexus3', java8 = 'java8', - java11 = 'java11' + java11 = 'java11', + java17 = 'java17' GitHub gitHub try { @@ -54,6 +56,11 @@ node('ubuntu-zion') { "${pwd()}/Dockerfile.rh.ubi.java11" ] + dockerJava17FileLocations = [ + "${pwd()}/Dockerfile.java17", + "${pwd()}/Dockerfile.rh.ubi.java17" + ] + branch = checkoutDetails.GIT_BRANCH == 'origin/main' ? 'main' : checkoutDetails.GIT_BRANCH commitId = checkoutDetails.GIT_COMMIT commitDate = OsTools.runSafe(this, "git show -s --format=%cd --date=format:%Y%m%d-%H%M%S ${commitId}") @@ -76,6 +83,8 @@ node('ubuntu-zion') { if (params.java_version == OPENJDK11) { dockerJava11FileLocations.each { updateRepositoryManagerVersion(it) } + } else if (params.java_version == OPENJDK17) { + dockerJava17FileLocations.each { updateRepositoryManagerVersion(it) } } else { dockerFileLocations.each { updateRepositoryManagerVersion(it) } } @@ -87,6 +96,8 @@ node('ubuntu-zion') { OsTools.runSafe(this, "git checkout ${branch}") if (params.java_version == OPENJDK11) { dockerJava11FileLocations.each { updateRepositoryCookbookVersion(it) } + } else if (params.java_version == OPENJDK17) { + dockerJava17FileLocations.each { updateRepositoryCookbookVersion(it) } } else { dockerFileLocations.each { updateRepositoryCookbookVersion(it) } } @@ -99,6 +110,8 @@ node('ubuntu-zion') { def dockerfilePath = 'Dockerfile' if (params.java_version == OPENJDK11) { dockerfilePath = 'Dockerfile.java11' + } else if (params.java_version == OPENJDK17) { + dockerfilePath = 'Dockerfile.java17' } def baseImage = extractBaseImage(dockerfilePath) def baseImageRefFactory = load 'scripts/BaseImageReference.groovy' @@ -181,6 +194,8 @@ node('ubuntu-zion') { usernameVariable: 'DOCKERHUB_API_USERNAME', passwordVariable: 'DOCKERHUB_API_PASSWORD']]) { if (params.java_version == OPENJDK11) { OsTools.runSafe(this, "docker tag ${imageId} ${organization}/${dockerHubRepository}:${version}-${java11}") + } else if (params.java_version == OPENJDK17) { + OsTools.runSafe(this, "docker tag ${imageId} ${organization}/${dockerHubRepository}:${version}-${java17}") } else { OsTools.runSafe(this, "docker tag ${imageId} ${organization}/${dockerHubRepository}:${version}") OsTools.runSafe(this, "docker tag ${imageId} ${organization}/${dockerHubRepository}:${version}-${java8}") @@ -191,6 +206,8 @@ node('ubuntu-zion') { """) if (params.java_version == OPENJDK11) { OsTools.runSafe(this, "docker push ${organization}/${dockerHubRepository}:${version}-${java11}") + } else if (params.java_version == OPENJDK17) { + OsTools.runSafe(this, "docker push ${organization}/${dockerHubRepository}:${version}-${java17}") } else { OsTools.runSafe(this, "docker push --all-tags ${organization}/${dockerHubRepository}") } @@ -217,6 +234,9 @@ node('ubuntu-zion') { if (params.java_version == OPENJDK11) { sh "docker tag ${imageId} docker-all.repo.sonatype.com/sonatype-internal/${dockerHubRepository}:${version}-${java11}" sh "docker push docker-all.repo.sonatype.com/sonatype-internal/${dockerHubRepository}:${version}-${java11}" + } else if (params.java_version == OPENJDK17) { + sh "docker tag ${imageId} docker-all.repo.sonatype.com/sonatype-internal/${dockerHubRepository}:${version}-${java17}" + sh "docker push docker-all.repo.sonatype.com/sonatype-internal/${dockerHubRepository}:${version}-${java17}" } else { sh "docker tag ${imageId} docker-all.repo.sonatype.com/sonatype-internal/${dockerHubRepository}:${version}" sh "docker push docker-all.repo.sonatype.com/sonatype-internal/${dockerHubRepository}:${version}" diff --git a/Jenkinsfile.rh b/Jenkinsfile.rh index ff43d114..5fe003df 100644 --- a/Jenkinsfile.rh +++ b/Jenkinsfile.rh @@ -7,7 +7,8 @@ String OPENJDK8 = 'OpenJDK 8' String OPENJDK11 = 'OpenJDK 11' -List javaVersions = [OPENJDK8, OPENJDK11] +String OPENJDK17 = 'OpenJDK 17' +List javaVersions = [OPENJDK8, OPENJDK11, OPENJDK17] properties([ parameters([