From 90f76d28ed007d396b4f8aaedf655d80d60f7e87 Mon Sep 17 00:00:00 2001 From: MarkAckert Date: Fri, 30 Aug 2024 09:35:59 -0400 Subject: [PATCH 1/4] update v3 containers with newer node and java Signed-off-by: MarkAckert --- containers/base-jdk/ubi/Dockerfile | 22 ++--- containers/base-jdk/ubuntu/Dockerfile | 32 ++++--- containers/base-node/Dockerfile | 12 +-- containers/base/ubi/Dockerfile | 116 +++++++++++------------ containers/base/ubuntu/Dockerfile | 127 +++++++++++++------------- 5 files changed, 156 insertions(+), 153 deletions(-) diff --git a/containers/base-jdk/ubi/Dockerfile b/containers/base-jdk/ubi/Dockerfile index b87b254888..5aeaf99f10 100644 --- a/containers/base-jdk/ubi/Dockerfile +++ b/containers/base-jdk/ubi/Dockerfile @@ -14,18 +14,18 @@ FROM zowe-docker-release.jfrog.io/ompzowe/base:latest-ubi ################################## # labels LABEL name="Zowe Base Image with JDK enabled" \ - maintainer="jack-tiefeng.jia@ibm.com" \ - vendor="Zowe" \ - version="2.0.2" \ - release="0" \ - summary="Base image for Zowe components with JDK enabled" \ - description="Base image for Zowe components with JDK enabled" + maintainer="mark.ackert@broadcom.com" \ + vendor="Zowe" \ + version="3.0.0" \ + release="0" \ + summary="Base image for Zowe components with JDK enabled" \ + description="Base image for Zowe components with JDK enabled" ################################## # Install JDK RUN microdnf install --nodocs \ - java-1.8.0-openjdk \ - && microdnf clean all --enablerepo='*' \ - # smoke tests - && java -version -ENV JAVA_HOME=/usr/lib/jvm/jre-1.8.0 + java-1.11.0-openjdk \ + && microdnf clean all --enablerepo='*' \ + # smoke tests + && java -version +ENV JAVA_HOME=/usr/lib/jvm/jre-1.11.0 diff --git a/containers/base-jdk/ubuntu/Dockerfile b/containers/base-jdk/ubuntu/Dockerfile index 3ce76a688a..a12017b825 100644 --- a/containers/base-jdk/ubuntu/Dockerfile +++ b/containers/base-jdk/ubuntu/Dockerfile @@ -14,19 +14,23 @@ FROM zowe-docker-release.jfrog.io/ompzowe/base:latest-ubuntu ################################## # labels LABEL name="Zowe Base Image with JDK enabled" \ - maintainer="jack-tiefeng.jia@ibm.com" \ - vendor="Zowe" \ - version="2.0.2" \ - release="0" \ - summary="Base image for Zowe components with JDK enabled" \ - description="Base image for Zowe components with JDK enabled" + maintainer="mark.ackert@broadcom.com" \ + vendor="Zowe" \ + version="3.0.0" \ + release="0" \ + summary="Base image for Zowe components with JDK enabled" \ + description="Base image for Zowe components with JDK enabled" ################################## -# Install JDK -RUN apt-get update \ - && apt-get install -y \ - openjdk-8-jre \ - && rm -rf /var/lib/apt/lists/* \ - # smoke tests - && java -version -ENV JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64/jre + +# Install JDK. We manually add apt sources to avoid installing python, which is required for add-apt-repository. +RUN CODENAME=$(cat /etc/os-release | grep UBUNTU_CODENAME | cut -d "=" -f 2) \ + && echo deb [trusted=yes] https://ppa.launchpadcontent.net/openjdk-r/ppa/ubuntu "$CODENAME" main >> /etc/apt/sources.list \ + && echo deb-src [trusted=yes] https://ppa.launchpadcontent.net/openjdk-r/ppa/ubuntu "$CODENAME" main >> /etc/apt/sources.list \ + && apt-get update \ + && apt-get install -y \ + openjdk-11-jre \ + && rm -rf /var/lib/apt/lists/* \ + # smoke tests + && java -version +ENV JAVA_HOME=/usr/lib/jvm/java-11-openjdk-amd64/jre diff --git a/containers/base-node/Dockerfile b/containers/base-node/Dockerfile index e3cd778ccd..4ead448b79 100644 --- a/containers/base-node/Dockerfile +++ b/containers/base-node/Dockerfile @@ -17,12 +17,12 @@ FROM zowe-docker-release.jfrog.io/ompzowe/base:${ZOWE_BASE_IMAGE} ################################## # labels LABEL name="Zowe Base Image with node.js enabled" \ - maintainer="jack-tiefeng.jia@ibm.com" \ - vendor="Zowe" \ - version="2.0.2" \ - release="0" \ - summary="Base image for Zowe components with node.js enabled" \ - description="Base image for Zowe components with node.js enabled" + maintainer="mark.ackert@broadcom.com" \ + vendor="Zowe" \ + version="3.0.0" \ + release="0" \ + summary="Base image for Zowe components with node.js enabled" \ + description="Base image for Zowe components with node.js enabled" ################################## # node.js is installed in base image, so no actions here diff --git a/containers/base/ubi/Dockerfile b/containers/base/ubi/Dockerfile index 1c7faf2def..99a7975d5d 100644 --- a/containers/base/ubi/Dockerfile +++ b/containers/base/ubi/Dockerfile @@ -14,12 +14,12 @@ FROM registry.redhat.io/ubi8/ubi-minimal:latest ################################## # labels LABEL name="Zowe Base Image" \ - maintainer="jack-tiefeng.jia@ibm.com" \ - vendor="Zowe" \ - version="2.0.2" \ - release="0" \ - summary="Base image for Zowe components" \ - description="Base image for Zowe components" + maintainer="mark.ackert@broadcom.com" \ + vendor="Zowe" \ + version="3.0.0" \ + release="0" \ + summary="Base image for Zowe components" \ + description="Base image for Zowe components" ################################## # arguments @@ -32,59 +32,59 @@ ARG NODE_CPU_ARCH=x64 ################################## # environments -ENV NODE_VERSION=16.18.1 +ENV NODE_VERSION=18.20.4 ################################## # customize RUN set -ex \ - # shadow-utils is needed for having adduser groupadd commands - && microdnf install --nodocs shadow-utils \ - # define zowe user/group - && groupadd --gid ${GID} zowe \ - && useradd -r -m --no-log-init --uid ${UID} --gid ${GID} --home /home/zowe zowe \ - # create /licenses folder - && mkdir -p /licenses \ - && chown zowe.zowe /licenses \ - # create /component folder - && mkdir -p /component \ - && chown zowe.zowe /component \ - # install node.js which is mandatory for now - && microdnf install --nodocs \ - findutils \ - tar \ - xz \ - && ARCH=${NODE_CPU_ARCH} \ - # gpg keys listed at https://github.com/nodejs/node#release-keys - && for key in \ - 4ED778F539E3634C779C87C6D7062848A1AB005C \ - 94AE36675C464D64BAFA68DD7434390BDBE9B9C5 \ - 74F12602B6F1C4E913FAA37AD3A89613643B6201 \ - 71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 \ - 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \ - C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \ - C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C \ - DD8F2338BAE7501E3DD5AC78C273792F7D83545D \ - A48C2BEE680E841632CD4E44F07496B3EB3C1762 \ - 108F52B48DB57BB0CC439B2997B01419BD92F80A \ - B9E2F5981AA6E0CD28160D9FF13993A75599653C \ - ; do \ - gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || \ - gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; \ - done \ - && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz" \ - && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \ - && gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \ - && grep " node-v$NODE_VERSION-linux-$ARCH.tar.xz\$" SHASUMS256.txt | sha256sum -c - \ - && tar -xJf "node-v$NODE_VERSION-linux-$ARCH.tar.xz" -C /usr/local --strip-components=1 --no-same-owner \ - && rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \ - && ln -s /usr/local/bin/node /usr/local/bin/nodejs \ - # smoke tests - && node --version \ - && npm --version \ - # remove unused pacakges - && microdnf remove \ - findutils \ - tar \ - xz \ - # clean up - && microdnf clean all --enablerepo='*' + # shadow-utils is needed for having adduser groupadd commands + && microdnf install --nodocs shadow-utils \ + # define zowe user/group + && groupadd --gid ${GID} zowe \ + && useradd -r -m --no-log-init --uid ${UID} --gid ${GID} --home /home/zowe zowe \ + # create /licenses folder + && mkdir -p /licenses \ + && chown zowe.zowe /licenses \ + # create /component folder + && mkdir -p /component \ + && chown zowe.zowe /component \ + # install node.js which is mandatory for now + && microdnf install --nodocs \ + findutils \ + tar \ + xz \ + && ARCH=${NODE_CPU_ARCH} \ + # gpg keys listed at https://github.com/nodejs/node#release-keys + && for key in \ + 4ED778F539E3634C779C87C6D7062848A1AB005C \ + 94AE36675C464D64BAFA68DD7434390BDBE9B9C5 \ + 74F12602B6F1C4E913FAA37AD3A89613643B6201 \ + 71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 \ + 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \ + C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \ + C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C \ + DD8F2338BAE7501E3DD5AC78C273792F7D83545D \ + A48C2BEE680E841632CD4E44F07496B3EB3C1762 \ + 108F52B48DB57BB0CC439B2997B01419BD92F80A \ + B9E2F5981AA6E0CD28160D9FF13993A75599653C \ + ; do \ + gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; \ + done \ + && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz" \ + && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \ + && gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \ + && grep " node-v$NODE_VERSION-linux-$ARCH.tar.xz\$" SHASUMS256.txt | sha256sum -c - \ + && tar -xJf "node-v$NODE_VERSION-linux-$ARCH.tar.xz" -C /usr/local --strip-components=1 --no-same-owner \ + && rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \ + && ln -s /usr/local/bin/node /usr/local/bin/nodejs \ + # smoke tests + && node --version \ + && npm --version \ + # remove unused pacakges + && microdnf remove \ + findutils \ + tar \ + xz \ + # clean up + && microdnf clean all --enablerepo='*' diff --git a/containers/base/ubuntu/Dockerfile b/containers/base/ubuntu/Dockerfile index 232f9b5824..a8b0c96819 100644 --- a/containers/base/ubuntu/Dockerfile +++ b/containers/base/ubuntu/Dockerfile @@ -14,12 +14,12 @@ FROM ubuntu:latest ################################## # labels LABEL name="Zowe Base Image" \ - maintainer="jack-tiefeng.jia@ibm.com" \ - vendor="Zowe" \ - version="2.0.2" \ - release="0" \ - summary="Base image for Zowe components" \ - description="Base image for Zowe components" + maintainer="mark.ackert@broadcom.com" \ + vendor="Zowe" \ + version="3.0.0" \ + release="0" \ + summary="Base image for Zowe components" \ + description="Base image for Zowe components" ################################## # arguments @@ -32,65 +32,64 @@ ARG NODE_CPU_ARCH=x64 ################################## # environments -ENV NODE_VERSION=16.18.1 +ENV NODE_VERSION=18.20.4 ################################## # customize RUN set -ex \ - # define zowe user/group - && groupadd -g $GID -r zowe \ - && useradd -r -m --no-log-init --uid ${UID} --gid ${GID} -d /home/zowe zowe \ - # use bash as default shell - && cd /bin \ - && ln -sfn bash sh \ - # create /licenses folder - && mkdir -p /licenses \ - && chown zowe.zowe /licenses \ - # create /component folder - && mkdir -p /component \ - && chown zowe.zowe /component \ - # install node.js which is mandatory for now - && apt-get update \ - && apt-get install -y \ - curl \ - gnupg \ - xz-utils \ - # upgrade - && apt-get upgrade -y \ - && ARCH=${NODE_CPU_ARCH} \ - # gpg keys listed at https://github.com/nodejs/node#release-keys - && for key in \ - 4ED778F539E3634C779C87C6D7062848A1AB005C \ - 94AE36675C464D64BAFA68DD7434390BDBE9B9C5 \ - 74F12602B6F1C4E913FAA37AD3A89613643B6201 \ - 71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 \ - 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \ - C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \ - C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C \ - DD8F2338BAE7501E3DD5AC78C273792F7D83545D \ - A48C2BEE680E841632CD4E44F07496B3EB3C1762 \ - 108F52B48DB57BB0CC439B2997B01419BD92F80A \ - B9E2F5981AA6E0CD28160D9FF13993A75599653C \ - ; do \ - gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || \ - gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; \ - done \ - && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz" \ - && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \ - && gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \ - && grep " node-v$NODE_VERSION-linux-$ARCH.tar.xz\$" SHASUMS256.txt | sha256sum -c - \ - && tar -xJf "node-v$NODE_VERSION-linux-$ARCH.tar.xz" -C /usr/local --strip-components=1 --no-same-owner \ - && rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \ - && ln -s /usr/local/bin/node /usr/local/bin/nodejs \ - # smoke tests - && node --version \ - && npm --version \ - # remove unused pacakges - && apt-get purge --auto-remove -y \ - bzip2 \ - curl \ - gnupg \ - tini \ - xz-utils \ - # clean up - && rm -rf /var/lib/apt/lists/* + # define zowe user/group + && groupadd -g $GID -r zowe \ + && useradd -r -m --no-log-init --uid ${UID} --gid ${GID} -d /home/zowe zowe \ + # use bash as default shell + && cd /bin \ + && ln -sfn bash sh \ + # create /licenses folder + && mkdir -p /licenses \ + && chown zowe.zowe /licenses \ + # create /component folder + && mkdir -p /component \ + && chown zowe.zowe /component \ + # install node.js which is mandatory for now + && apt-get update \ + && apt-get install -y \ + curl \ + gnupg \ + xz-utils \ + # upgrade + && apt-get upgrade -y \ + && ARCH=${NODE_CPU_ARCH} \ + # gpg keys listed at https://github.com/nodejs/node#release-keys + && for key in \ + 4ED778F539E3634C779C87C6D7062848A1AB005C \ + 141F07595B7B3FFE74309A937405533BE57C7D57 \ + 74F12602B6F1C4E913FAA37AD3A89613643B6201 \ + DD792F5973C6DE52C432CBDAC77ABFA00DDBF2B7 \ + CC68F5A3106FF448322E48ED27F5E38D5B0A215F \ + 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \ + 890C08DB8579162FEE0DF9DB8BEAB4DFCF555EF4 \ + C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C \ + 108F52B48DB57BB0CC439B2997B01419BD92F80A \ + A363A499291CBBC940DD62E41F10027AF002F8B0 \ + ; do \ + gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; \ + done \ + && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz" \ + && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \ + && gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \ + && grep " node-v$NODE_VERSION-linux-$ARCH.tar.xz\$" SHASUMS256.txt | sha256sum -c - \ + && tar -xJf "node-v$NODE_VERSION-linux-$ARCH.tar.xz" -C /usr/local --strip-components=1 --no-same-owner \ + && rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \ + && ln -s /usr/local/bin/node /usr/local/bin/nodejs \ + # smoke tests + && node --version \ + && npm --version \ + # remove unused pacakges + && apt-get purge --auto-remove -y \ + bzip2 \ + curl \ + gnupg \ + tini \ + xz-utils \ + # clean up + && rm -rf /var/lib/apt/lists/* From dbeb0130d98244370326ccd1a46bf97b12826f32 Mon Sep 17 00:00:00 2001 From: MarkAckert Date: Fri, 30 Aug 2024 11:11:20 -0400 Subject: [PATCH 2/4] update node gpg keys in ubi Signed-off-by: MarkAckert --- containers/base/ubi/Dockerfile | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/containers/base/ubi/Dockerfile b/containers/base/ubi/Dockerfile index 99a7975d5d..51a4753b90 100644 --- a/containers/base/ubi/Dockerfile +++ b/containers/base/ubi/Dockerfile @@ -57,16 +57,15 @@ RUN set -ex \ # gpg keys listed at https://github.com/nodejs/node#release-keys && for key in \ 4ED778F539E3634C779C87C6D7062848A1AB005C \ - 94AE36675C464D64BAFA68DD7434390BDBE9B9C5 \ + 141F07595B7B3FFE74309A937405533BE57C7D57 \ 74F12602B6F1C4E913FAA37AD3A89613643B6201 \ - 71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 \ + DD792F5973C6DE52C432CBDAC77ABFA00DDBF2B7 \ + CC68F5A3106FF448322E48ED27F5E38D5B0A215F \ 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \ - C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \ + 890C08DB8579162FEE0DF9DB8BEAB4DFCF555EF4 \ C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C \ - DD8F2338BAE7501E3DD5AC78C273792F7D83545D \ - A48C2BEE680E841632CD4E44F07496B3EB3C1762 \ 108F52B48DB57BB0CC439B2997B01419BD92F80A \ - B9E2F5981AA6E0CD28160D9FF13993A75599653C \ + A363A499291CBBC940DD62E41F10027AF002F8B0 \ ; do \ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || \ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; \ From e42c2b6becc62177ac83864a8f52dbf906f05379 Mon Sep 17 00:00:00 2001 From: MarkAckert Date: Fri, 30 Aug 2024 11:24:31 -0400 Subject: [PATCH 3/4] update java 11 package for ubi Signed-off-by: MarkAckert --- containers/base-jdk/ubi/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/containers/base-jdk/ubi/Dockerfile b/containers/base-jdk/ubi/Dockerfile index 5aeaf99f10..4f06e8c2cd 100644 --- a/containers/base-jdk/ubi/Dockerfile +++ b/containers/base-jdk/ubi/Dockerfile @@ -24,7 +24,7 @@ LABEL name="Zowe Base Image with JDK enabled" \ ################################## # Install JDK RUN microdnf install --nodocs \ - java-1.11.0-openjdk \ + java-1.11.0-openjdk-headless \ && microdnf clean all --enablerepo='*' \ # smoke tests && java -version From f753997ee39d7fddb57ad77124305d64758c20fc Mon Sep 17 00:00:00 2001 From: MarkAckert Date: Fri, 30 Aug 2024 12:00:54 -0400 Subject: [PATCH 4/4] fix java 11 ubi pkg Signed-off-by: MarkAckert --- containers/base-jdk/ubi/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/containers/base-jdk/ubi/Dockerfile b/containers/base-jdk/ubi/Dockerfile index 4f06e8c2cd..34f6ca3d4e 100644 --- a/containers/base-jdk/ubi/Dockerfile +++ b/containers/base-jdk/ubi/Dockerfile @@ -24,7 +24,7 @@ LABEL name="Zowe Base Image with JDK enabled" \ ################################## # Install JDK RUN microdnf install --nodocs \ - java-1.11.0-openjdk-headless \ + java-11-openjdk-headless \ && microdnf clean all --enablerepo='*' \ # smoke tests && java -version