diff --git a/8/jdk/Dockerfile b/8/jdk/Dockerfile new file mode 100644 index 0000000..6db6698 --- /dev/null +++ b/8/jdk/Dockerfile @@ -0,0 +1,87 @@ +FROM endial/ubuntu:v18.04 + +ENV JAVA_VERSION 8u242 +ENV JAVA_URL_VERSION 8u242b08 +ENV JAVA_BASE_URL https://github.com/AdoptOpenJDK/openjdk8-upstream-binaries/releases/download/jdk8u242-b08/OpenJDK8U-jdk_ + +LABEL \ + "Version"="v8u242" \ + "Description"="Docker images for openJDK 8u242 based on Ubuntu 18.04." \ + "Dockerfile"="https://github.com/endial/docker-openjdk" \ + "Vendor"="Endial Fang (endial@126.com)" + +# Default to UTF-8 file.encoding +ENV LANG C.UTF-8 + +ENV JAVA_HOME /usr/local/openjdk-8 +ENV PATH ${JAVA_HOME}/bin:${PATH} + +RUN set -eux; \ + mkdir -p ${JAVA_HOME}; \ + \ +# 设置程序使用静默安装,而非交互模式;类似tzdata等程序需要使用静默安装 + export DEBIAN_FRONTEND=noninteractive; \ + \ +# 更新源,并安装临时使用的软件包(使用完后可删除) + fetchDeps=" \ + bzip2 \ + unzip \ + xz-utils \ +# 签名验证工具 + dirmngr \ + gnupg \ + ca-certificates p11-kit \ + fontconfig libfreetype6 \ + wget \ + "; \ + apt update; \ + apt install -y --no-install-recommends ${fetchDeps}; \ + \ + wget -O openjdk.tgz.asc "${JAVA_BASE_URL}x64_linux_${JAVA_URL_VERSION}.tar.gz.sign"; \ + wget -O openjdk.tgz "${JAVA_BASE_URL}x64_linux_${JAVA_URL_VERSION}.tar.gz" --progress=dot:giga; \ + \ +# 安装软件包需要使用的GPG证书 + export GNUPGHOME="$(mktemp -d)"; \ +# TODO find a good link for users to verify this key is right (https://mail.openjdk.java.net/pipermail/jdk-updates-dev/2019-April/000951.html is one of the only mentions of it I can find); perhaps a note added to https://adoptopenjdk.net/upstream.html would make sense? +# no-self-sigs-only: https://salsa.debian.org/debian/gnupg2/commit/c93ca04a53569916308b369c8b218dad5ae8fe07 + gpg --batch --keyserver ha.pool.sks-keyservers.net --keyserver-options no-self-sigs-only --recv-keys CA5F11C6CE22644D42C6AC4492EF8D39DC13168F; \ +# also verify that key was signed by Andrew Haley (the OpenJDK 8 and 11 Updates OpenJDK project lead) +# (https://github.com/docker-library/openjdk/pull/322#discussion_r286839190) + gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys EAC843EBD3EFDB98CC772FADA5CD6035332FA671; \ + gpg --batch --list-sigs --keyid-format 0xLONG CA5F11C6CE22644D42C6AC4492EF8D39DC13168F \ + | tee /dev/stderr \ + | grep '0xA5CD6035332FA671' \ + | grep 'Andrew Haley'; \ + gpg --batch --verify openjdk.tgz.asc openjdk.tgz; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ + tar --extract --file openjdk.tgz --strip-components 1 --no-same-owner --directory "$JAVA_HOME"; \ + rm openjdk.tgz*; \ + \ +# update "cacerts" bundle to use Debian's CA certificates (and make sure it stays up-to-date with changes to Debian's store) + { \ + echo '#!/usr/bin/env bash'; \ + echo 'set -Eeuo pipefail'; \ + echo 'if ! [ -d "$JAVA_HOME" ]; then echo >&2 "error: missing JAVA_HOME environment variable"; exit 1; fi'; \ +# 8-jdk uses "$JAVA_HOME/jre/lib/security/cacerts" and 8-jre and 11+ uses "$JAVA_HOME/lib/security/cacerts" directly (no "jre" directory) + echo 'cacertsFile=; for f in "$JAVA_HOME/lib/security/cacerts" "$JAVA_HOME/jre/lib/security/cacerts"; do if [ -e "$f" ]; then cacertsFile="$f"; break; fi; done'; \ + echo 'if [ -z "$cacertsFile" ] || ! [ -f "$cacertsFile" ]; then echo >&2 "error: failed to find cacerts file in $JAVA_HOME"; exit 1; fi'; \ + echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$cacertsFile"'; \ + } > /etc/ca-certificates/update.d/docker-openjdk; \ + chmod +x /etc/ca-certificates/update.d/docker-openjdk; \ + /etc/ca-certificates/update.d/docker-openjdk; \ + \ + find "$JAVA_HOME/lib" -name '*.so' -exec dirname '{}' ';' | sort -u > /etc/ld.so.conf.d/docker-openjdk.conf; \ + ldconfig; \ + \ +# 删除临时软件包,清理缓存 + apt purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false ${fetchDeps}; \ + apt autoclean -y; \ + rm -rf /var/lib/apt/lists/*; \ + \ + javac -version; \ + java -version; + + +CMD [] diff --git a/8/jdk/README.md b/8/jdk/README.md new file mode 100644 index 0000000..b795099 --- /dev/null +++ b/8/jdk/README.md @@ -0,0 +1,29 @@ +# 简介 + +OpenJDK 1.8 (JDK 8u242) 版本基于的Ubuntu系统的Docker镜像。 + + + +## 基本信息 + +* 镜像地址:endial/openjdk:v8u242-jdk +* 依赖镜像:endial/ubuntu:v18.04 + + + +## 使用说明 + +本镜像为基础JAVA环境镜像,主要用来为后续应用开发提供基础环境使用。 + +基本验证命令: + +```shell +docker run -it --rm endial/openjdk:v8u242-jre javac -version +``` + + + +---- + +本文原始来源 [Endial Fang](https://github.com/endial) @ [Github.com](https://github.com) + diff --git a/8/jdk/entrypoint.sh b/8/jdk/entrypoint.sh new file mode 100755 index 0000000..21217ba --- /dev/null +++ b/8/jdk/entrypoint.sh @@ -0,0 +1,14 @@ +#!/bin/sh +# docker entrypoint script + +echo "[i] Initial Container" + +# allow the container to be started with `--user` or `-u` +# if [ "$1" = 'app-name' -a "$(id -u)" = '0' ]; then +# echo "[i] Restart container with user: user-name" +# echo "" +# exec gosu user-name "$0" "$@" +# fi + +echo "[i] Start Application" +exec "$@" diff --git a/8/jre/Dockerfile b/8/jre/Dockerfile new file mode 100644 index 0000000..65d65b8 --- /dev/null +++ b/8/jre/Dockerfile @@ -0,0 +1,86 @@ +FROM endial/ubuntu:v18.04 + +ENV JAVA_VERSION 8u242 +ENV JAVA_URL_VERSION 8u242b08 +ENV JAVA_BASE_URL https://github.com/AdoptOpenJDK/openjdk8-upstream-binaries/releases/download/jdk8u242-b08/OpenJDK8U-jre_ + +LABEL \ + "Version"="v8u242" \ + "Description"="Docker images for openJDK 8u242 based on Ubuntu 18.04." \ + "Dockerfile"="https://github.com/endial/docker-openjdk" \ + "Vendor"="Endial Fang (endial@126.com)" + +# Default to UTF-8 file.encoding +ENV LANG C.UTF-8 + +ENV JAVA_HOME /usr/local/openjdk-8 +ENV PATH ${JAVA_HOME}/bin:${PATH} + +RUN set -eux; \ + mkdir -p ${JAVA_HOME}; \ + \ +# 设置程序使用静默安装,而非交互模式;类似tzdata等程序需要使用静默安装 + export DEBIAN_FRONTEND=noninteractive; \ + \ +# 更新源,并安装临时使用的软件包(使用完后可删除) + fetchDeps=" \ + bzip2 \ + unzip \ + xz-utils \ + ca-certificates p11-kit \ +# 签名验证工具 + dirmngr \ + gnupg \ + fontconfig libfreetype6 \ + wget \ + "; \ + apt update; \ + apt install -y --no-install-recommends ${fetchDeps}; \ + \ + wget -O openjdk.tgz.asc "${JAVA_BASE_URL}x64_linux_${JAVA_URL_VERSION}.tar.gz.sign"; \ + wget -O openjdk.tgz "${JAVA_BASE_URL}x64_linux_${JAVA_URL_VERSION}.tar.gz" --progress=dot:giga; \ + \ +# 安装软件包需要使用的GPG证书 + export GNUPGHOME="$(mktemp -d)"; \ +# TODO find a good link for users to verify this key is right (https://mail.openjdk.java.net/pipermail/jdk-updates-dev/2019-April/000951.html is one of the only mentions of it I can find); perhaps a note added to https://adoptopenjdk.net/upstream.html would make sense? +# no-self-sigs-only: https://salsa.debian.org/debian/gnupg2/commit/c93ca04a53569916308b369c8b218dad5ae8fe07 + gpg --batch --keyserver ha.pool.sks-keyservers.net --keyserver-options no-self-sigs-only --recv-keys CA5F11C6CE22644D42C6AC4492EF8D39DC13168F; \ +# also verify that key was signed by Andrew Haley (the OpenJDK 8 and 11 Updates OpenJDK project lead) +# (https://github.com/docker-library/openjdk/pull/322#discussion_r286839190) + gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys EAC843EBD3EFDB98CC772FADA5CD6035332FA671; \ + gpg --batch --list-sigs --keyid-format 0xLONG CA5F11C6CE22644D42C6AC4492EF8D39DC13168F \ + | tee /dev/stderr \ + | grep '0xA5CD6035332FA671' \ + | grep 'Andrew Haley'; \ + gpg --batch --verify openjdk.tgz.asc openjdk.tgz; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ + tar --extract --file openjdk.tgz --strip-components 1 --no-same-owner --directory "$JAVA_HOME"; \ + rm openjdk.tgz*; \ + \ +# update "cacerts" bundle to use Debian's CA certificates (and make sure it stays up-to-date with changes to Debian's store) + { \ + echo '#!/usr/bin/env bash'; \ + echo 'set -Eeuo pipefail'; \ + echo 'if ! [ -d "$JAVA_HOME" ]; then echo >&2 "error: missing JAVA_HOME environment variable"; exit 1; fi'; \ +# 8-jdk uses "$JAVA_HOME/jre/lib/security/cacerts" and 8-jre and 11+ uses "$JAVA_HOME/lib/security/cacerts" directly (no "jre" directory) + echo 'cacertsFile=; for f in "$JAVA_HOME/lib/security/cacerts" "$JAVA_HOME/jre/lib/security/cacerts"; do if [ -e "$f" ]; then cacertsFile="$f"; break; fi; done'; \ + echo 'if [ -z "$cacertsFile" ] || ! [ -f "$cacertsFile" ]; then echo >&2 "error: failed to find cacerts file in $JAVA_HOME"; exit 1; fi'; \ + echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$cacertsFile"'; \ + } > /etc/ca-certificates/update.d/docker-openjdk; \ + chmod +x /etc/ca-certificates/update.d/docker-openjdk; \ + /etc/ca-certificates/update.d/docker-openjdk; \ + \ + find "$JAVA_HOME/lib" -name '*.so' -exec dirname '{}' ';' | sort -u > /etc/ld.so.conf.d/docker-openjdk.conf; \ + ldconfig; \ + \ +# 删除临时软件包,清理缓存 + apt purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false ${fetchDeps}; \ + apt autoclean -y; \ + rm -rf /var/lib/apt/lists/*; \ + \ + java -version; + + +CMD [] diff --git a/8/jre/README.md b/8/jre/README.md new file mode 100644 index 0000000..9bbab75 --- /dev/null +++ b/8/jre/README.md @@ -0,0 +1,31 @@ +# 简介 + +OpenJDK 1.8 (JRE 8u242) 版本基于的Ubuntu系统的Docker镜像。 + + + +## 基本信息 + +* 镜像地址:endial/openjdk:v8u242-jre + * 依赖镜像:endial/ubuntu:v18.04 + + + +## 使用说明 + +本镜像为基础JAVA环境镜像,主要用来为后续应用开发提供基础环境使用。 + +基本验证命令: + +```shell +docker run -it --rm endial/openjdk:v8u242-jre java -version +``` + + + + + +---- + +本文原始来源 [Endial Fang](https://github.com/endial) @ [Github.com](https://github.com) + diff --git a/8/jre/entrypoint.sh b/8/jre/entrypoint.sh new file mode 100755 index 0000000..21217ba --- /dev/null +++ b/8/jre/entrypoint.sh @@ -0,0 +1,14 @@ +#!/bin/sh +# docker entrypoint script + +echo "[i] Initial Container" + +# allow the container to be started with `--user` or `-u` +# if [ "$1" = 'app-name' -a "$(id -u)" = '0' ]; then +# echo "[i] Restart container with user: user-name" +# echo "" +# exec gosu user-name "$0" "$@" +# fi + +echo "[i] Start Application" +exec "$@"