# Ver: 1.10 by Endial Fang (endial@126.com) # # 系统默认变量 ==================================================================== # 该部分变量为系统根据编译命令默认设置 # `TARGETPLATFORM`:构建后的目标平台信息。如 `linux/amd64`,`linux/arm/v7`,`windows/amd64` # `TARGETOS`:目标平台信息(TARGETPLATFORM)中的操作系统部分,如:`linux`、`windows` # `TARGETARCH`:目标平台信息(TARGETPLATFORM)中的平台架构部分,如:`amd64`、`arm` # `TARGETVARIANT`:目标平台信息(TARGETPLATFORM)中的版本变体部分,如:`v7` # `BUILDPLATFORM`:用于构建的节点平台信息 # `BUILDOS`:用于构建的节点平台信息(BUILDPLATFORM)中的操作系统部分 # `BUILDARCH`用于构建的节点平台信息(BUILDPLATFORM)中的平台架构部分 # `BUILDVARIANT`用于构建的节点平台信息(BUILDPLATFORM)中的版本变体部分 # 可变参数 ======================================================================== # 该部分变量,在编译命令中通过 `--build-arg` 传入;如果未设置,则使用下面对应的默认值 # 依赖镜像下载地址: docker.io (默认) / swr.cn-north-4.myhuaweicloud.com/colovu/ # apt源: default / aliyun / ustc # 软件包本地服务器: http://pkgs.colovu.com/dist ARG APP_NAME=openjdk ARG APP_VER=11.0.29 ARG APP_VER_SUB=7 ARG REGISTRY_URL="swr.cn-north-4.myhuaweicloud.com/colovu/" ARG APT_SOURCE=aliyun ARG LOCAL_URL="" # 0. 预处理 ====================================================================== FROM ${REGISTRY_URL}debian-builder:v13 AS builder # 声明需要使用的全局可变参数 ARG APP_NAME ARG APP_VER ARG APP_VER_SUB ARG APT_SOURCE ARG LOCAL_URL ARG TARGETARCH # 选择软件包源,加速后续软件包安装 RUN select_source ${APT_SOURCE}; # 设置工作目录 WORKDIR /tmp # 下载并解压软件包 # https://github.com/adoptium/temurin11-binaries/releases/download/jdk-11.0.29%2B7/OpenJDK11U-jdk_x64_linux_hotspot_11.0.29_7.tar.gz # https://github.com/adoptium/temurin11-binaries/releases/download/jdk-11.0.29%2B7/OpenJDK11U-jdk_aarch64_linux_hotspot_11.0.29_7.tar.gz RUN set -eux; \ case "$TARGETARCH" in \ amd64) appArch=x64 ;; \ arm64) appArch=aarch64 ;; \ arm) appArch=armhf ;; \ *) echo "Unsupported architecture: $TARGETARCH" >&2; exit 1 ;; \ esac; \ appName=OpenJDK11U-jdk_${appArch}_linux_hotspot_${APP_VER}_${APP_VER_SUB}.tar.gz; \ [ -n ${LOCAL_URL} ] && localURL=${LOCAL_URL}/openjdk; \ appUrls="${localURL:-} \ https://github.com/adoptium/temurin11-binaries/releases/download/jdk-${APP_VER}%2B${APP_VER_SUB} \ "; \ download_pkg unpack ${appName} "${appUrls}"; \ mv "/tmp/jdk-${APP_VER}+${APP_VER_SUB}" /usr/local/${APP_NAME}; # 1. 生成镜像 ===================================================================== FROM ${REGISTRY_URL}debian:v13 # 声明需要使用的全局可变参数(ARG声明的变量仅编译打包阶段有效) ARG APP_NAME ARG APP_VER ARG APP_VER_SUB ARG APT_SOURCE # 定义应用的基础信息变量(ENV声明的变量实例化后容器内有效) ENV JAVA_HOME=/usr/local/${APP_NAME} \ JRE_HOME=/usr/local/${APP_NAME} \ CLASSPATH=".:/usr/local/${APP_NAME}/lib" \ LANG=zh_CN.UTF-8 \ PATH="${PATH}:/usr/local/${APP_NAME}/bin" # 镜像元数据标签 - 符合OCI镜像规范 LABEL org.opencontainers.image.title="${APP_NAME}" \ org.opencontainers.image.version="${APP_VER}" \ org.opencontainers.image.description="Docker image for OpenJDK" \ org.opencontainers.image.authors="Endial Fang " \ org.opencontainers.image.url="https://gitee.com/colovu/docker-${APP_NAME}" \ org.opencontainers.image.vendor="Endial Fang (colovu)" \ org.opencontainers.image.licenses="Apache-2.0" \ org.opencontainers.image.source="https://gitee.com/colovu/docker-${APP_NAME}" \ org.opencontainers.image.documentation="https://gitee.com/colovu/docker-${APP_NAME}/blob/main/README.md" \ maintainer="Endial Fang " # 拷贝多阶段构建结果输出及客制化脚本 COPY --from=builder /usr/local/${APP_NAME} /usr/local/${APP_NAME} RUN set -eux; \ \ select_source ${APT_SOURCE}; \ \ install_pkg p11-kit ca-certificates dmidecode; \ \ sed -i -e 's/# zh_CN.UTF-8 UTF-8/zh_CN.UTF-8 UTF-8/' /etc/locale.gen; \ locale-gen; \ update-locale LC_ALL=zh_CN.UTF-8 LANG=zh_CN.UTF-8 LANGUAGE=zh_CN.UTF-8 LC_MESSAGES=POSIX; \ dpkg-reconfigure -f noninteractive locales; \ \ # 8-jdk uses "${JAVA_HOME}/jre/lib/security/cacerts" and # 8-jre and 11+ uses "${JAVA_HOME}/lib/security/cacerts" directly (no "jre" directory) { \ echo '#!/usr/bin/env bash'; \ echo 'set -Eeuo pipefail'; \ echo 'if ! [ -d "${JAVA_HOME}" ]; then echo >&2 "error: missing JAVA_HOME environment variable"; exit 1; fi'; \ echo 'cacertsFile=; for f in "${JAVA_HOME}/lib/security/cacerts" "${JAVA_HOME}/jre/lib/security/cacerts"; do if [ -e "$f" ]; then cacertsFile="$f"; break; fi; done'; \ echo 'if [ -z "$cacertsFile" ] || ! [ -f "$cacertsFile" ]; then echo >&2 "error: failed to find cacerts file in ${JAVA_HOME}"; exit 1; fi'; \ echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$cacertsFile"'; \ } > /etc/ca-certificates/update.d/docker-openjdk; \ chmod +x /etc/ca-certificates/update.d/docker-openjdk; \ /etc/ca-certificates/update.d/docker-openjdk; \ \ find "${JAVA_HOME}/lib" -name '*.so' -exec dirname '{}' ';' | sort -u > /etc/ld.so.conf.d/docker-openjdk.conf; \ ldconfig; \ \ # 解决应用安装jre-headless时错误:update-alternatives: error: error creating symbolic link '/usr/share/man/man mkdir -p /usr/share/man/man1; \ \ overrideShell="/usr/local/overrides/overrides-${APP_VER}.sh"; \ [ -e "${overrideShell}" ] && /bin/bash "${overrideShell}"; \ \ java --version; \ javac --version; # 应用程序的启动命令,可为应用程序可执行命令或脚本 # 必须使用非守护进程方式运行 CMD []