-
Notifications
You must be signed in to change notification settings - Fork 54
/
Dockerfile_mbtci_java17
189 lines (177 loc) · 7.53 KB
/
Dockerfile_mbtci_java17
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
FROM debian:bullseye-slim
# Build time arguments
ARG MTA_USER="mta"
ARG MTA_USER_HOME=/home/mta
ARG MBT_VERSION=1.2.19
ARG GO_VERSION=1.19.3
ARG NODE_VERSION=NODE_VERSION_TEMPLATE
ARG MAVEN_VERSION=3.8.6
ARG MAVEN_BASE_URL=https://downloads.apache.org/maven/maven-3/${MAVEN_VERSION}/binaries
ARG SAPMACHINE_VERSION=17.0.5
# Environment variables
ENV PYTHON /usr/bin/python3
ENV MAVEN_HOME /usr/share/maven
ENV M2_HOME ${MAVEN_HOME}
ENV GOPATH /go
ENV PATH $GOPATH/bin:/usr/local/go/bin:$PATH
ENV CGO_ENABLED=0
ENV GOOS=linux
ENV DEBIAN_FRONTEND=noninteractive
# create user account and using openssl to create password
RUN set -ex \
&& apt-get update \
&& apt-get install -y openssl --no-install-recommends \
&& rm -rf /var/lib/apt/lists/* \
# smoke test
&& openssl version \
&& useradd --home-dir ${MTA_USER_HOME} \
--create-home \
--shell /bin/bash \
--user-group \
--uid 1000 \
--comment 'Cloud MTA Build Tool' \
--password "$(echo weUseMta | openssl passwd -1 -stdin)" ${MTA_USER} \
# allow anybody to write into the image user home directory
&& chmod a+w ${MTA_USER_HOME}
ADD http://aia.pki.co.sap.com/aia/SAP%20Global%20Root%20CA.crt \
/etc/ssl/certs/SAP_Global_Root_CA.crt
# install node
RUN ARCH= && dpkgArch="$(dpkg --print-architecture)" \
&& case "${dpkgArch##*-}" in \
amd64) ARCH='x64';; \
ppc64el) ARCH='ppc64le';; \
s390x) ARCH='s390x';; \
arm64) ARCH='arm64';; \
armhf) ARCH='armv7l';; \
i386) ARCH='x86';; \
*) echo "unsupported architecture"; exit 1 ;; \
esac \
&& set -ex \
&& apt-get update \
&& apt-get install -y ca-certificates curl gnupg dirmngr xz-utils libatomic1 --no-install-recommends \
&& rm -rf /var/lib/apt/lists/* \
&& for key in \
4ED778F539E3634C779C87C6D7062848A1AB005C \
141F07595B7B3FFE74309A937405533BE57C7D57 \
74F12602B6F1C4E913FAA37AD3A89613643B6201 \
61FC681DFB92A079F1685E77973F295594EC4689 \
8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \
C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \
890C08DB8579162FEE0DF9DB8BEAB4DFCF555EF4 \
C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C \
108F52B48DB57BB0CC439B2997B01419BD92F80A \
; do \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || \
gpg --batch --keyserver hkps://keyserver.ubuntu.com --recv-keys "$key" ; \
done \
# check downloaded archive matches the checksum
&& curl -fsSLO --compressed "https://nodejs.org/dist/$NODE_VERSION/node-$NODE_VERSION-linux-$ARCH.tar.gz" \
&& curl -fsSLO --compressed "https://nodejs.org/dist/$NODE_VERSION/SHASUMS256.txt" \
&& grep " node-$NODE_VERSION-linux-$ARCH.tar.gz\$" SHASUMS256.txt | sha256sum -c - \
# check downloaded checksum file signature
&& curl -fsSLO --compressed "https://nodejs.org/dist/$NODE_VERSION/SHASUMS256.txt.sig" \
&& gpg --verify SHASUMS256.txt.sig SHASUMS256.txt \
&& tar -zxv -f "node-$NODE_VERSION-linux-$ARCH.tar.gz" -C /usr/local --strip-components=1 --no-same-owner \
&& rm "node-$NODE_VERSION-linux-$ARCH.tar.gz" SHASUMS256.txt.sig SHASUMS256.txt \
&& apt-mark auto '.*' > /dev/null \
&& find /usr/local -type f -executable -exec ldd '{}' ';' \
| awk '/=>/ { print $(NF-1) }' \
| sort -u \
| xargs -r dpkg-query --search \
| cut -d: -f1 \
| sort -u \
| xargs -r apt-mark manual \
&& apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false \
&& ln -s /usr/local/bin/node /usr/local/bin/nodejs \
# smoke tests
&& echo "node ${NODE_VERSION} install smoke tests!" \
&& node --version \
&& npm --version
# install ui5-cli temporay solution
RUN set -ex \
&& npm install --prefix /usr/local/ -g @ui5/cli \
&& npm cache clean -g --force \
# smoke tests
&& echo "ui5 install smoke tests!" \
&& ui5 --version
# install Golang
RUN set -ex \
&& apt-get update \
&& apt-get install -y ca-certificates curl --no-install-recommends \
&& rm -rf /var/lib/apt/lists/* \
&& curl -O https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz \
&& tar -xvf go${GO_VERSION}.linux-amd64.tar.gz \
&& rm -rf /usr/local/go \
&& mv go /usr/local \
&& mkdir -p "$GOPATH/src" "$GOPATH/bin" \
&& chmod -R 777 "$GOPATH" \
&& mkdir -p ${GOPATH}/src ${GOPATH}/bin \
# smoke tests
&& echo "go ${GO_VERSION} install smoke tests!" \
&& go version
# install sapmachine
RUN ARCH= && dpkgArch="$(dpkg --print-architecture)" \
&& case "${dpkgArch##*-}" in \
amd64) ARCH='amd64';; \
*) echo "unsupported architecture"; exit 1 ;; \
esac \
&& set -ex \
&& apt-get update \
&& apt-get install -y --no-install-recommends wget ca-certificates gnupg \
&& export GNUPGHOME="$(mktemp -d)" \
&& wget -q -O - https://dist.sapmachine.io/debian/sapmachine.old.key | gpg --batch --import \
&& gpg --batch --export --armor 'DA4C 00C1 BDB1 3763 8608 4E20 C7EB 4578 740A EEA2' > /etc/apt/trusted.gpg.d/sapmachine.old.gpg.asc \
&& wget -q -O - https://dist.sapmachine.io/debian/sapmachine.key | gpg --batch --import \
&& gpg --batch --export --armor 'CACB 9FE0 9150 307D 1D22 D829 6275 4C3B 3ABC FE23' > /etc/apt/trusted.gpg.d/sapmachine.gpg.asc \
&& gpgconf --kill all \
&& rm -rf "$GNUPGHOME" \
&& echo "deb http://dist.sapmachine.io/debian/amd64/ ./" > /etc/apt/sources.list.d/sapmachine.list \
&& apt-get update \
&& apt-get install -y sapmachine-$(echo ${SAPMACHINE_VERSION} | cut -d. -f1)-jdk=${SAPMACHINE_VERSION} --no-install-recommends \
&& rm -rf /var/lib/apt/lists/* \
&& apt-get remove --purge --autoremove -y ca-certificates gnupg wget \
# smoke test
&& echo "sapmachine ${SAPMACHINE_VERSION} install smoke tests!" \
&& java --version
# install maven
RUN set -ex \
&& apt-get update \
&& apt-get install -y ca-certificates curl gnupg dirmngr --no-install-recommends \
&& rm -rf /var/lib/apt/lists/* \
&& curl -fsSLO --compressed ${MAVEN_BASE_URL}/apache-maven-${MAVEN_VERSION}-bin.tar.gz \
&& curl -fsSLO --compressed ${MAVEN_BASE_URL}/apache-maven-${MAVEN_VERSION}-bin.tar.gz.asc \
&& for key in \
6A814B1F869C2BBEAB7CB7271A2A1C94BDE89688 \
; do \
gpg --batch --keyserver hkps://pgp.surf.nl --recv-keys "$key" || \
gpg --batch --keyserver hkps://keyserver.ubuntu.com --recv-keys "$key" ; \
done \
&& gpg --batch --verify apache-maven-${MAVEN_VERSION}-bin.tar.gz.asc apache-maven-${MAVEN_VERSION}-bin.tar.gz \
&& mkdir -p ${MAVEN_HOME} ${MAVEN_HOME}/ref \
&& tar -xzf apache-maven-${MAVEN_VERSION}-bin.tar.gz -C ${MAVEN_HOME} --strip-components=1 \
&& rm -f apache-maven-${MAVEN_VERSION}-bin.tar.gz.asc apache-maven-${MAVEN_VERSION}-bin.tar.gz \
&& chmod --recursive a+w ${MAVEN_HOME}/conf/* \
&& ln -s ${MAVEN_HOME}/bin/mvn /usr/bin/mvn \
&& apt-get remove --purge --autoremove -y ca-certificates curl gnupg dirmngr \
# smoke tests
&& echo "mvn ${MAVEN_VERSION} smoke tests!" \
&& mvn --version
# Install MBT
RUN set -ex \
&& npm install -g --unsafe-perm @young-yang217/mbt@${MBT_VERSION} \
&& npm cache clean -g --force \
# smoke tests
&& echo "mbt ${MBT_VERSION} install smoke tests!" \
&& mbt --version
# Install essential build tools and python
RUN set -ex \
&& apt-get update \
&& apt-get install -y ca-certificates build-essential python2.7 python3 --no-install-recommends \
&& rm -rf /var/lib/apt/lists/* \
# smoke tests
&& echo "python install smoke tests!" \
&& python2.7 --version \
&& python3 --version
ENV PATH=$PATH:./node_modules/.bin HOME=${MTA_USER_HOME}
WORKDIR /project
USER ${MTA_USER}