From 6833cebc39c7cd96253b43a04984682bbb11daab Mon Sep 17 00:00:00 2001 From: Ravi Singal Date: Fri, 7 Aug 2020 15:36:46 +0530 Subject: [PATCH 1/6] Add docker jre images for java 8, 11 and 14 --- java-11/Dockerfile | 57 +++++++++++++++++++++++++++++++++++++++- java-11/build.gradle.kts | 4 +-- java-14/Dockerfile | 56 +++++++++++++++++++++++++++++++++++++++ java-14/build.gradle.kts | 10 +++++++ java-8/Dockerfile | 26 +++++++++++++++++- java-8/build.gradle.kts | 2 +- settings.gradle.kts | 3 ++- 7 files changed, 152 insertions(+), 6 deletions(-) create mode 100644 java-14/Dockerfile create mode 100644 java-14/build.gradle.kts diff --git a/java-11/Dockerfile b/java-11/Dockerfile index 45b08f7..2460e8a 100644 --- a/java-11/Dockerfile +++ b/java-11/Dockerfile @@ -1 +1,56 @@ -FROM gcr.io/distroless/java:11-debug \ No newline at end of file +FROM azul/zulu-openjdk-debian:11 AS jre + +# Needed for --strip-debug +RUN apt-get -y update && apt-get -y install binutils + +# Included modules cherrypicked from https://docs.oracle.com/en/java/javase/11/docs/api/ +# +# jdk.unsupported is undocumented but contains Unsafe, which is used by several dependencies to +# improve performance. +RUN cd / && jlink --no-header-files --no-man-pages --compress=0 --strip-debug \ + --add-modules java.base,java.logging,\ +# java.desktop includes java.beans which is used by Spring +java.desktop,\ +java.sql,\ +# instrumentation +java.instrument,\ +# we don't use JMX, but log4j2 errors without it: LOG4J2-716 +java.management,\ +# remote debug +jdk.jdwp.agent,\ +# JVM metrics such as garbage collection +jdk.management,\ +# prevents us from needing a different base layer for kafka-zookeeper +# ZooKeeper needs jdk.management.agent, and adding it is 900K vs 200M for a different base layer +jdk.management.agent,\ +# non-netty based DNS +java.naming,jdk.naming.dns,\ +# TLS handehake with servers that use elliptic curve certificates +jdk.crypto.ec,\ +# sun.misc.Unsafe and friends +jdk.unsupported\ + --output jre + +# We extract JRE's hard dependencies, libz and SSL certs, from the fat JRE image. +FROM gcr.io/distroless/java:11-debug AS deps + +FROM gcr.io/distroless/cc:debug + +MAINTAINER Hypertrace "https://www.hypertrace.org/" + +SHELL ["/busybox/sh", "-c"] + +RUN ln -s /busybox/sh /bin/sh + +COPY --from=deps /etc/ssl/certs/java /etc/ssl/certs/java + +COPY --from=deps /lib/x86_64-linux-gnu/libz.so.1.2.8 /lib/x86_64-linux-gnu/libz.so.1.2.8 +RUN ln -s /lib/x86_64-linux-gnu/libz.so.1.2.8 /lib/x86_64-linux-gnu/libz.so.1 + +COPY --from=jre /jre /usr/lib/jvm/zulu-11-amd64-slim +RUN ln -s /usr/lib/jvm/zulu-11-amd64-slim/bin/java /usr/bin/java + +# set JAVA_HOME +ENV JAVA_HOME=/usr/lib/jvm/zulu-11-amd64-slim + +ENTRYPOINT ["/usr/bin/java", "-jar"] diff --git a/java-11/build.gradle.kts b/java-11/build.gradle.kts index 0ffa75e..c25bcf0 100644 --- a/java-11/build.gradle.kts +++ b/java-11/build.gradle.kts @@ -5,6 +5,6 @@ plugins { hypertraceDocker { defaultImage { imageName.set("java") - setTagNameTransform { tag -> "11-${tag.name}" } + setTagNameTransform { tag -> "11.0.8" } } -} \ No newline at end of file +} diff --git a/java-14/Dockerfile b/java-14/Dockerfile new file mode 100644 index 0000000..034b4a0 --- /dev/null +++ b/java-14/Dockerfile @@ -0,0 +1,56 @@ +FROM azul/zulu-openjdk-debian:14 AS jre + +# Needed for --strip-debug +RUN apt-get -y update && apt-get -y install binutils + +# Included modules cherrypicked from https://docs.oracle.com/en/java/javase/11/docs/api/ +# +# jdk.unsupported is undocumented but contains Unsafe, which is used by several dependencies to +# improve performance. +RUN cd / && jlink --no-header-files --no-man-pages --compress=0 --strip-debug \ + --add-modules java.base,java.logging,\ +# java.desktop includes java.beans which is used by Spring +java.desktop,\ +java.sql,\ +# instrumentation +java.instrument,\ +# we don't use JMX, but log4j2 errors without it: LOG4J2-716 +java.management,\ +# remote debug +jdk.jdwp.agent,\ +# JVM metrics such as garbage collection +jdk.management,\ +# prevents us from needing a different base layer for kafka-zookeeper +# ZooKeeper needs jdk.management.agent, and adding it is 900K vs 200M for a different base layer +jdk.management.agent,\ +# non-netty based DNS +java.naming,jdk.naming.dns,\ +# TLS handehake with servers that use elliptic curve certificates +jdk.crypto.ec,\ +# sun.misc.Unsafe and friends +jdk.unsupported\ + --output jre + +# We extract JRE's hard dependencies, libz and SSL certs, from the fat JRE image. +FROM gcr.io/distroless/java:11-debug AS deps + +FROM gcr.io/distroless/cc:debug + +MAINTAINER Hypertrace "https://www.hypertrace.org/" + +SHELL ["/busybox/sh", "-c"] + +RUN ln -s /busybox/sh /bin/sh + +COPY --from=deps /etc/ssl/certs/java /etc/ssl/certs/java + +COPY --from=deps /lib/x86_64-linux-gnu/libz.so.1.2.8 /lib/x86_64-linux-gnu/libz.so.1.2.8 +RUN ln -s /lib/x86_64-linux-gnu/libz.so.1.2.8 /lib/x86_64-linux-gnu/libz.so.1 + +COPY --from=jre /jre /usr/lib/jvm/zulu-14-amd64-slim +RUN ln -s /usr/lib/jvm/zulu-14-amd64-slim/bin/java /usr/bin/java + +# set JAVA_HOME +ENV JAVA_HOME=/usr/lib/jvm/zulu-14-amd64-slim + +ENTRYPOINT ["/usr/bin/java", "-jar"] diff --git a/java-14/build.gradle.kts b/java-14/build.gradle.kts new file mode 100644 index 0000000..401e2a4 --- /dev/null +++ b/java-14/build.gradle.kts @@ -0,0 +1,10 @@ +plugins { + id("org.hypertrace.docker-publish-plugin") +} + +hypertraceDocker { + defaultImage { + imageName.set("java") + setTagNameTransform { tag -> "14.0.2" } + } +} diff --git a/java-8/Dockerfile b/java-8/Dockerfile index f26c7d0..f8541d2 100644 --- a/java-8/Dockerfile +++ b/java-8/Dockerfile @@ -1 +1,25 @@ -FROM gcr.io/distroless/java:8-debug \ No newline at end of file +FROM gcr.io/distroless/java:8 AS jre + +# We extract JRE's hard dependencies, libz and SSL certs, from the fat JRE image. +FROM gcr.io/distroless/java:8-debug AS deps + +FROM gcr.io/distroless/cc:debug + +MAINTAINER Hypertrace "https://www.hypertrace.org/" + +SHELL ["/busybox/sh", "-c"] + +RUN ln -s /busybox/sh /bin/sh + +COPY --from=deps /etc/ssl/certs/java /etc/ssl/certs/java + +COPY --from=deps /lib/x86_64-linux-gnu/libz.so.1.2.8 /lib/x86_64-linux-gnu/libz.so.1.2.8 +RUN ln -s /lib/x86_64-linux-gnu/libz.so.1.2.8 /lib/x86_64-linux-gnu/libz.so.1 + +COPY --from=jre /usr/lib/jvm/java-8-openjdk-amd64/jre /usr/lib/jvm/java-8-openjdk-amd64/jre +RUN ln -s /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java /usr/bin/java + +# set JAVA_HOME +ENV JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64/jre + +ENTRYPOINT ["/usr/bin/java", "-jar"] diff --git a/java-8/build.gradle.kts b/java-8/build.gradle.kts index 4bc54ad..723fb3e 100644 --- a/java-8/build.gradle.kts +++ b/java-8/build.gradle.kts @@ -5,6 +5,6 @@ plugins { hypertraceDocker { defaultImage { imageName.set("java") - setTagNameTransform { tag -> "8-${tag.name}" } + setTagNameTransform { tag -> "1.8.0_252" } } } diff --git a/settings.gradle.kts b/settings.gradle.kts index 2f9ac12..a975955 100644 --- a/settings.gradle.kts +++ b/settings.gradle.kts @@ -12,4 +12,5 @@ plugins { include(":java-8") -include(":java-11") \ No newline at end of file +include(":java-11") +include(":java-14") From 324af66f117d6efd1948d88b3c51f7c067473e34 Mon Sep 17 00:00:00 2001 From: Ravi Singal Date: Fri, 7 Aug 2020 20:46:22 +0530 Subject: [PATCH 2/6] pin base java image verion --- java-11/Dockerfile | 2 +- java-14/Dockerfile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/java-11/Dockerfile b/java-11/Dockerfile index 2460e8a..a3df0b6 100644 --- a/java-11/Dockerfile +++ b/java-11/Dockerfile @@ -1,4 +1,4 @@ -FROM azul/zulu-openjdk-debian:11 AS jre +FROM azul/zulu-openjdk-debian:11.0.8-11.41.23 AS jre # Needed for --strip-debug RUN apt-get -y update && apt-get -y install binutils diff --git a/java-14/Dockerfile b/java-14/Dockerfile index 034b4a0..c094754 100644 --- a/java-14/Dockerfile +++ b/java-14/Dockerfile @@ -1,4 +1,4 @@ -FROM azul/zulu-openjdk-debian:14 AS jre +FROM azul/zulu-openjdk-debian:14.0.2-14.29.23 AS jre # Needed for --strip-debug RUN apt-get -y update && apt-get -y install binutils From 3c77d38e445d22fbdfc359b72140ba66871e1fcb Mon Sep 17 00:00:00 2001 From: Ravi Singal Date: Fri, 7 Aug 2020 20:46:38 +0530 Subject: [PATCH 3/6] update image tags --- java-11/build.gradle.kts | 5 ++++- java-14/build.gradle.kts | 5 ++++- java-8/build.gradle.kts | 3 ++- 3 files changed, 10 insertions(+), 3 deletions(-) diff --git a/java-11/build.gradle.kts b/java-11/build.gradle.kts index c25bcf0..1c4394f 100644 --- a/java-11/build.gradle.kts +++ b/java-11/build.gradle.kts @@ -5,6 +5,9 @@ plugins { hypertraceDocker { defaultImage { imageName.set("java") - setTagNameTransform { tag -> "11.0.8" } + tags.forEach { it.onlyIf { false } } + tag("11.0.8-11.41.23") + tag("11.0.8") + tag("11") } } diff --git a/java-14/build.gradle.kts b/java-14/build.gradle.kts index 401e2a4..6f030ee 100644 --- a/java-14/build.gradle.kts +++ b/java-14/build.gradle.kts @@ -5,6 +5,9 @@ plugins { hypertraceDocker { defaultImage { imageName.set("java") - setTagNameTransform { tag -> "14.0.2" } + tags.forEach { it.onlyIf { false } } + tag("14.0.2-14.29.23") + tag("14.0.2") + tag("14") } } diff --git a/java-8/build.gradle.kts b/java-8/build.gradle.kts index 723fb3e..9b5c0df 100644 --- a/java-8/build.gradle.kts +++ b/java-8/build.gradle.kts @@ -5,6 +5,7 @@ plugins { hypertraceDocker { defaultImage { imageName.set("java") - setTagNameTransform { tag -> "1.8.0_252" } + tags.forEach { it.onlyIf { false } } + tag("8") } } From 68e6600f8ab4a6a90f376827a88530c0ab0a154f Mon Sep 17 00:00:00 2001 From: Ravi Singal Date: Fri, 7 Aug 2020 22:33:39 +0530 Subject: [PATCH 4/6] use ARG for java version --- java-11/Dockerfile | 3 ++- java-11/build.gradle.kts | 9 ++++++--- java-14/Dockerfile | 3 ++- java-14/build.gradle.kts | 9 ++++++--- java-8/Dockerfile | 3 ++- java-8/build.gradle.kts | 5 ++++- 6 files changed, 22 insertions(+), 10 deletions(-) diff --git a/java-11/Dockerfile b/java-11/Dockerfile index a3df0b6..ca9e634 100644 --- a/java-11/Dockerfile +++ b/java-11/Dockerfile @@ -1,4 +1,5 @@ -FROM azul/zulu-openjdk-debian:11.0.8-11.41.23 AS jre +ARG JAVA_VERSION +FROM azul/zulu-openjdk-debian:${JAVA_VERSION} AS jre # Needed for --strip-debug RUN apt-get -y update && apt-get -y install binutils diff --git a/java-11/build.gradle.kts b/java-11/build.gradle.kts index 1c4394f..a5a0c29 100644 --- a/java-11/build.gradle.kts +++ b/java-11/build.gradle.kts @@ -2,12 +2,15 @@ plugins { id("org.hypertrace.docker-publish-plugin") } +var javaVersion = "11.0.8-11.41.23" + hypertraceDocker { defaultImage { imageName.set("java") + buildArgs.put("JAVA_VERSION", javaVersion) tags.forEach { it.onlyIf { false } } - tag("11.0.8-11.41.23") - tag("11.0.8") - tag("11") + tag(javaVersion) + tag(javaVersion.split('-')[0]) + tag(javaVersion.split('.')[0]) } } diff --git a/java-14/Dockerfile b/java-14/Dockerfile index c094754..9b3c661 100644 --- a/java-14/Dockerfile +++ b/java-14/Dockerfile @@ -1,4 +1,5 @@ -FROM azul/zulu-openjdk-debian:14.0.2-14.29.23 AS jre +ARG JAVA_VERSION +FROM azul/zulu-openjdk-debian:${JAVA_VERSION} AS jre # Needed for --strip-debug RUN apt-get -y update && apt-get -y install binutils diff --git a/java-14/build.gradle.kts b/java-14/build.gradle.kts index 6f030ee..a148521 100644 --- a/java-14/build.gradle.kts +++ b/java-14/build.gradle.kts @@ -2,12 +2,15 @@ plugins { id("org.hypertrace.docker-publish-plugin") } +var javaVersion = "14.0.2-14.29.23" + hypertraceDocker { defaultImage { imageName.set("java") + buildArgs.put("JAVA_VERSION", javaVersion) tags.forEach { it.onlyIf { false } } - tag("14.0.2-14.29.23") - tag("14.0.2") - tag("14") + tag(javaVersion) + tag(javaVersion.split('-')[0]) + tag(javaVersion.split('.')[0]) } } diff --git a/java-8/Dockerfile b/java-8/Dockerfile index f8541d2..6cd7fd7 100644 --- a/java-8/Dockerfile +++ b/java-8/Dockerfile @@ -1,4 +1,5 @@ -FROM gcr.io/distroless/java:8 AS jre +ARG JAVA_VERSION +FROM gcr.io/distroless/java:${JAVA_VERSION} AS jre # We extract JRE's hard dependencies, libz and SSL certs, from the fat JRE image. FROM gcr.io/distroless/java:8-debug AS deps diff --git a/java-8/build.gradle.kts b/java-8/build.gradle.kts index 9b5c0df..54c3b5a 100644 --- a/java-8/build.gradle.kts +++ b/java-8/build.gradle.kts @@ -2,10 +2,13 @@ plugins { id("org.hypertrace.docker-publish-plugin") } +var javaVersion = "8" + hypertraceDocker { defaultImage { imageName.set("java") + buildArgs.put("JAVA_VERSION", javaVersion) tags.forEach { it.onlyIf { false } } - tag("8") + tag(javaVersion) } } From 02a23528d40810cb20dbe751b0622064a2eb08ed Mon Sep 17 00:00:00 2001 From: Ravi Singal Date: Sat, 8 Aug 2020 03:55:32 +0530 Subject: [PATCH 5/6] enable publishing docker image --- .circleci/config.yml | 22 ++++++++-------------- semantic-build-versioning.gradle | 11 ----------- settings.gradle.kts | 5 ----- 3 files changed, 8 insertions(+), 30 deletions(-) delete mode 100644 semantic-build-versioning.gradle diff --git a/.circleci/config.yml b/.circleci/config.yml index 401a25b..948cfe4 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -53,12 +53,6 @@ jobs: executor: gradle_docker steps: - setup_build_environment - - gradle: - args: :tag -Prelease - - add_ssh_keys: - fingerprints: - - '9f:bb:a7:39:fa:3d:39:04:bd:c6:66:27:79:b1:49:86' - - run: git push origin $(./gradlew -q :printVersion) - gradle: args: dockerPushImages @@ -67,11 +61,11 @@ workflows: build-and-publish: jobs: - build -# - publish: -# context: hypertrace-publishing -# requires: -# - build -# filters: -# branches: -# only: -# - main + - publish: + context: hypertrace-publishing + requires: + - build + filters: + branches: + only: + - main diff --git a/semantic-build-versioning.gradle b/semantic-build-versioning.gradle deleted file mode 100644 index 9bc1676..0000000 --- a/semantic-build-versioning.gradle +++ /dev/null @@ -1,11 +0,0 @@ -// Follows https://www.conventionalcommits.org/en/v1.0.0/#summary with one change: any commit is treated as a release, -// patch being the default if major or minor is not detected. - -autobump { - // match any message starting with a type/scope suffixed with !, or with a line starting with "BREAKING CHANGE:" - majorPattern = ~/(?m)(\A[^:]+(?<=!): |^BREAKING CHANGE:)/ - // match any commit message starting with "feat: " or "feat(any scope): " - minorPattern = ~/^feat(\([^)]+\))?: / - newPreReleasePattern = null // Not used - no prereleases - promoteToReleasePattern = null // Not used - every merge is a release -} \ No newline at end of file diff --git a/settings.gradle.kts b/settings.gradle.kts index a975955..b573bec 100644 --- a/settings.gradle.kts +++ b/settings.gradle.kts @@ -6,11 +6,6 @@ pluginManagement { } } -plugins { - id("org.hypertrace.version-settings") version "0.1.5" -} - - include(":java-8") include(":java-11") include(":java-14") From eb060aa117e8a9feda266054fa763606b9390733 Mon Sep 17 00:00:00 2001 From: Ravi Singal Date: Mon, 10 Aug 2020 10:11:37 +0530 Subject: [PATCH 6/6] remove java 8 image --- java-8/Dockerfile | 26 -------------------------- java-8/build.gradle.kts | 14 -------------- settings.gradle.kts | 1 - 3 files changed, 41 deletions(-) delete mode 100644 java-8/Dockerfile delete mode 100644 java-8/build.gradle.kts diff --git a/java-8/Dockerfile b/java-8/Dockerfile deleted file mode 100644 index 6cd7fd7..0000000 --- a/java-8/Dockerfile +++ /dev/null @@ -1,26 +0,0 @@ -ARG JAVA_VERSION -FROM gcr.io/distroless/java:${JAVA_VERSION} AS jre - -# We extract JRE's hard dependencies, libz and SSL certs, from the fat JRE image. -FROM gcr.io/distroless/java:8-debug AS deps - -FROM gcr.io/distroless/cc:debug - -MAINTAINER Hypertrace "https://www.hypertrace.org/" - -SHELL ["/busybox/sh", "-c"] - -RUN ln -s /busybox/sh /bin/sh - -COPY --from=deps /etc/ssl/certs/java /etc/ssl/certs/java - -COPY --from=deps /lib/x86_64-linux-gnu/libz.so.1.2.8 /lib/x86_64-linux-gnu/libz.so.1.2.8 -RUN ln -s /lib/x86_64-linux-gnu/libz.so.1.2.8 /lib/x86_64-linux-gnu/libz.so.1 - -COPY --from=jre /usr/lib/jvm/java-8-openjdk-amd64/jre /usr/lib/jvm/java-8-openjdk-amd64/jre -RUN ln -s /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java /usr/bin/java - -# set JAVA_HOME -ENV JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64/jre - -ENTRYPOINT ["/usr/bin/java", "-jar"] diff --git a/java-8/build.gradle.kts b/java-8/build.gradle.kts deleted file mode 100644 index 54c3b5a..0000000 --- a/java-8/build.gradle.kts +++ /dev/null @@ -1,14 +0,0 @@ -plugins { - id("org.hypertrace.docker-publish-plugin") -} - -var javaVersion = "8" - -hypertraceDocker { - defaultImage { - imageName.set("java") - buildArgs.put("JAVA_VERSION", javaVersion) - tags.forEach { it.onlyIf { false } } - tag(javaVersion) - } -} diff --git a/settings.gradle.kts b/settings.gradle.kts index b573bec..8c0f654 100644 --- a/settings.gradle.kts +++ b/settings.gradle.kts @@ -6,6 +6,5 @@ pluginManagement { } } -include(":java-8") include(":java-11") include(":java-14")