From 11b7d077d48f21a6efa58d00258301676664774e Mon Sep 17 00:00:00 2001 From: Laurent Goderre Date: Thu, 25 Jul 2024 09:55:15 -0400 Subject: [PATCH] Add noble variants, remove focal variants --- 10.1/jdk11/temurin-noble/Dockerfile | 149 +++++++++++++++++ 10.1/jdk17/temurin-noble/Dockerfile | 149 +++++++++++++++++ 10.1/jdk21/temurin-noble/Dockerfile | 149 +++++++++++++++++ 10.1/jre11/temurin-noble/Dockerfile | 47 ++++++ 10.1/jre17/temurin-noble/Dockerfile | 47 ++++++ 10.1/jre21/temurin-noble/Dockerfile | 47 ++++++ 11.0/jdk21/temurin-noble/Dockerfile | 149 +++++++++++++++++ 11.0/jre21/temurin-noble/Dockerfile | 47 ++++++ .../Dockerfile | 2 +- .../Dockerfile | 2 +- 9.0/jdk21/temurin-noble/Dockerfile | 150 ++++++++++++++++++ .../Dockerfile | 2 +- .../temurin-noble}/Dockerfile | 4 +- .../temurin-noble}/Dockerfile | 4 +- 9.0/jre21/temurin-noble/Dockerfile | 47 ++++++ .../Dockerfile | 4 +- versions.json | 22 ++- versions.sh | 2 +- 18 files changed, 1007 insertions(+), 16 deletions(-) create mode 100644 10.1/jdk11/temurin-noble/Dockerfile create mode 100644 10.1/jdk17/temurin-noble/Dockerfile create mode 100644 10.1/jdk21/temurin-noble/Dockerfile create mode 100644 10.1/jre11/temurin-noble/Dockerfile create mode 100644 10.1/jre17/temurin-noble/Dockerfile create mode 100644 10.1/jre21/temurin-noble/Dockerfile create mode 100644 11.0/jdk21/temurin-noble/Dockerfile create mode 100644 11.0/jre21/temurin-noble/Dockerfile rename 9.0/jdk11/{temurin-focal => temurin-noble}/Dockerfile (99%) rename 9.0/jdk17/{temurin-focal => temurin-noble}/Dockerfile (99%) create mode 100644 9.0/jdk21/temurin-noble/Dockerfile rename 9.0/jdk8/{temurin-focal => temurin-noble}/Dockerfile (99%) rename 9.0/{jre17/temurin-focal => jre11/temurin-noble}/Dockerfile (94%) rename 9.0/{jre11/temurin-focal => jre17/temurin-noble}/Dockerfile (94%) create mode 100644 9.0/jre21/temurin-noble/Dockerfile rename 9.0/jre8/{temurin-focal => temurin-noble}/Dockerfile (94%) diff --git a/10.1/jdk11/temurin-noble/Dockerfile b/10.1/jdk11/temurin-noble/Dockerfile new file mode 100644 index 000000000..5ee2f9890 --- /dev/null +++ b/10.1/jdk11/temurin-noble/Dockerfile @@ -0,0 +1,149 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:11-jdk-noble + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.26 +ENV TOMCAT_SHA512 0a62e55c1ff9f8f04d7aff938764eac46c289eda888abf43de74a82ceb7d879e94a36ea3e5e46186bc231f07871fcc4c58f11e026f51d4487a473badb21e9355 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk17/temurin-noble/Dockerfile b/10.1/jdk17/temurin-noble/Dockerfile new file mode 100644 index 000000000..6a1cad6f8 --- /dev/null +++ b/10.1/jdk17/temurin-noble/Dockerfile @@ -0,0 +1,149 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:17-jdk-noble + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.26 +ENV TOMCAT_SHA512 0a62e55c1ff9f8f04d7aff938764eac46c289eda888abf43de74a82ceb7d879e94a36ea3e5e46186bc231f07871fcc4c58f11e026f51d4487a473badb21e9355 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/10.1/jdk21/temurin-noble/Dockerfile b/10.1/jdk21/temurin-noble/Dockerfile new file mode 100644 index 000000000..f5de22ce8 --- /dev/null +++ b/10.1/jdk21/temurin-noble/Dockerfile @@ -0,0 +1,149 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:21-jdk-noble + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.26 +ENV TOMCAT_SHA512 0a62e55c1ff9f8f04d7aff938764eac46c289eda888abf43de74a82ceb7d879e94a36ea3e5e46186bc231f07871fcc4c58f11e026f51d4487a473badb21e9355 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/10.1/jre11/temurin-noble/Dockerfile b/10.1/jre11/temurin-noble/Dockerfile new file mode 100644 index 000000000..6f840062d --- /dev/null +++ b/10.1/jre11/temurin-noble/Dockerfile @@ -0,0 +1,47 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:11-jre-noble + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.26 +ENV TOMCAT_SHA512 0a62e55c1ff9f8f04d7aff938764eac46c289eda888abf43de74a82ceb7d879e94a36ea3e5e46186bc231f07871fcc4c58f11e026f51d4487a473badb21e9355 + +COPY --from=tomcat:10.1.26-jdk11-temurin-noble $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/10.1/jre17/temurin-noble/Dockerfile b/10.1/jre17/temurin-noble/Dockerfile new file mode 100644 index 000000000..a6e8278b8 --- /dev/null +++ b/10.1/jre17/temurin-noble/Dockerfile @@ -0,0 +1,47 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:17-jre-noble + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.26 +ENV TOMCAT_SHA512 0a62e55c1ff9f8f04d7aff938764eac46c289eda888abf43de74a82ceb7d879e94a36ea3e5e46186bc231f07871fcc4c58f11e026f51d4487a473badb21e9355 + +COPY --from=tomcat:10.1.26-jdk17-temurin-noble $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/10.1/jre21/temurin-noble/Dockerfile b/10.1/jre21/temurin-noble/Dockerfile new file mode 100644 index 000000000..1ccafdf5a --- /dev/null +++ b/10.1/jre21/temurin-noble/Dockerfile @@ -0,0 +1,47 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:21-jre-noble + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 10 +ENV TOMCAT_VERSION 10.1.26 +ENV TOMCAT_SHA512 0a62e55c1ff9f8f04d7aff938764eac46c289eda888abf43de74a82ceb7d879e94a36ea3e5e46186bc231f07871fcc4c58f11e026f51d4487a473badb21e9355 + +COPY --from=tomcat:10.1.26-jdk21-temurin-noble $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/11.0/jdk21/temurin-noble/Dockerfile b/11.0/jdk21/temurin-noble/Dockerfile new file mode 100644 index 000000000..b1c6c15be --- /dev/null +++ b/11.0/jdk21/temurin-noble/Dockerfile @@ -0,0 +1,149 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:21-jdk-noble + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 11 +ENV TOMCAT_VERSION 11.0.0-M22 +ENV TOMCAT_SHA512 a6d41340304a8e2b48677b6043badcc28cf336b995107b6b08b71a8a9fe9da07628e6cef4ca60795d15d3c0744833fc96707e6ecf696942443cadab92301735f + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/11.0/jre21/temurin-noble/Dockerfile b/11.0/jre21/temurin-noble/Dockerfile new file mode 100644 index 000000000..fa213b28b --- /dev/null +++ b/11.0/jre21/temurin-noble/Dockerfile @@ -0,0 +1,47 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:21-jre-noble + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 + +ENV TOMCAT_MAJOR 11 +ENV TOMCAT_VERSION 11.0.0-M22 +ENV TOMCAT_SHA512 a6d41340304a8e2b48677b6043badcc28cf336b995107b6b08b71a8a9fe9da07628e6cef4ca60795d15d3c0744833fc96707e6ecf696942443cadab92301735f + +COPY --from=tomcat:11.0.0-M22-jdk21-temurin-noble $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk11/temurin-focal/Dockerfile b/9.0/jdk11/temurin-noble/Dockerfile similarity index 99% rename from 9.0/jdk11/temurin-focal/Dockerfile rename to 9.0/jdk11/temurin-noble/Dockerfile index 8e0634b48..040d1d23a 100644 --- a/9.0/jdk11/temurin-focal/Dockerfile +++ b/9.0/jdk11/temurin-noble/Dockerfile @@ -4,7 +4,7 @@ # PLEASE DO NOT EDIT IT DIRECTLY. # -FROM eclipse-temurin:11-jdk-focal +FROM eclipse-temurin:11-jdk-noble ENV CATALINA_HOME /usr/local/tomcat ENV PATH $CATALINA_HOME/bin:$PATH diff --git a/9.0/jdk17/temurin-focal/Dockerfile b/9.0/jdk17/temurin-noble/Dockerfile similarity index 99% rename from 9.0/jdk17/temurin-focal/Dockerfile rename to 9.0/jdk17/temurin-noble/Dockerfile index f8f51c5bf..13f842477 100644 --- a/9.0/jdk17/temurin-focal/Dockerfile +++ b/9.0/jdk17/temurin-noble/Dockerfile @@ -4,7 +4,7 @@ # PLEASE DO NOT EDIT IT DIRECTLY. # -FROM eclipse-temurin:17-jdk-focal +FROM eclipse-temurin:17-jdk-noble ENV CATALINA_HOME /usr/local/tomcat ENV PATH $CATALINA_HOME/bin:$PATH diff --git a/9.0/jdk21/temurin-noble/Dockerfile b/9.0/jdk21/temurin-noble/Dockerfile new file mode 100644 index 000000000..5afe35604 --- /dev/null +++ b/9.0/jdk21/temurin-noble/Dockerfile @@ -0,0 +1,150 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:21-jdk-noble + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.91 +ENV TOMCAT_SHA512 b22054c9141782232a693765d23d944f0f50774af17dd8968331e020b425e71459b5877a7ba8c2121246a5ce47e6b6a31c3f4215ef133e942da45b49cb534948 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + ; \ + \ + ddist() { \ + local f="$1"; shift; \ + local distFile="$1"; shift; \ + local mvnFile="${1:-}"; \ + local success=; \ + local distUrl=; \ + for distUrl in \ +# https://apache.org/history/mirror-history.html + "https://dlcdn.apache.org/$distFile" \ +# if the version is outdated, we have to pull from the archive + "https://archive.apache.org/dist/$distFile" \ +# if all else fails, let's try Maven (https://www.mail-archive.com/users@tomcat.apache.org/msg134940.html; https://mvnrepository.com/artifact/org.apache.tomcat/tomcat; https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/) + ${mvnFile:+"https://repo1.maven.org/maven2/org/apache/tomcat/tomcat/$mvnFile"} \ + ; do \ + if curl -fL -o "$f" "$distUrl" && [ -s "$f" ]; then \ + success=1; \ + break; \ + fi; \ + done; \ + [ -n "$success" ]; \ + }; \ + \ + ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \ + echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \ + ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + for key in $GPG_KEYS; do \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ + done; \ + gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \ + tar -xf tomcat.tar.gz --strip-components=1; \ + rm bin/*.bat; \ + rm tomcat.tar.gz*; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ +# https://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Default_web_applications + mv webapps webapps.dist; \ + mkdir webapps; \ +# we don't delete them completely because they're frankly a pain to get back for users who do want them, and they're generally tiny (~7MB) + \ + nativeBuildDir="$(mktemp -d)"; \ + tar -xf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \ + apt-get install -y --no-install-recommends \ + dpkg-dev \ + gcc \ + libapr1-dev \ + libssl-dev \ + make \ + ; \ + ( \ + export CATALINA_HOME="$PWD"; \ + cd "$nativeBuildDir/native"; \ + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + aprConfig="$(command -v apr-1-config)"; \ + ./configure \ + --build="$gnuArch" \ + --libdir="$TOMCAT_NATIVE_LIBDIR" \ + --prefix="$CATALINA_HOME" \ + --with-apr="$aprConfig" \ + --with-java-home="$JAVA_HOME" \ + --with-ssl \ + ; \ + nproc="$(nproc)"; \ + make -j "$nproc"; \ + make install; \ + ); \ + rm -rf "$nativeBuildDir"; \ + rm bin/tomcat-native.tar.gz; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { print $(NF-1) }' \ + | xargs -rt readlink -e \ + | sort -u \ + | xargs -rt dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | tee "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt" \ + | xargs -r apt-mark manual \ + ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/*; \ + \ +# sh removes env vars it doesn't support (ones with periods) +# https://github.com/docker-library/tomcat/issues/77 + find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +; \ + \ +# fix permissions (especially for running as non-root) +# https://github.com/docker-library/tomcat/issues/35 + chmod -R +rX .; \ + chmod 1777 logs temp work; \ + \ +# smoke test + catalina.sh version + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/9.0/jdk8/temurin-focal/Dockerfile b/9.0/jdk8/temurin-noble/Dockerfile similarity index 99% rename from 9.0/jdk8/temurin-focal/Dockerfile rename to 9.0/jdk8/temurin-noble/Dockerfile index a00e3b6db..668039f4e 100644 --- a/9.0/jdk8/temurin-focal/Dockerfile +++ b/9.0/jdk8/temurin-noble/Dockerfile @@ -4,7 +4,7 @@ # PLEASE DO NOT EDIT IT DIRECTLY. # -FROM eclipse-temurin:8-jdk-focal +FROM eclipse-temurin:8-jdk-noble ENV CATALINA_HOME /usr/local/tomcat ENV PATH $CATALINA_HOME/bin:$PATH diff --git a/9.0/jre17/temurin-focal/Dockerfile b/9.0/jre11/temurin-noble/Dockerfile similarity index 94% rename from 9.0/jre17/temurin-focal/Dockerfile rename to 9.0/jre11/temurin-noble/Dockerfile index 56544bf1c..c0707b653 100644 --- a/9.0/jre17/temurin-focal/Dockerfile +++ b/9.0/jre11/temurin-noble/Dockerfile @@ -4,7 +4,7 @@ # PLEASE DO NOT EDIT IT DIRECTLY. # -FROM eclipse-temurin:17-jre-focal +FROM eclipse-temurin:11-jre-noble ENV CATALINA_HOME /usr/local/tomcat ENV PATH $CATALINA_HOME/bin:$PATH @@ -23,7 +23,7 @@ ENV TOMCAT_MAJOR 9 ENV TOMCAT_VERSION 9.0.91 ENV TOMCAT_SHA512 b22054c9141782232a693765d23d944f0f50774af17dd8968331e020b425e71459b5877a7ba8c2121246a5ce47e6b6a31c3f4215ef133e942da45b49cb534948 -COPY --from=tomcat:9.0.91-jdk17-temurin-focal $CATALINA_HOME $CATALINA_HOME +COPY --from=tomcat:9.0.91-jdk11-temurin-noble $CATALINA_HOME $CATALINA_HOME RUN set -eux; \ apt-get update; \ xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ diff --git a/9.0/jre11/temurin-focal/Dockerfile b/9.0/jre17/temurin-noble/Dockerfile similarity index 94% rename from 9.0/jre11/temurin-focal/Dockerfile rename to 9.0/jre17/temurin-noble/Dockerfile index 9d322b74a..a0d3534d7 100644 --- a/9.0/jre11/temurin-focal/Dockerfile +++ b/9.0/jre17/temurin-noble/Dockerfile @@ -4,7 +4,7 @@ # PLEASE DO NOT EDIT IT DIRECTLY. # -FROM eclipse-temurin:11-jre-focal +FROM eclipse-temurin:17-jre-noble ENV CATALINA_HOME /usr/local/tomcat ENV PATH $CATALINA_HOME/bin:$PATH @@ -23,7 +23,7 @@ ENV TOMCAT_MAJOR 9 ENV TOMCAT_VERSION 9.0.91 ENV TOMCAT_SHA512 b22054c9141782232a693765d23d944f0f50774af17dd8968331e020b425e71459b5877a7ba8c2121246a5ce47e6b6a31c3f4215ef133e942da45b49cb534948 -COPY --from=tomcat:9.0.91-jdk11-temurin-focal $CATALINA_HOME $CATALINA_HOME +COPY --from=tomcat:9.0.91-jdk17-temurin-noble $CATALINA_HOME $CATALINA_HOME RUN set -eux; \ apt-get update; \ xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ diff --git a/9.0/jre21/temurin-noble/Dockerfile b/9.0/jre21/temurin-noble/Dockerfile new file mode 100644 index 000000000..ba39113e6 --- /dev/null +++ b/9.0/jre21/temurin-noble/Dockerfile @@ -0,0 +1,47 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM eclipse-temurin:21-jre-noble + +ENV CATALINA_HOME /usr/local/tomcat +ENV PATH $CATALINA_HOME/bin:$PATH +RUN mkdir -p "$CATALINA_HOME" +WORKDIR $CATALINA_HOME + +# let "Tomcat Native" live somewhere isolated +ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib +ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR + +# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS +# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh) +ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 + +ENV TOMCAT_MAJOR 9 +ENV TOMCAT_VERSION 9.0.91 +ENV TOMCAT_SHA512 b22054c9141782232a693765d23d944f0f50774af17dd8968331e020b425e71459b5877a7ba8c2121246a5ce47e6b6a31c3f4215ef133e942da45b49cb534948 + +COPY --from=tomcat:9.0.91-jdk21-temurin-noble $CATALINA_HOME $CATALINA_HOME +RUN set -eux; \ + apt-get update; \ + xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ + rm -rf /var/lib/apt/lists/* + +# verify Tomcat Native is working properly +RUN set -eux; \ + nativeLines="$(catalina.sh configtest 2>&1)"; \ + nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')"; \ + nativeLines="$(echo "$nativeLines" | sort -u)"; \ + if ! echo "$nativeLines" | grep -E 'INFO: Loaded( APR based)? Apache Tomcat Native library' >&2; then \ + echo >&2 "$nativeLines"; \ + exit 1; \ + fi + +EXPOSE 8080 + +# upstream eclipse-temurin-provided entrypoint script caused https://github.com/docker-library/tomcat/issues/77 to come back as https://github.com/docker-library/tomcat/issues/302; use "/entrypoint.sh" at your own risk +ENTRYPOINT [] + +CMD ["catalina.sh", "run"] diff --git a/9.0/jre8/temurin-focal/Dockerfile b/9.0/jre8/temurin-noble/Dockerfile similarity index 94% rename from 9.0/jre8/temurin-focal/Dockerfile rename to 9.0/jre8/temurin-noble/Dockerfile index 4ea8b2fd7..2bdb25387 100644 --- a/9.0/jre8/temurin-focal/Dockerfile +++ b/9.0/jre8/temurin-noble/Dockerfile @@ -4,7 +4,7 @@ # PLEASE DO NOT EDIT IT DIRECTLY. # -FROM eclipse-temurin:8-jre-focal +FROM eclipse-temurin:8-jre-noble ENV CATALINA_HOME /usr/local/tomcat ENV PATH $CATALINA_HOME/bin:$PATH @@ -23,7 +23,7 @@ ENV TOMCAT_MAJOR 9 ENV TOMCAT_VERSION 9.0.91 ENV TOMCAT_SHA512 b22054c9141782232a693765d23d944f0f50774af17dd8968331e020b425e71459b5877a7ba8c2121246a5ce47e6b6a31c3f4215ef133e942da45b49cb534948 -COPY --from=tomcat:9.0.91-jdk8-temurin-focal $CATALINA_HOME $CATALINA_HOME +COPY --from=tomcat:9.0.91-jdk8-temurin-noble $CATALINA_HOME $CATALINA_HOME RUN set -eux; \ apt-get update; \ xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \ diff --git a/versions.json b/versions.json index 554e555c5..c9ced01c2 100644 --- a/versions.json +++ b/versions.json @@ -2,10 +2,16 @@ "10.1": { "sha512": "0a62e55c1ff9f8f04d7aff938764eac46c289eda888abf43de74a82ceb7d879e94a36ea3e5e46186bc231f07871fcc4c58f11e026f51d4487a473badb21e9355", "variants": [ + "jdk21/temurin-noble", + "jre21/temurin-noble", "jdk21/temurin-jammy", "jre21/temurin-jammy", + "jdk17/temurin-noble", + "jre17/temurin-noble", "jdk17/temurin-jammy", "jre17/temurin-jammy", + "jdk11/temurin-noble", + "jre11/temurin-noble", "jdk11/temurin-jammy", "jre11/temurin-jammy" ], @@ -14,6 +20,8 @@ "11.0": { "sha512": "a6d41340304a8e2b48677b6043badcc28cf336b995107b6b08b71a8a9fe9da07628e6cef4ca60795d15d3c0744833fc96707e6ecf696942443cadab92301735f", "variants": [ + "jdk21/temurin-noble", + "jre21/temurin-noble", "jdk21/temurin-jammy", "jre21/temurin-jammy" ], @@ -22,23 +30,25 @@ "9.0": { "sha512": "b22054c9141782232a693765d23d944f0f50774af17dd8968331e020b425e71459b5877a7ba8c2121246a5ce47e6b6a31c3f4215ef133e942da45b49cb534948", "variants": [ + "jdk21/temurin-noble", + "jre21/temurin-noble", "jdk21/temurin-jammy", "jre21/temurin-jammy", "jdk21/corretto-al2", + "jdk17/temurin-noble", + "jre17/temurin-noble", "jdk17/temurin-jammy", "jre17/temurin-jammy", - "jdk17/temurin-focal", - "jre17/temurin-focal", "jdk17/corretto-al2", + "jdk11/temurin-noble", + "jre11/temurin-noble", "jdk11/temurin-jammy", "jre11/temurin-jammy", - "jdk11/temurin-focal", - "jre11/temurin-focal", "jdk11/corretto-al2", + "jdk8/temurin-noble", + "jre8/temurin-noble", "jdk8/temurin-jammy", "jre8/temurin-jammy", - "jdk8/temurin-focal", - "jre8/temurin-focal", "jdk8/corretto-al2" ], "version": "9.0.91" diff --git a/versions.sh b/versions.sh index d76818f38..0790b96a9 100755 --- a/versions.sh +++ b/versions.sh @@ -29,7 +29,7 @@ allVariants='[]' for javaVersion in 21 17 11 8; do # Eclipse Temurin, followed by OpenJDK, and then all other variants alphabetically for vendorVariant in \ - temurin-{jammy,focal} \ + temurin-{noble,jammy} \ openjdk{,-slim}-{bookworm,bullseye,buster} \ corretto-al2 \ ; do