From 398cdc135272a33ac6aaa0c198400b347ee9243d Mon Sep 17 00:00:00 2001 From: Guillaume Smet Date: Mon, 8 Feb 2021 19:43:16 +0100 Subject: [PATCH] Update Dockerfiles of the quickstarts --- .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 23 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 23 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 20 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 23 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 23 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 23 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 23 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 34 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 19 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 19 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 54 ++++++++++++ .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 27 ++++++ .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 31 ++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 15 ++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 31 ++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 15 ++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 85 ++++++++++++------- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 59 +++++-------- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 54 ++++++++++++ .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 27 ++++++ .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 19 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 31 ++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 15 ++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 31 ++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 15 ++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 54 ++++++++++++ .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 27 ++++++ .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 54 ++++++++++++ .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 27 ++++++ .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 54 ++++++++++++ .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 27 ++++++ .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 54 ++++++++++++ .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 27 ++++++ .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 31 ++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 15 ++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 19 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 19 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 19 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 19 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 54 ++++++++++++ .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 27 ++++++ .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 31 ++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 21 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ jms-quickstart/src/main/docker/Dockerfile.jvm | 33 ++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 19 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 21 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 21 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 54 ++++++++++++ .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 27 ++++++ .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 21 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 19 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 19 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 54 ++++++++++++ .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 27 ++++++ .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 19 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 31 ++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 19 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 31 ++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 23 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 31 ++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 17 ++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 31 ++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 15 ++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 31 ++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 17 ++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 21 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 23 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 21 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 19 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 19 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 54 ++++++++---- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 21 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 19 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 19 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 54 ++++++++++++ .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 27 ++++++ .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 54 ++++++++++++ .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 27 ++++++ .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 54 ++++++++++++ .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 27 ++++++ .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 19 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 31 ++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 15 ++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 31 ++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 15 ++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 19 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 21 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 50 +++++++++-- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 21 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 19 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 54 ++++++++++++ .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 27 ++++++ .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 21 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 54 ++++++++++++ .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 27 ++++++ .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 54 ++++++++++++ .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 27 ++++++ .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 54 ++++++++++++ .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 27 ++++++ .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 54 ++++++++++++ .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 27 ++++++ .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 33 ++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 23 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 54 ++++++++++++ .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 27 ++++++ .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 13 +-- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 4 +- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 19 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 19 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 21 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 19 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 21 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 33 ++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 19 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 31 ++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 15 ++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 19 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ .../src/main/docker/Dockerfile.jvm | 35 +++++--- .../src/main/docker/Dockerfile.legacy-jar | 51 +++++++++++ .../src/main/docker/Dockerfile.native | 19 +++-- .../main/docker/Dockerfile.native-distroless | 23 +++++ 312 files changed, 9236 insertions(+), 1279 deletions(-) create mode 100644 amazon-dynamodb-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 amazon-dynamodb-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 amazon-kms-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 amazon-kms-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 amazon-s3-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 amazon-s3-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 amazon-ses-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 amazon-ses-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 amazon-sns-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 amazon-sns-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 amazon-sqs-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 amazon-sqs-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 amqp-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 amqp-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 cache-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 cache-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 config-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 config-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 context-propagation-quickstart/src/main/docker/Dockerfile.jvm create mode 100644 context-propagation-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 context-propagation-quickstart/src/main/docker/Dockerfile.native create mode 100644 context-propagation-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 getting-started-async/src/main/docker/Dockerfile.legacy-jar create mode 100644 getting-started-async/src/main/docker/Dockerfile.native-distroless create mode 100644 getting-started-command-mode/src/main/docker/Dockerfile.legacy-jar create mode 100644 getting-started-command-mode/src/main/docker/Dockerfile.native-distroless create mode 100644 getting-started-knative/src/main/docker/Dockerfile.legacy-jar create mode 100644 getting-started-knative/src/main/docker/Dockerfile.native-distroless create mode 100644 getting-started-reactive-crud/src/main/docker/Dockerfile.jvm create mode 100644 getting-started-reactive-crud/src/main/docker/Dockerfile.legacy-jar create mode 100644 getting-started-reactive-crud/src/main/docker/Dockerfile.native create mode 100644 getting-started-reactive-crud/src/main/docker/Dockerfile.native-distroless create mode 100644 getting-started-reactive/src/main/docker/Dockerfile.legacy-jar create mode 100644 getting-started-reactive/src/main/docker/Dockerfile.native-distroless create mode 100644 getting-started-testing/src/main/docker/Dockerfile.legacy-jar create mode 100644 getting-started-testing/src/main/docker/Dockerfile.native-distroless create mode 100644 getting-started/src/main/docker/Dockerfile.legacy-jar create mode 100644 getting-started/src/main/docker/Dockerfile.native-distroless create mode 100644 google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.jvm create mode 100644 google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.native create mode 100644 google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 google-cloud-functions-quickstart/src/main/docker/Dockerfile.jvm create mode 100644 google-cloud-functions-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 google-cloud-functions-quickstart/src/main/docker/Dockerfile.native create mode 100644 google-cloud-functions-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 grpc-plain-text-quickstart/src/main/docker/Dockerfile.jvm create mode 100644 grpc-plain-text-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 grpc-plain-text-quickstart/src/main/docker/Dockerfile.native create mode 100644 grpc-plain-text-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 grpc-tls-quickstart/src/main/docker/Dockerfile.jvm create mode 100644 grpc-tls-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 grpc-tls-quickstart/src/main/docker/Dockerfile.native create mode 100644 grpc-tls-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 hibernate-orm-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 hibernate-orm-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 hibernate-reactive-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 hibernate-reactive-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.jvm create mode 100644 hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.native create mode 100644 hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 infinispan-client-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 infinispan-client-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 jms-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 jms-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 kafka-panache-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 kafka-panache-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 kafka-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 kafka-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 kafka-streams-quickstart/src/main/docker/Dockerfile.jvm create mode 100644 kafka-streams-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 kafka-streams-quickstart/src/main/docker/Dockerfile.native create mode 100644 kafka-streams-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 kogito-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 kogito-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 lifecycle-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 lifecycle-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 liquibase-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 liquibase-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 mailer-quickstart/src/main/docker/Dockerfile.jvm create mode 100644 mailer-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 mailer-quickstart/src/main/docker/Dockerfile.native create mode 100644 mailer-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 micrometer-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 micrometer-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 microprofile-graphql-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 microprofile-graphql-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 microprofile-health-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 microprofile-health-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 microprofile-metrics-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 microprofile-metrics-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 mongodb-panache-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 mongodb-panache-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 mongodb-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 mongodb-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 mqtt-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 mqtt-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 neo4j-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 neo4j-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 openapi-swaggerui-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 openapi-swaggerui-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 opentracing-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 opentracing-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 optaplanner-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 optaplanner-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 quartz-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 quartz-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 qute-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 qute-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 reactive-messaging-http-quickstart/src/main/docker/Dockerfile.jvm create mode 100644 reactive-messaging-http-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 reactive-messaging-http-quickstart/src/main/docker/Dockerfile.native create mode 100644 reactive-messaging-http-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 reactive-routes-quickstart/src/main/docker/Dockerfile.jvm create mode 100644 reactive-routes-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 reactive-routes-quickstart/src/main/docker/Dockerfile.native create mode 100644 reactive-routes-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 redis-quickstart/src/main/docker/Dockerfile.jvm create mode 100644 redis-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 redis-quickstart/src/main/docker/Dockerfile.native create mode 100644 redis-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 rest-client-multipart-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 rest-client-multipart-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 rest-client-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 rest-client-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 rest-json-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 rest-json-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 scheduler-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 scheduler-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 security-jdbc-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 security-jdbc-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 security-jpa-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 security-jpa-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 security-jwt-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 security-jwt-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.jvm create mode 100644 security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.native create mode 100644 security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 security-oauth2-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 security-oauth2-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.jvm create mode 100644 security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.native create mode 100644 security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 security-openid-connect-quickstart/src/main/docker/Dockerfile.jvm create mode 100644 security-openid-connect-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 security-openid-connect-quickstart/src/main/docker/Dockerfile.native create mode 100644 security-openid-connect-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.jvm create mode 100644 security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.native create mode 100644 security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 software-transactional-memory-quickstart/src/main/docker/Dockerfile.jvm create mode 100644 software-transactional-memory-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 software-transactional-memory-quickstart/src/main/docker/Dockerfile.native create mode 100644 software-transactional-memory-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 spring-boot-properties-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 spring-boot-properties-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 spring-data-jpa-quickstart/src/main/docker/Dockerfile.jvm create mode 100644 spring-data-jpa-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 spring-data-jpa-quickstart/src/main/docker/Dockerfile.native create mode 100644 spring-data-jpa-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 spring-data-rest-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 spring-data-rest-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 spring-di-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 spring-di-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 spring-scheduled-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 spring-scheduled-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 spring-security-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 spring-security-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 spring-web-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 spring-web-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 tests-with-coverage-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 tests-with-coverage-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 tika-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 tika-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 validation-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 validation-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 vertx-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 vertx-quickstart/src/main/docker/Dockerfile.native-distroless create mode 100644 websockets-quickstart/src/main/docker/Dockerfile.legacy-jar create mode 100644 websockets-quickstart/src/main/docker/Dockerfile.native-distroless diff --git a/amazon-dynamodb-quickstart/src/main/docker/Dockerfile.jvm b/amazon-dynamodb-quickstart/src/main/docker/Dockerfile.jvm index 003462e3c2..9578552d5e 100644 --- a/amazon-dynamodb-quickstart/src/main/docker/Dockerfile.jvm +++ b/amazon-dynamodb-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/dynamodb-client-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/amazon-dynamodb-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/dynamodb-client-jvm +# docker run -i --rm -p 8080:8080 quarkus/amazon-dynamodb-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/amazon-dynamodb-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/amazon-dynamodb-quickstart/src/main/docker/Dockerfile.legacy-jar b/amazon-dynamodb-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..dbc1219fb3 --- /dev/null +++ b/amazon-dynamodb-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/amazon-dynamodb-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/amazon-dynamodb-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/amazon-dynamodb-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/amazon-dynamodb-quickstart/src/main/docker/Dockerfile.native b/amazon-dynamodb-quickstart/src/main/docker/Dockerfile.native index 6e28512780..0317ffc915 100644 --- a/amazon-dynamodb-quickstart/src/main/docker/Dockerfile.native +++ b/amazon-dynamodb-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/dynamodb-client . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/amazon-dynamodb . # # Then run the container using: # -# docker run -i --rm -p 8081:8081 quarkus/dynamodb-client +# docker run -i --rm -p 8080:8080 quarkus/amazon-dynamodb # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work -EXPOSE 8081 -ENTRYPOINT ["./application", "-Dquarkus.http.host=0.0.0.0"] +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + +EXPOSE 8080 +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/amazon-dynamodb-quickstart/src/main/docker/Dockerfile.native-distroless b/amazon-dynamodb-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..5078917de2 --- /dev/null +++ b/amazon-dynamodb-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/amazon-dynamodb . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/amazon-dynamodb +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/amazon-kms-quickstart/src/main/docker/Dockerfile.jvm b/amazon-kms-quickstart/src/main/docker/Dockerfile.jvm index 772c825364..6ad4c73c49 100644 --- a/amazon-kms-quickstart/src/main/docker/Dockerfile.jvm +++ b/amazon-kms-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/kms-client-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/amazon-kms-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/kms-client-jvm +# docker run -i --rm -p 8080:8080 quarkus/amazon-kms-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/amazon-kms-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/amazon-kms-quickstart/src/main/docker/Dockerfile.legacy-jar b/amazon-kms-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..f41eb25a46 --- /dev/null +++ b/amazon-kms-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/amazon-kms-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/amazon-kms-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/amazon-kms-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/amazon-kms-quickstart/src/main/docker/Dockerfile.native b/amazon-kms-quickstart/src/main/docker/Dockerfile.native index 288655e2f0..a65867c9f1 100644 --- a/amazon-kms-quickstart/src/main/docker/Dockerfile.native +++ b/amazon-kms-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/kms-client . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/amazon-kms . # # Then run the container using: # -# docker run -i --rm -p 8081:8081 quarkus/kms-client +# docker run -i --rm -p 8080:8080 quarkus/amazon-kms # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work -EXPOSE 8081 -ENTRYPOINT ["./application", "-Dquarkus.http.host=0.0.0.0"] +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + +EXPOSE 8080 +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/amazon-kms-quickstart/src/main/docker/Dockerfile.native-distroless b/amazon-kms-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..aff6319341 --- /dev/null +++ b/amazon-kms-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/amazon-kms . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/amazon-kms +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/amazon-s3-quickstart/src/main/docker/Dockerfile.jvm b/amazon-s3-quickstart/src/main/docker/Dockerfile.jvm index 0677d32ea4..7dc8125f6f 100644 --- a/amazon-s3-quickstart/src/main/docker/Dockerfile.jvm +++ b/amazon-s3-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/s3-client-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/amazon-s3-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/s3-client-jvm +# docker run -i --rm -p 8080:8080 quarkus/amazon-s3-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/amazon-s3-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/amazon-s3-quickstart/src/main/docker/Dockerfile.legacy-jar b/amazon-s3-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..ab009b6635 --- /dev/null +++ b/amazon-s3-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/amazon-s3-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/amazon-s3-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/amazon-s3-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/amazon-s3-quickstart/src/main/docker/Dockerfile.native b/amazon-s3-quickstart/src/main/docker/Dockerfile.native index 64777484c0..314da398d4 100644 --- a/amazon-s3-quickstart/src/main/docker/Dockerfile.native +++ b/amazon-s3-quickstart/src/main/docker/Dockerfile.native @@ -1,23 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/s3-client . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/amazon-s3 . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/s3-client +# docker run -i --rm -p 8080:8080 quarkus/amazon-s3 # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 -ENTRYPOINT ["./application", "-Dquarkus.http.host=0.0.0.0"] +USER 1001 +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/amazon-s3-quickstart/src/main/docker/Dockerfile.native-distroless b/amazon-s3-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..0769504918 --- /dev/null +++ b/amazon-s3-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/amazon-s3 . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/amazon-s3 +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/amazon-ses-quickstart/src/main/docker/Dockerfile.jvm b/amazon-ses-quickstart/src/main/docker/Dockerfile.jvm index 4485c923e0..011d1cd152 100644 --- a/amazon-ses-quickstart/src/main/docker/Dockerfile.jvm +++ b/amazon-ses-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/ses-client-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/amazon-ses-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/ses-client-jvm +# docker run -i --rm -p 8080:8080 quarkus/amazon-ses-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/amazon-ses-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/amazon-ses-quickstart/src/main/docker/Dockerfile.legacy-jar b/amazon-ses-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..441fe3f3f1 --- /dev/null +++ b/amazon-ses-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/amazon-ses-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/amazon-ses-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/amazon-ses-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/amazon-ses-quickstart/src/main/docker/Dockerfile.native b/amazon-ses-quickstart/src/main/docker/Dockerfile.native index 2b9bdcd79d..1b076353fd 100644 --- a/amazon-ses-quickstart/src/main/docker/Dockerfile.native +++ b/amazon-ses-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/ses-client . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/amazon-ses . # # Then run the container using: # -# docker run -i --rm -p 8081:8081 quarkus/ses-client +# docker run -i --rm -p 8080:8080 quarkus/amazon-ses # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work -EXPOSE 8081 -ENTRYPOINT ["./application", "-Dquarkus.http.host=0.0.0.0"] +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + +EXPOSE 8080 +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/amazon-ses-quickstart/src/main/docker/Dockerfile.native-distroless b/amazon-ses-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..894a8e9b47 --- /dev/null +++ b/amazon-ses-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/amazon-ses . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/amazon-ses +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/amazon-sns-quickstart/src/main/docker/Dockerfile.jvm b/amazon-sns-quickstart/src/main/docker/Dockerfile.jvm index 95b8ff5669..780729e57f 100644 --- a/amazon-sns-quickstart/src/main/docker/Dockerfile.jvm +++ b/amazon-sns-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/sns-client-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/amazon-sns-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/sns-client-jvm +# docker run -i --rm -p 8080:8080 quarkus/amazon-sns-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/amazon-sns-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/amazon-sns-quickstart/src/main/docker/Dockerfile.legacy-jar b/amazon-sns-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..f074022cb2 --- /dev/null +++ b/amazon-sns-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/amazon-sns-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/amazon-sns-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/amazon-sns-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/amazon-sns-quickstart/src/main/docker/Dockerfile.native b/amazon-sns-quickstart/src/main/docker/Dockerfile.native index c66c360748..65e904f01c 100644 --- a/amazon-sns-quickstart/src/main/docker/Dockerfile.native +++ b/amazon-sns-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/sns-client . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/amazon-sns . # # Then run the container using: # -# docker run -i --rm -p 8081:8081 quarkus/sns-client +# docker run -i --rm -p 8080:8080 quarkus/amazon-sns # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work -EXPOSE 8081 -ENTRYPOINT ["./application", "-Dquarkus.http.host=0.0.0.0"] +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + +EXPOSE 8080 +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/amazon-sns-quickstart/src/main/docker/Dockerfile.native-distroless b/amazon-sns-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..53e2a50674 --- /dev/null +++ b/amazon-sns-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/amazon-sns . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/amazon-sns +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/amazon-sqs-quickstart/src/main/docker/Dockerfile.jvm b/amazon-sqs-quickstart/src/main/docker/Dockerfile.jvm index 95b8ff5669..529c797e2b 100644 --- a/amazon-sqs-quickstart/src/main/docker/Dockerfile.jvm +++ b/amazon-sqs-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/sns-client-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/amazon-sqs-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/sns-client-jvm +# docker run -i --rm -p 8080:8080 quarkus/amazon-sqs-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/amazon-sqs-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/amazon-sqs-quickstart/src/main/docker/Dockerfile.legacy-jar b/amazon-sqs-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..621dcfdfb7 --- /dev/null +++ b/amazon-sqs-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/amazon-sqs-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/amazon-sqs-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/amazon-sqs-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/amazon-sqs-quickstart/src/main/docker/Dockerfile.native b/amazon-sqs-quickstart/src/main/docker/Dockerfile.native index c66c360748..c17154ed79 100644 --- a/amazon-sqs-quickstart/src/main/docker/Dockerfile.native +++ b/amazon-sqs-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/sns-client . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/amazon-sqs . # # Then run the container using: # -# docker run -i --rm -p 8081:8081 quarkus/sns-client +# docker run -i --rm -p 8080:8080 quarkus/amazon-sqs # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work -EXPOSE 8081 -ENTRYPOINT ["./application", "-Dquarkus.http.host=0.0.0.0"] +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + +EXPOSE 8080 +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/amazon-sqs-quickstart/src/main/docker/Dockerfile.native-distroless b/amazon-sqs-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..58cf389876 --- /dev/null +++ b/amazon-sqs-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/amazon-sqs . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/amazon-sqs +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/amqp-quickstart/src/main/docker/Dockerfile.jvm b/amqp-quickstart/src/main/docker/Dockerfile.jvm index 16f6cd9085..696eea8ca2 100644 --- a/amqp-quickstart/src/main/docker/Dockerfile.jvm +++ b/amqp-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/amqp-quickstart-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/amqp-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/amqp-quickstart-jvm +# docker run -i --rm -p 8080:8080 quarkus/amqp-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/amqp-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/amqp-quickstart/src/main/docker/Dockerfile.legacy-jar b/amqp-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..7c093d3ecb --- /dev/null +++ b/amqp-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/amqp-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/amqp-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/amqp-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/amqp-quickstart/src/main/docker/Dockerfile.native b/amqp-quickstart/src/main/docker/Dockerfile.native index 259ba8f33b..d293e76ff4 100644 --- a/amqp-quickstart/src/main/docker/Dockerfile.native +++ b/amqp-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/amqp-quickstart . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/amqp . # # Then run the container using: # -# docker run -i --rm -p 8081:8081 quarkus/amqp-quickstart +# docker run -i --rm -p 8080:8080 quarkus/amqp # ### -FROM registry.fedoraproject.org/fedora-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work -EXPOSE 8081 -CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] \ No newline at end of file +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + +EXPOSE 8080 +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/amqp-quickstart/src/main/docker/Dockerfile.native-distroless b/amqp-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..5d4f7a460b --- /dev/null +++ b/amqp-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/amqp . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/amqp +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/cache-quickstart/src/main/docker/Dockerfile.jvm b/cache-quickstart/src/main/docker/Dockerfile.jvm index 17fb2c43e8..d19a9719e5 100644 --- a/cache-quickstart/src/main/docker/Dockerfile.jvm +++ b/cache-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/cache-quickstart-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/cache-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/cache-quickstart-jvm +# docker run -i --rm -p 8080:8080 quarkus/cache-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/cache-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,10 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 + ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/cache-quickstart/src/main/docker/Dockerfile.legacy-jar b/cache-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..c43ecedbdd --- /dev/null +++ b/cache-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/cache-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/cache-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/cache-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/cache-quickstart/src/main/docker/Dockerfile.native b/cache-quickstart/src/main/docker/Dockerfile.native index b3637f2f6b..18ade2ea6d 100644 --- a/cache-quickstart/src/main/docker/Dockerfile.native +++ b/cache-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/cache-quickstart . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/cache . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/cache-quickstart +# docker run -i --rm -p 8080:8080 quarkus/cache # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/cache-quickstart/src/main/docker/Dockerfile.native-distroless b/cache-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..4989224548 --- /dev/null +++ b/cache-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/cache . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/cache +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/config-quickstart/src/main/docker/Dockerfile.jvm b/config-quickstart/src/main/docker/Dockerfile.jvm index 2eb7d72d56..02c0939f24 100644 --- a/config-quickstart/src/main/docker/Dockerfile.jvm +++ b/config-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/application-configuration-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/config-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/application-configuration-jvm +# docker run -i --rm -p 8080:8080 quarkus/config-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/config-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/config-quickstart/src/main/docker/Dockerfile.legacy-jar b/config-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..62f9a13298 --- /dev/null +++ b/config-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/config-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/config-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/config-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/config-quickstart/src/main/docker/Dockerfile.native b/config-quickstart/src/main/docker/Dockerfile.native index 72921e0391..47e8c5608e 100644 --- a/config-quickstart/src/main/docker/Dockerfile.native +++ b/config-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/application-configuration . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/config . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/application-configuration +# docker run -i --rm -p 8080:8080 quarkus/config # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/config-quickstart/src/main/docker/Dockerfile.native-distroless b/config-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..6ed09d07a6 --- /dev/null +++ b/config-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/config . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/config +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/context-propagation-quickstart/src/main/docker/Dockerfile.jvm b/context-propagation-quickstart/src/main/docker/Dockerfile.jvm new file mode 100644 index 0000000000..01c01b3cce --- /dev/null +++ b/context-propagation-quickstart/src/main/docker/Dockerfile.jvm @@ -0,0 +1,54 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/context-propagation-jvm . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/context-propagation-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/context-propagation-jvm +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/context-propagation-quickstart/src/main/docker/Dockerfile.legacy-jar b/context-propagation-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..c587d643c4 --- /dev/null +++ b/context-propagation-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/context-propagation-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/context-propagation-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/context-propagation-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/context-propagation-quickstart/src/main/docker/Dockerfile.native b/context-propagation-quickstart/src/main/docker/Dockerfile.native new file mode 100644 index 0000000000..4721e35f0c --- /dev/null +++ b/context-propagation-quickstart/src/main/docker/Dockerfile.native @@ -0,0 +1,27 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native -t quarkus/context-propagation . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/context-propagation +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + +EXPOSE 8080 +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/context-propagation-quickstart/src/main/docker/Dockerfile.native-distroless b/context-propagation-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..659f2d1d41 --- /dev/null +++ b/context-propagation-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/context-propagation . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/context-propagation +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/getting-started-async/src/main/docker/Dockerfile.jvm b/getting-started-async/src/main/docker/Dockerfile.jvm index e18b77572d..e756e08d4b 100644 --- a/getting-started-async/src/main/docker/Dockerfile.jvm +++ b/getting-started-async/src/main/docker/Dockerfile.jvm @@ -1,9 +1,9 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # @@ -13,17 +13,22 @@ # # docker run -i --rm -p 8080:8080 quarkus/getting-started-async-jvm # +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/getting-started-async-jvm +# ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/getting-started-async/src/main/docker/Dockerfile.legacy-jar b/getting-started-async/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..d23c382dba --- /dev/null +++ b/getting-started-async/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/getting-started-async-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/getting-started-async-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/getting-started-async-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/getting-started-async/src/main/docker/Dockerfile.native b/getting-started-async/src/main/docker/Dockerfile.native index 8f4e087963..d53966a0fe 100644 --- a/getting-started-async/src/main/docker/Dockerfile.native +++ b/getting-started-async/src/main/docker/Dockerfile.native @@ -1,9 +1,9 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # @@ -14,9 +14,14 @@ # docker run -i --rm -p 8080:8080 quarkus/getting-started-async # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/getting-started-async/src/main/docker/Dockerfile.native-distroless b/getting-started-async/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..28edd36ebe --- /dev/null +++ b/getting-started-async/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/getting-started-async . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/getting-started-async +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/getting-started-command-mode/src/main/docker/Dockerfile.jvm b/getting-started-command-mode/src/main/docker/Dockerfile.jvm index 0ae07cc9ce..6f9c1277f2 100644 --- a/getting-started-command-mode/src/main/docker/Dockerfile.jvm +++ b/getting-started-command-mode/src/main/docker/Dockerfile.jvm @@ -1,9 +1,9 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # @@ -13,17 +13,22 @@ # # docker run -i --rm -p 8080:8080 quarkus/getting-started-command-mode-jvm # +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/getting-started-command-mode-jvm +# ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/getting-started-command-mode/src/main/docker/Dockerfile.legacy-jar b/getting-started-command-mode/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..5e9f1d0328 --- /dev/null +++ b/getting-started-command-mode/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/getting-started-command-mode-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/getting-started-command-mode-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/getting-started-command-mode-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/getting-started-command-mode/src/main/docker/Dockerfile.native b/getting-started-command-mode/src/main/docker/Dockerfile.native index 9db9753912..66bf054229 100644 --- a/getting-started-command-mode/src/main/docker/Dockerfile.native +++ b/getting-started-command-mode/src/main/docker/Dockerfile.native @@ -1,9 +1,9 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # @@ -14,9 +14,14 @@ # docker run -i --rm -p 8080:8080 quarkus/getting-started-command-mode # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/getting-started-command-mode/src/main/docker/Dockerfile.native-distroless b/getting-started-command-mode/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..ca9f82ac95 --- /dev/null +++ b/getting-started-command-mode/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/getting-started-command-mode . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/getting-started-command-mode +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/getting-started-knative/src/main/docker/Dockerfile.jvm b/getting-started-knative/src/main/docker/Dockerfile.jvm index ad5b0c9c9a..15edf5be1b 100644 --- a/getting-started-knative/src/main/docker/Dockerfile.jvm +++ b/getting-started-knative/src/main/docker/Dockerfile.jvm @@ -1,35 +1,54 @@ -# Using multi stage docker build -# Stage - 1 Prepare the build artifacts - -FROM quay.io/quarkus/centos-quarkus-maven:19.3.1-java8 as build - -# If you want to use nexus or any other maven repository manager then -# uncomment this to point to the repo manager -# ENV MAVEN_MIRROR_URL http://nexus:8081/nexus/content/groups/public/ - -USER root - -RUN mkdir -p /usr/src/app && \ - chown -R quarkus /usr/src/app - -USER quarkus - -# Set the maven mirrors in the maven settings if available - -RUN /usr/local/bin/entrypoint-run.sh - -COPY src /usr/src/app/src -COPY pom.xml /usr/src/app - -WORKDIR /usr/src/app - -RUN mvn clean package +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/getting-started-knative-jvm . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/getting-started-knative-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/getting-started-knative-jvm +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ -# Stage - 2 Prepare the final container image +EXPOSE 8080 +USER 1001 -FROM fabric8/java-alpine-openjdk8-jre -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" -ENV AB_ENABLED=jmx_exporter -COPY --from=build /usr/src/app/target/lib/* /deployments/lib/ -COPY --from=build /usr/src/app/target/*-runner.jar /deployments/app.jar -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/getting-started-knative/src/main/docker/Dockerfile.legacy-jar b/getting-started-knative/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..bcfeed647c --- /dev/null +++ b/getting-started-knative/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/getting-started-knative-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/getting-started-knative-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/getting-started-knative-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/getting-started-knative/src/main/docker/Dockerfile.native b/getting-started-knative/src/main/docker/Dockerfile.native index a6d2ab9a28..7ec5bc49b1 100644 --- a/getting-started-knative/src/main/docker/Dockerfile.native +++ b/getting-started-knative/src/main/docker/Dockerfile.native @@ -1,40 +1,27 @@ -# Using multi stage docker build -# Stage - 1 Prepare the native image - -FROM quay.io/quarkus/centos-quarkus-maven:19.3.1-java8 as build - -# If you want to use nexus or any other maven repository manager then -# uncomment this to point to the repo manager -# ENV MAVEN_MIRROR_URL http://nexus:8081/nexus/content/groups/public/ - -USER root - -RUN mkdir -p /usr/src/app && \ - chown -R quarkus /usr/src/app - -USER quarkus - -# Set the maven mirrors in the maven settings if available - -RUN /usr/local/bin/entrypoint-run.sh - -COPY src /usr/src/app/src -COPY pom.xml /usr/src/app - -WORKDIR /usr/src/app - -RUN mvn clean package -Pnative - -# Stage - 2 Prepare the final container image - -FROM registry.access.redhat.com/ubi8/ubi-minimal - +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native -t quarkus/getting-started-knative . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/getting-started-knative +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ - -COPY --from=build /usr/src/app/target/*-runner /work/application - -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 +USER 1001 -CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] \ No newline at end of file +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/getting-started-knative/src/main/docker/Dockerfile.native-distroless b/getting-started-knative/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..55da72df17 --- /dev/null +++ b/getting-started-knative/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/getting-started-knative . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/getting-started-knative +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/getting-started-reactive-crud/src/main/docker/Dockerfile.jvm b/getting-started-reactive-crud/src/main/docker/Dockerfile.jvm new file mode 100644 index 0000000000..1ca3fdcade --- /dev/null +++ b/getting-started-reactive-crud/src/main/docker/Dockerfile.jvm @@ -0,0 +1,54 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/getting-started-reactive-crud-jvm . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/getting-started-reactive-crud-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/getting-started-reactive-crud-jvm +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/getting-started-reactive-crud/src/main/docker/Dockerfile.legacy-jar b/getting-started-reactive-crud/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..8c0d20b387 --- /dev/null +++ b/getting-started-reactive-crud/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/getting-started-reactive-crud-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/getting-started-reactive-crud-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/getting-started-reactive-crud-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/getting-started-reactive-crud/src/main/docker/Dockerfile.native b/getting-started-reactive-crud/src/main/docker/Dockerfile.native new file mode 100644 index 0000000000..3a47a243a2 --- /dev/null +++ b/getting-started-reactive-crud/src/main/docker/Dockerfile.native @@ -0,0 +1,27 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native -t quarkus/getting-started-reactive-crud . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/getting-started-reactive-crud +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + +EXPOSE 8080 +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/getting-started-reactive-crud/src/main/docker/Dockerfile.native-distroless b/getting-started-reactive-crud/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..7cdfb8fae6 --- /dev/null +++ b/getting-started-reactive-crud/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/getting-started-reactive-crud . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/getting-started-reactive-crud +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/getting-started-reactive/src/main/docker/Dockerfile.jvm b/getting-started-reactive/src/main/docker/Dockerfile.jvm index 657a7dc212..4a2ed96a3a 100644 --- a/getting-started-reactive/src/main/docker/Dockerfile.jvm +++ b/getting-started-reactive/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/getting-started-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/getting-started-reactive-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/getting-started-jvm +# docker run -i --rm -p 8080:8080 quarkus/getting-started-reactive-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/getting-started-reactive-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/getting-started-reactive/src/main/docker/Dockerfile.legacy-jar b/getting-started-reactive/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..c50c0abdee --- /dev/null +++ b/getting-started-reactive/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/getting-started-reactive-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/getting-started-reactive-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/getting-started-reactive-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/getting-started-reactive/src/main/docker/Dockerfile.native b/getting-started-reactive/src/main/docker/Dockerfile.native index a96d7af4e8..5bf1b8e142 100644 --- a/getting-started-reactive/src/main/docker/Dockerfile.native +++ b/getting-started-reactive/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/getting-started . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/getting-started-reactive . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/getting-started +# docker run -i --rm -p 8080:8080 quarkus/getting-started-reactive # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/getting-started-reactive/src/main/docker/Dockerfile.native-distroless b/getting-started-reactive/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..00a93c13e8 --- /dev/null +++ b/getting-started-reactive/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/getting-started-reactive . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/getting-started-reactive +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/getting-started-testing/src/main/docker/Dockerfile.jvm b/getting-started-testing/src/main/docker/Dockerfile.jvm index 929423d23f..c87f717934 100644 --- a/getting-started-testing/src/main/docker/Dockerfile.jvm +++ b/getting-started-testing/src/main/docker/Dockerfile.jvm @@ -1,9 +1,9 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # @@ -13,17 +13,22 @@ # # docker run -i --rm -p 8080:8080 quarkus/getting-started-testing-jvm # +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/getting-started-testing-jvm +# ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/getting-started-testing/src/main/docker/Dockerfile.legacy-jar b/getting-started-testing/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..f3196f017d --- /dev/null +++ b/getting-started-testing/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/getting-started-testing-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/getting-started-testing-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/getting-started-testing-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/getting-started-testing/src/main/docker/Dockerfile.native b/getting-started-testing/src/main/docker/Dockerfile.native index 6194fb4496..ca56b33c34 100644 --- a/getting-started-testing/src/main/docker/Dockerfile.native +++ b/getting-started-testing/src/main/docker/Dockerfile.native @@ -1,9 +1,9 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # @@ -14,9 +14,14 @@ # docker run -i --rm -p 8080:8080 quarkus/getting-started-testing # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/getting-started-testing/src/main/docker/Dockerfile.native-distroless b/getting-started-testing/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..8d70acc3aa --- /dev/null +++ b/getting-started-testing/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/getting-started-testing . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/getting-started-testing +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/getting-started/src/main/docker/Dockerfile.jvm b/getting-started/src/main/docker/Dockerfile.jvm index 657a7dc212..120590ad0d 100644 --- a/getting-started/src/main/docker/Dockerfile.jvm +++ b/getting-started/src/main/docker/Dockerfile.jvm @@ -1,9 +1,9 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # @@ -13,17 +13,22 @@ # # docker run -i --rm -p 8080:8080 quarkus/getting-started-jvm # +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/getting-started-jvm +# ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/getting-started/src/main/docker/Dockerfile.legacy-jar b/getting-started/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..aab6080a55 --- /dev/null +++ b/getting-started/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/getting-started-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/getting-started-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/getting-started-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/getting-started/src/main/docker/Dockerfile.native b/getting-started/src/main/docker/Dockerfile.native index a96d7af4e8..7400c006a2 100644 --- a/getting-started/src/main/docker/Dockerfile.native +++ b/getting-started/src/main/docker/Dockerfile.native @@ -1,9 +1,9 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # @@ -14,9 +14,14 @@ # docker run -i --rm -p 8080:8080 quarkus/getting-started # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/getting-started/src/main/docker/Dockerfile.native-distroless b/getting-started/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..634552f9b3 --- /dev/null +++ b/getting-started/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/getting-started . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/getting-started +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.jvm b/google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.jvm new file mode 100644 index 0000000000..efe089de12 --- /dev/null +++ b/google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.jvm @@ -0,0 +1,54 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/google-cloud-functions-http-jvm . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/google-cloud-functions-http-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/google-cloud-functions-http-jvm +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.legacy-jar b/google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..1ba1af00b2 --- /dev/null +++ b/google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/google-cloud-functions-http-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/google-cloud-functions-http-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/google-cloud-functions-http-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.native b/google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.native new file mode 100644 index 0000000000..7254e61591 --- /dev/null +++ b/google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.native @@ -0,0 +1,27 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native -t quarkus/google-cloud-functions-http . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/google-cloud-functions-http +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + +EXPOSE 8080 +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.native-distroless b/google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..487926fd09 --- /dev/null +++ b/google-cloud-functions-http-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/google-cloud-functions-http . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/google-cloud-functions-http +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/google-cloud-functions-quickstart/src/main/docker/Dockerfile.jvm b/google-cloud-functions-quickstart/src/main/docker/Dockerfile.jvm new file mode 100644 index 0000000000..00e1121ffa --- /dev/null +++ b/google-cloud-functions-quickstart/src/main/docker/Dockerfile.jvm @@ -0,0 +1,54 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/google-cloud-functions-jvm . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/google-cloud-functions-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/google-cloud-functions-jvm +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/google-cloud-functions-quickstart/src/main/docker/Dockerfile.legacy-jar b/google-cloud-functions-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..ecfa817a74 --- /dev/null +++ b/google-cloud-functions-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/google-cloud-functions-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/google-cloud-functions-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/google-cloud-functions-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/google-cloud-functions-quickstart/src/main/docker/Dockerfile.native b/google-cloud-functions-quickstart/src/main/docker/Dockerfile.native new file mode 100644 index 0000000000..c20f810e4c --- /dev/null +++ b/google-cloud-functions-quickstart/src/main/docker/Dockerfile.native @@ -0,0 +1,27 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native -t quarkus/google-cloud-functions . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/google-cloud-functions +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + +EXPOSE 8080 +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/google-cloud-functions-quickstart/src/main/docker/Dockerfile.native-distroless b/google-cloud-functions-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..4d98fcf15a --- /dev/null +++ b/google-cloud-functions-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/google-cloud-functions . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/google-cloud-functions +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/grpc-plain-text-quickstart/src/main/docker/Dockerfile.jvm b/grpc-plain-text-quickstart/src/main/docker/Dockerfile.jvm new file mode 100644 index 0000000000..2adcc76940 --- /dev/null +++ b/grpc-plain-text-quickstart/src/main/docker/Dockerfile.jvm @@ -0,0 +1,54 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/grpc-plain-text-jvm . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/grpc-plain-text-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/grpc-plain-text-jvm +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/grpc-plain-text-quickstart/src/main/docker/Dockerfile.legacy-jar b/grpc-plain-text-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..88ea7e1fdf --- /dev/null +++ b/grpc-plain-text-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/grpc-plain-text-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/grpc-plain-text-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/grpc-plain-text-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/grpc-plain-text-quickstart/src/main/docker/Dockerfile.native b/grpc-plain-text-quickstart/src/main/docker/Dockerfile.native new file mode 100644 index 0000000000..8856f8c797 --- /dev/null +++ b/grpc-plain-text-quickstart/src/main/docker/Dockerfile.native @@ -0,0 +1,27 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native -t quarkus/grpc-plain-text . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/grpc-plain-text +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + +EXPOSE 8080 +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/grpc-plain-text-quickstart/src/main/docker/Dockerfile.native-distroless b/grpc-plain-text-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..2cd3ae69cf --- /dev/null +++ b/grpc-plain-text-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/grpc-plain-text . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/grpc-plain-text +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/grpc-tls-quickstart/src/main/docker/Dockerfile.jvm b/grpc-tls-quickstart/src/main/docker/Dockerfile.jvm new file mode 100644 index 0000000000..04afff1eca --- /dev/null +++ b/grpc-tls-quickstart/src/main/docker/Dockerfile.jvm @@ -0,0 +1,54 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/grpc-tls-jvm . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/grpc-tls-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/grpc-tls-jvm +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/grpc-tls-quickstart/src/main/docker/Dockerfile.legacy-jar b/grpc-tls-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..2f724dd8d8 --- /dev/null +++ b/grpc-tls-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/grpc-tls-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/grpc-tls-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/grpc-tls-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/grpc-tls-quickstart/src/main/docker/Dockerfile.native b/grpc-tls-quickstart/src/main/docker/Dockerfile.native new file mode 100644 index 0000000000..5a0a111e53 --- /dev/null +++ b/grpc-tls-quickstart/src/main/docker/Dockerfile.native @@ -0,0 +1,27 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native -t quarkus/grpc-tls . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/grpc-tls +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + +EXPOSE 8080 +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/grpc-tls-quickstart/src/main/docker/Dockerfile.native-distroless b/grpc-tls-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..ce0b618faf --- /dev/null +++ b/grpc-tls-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/grpc-tls . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/grpc-tls +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.jvm b/hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.jvm index e9ffc4e744..6292f226f6 100644 --- a/hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.jvm +++ b/hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.jvm @@ -1,9 +1,9 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # @@ -13,17 +13,22 @@ # # docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-multi-tenancy-jvm # +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/hibernate-orm-multi-tenancy-jvm +# ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.legacy-jar b/hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..eec026919d --- /dev/null +++ b/hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/hibernate-orm-multi-tenancy-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-multi-tenancy-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/hibernate-orm-multi-tenancy-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.native b/hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.native index f82ff7ed47..5cc0b160d2 100644 --- a/hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.native +++ b/hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.native @@ -1,9 +1,9 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # @@ -14,9 +14,14 @@ # docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-multi-tenancy # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.native-distroless b/hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..a9a2156455 --- /dev/null +++ b/hibernate-orm-multi-tenancy-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/hibernate-orm-multi-tenancy . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-multi-tenancy +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.jvm b/hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.jvm index d1a4ea46c2..988c408abf 100644 --- a/hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.jvm +++ b/hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/hibernate-orm-panache-resteasy-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/hibernate-orm-panache-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-panache-resteasy-jvm +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-panache-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/hibernate-orm-panache-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.legacy-jar b/hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..ec4a01b0f9 --- /dev/null +++ b/hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/hibernate-orm-panache-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-panache-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/hibernate-orm-panache-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.native b/hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.native index 76677f83a9..ac1e2f2de4 100644 --- a/hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.native +++ b/hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/hibernate-orm-panache-resteasy . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/hibernate-orm-panache . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-panache-resteasy +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-panache # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.native-distroless b/hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..cf9e3801d9 --- /dev/null +++ b/hibernate-orm-panache-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/hibernate-orm-panache . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-panache +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/hibernate-orm-quickstart/src/main/docker/Dockerfile.jvm b/hibernate-orm-quickstart/src/main/docker/Dockerfile.jvm index a263949cfc..e4394aacac 100644 --- a/hibernate-orm-quickstart/src/main/docker/Dockerfile.jvm +++ b/hibernate-orm-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/hibernate-orm-resteasy-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/hibernate-orm-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-resteasy-jvm +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/hibernate-orm-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/hibernate-orm-quickstart/src/main/docker/Dockerfile.legacy-jar b/hibernate-orm-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..bc297bc25f --- /dev/null +++ b/hibernate-orm-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/hibernate-orm-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/hibernate-orm-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/hibernate-orm-quickstart/src/main/docker/Dockerfile.native b/hibernate-orm-quickstart/src/main/docker/Dockerfile.native index 9ddbe4eff2..a28caa9e28 100644 --- a/hibernate-orm-quickstart/src/main/docker/Dockerfile.native +++ b/hibernate-orm-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/hibernate-orm-resteasy . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/hibernate-orm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-resteasy +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/hibernate-orm-quickstart/src/main/docker/Dockerfile.native-distroless b/hibernate-orm-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..eccac17f70 --- /dev/null +++ b/hibernate-orm-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/hibernate-orm . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/hibernate-reactive-quickstart/src/main/docker/Dockerfile.jvm b/hibernate-reactive-quickstart/src/main/docker/Dockerfile.jvm index a263949cfc..ed8dc1dcad 100644 --- a/hibernate-reactive-quickstart/src/main/docker/Dockerfile.jvm +++ b/hibernate-reactive-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/hibernate-orm-resteasy-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/hibernate-reactive-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-resteasy-jvm +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/hibernate-reactive-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/hibernate-reactive-quickstart/src/main/docker/Dockerfile.legacy-jar b/hibernate-reactive-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..f63e35bc19 --- /dev/null +++ b/hibernate-reactive-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/hibernate-reactive-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/hibernate-reactive-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/hibernate-reactive-quickstart/src/main/docker/Dockerfile.native b/hibernate-reactive-quickstart/src/main/docker/Dockerfile.native index 9ddbe4eff2..2b5069c603 100644 --- a/hibernate-reactive-quickstart/src/main/docker/Dockerfile.native +++ b/hibernate-reactive-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/hibernate-orm-resteasy . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/hibernate-reactive . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-resteasy +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/hibernate-reactive-quickstart/src/main/docker/Dockerfile.native-distroless b/hibernate-reactive-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..2cb545c78e --- /dev/null +++ b/hibernate-reactive-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/hibernate-reactive . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.jvm b/hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.jvm index a263949cfc..98b7e8aac1 100644 --- a/hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.jvm +++ b/hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/hibernate-orm-resteasy-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/hibernate-reactive-routes-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-resteasy-jvm +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-routes-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/hibernate-reactive-routes-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.legacy-jar b/hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..fb1d0e44bb --- /dev/null +++ b/hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/hibernate-reactive-routes-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-routes-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/hibernate-reactive-routes-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.native b/hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.native index 9ddbe4eff2..32164a66ad 100644 --- a/hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.native +++ b/hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/hibernate-orm-resteasy . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/hibernate-reactive-routes . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/hibernate-orm-resteasy +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-routes # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.native-distroless b/hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..f8aba9715d --- /dev/null +++ b/hibernate-reactive-routes-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/hibernate-reactive-routes . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/hibernate-reactive-routes +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.jvm b/hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.jvm new file mode 100644 index 0000000000..7c5731603a --- /dev/null +++ b/hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.jvm @@ -0,0 +1,54 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/hibernate-search-orm-elasticsearch-jvm . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/hibernate-search-orm-elasticsearch-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/hibernate-search-orm-elasticsearch-jvm +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.legacy-jar b/hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..68f990b1d1 --- /dev/null +++ b/hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/hibernate-search-orm-elasticsearch-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/hibernate-search-orm-elasticsearch-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/hibernate-search-orm-elasticsearch-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.native b/hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.native new file mode 100644 index 0000000000..aea76857bc --- /dev/null +++ b/hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.native @@ -0,0 +1,27 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native -t quarkus/hibernate-search-orm-elasticsearch . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/hibernate-search-orm-elasticsearch +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + +EXPOSE 8080 +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.native-distroless b/hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..f73749b2d0 --- /dev/null +++ b/hibernate-search-orm-elasticsearch-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/hibernate-search-orm-elasticsearch . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/hibernate-search-orm-elasticsearch +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/infinispan-client-quickstart/src/main/docker/Dockerfile.jvm b/infinispan-client-quickstart/src/main/docker/Dockerfile.jvm index 96289b72db..98a99f40b7 100644 --- a/infinispan-client-quickstart/src/main/docker/Dockerfile.jvm +++ b/infinispan-client-quickstart/src/main/docker/Dockerfile.jvm @@ -1,9 +1,9 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # @@ -13,17 +13,22 @@ # # docker run -i --rm -p 8080:8080 quarkus/infinispan-client-jvm # +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/infinispan-client-jvm +# ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh", "-Dquarkus.infinispan-client.server-list=infinispan:11222"] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/infinispan-client-quickstart/src/main/docker/Dockerfile.legacy-jar b/infinispan-client-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..b5a7da613e --- /dev/null +++ b/infinispan-client-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/infinispan-client-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/infinispan-client-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/infinispan-client-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/infinispan-client-quickstart/src/main/docker/Dockerfile.native b/infinispan-client-quickstart/src/main/docker/Dockerfile.native index abc96c6d47..2f201274f2 100644 --- a/infinispan-client-quickstart/src/main/docker/Dockerfile.native +++ b/infinispan-client-quickstart/src/main/docker/Dockerfile.native @@ -1,9 +1,9 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # @@ -11,12 +11,17 @@ # # Then run the container using: # -# docker run -i --rm -p 8081:8081 quarkus/infinispan-client +# docker run -i --rm -p 8080:8080 quarkus/infinispan-client # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work -EXPOSE 8081 -CMD ["./application", "-Dquarkus.http.host=0.0.0.0", "-Dquarkus.infinispan-client.server-list=infinispan:11222"] +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + +EXPOSE 8080 +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/infinispan-client-quickstart/src/main/docker/Dockerfile.native-distroless b/infinispan-client-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..f9c63200e2 --- /dev/null +++ b/infinispan-client-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/infinispan-client . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/infinispan-client +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/jms-quickstart/src/main/docker/Dockerfile.jvm b/jms-quickstart/src/main/docker/Dockerfile.jvm index 3b048179a3..e43d4f10b2 100644 --- a/jms-quickstart/src/main/docker/Dockerfile.jvm +++ b/jms-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/artemis-jms-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/jms-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/artemis-jms-jvm +# docker run -i --rm -p 8080:8080 quarkus/jms-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/jms-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,9 +42,11 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 diff --git a/jms-quickstart/src/main/docker/Dockerfile.legacy-jar b/jms-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..8a882ef211 --- /dev/null +++ b/jms-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/jms-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/jms-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/jms-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/jms-quickstart/src/main/docker/Dockerfile.native b/jms-quickstart/src/main/docker/Dockerfile.native index 7d07b11a69..882bf6bfd1 100644 --- a/jms-quickstart/src/main/docker/Dockerfile.native +++ b/jms-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/artemis-jms . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/jms . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/artemis-jms +# docker run -i --rm -p 8080:8080 quarkus/jms # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/jms-quickstart/src/main/docker/Dockerfile.native-distroless b/jms-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..e2370488f9 --- /dev/null +++ b/jms-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/jms . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/jms +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/kafka-panache-quickstart/src/main/docker/Dockerfile.jvm b/kafka-panache-quickstart/src/main/docker/Dockerfile.jvm index d1bd7867a4..4028797966 100644 --- a/kafka-panache-quickstart/src/main/docker/Dockerfile.jvm +++ b/kafka-panache-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/kafka-quickstart-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/kafka-panache-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/kafka-quickstart-jvm +# docker run -i --rm -p 8080:8080 quarkus/kafka-panache-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/kafka-panache-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/kafka-panache-quickstart/src/main/docker/Dockerfile.legacy-jar b/kafka-panache-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..54437c0753 --- /dev/null +++ b/kafka-panache-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/kafka-panache-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/kafka-panache-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/kafka-panache-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/kafka-panache-quickstart/src/main/docker/Dockerfile.native b/kafka-panache-quickstart/src/main/docker/Dockerfile.native index 67239fd7ba..f36aed749f 100644 --- a/kafka-panache-quickstart/src/main/docker/Dockerfile.native +++ b/kafka-panache-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/kafka-quickstart . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/kafka-panache . # # Then run the container using: # -# docker run -i --rm -p 8081:8081 quarkus/kafka-quickstart +# docker run -i --rm -p 8080:8080 quarkus/kafka-panache # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work -EXPOSE 8081 +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + +EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/kafka-panache-quickstart/src/main/docker/Dockerfile.native-distroless b/kafka-panache-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..8c648f9d87 --- /dev/null +++ b/kafka-panache-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/kafka-panache . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/kafka-panache +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/kafka-quickstart/src/main/docker/Dockerfile.jvm b/kafka-quickstart/src/main/docker/Dockerfile.jvm index d1bd7867a4..ee1c10d8f3 100644 --- a/kafka-quickstart/src/main/docker/Dockerfile.jvm +++ b/kafka-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/kafka-quickstart-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/kafka-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/kafka-quickstart-jvm +# docker run -i --rm -p 8080:8080 quarkus/kafka-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/kafka-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/kafka-quickstart/src/main/docker/Dockerfile.legacy-jar b/kafka-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..0681157b8d --- /dev/null +++ b/kafka-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/kafka-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/kafka-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/kafka-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/kafka-quickstart/src/main/docker/Dockerfile.native b/kafka-quickstart/src/main/docker/Dockerfile.native index 67239fd7ba..59c749e565 100644 --- a/kafka-quickstart/src/main/docker/Dockerfile.native +++ b/kafka-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/kafka-quickstart . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/kafka . # # Then run the container using: # -# docker run -i --rm -p 8081:8081 quarkus/kafka-quickstart +# docker run -i --rm -p 8080:8080 quarkus/kafka # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work -EXPOSE 8081 +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + +EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/kafka-quickstart/src/main/docker/Dockerfile.native-distroless b/kafka-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..c257184543 --- /dev/null +++ b/kafka-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/kafka . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/kafka +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/kafka-streams-quickstart/src/main/docker/Dockerfile.jvm b/kafka-streams-quickstart/src/main/docker/Dockerfile.jvm new file mode 100644 index 0000000000..7aaecb4e3f --- /dev/null +++ b/kafka-streams-quickstart/src/main/docker/Dockerfile.jvm @@ -0,0 +1,54 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/kafka-streams-jvm . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/kafka-streams-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/kafka-streams-jvm +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/kafka-streams-quickstart/src/main/docker/Dockerfile.legacy-jar b/kafka-streams-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..56c9fc24a5 --- /dev/null +++ b/kafka-streams-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/kafka-streams-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/kafka-streams-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/kafka-streams-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/kafka-streams-quickstart/src/main/docker/Dockerfile.native b/kafka-streams-quickstart/src/main/docker/Dockerfile.native new file mode 100644 index 0000000000..66708dc668 --- /dev/null +++ b/kafka-streams-quickstart/src/main/docker/Dockerfile.native @@ -0,0 +1,27 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native -t quarkus/kafka-streams . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/kafka-streams +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + +EXPOSE 8080 +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/kafka-streams-quickstart/src/main/docker/Dockerfile.native-distroless b/kafka-streams-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..ebd38e4dbc --- /dev/null +++ b/kafka-streams-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/kafka-streams . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/kafka-streams +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/kogito-quickstart/src/main/docker/Dockerfile.jvm b/kogito-quickstart/src/main/docker/Dockerfile.jvm index 041e11849a..423315cd3b 100644 --- a/kogito-quickstart/src/main/docker/Dockerfile.jvm +++ b/kogito-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/using-kogito-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/kogito-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/using-kogito-jvm +# docker run -i --rm -p 8080:8080 quarkus/kogito-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/kogito-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/kogito-quickstart/src/main/docker/Dockerfile.legacy-jar b/kogito-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..47f85f489e --- /dev/null +++ b/kogito-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/kogito-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/kogito-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/kogito-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/kogito-quickstart/src/main/docker/Dockerfile.native b/kogito-quickstart/src/main/docker/Dockerfile.native index 5c5903896a..9a915f8e29 100644 --- a/kogito-quickstart/src/main/docker/Dockerfile.native +++ b/kogito-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/using-kogito . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/kogito . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/using-kogito +# docker run -i --rm -p 8080:8080 quarkus/kogito # ### -FROM registry.fedoraproject.org/fedora-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 -CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] \ No newline at end of file +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/kogito-quickstart/src/main/docker/Dockerfile.native-distroless b/kogito-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..15193ecd2b --- /dev/null +++ b/kogito-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/kogito . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/kogito +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/lifecycle-quickstart/src/main/docker/Dockerfile.jvm b/lifecycle-quickstart/src/main/docker/Dockerfile.jvm index 9a638c59a7..ba8383acb4 100644 --- a/lifecycle-quickstart/src/main/docker/Dockerfile.jvm +++ b/lifecycle-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/application-lifecycle-events-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/lifecycle-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/application-lifecycle-events-jvm +# docker run -i --rm -p 8080:8080 quarkus/lifecycle-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/lifecycle-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/lifecycle-quickstart/src/main/docker/Dockerfile.legacy-jar b/lifecycle-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..5d9a3ae899 --- /dev/null +++ b/lifecycle-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/lifecycle-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/lifecycle-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/lifecycle-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/lifecycle-quickstart/src/main/docker/Dockerfile.native b/lifecycle-quickstart/src/main/docker/Dockerfile.native index ba08350201..e76d9a0e58 100644 --- a/lifecycle-quickstart/src/main/docker/Dockerfile.native +++ b/lifecycle-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/application-lifecycle-events . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/lifecycle . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/application-lifecycle-events +# docker run -i --rm -p 8080:8080 quarkus/lifecycle # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/lifecycle-quickstart/src/main/docker/Dockerfile.native-distroless b/lifecycle-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..2200950d32 --- /dev/null +++ b/lifecycle-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/lifecycle . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/lifecycle +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/liquibase-quickstart/src/main/docker/Dockerfile.jvm b/liquibase-quickstart/src/main/docker/Dockerfile.jvm index de87bc38d2..01b2ad2427 100644 --- a/liquibase-quickstart/src/main/docker/Dockerfile.jvm +++ b/liquibase-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/liquibase-quickstart-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/liquibase-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/liquibase-quickstart-jvm +# docker run -i --rm -p 8080:8080 quarkus/liquibase-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/liquibase-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/liquibase-quickstart/src/main/docker/Dockerfile.legacy-jar b/liquibase-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..e00bca7ab7 --- /dev/null +++ b/liquibase-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/liquibase-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/liquibase-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/liquibase-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/liquibase-quickstart/src/main/docker/Dockerfile.native b/liquibase-quickstart/src/main/docker/Dockerfile.native index 8e6ece662d..6c2772a71e 100644 --- a/liquibase-quickstart/src/main/docker/Dockerfile.native +++ b/liquibase-quickstart/src/main/docker/Dockerfile.native @@ -1,24 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/liquibase-quickstart . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/liquibase . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/liquibase-quickstart +# docker run -i --rm -p 8080:8080 quarkus/liquibase # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 USER 1001 -CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] \ No newline at end of file +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/liquibase-quickstart/src/main/docker/Dockerfile.native-distroless b/liquibase-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..a112512738 --- /dev/null +++ b/liquibase-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/liquibase . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/liquibase +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/mailer-quickstart/src/main/docker/Dockerfile.jvm b/mailer-quickstart/src/main/docker/Dockerfile.jvm new file mode 100644 index 0000000000..25e4543e18 --- /dev/null +++ b/mailer-quickstart/src/main/docker/Dockerfile.jvm @@ -0,0 +1,54 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/mailer-jvm . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/mailer-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/mailer-jvm +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/mailer-quickstart/src/main/docker/Dockerfile.legacy-jar b/mailer-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..6a5e0d1278 --- /dev/null +++ b/mailer-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/mailer-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/mailer-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/mailer-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/mailer-quickstart/src/main/docker/Dockerfile.native b/mailer-quickstart/src/main/docker/Dockerfile.native new file mode 100644 index 0000000000..0bdb3e302d --- /dev/null +++ b/mailer-quickstart/src/main/docker/Dockerfile.native @@ -0,0 +1,27 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native -t quarkus/mailer . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/mailer +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + +EXPOSE 8080 +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/mailer-quickstart/src/main/docker/Dockerfile.native-distroless b/mailer-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..dad557d5ce --- /dev/null +++ b/mailer-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/mailer . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/mailer +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/micrometer-quickstart/src/main/docker/Dockerfile.jvm b/micrometer-quickstart/src/main/docker/Dockerfile.jvm index 1cba36ad02..1bbbd66fe6 100644 --- a/micrometer-quickstart/src/main/docker/Dockerfile.jvm +++ b/micrometer-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/micrometer-quickstart-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/micrometer-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/micrometer-quickstart-jvm +# docker run -i --rm -p 8080:8080 quarkus/micrometer-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/micrometer-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/micrometer-quickstart/src/main/docker/Dockerfile.legacy-jar b/micrometer-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..5cff44c835 --- /dev/null +++ b/micrometer-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/micrometer-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/micrometer-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/micrometer-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/micrometer-quickstart/src/main/docker/Dockerfile.native b/micrometer-quickstart/src/main/docker/Dockerfile.native index 9280266a72..b9b5e25ef2 100644 --- a/micrometer-quickstart/src/main/docker/Dockerfile.native +++ b/micrometer-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/micrometer-quickstart . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/micrometer . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/micrometer-quickstart +# docker run -i --rm -p 8080:8080 quarkus/micrometer # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/micrometer-quickstart/src/main/docker/Dockerfile.native-distroless b/micrometer-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..04df5c0d08 --- /dev/null +++ b/micrometer-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/micrometer . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/micrometer +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.jvm b/microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.jvm index 2262bd5df0..bf9d4ef342 100644 --- a/microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.jvm +++ b/microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.jvm @@ -1,9 +1,9 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # @@ -13,17 +13,22 @@ # # docker run -i --rm -p 8080:8080 quarkus/microprofile-fault-tolerance-jvm # +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/microprofile-fault-tolerance-jvm +# ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.legacy-jar b/microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..ebced6e851 --- /dev/null +++ b/microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/microprofile-fault-tolerance-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/microprofile-fault-tolerance-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/microprofile-fault-tolerance-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.native b/microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.native index d8fe34ba25..1c5eb3bd2c 100644 --- a/microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.native +++ b/microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.native @@ -1,9 +1,9 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # @@ -11,12 +11,17 @@ # # Then run the container using: # -# docker run -i --rm -p 8081:8081 quarkus/microprofile-fault-tolerance +# docker run -i --rm -p 8080:8080 quarkus/microprofile-fault-tolerance # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work -EXPOSE 8081 +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + +EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.native-distroless b/microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..d8cf41519c --- /dev/null +++ b/microprofile-fault-tolerance-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/microprofile-fault-tolerance . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/microprofile-fault-tolerance +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/microprofile-graphql-quickstart/src/main/docker/Dockerfile.jvm b/microprofile-graphql-quickstart/src/main/docker/Dockerfile.jvm index 3c5c31bbaa..b7a9126b60 100644 --- a/microprofile-graphql-quickstart/src/main/docker/Dockerfile.jvm +++ b/microprofile-graphql-quickstart/src/main/docker/Dockerfile.jvm @@ -1,26 +1,31 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/microprofile-graphql-quickstart-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/microprofile-graphql-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/microprofile-graphql-quickstart-jvm +# docker run -i --rm -p 8080:8080 quarkus/microprofile-graphql-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/microprofile-graphql-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 - +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ @@ -37,11 +42,13 @@ RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/microprofile-graphql-quickstart/src/main/docker/Dockerfile.legacy-jar b/microprofile-graphql-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..f290ef16e3 --- /dev/null +++ b/microprofile-graphql-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/microprofile-graphql-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/microprofile-graphql-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/microprofile-graphql-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/microprofile-graphql-quickstart/src/main/docker/Dockerfile.native b/microprofile-graphql-quickstart/src/main/docker/Dockerfile.native index bd3eaacb13..4bc9b1d23c 100644 --- a/microprofile-graphql-quickstart/src/main/docker/Dockerfile.native +++ b/microprofile-graphql-quickstart/src/main/docker/Dockerfile.native @@ -1,30 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/microprofile-graphql-quickstart . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/microprofile-graphql . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/microprofile-graphql-quickstart +# docker run -i --rm -p 8080:8080 quarkus/microprofile-graphql # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application - -# set up permissions for user `1001` -RUN chmod 775 /work /work/application \ - && chown -R 1001 /work \ - && chmod -R "g+rwX" /work \ - && chown -R 1001:root /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 -CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] \ No newline at end of file +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/microprofile-graphql-quickstart/src/main/docker/Dockerfile.native-distroless b/microprofile-graphql-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..2c2e699051 --- /dev/null +++ b/microprofile-graphql-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/microprofile-graphql . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/microprofile-graphql +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/microprofile-health-quickstart/src/main/docker/Dockerfile.jvm b/microprofile-health-quickstart/src/main/docker/Dockerfile.jvm index 81a516bb92..c4671bd315 100644 --- a/microprofile-health-quickstart/src/main/docker/Dockerfile.jvm +++ b/microprofile-health-quickstart/src/main/docker/Dockerfile.jvm @@ -1,9 +1,9 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # @@ -13,17 +13,22 @@ # # docker run -i --rm -p 8080:8080 quarkus/microprofile-health-jvm # +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/microprofile-health-jvm +# ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/microprofile-health-quickstart/src/main/docker/Dockerfile.legacy-jar b/microprofile-health-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..96b4647c0d --- /dev/null +++ b/microprofile-health-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/microprofile-health-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/microprofile-health-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/microprofile-health-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/microprofile-health-quickstart/src/main/docker/Dockerfile.native b/microprofile-health-quickstart/src/main/docker/Dockerfile.native index 4f75113845..fdd56f8066 100644 --- a/microprofile-health-quickstart/src/main/docker/Dockerfile.native +++ b/microprofile-health-quickstart/src/main/docker/Dockerfile.native @@ -1,9 +1,9 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # @@ -14,9 +14,14 @@ # docker run -i --rm -p 8080:8080 quarkus/microprofile-health # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 -CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] \ No newline at end of file +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/microprofile-health-quickstart/src/main/docker/Dockerfile.native-distroless b/microprofile-health-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..0363d4f7aa --- /dev/null +++ b/microprofile-health-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/microprofile-health . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/microprofile-health +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/microprofile-metrics-quickstart/src/main/docker/Dockerfile.jvm b/microprofile-metrics-quickstart/src/main/docker/Dockerfile.jvm index 73fa079667..57fd3c4bd0 100644 --- a/microprofile-metrics-quickstart/src/main/docker/Dockerfile.jvm +++ b/microprofile-metrics-quickstart/src/main/docker/Dockerfile.jvm @@ -1,9 +1,9 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # @@ -13,17 +13,22 @@ # # docker run -i --rm -p 8080:8080 quarkus/microprofile-metrics-jvm # +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/microprofile-metrics-jvm +# ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/microprofile-metrics-quickstart/src/main/docker/Dockerfile.legacy-jar b/microprofile-metrics-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..ddf09c7e45 --- /dev/null +++ b/microprofile-metrics-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/microprofile-metrics-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/microprofile-metrics-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/microprofile-metrics-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/microprofile-metrics-quickstart/src/main/docker/Dockerfile.native b/microprofile-metrics-quickstart/src/main/docker/Dockerfile.native index 3ec498b625..355912448b 100644 --- a/microprofile-metrics-quickstart/src/main/docker/Dockerfile.native +++ b/microprofile-metrics-quickstart/src/main/docker/Dockerfile.native @@ -1,9 +1,9 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # @@ -14,9 +14,14 @@ # docker run -i --rm -p 8080:8080 quarkus/microprofile-metrics # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/microprofile-metrics-quickstart/src/main/docker/Dockerfile.native-distroless b/microprofile-metrics-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..520c8b765f --- /dev/null +++ b/microprofile-metrics-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/microprofile-metrics . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/microprofile-metrics +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/mongodb-panache-quickstart/src/main/docker/Dockerfile.jvm b/mongodb-panache-quickstart/src/main/docker/Dockerfile.jvm index 20405e5c9c..c1c711d293 100644 --- a/mongodb-panache-quickstart/src/main/docker/Dockerfile.jvm +++ b/mongodb-panache-quickstart/src/main/docker/Dockerfile.jvm @@ -1,9 +1,9 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # @@ -13,17 +13,22 @@ # # docker run -i --rm -p 8080:8080 quarkus/mongodb-panache-jvm # +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/mongodb-panache-jvm +# ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/mongodb-panache-quickstart/src/main/docker/Dockerfile.legacy-jar b/mongodb-panache-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..dc91695daa --- /dev/null +++ b/mongodb-panache-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/mongodb-panache-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/mongodb-panache-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/mongodb-panache-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/mongodb-panache-quickstart/src/main/docker/Dockerfile.native b/mongodb-panache-quickstart/src/main/docker/Dockerfile.native index 1fcc7387f3..4ca2e246f5 100644 --- a/mongodb-panache-quickstart/src/main/docker/Dockerfile.native +++ b/mongodb-panache-quickstart/src/main/docker/Dockerfile.native @@ -1,9 +1,9 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # @@ -14,9 +14,14 @@ # docker run -i --rm -p 8080:8080 quarkus/mongodb-panache # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 -CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] \ No newline at end of file +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/mongodb-panache-quickstart/src/main/docker/Dockerfile.native-distroless b/mongodb-panache-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..66363f0d83 --- /dev/null +++ b/mongodb-panache-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/mongodb-panache . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/mongodb-panache +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/mongodb-quickstart/src/main/docker/Dockerfile.jvm b/mongodb-quickstart/src/main/docker/Dockerfile.jvm index 977a11c879..6363fb33fb 100644 --- a/mongodb-quickstart/src/main/docker/Dockerfile.jvm +++ b/mongodb-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/mongo-client-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/mongodb-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/mongo-client-jvm +# docker run -i --rm -p 8080:8080 quarkus/mongodb-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/mongodb-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/mongodb-quickstart/src/main/docker/Dockerfile.legacy-jar b/mongodb-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..8ab13636d0 --- /dev/null +++ b/mongodb-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/mongodb-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/mongodb-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/mongodb-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/mongodb-quickstart/src/main/docker/Dockerfile.native b/mongodb-quickstart/src/main/docker/Dockerfile.native index c95cb5832c..1a2f031f02 100644 --- a/mongodb-quickstart/src/main/docker/Dockerfile.native +++ b/mongodb-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/mongo-client . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/mongodb . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/mongo-client +# docker run -i --rm -p 8080:8080 quarkus/mongodb # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 -CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] \ No newline at end of file +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/mongodb-quickstart/src/main/docker/Dockerfile.native-distroless b/mongodb-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..8beb1c3b83 --- /dev/null +++ b/mongodb-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/mongodb . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/mongodb +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/mqtt-quickstart/src/main/docker/Dockerfile.jvm b/mqtt-quickstart/src/main/docker/Dockerfile.jvm index c18c85492b..d018818406 100644 --- a/mqtt-quickstart/src/main/docker/Dockerfile.jvm +++ b/mqtt-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/mqtt-quickstart . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/mqtt-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/mqtt-quickstart +# docker run -i --rm -p 8080:8080 quarkus/mqtt-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/mqtt-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/mqtt-quickstart/src/main/docker/Dockerfile.legacy-jar b/mqtt-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..14dc101f13 --- /dev/null +++ b/mqtt-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/mqtt-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/mqtt-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/mqtt-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/mqtt-quickstart/src/main/docker/Dockerfile.native b/mqtt-quickstart/src/main/docker/Dockerfile.native index 91672aafdd..925b3f7734 100644 --- a/mqtt-quickstart/src/main/docker/Dockerfile.native +++ b/mqtt-quickstart/src/main/docker/Dockerfile.native @@ -1,20 +1,27 @@ #### -# Before building the docker image run: +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# mvn package -Pnative -Dquarkus.native.container-build=true +# Before building the container image run: +# +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/mqtt-quickstart . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/mqtt . # # Then run the container using: # -# docker run -i --rm -p 8081:8081 quarkus/mqtt-quickstart +# docker run -i --rm -p 8080:8080 quarkus/mqtt # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work -EXPOSE 8081 +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + +EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/mqtt-quickstart/src/main/docker/Dockerfile.native-distroless b/mqtt-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..d59f7a04df --- /dev/null +++ b/mqtt-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/mqtt . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/mqtt +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/neo4j-quickstart/src/main/docker/Dockerfile.jvm b/neo4j-quickstart/src/main/docker/Dockerfile.jvm index 8fa933700c..2757957031 100644 --- a/neo4j-quickstart/src/main/docker/Dockerfile.jvm +++ b/neo4j-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/neo4j-quickstart-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/neo4j-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/neo4j-quickstart-jvm +# docker run -i --rm -p 8080:8080 quarkus/neo4j-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/neo4j-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/neo4j-quickstart/src/main/docker/Dockerfile.legacy-jar b/neo4j-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..bd38bb80eb --- /dev/null +++ b/neo4j-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/neo4j-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/neo4j-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/neo4j-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/neo4j-quickstart/src/main/docker/Dockerfile.native b/neo4j-quickstart/src/main/docker/Dockerfile.native index 70e4373ae7..f1beec0c83 100644 --- a/neo4j-quickstart/src/main/docker/Dockerfile.native +++ b/neo4j-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/neo4j-quickstart . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/neo4j . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/neo4j-quickstart +# docker run -i --rm -p 8080:8080 quarkus/neo4j # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 -CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] \ No newline at end of file +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/neo4j-quickstart/src/main/docker/Dockerfile.native-distroless b/neo4j-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..d10c9afb0d --- /dev/null +++ b/neo4j-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/neo4j . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/neo4j +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/openapi-swaggerui-quickstart/src/main/docker/Dockerfile.jvm b/openapi-swaggerui-quickstart/src/main/docker/Dockerfile.jvm index ea2656ec6e..ef7ad3d980 100644 --- a/openapi-swaggerui-quickstart/src/main/docker/Dockerfile.jvm +++ b/openapi-swaggerui-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/using-openapi-swaggerui-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/openapi-swaggerui-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/using-openapi-swaggerui-jvm +# docker run -i --rm -p 8080:8080 quarkus/openapi-swaggerui-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/openapi-swaggerui-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/openapi-swaggerui-quickstart/src/main/docker/Dockerfile.legacy-jar b/openapi-swaggerui-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..9c07549dd2 --- /dev/null +++ b/openapi-swaggerui-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/openapi-swaggerui-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/openapi-swaggerui-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/openapi-swaggerui-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/openapi-swaggerui-quickstart/src/main/docker/Dockerfile.native b/openapi-swaggerui-quickstart/src/main/docker/Dockerfile.native index 873a865070..7481d9c7c0 100644 --- a/openapi-swaggerui-quickstart/src/main/docker/Dockerfile.native +++ b/openapi-swaggerui-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/using-openapi-swaggerui . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/openapi-swaggerui . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/using-openapi-swaggerui +# docker run -i --rm -p 8080:8080 quarkus/openapi-swaggerui # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/openapi-swaggerui-quickstart/src/main/docker/Dockerfile.native-distroless b/openapi-swaggerui-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..30bd64dfab --- /dev/null +++ b/openapi-swaggerui-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/openapi-swaggerui . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/openapi-swaggerui +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/opentracing-quickstart/src/main/docker/Dockerfile.jvm b/opentracing-quickstart/src/main/docker/Dockerfile.jvm index 52497cb72a..c717e297ef 100644 --- a/opentracing-quickstart/src/main/docker/Dockerfile.jvm +++ b/opentracing-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/using-opentracing-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/opentracing-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/using-opentracing-jvm +# docker run -i --rm -p 8080:8080 quarkus/opentracing-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/opentracing-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/opentracing-quickstart/src/main/docker/Dockerfile.legacy-jar b/opentracing-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..eab8014c12 --- /dev/null +++ b/opentracing-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/opentracing-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/opentracing-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/opentracing-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/opentracing-quickstart/src/main/docker/Dockerfile.native b/opentracing-quickstart/src/main/docker/Dockerfile.native index 0c9faa6e29..6145b01224 100644 --- a/opentracing-quickstart/src/main/docker/Dockerfile.native +++ b/opentracing-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/using-opentracing . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/opentracing . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/using-opentracing +# docker run -i --rm -p 8080:8080 quarkus/opentracing # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/opentracing-quickstart/src/main/docker/Dockerfile.native-distroless b/opentracing-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..932a79c9a4 --- /dev/null +++ b/opentracing-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/opentracing . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/opentracing +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/optaplanner-quickstart/src/main/docker/Dockerfile.jvm b/optaplanner-quickstart/src/main/docker/Dockerfile.jvm index afc7fd3b1b..d4368a8b8d 100644 --- a/optaplanner-quickstart/src/main/docker/Dockerfile.jvm +++ b/optaplanner-quickstart/src/main/docker/Dockerfile.jvm @@ -1,34 +1,54 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/optaplanner-quickstart-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/optaplanner-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/optaplanner-quickstart-jvm +# docker run -i --rm -p 8080:8080 quarkus/optaplanner-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/optaplanner-jvm # ### -FROM fabric8/java-alpine-openjdk8-jre:1.6.5 -ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" -ENV AB_ENABLED=jmx_exporter +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 -# Be prepared for running in OpenShift too -RUN adduser -G root --no-create-home --disabled-password 1001 \ - && chown -R 1001 /deployments \ - && chmod -R "g+rwX" /deployments \ - && chown -R 1001:root /deployments +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar -EXPOSE 8080 +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ -# run with user 1001 +EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/optaplanner-quickstart/src/main/docker/Dockerfile.legacy-jar b/optaplanner-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..669eacf3b8 --- /dev/null +++ b/optaplanner-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/optaplanner-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/optaplanner-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/optaplanner-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/optaplanner-quickstart/src/main/docker/Dockerfile.native b/optaplanner-quickstart/src/main/docker/Dockerfile.native index 0384f6f60f..49d9f54896 100644 --- a/optaplanner-quickstart/src/main/docker/Dockerfile.native +++ b/optaplanner-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/optaplanner-quickstart . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/optaplanner . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/optaplanner-quickstart +# docker run -i --rm -p 8080:8080 quarkus/optaplanner # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 -CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] \ No newline at end of file +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/optaplanner-quickstart/src/main/docker/Dockerfile.native-distroless b/optaplanner-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..206dbbbbbf --- /dev/null +++ b/optaplanner-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/optaplanner . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/optaplanner +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/quartz-quickstart/src/main/docker/Dockerfile.jvm b/quartz-quickstart/src/main/docker/Dockerfile.jvm index 1a771df1df..5b1c843db4 100644 --- a/quartz-quickstart/src/main/docker/Dockerfile.jvm +++ b/quartz-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus-quickstarts/quartz . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/quartz-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus-quickstarts/quartz +# docker run -i --rm -p 8080:8080 quarkus/quartz-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/quartz-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/quartz-quickstart/src/main/docker/Dockerfile.legacy-jar b/quartz-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..d822ef6a40 --- /dev/null +++ b/quartz-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/quartz-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/quartz-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/quartz-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/quartz-quickstart/src/main/docker/Dockerfile.native b/quartz-quickstart/src/main/docker/Dockerfile.native index d6f104a76b..65fa2be31f 100644 --- a/quartz-quickstart/src/main/docker/Dockerfile.native +++ b/quartz-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dnative-image.docker-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/quartz-quickstarts . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/quartz . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/quartz-quickstarts +# docker run -i --rm -p 8080:8080 quarkus/quartz # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/quartz-quickstart/src/main/docker/Dockerfile.native-distroless b/quartz-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..5c310f3799 --- /dev/null +++ b/quartz-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/quartz . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/quartz +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/qute-quickstart/src/main/docker/Dockerfile.jvm b/qute-quickstart/src/main/docker/Dockerfile.jvm index 189494abb0..255cce373c 100644 --- a/qute-quickstart/src/main/docker/Dockerfile.jvm +++ b/qute-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/application-qute-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/qute-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/application-qute-jvm +# docker run -i --rm -p 8080:8080 quarkus/qute-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/qute-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/qute-quickstart/src/main/docker/Dockerfile.legacy-jar b/qute-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..93a0e2ac1a --- /dev/null +++ b/qute-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/qute-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/qute-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/qute-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/qute-quickstart/src/main/docker/Dockerfile.native b/qute-quickstart/src/main/docker/Dockerfile.native index 0237b068ec..213a031011 100644 --- a/qute-quickstart/src/main/docker/Dockerfile.native +++ b/qute-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/application-qute . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/qute . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/application-qute +# docker run -i --rm -p 8080:8080 quarkus/qute # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/qute-quickstart/src/main/docker/Dockerfile.native-distroless b/qute-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..9f73f8fc3f --- /dev/null +++ b/qute-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/qute . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/qute +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/reactive-messaging-http-quickstart/src/main/docker/Dockerfile.jvm b/reactive-messaging-http-quickstart/src/main/docker/Dockerfile.jvm new file mode 100644 index 0000000000..f970d873f4 --- /dev/null +++ b/reactive-messaging-http-quickstart/src/main/docker/Dockerfile.jvm @@ -0,0 +1,54 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/reactive-messaging-http-jvm . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/reactive-messaging-http-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/reactive-messaging-http-jvm +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/reactive-messaging-http-quickstart/src/main/docker/Dockerfile.legacy-jar b/reactive-messaging-http-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..a5240adb20 --- /dev/null +++ b/reactive-messaging-http-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/reactive-messaging-http-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/reactive-messaging-http-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/reactive-messaging-http-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/reactive-messaging-http-quickstart/src/main/docker/Dockerfile.native b/reactive-messaging-http-quickstart/src/main/docker/Dockerfile.native new file mode 100644 index 0000000000..338cbe55f4 --- /dev/null +++ b/reactive-messaging-http-quickstart/src/main/docker/Dockerfile.native @@ -0,0 +1,27 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native -t quarkus/reactive-messaging-http . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/reactive-messaging-http +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + +EXPOSE 8080 +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/reactive-messaging-http-quickstart/src/main/docker/Dockerfile.native-distroless b/reactive-messaging-http-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..8391b0231c --- /dev/null +++ b/reactive-messaging-http-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/reactive-messaging-http . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/reactive-messaging-http +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/reactive-routes-quickstart/src/main/docker/Dockerfile.jvm b/reactive-routes-quickstart/src/main/docker/Dockerfile.jvm new file mode 100644 index 0000000000..eb6ceb3f4e --- /dev/null +++ b/reactive-routes-quickstart/src/main/docker/Dockerfile.jvm @@ -0,0 +1,54 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/reactive-routes-jvm . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/reactive-routes-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/reactive-routes-jvm +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/reactive-routes-quickstart/src/main/docker/Dockerfile.legacy-jar b/reactive-routes-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..15e8537487 --- /dev/null +++ b/reactive-routes-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/reactive-routes-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/reactive-routes-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/reactive-routes-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/reactive-routes-quickstart/src/main/docker/Dockerfile.native b/reactive-routes-quickstart/src/main/docker/Dockerfile.native new file mode 100644 index 0000000000..98782414d1 --- /dev/null +++ b/reactive-routes-quickstart/src/main/docker/Dockerfile.native @@ -0,0 +1,27 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native -t quarkus/reactive-routes . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/reactive-routes +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + +EXPOSE 8080 +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/reactive-routes-quickstart/src/main/docker/Dockerfile.native-distroless b/reactive-routes-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..c029adc968 --- /dev/null +++ b/reactive-routes-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/reactive-routes . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/reactive-routes +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/redis-quickstart/src/main/docker/Dockerfile.jvm b/redis-quickstart/src/main/docker/Dockerfile.jvm new file mode 100644 index 0000000000..c7b8efaa6b --- /dev/null +++ b/redis-quickstart/src/main/docker/Dockerfile.jvm @@ -0,0 +1,54 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/redis-jvm . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/redis-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/redis-jvm +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/redis-quickstart/src/main/docker/Dockerfile.legacy-jar b/redis-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..45e954dd81 --- /dev/null +++ b/redis-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/redis-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/redis-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/redis-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/redis-quickstart/src/main/docker/Dockerfile.native b/redis-quickstart/src/main/docker/Dockerfile.native new file mode 100644 index 0000000000..861d3c2bf5 --- /dev/null +++ b/redis-quickstart/src/main/docker/Dockerfile.native @@ -0,0 +1,27 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native -t quarkus/redis . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/redis +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + +EXPOSE 8080 +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/redis-quickstart/src/main/docker/Dockerfile.native-distroless b/redis-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..a0a75c158c --- /dev/null +++ b/redis-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/redis . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/redis +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/rest-client-multipart-quickstart/src/main/docker/Dockerfile.jvm b/rest-client-multipart-quickstart/src/main/docker/Dockerfile.jvm index 7fc38897e9..1af46a7ea3 100644 --- a/rest-client-multipart-quickstart/src/main/docker/Dockerfile.jvm +++ b/rest-client-multipart-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/rest-client-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/rest-client-multipart-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/rest-client-jvm +# docker run -i --rm -p 8080:8080 quarkus/rest-client-multipart-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/rest-client-multipart-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/rest-client-multipart-quickstart/src/main/docker/Dockerfile.legacy-jar b/rest-client-multipart-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..97ad6dbce1 --- /dev/null +++ b/rest-client-multipart-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/rest-client-multipart-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/rest-client-multipart-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/rest-client-multipart-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/rest-client-multipart-quickstart/src/main/docker/Dockerfile.native b/rest-client-multipart-quickstart/src/main/docker/Dockerfile.native index 6e14bd71db..bb566ad152 100644 --- a/rest-client-multipart-quickstart/src/main/docker/Dockerfile.native +++ b/rest-client-multipart-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/rest-client . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/rest-client-multipart . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/rest-client +# docker run -i --rm -p 8080:8080 quarkus/rest-client-multipart # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/rest-client-multipart-quickstart/src/main/docker/Dockerfile.native-distroless b/rest-client-multipart-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..8062d21c15 --- /dev/null +++ b/rest-client-multipart-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/rest-client-multipart . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/rest-client-multipart +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/rest-client-quickstart/src/main/docker/Dockerfile.jvm b/rest-client-quickstart/src/main/docker/Dockerfile.jvm index 7fc38897e9..0fc430e260 100644 --- a/rest-client-quickstart/src/main/docker/Dockerfile.jvm +++ b/rest-client-quickstart/src/main/docker/Dockerfile.jvm @@ -1,9 +1,9 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # @@ -13,17 +13,22 @@ # # docker run -i --rm -p 8080:8080 quarkus/rest-client-jvm # +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/rest-client-jvm +# ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/rest-client-quickstart/src/main/docker/Dockerfile.legacy-jar b/rest-client-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..39b1c8861a --- /dev/null +++ b/rest-client-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/rest-client-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/rest-client-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/rest-client-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/rest-client-quickstart/src/main/docker/Dockerfile.native b/rest-client-quickstart/src/main/docker/Dockerfile.native index 6e14bd71db..3472cb5dba 100644 --- a/rest-client-quickstart/src/main/docker/Dockerfile.native +++ b/rest-client-quickstart/src/main/docker/Dockerfile.native @@ -1,9 +1,9 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # @@ -14,9 +14,14 @@ # docker run -i --rm -p 8080:8080 quarkus/rest-client # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/rest-client-quickstart/src/main/docker/Dockerfile.native-distroless b/rest-client-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..48c02e9e60 --- /dev/null +++ b/rest-client-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/rest-client . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/rest-client +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/rest-json-quickstart/src/main/docker/Dockerfile.jvm b/rest-json-quickstart/src/main/docker/Dockerfile.jvm index 4f9398b456..be9c55acc2 100644 --- a/rest-json-quickstart/src/main/docker/Dockerfile.jvm +++ b/rest-json-quickstart/src/main/docker/Dockerfile.jvm @@ -1,9 +1,9 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # @@ -13,17 +13,22 @@ # # docker run -i --rm -p 8080:8080 quarkus/rest-json-jvm # +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/rest-json-jvm +# ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/rest-json-quickstart/src/main/docker/Dockerfile.legacy-jar b/rest-json-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..683de83ea5 --- /dev/null +++ b/rest-json-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/rest-json-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/rest-json-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/rest-json-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/rest-json-quickstart/src/main/docker/Dockerfile.native b/rest-json-quickstart/src/main/docker/Dockerfile.native index 12c0267df4..212511e938 100644 --- a/rest-json-quickstart/src/main/docker/Dockerfile.native +++ b/rest-json-quickstart/src/main/docker/Dockerfile.native @@ -1,9 +1,9 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # @@ -14,9 +14,14 @@ # docker run -i --rm -p 8080:8080 quarkus/rest-json # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/rest-json-quickstart/src/main/docker/Dockerfile.native-distroless b/rest-json-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..5af0c8b753 --- /dev/null +++ b/rest-json-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/rest-json . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/rest-json +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/scheduler-quickstart/src/main/docker/Dockerfile.jvm b/scheduler-quickstart/src/main/docker/Dockerfile.jvm index 6056ad185a..a127d5397d 100644 --- a/scheduler-quickstart/src/main/docker/Dockerfile.jvm +++ b/scheduler-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/scheduling-periodic-tasks-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/scheduler-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/scheduling-periodic-tasks-jvm +# docker run -i --rm -p 8080:8080 quarkus/scheduler-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/scheduler-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/scheduler-quickstart/src/main/docker/Dockerfile.legacy-jar b/scheduler-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..9dfb1ca08c --- /dev/null +++ b/scheduler-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/scheduler-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/scheduler-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/scheduler-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/scheduler-quickstart/src/main/docker/Dockerfile.native b/scheduler-quickstart/src/main/docker/Dockerfile.native index 0beb7854a7..ad936e28c2 100644 --- a/scheduler-quickstart/src/main/docker/Dockerfile.native +++ b/scheduler-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/scheduling-periodic-tasks . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/scheduler . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/scheduling-periodic-tasks +# docker run -i --rm -p 8080:8080 quarkus/scheduler # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/scheduler-quickstart/src/main/docker/Dockerfile.native-distroless b/scheduler-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..cb7b02fbbf --- /dev/null +++ b/scheduler-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/scheduler . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/scheduler +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/security-jdbc-quickstart/src/main/docker/Dockerfile.jvm b/security-jdbc-quickstart/src/main/docker/Dockerfile.jvm index 334a0dba52..4579dbfb5a 100644 --- a/security-jdbc-quickstart/src/main/docker/Dockerfile.jvm +++ b/security-jdbc-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/using-elytron-security-jdbc-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/security-jdbc-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/using-elytron-security-jdbc-jvm +# docker run -i --rm -p 8080:8080 quarkus/security-jdbc-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-jdbc-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/security-jdbc-quickstart/src/main/docker/Dockerfile.legacy-jar b/security-jdbc-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..ffd09cf699 --- /dev/null +++ b/security-jdbc-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/security-jdbc-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/security-jdbc-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-jdbc-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/security-jdbc-quickstart/src/main/docker/Dockerfile.native b/security-jdbc-quickstart/src/main/docker/Dockerfile.native index c3fd0ccf5d..3288bf065d 100644 --- a/security-jdbc-quickstart/src/main/docker/Dockerfile.native +++ b/security-jdbc-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/using-elytron-security-jdbc . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/security-jdbc . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/using-elytron-security-jdbc +# docker run -i --rm -p 8080:8080 quarkus/security-jdbc # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 -CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] \ No newline at end of file +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/security-jdbc-quickstart/src/main/docker/Dockerfile.native-distroless b/security-jdbc-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..896f0a90e8 --- /dev/null +++ b/security-jdbc-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/security-jdbc . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/security-jdbc +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/security-jpa-quickstart/src/main/docker/Dockerfile.jvm b/security-jpa-quickstart/src/main/docker/Dockerfile.jvm index f5db7a7bcf..98f12be1c1 100644 --- a/security-jpa-quickstart/src/main/docker/Dockerfile.jvm +++ b/security-jpa-quickstart/src/main/docker/Dockerfile.jvm @@ -1,22 +1,54 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/using-elytron-security-jdbc-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/security-jpa-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/using-elytron-security-jdbc-jvm +# docker run -i --rm -p 8080:8080 quarkus/security-jpa-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-jpa-jvm # ### -FROM fabric8/java-alpine-openjdk8-jre +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" -ENV AB_ENABLED=jmx_exporter -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/security-jpa-quickstart/src/main/docker/Dockerfile.legacy-jar b/security-jpa-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..420946d827 --- /dev/null +++ b/security-jpa-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/security-jpa-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/security-jpa-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-jpa-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/security-jpa-quickstart/src/main/docker/Dockerfile.native b/security-jpa-quickstart/src/main/docker/Dockerfile.native index c3fd0ccf5d..5e0dd433a2 100644 --- a/security-jpa-quickstart/src/main/docker/Dockerfile.native +++ b/security-jpa-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/using-elytron-security-jdbc . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/security-jpa . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/using-elytron-security-jdbc +# docker run -i --rm -p 8080:8080 quarkus/security-jpa # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 -CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] \ No newline at end of file +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/security-jpa-quickstart/src/main/docker/Dockerfile.native-distroless b/security-jpa-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..b1ad847cfb --- /dev/null +++ b/security-jpa-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/security-jpa . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/security-jpa +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/security-jwt-quickstart/src/main/docker/Dockerfile.jvm b/security-jwt-quickstart/src/main/docker/Dockerfile.jvm index 4b2eb3aaf5..df6cdb39a4 100644 --- a/security-jwt-quickstart/src/main/docker/Dockerfile.jvm +++ b/security-jwt-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/using-jwt-rbac-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/security-jwt-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/using-jwt-rbac-jvm +# docker run -i --rm -p 8080:8080 quarkus/security-jwt-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-jwt-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/security-jwt-quickstart/src/main/docker/Dockerfile.legacy-jar b/security-jwt-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..9e874c0dfd --- /dev/null +++ b/security-jwt-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/security-jwt-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/security-jwt-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-jwt-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/security-jwt-quickstart/src/main/docker/Dockerfile.native b/security-jwt-quickstart/src/main/docker/Dockerfile.native index 751727615e..4bb990be6e 100644 --- a/security-jwt-quickstart/src/main/docker/Dockerfile.native +++ b/security-jwt-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/using-jwt-rbac . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/security-jwt . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/using-jwt-rbac +# docker run -i --rm -p 8080:8080 quarkus/security-jwt # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/security-jwt-quickstart/src/main/docker/Dockerfile.native-distroless b/security-jwt-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..8b31d36191 --- /dev/null +++ b/security-jwt-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/security-jwt . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/security-jwt +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.jvm b/security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.jvm new file mode 100644 index 0000000000..1d54df5ea3 --- /dev/null +++ b/security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.jvm @@ -0,0 +1,54 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/security-keycloak-authorization-jvm . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/security-keycloak-authorization-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-keycloak-authorization-jvm +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.legacy-jar b/security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..fdb0863d48 --- /dev/null +++ b/security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/security-keycloak-authorization-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/security-keycloak-authorization-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-keycloak-authorization-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.native b/security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.native new file mode 100644 index 0000000000..aa62636bf5 --- /dev/null +++ b/security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.native @@ -0,0 +1,27 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native -t quarkus/security-keycloak-authorization . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/security-keycloak-authorization +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + +EXPOSE 8080 +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.native-distroless b/security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..a540f743d8 --- /dev/null +++ b/security-keycloak-authorization-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/security-keycloak-authorization . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/security-keycloak-authorization +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/security-oauth2-quickstart/src/main/docker/Dockerfile.jvm b/security-oauth2-quickstart/src/main/docker/Dockerfile.jvm index f5bf23fa36..b32ae2f14c 100644 --- a/security-oauth2-quickstart/src/main/docker/Dockerfile.jvm +++ b/security-oauth2-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/using-oauth2-rbac-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/security-oauth2-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/using-oauth2-rbac-jvm +# docker run -i --rm -p 8080:8080 quarkus/security-oauth2-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-oauth2-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/security-oauth2-quickstart/src/main/docker/Dockerfile.legacy-jar b/security-oauth2-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..fc8e640c43 --- /dev/null +++ b/security-oauth2-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/security-oauth2-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/security-oauth2-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-oauth2-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/security-oauth2-quickstart/src/main/docker/Dockerfile.native b/security-oauth2-quickstart/src/main/docker/Dockerfile.native index f03a5d8add..581de9ec4d 100644 --- a/security-oauth2-quickstart/src/main/docker/Dockerfile.native +++ b/security-oauth2-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/using-oauth2-rbac . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/security-oauth2 . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/using-oauth2-rbac +# docker run -i --rm -p 8080:8080 quarkus/security-oauth2 # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 -CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] \ No newline at end of file +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/security-oauth2-quickstart/src/main/docker/Dockerfile.native-distroless b/security-oauth2-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..96ede1ce4d --- /dev/null +++ b/security-oauth2-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/security-oauth2 . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/security-oauth2 +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.jvm b/security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.jvm new file mode 100644 index 0000000000..34452b5691 --- /dev/null +++ b/security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.jvm @@ -0,0 +1,54 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/security-openid-connect-multi-tenancy-jvm . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-multi-tenancy-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-openid-connect-multi-tenancy-jvm +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.legacy-jar b/security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..b14f231c01 --- /dev/null +++ b/security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/security-openid-connect-multi-tenancy-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-multi-tenancy-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-openid-connect-multi-tenancy-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.native b/security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.native new file mode 100644 index 0000000000..14afbe827b --- /dev/null +++ b/security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.native @@ -0,0 +1,27 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native -t quarkus/security-openid-connect-multi-tenancy . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-multi-tenancy +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + +EXPOSE 8080 +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.native-distroless b/security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..8cf8aacbe3 --- /dev/null +++ b/security-openid-connect-multi-tenancy-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/security-openid-connect-multi-tenancy . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-multi-tenancy +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/security-openid-connect-quickstart/src/main/docker/Dockerfile.jvm b/security-openid-connect-quickstart/src/main/docker/Dockerfile.jvm new file mode 100644 index 0000000000..07b87ceea7 --- /dev/null +++ b/security-openid-connect-quickstart/src/main/docker/Dockerfile.jvm @@ -0,0 +1,54 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/security-openid-connect-jvm . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-openid-connect-jvm +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/security-openid-connect-quickstart/src/main/docker/Dockerfile.legacy-jar b/security-openid-connect-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..9a7d51d059 --- /dev/null +++ b/security-openid-connect-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/security-openid-connect-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-openid-connect-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/security-openid-connect-quickstart/src/main/docker/Dockerfile.native b/security-openid-connect-quickstart/src/main/docker/Dockerfile.native new file mode 100644 index 0000000000..80a5e61e1a --- /dev/null +++ b/security-openid-connect-quickstart/src/main/docker/Dockerfile.native @@ -0,0 +1,27 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native -t quarkus/security-openid-connect . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + +EXPOSE 8080 +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/security-openid-connect-quickstart/src/main/docker/Dockerfile.native-distroless b/security-openid-connect-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..191ec24eb2 --- /dev/null +++ b/security-openid-connect-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/security-openid-connect . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.jvm b/security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.jvm new file mode 100644 index 0000000000..f2f85c84ae --- /dev/null +++ b/security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.jvm @@ -0,0 +1,54 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/security-openid-connect-web-authentication-jvm . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-web-authentication-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-openid-connect-web-authentication-jvm +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.legacy-jar b/security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..bdeaf3d966 --- /dev/null +++ b/security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/security-openid-connect-web-authentication-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-web-authentication-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/security-openid-connect-web-authentication-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.native b/security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.native new file mode 100644 index 0000000000..f33fc47c16 --- /dev/null +++ b/security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.native @@ -0,0 +1,27 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native -t quarkus/security-openid-connect-web-authentication . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-web-authentication +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + +EXPOSE 8080 +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.native-distroless b/security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..8244cbeef2 --- /dev/null +++ b/security-openid-connect-web-authentication-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/security-openid-connect-web-authentication . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/security-openid-connect-web-authentication +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/software-transactional-memory-quickstart/src/main/docker/Dockerfile.jvm b/software-transactional-memory-quickstart/src/main/docker/Dockerfile.jvm new file mode 100644 index 0000000000..b98da3c82b --- /dev/null +++ b/software-transactional-memory-quickstart/src/main/docker/Dockerfile.jvm @@ -0,0 +1,54 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/software-transactional-memory-jvm . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/software-transactional-memory-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/software-transactional-memory-jvm +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/software-transactional-memory-quickstart/src/main/docker/Dockerfile.legacy-jar b/software-transactional-memory-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..09e4f07d30 --- /dev/null +++ b/software-transactional-memory-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/software-transactional-memory-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/software-transactional-memory-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/software-transactional-memory-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/software-transactional-memory-quickstart/src/main/docker/Dockerfile.native b/software-transactional-memory-quickstart/src/main/docker/Dockerfile.native new file mode 100644 index 0000000000..21759be401 --- /dev/null +++ b/software-transactional-memory-quickstart/src/main/docker/Dockerfile.native @@ -0,0 +1,27 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native -t quarkus/software-transactional-memory . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/software-transactional-memory +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + +EXPOSE 8080 +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/software-transactional-memory-quickstart/src/main/docker/Dockerfile.native-distroless b/software-transactional-memory-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..a38454f1a6 --- /dev/null +++ b/software-transactional-memory-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/software-transactional-memory . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/software-transactional-memory +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/spring-boot-properties-quickstart/src/main/docker/Dockerfile.jvm b/spring-boot-properties-quickstart/src/main/docker/Dockerfile.jvm index 17fc594779..e2a916832a 100644 --- a/spring-boot-properties-quickstart/src/main/docker/Dockerfile.jvm +++ b/spring-boot-properties-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/spring-boot-properties-quickstart-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/spring-boot-properties-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-boot-properties-quickstart-jvm +# docker run -i --rm -p 8080:8080 quarkus/spring-boot-properties-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/spring-boot-properties-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 ARG JAVA_PACKAGE=java-11-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 - +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/spring-boot-properties-quickstart/src/main/docker/Dockerfile.legacy-jar b/spring-boot-properties-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..eb337e762f --- /dev/null +++ b/spring-boot-properties-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/spring-boot-properties-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/spring-boot-properties-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/spring-boot-properties-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/spring-boot-properties-quickstart/src/main/docker/Dockerfile.native b/spring-boot-properties-quickstart/src/main/docker/Dockerfile.native index e1dee6bc6d..d20d6c5b39 100644 --- a/spring-boot-properties-quickstart/src/main/docker/Dockerfile.native +++ b/spring-boot-properties-quickstart/src/main/docker/Dockerfile.native @@ -1,30 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/spring-boot-properties-quickstart . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/spring-boot-properties . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-boot-properties-quickstart +# docker run -i --rm -p 8080:8080 quarkus/spring-boot-properties # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application - -# set up permissions for user `1001` -RUN chmod 775 /work /work/application \ - && chown -R 1001 /work \ - && chmod -R "g+rwX" /work \ - && chown -R 1001:root /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application EXPOSE 8080 USER 1001 -CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] \ No newline at end of file +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/spring-boot-properties-quickstart/src/main/docker/Dockerfile.native-distroless b/spring-boot-properties-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..4c24832b58 --- /dev/null +++ b/spring-boot-properties-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/spring-boot-properties . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/spring-boot-properties +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/spring-data-jpa-quickstart/src/main/docker/Dockerfile.jvm b/spring-data-jpa-quickstart/src/main/docker/Dockerfile.jvm new file mode 100644 index 0000000000..a25e668135 --- /dev/null +++ b/spring-data-jpa-quickstart/src/main/docker/Dockerfile.jvm @@ -0,0 +1,54 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/spring-data-jpa-jvm . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/spring-data-jpa-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/spring-data-jpa-jvm +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/spring-data-jpa-quickstart/src/main/docker/Dockerfile.legacy-jar b/spring-data-jpa-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..d0de2ca1dc --- /dev/null +++ b/spring-data-jpa-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/spring-data-jpa-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/spring-data-jpa-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/spring-data-jpa-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/spring-data-jpa-quickstart/src/main/docker/Dockerfile.native b/spring-data-jpa-quickstart/src/main/docker/Dockerfile.native new file mode 100644 index 0000000000..9a15653747 --- /dev/null +++ b/spring-data-jpa-quickstart/src/main/docker/Dockerfile.native @@ -0,0 +1,27 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native -t quarkus/spring-data-jpa . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/spring-data-jpa +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +WORKDIR /work/ +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + +EXPOSE 8080 +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/spring-data-jpa-quickstart/src/main/docker/Dockerfile.native-distroless b/spring-data-jpa-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..b5c54b43e4 --- /dev/null +++ b/spring-data-jpa-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/spring-data-jpa . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/spring-data-jpa +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/spring-data-rest-quickstart/src/main/docker/Dockerfile.jvm b/spring-data-rest-quickstart/src/main/docker/Dockerfile.jvm index ae66a6f1d0..39d3e6de89 100644 --- a/spring-data-rest-quickstart/src/main/docker/Dockerfile.jvm +++ b/spring-data-rest-quickstart/src/main/docker/Dockerfile.jvm @@ -7,18 +7,18 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/spring-data-rest-quickstart-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/spring-data-rest-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-data-rest-quickstart-jvm +# docker run -i --rm -p 8080:8080 quarkus/spring-data-rest-jvm # # If you want to include the debug port into your docker image # you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 # # Then run the container using : # -# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/spring-data-rest-quickstart-jvm +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/spring-data-rest-jvm # ### FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 @@ -42,8 +42,11 @@ RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 diff --git a/spring-data-rest-quickstart/src/main/docker/Dockerfile.legacy-jar b/spring-data-rest-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..770c4e48b5 --- /dev/null +++ b/spring-data-rest-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/spring-data-rest-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/spring-data-rest-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/spring-data-rest-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/spring-data-rest-quickstart/src/main/docker/Dockerfile.native b/spring-data-rest-quickstart/src/main/docker/Dockerfile.native index 8b6f621c10..3f7322532a 100644 --- a/spring-data-rest-quickstart/src/main/docker/Dockerfile.native +++ b/spring-data-rest-quickstart/src/main/docker/Dockerfile.native @@ -7,11 +7,11 @@ # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/spring-data-rest-quickstart . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/spring-data-rest . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/spring-data-rest-quickstart +# docker run -i --rm -p 8080:8080 quarkus/spring-data-rest # ### FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 diff --git a/spring-data-rest-quickstart/src/main/docker/Dockerfile.native-distroless b/spring-data-rest-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..8f44dd79ea --- /dev/null +++ b/spring-data-rest-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/spring-data-rest . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/spring-data-rest +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/spring-di-quickstart/src/main/docker/Dockerfile.jvm b/spring-di-quickstart/src/main/docker/Dockerfile.jvm index ed019c82e3..32e26ef945 100644 --- a/spring-di-quickstart/src/main/docker/Dockerfile.jvm +++ b/spring-di-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/using-spring-di-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/spring-di-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/using-spring-di-jvm +# docker run -i --rm -p 8080:8080 quarkus/spring-di-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/spring-di-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/spring-di-quickstart/src/main/docker/Dockerfile.legacy-jar b/spring-di-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..04a168878f --- /dev/null +++ b/spring-di-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/spring-di-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/spring-di-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/spring-di-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/spring-di-quickstart/src/main/docker/Dockerfile.native b/spring-di-quickstart/src/main/docker/Dockerfile.native index 4857e57ceb..1b04871991 100644 --- a/spring-di-quickstart/src/main/docker/Dockerfile.native +++ b/spring-di-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/using-spring-di . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/spring-di . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/using-spring-di +# docker run -i --rm -p 8080:8080 quarkus/spring-di # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/spring-di-quickstart/src/main/docker/Dockerfile.native-distroless b/spring-di-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..92b4c28330 --- /dev/null +++ b/spring-di-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/spring-di . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/spring-di +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/spring-scheduled-quickstart/src/main/docker/Dockerfile.jvm b/spring-scheduled-quickstart/src/main/docker/Dockerfile.jvm index 6056ad185a..3fc2f0fca3 100644 --- a/spring-scheduled-quickstart/src/main/docker/Dockerfile.jvm +++ b/spring-scheduled-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/scheduling-periodic-tasks-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/spring-scheduled-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/scheduling-periodic-tasks-jvm +# docker run -i --rm -p 8080:8080 quarkus/spring-scheduled-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/spring-scheduled-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/spring-scheduled-quickstart/src/main/docker/Dockerfile.legacy-jar b/spring-scheduled-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..7e98c60249 --- /dev/null +++ b/spring-scheduled-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/spring-scheduled-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/spring-scheduled-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/spring-scheduled-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/spring-scheduled-quickstart/src/main/docker/Dockerfile.native b/spring-scheduled-quickstart/src/main/docker/Dockerfile.native index 0beb7854a7..dc99c83b5d 100644 --- a/spring-scheduled-quickstart/src/main/docker/Dockerfile.native +++ b/spring-scheduled-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/scheduling-periodic-tasks . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/spring-scheduled . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/scheduling-periodic-tasks +# docker run -i --rm -p 8080:8080 quarkus/spring-scheduled # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/spring-scheduled-quickstart/src/main/docker/Dockerfile.native-distroless b/spring-scheduled-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..617fd3f8c4 --- /dev/null +++ b/spring-scheduled-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/spring-scheduled . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/spring-scheduled +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/spring-security-quickstart/src/main/docker/Dockerfile.jvm b/spring-security-quickstart/src/main/docker/Dockerfile.jvm index 93d064d21e..1c8a10c02a 100644 --- a/spring-security-quickstart/src/main/docker/Dockerfile.jvm +++ b/spring-security-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/secured-spring-web-quickstart-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/spring-security-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/secured-spring-web-quickstart-jvm +# docker run -i --rm -p 8080:8080 quarkus/spring-security-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/spring-security-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/spring-security-quickstart/src/main/docker/Dockerfile.legacy-jar b/spring-security-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..640b3fb04c --- /dev/null +++ b/spring-security-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/spring-security-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/spring-security-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/spring-security-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/spring-security-quickstart/src/main/docker/Dockerfile.native b/spring-security-quickstart/src/main/docker/Dockerfile.native index 6147d34a87..fae3b8cbe4 100644 --- a/spring-security-quickstart/src/main/docker/Dockerfile.native +++ b/spring-security-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/secured-spring-web-quickstart . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/spring-security . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/secured-spring-web-quickstart +# docker run -i --rm -p 8080:8080 quarkus/spring-security # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 -CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] \ No newline at end of file +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/spring-security-quickstart/src/main/docker/Dockerfile.native-distroless b/spring-security-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..901e291a0e --- /dev/null +++ b/spring-security-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/spring-security . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/spring-security +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/spring-web-quickstart/src/main/docker/Dockerfile.jvm b/spring-web-quickstart/src/main/docker/Dockerfile.jvm index ed019c82e3..593755547a 100644 --- a/spring-web-quickstart/src/main/docker/Dockerfile.jvm +++ b/spring-web-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/using-spring-di-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/spring-web-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/using-spring-di-jvm +# docker run -i --rm -p 8080:8080 quarkus/spring-web-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/spring-web-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/spring-web-quickstart/src/main/docker/Dockerfile.legacy-jar b/spring-web-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..1f16e0a683 --- /dev/null +++ b/spring-web-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/spring-web-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/spring-web-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/spring-web-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/spring-web-quickstart/src/main/docker/Dockerfile.native b/spring-web-quickstart/src/main/docker/Dockerfile.native index 4857e57ceb..ce1106c739 100644 --- a/spring-web-quickstart/src/main/docker/Dockerfile.native +++ b/spring-web-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/using-spring-di . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/spring-web . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/using-spring-di +# docker run -i --rm -p 8080:8080 quarkus/spring-web # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/spring-web-quickstart/src/main/docker/Dockerfile.native-distroless b/spring-web-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..ba177f36fb --- /dev/null +++ b/spring-web-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/spring-web . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/spring-web +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/tests-with-coverage-quickstart/src/main/docker/Dockerfile.jvm b/tests-with-coverage-quickstart/src/main/docker/Dockerfile.jvm index 929423d23f..19904f8dfe 100644 --- a/tests-with-coverage-quickstart/src/main/docker/Dockerfile.jvm +++ b/tests-with-coverage-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/getting-started-testing-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/tests-with-coverage-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/getting-started-testing-jvm +# docker run -i --rm -p 8080:8080 quarkus/tests-with-coverage-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/tests-with-coverage-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/tests-with-coverage-quickstart/src/main/docker/Dockerfile.legacy-jar b/tests-with-coverage-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..68b56b9211 --- /dev/null +++ b/tests-with-coverage-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/tests-with-coverage-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/tests-with-coverage-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/tests-with-coverage-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/tests-with-coverage-quickstart/src/main/docker/Dockerfile.native b/tests-with-coverage-quickstart/src/main/docker/Dockerfile.native index 0ff926c768..5ffae4120f 100644 --- a/tests-with-coverage-quickstart/src/main/docker/Dockerfile.native +++ b/tests-with-coverage-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/getting-started-testing . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/tests-with-coverage . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/getting-started-testing +# docker run -i --rm -p 8080:8080 quarkus/tests-with-coverage # ### -FROM registry.fedoraproject.org/fedora-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 -CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] \ No newline at end of file +USER 1001 + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/tests-with-coverage-quickstart/src/main/docker/Dockerfile.native-distroless b/tests-with-coverage-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..62faa8d253 --- /dev/null +++ b/tests-with-coverage-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/tests-with-coverage . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/tests-with-coverage +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/tika-quickstart/src/main/docker/Dockerfile.jvm b/tika-quickstart/src/main/docker/Dockerfile.jvm index d492f2e54f..89155c5990 100644 --- a/tika-quickstart/src/main/docker/Dockerfile.jvm +++ b/tika-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/using-apache-tika-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/tika-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/using-apache-tika-jvm +# docker run -i --rm -p 8080:8080 quarkus/tika-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/tika-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,9 +42,11 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 diff --git a/tika-quickstart/src/main/docker/Dockerfile.legacy-jar b/tika-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..e7c74bd5b6 --- /dev/null +++ b/tika-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/tika-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/tika-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/tika-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/tika-quickstart/src/main/docker/Dockerfile.native b/tika-quickstart/src/main/docker/Dockerfile.native index 705b0ff177..b008f5f169 100644 --- a/tika-quickstart/src/main/docker/Dockerfile.native +++ b/tika-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/using-apache-tika . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/tika . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/using-apache-tika +# docker run -i --rm -p 8080:8080 quarkus/tika # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/tika-quickstart/src/main/docker/Dockerfile.native-distroless b/tika-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..84591f97e5 --- /dev/null +++ b/tika-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/tika . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/tika +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/validation-quickstart/src/main/docker/Dockerfile.jvm b/validation-quickstart/src/main/docker/Dockerfile.jvm index ab1359473e..c5c9164c76 100644 --- a/validation-quickstart/src/main/docker/Dockerfile.jvm +++ b/validation-quickstart/src/main/docker/Dockerfile.jvm @@ -1,9 +1,9 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # @@ -13,17 +13,22 @@ # # docker run -i --rm -p 8080:8080 quarkus/validation-jvm # +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/validation-jvm +# ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/validation-quickstart/src/main/docker/Dockerfile.legacy-jar b/validation-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..2140344cf2 --- /dev/null +++ b/validation-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/validation-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/validation-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/validation-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/validation-quickstart/src/main/docker/Dockerfile.native b/validation-quickstart/src/main/docker/Dockerfile.native index 666dc5a426..44841f57d0 100644 --- a/validation-quickstart/src/main/docker/Dockerfile.native +++ b/validation-quickstart/src/main/docker/Dockerfile.native @@ -1,9 +1,9 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # @@ -14,9 +14,14 @@ # docker run -i --rm -p 8080:8080 quarkus/validation # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/validation-quickstart/src/main/docker/Dockerfile.native-distroless b/validation-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..3aff4fd586 --- /dev/null +++ b/validation-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/validation . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/validation +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/vertx-quickstart/src/main/docker/Dockerfile.jvm b/vertx-quickstart/src/main/docker/Dockerfile.jvm index a41a5e8341..c8cb834d81 100644 --- a/vertx-quickstart/src/main/docker/Dockerfile.jvm +++ b/vertx-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/using-vertx-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/vertx-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/using-vertx-jvm +# docker run -i --rm -p 8080:8080 quarkus/vertx-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/vertx-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/vertx-quickstart/src/main/docker/Dockerfile.legacy-jar b/vertx-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..f98b83cead --- /dev/null +++ b/vertx-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/vertx-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/vertx-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/vertx-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/vertx-quickstart/src/main/docker/Dockerfile.native b/vertx-quickstart/src/main/docker/Dockerfile.native index 3a5de61afb..c74e4bf165 100644 --- a/vertx-quickstart/src/main/docker/Dockerfile.native +++ b/vertx-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/using-vertx . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/vertx . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/using-vertx +# docker run -i --rm -p 8080:8080 quarkus/vertx # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/vertx-quickstart/src/main/docker/Dockerfile.native-distroless b/vertx-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..0eb364cfb6 --- /dev/null +++ b/vertx-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/vertx . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/vertx +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/websockets-quickstart/src/main/docker/Dockerfile.jvm b/websockets-quickstart/src/main/docker/Dockerfile.jvm index 263120f82f..5b97e0a5a5 100644 --- a/websockets-quickstart/src/main/docker/Dockerfile.jvm +++ b/websockets-quickstart/src/main/docker/Dockerfile.jvm @@ -1,29 +1,34 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package +# ./mvnw package # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/using-websockets-jvm . +# docker build -f src/main/docker/Dockerfile.jvm -t quarkus/websockets-jvm . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/using-websockets-jvm +# docker run -i --rm -p 8080:8080 quarkus/websockets-jvm +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/websockets-jvm # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1 - -ARG JAVA_PACKAGE=java-1.8.0-openjdk-headless -ARG RUN_JAVA_VERSION=1.3.5 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' - # Install java and the run-java script # Also set up permissions for user `1001` -RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ && microdnf update \ && microdnf clean all \ && mkdir /deployments \ @@ -37,11 +42,13 @@ RUN microdnf install openssl curl ca-certificates ${JAVA_PACKAGE} \ # Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" - -COPY target/lib/* /deployments/lib/ -COPY target/*-runner.jar /deployments/app.jar +# We make four distinct layers so if there are application changes the library layers can be re-used +COPY --chown=1001 target/quarkus-app/lib/ /deployments/lib/ +COPY --chown=1001 target/quarkus-app/*.jar /deployments/ +COPY --chown=1001 target/quarkus-app/app/ /deployments/app/ +COPY --chown=1001 target/quarkus-app/quarkus/ /deployments/quarkus/ EXPOSE 8080 USER 1001 -ENTRYPOINT [ "/deployments/run-java.sh" ] \ No newline at end of file +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/websockets-quickstart/src/main/docker/Dockerfile.legacy-jar b/websockets-quickstart/src/main/docker/Dockerfile.legacy-jar new file mode 100644 index 0000000000..1491a9083e --- /dev/null +++ b/websockets-quickstart/src/main/docker/Dockerfile.legacy-jar @@ -0,0 +1,51 @@ +#### +# This Dockerfile is used in order to build a container that runs the Quarkus application in JVM mode +# +# Before building the container image run: +# +# ./mvnw package -Dquarkus.package.type=legacy-jar +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.legacy-jar -t quarkus/websockets-legacy-jar . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/websockets-legacy-jar +# +# If you want to include the debug port into your docker image +# you will have to expose the debug port (default 5005) like this : EXPOSE 8080 5050 +# +# Then run the container using : +# +# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/websockets-legacy-jar +# +### +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 + +ARG JAVA_PACKAGE=java-11-openjdk-headless +ARG RUN_JAVA_VERSION=1.3.8 +ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' +# Install java and the run-java script +# Also set up permissions for user `1001` +RUN microdnf install curl ca-certificates ${JAVA_PACKAGE} \ + && microdnf update \ + && microdnf clean all \ + && mkdir /deployments \ + && chown 1001 /deployments \ + && chmod "g+rwX" /deployments \ + && chown 1001:root /deployments \ + && curl https://repo1.maven.org/maven2/io/fabric8/run-java-sh/${RUN_JAVA_VERSION}/run-java-sh-${RUN_JAVA_VERSION}-sh.sh -o /deployments/run-java.sh \ + && chown 1001 /deployments/run-java.sh \ + && chmod 540 /deployments/run-java.sh \ + && echo "securerandom.source=file:/dev/urandom" >> /etc/alternatives/jre/lib/security/java.security + +# Configure the JAVA_OPTIONS, you can add -XshowSettings:vm to also display the heap size. +ENV JAVA_OPTIONS="-Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager" +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar + +EXPOSE 8080 +USER 1001 + +ENTRYPOINT [ "/deployments/run-java.sh" ] diff --git a/websockets-quickstart/src/main/docker/Dockerfile.native b/websockets-quickstart/src/main/docker/Dockerfile.native index ebbfffbacc..a3058af99e 100644 --- a/websockets-quickstart/src/main/docker/Dockerfile.native +++ b/websockets-quickstart/src/main/docker/Dockerfile.native @@ -1,22 +1,27 @@ #### # This Dockerfile is used in order to build a container that runs the Quarkus application in native (no JVM) mode # -# Before building the docker image run: +# Before building the container image run: # -# mvn package -Pnative -Dquarkus.native.container-build=true +# ./mvnw package -Pnative # # Then, build the image with: # -# docker build -f src/main/docker/Dockerfile.native -t quarkus/using-websockets . +# docker build -f src/main/docker/Dockerfile.native -t quarkus/websockets . # # Then run the container using: # -# docker run -i --rm -p 8080:8080 quarkus/using-websockets +# docker run -i --rm -p 8080:8080 quarkus/websockets # ### -FROM registry.access.redhat.com/ubi8/ubi-minimal +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3 WORKDIR /work/ -COPY target/*-runner /work/application -RUN chmod 775 /work +RUN chown 1001 /work \ + && chmod "g+rwX" /work \ + && chown 1001:root /work +COPY --chown=1001:root target/*-runner /work/application + EXPOSE 8080 +USER 1001 + CMD ["./application", "-Dquarkus.http.host=0.0.0.0"] diff --git a/websockets-quickstart/src/main/docker/Dockerfile.native-distroless b/websockets-quickstart/src/main/docker/Dockerfile.native-distroless new file mode 100644 index 0000000000..f70f56012b --- /dev/null +++ b/websockets-quickstart/src/main/docker/Dockerfile.native-distroless @@ -0,0 +1,23 @@ +#### +# This Dockerfile is used in order to build a distroless container that runs the Quarkus application in native (no JVM) mode +# +# Before building the container image run: +# +# ./mvnw package -Pnative +# +# Then, build the image with: +# +# docker build -f src/main/docker/Dockerfile.native-distroless -t quarkus/websockets . +# +# Then run the container using: +# +# docker run -i --rm -p 8080:8080 quarkus/websockets +# +### +FROM quay.io/quarkus/quarkus-distroless-image:1.0 +COPY target/*-runner /application + +EXPOSE 8080 +USER nonroot + +CMD ["./application", "-Dquarkus.http.host=0.0.0.0"]