Fix docker build

ant needed to be updated to >1.9, but the old image used an old alpine with the max version of ant being 1.8. The build is split into 2 phases to reduce the size of the image. A builder makes the installer and installs it in one image. The installed files are copied over to the actual result image.
2021-01-23 18:19:31 +01:00
parent f71e59a049
commit e64e12b3fb
3 changed files with 65 additions and 64 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -0,0 +1,31 @@
+.idea
+.git
+Dockerfile
+
+
+# Gradle
+.gradle
+build
+apps/BOB/build
+apps/addressbook/build
+apps/desktopgui/build
+apps/i2pcontrol/build
+apps/i2psnark/build
+apps/i2ptunnel/build
+apps/imagegen/build
+apps/jetty/build
+apps/jrobin/build
+apps/ministreaming/java/build
+apps/ministreaming/build
+apps/routerconsole/build
+apps/sam/build
+apps/streaming/build
+apps/susidns/build
+apps/susimail/build
+apps/systray/build
+core/java/build
+core/build
+installer/build
+router/java/build
+router/build
+
--- a/Docker.entrypoint.sh
+++ b/Docker.entrypoint.sh
@ -1,14 +0,0 @@
-#!/bin/sh
-
-export JAVA_HOME=/opt/jdk/jre
-
-# Ensure user rights
-chown -R i2p:nobody /opt/i2p
-chmod -R u+rwx /opt/i2p
-
-gosu i2p /opt/i2p/i2psvc /opt/i2p/wrapper.config wrapper.pidfile=/var/tmp/i2p.pid \
-   wrapper.name=i2p \
-   wrapper.displayname="I2P Service" \
-   wrapper.statusfile=/var/tmp/i2p.status \
-   wrapper.java.statusfile=/var/tmp/i2p.java.status \
-   wrapper.logfile=/var/tmp/wrapper.log
--- a/84
+++ b/84
@ -1,62 +1,46 @@
-FROM meeh/java8server:latest
-# Docker image based on Alpine with Java.
+# Use a multi-stage build to reduce the size of the resulting image
+# We need alpine >v3 in order to install an apache-ant > 1.9
+FROM alpine:3 as builder
+ENV I2P_PREFIX="/opt/i2p"

-# We use Oracle Java to run I2P, but uses the openjdk to build it.
+WORKDIR /tmp/build
+COPY . ./

+# Build installer
+RUN apk --no-cache add build-base gettext tar bzip2 apache-ant openjdk8 expect
+RUN echo "noExe=true" >> build.properties
+RUN ant installer-linux
+RUN mkdir -p /opt
+RUN mv i2pinstall*.jar /tmp/i2pinstall.jar

-MAINTAINER Mikal Villa <mikal@sigterm.no>
+# Install i2p using the installer into I2P_PREFIX
+RUN expect -f ./Docker.expt
+RUN cd ${I2P_PREFIX}
+RUN rm -fr man docs *.bat *.command *.app

-ENV GIT_BRANCH="master"
+# Second stage only using the installer from the last stage
+# ---------------------------------------------------------
+# We can't use alpine here as the java service wrapper is built with glibc
+# alpine uses musl
+FROM openjdk:11.0-jre-slim
+
+ARG I2P_UID=1000
+ARG I2P_USER=i2p
 ENV I2P_PREFIX="/opt/i2p"
 ENV PATH=${I2P_PREFIX}/bin:$PATH
-ENV JAVA_HOME=/usr/lib/jvm/default-jvm
-
-ENV GOSU_VERSION=1.7
-ENV GOSU_SHASUM="34049cfc713e8b74b90d6de49690fa601dc040021980812b2f1f691534be8a50  /usr/local/bin/gosu"
-
-RUN mkdir /user && adduser -S -h /user i2p && chown -R i2p:nobody /user
-
-# Adding files first, since Docker.expt is required for installation
-ADD Docker.expt /tmp/Docker.expt
-ADD Docker.entrypoint.sh /entrypoint.sh
-
-# Required for wget https
-RUN apk add --no-cache openssl
-# Gosu is a replacement for su/sudo in docker and not a backdoor :) See https://github.com/tianon/gosu
-RUN wget -O /usr/local/bin/gosu https://github.com/tianon/gosu/releases/download/${GOSU_VERSION}/gosu-amd64 \
-    && echo "${GOSU_SHASUM}" | sha256sum -c && chmod +x /usr/local/bin/gosu
-
-#
-# Each RUN is a layer, adding the dependencies and building i2pd in one layer takes around 8-900Mb, so to keep the
-# image under 200mb we need to remove all the build dependencies in the same "RUN" / layer.
-#
-
-# The main layer
-RUN apk --no-cache add build-base git gettext tar bzip2 apache-ant openjdk8 expect \
-    && mkdir -p /usr/src/build \
-    && cd /usr/src/build \
-    && git clone -b ${GIT_BRANCH} https://github.com/i2p/i2p.i2p.git \
-    && cd /usr/src/build/i2p.i2p \
-    && echo "noExe=true" >> build.properties \
-    && ant installer-linux \
-    && cp i2pinstall*.jar /tmp/i2pinstall.jar \
-    && mkdir -p /opt \
-    && chown i2p:root /opt \
-    && chmod u+rw /opt \
-    && gosu i2p expect -f /tmp/Docker.expt \
-    && cd ${I2P_PREFIX} \
-    && rm -fr man docs *.bat *.command *.app /tmp/i2pinstall.jar /tmp/Docker.expt \
-    && rm -fr /usr/src/build \
-    && apk --purge del build-base apache-ant expect tcl expat git openjdk8 openjdk8-jre openjdk8-jre-base openjdk8-jre-lib bzip2 tar \
-      binutils-libs binutils pkgconfig libcurl libc-dev musl-dev g++ make fortify-headers pkgconf giflib libssh2 libxdmcp libxcb \
-      libx11 pcre alsa-lib libxi libxrender libxml2 readline bash openssl \
-    && rm -fr /usr/lib/jvm/default-jre \
-    && ln -sf /opt/jdk/jre /usr/lib/jvm/default-jre \
-    && chmod a+x /entrypoint.sh

+# "install" i2p by copying over installed files
+COPY --from=builder /opt/i2p ${I2P_PREFIX}

+# Setup user and fix permissions in
+RUN adduser --system --uid ${I2P_UID} --home /user ${I2P_USER} \
+    && chown -R ${I2P_USER} /user \
+    && chown -R ${I2P_USER} ${I2P_PREFIX} \
+    && chmod -R u+rwx ${I2P_PREFIX}

 EXPOSE 7654 7656 7657 7658 4444 6668 8998 7659 7660 4445 15000-20000

-ENTRYPOINT [ "/entrypoint.sh" ]
+USER i2p
+ENTRYPOINT [ "/opt/i2p/i2psvc" ]
+CMD [ "/opt/i2p/wrapper.config", "wrapper.pidfile=/var/tmp/i2p.pid", "wrapper.name=i2p", "wrapper.displayname=\"I2P Service\"" , "wrapper.statusfile=/var/tmp/i2p.status", "wrapper.java.statusfile=/var/tmp/i2p.java.status", "wrapper.logfile=/var/tmp/wrapper.log" ]