Skip to content

Commit

Permalink
Merge branch '7.8.x' into master by rahejaprince
Browse files Browse the repository at this point in the history
  • Loading branch information
@ConfluentSemaphore
ConfluentSemaphore committed Sep 5, 2024
2 parents 36c0f59 + 92790e3 commit 0584760
Show file tree
Hide file tree
Showing 5 changed files with 33 additions and 22 deletions.
22 changes: 14 additions & 8 deletions base-lite/Dockerfile.ubi8
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,18 +51,24 @@ LABEL io.confluent.docker=true
# base image that supports it
ENV LANG="C.UTF-8"

# Zulu OpenJDK version
ARG ZULU_OPENJDK_VERSION=""
# Temurin JDK version
ARG TEMURIN_JDK_VERSION=""

ENV UB_CLASSPATH=/usr/share/java/cp-base-lite/*

RUN printf "[temurin-jdk] \n\
name=temurin-jdk \n\
baseurl=https://packages.adoptium.net/artifactory/rpm/rhel/\$releasever/\$basearch \n\
enabled=1 \n\
gpgcheck=1 \n\
gpgkey=https://packages.adoptium.net/artifactory/api/gpg/key/public \n\
" > /etc/yum.repos.d/adoptium.repo

RUN microdnf --nodocs install yum \
&& rpm --import https://www.azul.com/files/0xB1998361219BD9C9.txt \
&& yum --nodocs -y install https://cdn.azul.com/zulu/bin/zulu-repo-1.0.0-1.noarch.rpm \
&& yum --nodocs update -y \
&& yum --nodocs install -y --setopt=install_weak_deps=False \
"curl${CURL_VERSION}" \
"zulu17-ca-jre-headless${ZULU_OPENJDK_VERSION}" \
"temurin-17-jre${TEMURIN_JDK_VERSION}" \
&& microdnf clean all \
&& yum clean all \
&& rm -rf /tmp/* \
Expand All @@ -74,10 +80,10 @@ RUN microdnf --nodocs install yum \
# The ARG SKIP_SECURITY_UPDATE_CHECK is an "escape" hatch if you want to by-pass this check and build the container anyways, which
# is not advisable in terms of security posture. If set to false (which triggers a shell exit(1) if the check fails from the left
# hand of ||) this check will fail. If true (which triggers a right-hand || shell exit(0)), then this check will pass even if a
# security update is availible. We skip checks from ZuluJDK repos because Confluent pins those upstream versions for various reasons
# such as identified bugs in ZuluJDK's software.
# security update is availible. We skip checks from TemurinJDK repos because Confluent pins those upstream versions for various reasons
# such as identified bugs in TemurinJDK's software.
ARG SKIP_SECURITY_UPDATE_CHECK="false"
RUN yum --disablerepo="zulu-openjdk" check-update || "${SKIP_SECURITY_UPDATE_CHECK}"
RUN yum --disablerepo="temurin-jdk" check-update || "${SKIP_SECURITY_UPDATE_CHECK}"

COPY --chown=appuser:appuser target/${ARTIFACT_ID}-${PROJECT_VERSION}-package/share/doc/* /usr/share/doc/${ARTIFACT_ID}/
COPY --chown=appuser:appuser target/${ARTIFACT_ID}-${PROJECT_VERSION}-package/share/java/${ARTIFACT_ID}/* /usr/share/java/${ARTIFACT_ID}/
Expand Down
5 changes: 2 additions & 3 deletions base-lite/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@
<configuration>
<buildArgs>
<UBI_MINIMAL_VERSION>${ubi.image.version}</UBI_MINIMAL_VERSION>
<ZULU_OPENJDK_VERSION>-${ubi.zulu.openjdk.version}</ZULU_OPENJDK_VERSION>
<TEMURIN_JDK_VERSION>-${ubi.temurin.jdk.version}</TEMURIN_JDK_VERSION>
<SKIP_SECURITY_UPDATE_CHECK>${docker.skip-security-update-check}</SKIP_SECURITY_UPDATE_CHECK>
<GOLANG_VERSION>${golang.version}</GOLANG_VERSION>
</buildArgs>
Expand All @@ -102,8 +102,7 @@
<build>
<args>
<UBI_MINIMAL_VERSION>${ubi.image.version}</UBI_MINIMAL_VERSION>
<ZULU_OPENJDK_VERSION>-${ubi.zulu.openjdk.version}
</ZULU_OPENJDK_VERSION>
<TEMURIN_JDK_VERSION>-${ubi.temurin.jdk.version}</TEMURIN_JDK_VERSION>
<SKIP_SECURITY_UPDATE_CHECK>
${docker.skip-security-update-check}
</SKIP_SECURITY_UPDATE_CHECK>
Expand Down
22 changes: 14 additions & 8 deletions base/Dockerfile.ubi8
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,8 +63,8 @@ ARG XZ_LIBS_VERSION=""
ARG GLIBC_VERSION=""
ARG CURL_VERSION=""

# Zulu OpenJDK version
ARG ZULU_OPENJDK_VERSION=""
# Temurin JDK version
ARG TEMURIN_JDK_VERSION=""

# Python Module Versions
ARG PYTHON_PIP_VERSION=""
Expand All @@ -76,9 +76,15 @@ ARG PYTHON_CONFLUENT_DOCKER_UTILS_VERSION="master"
# This can be overriden for an offline/air-gapped builds
ARG PYTHON_CONFLUENT_DOCKER_UTILS_INSTALL_SPEC="git+https://github.com/confluentinc/confluent-docker-utils@${PYTHON_CONFLUENT_DOCKER_UTILS_VERSION}"

RUN printf "[temurin-jdk] \n\
name=temurin-jdk \n\
baseurl=https://packages.adoptium.net/artifactory/rpm/rhel/\$releasever/\$basearch \n\
enabled=1 \n\
gpgcheck=1 \n\
gpgkey=https://packages.adoptium.net/artifactory/api/gpg/key/public \n\
" > /etc/yum.repos.d/adoptium.repo

RUN microdnf --nodocs install yum \
&& rpm --import https://www.azul.com/files/0xB1998361219BD9C9.txt \
&& yum --nodocs -y install https://cdn.azul.com/zulu/bin/zulu-repo-1.0.0-1.noarch.rpm \
&& yum --nodocs update -y \
&& yum --nodocs install -y --setopt=install_weak_deps=False \
git \
Expand All @@ -100,7 +106,7 @@ RUN microdnf --nodocs install yum \
"libcurl${CURL_VERSION}" \
"findutils${FINDUTILS_VERSION}" \
"crypto-policies-scripts${CRYPTO_POLICIES_SCRIPTS_VERSION}" \
"zulu17-ca-jdk-headless${ZULU_OPENJDK_VERSION}" "zulu17-ca-jre-headless${ZULU_OPENJDK_VERSION}" \
"temurin-17-jdk${TEMURIN_JDK_VERSION}" "temurin-17-jre${TEMURIN_JDK_VERSION}" \
&& alternatives --set python /usr/bin/python3 \
&& python3 -m pip install --upgrade "setuptools${PYTHON_SETUPTOOLS_VERSION}" \
&& python3 -m pip install --prefer-binary --prefix=/usr/local --upgrade "${PYTHON_CONFLUENT_DOCKER_UTILS_INSTALL_SPEC}" \
Expand All @@ -118,10 +124,10 @@ RUN update-crypto-policies --set FIPS
# The ARG SKIP_SECURITY_UPDATE_CHECK is an "escape" hatch if you want to by-pass this check and build the container anyways, which
# is not advisable in terms of security posture. If set to false (which triggers a shell exit(1) if the check fails from the left
# hand of ||) this check will fail. If true (which triggers a right-hand || shell exit(0)), then this check will pass even if a
# security update is availible. We skip checks from ZuluJDK repos because Confluent pins those upstream versions for various reasons
# such as identified bugs in ZuluJDK's software.
# security update is availible. We skip checks from TemurinJDK repos because Confluent pins those upstream versions for various reasons
# such as identified bugs in TemurinJDK's software.
ARG SKIP_SECURITY_UPDATE_CHECK="false"
RUN yum --disablerepo="zulu-openjdk" check-update || "${SKIP_SECURITY_UPDATE_CHECK}"
RUN yum --disablerepo="temurin-jdk" check-update || "${SKIP_SECURITY_UPDATE_CHECK}"

COPY --chown=appuser:appuser target/${ARTIFACT_ID}-${PROJECT_VERSION}-package/share/doc/* /usr/share/doc/${ARTIFACT_ID}/
COPY --chown=appuser:appuser target/${ARTIFACT_ID}-${PROJECT_VERSION}-package/share/java/${ARTIFACT_ID}/* /usr/share/java/${ARTIFACT_ID}/
Expand Down
4 changes: 2 additions & 2 deletions base/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -135,7 +135,7 @@
<XZ_LIBS_VERSION>-${ubi.xzlibs.version}</XZ_LIBS_VERSION>
<GLIBC_VERSION>-${ubi.glibc.version}</GLIBC_VERSION>
<CURL_VERSION>-${ubi.curl.version}</CURL_VERSION>
<ZULU_OPENJDK_VERSION>-${ubi.zulu.openjdk.version}</ZULU_OPENJDK_VERSION>
<TEMURIN_JDK_VERSION>-${ubi.temurin.jdk.version}</TEMURIN_JDK_VERSION>
<PYTHON_PIP_VERSION>-${ubi.python.pip.version}</PYTHON_PIP_VERSION>
<PYTHON_SETUPTOOLS_VERSION>==${ubi.python.setuptools.version}</PYTHON_SETUPTOOLS_VERSION>
<PYTHON_CONFLUENT_DOCKER_UTILS_VERSION>${ubi.python.confluent.docker.utils.version}</PYTHON_CONFLUENT_DOCKER_UTILS_VERSION>
Expand Down Expand Up @@ -168,7 +168,7 @@
<CURL_VERSION>-${ubi.curl.version}</CURL_VERSION>
<FINDUTILS_VERSION>-${ubi.iputils.version}</FINDUTILS_VERSION>
<CRYPTO_POLICIES_SCRIPTS_VERSION>-${ubi.crypto.policies.scripts.version}</CRYPTO_POLICIES_SCRIPTS_VERSION>
<ZULU_OPENJDK_VERSION>-${ubi.zulu.openjdk.version}</ZULU_OPENJDK_VERSION>
<TEMURIN_JDK_VERSION>-${ubi.temurin.jdk.version}</TEMURIN_JDK_VERSION>
<PYTHON_PIP_VERSION>-${ubi.python.pip.version}</PYTHON_PIP_VERSION>
<PYTHON_SETUPTOOLS_VERSION>==${ubi.python.setuptools.version}
</PYTHON_SETUPTOOLS_VERSION>
Expand Down
2 changes: 1 addition & 1 deletion pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@
<ubi.findutils.version>1:4.6.0-21.el8</ubi.findutils.version>
<ubi.crypto.policies.scripts.version>20230731-1.git3177e06.el8</ubi.crypto.policies.scripts.version>
<!-- ZULU OpenJDK Package Version -->
<ubi.zulu.openjdk.version>17.0.12-1</ubi.zulu.openjdk.version>
<ubi.temurin.jdk.version>17.0.12.0.0.7-2</ubi.temurin.jdk.version>
<!-- Python Module Versions -->
<ubi.python.pip.version>20.*</ubi.python.pip.version>
<ubi.python.setuptools.version>71.1.0</ubi.python.setuptools.version>
Expand Down

0 comments on commit 0584760

Please sign in to comment.