From 8fb995e3cf9eba8713671dfe0350f43ea6688816 Mon Sep 17 00:00:00 2001 From: Bruno Borges Date: Thu, 12 Dec 2024 22:46:59 -0800 Subject: [PATCH 1/8] Initial draft of an Ubuntu Chiselled image for MS Build of OpenJDK --- .../Dockerfile.msopenjdk-21-jdk | 58 +++++++++++++++++++ 1 file changed, 58 insertions(+) create mode 100644 docker/ubuntu-chiselled/Dockerfile.msopenjdk-21-jdk diff --git a/docker/ubuntu-chiselled/Dockerfile.msopenjdk-21-jdk b/docker/ubuntu-chiselled/Dockerfile.msopenjdk-21-jdk new file mode 100644 index 0000000..b2fe8a5 --- /dev/null +++ b/docker/ubuntu-chiselled/Dockerfile.msopenjdk-21-jdk @@ -0,0 +1,58 @@ +FROM amd64/buildpack-deps:jammy-curl AS chisel + +RUN apt-get update && apt-get install -y file + +RUN curl -fSL --output chisel.tar.gz https://github.com/canonical/chisel/releases/download/v0.10.0/chisel_v0.10.0_linux_amd64.tar.gz \ + && chisel_sha512='5c863d41e9b0829a3af57de444bdb7d1638612e5caa0a289511b5f46ec5728795152381257d30bbff012bcb5c533b6cfbc17b17b93569fd5c0e194ce2c6e0fc5' \ + && echo "$chisel_sha512 chisel.tar.gz" | sha512sum -c - \ + && tar -xzf chisel.tar.gz -C /usr/bin/ chisel \ + && curl -fSL --output /usr/bin/chisel-wrapper https://raw.githubusercontent.com/canonical/rocks-toolbox/v1.1.2/chisel-wrapper \ + && chmod 755 /usr/bin/chisel-wrapper + +RUN groupadd \ + --gid=1654 \ + app \ + && useradd -l \ + --uid=1654 \ + --gid=1654 \ + --shell /bin/false \ + app \ + && install -d -m 0755 -o 1654 -g 1654 "/rootfs/home/app" \ + && mkdir -p "/rootfs/etc" \ + && rootOrAppRegex='^\(root\|app\):' \ + && cat /etc/passwd | grep $rootOrAppRegex > "/rootfs/etc/passwd" \ + && cat /etc/group | grep $rootOrAppRegex > "/rootfs/etc/group" + +RUN mkdir -p /rootfs/var/lib/dpkg/ +RUN \ + chisel-wrapper --generate-dpkg-status /rootfs/var/lib/dpkg/status -- \ + --release ubuntu-22.04 --root /rootfs \ + base-files_base \ + base-files_release-info \ + ca-certificates-java_data \ + libc6_libs \ + libgcc-s1_libs \ + libssl3_libs \ + libstdc++6_libs \ + zlib1g_libs \ + bash_bins \ + coreutils_bins \ + tzdata_base \ + tzdata_etc \ + fontconfig-config_config + +FROM scratch + +COPY --from=chisel /rootfs / + +ENV APP_UID='1654' + +# Workaround for https://github.com/moby/moby/issues/38710 +COPY --from=chisel --chown=$APP_UID:$APP_UID /rootfs/home/app /home/app + +ENV JAVA_HOME=/usr/lib/jvm/msopenjdk-21-amd64 +ENV PATH=$JAVA_HOME/bin:$PATH + +COPY --from=mcr.microsoft.com/openjdk/jdk:21-ubuntu $JAVA_HOME $JAVA_HOME + +USER $APP_UID From 593b099f6ef923de7767f874c7a9acf5abd93b06 Mon Sep 17 00:00:00 2001 From: Bruno Borges Date: Sun, 22 Dec 2024 18:45:10 -0600 Subject: [PATCH 2/8] jdk 11 and 17 --- .../Dockerfile.msopenjdk-11-jdk | 58 +++++++++++++++++++ .../Dockerfile.msopenjdk-17-jdk | 58 +++++++++++++++++++ 2 files changed, 116 insertions(+) create mode 100644 docker/ubuntu-chiselled/Dockerfile.msopenjdk-11-jdk create mode 100644 docker/ubuntu-chiselled/Dockerfile.msopenjdk-17-jdk diff --git a/docker/ubuntu-chiselled/Dockerfile.msopenjdk-11-jdk b/docker/ubuntu-chiselled/Dockerfile.msopenjdk-11-jdk new file mode 100644 index 0000000..fff851e --- /dev/null +++ b/docker/ubuntu-chiselled/Dockerfile.msopenjdk-11-jdk @@ -0,0 +1,58 @@ +FROM amd64/buildpack-deps:jammy-curl AS chisel + +RUN apt-get update && apt-get install -y file + +RUN curl -fSL --output chisel.tar.gz https://github.com/canonical/chisel/releases/download/v0.10.0/chisel_v0.10.0_linux_amd64.tar.gz \ + && chisel_sha512='5c863d41e9b0829a3af57de444bdb7d1638612e5caa0a289511b5f46ec5728795152381257d30bbff012bcb5c533b6cfbc17b17b93569fd5c0e194ce2c6e0fc5' \ + && echo "$chisel_sha512 chisel.tar.gz" | sha512sum -c - \ + && tar -xzf chisel.tar.gz -C /usr/bin/ chisel \ + && curl -fSL --output /usr/bin/chisel-wrapper https://raw.githubusercontent.com/canonical/rocks-toolbox/v1.1.2/chisel-wrapper \ + && chmod 755 /usr/bin/chisel-wrapper + +RUN groupadd \ + --gid=1654 \ + app \ + && useradd -l \ + --uid=1654 \ + --gid=1654 \ + --shell /bin/false \ + app \ + && install -d -m 0755 -o 1654 -g 1654 "/rootfs/home/app" \ + && mkdir -p "/rootfs/etc" \ + && rootOrAppRegex='^\(root\|app\):' \ + && cat /etc/passwd | grep $rootOrAppRegex > "/rootfs/etc/passwd" \ + && cat /etc/group | grep $rootOrAppRegex > "/rootfs/etc/group" + +RUN mkdir -p /rootfs/var/lib/dpkg/ +RUN \ + chisel-wrapper --generate-dpkg-status /rootfs/var/lib/dpkg/status -- \ + --release ubuntu-22.04 --root /rootfs \ + base-files_base \ + base-files_release-info \ + ca-certificates-java_data \ + libc6_libs \ + libgcc-s1_libs \ + libssl3_libs \ + libstdc++6_libs \ + zlib1g_libs \ + bash_bins \ + coreutils_bins \ + tzdata_base \ + tzdata_etc \ + fontconfig-config_config + +FROM scratch + +COPY --from=chisel /rootfs / + +ENV APP_UID='1654' + +# Workaround for https://github.com/moby/moby/issues/38710 +COPY --from=chisel --chown=$APP_UID:$APP_UID /rootfs/home/app /home/app + +ENV JAVA_HOME=/usr/lib/jvm/msopenjdk-11-amd64 +ENV PATH=$JAVA_HOME/bin:$PATH + +COPY --from=mcr.microsoft.com/openjdk/jdk:11-ubuntu $JAVA_HOME $JAVA_HOME + +USER $APP_UID diff --git a/docker/ubuntu-chiselled/Dockerfile.msopenjdk-17-jdk b/docker/ubuntu-chiselled/Dockerfile.msopenjdk-17-jdk new file mode 100644 index 0000000..81d54e5 --- /dev/null +++ b/docker/ubuntu-chiselled/Dockerfile.msopenjdk-17-jdk @@ -0,0 +1,58 @@ +FROM amd64/buildpack-deps:jammy-curl AS chisel + +RUN apt-get update && apt-get install -y file + +RUN curl -fSL --output chisel.tar.gz https://github.com/canonical/chisel/releases/download/v0.10.0/chisel_v0.10.0_linux_amd64.tar.gz \ + && chisel_sha512='5c863d41e9b0829a3af57de444bdb7d1638612e5caa0a289511b5f46ec5728795152381257d30bbff012bcb5c533b6cfbc17b17b93569fd5c0e194ce2c6e0fc5' \ + && echo "$chisel_sha512 chisel.tar.gz" | sha512sum -c - \ + && tar -xzf chisel.tar.gz -C /usr/bin/ chisel \ + && curl -fSL --output /usr/bin/chisel-wrapper https://raw.githubusercontent.com/canonical/rocks-toolbox/v1.1.2/chisel-wrapper \ + && chmod 755 /usr/bin/chisel-wrapper + +RUN groupadd \ + --gid=1654 \ + app \ + && useradd -l \ + --uid=1654 \ + --gid=1654 \ + --shell /bin/false \ + app \ + && install -d -m 0755 -o 1654 -g 1654 "/rootfs/home/app" \ + && mkdir -p "/rootfs/etc" \ + && rootOrAppRegex='^\(root\|app\):' \ + && cat /etc/passwd | grep $rootOrAppRegex > "/rootfs/etc/passwd" \ + && cat /etc/group | grep $rootOrAppRegex > "/rootfs/etc/group" + +RUN mkdir -p /rootfs/var/lib/dpkg/ +RUN \ + chisel-wrapper --generate-dpkg-status /rootfs/var/lib/dpkg/status -- \ + --release ubuntu-22.04 --root /rootfs \ + base-files_base \ + base-files_release-info \ + ca-certificates-java_data \ + libc6_libs \ + libgcc-s1_libs \ + libssl3_libs \ + libstdc++6_libs \ + zlib1g_libs \ + bash_bins \ + coreutils_bins \ + tzdata_base \ + tzdata_etc \ + fontconfig-config_config + +FROM scratch + +COPY --from=chisel /rootfs / + +ENV APP_UID='1654' + +# Workaround for https://github.com/moby/moby/issues/38710 +COPY --from=chisel --chown=$APP_UID:$APP_UID /rootfs/home/app /home/app + +ENV JAVA_HOME=/usr/lib/jvm/msopenjdk-17-amd64 +ENV PATH=$JAVA_HOME/bin:$PATH + +COPY --from=mcr.microsoft.com/openjdk/jdk:17-ubuntu $JAVA_HOME $JAVA_HOME + +USER $APP_UID From 809f8430af1e5526ffbe873b9e4029c19375d44b Mon Sep 17 00:00:00 2001 From: Bruno Borges Date: Mon, 23 Dec 2024 14:27:38 -0600 Subject: [PATCH 3/8] full chisel images --- .../ubuntu-chisel/Dockerfile.testapp | 9 +++ .../ubuntu-chisel/Dockerfile.testappnonroot | 10 +++ docker/ubuntu-chisel/Dockerfile.chisel-base | 62 +++++++++++++++++++ .../Dockerfile.msopenjdk-11-jdk-chisel | 11 ++++ .../Dockerfile.msopenjdk-17-jdk-chisel | 11 ++++ .../Dockerfile.msopenjdk-21-jdk-chisel | 11 ++++ docker/ubuntu-chisel/build-chisel.sh | 12 ++++ .../Dockerfile.msopenjdk-11-jdk | 58 ----------------- .../Dockerfile.msopenjdk-17-jdk | 58 ----------------- .../Dockerfile.msopenjdk-21-jdk | 58 ----------------- 10 files changed, 126 insertions(+), 174 deletions(-) create mode 100644 docker/test-only/ubuntu-chisel/Dockerfile.testapp create mode 100644 docker/test-only/ubuntu-chisel/Dockerfile.testappnonroot create mode 100644 docker/ubuntu-chisel/Dockerfile.chisel-base create mode 100644 docker/ubuntu-chisel/Dockerfile.msopenjdk-11-jdk-chisel create mode 100644 docker/ubuntu-chisel/Dockerfile.msopenjdk-17-jdk-chisel create mode 100644 docker/ubuntu-chisel/Dockerfile.msopenjdk-21-jdk-chisel create mode 100644 docker/ubuntu-chisel/build-chisel.sh delete mode 100644 docker/ubuntu-chiselled/Dockerfile.msopenjdk-11-jdk delete mode 100644 docker/ubuntu-chiselled/Dockerfile.msopenjdk-17-jdk delete mode 100644 docker/ubuntu-chiselled/Dockerfile.msopenjdk-21-jdk diff --git a/docker/test-only/ubuntu-chisel/Dockerfile.testapp b/docker/test-only/ubuntu-chisel/Dockerfile.testapp new file mode 100644 index 0000000..b1ddb55 --- /dev/null +++ b/docker/test-only/ubuntu-chisel/Dockerfile.testapp @@ -0,0 +1,9 @@ +ARG IMGTOTEST=msopenjdk-11-jdk-chisel + +FROM mcr.microsoft.com/openjdk/jdk:11-ubuntu AS builder +ADD SampleApp.java /SampleApp.java +RUN javac -source 11 -target 11 SampleApp.java && jar cfe /app.jar SampleApp SampleApp.class + +FROM ${IMGTOTEST} AS runner +COPY --from=builder /app.jar /app.jar +CMD ["-jar", "/app.jar"] diff --git a/docker/test-only/ubuntu-chisel/Dockerfile.testappnonroot b/docker/test-only/ubuntu-chisel/Dockerfile.testappnonroot new file mode 100644 index 0000000..332cc30 --- /dev/null +++ b/docker/test-only/ubuntu-chisel/Dockerfile.testappnonroot @@ -0,0 +1,10 @@ +ARG IMGTOTEST=msopenjdk-11-jdk-chisel + +FROM mcr.microsoft.com/openjdk/jdk:11-ubuntu AS builder +ADD NonRootUser.java /NonRootUser.java +RUN javac -source 11 -target 11 NonRootUser.java && jar cfe /app.jar NonRootUser NonRootUser.class + +FROM ${IMGTOTEST} AS runner +USER app +COPY --from=builder /app.jar /app.jar +CMD ["-ea", "-jar", "/app.jar"] diff --git a/docker/ubuntu-chisel/Dockerfile.chisel-base b/docker/ubuntu-chisel/Dockerfile.chisel-base new file mode 100644 index 0000000..602f52d --- /dev/null +++ b/docker/ubuntu-chisel/Dockerfile.chisel-base @@ -0,0 +1,62 @@ +# DisableDockerDetector "Base image is obtained from internal registry" +ARG IMAGE="ubuntu" +ARG TAG="22.04" +FROM ${IMAGE}:${TAG} AS chisel-base + +ENV GO_VERSION="1.22.0" +ENV CHISEL_VERSION="1.0.0" +ENV CHISEL_WRAPPER_VERSION="1.1.2" + +# Update and install core dependencies +RUN apt-get update \ + && apt-get install -y wget file tar \ + && wget https://go.dev/dl/go${GO_VERSION}.linux-amd64.tar.gz \ + && tar -C /usr/local -xzf go${GO_VERSION}.linux-amd64.tar.gz \ + && rm go${GO_VERSION}.linux-amd64.tar.gz + +ENV GOBIN=/usr/local/go/bin +ENV PATH=$PATH:$GOBIN + +# Install Go and Chisel +RUN go install github.com/canonical/chisel/cmd/chisel@v${CHISEL_VERSION} \ + && wget -O /usr/bin/chisel-wrapper https://raw.githubusercontent.com/canonical/rocks-toolbox/v${CHISEL_WRAPPER_VERSION}/chisel-wrapper \ + && chmod 755 /usr/bin/chisel-wrapper + +ENV APP_UID="101" + +# Create app user +RUN groupadd --gid=${APP_UID} app \ + && useradd -l --uid=${APP_UID} --gid=${APP_UID} --shell /bin/false app \ + && install -d -m 0755 -o ${APP_UID} -g ${APP_UID} "/rootfs/home/app" \ + && mkdir -p "/rootfs/etc" \ + && rootOrAppRegex='^\(root\|app\):' \ + && cat /etc/passwd | grep $rootOrAppRegex > "/rootfs/etc/passwd" \ + && cat /etc/group | grep $rootOrAppRegex > "/rootfs/etc/group" + +# Generate dpkg status for chisel +RUN mkdir -p /rootfs/var/lib/dpkg/ +RUN chisel-wrapper --generate-dpkg-status /rootfs/var/lib/dpkg/status -- \ + --release ubuntu-22.04 --root /rootfs \ + base-files_base \ + base-files_release-info \ + ca-certificates-java_data \ + libc6_libs \ + libgcc-s1_libs \ + libssl3_libs \ + libstdc++6_libs \ + zlib1g_libs \ + bash_bins \ + coreutils_bins \ + tzdata_base \ + tzdata_etc \ + fontconfig-config_config + +# Scratch image base +FROM scratch + +COPY --from=chisel-base /rootfs / + +ENV APP_UID="101" + +# Workaround for https://github.com/moby/moby/issues/38710 +COPY --from=chisel-base --chown=$APP_UID:$APP_UID /rootfs/home/app /home/app diff --git a/docker/ubuntu-chisel/Dockerfile.msopenjdk-11-jdk-chisel b/docker/ubuntu-chisel/Dockerfile.msopenjdk-11-jdk-chisel new file mode 100644 index 0000000..21d2324 --- /dev/null +++ b/docker/ubuntu-chisel/Dockerfile.msopenjdk-11-jdk-chisel @@ -0,0 +1,11 @@ +# DisableDockerDetector "Base image is obtained from internal registry" +FROM chisel-base + +USER root + +ENV JAVA_HOME=/usr/jdk +ENV PATH=$PATH:$JAVA_HOME/bin + +COPY --from=mcr.microsoft.com/openjdk/jdk:11-ubuntu /usr/lib/jvm/msopenjdk-11-amd64 $JAVA_HOME + +ENTRYPOINT [ "/usr/jdk/bin/java" ] diff --git a/docker/ubuntu-chisel/Dockerfile.msopenjdk-17-jdk-chisel b/docker/ubuntu-chisel/Dockerfile.msopenjdk-17-jdk-chisel new file mode 100644 index 0000000..50434a6 --- /dev/null +++ b/docker/ubuntu-chisel/Dockerfile.msopenjdk-17-jdk-chisel @@ -0,0 +1,11 @@ +# DisableDockerDetector "Base image is obtained from internal registry" +FROM chisel-base + +USER root + +ENV JAVA_HOME=/usr/jdk +ENV PATH=$PATH:$JAVA_HOME/bin + +COPY --from=mcr.microsoft.com/openjdk/jdk:17-ubuntu /usr/lib/jvm/msopenjdk-17-amd64 $JAVA_HOME + +ENTRYPOINT [ "/usr/jdk/bin/java" ] diff --git a/docker/ubuntu-chisel/Dockerfile.msopenjdk-21-jdk-chisel b/docker/ubuntu-chisel/Dockerfile.msopenjdk-21-jdk-chisel new file mode 100644 index 0000000..672146e --- /dev/null +++ b/docker/ubuntu-chisel/Dockerfile.msopenjdk-21-jdk-chisel @@ -0,0 +1,11 @@ +# DisableDockerDetector "Base image is obtained from internal registry" +FROM chisel-base + +USER root + +ENV JAVA_HOME=/usr/jdk +ENV PATH=$PATH:$JAVA_HOME/bin + +COPY --from=mcr.microsoft.com/openjdk/jdk:21-ubuntu /usr/lib/jvm/msopenjdk-21-amd64 $JAVA_HOME + +ENTRYPOINT [ "/usr/jdk/bin/java" ] diff --git a/docker/ubuntu-chisel/build-chisel.sh b/docker/ubuntu-chisel/build-chisel.sh new file mode 100644 index 0000000..1d95d7e --- /dev/null +++ b/docker/ubuntu-chisel/build-chisel.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +# Build the Dockerfile.chisel-base image first +docker build -t chisel-base -f Dockerfile.chisel-base . + +# Loop through all Dockerfiles in the current directory and build them +for dockerfile in Dockerfile.*; do + if [ "$dockerfile" != "Dockerfile.chisel-base" ]; then + image_name=$(echo $dockerfile | sed 's/Dockerfile.//') + docker build -t $image_name -f $dockerfile . + fi +done diff --git a/docker/ubuntu-chiselled/Dockerfile.msopenjdk-11-jdk b/docker/ubuntu-chiselled/Dockerfile.msopenjdk-11-jdk deleted file mode 100644 index fff851e..0000000 --- a/docker/ubuntu-chiselled/Dockerfile.msopenjdk-11-jdk +++ /dev/null @@ -1,58 +0,0 @@ -FROM amd64/buildpack-deps:jammy-curl AS chisel - -RUN apt-get update && apt-get install -y file - -RUN curl -fSL --output chisel.tar.gz https://github.com/canonical/chisel/releases/download/v0.10.0/chisel_v0.10.0_linux_amd64.tar.gz \ - && chisel_sha512='5c863d41e9b0829a3af57de444bdb7d1638612e5caa0a289511b5f46ec5728795152381257d30bbff012bcb5c533b6cfbc17b17b93569fd5c0e194ce2c6e0fc5' \ - && echo "$chisel_sha512 chisel.tar.gz" | sha512sum -c - \ - && tar -xzf chisel.tar.gz -C /usr/bin/ chisel \ - && curl -fSL --output /usr/bin/chisel-wrapper https://raw.githubusercontent.com/canonical/rocks-toolbox/v1.1.2/chisel-wrapper \ - && chmod 755 /usr/bin/chisel-wrapper - -RUN groupadd \ - --gid=1654 \ - app \ - && useradd -l \ - --uid=1654 \ - --gid=1654 \ - --shell /bin/false \ - app \ - && install -d -m 0755 -o 1654 -g 1654 "/rootfs/home/app" \ - && mkdir -p "/rootfs/etc" \ - && rootOrAppRegex='^\(root\|app\):' \ - && cat /etc/passwd | grep $rootOrAppRegex > "/rootfs/etc/passwd" \ - && cat /etc/group | grep $rootOrAppRegex > "/rootfs/etc/group" - -RUN mkdir -p /rootfs/var/lib/dpkg/ -RUN \ - chisel-wrapper --generate-dpkg-status /rootfs/var/lib/dpkg/status -- \ - --release ubuntu-22.04 --root /rootfs \ - base-files_base \ - base-files_release-info \ - ca-certificates-java_data \ - libc6_libs \ - libgcc-s1_libs \ - libssl3_libs \ - libstdc++6_libs \ - zlib1g_libs \ - bash_bins \ - coreutils_bins \ - tzdata_base \ - tzdata_etc \ - fontconfig-config_config - -FROM scratch - -COPY --from=chisel /rootfs / - -ENV APP_UID='1654' - -# Workaround for https://github.com/moby/moby/issues/38710 -COPY --from=chisel --chown=$APP_UID:$APP_UID /rootfs/home/app /home/app - -ENV JAVA_HOME=/usr/lib/jvm/msopenjdk-11-amd64 -ENV PATH=$JAVA_HOME/bin:$PATH - -COPY --from=mcr.microsoft.com/openjdk/jdk:11-ubuntu $JAVA_HOME $JAVA_HOME - -USER $APP_UID diff --git a/docker/ubuntu-chiselled/Dockerfile.msopenjdk-17-jdk b/docker/ubuntu-chiselled/Dockerfile.msopenjdk-17-jdk deleted file mode 100644 index 81d54e5..0000000 --- a/docker/ubuntu-chiselled/Dockerfile.msopenjdk-17-jdk +++ /dev/null @@ -1,58 +0,0 @@ -FROM amd64/buildpack-deps:jammy-curl AS chisel - -RUN apt-get update && apt-get install -y file - -RUN curl -fSL --output chisel.tar.gz https://github.com/canonical/chisel/releases/download/v0.10.0/chisel_v0.10.0_linux_amd64.tar.gz \ - && chisel_sha512='5c863d41e9b0829a3af57de444bdb7d1638612e5caa0a289511b5f46ec5728795152381257d30bbff012bcb5c533b6cfbc17b17b93569fd5c0e194ce2c6e0fc5' \ - && echo "$chisel_sha512 chisel.tar.gz" | sha512sum -c - \ - && tar -xzf chisel.tar.gz -C /usr/bin/ chisel \ - && curl -fSL --output /usr/bin/chisel-wrapper https://raw.githubusercontent.com/canonical/rocks-toolbox/v1.1.2/chisel-wrapper \ - && chmod 755 /usr/bin/chisel-wrapper - -RUN groupadd \ - --gid=1654 \ - app \ - && useradd -l \ - --uid=1654 \ - --gid=1654 \ - --shell /bin/false \ - app \ - && install -d -m 0755 -o 1654 -g 1654 "/rootfs/home/app" \ - && mkdir -p "/rootfs/etc" \ - && rootOrAppRegex='^\(root\|app\):' \ - && cat /etc/passwd | grep $rootOrAppRegex > "/rootfs/etc/passwd" \ - && cat /etc/group | grep $rootOrAppRegex > "/rootfs/etc/group" - -RUN mkdir -p /rootfs/var/lib/dpkg/ -RUN \ - chisel-wrapper --generate-dpkg-status /rootfs/var/lib/dpkg/status -- \ - --release ubuntu-22.04 --root /rootfs \ - base-files_base \ - base-files_release-info \ - ca-certificates-java_data \ - libc6_libs \ - libgcc-s1_libs \ - libssl3_libs \ - libstdc++6_libs \ - zlib1g_libs \ - bash_bins \ - coreutils_bins \ - tzdata_base \ - tzdata_etc \ - fontconfig-config_config - -FROM scratch - -COPY --from=chisel /rootfs / - -ENV APP_UID='1654' - -# Workaround for https://github.com/moby/moby/issues/38710 -COPY --from=chisel --chown=$APP_UID:$APP_UID /rootfs/home/app /home/app - -ENV JAVA_HOME=/usr/lib/jvm/msopenjdk-17-amd64 -ENV PATH=$JAVA_HOME/bin:$PATH - -COPY --from=mcr.microsoft.com/openjdk/jdk:17-ubuntu $JAVA_HOME $JAVA_HOME - -USER $APP_UID diff --git a/docker/ubuntu-chiselled/Dockerfile.msopenjdk-21-jdk b/docker/ubuntu-chiselled/Dockerfile.msopenjdk-21-jdk deleted file mode 100644 index b2fe8a5..0000000 --- a/docker/ubuntu-chiselled/Dockerfile.msopenjdk-21-jdk +++ /dev/null @@ -1,58 +0,0 @@ -FROM amd64/buildpack-deps:jammy-curl AS chisel - -RUN apt-get update && apt-get install -y file - -RUN curl -fSL --output chisel.tar.gz https://github.com/canonical/chisel/releases/download/v0.10.0/chisel_v0.10.0_linux_amd64.tar.gz \ - && chisel_sha512='5c863d41e9b0829a3af57de444bdb7d1638612e5caa0a289511b5f46ec5728795152381257d30bbff012bcb5c533b6cfbc17b17b93569fd5c0e194ce2c6e0fc5' \ - && echo "$chisel_sha512 chisel.tar.gz" | sha512sum -c - \ - && tar -xzf chisel.tar.gz -C /usr/bin/ chisel \ - && curl -fSL --output /usr/bin/chisel-wrapper https://raw.githubusercontent.com/canonical/rocks-toolbox/v1.1.2/chisel-wrapper \ - && chmod 755 /usr/bin/chisel-wrapper - -RUN groupadd \ - --gid=1654 \ - app \ - && useradd -l \ - --uid=1654 \ - --gid=1654 \ - --shell /bin/false \ - app \ - && install -d -m 0755 -o 1654 -g 1654 "/rootfs/home/app" \ - && mkdir -p "/rootfs/etc" \ - && rootOrAppRegex='^\(root\|app\):' \ - && cat /etc/passwd | grep $rootOrAppRegex > "/rootfs/etc/passwd" \ - && cat /etc/group | grep $rootOrAppRegex > "/rootfs/etc/group" - -RUN mkdir -p /rootfs/var/lib/dpkg/ -RUN \ - chisel-wrapper --generate-dpkg-status /rootfs/var/lib/dpkg/status -- \ - --release ubuntu-22.04 --root /rootfs \ - base-files_base \ - base-files_release-info \ - ca-certificates-java_data \ - libc6_libs \ - libgcc-s1_libs \ - libssl3_libs \ - libstdc++6_libs \ - zlib1g_libs \ - bash_bins \ - coreutils_bins \ - tzdata_base \ - tzdata_etc \ - fontconfig-config_config - -FROM scratch - -COPY --from=chisel /rootfs / - -ENV APP_UID='1654' - -# Workaround for https://github.com/moby/moby/issues/38710 -COPY --from=chisel --chown=$APP_UID:$APP_UID /rootfs/home/app /home/app - -ENV JAVA_HOME=/usr/lib/jvm/msopenjdk-21-amd64 -ENV PATH=$JAVA_HOME/bin:$PATH - -COPY --from=mcr.microsoft.com/openjdk/jdk:21-ubuntu $JAVA_HOME $JAVA_HOME - -USER $APP_UID From 1c0df1f1f7519928c6d9065e6b63e5c01f951e84 Mon Sep 17 00:00:00 2001 From: Bruno Borges Date: Mon, 23 Dec 2024 14:56:12 -0600 Subject: [PATCH 4/8] full changes --- .github/workflows/build-images.yml | 2 +- .github/workflows/check-versions.yml | 2 +- .../ubuntu-chisel/Dockerfile.testapp | 9 --- .../ubuntu-chisel/Dockerfile.testappnonroot | 10 --- ...hisel-base => Dockerfile.msopenjdk-11-jdk} | 10 +++ .../Dockerfile.msopenjdk-11-jdk-chisel | 11 --- .../ubuntu-chisel/Dockerfile.msopenjdk-17-jdk | 72 +++++++++++++++++++ .../Dockerfile.msopenjdk-17-jdk-chisel | 11 --- .../ubuntu-chisel/Dockerfile.msopenjdk-21-jdk | 72 +++++++++++++++++++ .../Dockerfile.msopenjdk-21-jdk-chisel | 11 --- docker/ubuntu-chisel/build-chisel.sh | 12 ---- scripts/build-all-images.sh | 2 +- scripts/build-image.sh | 2 +- scripts/test-image.sh | 2 +- scripts/validate-image.sh | 4 +- 15 files changed, 161 insertions(+), 71 deletions(-) delete mode 100644 docker/test-only/ubuntu-chisel/Dockerfile.testapp delete mode 100644 docker/test-only/ubuntu-chisel/Dockerfile.testappnonroot rename docker/ubuntu-chisel/{Dockerfile.chisel-base => Dockerfile.msopenjdk-11-jdk} (88%) delete mode 100644 docker/ubuntu-chisel/Dockerfile.msopenjdk-11-jdk-chisel create mode 100644 docker/ubuntu-chisel/Dockerfile.msopenjdk-17-jdk delete mode 100644 docker/ubuntu-chisel/Dockerfile.msopenjdk-17-jdk-chisel create mode 100644 docker/ubuntu-chisel/Dockerfile.msopenjdk-21-jdk delete mode 100644 docker/ubuntu-chisel/Dockerfile.msopenjdk-21-jdk-chisel delete mode 100644 docker/ubuntu-chisel/build-chisel.sh diff --git a/.github/workflows/build-images.yml b/.github/workflows/build-images.yml index 5032af8..6b61f41 100644 --- a/.github/workflows/build-images.yml +++ b/.github/workflows/build-images.yml @@ -37,7 +37,7 @@ jobs: fail-fast: false matrix: jdkversion: [11, 17, 21] # Only build LTS releases - baseimage: ["mariner", "ubuntu", "distroless"] + baseimage: ["mariner", "ubuntu", "distroless", "ubuntu-chisel"] steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 diff --git a/.github/workflows/check-versions.yml b/.github/workflows/check-versions.yml index 166f58d..2c08ee6 100644 --- a/.github/workflows/check-versions.yml +++ b/.github/workflows/check-versions.yml @@ -38,7 +38,7 @@ jobs: strategy: fail-fast: false matrix: - distros: [ "mariner", "distroless", "ubuntu" ] + distros: [ "mariner", "distroless", "ubuntu", "ubuntu-chisel" ] jdkvendor: [ "msopenjdk" ] jdkversion: [ { major: "11", expected: "11.0.25" }, { major: "17", expected: "17.0.13" }, { major: "21", expected: "21.0.5" } ] steps: diff --git a/docker/test-only/ubuntu-chisel/Dockerfile.testapp b/docker/test-only/ubuntu-chisel/Dockerfile.testapp deleted file mode 100644 index b1ddb55..0000000 --- a/docker/test-only/ubuntu-chisel/Dockerfile.testapp +++ /dev/null @@ -1,9 +0,0 @@ -ARG IMGTOTEST=msopenjdk-11-jdk-chisel - -FROM mcr.microsoft.com/openjdk/jdk:11-ubuntu AS builder -ADD SampleApp.java /SampleApp.java -RUN javac -source 11 -target 11 SampleApp.java && jar cfe /app.jar SampleApp SampleApp.class - -FROM ${IMGTOTEST} AS runner -COPY --from=builder /app.jar /app.jar -CMD ["-jar", "/app.jar"] diff --git a/docker/test-only/ubuntu-chisel/Dockerfile.testappnonroot b/docker/test-only/ubuntu-chisel/Dockerfile.testappnonroot deleted file mode 100644 index 332cc30..0000000 --- a/docker/test-only/ubuntu-chisel/Dockerfile.testappnonroot +++ /dev/null @@ -1,10 +0,0 @@ -ARG IMGTOTEST=msopenjdk-11-jdk-chisel - -FROM mcr.microsoft.com/openjdk/jdk:11-ubuntu AS builder -ADD NonRootUser.java /NonRootUser.java -RUN javac -source 11 -target 11 NonRootUser.java && jar cfe /app.jar NonRootUser NonRootUser.class - -FROM ${IMGTOTEST} AS runner -USER app -COPY --from=builder /app.jar /app.jar -CMD ["-ea", "-jar", "/app.jar"] diff --git a/docker/ubuntu-chisel/Dockerfile.chisel-base b/docker/ubuntu-chisel/Dockerfile.msopenjdk-11-jdk similarity index 88% rename from docker/ubuntu-chisel/Dockerfile.chisel-base rename to docker/ubuntu-chisel/Dockerfile.msopenjdk-11-jdk index 602f52d..69657a2 100644 --- a/docker/ubuntu-chisel/Dockerfile.chisel-base +++ b/docker/ubuntu-chisel/Dockerfile.msopenjdk-11-jdk @@ -1,4 +1,5 @@ # DisableDockerDetector "Base image is obtained from internal registry" +# DisableDockerDetector "Base image is obtained from internal registry" ARG IMAGE="ubuntu" ARG TAG="22.04" FROM ${IMAGE}:${TAG} AS chisel-base @@ -60,3 +61,12 @@ ENV APP_UID="101" # Workaround for https://github.com/moby/moby/issues/38710 COPY --from=chisel-base --chown=$APP_UID:$APP_UID /rootfs/home/app /home/app + +USER root + +ENV JAVA_HOME=/usr/jdk +ENV PATH=$PATH:$JAVA_HOME/bin + +COPY --from=mcr.microsoft.com/openjdk/jdk:11-ubuntu /usr/lib/jvm/msopenjdk-11-amd64 $JAVA_HOME + +ENTRYPOINT [ "/usr/jdk/bin/java" ] diff --git a/docker/ubuntu-chisel/Dockerfile.msopenjdk-11-jdk-chisel b/docker/ubuntu-chisel/Dockerfile.msopenjdk-11-jdk-chisel deleted file mode 100644 index 21d2324..0000000 --- a/docker/ubuntu-chisel/Dockerfile.msopenjdk-11-jdk-chisel +++ /dev/null @@ -1,11 +0,0 @@ -# DisableDockerDetector "Base image is obtained from internal registry" -FROM chisel-base - -USER root - -ENV JAVA_HOME=/usr/jdk -ENV PATH=$PATH:$JAVA_HOME/bin - -COPY --from=mcr.microsoft.com/openjdk/jdk:11-ubuntu /usr/lib/jvm/msopenjdk-11-amd64 $JAVA_HOME - -ENTRYPOINT [ "/usr/jdk/bin/java" ] diff --git a/docker/ubuntu-chisel/Dockerfile.msopenjdk-17-jdk b/docker/ubuntu-chisel/Dockerfile.msopenjdk-17-jdk new file mode 100644 index 0000000..6ebf841 --- /dev/null +++ b/docker/ubuntu-chisel/Dockerfile.msopenjdk-17-jdk @@ -0,0 +1,72 @@ +# DisableDockerDetector "Base image is obtained from internal registry" +# DisableDockerDetector "Base image is obtained from internal registry" +ARG IMAGE="ubuntu" +ARG TAG="22.04" +FROM ${IMAGE}:${TAG} AS chisel-base + +ENV GO_VERSION="1.22.0" +ENV CHISEL_VERSION="1.0.0" +ENV CHISEL_WRAPPER_VERSION="1.1.2" + +# Update and install core dependencies +RUN apt-get update \ + && apt-get install -y wget file tar \ + && wget https://go.dev/dl/go${GO_VERSION}.linux-amd64.tar.gz \ + && tar -C /usr/local -xzf go${GO_VERSION}.linux-amd64.tar.gz \ + && rm go${GO_VERSION}.linux-amd64.tar.gz + +ENV GOBIN=/usr/local/go/bin +ENV PATH=$PATH:$GOBIN + +# Install Go and Chisel +RUN go install github.com/canonical/chisel/cmd/chisel@v${CHISEL_VERSION} \ + && wget -O /usr/bin/chisel-wrapper https://raw.githubusercontent.com/canonical/rocks-toolbox/v${CHISEL_WRAPPER_VERSION}/chisel-wrapper \ + && chmod 755 /usr/bin/chisel-wrapper + +ENV APP_UID="101" + +# Create app user +RUN groupadd --gid=${APP_UID} app \ + && useradd -l --uid=${APP_UID} --gid=${APP_UID} --shell /bin/false app \ + && install -d -m 0755 -o ${APP_UID} -g ${APP_UID} "/rootfs/home/app" \ + && mkdir -p "/rootfs/etc" \ + && rootOrAppRegex='^\(root\|app\):' \ + && cat /etc/passwd | grep $rootOrAppRegex > "/rootfs/etc/passwd" \ + && cat /etc/group | grep $rootOrAppRegex > "/rootfs/etc/group" + +# Generate dpkg status for chisel +RUN mkdir -p /rootfs/var/lib/dpkg/ +RUN chisel-wrapper --generate-dpkg-status /rootfs/var/lib/dpkg/status -- \ + --release ubuntu-22.04 --root /rootfs \ + base-files_base \ + base-files_release-info \ + ca-certificates-java_data \ + libc6_libs \ + libgcc-s1_libs \ + libssl3_libs \ + libstdc++6_libs \ + zlib1g_libs \ + bash_bins \ + coreutils_bins \ + tzdata_base \ + tzdata_etc \ + fontconfig-config_config + +# Scratch image base +FROM scratch + +COPY --from=chisel-base /rootfs / + +ENV APP_UID="101" + +# Workaround for https://github.com/moby/moby/issues/38710 +COPY --from=chisel-base --chown=$APP_UID:$APP_UID /rootfs/home/app /home/app + +USER root + +ENV JAVA_HOME=/usr/jdk +ENV PATH=$PATH:$JAVA_HOME/bin + +COPY --from=mcr.microsoft.com/openjdk/jdk:17-ubuntu /usr/lib/jvm/msopenjdk-17-amd64 $JAVA_HOME + +ENTRYPOINT [ "/usr/jdk/bin/java" ] diff --git a/docker/ubuntu-chisel/Dockerfile.msopenjdk-17-jdk-chisel b/docker/ubuntu-chisel/Dockerfile.msopenjdk-17-jdk-chisel deleted file mode 100644 index 50434a6..0000000 --- a/docker/ubuntu-chisel/Dockerfile.msopenjdk-17-jdk-chisel +++ /dev/null @@ -1,11 +0,0 @@ -# DisableDockerDetector "Base image is obtained from internal registry" -FROM chisel-base - -USER root - -ENV JAVA_HOME=/usr/jdk -ENV PATH=$PATH:$JAVA_HOME/bin - -COPY --from=mcr.microsoft.com/openjdk/jdk:17-ubuntu /usr/lib/jvm/msopenjdk-17-amd64 $JAVA_HOME - -ENTRYPOINT [ "/usr/jdk/bin/java" ] diff --git a/docker/ubuntu-chisel/Dockerfile.msopenjdk-21-jdk b/docker/ubuntu-chisel/Dockerfile.msopenjdk-21-jdk new file mode 100644 index 0000000..90dfa72 --- /dev/null +++ b/docker/ubuntu-chisel/Dockerfile.msopenjdk-21-jdk @@ -0,0 +1,72 @@ +# DisableDockerDetector "Base image is obtained from internal registry" +# DisableDockerDetector "Base image is obtained from internal registry" +ARG IMAGE="ubuntu" +ARG TAG="22.04" +FROM ${IMAGE}:${TAG} AS chisel-base + +ENV GO_VERSION="1.22.0" +ENV CHISEL_VERSION="1.0.0" +ENV CHISEL_WRAPPER_VERSION="1.1.2" + +# Update and install core dependencies +RUN apt-get update \ + && apt-get install -y wget file tar \ + && wget https://go.dev/dl/go${GO_VERSION}.linux-amd64.tar.gz \ + && tar -C /usr/local -xzf go${GO_VERSION}.linux-amd64.tar.gz \ + && rm go${GO_VERSION}.linux-amd64.tar.gz + +ENV GOBIN=/usr/local/go/bin +ENV PATH=$PATH:$GOBIN + +# Install Go and Chisel +RUN go install github.com/canonical/chisel/cmd/chisel@v${CHISEL_VERSION} \ + && wget -O /usr/bin/chisel-wrapper https://raw.githubusercontent.com/canonical/rocks-toolbox/v${CHISEL_WRAPPER_VERSION}/chisel-wrapper \ + && chmod 755 /usr/bin/chisel-wrapper + +ENV APP_UID="101" + +# Create app user +RUN groupadd --gid=${APP_UID} app \ + && useradd -l --uid=${APP_UID} --gid=${APP_UID} --shell /bin/false app \ + && install -d -m 0755 -o ${APP_UID} -g ${APP_UID} "/rootfs/home/app" \ + && mkdir -p "/rootfs/etc" \ + && rootOrAppRegex='^\(root\|app\):' \ + && cat /etc/passwd | grep $rootOrAppRegex > "/rootfs/etc/passwd" \ + && cat /etc/group | grep $rootOrAppRegex > "/rootfs/etc/group" + +# Generate dpkg status for chisel +RUN mkdir -p /rootfs/var/lib/dpkg/ +RUN chisel-wrapper --generate-dpkg-status /rootfs/var/lib/dpkg/status -- \ + --release ubuntu-22.04 --root /rootfs \ + base-files_base \ + base-files_release-info \ + ca-certificates-java_data \ + libc6_libs \ + libgcc-s1_libs \ + libssl3_libs \ + libstdc++6_libs \ + zlib1g_libs \ + bash_bins \ + coreutils_bins \ + tzdata_base \ + tzdata_etc \ + fontconfig-config_config + +# Scratch image base +FROM scratch + +COPY --from=chisel-base /rootfs / + +ENV APP_UID="101" + +# Workaround for https://github.com/moby/moby/issues/38710 +COPY --from=chisel-base --chown=$APP_UID:$APP_UID /rootfs/home/app /home/app + +USER root + +ENV JAVA_HOME=/usr/jdk +ENV PATH=$PATH:$JAVA_HOME/bin + +COPY --from=mcr.microsoft.com/openjdk/jdk:21-ubuntu /usr/lib/jvm/msopenjdk-21-amd64 $JAVA_HOME + +ENTRYPOINT [ "/usr/jdk/bin/java" ] diff --git a/docker/ubuntu-chisel/Dockerfile.msopenjdk-21-jdk-chisel b/docker/ubuntu-chisel/Dockerfile.msopenjdk-21-jdk-chisel deleted file mode 100644 index 672146e..0000000 --- a/docker/ubuntu-chisel/Dockerfile.msopenjdk-21-jdk-chisel +++ /dev/null @@ -1,11 +0,0 @@ -# DisableDockerDetector "Base image is obtained from internal registry" -FROM chisel-base - -USER root - -ENV JAVA_HOME=/usr/jdk -ENV PATH=$PATH:$JAVA_HOME/bin - -COPY --from=mcr.microsoft.com/openjdk/jdk:21-ubuntu /usr/lib/jvm/msopenjdk-21-amd64 $JAVA_HOME - -ENTRYPOINT [ "/usr/jdk/bin/java" ] diff --git a/docker/ubuntu-chisel/build-chisel.sh b/docker/ubuntu-chisel/build-chisel.sh deleted file mode 100644 index 1d95d7e..0000000 --- a/docker/ubuntu-chisel/build-chisel.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash - -# Build the Dockerfile.chisel-base image first -docker build -t chisel-base -f Dockerfile.chisel-base . - -# Loop through all Dockerfiles in the current directory and build them -for dockerfile in Dockerfile.*; do - if [ "$dockerfile" != "Dockerfile.chisel-base" ]; then - image_name=$(echo $dockerfile | sed 's/Dockerfile.//') - docker build -t $image_name -f $dockerfile . - fi -done diff --git a/scripts/build-all-images.sh b/scripts/build-all-images.sh index c2c1f48..1c3a180 100644 --- a/scripts/build-all-images.sh +++ b/scripts/build-all-images.sh @@ -40,7 +40,7 @@ for d in $(ls -d $basepath/*); do fi # Validate the image - if [[ "${distro}" == "distroless" ]]; then + if [[ "${distro}" == "distroless" || "${distro}" == "ubuntu-chisel" ]]; then java_version=$(docker run --rm $image -version 2>&1 | head -n 1 | awk -F '"' '{print $2}') else java_version=$(docker run --rm $image /bin/bash -c "source \$JAVA_HOME/release && echo \$JAVA_VERSION") diff --git a/scripts/build-image.sh b/scripts/build-image.sh index e84945a..60465d1 100644 --- a/scripts/build-image.sh +++ b/scripts/build-image.sh @@ -4,7 +4,7 @@ docker buildx create --name mybuilder --driver docker-container --driver-opt ima az acr login -n msopenjdk -if [[ '$DISTRIBUTION' != 'distroless' ]]; then +if [[ "${DISTRIBUTION}" != "distroless" && "${DISTRIBUTION}" != "ubuntu-chisel" ]]; then BUILD_ARGS="--build-arg IMAGE=$IMAGE --build-arg TAG=$TAG --build-arg package=$PACKAGE" else BUILD_ARGS="--build-arg INSTALLER_IMAGE=$INSTALLER_IMAGE --build-arg INSTALLER_TAG=$INSTALLER_TAG --build-arg BASE_IMAGE=$(base_image) --build-arg BASE_TAG=$(base_tag) --build-arg package=$PACKAGE" diff --git a/scripts/test-image.sh b/scripts/test-image.sh index 4b89cd0..548da6d 100644 --- a/scripts/test-image.sh +++ b/scripts/test-image.sh @@ -9,7 +9,7 @@ basemcr="mcr.microsoft.com/openjdk/jdk" image="${basemcr}:${jdkversion}-${distro}" testfolder="regular" -if [[ $distro == "distroless" ]]; then +if [[ "$distro" == "distroless" || "$distro" == "ubuntu-chisel" ]]; then testfolder="distroless" fi diff --git a/scripts/validate-image.sh b/scripts/validate-image.sh index 1c27e7a..7e552b7 100755 --- a/scripts/validate-image.sh +++ b/scripts/validate-image.sh @@ -44,7 +44,7 @@ fi # Validate the image if expectedversion is set (not blank) if [[ ! -z "$expectedversion" ]]; then - if [[ "${distro}" == "distroless" ]]; then + if [[ "${distro}" == "distroless" || "${distro}" == "ubuntu-chisel" ]]; then java_version=$(docker run --rm $image -version 2>&1 | head -n 1 | awk -F '"' '{print $2}') else java_version=$(docker run --rm $image /bin/bash -c "source \$JAVA_HOME/release && echo \$JAVA_VERSION") @@ -62,7 +62,7 @@ if [[ ! -z "$expectedversion" ]]; then fi # Check if CDS is enabled -if [[ "${distro}" == "distroless" ]]; then +if [[ "${distro}" == "distroless" || "${distro}" == "ubuntu-chisel" ]]; then java_version_string=$(docker run --rm $image -version 2>&1) else java_version_string=$(docker run --rm $image /bin/bash -c "java -version 2>&1") From 80fc04b25065e876fec5aa64cd4370279297bea4 Mon Sep 17 00:00:00 2001 From: Bruno Borges Date: Mon, 23 Dec 2024 16:59:47 -0600 Subject: [PATCH 5/8] Update Dockerfile.msopenjdk-11-jdk --- docker/ubuntu-chisel/Dockerfile.msopenjdk-11-jdk | 1 - 1 file changed, 1 deletion(-) diff --git a/docker/ubuntu-chisel/Dockerfile.msopenjdk-11-jdk b/docker/ubuntu-chisel/Dockerfile.msopenjdk-11-jdk index 69657a2..e67506e 100644 --- a/docker/ubuntu-chisel/Dockerfile.msopenjdk-11-jdk +++ b/docker/ubuntu-chisel/Dockerfile.msopenjdk-11-jdk @@ -1,5 +1,4 @@ # DisableDockerDetector "Base image is obtained from internal registry" -# DisableDockerDetector "Base image is obtained from internal registry" ARG IMAGE="ubuntu" ARG TAG="22.04" FROM ${IMAGE}:${TAG} AS chisel-base From 8136be396aacb63642225fc0f48f01ae7521c3c5 Mon Sep 17 00:00:00 2001 From: Bruno Borges Date: Mon, 23 Dec 2024 17:00:03 -0600 Subject: [PATCH 6/8] Update Dockerfile.msopenjdk-11-jdk --- docker/ubuntu-chisel/Dockerfile.msopenjdk-11-jdk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/ubuntu-chisel/Dockerfile.msopenjdk-11-jdk b/docker/ubuntu-chisel/Dockerfile.msopenjdk-11-jdk index e67506e..9a3889b 100644 --- a/docker/ubuntu-chisel/Dockerfile.msopenjdk-11-jdk +++ b/docker/ubuntu-chisel/Dockerfile.msopenjdk-11-jdk @@ -3,7 +3,7 @@ ARG IMAGE="ubuntu" ARG TAG="22.04" FROM ${IMAGE}:${TAG} AS chisel-base -ENV GO_VERSION="1.22.0" +ENV GO_VERSION="1.23.4" ENV CHISEL_VERSION="1.0.0" ENV CHISEL_WRAPPER_VERSION="1.1.2" From 47c82794d327a183ebeee1554d771f3c2dd47f0a Mon Sep 17 00:00:00 2001 From: Bruno Borges Date: Mon, 23 Dec 2024 17:00:28 -0600 Subject: [PATCH 7/8] Update Dockerfile.msopenjdk-17-jdk --- docker/ubuntu-chisel/Dockerfile.msopenjdk-17-jdk | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/docker/ubuntu-chisel/Dockerfile.msopenjdk-17-jdk b/docker/ubuntu-chisel/Dockerfile.msopenjdk-17-jdk index 6ebf841..8df0a47 100644 --- a/docker/ubuntu-chisel/Dockerfile.msopenjdk-17-jdk +++ b/docker/ubuntu-chisel/Dockerfile.msopenjdk-17-jdk @@ -1,10 +1,9 @@ # DisableDockerDetector "Base image is obtained from internal registry" -# DisableDockerDetector "Base image is obtained from internal registry" ARG IMAGE="ubuntu" ARG TAG="22.04" FROM ${IMAGE}:${TAG} AS chisel-base -ENV GO_VERSION="1.22.0" +ENV GO_VERSION="1.23.4" ENV CHISEL_VERSION="1.0.0" ENV CHISEL_WRAPPER_VERSION="1.1.2" From c102facf7a740196e49915e3324855509c67c8ff Mon Sep 17 00:00:00 2001 From: Bruno Borges Date: Mon, 23 Dec 2024 17:01:32 -0600 Subject: [PATCH 8/8] Update Dockerfile.msopenjdk-21-jdk --- docker/ubuntu-chisel/Dockerfile.msopenjdk-21-jdk | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/docker/ubuntu-chisel/Dockerfile.msopenjdk-21-jdk b/docker/ubuntu-chisel/Dockerfile.msopenjdk-21-jdk index 90dfa72..5297c52 100644 --- a/docker/ubuntu-chisel/Dockerfile.msopenjdk-21-jdk +++ b/docker/ubuntu-chisel/Dockerfile.msopenjdk-21-jdk @@ -1,10 +1,9 @@ # DisableDockerDetector "Base image is obtained from internal registry" -# DisableDockerDetector "Base image is obtained from internal registry" ARG IMAGE="ubuntu" ARG TAG="22.04" FROM ${IMAGE}:${TAG} AS chisel-base -ENV GO_VERSION="1.22.0" +ENV GO_VERSION="1.23.4" ENV CHISEL_VERSION="1.0.0" ENV CHISEL_WRAPPER_VERSION="1.1.2"