From e64e12b3fb4289bc298f35d985eb89c15b8e9e88 Mon Sep 17 00:00:00 2001
From: LoveIsGrief <loveisgrief@tuta.io>
Date: Sat, 23 Jan 2021 18:19:31 +0100
Subject: [PATCH] Fix docker build
ant needed to be updated to >1.9, but the old image used an old alpine
with the max version of ant being 1.8.
The build is split into 2 phases to reduce the size of the image.
A builder makes the installer and installs it in one image.
The installed files are copied over to the actual result image.
---
.dockerignore | 31 +++++++++++++++
Docker.entrypoint.sh | 14 -------
Dockerfile | 90 ++++++++++++++++++--------------------------
3 files changed, 68 insertions(+), 67 deletions(-)
create mode 100644 .dockerignore
delete mode 100644 Docker.entrypoint.sh
diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 0000000000..5136b3b8a9
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,31 @@
+.idea
+.git
+Dockerfile
+
+
+# Gradle
+.gradle
+build
+apps/BOB/build
+apps/addressbook/build
+apps/desktopgui/build
+apps/i2pcontrol/build
+apps/i2psnark/build
+apps/i2ptunnel/build
+apps/imagegen/build
+apps/jetty/build
+apps/jrobin/build
+apps/ministreaming/java/build
+apps/ministreaming/build
+apps/routerconsole/build
+apps/sam/build
+apps/streaming/build
+apps/susidns/build
+apps/susimail/build
+apps/systray/build
+core/java/build
+core/build
+installer/build
+router/java/build
+router/build
+
diff --git a/Docker.entrypoint.sh b/Docker.entrypoint.sh
deleted file mode 100644
index 755179e75a..0000000000
--- a/Docker.entrypoint.sh
+++ /dev/null
@@ -1,14 +0,0 @@
-#!/bin/sh
-
-export JAVA_HOME=/opt/jdk/jre
-
-# Ensure user rights
-chown -R i2p:nobody /opt/i2p
-chmod -R u+rwx /opt/i2p
-
-gosu i2p /opt/i2p/i2psvc /opt/i2p/wrapper.config wrapper.pidfile=/var/tmp/i2p.pid \
- wrapper.name=i2p \
- wrapper.displayname="I2P Service" \
- wrapper.statusfile=/var/tmp/i2p.status \
- wrapper.java.statusfile=/var/tmp/i2p.java.status \
- wrapper.logfile=/var/tmp/wrapper.log
diff --git a/Dockerfile b/Dockerfile
index 6d04eadb7b..24427afd14 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,62 +1,46 @@
-FROM meeh/java8server:latest
-# Docker image based on Alpine with Java.
-
-# We use Oracle Java to run I2P, but uses the openjdk to build it.
-
-
-MAINTAINER Mikal Villa <mikal@sigterm.no>
+# Use a multi-stage build to reduce the size of the resulting image
+# We need alpine >v3 in order to install an apache-ant > 1.9
+FROM alpine:3 as builder
+ENV I2P_PREFIX="/opt/i2p"
-ENV GIT_BRANCH="master"
+WORKDIR /tmp/build
+COPY . ./
+
+# Build installer
+RUN apk --no-cache add build-base gettext tar bzip2 apache-ant openjdk8 expect
+RUN echo "noExe=true" >> build.properties
+RUN ant installer-linux
+RUN mkdir -p /opt
+RUN mv i2pinstall*.jar /tmp/i2pinstall.jar
+
+# Install i2p using the installer into I2P_PREFIX
+RUN expect -f ./Docker.expt
+RUN cd ${I2P_PREFIX}
+RUN rm -fr man docs *.bat *.command *.app
+
+# Second stage only using the installer from the last stage
+# ---------------------------------------------------------
+# We can't use alpine here as the java service wrapper is built with glibc
+# alpine uses musl
+FROM openjdk:11.0-jre-slim
+
+ARG I2P_UID=1000
+ARG I2P_USER=i2p
ENV I2P_PREFIX="/opt/i2p"
ENV PATH=${I2P_PREFIX}/bin:$PATH
-ENV JAVA_HOME=/usr/lib/jvm/default-jvm
-
-ENV GOSU_VERSION=1.7
-ENV GOSU_SHASUM="34049cfc713e8b74b90d6de49690fa601dc040021980812b2f1f691534be8a50 /usr/local/bin/gosu"
-
-RUN mkdir /user && adduser -S -h /user i2p && chown -R i2p:nobody /user
-
-# Adding files first, since Docker.expt is required for installation
-ADD Docker.expt /tmp/Docker.expt
-ADD Docker.entrypoint.sh /entrypoint.sh
-
-# Required for wget https
-RUN apk add --no-cache openssl
-# Gosu is a replacement for su/sudo in docker and not a backdoor :) See https://github.com/tianon/gosu
-RUN wget -O /usr/local/bin/gosu https://github.com/tianon/gosu/releases/download/${GOSU_VERSION}/gosu-amd64 \
- && echo "${GOSU_SHASUM}" | sha256sum -c && chmod +x /usr/local/bin/gosu
-
-#
-# Each RUN is a layer, adding the dependencies and building i2pd in one layer takes around 8-900Mb, so to keep the
-# image under 200mb we need to remove all the build dependencies in the same "RUN" / layer.
-#
-
-# The main layer
-RUN apk --no-cache add build-base git gettext tar bzip2 apache-ant openjdk8 expect \
- && mkdir -p /usr/src/build \
- && cd /usr/src/build \
- && git clone -b ${GIT_BRANCH} https://github.com/i2p/i2p.i2p.git \
- && cd /usr/src/build/i2p.i2p \
- && echo "noExe=true" >> build.properties \
- && ant installer-linux \
- && cp i2pinstall*.jar /tmp/i2pinstall.jar \
- && mkdir -p /opt \
- && chown i2p:root /opt \
- && chmod u+rw /opt \
- && gosu i2p expect -f /tmp/Docker.expt \
- && cd ${I2P_PREFIX} \
- && rm -fr man docs *.bat *.command *.app /tmp/i2pinstall.jar /tmp/Docker.expt \
- && rm -fr /usr/src/build \
- && apk --purge del build-base apache-ant expect tcl expat git openjdk8 openjdk8-jre openjdk8-jre-base openjdk8-jre-lib bzip2 tar \
- binutils-libs binutils pkgconfig libcurl libc-dev musl-dev g++ make fortify-headers pkgconf giflib libssh2 libxdmcp libxcb \
- libx11 pcre alsa-lib libxi libxrender libxml2 readline bash openssl \
- && rm -fr /usr/lib/jvm/default-jre \
- && ln -sf /opt/jdk/jre /usr/lib/jvm/default-jre \
- && chmod a+x /entrypoint.sh
+# "install" i2p by copying over installed files
+COPY --from=builder /opt/i2p ${I2P_PREFIX}
+# Setup user and fix permissions in
+RUN adduser --system --uid ${I2P_UID} --home /user ${I2P_USER} \
+ && chown -R ${I2P_USER} /user \
+ && chown -R ${I2P_USER} ${I2P_PREFIX} \
+ && chmod -R u+rwx ${I2P_PREFIX}
EXPOSE 7654 7656 7657 7658 4444 6668 8998 7659 7660 4445 15000-20000
-ENTRYPOINT [ "/entrypoint.sh" ]
+USER i2p
+ENTRYPOINT [ "/opt/i2p/i2psvc" ]
+CMD [ "/opt/i2p/wrapper.config", "wrapper.pidfile=/var/tmp/i2p.pid", "wrapper.name=i2p", "wrapper.displayname=\"I2P Service\"" , "wrapper.statusfile=/var/tmp/i2p.status", "wrapper.java.statusfile=/var/tmp/i2p.java.status", "wrapper.logfile=/var/tmp/wrapper.log" ]
--
GitLab