-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathContainerfile.instanton
80 lines (69 loc) · 3.2 KB
/
Containerfile.instanton
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
FROM icr.io/appcafe/open-liberty:beta-instanton
# These defaults are overridden by `--build-arg` arguments in pom.xml
ARG NAME=placeholder
ARG VERSION=0.0.0
ARG REVISION=placeholder
ARG VENDOR=Placeholder
ARG SUMMARY=Placeholder
ARG DESCRIPTION=Placeholder
ARG URL=https://example.com/
ARG SOURCE=https://example.com/
ARG HTTP_PORT=9080
ARG HTTPS_PORT=9443
# https://spdx.org/licenses/
ARG LICENSE="Apache-2.0"
# Set some container configuration. See:
# https://github.com/OpenLiberty/ci.docker#logging
# https://openliberty.io/docs/latest/log-trace-configuration.html#settings
ARG WLP_LOGGING_CONSOLE_FORMAT=JSON
ARG WLP_LOGGING_CONSOLE_LOGLEVEL=info
ARG WLP_LOGGING_CONSOLE_SOURCE=message,accessLog,ffdc,audit
ENV WLP_LOGGING_CONSOLE_FORMAT="${WLP_LOGGING_CONSOLE_FORMAT}" \
WLP_LOGGING_CONSOLE_LOGLEVEL="${WLP_LOGGING_CONSOLE_LOGLEVEL}" \
WLP_LOGGING_CONSOLE_SOURCE="${WLP_LOGGING_CONSOLE_SOURCE}"
EXPOSE ${HTTP_PORT} ${HTTPS_PORT}
# https://github.com/opencontainers/image-spec/blob/main/annotations.md#pre-defined-annotation-keys
LABEL \
org.opencontainers.image.authors="${AUTHORS}" \
org.opencontainers.image.vendor="${VENDOR}" \
org.opencontainers.image.url="${URL}" \
org.opencontainers.image.source="${SOURCE}" \
org.opencontainers.image.version="${VERSION}" \
org.opencontainers.image.revision="${REVISION}" \
vendor="${VENDOR}" \
name="${NAME}" \
org.opencontainers.image.title="${NAME}" \
version="${VERSION}-${REVISION}" \
summary="${SUMMARY}" \
description="${DESCRIPTION}" \
org.opencontainers.image.description="${DESCRIPTION}" \
maintainer="${AUTHORS}" \
org.opencontainers.image.authors="${AUTHORS}" \
org.opencontainers.image.licenses="${LICENSE}" \
license="${LICENSE}"
COPY --chown=default:root src/main/liberty/config/server.xml /config/server.xml
COPY --chown=default:root src/main/liberty/config/jvm.options /config/jvm.options
COPY --chown=default:root src/main/liberty/config/bootstrap.properties /config/bootstrap.properties
COPY --chown=default:root src/main/liberty/config/server.env /config/server.env
# Create a /serviceability directory in case the app is installed with the Liberty Operator and there is no claim mount
# https://www.ibm.com/docs/en/was-liberty/core?topic=operator-storage-serviceability
# https://www.ibm.com/docs/en/was-liberty/core?topic=resources-webspherelibertydump-custom-resource
USER root
RUN mkdir /serviceability && chmod a+rwx /serviceability
# USER default
#
# Some versions of Kubernetes do not like using a non-numeric user ID, even
# thought the 'default' user is mapped to user ID 1001. This can cause errors such as:
#
# container has runAsNonRoot and image has non-numeric user (default), cannot verify user is non-root
#
# Therefore we use an explicit ID
#
USER 1001
# Copy in the WAR file
COPY --chown=default:root target/libertydiag.war /config/apps
# Maven generates a variables file that will override the defaults
COPY --chown=default:root target/liberty/wlp/usr/servers/libertydiagServer/configDropins/overrides/liberty-plugin-variable-config.xml /config/configDropins/overrides/
# This script will add the requested XML snippets, grow image to be fit-for-purpose and apply interim fixes
RUN configure.sh