Update tomcat #6085
Merged
Update tomcat #6085
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Changes: - docker-library/tomcat@0bc5daa: Update generated README - docker-library/tomcat@8c56ba1: Merge pull request docker-library/tomcat#160 from infosiftr/adopt - docker-library/tomcat@1c1e57e: Add AdoptOpenJDK variants
Diff:diff --git a/_bashbrew-arches b/_bashbrew-arches
index 576f885..d9283f2 100644
--- a/_bashbrew-arches
+++ b/_bashbrew-arches
@@ -1,14 +1,48 @@
tomcat:7 @ amd64
-tomcat:7-slim @ amd64
+tomcat:7-jdk8-adoptopenjdk-hotspot @ amd64
+tomcat:7-jdk8-adoptopenjdk-hotspot @ ppc64le
+tomcat:7-jdk8-adoptopenjdk-hotspot @ s390x
+tomcat:7-jdk8-adoptopenjdk-openj9 @ amd64
+tomcat:7-jdk8-adoptopenjdk-openj9 @ ppc64le
+tomcat:7-jdk8-adoptopenjdk-openj9 @ s390x
+tomcat:7-jdk8-openjdk-slim @ amd64
tomcat:9 @ amd64
tomcat:9 @ arm64v8
tomcat:9-jdk8 @ amd64
-tomcat:9-jdk8-slim @ amd64
-tomcat:9-slim @ amd64
-tomcat:9-slim @ arm64v8
+tomcat:9-jdk8-adoptopenjdk-hotspot @ amd64
+tomcat:9-jdk8-adoptopenjdk-hotspot @ ppc64le
+tomcat:9-jdk8-adoptopenjdk-hotspot @ s390x
+tomcat:9-jdk8-adoptopenjdk-openj9 @ amd64
+tomcat:9-jdk8-adoptopenjdk-openj9 @ ppc64le
+tomcat:9-jdk8-adoptopenjdk-openj9 @ s390x
+tomcat:9-jdk8-openjdk-slim @ amd64
+tomcat:9-jdk11-adoptopenjdk-hotspot @ amd64
+tomcat:9-jdk11-adoptopenjdk-hotspot @ arm32v7
+tomcat:9-jdk11-adoptopenjdk-hotspot @ arm64v8
+tomcat:9-jdk11-adoptopenjdk-hotspot @ ppc64le
+tomcat:9-jdk11-adoptopenjdk-hotspot @ s390x
+tomcat:9-jdk11-adoptopenjdk-openj9 @ amd64
+tomcat:9-jdk11-adoptopenjdk-openj9 @ ppc64le
+tomcat:9-jdk11-adoptopenjdk-openj9 @ s390x
+tomcat:9-jdk11-openjdk-slim @ amd64
+tomcat:9-jdk11-openjdk-slim @ arm64v8
+tomcat:jdk8-adoptopenjdk-hotspot @ amd64
+tomcat:jdk8-adoptopenjdk-hotspot @ ppc64le
+tomcat:jdk8-adoptopenjdk-hotspot @ s390x
+tomcat:jdk8-adoptopenjdk-openj9 @ amd64
+tomcat:jdk8-adoptopenjdk-openj9 @ ppc64le
+tomcat:jdk8-adoptopenjdk-openj9 @ s390x
+tomcat:jdk8-openjdk-slim @ amd64
tomcat:jdk11 @ amd64
tomcat:jdk11 @ arm64v8
-tomcat:jdk11-slim @ amd64
-tomcat:jdk11-slim @ arm64v8
+tomcat:jdk11-adoptopenjdk-hotspot @ amd64
+tomcat:jdk11-adoptopenjdk-hotspot @ arm32v7
+tomcat:jdk11-adoptopenjdk-hotspot @ arm64v8
+tomcat:jdk11-adoptopenjdk-hotspot @ ppc64le
+tomcat:jdk11-adoptopenjdk-hotspot @ s390x
+tomcat:jdk11-adoptopenjdk-openj9 @ amd64
+tomcat:jdk11-adoptopenjdk-openj9 @ ppc64le
+tomcat:jdk11-adoptopenjdk-openj9 @ s390x
+tomcat:jdk11-openjdk-slim @ amd64
+tomcat:jdk11-openjdk-slim @ arm64v8
tomcat:latest @ amd64
-tomcat:slim @ amd64
diff --git a/_bashbrew-list b/_bashbrew-list
index ac845c8..c617132 100644
--- a/_bashbrew-list
+++ b/_bashbrew-list
@@ -1,54 +1,95 @@
tomcat:7
tomcat:7-jdk8
-tomcat:7-jdk8-slim
-tomcat:7-slim
+tomcat:7-jdk8-adoptopenjdk-hotspot
+tomcat:7-jdk8-adoptopenjdk-openj9
+tomcat:7-jdk8-openjdk
+tomcat:7-jdk8-openjdk-slim
tomcat:7.0
tomcat:7.0-jdk8
-tomcat:7.0-jdk8-slim
-tomcat:7.0-slim
+tomcat:7.0-jdk8-adoptopenjdk-hotspot
+tomcat:7.0-jdk8-adoptopenjdk-openj9
+tomcat:7.0-jdk8-openjdk
+tomcat:7.0-jdk8-openjdk-slim
tomcat:7.0.94
tomcat:7.0.94-jdk8
-tomcat:7.0.94-jdk8-slim
-tomcat:7.0.94-slim
+tomcat:7.0.94-jdk8-adoptopenjdk-hotspot
+tomcat:7.0.94-jdk8-adoptopenjdk-openj9
+tomcat:7.0.94-jdk8-openjdk
+tomcat:7.0.94-jdk8-openjdk-slim
tomcat:8
tomcat:8-jdk8
-tomcat:8-jdk8-slim
+tomcat:8-jdk8-adoptopenjdk-hotspot
+tomcat:8-jdk8-adoptopenjdk-openj9
+tomcat:8-jdk8-openjdk
+tomcat:8-jdk8-openjdk-slim
tomcat:8-jdk11
-tomcat:8-jdk11-slim
-tomcat:8-slim
+tomcat:8-jdk11-adoptopenjdk-hotspot
+tomcat:8-jdk11-adoptopenjdk-openj9
+tomcat:8-jdk11-openjdk
+tomcat:8-jdk11-openjdk-slim
tomcat:8.5
tomcat:8.5-jdk8
-tomcat:8.5-jdk8-slim
+tomcat:8.5-jdk8-adoptopenjdk-hotspot
+tomcat:8.5-jdk8-adoptopenjdk-openj9
+tomcat:8.5-jdk8-openjdk
+tomcat:8.5-jdk8-openjdk-slim
tomcat:8.5-jdk11
-tomcat:8.5-jdk11-slim
-tomcat:8.5-slim
+tomcat:8.5-jdk11-adoptopenjdk-hotspot
+tomcat:8.5-jdk11-adoptopenjdk-openj9
+tomcat:8.5-jdk11-openjdk
+tomcat:8.5-jdk11-openjdk-slim
tomcat:8.5.42
tomcat:8.5.42-jdk8
-tomcat:8.5.42-jdk8-slim
+tomcat:8.5.42-jdk8-adoptopenjdk-hotspot
+tomcat:8.5.42-jdk8-adoptopenjdk-openj9
+tomcat:8.5.42-jdk8-openjdk
+tomcat:8.5.42-jdk8-openjdk-slim
tomcat:8.5.42-jdk11
-tomcat:8.5.42-jdk11-slim
-tomcat:8.5.42-slim
+tomcat:8.5.42-jdk11-adoptopenjdk-hotspot
+tomcat:8.5.42-jdk11-adoptopenjdk-openj9
+tomcat:8.5.42-jdk11-openjdk
+tomcat:8.5.42-jdk11-openjdk-slim
tomcat:9
tomcat:9-jdk8
-tomcat:9-jdk8-slim
+tomcat:9-jdk8-adoptopenjdk-hotspot
+tomcat:9-jdk8-adoptopenjdk-openj9
+tomcat:9-jdk8-openjdk
+tomcat:9-jdk8-openjdk-slim
tomcat:9-jdk11
-tomcat:9-jdk11-slim
-tomcat:9-slim
+tomcat:9-jdk11-adoptopenjdk-hotspot
+tomcat:9-jdk11-adoptopenjdk-openj9
+tomcat:9-jdk11-openjdk
+tomcat:9-jdk11-openjdk-slim
tomcat:9.0
tomcat:9.0-jdk8
-tomcat:9.0-jdk8-slim
+tomcat:9.0-jdk8-adoptopenjdk-hotspot
+tomcat:9.0-jdk8-adoptopenjdk-openj9
+tomcat:9.0-jdk8-openjdk
+tomcat:9.0-jdk8-openjdk-slim
tomcat:9.0-jdk11
-tomcat:9.0-jdk11-slim
-tomcat:9.0-slim
+tomcat:9.0-jdk11-adoptopenjdk-hotspot
+tomcat:9.0-jdk11-adoptopenjdk-openj9
+tomcat:9.0-jdk11-openjdk
+tomcat:9.0-jdk11-openjdk-slim
tomcat:9.0.21
tomcat:9.0.21-jdk8
-tomcat:9.0.21-jdk8-slim
+tomcat:9.0.21-jdk8-adoptopenjdk-hotspot
+tomcat:9.0.21-jdk8-adoptopenjdk-openj9
+tomcat:9.0.21-jdk8-openjdk
+tomcat:9.0.21-jdk8-openjdk-slim
tomcat:9.0.21-jdk11
-tomcat:9.0.21-jdk11-slim
-tomcat:9.0.21-slim
+tomcat:9.0.21-jdk11-adoptopenjdk-hotspot
+tomcat:9.0.21-jdk11-adoptopenjdk-openj9
+tomcat:9.0.21-jdk11-openjdk
+tomcat:9.0.21-jdk11-openjdk-slim
tomcat:jdk8
-tomcat:jdk8-slim
+tomcat:jdk8-adoptopenjdk-hotspot
+tomcat:jdk8-adoptopenjdk-openj9
+tomcat:jdk8-openjdk
+tomcat:jdk8-openjdk-slim
tomcat:jdk11
-tomcat:jdk11-slim
+tomcat:jdk11-adoptopenjdk-hotspot
+tomcat:jdk11-adoptopenjdk-openj9
+tomcat:jdk11-openjdk
+tomcat:jdk11-openjdk-slim
tomcat:latest
-tomcat:slim
diff --git a/tomcat_7/Dockerfile b/tomcat_7-jdk8-adoptopenjdk-hotspot/Dockerfile
similarity index 71%
copy from tomcat_7/Dockerfile
copy to tomcat_7-jdk8-adoptopenjdk-hotspot/Dockerfile
index 2df0d0f..dbebb44 100644
--- a/tomcat_7/Dockerfile
+++ b/tomcat_7-jdk8-adoptopenjdk-hotspot/Dockerfile
@@ -1,4 +1,4 @@
-FROM openjdk:8-jdk
+FROM adoptopenjdk:8-jdk-hotspot
ENV CATALINA_HOME /usr/local/tomcat
ENV PATH $CATALINA_HOME/bin:$PATH
@@ -9,46 +9,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# runtime dependencies for Tomcat Native Libraries
-# Tomcat Native 1.2+ requires a newer version of OpenSSL than debian:jessie has available
-# > checking OpenSSL library version >= 1.0.2...
-# > configure: error: Your version of OpenSSL is not compatible with this version of tcnative
-# see http://tomcat.10.x6.nabble.com/VOTE-Release-Apache-Tomcat-8-0-32-tp5046007p5046024.html (and following discussion)
-# and https://github.com/docker-library/tomcat/pull/31
-ENV OPENSSL_VERSION 1.1.0j-1~deb9u1
-RUN set -ex; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl; \
- currentVersion="$(dpkg-query --show --showformat '${Version}\n' openssl)"; \
- if dpkg --compare-versions "$currentVersion" '<<' "$OPENSSL_VERSION"; then \
- if ! grep -q stretch /etc/apt/sources.list; then \
-# only add stretch if we're not already building from within stretch
- { \
- echo 'deb http://deb.debian.org/debian stretch main'; \
- echo 'deb http://security.debian.org stretch/updates main'; \
- echo 'deb http://deb.debian.org/debian stretch-updates main'; \
- } > /etc/apt/sources.list.d/stretch.list; \
- { \
-# add a negative "Pin-Priority" so that we never ever get packages from stretch unless we explicitly request them
- echo 'Package: *'; \
- echo 'Pin: release n=stretch*'; \
- echo 'Pin-Priority: -10'; \
- echo; \
-# ... except OpenSSL, which is the reason we're here
- echo 'Package: openssl libssl*'; \
- echo "Pin: version $OPENSSL_VERSION"; \
- echo 'Pin-Priority: 990'; \
- } > /etc/apt/preferences.d/stretch-openssl; \
- fi; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl="$OPENSSL_VERSION"; \
- rm -rf /var/lib/apt/lists/*; \
- fi
-
-RUN apt-get update && apt-get install -y --no-install-recommends \
- libapr1 \
- && rm -rf /var/lib/apt/lists/*
-
# see https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/KEYS
# see also "update.sh" (https://github.com/docker-library/tomcat/blob/master/update.sh)
ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 61B832AC2F1C5A90F0F9B00A1C506407564C17A3 713DA88BE50911535FE716F5208B0AB1D63011C7 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23
@@ -95,7 +55,7 @@ RUN set -eux; \
done; \
[ -n "$success" ]; \
\
- echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \
+ echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
\
success=; \
for url in $TOMCAT_ASC_URLS; do \
@@ -126,12 +86,13 @@ RUN set -eux; \
export CATALINA_HOME="$PWD"; \
cd "$nativeBuildDir/native"; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+ aprConfig="$(which apr-1-config)"; \
./configure \
--build="$gnuArch" \
--libdir="$TOMCAT_NATIVE_LIBDIR" \
--prefix="$CATALINA_HOME" \
- --with-apr="$(which apr-1-config)" \
- --with-java-home="$(docker-java-home)" \
+ --with-apr="$aprConfig" \
+ --with-java-home="$JAVA_HOME" \
--with-ssl=yes; \
make -j "$(nproc)"; \
make install; \
@@ -141,7 +102,15 @@ RUN set -eux; \
\
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \
+ | awk '/=>/ { print $(NF-1) }' \
+ | sort -u \
+ | xargs -r dpkg-query --search \
+ | cut -d: -f1 \
+ | sort -u \
+ | xargs -r apt-mark manual \
+ ; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
diff --git a/tomcat_7/Dockerfile b/tomcat_7-jdk8-adoptopenjdk-openj9/Dockerfile
similarity index 71%
copy from tomcat_7/Dockerfile
copy to tomcat_7-jdk8-adoptopenjdk-openj9/Dockerfile
index 2df0d0f..41d711a 100644
--- a/tomcat_7/Dockerfile
+++ b/tomcat_7-jdk8-adoptopenjdk-openj9/Dockerfile
@@ -1,4 +1,4 @@
-FROM openjdk:8-jdk
+FROM adoptopenjdk:8-jdk-openj9
ENV CATALINA_HOME /usr/local/tomcat
ENV PATH $CATALINA_HOME/bin:$PATH
@@ -9,46 +9,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# runtime dependencies for Tomcat Native Libraries
-# Tomcat Native 1.2+ requires a newer version of OpenSSL than debian:jessie has available
-# > checking OpenSSL library version >= 1.0.2...
-# > configure: error: Your version of OpenSSL is not compatible with this version of tcnative
-# see http://tomcat.10.x6.nabble.com/VOTE-Release-Apache-Tomcat-8-0-32-tp5046007p5046024.html (and following discussion)
-# and https://github.com/docker-library/tomcat/pull/31
-ENV OPENSSL_VERSION 1.1.0j-1~deb9u1
-RUN set -ex; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl; \
- currentVersion="$(dpkg-query --show --showformat '${Version}\n' openssl)"; \
- if dpkg --compare-versions "$currentVersion" '<<' "$OPENSSL_VERSION"; then \
- if ! grep -q stretch /etc/apt/sources.list; then \
-# only add stretch if we're not already building from within stretch
- { \
- echo 'deb http://deb.debian.org/debian stretch main'; \
- echo 'deb http://security.debian.org stretch/updates main'; \
- echo 'deb http://deb.debian.org/debian stretch-updates main'; \
- } > /etc/apt/sources.list.d/stretch.list; \
- { \
-# add a negative "Pin-Priority" so that we never ever get packages from stretch unless we explicitly request them
- echo 'Package: *'; \
- echo 'Pin: release n=stretch*'; \
- echo 'Pin-Priority: -10'; \
- echo; \
-# ... except OpenSSL, which is the reason we're here
- echo 'Package: openssl libssl*'; \
- echo "Pin: version $OPENSSL_VERSION"; \
- echo 'Pin-Priority: 990'; \
- } > /etc/apt/preferences.d/stretch-openssl; \
- fi; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl="$OPENSSL_VERSION"; \
- rm -rf /var/lib/apt/lists/*; \
- fi
-
-RUN apt-get update && apt-get install -y --no-install-recommends \
- libapr1 \
- && rm -rf /var/lib/apt/lists/*
-
# see https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/KEYS
# see also "update.sh" (https://github.com/docker-library/tomcat/blob/master/update.sh)
ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 61B832AC2F1C5A90F0F9B00A1C506407564C17A3 713DA88BE50911535FE716F5208B0AB1D63011C7 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23
@@ -95,7 +55,7 @@ RUN set -eux; \
done; \
[ -n "$success" ]; \
\
- echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \
+ echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
\
success=; \
for url in $TOMCAT_ASC_URLS; do \
@@ -126,12 +86,13 @@ RUN set -eux; \
export CATALINA_HOME="$PWD"; \
cd "$nativeBuildDir/native"; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+ aprConfig="$(which apr-1-config)"; \
./configure \
--build="$gnuArch" \
--libdir="$TOMCAT_NATIVE_LIBDIR" \
--prefix="$CATALINA_HOME" \
- --with-apr="$(which apr-1-config)" \
- --with-java-home="$(docker-java-home)" \
+ --with-apr="$aprConfig" \
+ --with-java-home="$JAVA_HOME" \
--with-ssl=yes; \
make -j "$(nproc)"; \
make install; \
@@ -141,7 +102,15 @@ RUN set -eux; \
\
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \
+ | awk '/=>/ { print $(NF-1) }' \
+ | sort -u \
+ | xargs -r dpkg-query --search \
+ | cut -d: -f1 \
+ | sort -u \
+ | xargs -r apt-mark manual \
+ ; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
diff --git a/tomcat_7-slim/Dockerfile b/tomcat_7-jdk8-openjdk-slim/Dockerfile
similarity index 71%
rename from tomcat_7-slim/Dockerfile
rename to tomcat_7-jdk8-openjdk-slim/Dockerfile
index 924b36e..792c137 100644
--- a/tomcat_7-slim/Dockerfile
+++ b/tomcat_7-jdk8-openjdk-slim/Dockerfile
@@ -9,46 +9,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# runtime dependencies for Tomcat Native Libraries
-# Tomcat Native 1.2+ requires a newer version of OpenSSL than debian:jessie has available
-# > checking OpenSSL library version >= 1.0.2...
-# > configure: error: Your version of OpenSSL is not compatible with this version of tcnative
-# see http://tomcat.10.x6.nabble.com/VOTE-Release-Apache-Tomcat-8-0-32-tp5046007p5046024.html (and following discussion)
-# and https://github.com/docker-library/tomcat/pull/31
-ENV OPENSSL_VERSION 1.1.0j-1~deb9u1
-RUN set -ex; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl; \
- currentVersion="$(dpkg-query --show --showformat '${Version}\n' openssl)"; \
- if dpkg --compare-versions "$currentVersion" '<<' "$OPENSSL_VERSION"; then \
- if ! grep -q stretch /etc/apt/sources.list; then \
-# only add stretch if we're not already building from within stretch
- { \
- echo 'deb http://deb.debian.org/debian stretch main'; \
- echo 'deb http://security.debian.org stretch/updates main'; \
- echo 'deb http://deb.debian.org/debian stretch-updates main'; \
- } > /etc/apt/sources.list.d/stretch.list; \
- { \
-# add a negative "Pin-Priority" so that we never ever get packages from stretch unless we explicitly request them
- echo 'Package: *'; \
- echo 'Pin: release n=stretch*'; \
- echo 'Pin-Priority: -10'; \
- echo; \
-# ... except OpenSSL, which is the reason we're here
- echo 'Package: openssl libssl*'; \
- echo "Pin: version $OPENSSL_VERSION"; \
- echo 'Pin-Priority: 990'; \
- } > /etc/apt/preferences.d/stretch-openssl; \
- fi; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl="$OPENSSL_VERSION"; \
- rm -rf /var/lib/apt/lists/*; \
- fi
-
-RUN apt-get update && apt-get install -y --no-install-recommends \
- libapr1 \
- && rm -rf /var/lib/apt/lists/*
-
# see https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/KEYS
# see also "update.sh" (https://github.com/docker-library/tomcat/blob/master/update.sh)
ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 61B832AC2F1C5A90F0F9B00A1C506407564C17A3 713DA88BE50911535FE716F5208B0AB1D63011C7 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23
@@ -95,7 +55,7 @@ RUN set -eux; \
done; \
[ -n "$success" ]; \
\
- echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \
+ echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
\
success=; \
for url in $TOMCAT_ASC_URLS; do \
@@ -126,12 +86,13 @@ RUN set -eux; \
export CATALINA_HOME="$PWD"; \
cd "$nativeBuildDir/native"; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+ aprConfig="$(which apr-1-config)"; \
./configure \
--build="$gnuArch" \
--libdir="$TOMCAT_NATIVE_LIBDIR" \
--prefix="$CATALINA_HOME" \
- --with-apr="$(which apr-1-config)" \
- --with-java-home="$(docker-java-home)" \
+ --with-apr="$aprConfig" \
+ --with-java-home="$JAVA_HOME" \
--with-ssl=yes; \
make -j "$(nproc)"; \
make install; \
@@ -141,7 +102,15 @@ RUN set -eux; \
\
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \
+ | awk '/=>/ { print $(NF-1) }' \
+ | sort -u \
+ | xargs -r dpkg-query --search \
+ | cut -d: -f1 \
+ | sort -u \
+ | xargs -r apt-mark manual \
+ ; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
diff --git a/tomcat_7/Dockerfile b/tomcat_7/Dockerfile
index 2df0d0f..c4b4fdb 100644
--- a/tomcat_7/Dockerfile
+++ b/tomcat_7/Dockerfile
@@ -9,46 +9,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# runtime dependencies for Tomcat Native Libraries
-# Tomcat Native 1.2+ requires a newer version of OpenSSL than debian:jessie has available
-# > checking OpenSSL library version >= 1.0.2...
-# > configure: error: Your version of OpenSSL is not compatible with this version of tcnative
-# see http://tomcat.10.x6.nabble.com/VOTE-Release-Apache-Tomcat-8-0-32-tp5046007p5046024.html (and following discussion)
-# and https://github.com/docker-library/tomcat/pull/31
-ENV OPENSSL_VERSION 1.1.0j-1~deb9u1
-RUN set -ex; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl; \
- currentVersion="$(dpkg-query --show --showformat '${Version}\n' openssl)"; \
- if dpkg --compare-versions "$currentVersion" '<<' "$OPENSSL_VERSION"; then \
- if ! grep -q stretch /etc/apt/sources.list; then \
-# only add stretch if we're not already building from within stretch
- { \
- echo 'deb http://deb.debian.org/debian stretch main'; \
- echo 'deb http://security.debian.org stretch/updates main'; \
- echo 'deb http://deb.debian.org/debian stretch-updates main'; \
- } > /etc/apt/sources.list.d/stretch.list; \
- { \
-# add a negative "Pin-Priority" so that we never ever get packages from stretch unless we explicitly request them
- echo 'Package: *'; \
- echo 'Pin: release n=stretch*'; \
- echo 'Pin-Priority: -10'; \
- echo; \
-# ... except OpenSSL, which is the reason we're here
- echo 'Package: openssl libssl*'; \
- echo "Pin: version $OPENSSL_VERSION"; \
- echo 'Pin-Priority: 990'; \
- } > /etc/apt/preferences.d/stretch-openssl; \
- fi; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl="$OPENSSL_VERSION"; \
- rm -rf /var/lib/apt/lists/*; \
- fi
-
-RUN apt-get update && apt-get install -y --no-install-recommends \
- libapr1 \
- && rm -rf /var/lib/apt/lists/*
-
# see https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/KEYS
# see also "update.sh" (https://github.com/docker-library/tomcat/blob/master/update.sh)
ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 61B832AC2F1C5A90F0F9B00A1C506407564C17A3 713DA88BE50911535FE716F5208B0AB1D63011C7 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23
@@ -95,7 +55,7 @@ RUN set -eux; \
done; \
[ -n "$success" ]; \
\
- echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \
+ echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
\
success=; \
for url in $TOMCAT_ASC_URLS; do \
@@ -126,12 +86,13 @@ RUN set -eux; \
export CATALINA_HOME="$PWD"; \
cd "$nativeBuildDir/native"; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+ aprConfig="$(which apr-1-config)"; \
./configure \
--build="$gnuArch" \
--libdir="$TOMCAT_NATIVE_LIBDIR" \
--prefix="$CATALINA_HOME" \
- --with-apr="$(which apr-1-config)" \
- --with-java-home="$(docker-java-home)" \
+ --with-apr="$aprConfig" \
+ --with-java-home="$JAVA_HOME" \
--with-ssl=yes; \
make -j "$(nproc)"; \
make install; \
@@ -141,7 +102,15 @@ RUN set -eux; \
\
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \
+ | awk '/=>/ { print $(NF-1) }' \
+ | sort -u \
+ | xargs -r dpkg-query --search \
+ | cut -d: -f1 \
+ | sort -u \
+ | xargs -r apt-mark manual \
+ ; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
diff --git a/tomcat_9-jdk8/Dockerfile b/tomcat_9-jdk11-adoptopenjdk-hotspot/Dockerfile
similarity index 71%
copy from tomcat_9-jdk8/Dockerfile
copy to tomcat_9-jdk11-adoptopenjdk-hotspot/Dockerfile
index 5ff49c1..f6df21e 100644
--- a/tomcat_9-jdk8/Dockerfile
+++ b/tomcat_9-jdk11-adoptopenjdk-hotspot/Dockerfile
@@ -1,4 +1,4 @@
-FROM openjdk:8-jdk
+FROM adoptopenjdk:11-jdk-hotspot
ENV CATALINA_HOME /usr/local/tomcat
ENV PATH $CATALINA_HOME/bin:$PATH
@@ -9,46 +9,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# runtime dependencies for Tomcat Native Libraries
-# Tomcat Native 1.2+ requires a newer version of OpenSSL than debian:jessie has available
-# > checking OpenSSL library version >= 1.0.2...
-# > configure: error: Your version of OpenSSL is not compatible with this version of tcnative
-# see http://tomcat.10.x6.nabble.com/VOTE-Release-Apache-Tomcat-8-0-32-tp5046007p5046024.html (and following discussion)
-# and https://github.com/docker-library/tomcat/pull/31
-ENV OPENSSL_VERSION 1.1.0j-1~deb9u1
-RUN set -ex; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl; \
- currentVersion="$(dpkg-query --show --showformat '${Version}\n' openssl)"; \
- if dpkg --compare-versions "$currentVersion" '<<' "$OPENSSL_VERSION"; then \
- if ! grep -q stretch /etc/apt/sources.list; then \
-# only add stretch if we're not already building from within stretch
- { \
- echo 'deb http://deb.debian.org/debian stretch main'; \
- echo 'deb http://security.debian.org stretch/updates main'; \
- echo 'deb http://deb.debian.org/debian stretch-updates main'; \
- } > /etc/apt/sources.list.d/stretch.list; \
- { \
-# add a negative "Pin-Priority" so that we never ever get packages from stretch unless we explicitly request them
- echo 'Package: *'; \
- echo 'Pin: release n=stretch*'; \
- echo 'Pin-Priority: -10'; \
- echo; \
-# ... except OpenSSL, which is the reason we're here
- echo 'Package: openssl libssl*'; \
- echo "Pin: version $OPENSSL_VERSION"; \
- echo 'Pin-Priority: 990'; \
- } > /etc/apt/preferences.d/stretch-openssl; \
- fi; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl="$OPENSSL_VERSION"; \
- rm -rf /var/lib/apt/lists/*; \
- fi
-
-RUN apt-get update && apt-get install -y --no-install-recommends \
- libapr1 \
- && rm -rf /var/lib/apt/lists/*
-
# see https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/KEYS
# see also "update.sh" (https://github.com/docker-library/tomcat/blob/master/update.sh)
ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 61B832AC2F1C5A90F0F9B00A1C506407564C17A3 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23
@@ -95,7 +55,7 @@ RUN set -eux; \
done; \
[ -n "$success" ]; \
\
- echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \
+ echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
\
success=; \
for url in $TOMCAT_ASC_URLS; do \
@@ -126,12 +86,13 @@ RUN set -eux; \
export CATALINA_HOME="$PWD"; \
cd "$nativeBuildDir/native"; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+ aprConfig="$(which apr-1-config)"; \
./configure \
--build="$gnuArch" \
--libdir="$TOMCAT_NATIVE_LIBDIR" \
--prefix="$CATALINA_HOME" \
- --with-apr="$(which apr-1-config)" \
- --with-java-home="$(docker-java-home)" \
+ --with-apr="$aprConfig" \
+ --with-java-home="$JAVA_HOME" \
--with-ssl=yes; \
make -j "$(nproc)"; \
make install; \
@@ -141,7 +102,15 @@ RUN set -eux; \
\
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \
+ | awk '/=>/ { print $(NF-1) }' \
+ | sort -u \
+ | xargs -r dpkg-query --search \
+ | cut -d: -f1 \
+ | sort -u \
+ | xargs -r apt-mark manual \
+ ; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
diff --git a/tomcat_9-jdk8/Dockerfile b/tomcat_9-jdk11-adoptopenjdk-openj9/Dockerfile
similarity index 71%
copy from tomcat_9-jdk8/Dockerfile
copy to tomcat_9-jdk11-adoptopenjdk-openj9/Dockerfile
index 5ff49c1..b429b4f 100644
--- a/tomcat_9-jdk8/Dockerfile
+++ b/tomcat_9-jdk11-adoptopenjdk-openj9/Dockerfile
@@ -1,4 +1,4 @@
-FROM openjdk:8-jdk
+FROM adoptopenjdk:11-jdk-openj9
ENV CATALINA_HOME /usr/local/tomcat
ENV PATH $CATALINA_HOME/bin:$PATH
@@ -9,46 +9,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# runtime dependencies for Tomcat Native Libraries
-# Tomcat Native 1.2+ requires a newer version of OpenSSL than debian:jessie has available
-# > checking OpenSSL library version >= 1.0.2...
-# > configure: error: Your version of OpenSSL is not compatible with this version of tcnative
-# see http://tomcat.10.x6.nabble.com/VOTE-Release-Apache-Tomcat-8-0-32-tp5046007p5046024.html (and following discussion)
-# and https://github.com/docker-library/tomcat/pull/31
-ENV OPENSSL_VERSION 1.1.0j-1~deb9u1
-RUN set -ex; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl; \
- currentVersion="$(dpkg-query --show --showformat '${Version}\n' openssl)"; \
- if dpkg --compare-versions "$currentVersion" '<<' "$OPENSSL_VERSION"; then \
- if ! grep -q stretch /etc/apt/sources.list; then \
-# only add stretch if we're not already building from within stretch
- { \
- echo 'deb http://deb.debian.org/debian stretch main'; \
- echo 'deb http://security.debian.org stretch/updates main'; \
- echo 'deb http://deb.debian.org/debian stretch-updates main'; \
- } > /etc/apt/sources.list.d/stretch.list; \
- { \
-# add a negative "Pin-Priority" so that we never ever get packages from stretch unless we explicitly request them
- echo 'Package: *'; \
- echo 'Pin: release n=stretch*'; \
- echo 'Pin-Priority: -10'; \
- echo; \
-# ... except OpenSSL, which is the reason we're here
- echo 'Package: openssl libssl*'; \
- echo "Pin: version $OPENSSL_VERSION"; \
- echo 'Pin-Priority: 990'; \
- } > /etc/apt/preferences.d/stretch-openssl; \
- fi; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl="$OPENSSL_VERSION"; \
- rm -rf /var/lib/apt/lists/*; \
- fi
-
-RUN apt-get update && apt-get install -y --no-install-recommends \
- libapr1 \
- && rm -rf /var/lib/apt/lists/*
-
# see https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/KEYS
# see also "update.sh" (https://github.com/docker-library/tomcat/blob/master/update.sh)
ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 61B832AC2F1C5A90F0F9B00A1C506407564C17A3 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23
@@ -95,7 +55,7 @@ RUN set -eux; \
done; \
[ -n "$success" ]; \
\
- echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \
+ echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
\
success=; \
for url in $TOMCAT_ASC_URLS; do \
@@ -126,12 +86,13 @@ RUN set -eux; \
export CATALINA_HOME="$PWD"; \
cd "$nativeBuildDir/native"; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+ aprConfig="$(which apr-1-config)"; \
./configure \
--build="$gnuArch" \
--libdir="$TOMCAT_NATIVE_LIBDIR" \
--prefix="$CATALINA_HOME" \
- --with-apr="$(which apr-1-config)" \
- --with-java-home="$(docker-java-home)" \
+ --with-apr="$aprConfig" \
+ --with-java-home="$JAVA_HOME" \
--with-ssl=yes; \
make -j "$(nproc)"; \
make install; \
@@ -141,7 +102,15 @@ RUN set -eux; \
\
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \
+ | awk '/=>/ { print $(NF-1) }' \
+ | sort -u \
+ | xargs -r dpkg-query --search \
+ | cut -d: -f1 \
+ | sort -u \
+ | xargs -r apt-mark manual \
+ ; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
diff --git a/tomcat_9-slim/Dockerfile b/tomcat_9-jdk11-openjdk-slim/Dockerfile
similarity index 71%
rename from tomcat_9-slim/Dockerfile
rename to tomcat_9-jdk11-openjdk-slim/Dockerfile
index 08507eb..0c1e517 100644
--- a/tomcat_9-slim/Dockerfile
+++ b/tomcat_9-jdk11-openjdk-slim/Dockerfile
@@ -9,46 +9,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# runtime dependencies for Tomcat Native Libraries
-# Tomcat Native 1.2+ requires a newer version of OpenSSL than debian:jessie has available
-# > checking OpenSSL library version >= 1.0.2...
-# > configure: error: Your version of OpenSSL is not compatible with this version of tcnative
-# see http://tomcat.10.x6.nabble.com/VOTE-Release-Apache-Tomcat-8-0-32-tp5046007p5046024.html (and following discussion)
-# and https://github.com/docker-library/tomcat/pull/31
-ENV OPENSSL_VERSION 1.1.0j-1~deb9u1
-RUN set -ex; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl; \
- currentVersion="$(dpkg-query --show --showformat '${Version}\n' openssl)"; \
- if dpkg --compare-versions "$currentVersion" '<<' "$OPENSSL_VERSION"; then \
- if ! grep -q stretch /etc/apt/sources.list; then \
-# only add stretch if we're not already building from within stretch
- { \
- echo 'deb http://deb.debian.org/debian stretch main'; \
- echo 'deb http://security.debian.org stretch/updates main'; \
- echo 'deb http://deb.debian.org/debian stretch-updates main'; \
- } > /etc/apt/sources.list.d/stretch.list; \
- { \
-# add a negative "Pin-Priority" so that we never ever get packages from stretch unless we explicitly request them
- echo 'Package: *'; \
- echo 'Pin: release n=stretch*'; \
- echo 'Pin-Priority: -10'; \
- echo; \
-# ... except OpenSSL, which is the reason we're here
- echo 'Package: openssl libssl*'; \
- echo "Pin: version $OPENSSL_VERSION"; \
- echo 'Pin-Priority: 990'; \
- } > /etc/apt/preferences.d/stretch-openssl; \
- fi; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl="$OPENSSL_VERSION"; \
- rm -rf /var/lib/apt/lists/*; \
- fi
-
-RUN apt-get update && apt-get install -y --no-install-recommends \
- libapr1 \
- && rm -rf /var/lib/apt/lists/*
-
# see https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/KEYS
# see also "update.sh" (https://github.com/docker-library/tomcat/blob/master/update.sh)
ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 61B832AC2F1C5A90F0F9B00A1C506407564C17A3 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23
@@ -95,7 +55,7 @@ RUN set -eux; \
done; \
[ -n "$success" ]; \
\
- echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \
+ echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
\
success=; \
for url in $TOMCAT_ASC_URLS; do \
@@ -126,12 +86,13 @@ RUN set -eux; \
export CATALINA_HOME="$PWD"; \
cd "$nativeBuildDir/native"; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+ aprConfig="$(which apr-1-config)"; \
./configure \
--build="$gnuArch" \
--libdir="$TOMCAT_NATIVE_LIBDIR" \
--prefix="$CATALINA_HOME" \
- --with-apr="$(which apr-1-config)" \
- --with-java-home="$(docker-java-home)" \
+ --with-apr="$aprConfig" \
+ --with-java-home="$JAVA_HOME" \
--with-ssl=yes; \
make -j "$(nproc)"; \
make install; \
@@ -141,7 +102,15 @@ RUN set -eux; \
\
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \
+ | awk '/=>/ { print $(NF-1) }' \
+ | sort -u \
+ | xargs -r dpkg-query --search \
+ | cut -d: -f1 \
+ | sort -u \
+ | xargs -r apt-mark manual \
+ ; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
diff --git a/tomcat_9-jdk8/Dockerfile b/tomcat_9-jdk8-adoptopenjdk-hotspot/Dockerfile
similarity index 71%
copy from tomcat_9-jdk8/Dockerfile
copy to tomcat_9-jdk8-adoptopenjdk-hotspot/Dockerfile
index 5ff49c1..7979b0f 100644
--- a/tomcat_9-jdk8/Dockerfile
+++ b/tomcat_9-jdk8-adoptopenjdk-hotspot/Dockerfile
@@ -1,4 +1,4 @@
-FROM openjdk:8-jdk
+FROM adoptopenjdk:8-jdk-hotspot
ENV CATALINA_HOME /usr/local/tomcat
ENV PATH $CATALINA_HOME/bin:$PATH
@@ -9,46 +9,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# runtime dependencies for Tomcat Native Libraries
-# Tomcat Native 1.2+ requires a newer version of OpenSSL than debian:jessie has available
-# > checking OpenSSL library version >= 1.0.2...
-# > configure: error: Your version of OpenSSL is not compatible with this version of tcnative
-# see http://tomcat.10.x6.nabble.com/VOTE-Release-Apache-Tomcat-8-0-32-tp5046007p5046024.html (and following discussion)
-# and https://github.com/docker-library/tomcat/pull/31
-ENV OPENSSL_VERSION 1.1.0j-1~deb9u1
-RUN set -ex; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl; \
- currentVersion="$(dpkg-query --show --showformat '${Version}\n' openssl)"; \
- if dpkg --compare-versions "$currentVersion" '<<' "$OPENSSL_VERSION"; then \
- if ! grep -q stretch /etc/apt/sources.list; then \
-# only add stretch if we're not already building from within stretch
- { \
- echo 'deb http://deb.debian.org/debian stretch main'; \
- echo 'deb http://security.debian.org stretch/updates main'; \
- echo 'deb http://deb.debian.org/debian stretch-updates main'; \
- } > /etc/apt/sources.list.d/stretch.list; \
- { \
-# add a negative "Pin-Priority" so that we never ever get packages from stretch unless we explicitly request them
- echo 'Package: *'; \
- echo 'Pin: release n=stretch*'; \
- echo 'Pin-Priority: -10'; \
- echo; \
-# ... except OpenSSL, which is the reason we're here
- echo 'Package: openssl libssl*'; \
- echo "Pin: version $OPENSSL_VERSION"; \
- echo 'Pin-Priority: 990'; \
- } > /etc/apt/preferences.d/stretch-openssl; \
- fi; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl="$OPENSSL_VERSION"; \
- rm -rf /var/lib/apt/lists/*; \
- fi
-
-RUN apt-get update && apt-get install -y --no-install-recommends \
- libapr1 \
- && rm -rf /var/lib/apt/lists/*
-
# see https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/KEYS
# see also "update.sh" (https://github.com/docker-library/tomcat/blob/master/update.sh)
ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 61B832AC2F1C5A90F0F9B00A1C506407564C17A3 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23
@@ -95,7 +55,7 @@ RUN set -eux; \
done; \
[ -n "$success" ]; \
\
- echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \
+ echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
\
success=; \
for url in $TOMCAT_ASC_URLS; do \
@@ -126,12 +86,13 @@ RUN set -eux; \
export CATALINA_HOME="$PWD"; \
cd "$nativeBuildDir/native"; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+ aprConfig="$(which apr-1-config)"; \
./configure \
--build="$gnuArch" \
--libdir="$TOMCAT_NATIVE_LIBDIR" \
--prefix="$CATALINA_HOME" \
- --with-apr="$(which apr-1-config)" \
- --with-java-home="$(docker-java-home)" \
+ --with-apr="$aprConfig" \
+ --with-java-home="$JAVA_HOME" \
--with-ssl=yes; \
make -j "$(nproc)"; \
make install; \
@@ -141,7 +102,15 @@ RUN set -eux; \
\
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \
+ | awk '/=>/ { print $(NF-1) }' \
+ | sort -u \
+ | xargs -r dpkg-query --search \
+ | cut -d: -f1 \
+ | sort -u \
+ | xargs -r apt-mark manual \
+ ; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
diff --git a/tomcat_9-jdk8/Dockerfile b/tomcat_9-jdk8-adoptopenjdk-openj9/Dockerfile
similarity index 71%
copy from tomcat_9-jdk8/Dockerfile
copy to tomcat_9-jdk8-adoptopenjdk-openj9/Dockerfile
index 5ff49c1..e96933a 100644
--- a/tomcat_9-jdk8/Dockerfile
+++ b/tomcat_9-jdk8-adoptopenjdk-openj9/Dockerfile
@@ -1,4 +1,4 @@
-FROM openjdk:8-jdk
+FROM adoptopenjdk:8-jdk-openj9
ENV CATALINA_HOME /usr/local/tomcat
ENV PATH $CATALINA_HOME/bin:$PATH
@@ -9,46 +9,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# runtime dependencies for Tomcat Native Libraries
-# Tomcat Native 1.2+ requires a newer version of OpenSSL than debian:jessie has available
-# > checking OpenSSL library version >= 1.0.2...
-# > configure: error: Your version of OpenSSL is not compatible with this version of tcnative
-# see http://tomcat.10.x6.nabble.com/VOTE-Release-Apache-Tomcat-8-0-32-tp5046007p5046024.html (and following discussion)
-# and https://github.com/docker-library/tomcat/pull/31
-ENV OPENSSL_VERSION 1.1.0j-1~deb9u1
-RUN set -ex; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl; \
- currentVersion="$(dpkg-query --show --showformat '${Version}\n' openssl)"; \
- if dpkg --compare-versions "$currentVersion" '<<' "$OPENSSL_VERSION"; then \
- if ! grep -q stretch /etc/apt/sources.list; then \
-# only add stretch if we're not already building from within stretch
- { \
- echo 'deb http://deb.debian.org/debian stretch main'; \
- echo 'deb http://security.debian.org stretch/updates main'; \
- echo 'deb http://deb.debian.org/debian stretch-updates main'; \
- } > /etc/apt/sources.list.d/stretch.list; \
- { \
-# add a negative "Pin-Priority" so that we never ever get packages from stretch unless we explicitly request them
- echo 'Package: *'; \
- echo 'Pin: release n=stretch*'; \
- echo 'Pin-Priority: -10'; \
- echo; \
-# ... except OpenSSL, which is the reason we're here
- echo 'Package: openssl libssl*'; \
- echo "Pin: version $OPENSSL_VERSION"; \
- echo 'Pin-Priority: 990'; \
- } > /etc/apt/preferences.d/stretch-openssl; \
- fi; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl="$OPENSSL_VERSION"; \
- rm -rf /var/lib/apt/lists/*; \
- fi
-
-RUN apt-get update && apt-get install -y --no-install-recommends \
- libapr1 \
- && rm -rf /var/lib/apt/lists/*
-
# see https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/KEYS
# see also "update.sh" (https://github.com/docker-library/tomcat/blob/master/update.sh)
ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 61B832AC2F1C5A90F0F9B00A1C506407564C17A3 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23
@@ -95,7 +55,7 @@ RUN set -eux; \
done; \
[ -n "$success" ]; \
\
- echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \
+ echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
\
success=; \
for url in $TOMCAT_ASC_URLS; do \
@@ -126,12 +86,13 @@ RUN set -eux; \
export CATALINA_HOME="$PWD"; \
cd "$nativeBuildDir/native"; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+ aprConfig="$(which apr-1-config)"; \
./configure \
--build="$gnuArch" \
--libdir="$TOMCAT_NATIVE_LIBDIR" \
--prefix="$CATALINA_HOME" \
- --with-apr="$(which apr-1-config)" \
- --with-java-home="$(docker-java-home)" \
+ --with-apr="$aprConfig" \
+ --with-java-home="$JAVA_HOME" \
--with-ssl=yes; \
make -j "$(nproc)"; \
make install; \
@@ -141,7 +102,15 @@ RUN set -eux; \
\
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \
+ | awk '/=>/ { print $(NF-1) }' \
+ | sort -u \
+ | xargs -r dpkg-query --search \
+ | cut -d: -f1 \
+ | sort -u \
+ | xargs -r apt-mark manual \
+ ; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
diff --git a/tomcat_9-jdk8-slim/Dockerfile b/tomcat_9-jdk8-openjdk-slim/Dockerfile
similarity index 71%
rename from tomcat_9-jdk8-slim/Dockerfile
rename to tomcat_9-jdk8-openjdk-slim/Dockerfile
index 44029be..cfa350e 100644
--- a/tomcat_9-jdk8-slim/Dockerfile
+++ b/tomcat_9-jdk8-openjdk-slim/Dockerfile
@@ -9,46 +9,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# runtime dependencies for Tomcat Native Libraries
-# Tomcat Native 1.2+ requires a newer version of OpenSSL than debian:jessie has available
-# > checking OpenSSL library version >= 1.0.2...
-# > configure: error: Your version of OpenSSL is not compatible with this version of tcnative
-# see http://tomcat.10.x6.nabble.com/VOTE-Release-Apache-Tomcat-8-0-32-tp5046007p5046024.html (and following discussion)
-# and https://github.com/docker-library/tomcat/pull/31
-ENV OPENSSL_VERSION 1.1.0j-1~deb9u1
-RUN set -ex; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl; \
- currentVersion="$(dpkg-query --show --showformat '${Version}\n' openssl)"; \
- if dpkg --compare-versions "$currentVersion" '<<' "$OPENSSL_VERSION"; then \
- if ! grep -q stretch /etc/apt/sources.list; then \
-# only add stretch if we're not already building from within stretch
- { \
- echo 'deb http://deb.debian.org/debian stretch main'; \
- echo 'deb http://security.debian.org stretch/updates main'; \
- echo 'deb http://deb.debian.org/debian stretch-updates main'; \
- } > /etc/apt/sources.list.d/stretch.list; \
- { \
-# add a negative "Pin-Priority" so that we never ever get packages from stretch unless we explicitly request them
- echo 'Package: *'; \
- echo 'Pin: release n=stretch*'; \
- echo 'Pin-Priority: -10'; \
- echo; \
-# ... except OpenSSL, which is the reason we're here
- echo 'Package: openssl libssl*'; \
- echo "Pin: version $OPENSSL_VERSION"; \
- echo 'Pin-Priority: 990'; \
- } > /etc/apt/preferences.d/stretch-openssl; \
- fi; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl="$OPENSSL_VERSION"; \
- rm -rf /var/lib/apt/lists/*; \
- fi
-
-RUN apt-get update && apt-get install -y --no-install-recommends \
- libapr1 \
- && rm -rf /var/lib/apt/lists/*
-
# see https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/KEYS
# see also "update.sh" (https://github.com/docker-library/tomcat/blob/master/update.sh)
ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 61B832AC2F1C5A90F0F9B00A1C506407564C17A3 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23
@@ -95,7 +55,7 @@ RUN set -eux; \
done; \
[ -n "$success" ]; \
\
- echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \
+ echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
\
success=; \
for url in $TOMCAT_ASC_URLS; do \
@@ -126,12 +86,13 @@ RUN set -eux; \
export CATALINA_HOME="$PWD"; \
cd "$nativeBuildDir/native"; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+ aprConfig="$(which apr-1-config)"; \
./configure \
--build="$gnuArch" \
--libdir="$TOMCAT_NATIVE_LIBDIR" \
--prefix="$CATALINA_HOME" \
- --with-apr="$(which apr-1-config)" \
- --with-java-home="$(docker-java-home)" \
+ --with-apr="$aprConfig" \
+ --with-java-home="$JAVA_HOME" \
--with-ssl=yes; \
make -j "$(nproc)"; \
make install; \
@@ -141,7 +102,15 @@ RUN set -eux; \
\
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \
+ | awk '/=>/ { print $(NF-1) }' \
+ | sort -u \
+ | xargs -r dpkg-query --search \
+ | cut -d: -f1 \
+ | sort -u \
+ | xargs -r apt-mark manual \
+ ; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
diff --git a/tomcat_9-jdk8/Dockerfile b/tomcat_9-jdk8/Dockerfile
index 5ff49c1..df5ae7e 100644
--- a/tomcat_9-jdk8/Dockerfile
+++ b/tomcat_9-jdk8/Dockerfile
@@ -9,46 +9,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# runtime dependencies for Tomcat Native Libraries
-# Tomcat Native 1.2+ requires a newer version of OpenSSL than debian:jessie has available
-# > checking OpenSSL library version >= 1.0.2...
-# > configure: error: Your version of OpenSSL is not compatible with this version of tcnative
-# see http://tomcat.10.x6.nabble.com/VOTE-Release-Apache-Tomcat-8-0-32-tp5046007p5046024.html (and following discussion)
-# and https://github.com/docker-library/tomcat/pull/31
-ENV OPENSSL_VERSION 1.1.0j-1~deb9u1
-RUN set -ex; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl; \
- currentVersion="$(dpkg-query --show --showformat '${Version}\n' openssl)"; \
- if dpkg --compare-versions "$currentVersion" '<<' "$OPENSSL_VERSION"; then \
- if ! grep -q stretch /etc/apt/sources.list; then \
-# only add stretch if we're not already building from within stretch
- { \
- echo 'deb http://deb.debian.org/debian stretch main'; \
- echo 'deb http://security.debian.org stretch/updates main'; \
- echo 'deb http://deb.debian.org/debian stretch-updates main'; \
- } > /etc/apt/sources.list.d/stretch.list; \
- { \
-# add a negative "Pin-Priority" so that we never ever get packages from stretch unless we explicitly request them
- echo 'Package: *'; \
- echo 'Pin: release n=stretch*'; \
- echo 'Pin-Priority: -10'; \
- echo; \
-# ... except OpenSSL, which is the reason we're here
- echo 'Package: openssl libssl*'; \
- echo "Pin: version $OPENSSL_VERSION"; \
- echo 'Pin-Priority: 990'; \
- } > /etc/apt/preferences.d/stretch-openssl; \
- fi; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl="$OPENSSL_VERSION"; \
- rm -rf /var/lib/apt/lists/*; \
- fi
-
-RUN apt-get update && apt-get install -y --no-install-recommends \
- libapr1 \
- && rm -rf /var/lib/apt/lists/*
-
# see https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/KEYS
# see also "update.sh" (https://github.com/docker-library/tomcat/blob/master/update.sh)
ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 61B832AC2F1C5A90F0F9B00A1C506407564C17A3 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23
@@ -95,7 +55,7 @@ RUN set -eux; \
done; \
[ -n "$success" ]; \
\
- echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \
+ echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
\
success=; \
for url in $TOMCAT_ASC_URLS; do \
@@ -126,12 +86,13 @@ RUN set -eux; \
export CATALINA_HOME="$PWD"; \
cd "$nativeBuildDir/native"; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+ aprConfig="$(which apr-1-config)"; \
./configure \
--build="$gnuArch" \
--libdir="$TOMCAT_NATIVE_LIBDIR" \
--prefix="$CATALINA_HOME" \
- --with-apr="$(which apr-1-config)" \
- --with-java-home="$(docker-java-home)" \
+ --with-apr="$aprConfig" \
+ --with-java-home="$JAVA_HOME" \
--with-ssl=yes; \
make -j "$(nproc)"; \
make install; \
@@ -141,7 +102,15 @@ RUN set -eux; \
\
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \
+ | awk '/=>/ { print $(NF-1) }' \
+ | sort -u \
+ | xargs -r dpkg-query --search \
+ | cut -d: -f1 \
+ | sort -u \
+ | xargs -r apt-mark manual \
+ ; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
diff --git a/tomcat_9/Dockerfile b/tomcat_9/Dockerfile
index 306816b..0b1975d 100644
--- a/tomcat_9/Dockerfile
+++ b/tomcat_9/Dockerfile
@@ -9,46 +9,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# runtime dependencies for Tomcat Native Libraries
-# Tomcat Native 1.2+ requires a newer version of OpenSSL than debian:jessie has available
-# > checking OpenSSL library version >= 1.0.2...
-# > configure: error: Your version of OpenSSL is not compatible with this version of tcnative
-# see http://tomcat.10.x6.nabble.com/VOTE-Release-Apache-Tomcat-8-0-32-tp5046007p5046024.html (and following discussion)
-# and https://github.com/docker-library/tomcat/pull/31
-ENV OPENSSL_VERSION 1.1.0j-1~deb9u1
-RUN set -ex; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl; \
- currentVersion="$(dpkg-query --show --showformat '${Version}\n' openssl)"; \
- if dpkg --compare-versions "$currentVersion" '<<' "$OPENSSL_VERSION"; then \
- if ! grep -q stretch /etc/apt/sources.list; then \
-# only add stretch if we're not already building from within stretch
- { \
- echo 'deb http://deb.debian.org/debian stretch main'; \
- echo 'deb http://security.debian.org stretch/updates main'; \
- echo 'deb http://deb.debian.org/debian stretch-updates main'; \
- } > /etc/apt/sources.list.d/stretch.list; \
- { \
-# add a negative "Pin-Priority" so that we never ever get packages from stretch unless we explicitly request them
- echo 'Package: *'; \
- echo 'Pin: release n=stretch*'; \
- echo 'Pin-Priority: -10'; \
- echo; \
-# ... except OpenSSL, which is the reason we're here
- echo 'Package: openssl libssl*'; \
- echo "Pin: version $OPENSSL_VERSION"; \
- echo 'Pin-Priority: 990'; \
- } > /etc/apt/preferences.d/stretch-openssl; \
- fi; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl="$OPENSSL_VERSION"; \
- rm -rf /var/lib/apt/lists/*; \
- fi
-
-RUN apt-get update && apt-get install -y --no-install-recommends \
- libapr1 \
- && rm -rf /var/lib/apt/lists/*
-
# see https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/KEYS
# see also "update.sh" (https://github.com/docker-library/tomcat/blob/master/update.sh)
ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 61B832AC2F1C5A90F0F9B00A1C506407564C17A3 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23
@@ -95,7 +55,7 @@ RUN set -eux; \
done; \
[ -n "$success" ]; \
\
- echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \
+ echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
\
success=; \
for url in $TOMCAT_ASC_URLS; do \
@@ -126,12 +86,13 @@ RUN set -eux; \
export CATALINA_HOME="$PWD"; \
cd "$nativeBuildDir/native"; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+ aprConfig="$(which apr-1-config)"; \
./configure \
--build="$gnuArch" \
--libdir="$TOMCAT_NATIVE_LIBDIR" \
--prefix="$CATALINA_HOME" \
- --with-apr="$(which apr-1-config)" \
- --with-java-home="$(docker-java-home)" \
+ --with-apr="$aprConfig" \
+ --with-java-home="$JAVA_HOME" \
--with-ssl=yes; \
make -j "$(nproc)"; \
make install; \
@@ -141,7 +102,15 @@ RUN set -eux; \
\
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \
+ | awk '/=>/ { print $(NF-1) }' \
+ | sort -u \
+ | xargs -r dpkg-query --search \
+ | cut -d: -f1 \
+ | sort -u \
+ | xargs -r apt-mark manual \
+ ; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
diff --git a/tomcat_latest/Dockerfile b/tomcat_jdk11-adoptopenjdk-hotspot/Dockerfile
similarity index 71%
copy from tomcat_latest/Dockerfile
copy to tomcat_jdk11-adoptopenjdk-hotspot/Dockerfile
index 1e1442d..b61557b 100644
--- a/tomcat_latest/Dockerfile
+++ b/tomcat_jdk11-adoptopenjdk-hotspot/Dockerfile
@@ -1,4 +1,4 @@
-FROM openjdk:8-jdk
+FROM adoptopenjdk:11-jdk-hotspot
ENV CATALINA_HOME /usr/local/tomcat
ENV PATH $CATALINA_HOME/bin:$PATH
@@ -9,46 +9,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# runtime dependencies for Tomcat Native Libraries
-# Tomcat Native 1.2+ requires a newer version of OpenSSL than debian:jessie has available
-# > checking OpenSSL library version >= 1.0.2...
-# > configure: error: Your version of OpenSSL is not compatible with this version of tcnative
-# see http://tomcat.10.x6.nabble.com/VOTE-Release-Apache-Tomcat-8-0-32-tp5046007p5046024.html (and following discussion)
-# and https://github.com/docker-library/tomcat/pull/31
-ENV OPENSSL_VERSION 1.1.0j-1~deb9u1
-RUN set -ex; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl; \
- currentVersion="$(dpkg-query --show --showformat '${Version}\n' openssl)"; \
- if dpkg --compare-versions "$currentVersion" '<<' "$OPENSSL_VERSION"; then \
- if ! grep -q stretch /etc/apt/sources.list; then \
-# only add stretch if we're not already building from within stretch
- { \
- echo 'deb http://deb.debian.org/debian stretch main'; \
- echo 'deb http://security.debian.org stretch/updates main'; \
- echo 'deb http://deb.debian.org/debian stretch-updates main'; \
- } > /etc/apt/sources.list.d/stretch.list; \
- { \
-# add a negative "Pin-Priority" so that we never ever get packages from stretch unless we explicitly request them
- echo 'Package: *'; \
- echo 'Pin: release n=stretch*'; \
- echo 'Pin-Priority: -10'; \
- echo; \
-# ... except OpenSSL, which is the reason we're here
- echo 'Package: openssl libssl*'; \
- echo "Pin: version $OPENSSL_VERSION"; \
- echo 'Pin-Priority: 990'; \
- } > /etc/apt/preferences.d/stretch-openssl; \
- fi; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl="$OPENSSL_VERSION"; \
- rm -rf /var/lib/apt/lists/*; \
- fi
-
-RUN apt-get update && apt-get install -y --no-install-recommends \
- libapr1 \
- && rm -rf /var/lib/apt/lists/*
-
# see https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/KEYS
# see also "update.sh" (https://github.com/docker-library/tomcat/blob/master/update.sh)
ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 61B832AC2F1C5A90F0F9B00A1C506407564C17A3 713DA88BE50911535FE716F5208B0AB1D63011C7 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23
@@ -95,7 +55,7 @@ RUN set -eux; \
done; \
[ -n "$success" ]; \
\
- echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \
+ echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
\
success=; \
for url in $TOMCAT_ASC_URLS; do \
@@ -126,12 +86,13 @@ RUN set -eux; \
export CATALINA_HOME="$PWD"; \
cd "$nativeBuildDir/native"; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+ aprConfig="$(which apr-1-config)"; \
./configure \
--build="$gnuArch" \
--libdir="$TOMCAT_NATIVE_LIBDIR" \
--prefix="$CATALINA_HOME" \
- --with-apr="$(which apr-1-config)" \
- --with-java-home="$(docker-java-home)" \
+ --with-apr="$aprConfig" \
+ --with-java-home="$JAVA_HOME" \
--with-ssl=yes; \
make -j "$(nproc)"; \
make install; \
@@ -141,7 +102,15 @@ RUN set -eux; \
\
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \
+ | awk '/=>/ { print $(NF-1) }' \
+ | sort -u \
+ | xargs -r dpkg-query --search \
+ | cut -d: -f1 \
+ | sort -u \
+ | xargs -r apt-mark manual \
+ ; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
diff --git a/tomcat_latest/Dockerfile b/tomcat_jdk11-adoptopenjdk-openj9/Dockerfile
similarity index 71%
copy from tomcat_latest/Dockerfile
copy to tomcat_jdk11-adoptopenjdk-openj9/Dockerfile
index 1e1442d..99c4695 100644
--- a/tomcat_latest/Dockerfile
+++ b/tomcat_jdk11-adoptopenjdk-openj9/Dockerfile
@@ -1,4 +1,4 @@
-FROM openjdk:8-jdk
+FROM adoptopenjdk:11-jdk-openj9
ENV CATALINA_HOME /usr/local/tomcat
ENV PATH $CATALINA_HOME/bin:$PATH
@@ -9,46 +9,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# runtime dependencies for Tomcat Native Libraries
-# Tomcat Native 1.2+ requires a newer version of OpenSSL than debian:jessie has available
-# > checking OpenSSL library version >= 1.0.2...
-# > configure: error: Your version of OpenSSL is not compatible with this version of tcnative
-# see http://tomcat.10.x6.nabble.com/VOTE-Release-Apache-Tomcat-8-0-32-tp5046007p5046024.html (and following discussion)
-# and https://github.com/docker-library/tomcat/pull/31
-ENV OPENSSL_VERSION 1.1.0j-1~deb9u1
-RUN set -ex; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl; \
- currentVersion="$(dpkg-query --show --showformat '${Version}\n' openssl)"; \
- if dpkg --compare-versions "$currentVersion" '<<' "$OPENSSL_VERSION"; then \
- if ! grep -q stretch /etc/apt/sources.list; then \
-# only add stretch if we're not already building from within stretch
- { \
- echo 'deb http://deb.debian.org/debian stretch main'; \
- echo 'deb http://security.debian.org stretch/updates main'; \
- echo 'deb http://deb.debian.org/debian stretch-updates main'; \
- } > /etc/apt/sources.list.d/stretch.list; \
- { \
-# add a negative "Pin-Priority" so that we never ever get packages from stretch unless we explicitly request them
- echo 'Package: *'; \
- echo 'Pin: release n=stretch*'; \
- echo 'Pin-Priority: -10'; \
- echo; \
-# ... except OpenSSL, which is the reason we're here
- echo 'Package: openssl libssl*'; \
- echo "Pin: version $OPENSSL_VERSION"; \
- echo 'Pin-Priority: 990'; \
- } > /etc/apt/preferences.d/stretch-openssl; \
- fi; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl="$OPENSSL_VERSION"; \
- rm -rf /var/lib/apt/lists/*; \
- fi
-
-RUN apt-get update && apt-get install -y --no-install-recommends \
- libapr1 \
- && rm -rf /var/lib/apt/lists/*
-
# see https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/KEYS
# see also "update.sh" (https://github.com/docker-library/tomcat/blob/master/update.sh)
ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 61B832AC2F1C5A90F0F9B00A1C506407564C17A3 713DA88BE50911535FE716F5208B0AB1D63011C7 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23
@@ -95,7 +55,7 @@ RUN set -eux; \
done; \
[ -n "$success" ]; \
\
- echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \
+ echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
\
success=; \
for url in $TOMCAT_ASC_URLS; do \
@@ -126,12 +86,13 @@ RUN set -eux; \
export CATALINA_HOME="$PWD"; \
cd "$nativeBuildDir/native"; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+ aprConfig="$(which apr-1-config)"; \
./configure \
--build="$gnuArch" \
--libdir="$TOMCAT_NATIVE_LIBDIR" \
--prefix="$CATALINA_HOME" \
- --with-apr="$(which apr-1-config)" \
- --with-java-home="$(docker-java-home)" \
+ --with-apr="$aprConfig" \
+ --with-java-home="$JAVA_HOME" \
--with-ssl=yes; \
make -j "$(nproc)"; \
make install; \
@@ -141,7 +102,15 @@ RUN set -eux; \
\
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \
+ | awk '/=>/ { print $(NF-1) }' \
+ | sort -u \
+ | xargs -r dpkg-query --search \
+ | cut -d: -f1 \
+ | sort -u \
+ | xargs -r apt-mark manual \
+ ; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
diff --git a/tomcat_jdk11-slim/Dockerfile b/tomcat_jdk11-openjdk-slim/Dockerfile
similarity index 71%
rename from tomcat_jdk11-slim/Dockerfile
rename to tomcat_jdk11-openjdk-slim/Dockerfile
index 1a6db25..3870ccc 100644
--- a/tomcat_jdk11-slim/Dockerfile
+++ b/tomcat_jdk11-openjdk-slim/Dockerfile
@@ -9,46 +9,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# runtime dependencies for Tomcat Native Libraries
-# Tomcat Native 1.2+ requires a newer version of OpenSSL than debian:jessie has available
-# > checking OpenSSL library version >= 1.0.2...
-# > configure: error: Your version of OpenSSL is not compatible with this version of tcnative
-# see http://tomcat.10.x6.nabble.com/VOTE-Release-Apache-Tomcat-8-0-32-tp5046007p5046024.html (and following discussion)
-# and https://github.com/docker-library/tomcat/pull/31
-ENV OPENSSL_VERSION 1.1.0j-1~deb9u1
-RUN set -ex; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl; \
- currentVersion="$(dpkg-query --show --showformat '${Version}\n' openssl)"; \
- if dpkg --compare-versions "$currentVersion" '<<' "$OPENSSL_VERSION"; then \
- if ! grep -q stretch /etc/apt/sources.list; then \
-# only add stretch if we're not already building from within stretch
- { \
- echo 'deb http://deb.debian.org/debian stretch main'; \
- echo 'deb http://security.debian.org stretch/updates main'; \
- echo 'deb http://deb.debian.org/debian stretch-updates main'; \
- } > /etc/apt/sources.list.d/stretch.list; \
- { \
-# add a negative "Pin-Priority" so that we never ever get packages from stretch unless we explicitly request them
- echo 'Package: *'; \
- echo 'Pin: release n=stretch*'; \
- echo 'Pin-Priority: -10'; \
- echo; \
-# ... except OpenSSL, which is the reason we're here
- echo 'Package: openssl libssl*'; \
- echo "Pin: version $OPENSSL_VERSION"; \
- echo 'Pin-Priority: 990'; \
- } > /etc/apt/preferences.d/stretch-openssl; \
- fi; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl="$OPENSSL_VERSION"; \
- rm -rf /var/lib/apt/lists/*; \
- fi
-
-RUN apt-get update && apt-get install -y --no-install-recommends \
- libapr1 \
- && rm -rf /var/lib/apt/lists/*
-
# see https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/KEYS
# see also "update.sh" (https://github.com/docker-library/tomcat/blob/master/update.sh)
ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 61B832AC2F1C5A90F0F9B00A1C506407564C17A3 713DA88BE50911535FE716F5208B0AB1D63011C7 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23
@@ -95,7 +55,7 @@ RUN set -eux; \
done; \
[ -n "$success" ]; \
\
- echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \
+ echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
\
success=; \
for url in $TOMCAT_ASC_URLS; do \
@@ -126,12 +86,13 @@ RUN set -eux; \
export CATALINA_HOME="$PWD"; \
cd "$nativeBuildDir/native"; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+ aprConfig="$(which apr-1-config)"; \
./configure \
--build="$gnuArch" \
--libdir="$TOMCAT_NATIVE_LIBDIR" \
--prefix="$CATALINA_HOME" \
- --with-apr="$(which apr-1-config)" \
- --with-java-home="$(docker-java-home)" \
+ --with-apr="$aprConfig" \
+ --with-java-home="$JAVA_HOME" \
--with-ssl=yes; \
make -j "$(nproc)"; \
make install; \
@@ -141,7 +102,15 @@ RUN set -eux; \
\
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \
+ | awk '/=>/ { print $(NF-1) }' \
+ | sort -u \
+ | xargs -r dpkg-query --search \
+ | cut -d: -f1 \
+ | sort -u \
+ | xargs -r apt-mark manual \
+ ; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
diff --git a/tomcat_jdk11/Dockerfile b/tomcat_jdk11/Dockerfile
index 29372a5..f5feef9 100644
--- a/tomcat_jdk11/Dockerfile
+++ b/tomcat_jdk11/Dockerfile
@@ -9,46 +9,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# runtime dependencies for Tomcat Native Libraries
-# Tomcat Native 1.2+ requires a newer version of OpenSSL than debian:jessie has available
-# > checking OpenSSL library version >= 1.0.2...
-# > configure: error: Your version of OpenSSL is not compatible with this version of tcnative
-# see http://tomcat.10.x6.nabble.com/VOTE-Release-Apache-Tomcat-8-0-32-tp5046007p5046024.html (and following discussion)
-# and https://github.com/docker-library/tomcat/pull/31
-ENV OPENSSL_VERSION 1.1.0j-1~deb9u1
-RUN set -ex; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl; \
- currentVersion="$(dpkg-query --show --showformat '${Version}\n' openssl)"; \
- if dpkg --compare-versions "$currentVersion" '<<' "$OPENSSL_VERSION"; then \
- if ! grep -q stretch /etc/apt/sources.list; then \
-# only add stretch if we're not already building from within stretch
- { \
- echo 'deb http://deb.debian.org/debian stretch main'; \
- echo 'deb http://security.debian.org stretch/updates main'; \
- echo 'deb http://deb.debian.org/debian stretch-updates main'; \
- } > /etc/apt/sources.list.d/stretch.list; \
- { \
-# add a negative "Pin-Priority" so that we never ever get packages from stretch unless we explicitly request them
- echo 'Package: *'; \
- echo 'Pin: release n=stretch*'; \
- echo 'Pin-Priority: -10'; \
- echo; \
-# ... except OpenSSL, which is the reason we're here
- echo 'Package: openssl libssl*'; \
- echo "Pin: version $OPENSSL_VERSION"; \
- echo 'Pin-Priority: 990'; \
- } > /etc/apt/preferences.d/stretch-openssl; \
- fi; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl="$OPENSSL_VERSION"; \
- rm -rf /var/lib/apt/lists/*; \
- fi
-
-RUN apt-get update && apt-get install -y --no-install-recommends \
- libapr1 \
- && rm -rf /var/lib/apt/lists/*
-
# see https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/KEYS
# see also "update.sh" (https://github.com/docker-library/tomcat/blob/master/update.sh)
ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 61B832AC2F1C5A90F0F9B00A1C506407564C17A3 713DA88BE50911535FE716F5208B0AB1D63011C7 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23
@@ -95,7 +55,7 @@ RUN set -eux; \
done; \
[ -n "$success" ]; \
\
- echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \
+ echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
\
success=; \
for url in $TOMCAT_ASC_URLS; do \
@@ -126,12 +86,13 @@ RUN set -eux; \
export CATALINA_HOME="$PWD"; \
cd "$nativeBuildDir/native"; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+ aprConfig="$(which apr-1-config)"; \
./configure \
--build="$gnuArch" \
--libdir="$TOMCAT_NATIVE_LIBDIR" \
--prefix="$CATALINA_HOME" \
- --with-apr="$(which apr-1-config)" \
- --with-java-home="$(docker-java-home)" \
+ --with-apr="$aprConfig" \
+ --with-java-home="$JAVA_HOME" \
--with-ssl=yes; \
make -j "$(nproc)"; \
make install; \
@@ -141,7 +102,15 @@ RUN set -eux; \
\
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \
+ | awk '/=>/ { print $(NF-1) }' \
+ | sort -u \
+ | xargs -r dpkg-query --search \
+ | cut -d: -f1 \
+ | sort -u \
+ | xargs -r apt-mark manual \
+ ; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
diff --git a/tomcat_latest/Dockerfile b/tomcat_jdk8-adoptopenjdk-hotspot/Dockerfile
similarity index 71%
copy from tomcat_latest/Dockerfile
copy to tomcat_jdk8-adoptopenjdk-hotspot/Dockerfile
index 1e1442d..c9ce9ac 100644
--- a/tomcat_latest/Dockerfile
+++ b/tomcat_jdk8-adoptopenjdk-hotspot/Dockerfile
@@ -1,4 +1,4 @@
-FROM openjdk:8-jdk
+FROM adoptopenjdk:8-jdk-hotspot
ENV CATALINA_HOME /usr/local/tomcat
ENV PATH $CATALINA_HOME/bin:$PATH
@@ -9,46 +9,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# runtime dependencies for Tomcat Native Libraries
-# Tomcat Native 1.2+ requires a newer version of OpenSSL than debian:jessie has available
-# > checking OpenSSL library version >= 1.0.2...
-# > configure: error: Your version of OpenSSL is not compatible with this version of tcnative
-# see http://tomcat.10.x6.nabble.com/VOTE-Release-Apache-Tomcat-8-0-32-tp5046007p5046024.html (and following discussion)
-# and https://github.com/docker-library/tomcat/pull/31
-ENV OPENSSL_VERSION 1.1.0j-1~deb9u1
-RUN set -ex; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl; \
- currentVersion="$(dpkg-query --show --showformat '${Version}\n' openssl)"; \
- if dpkg --compare-versions "$currentVersion" '<<' "$OPENSSL_VERSION"; then \
- if ! grep -q stretch /etc/apt/sources.list; then \
-# only add stretch if we're not already building from within stretch
- { \
- echo 'deb http://deb.debian.org/debian stretch main'; \
- echo 'deb http://security.debian.org stretch/updates main'; \
- echo 'deb http://deb.debian.org/debian stretch-updates main'; \
- } > /etc/apt/sources.list.d/stretch.list; \
- { \
-# add a negative "Pin-Priority" so that we never ever get packages from stretch unless we explicitly request them
- echo 'Package: *'; \
- echo 'Pin: release n=stretch*'; \
- echo 'Pin-Priority: -10'; \
- echo; \
-# ... except OpenSSL, which is the reason we're here
- echo 'Package: openssl libssl*'; \
- echo "Pin: version $OPENSSL_VERSION"; \
- echo 'Pin-Priority: 990'; \
- } > /etc/apt/preferences.d/stretch-openssl; \
- fi; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl="$OPENSSL_VERSION"; \
- rm -rf /var/lib/apt/lists/*; \
- fi
-
-RUN apt-get update && apt-get install -y --no-install-recommends \
- libapr1 \
- && rm -rf /var/lib/apt/lists/*
-
# see https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/KEYS
# see also "update.sh" (https://github.com/docker-library/tomcat/blob/master/update.sh)
ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 61B832AC2F1C5A90F0F9B00A1C506407564C17A3 713DA88BE50911535FE716F5208B0AB1D63011C7 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23
@@ -95,7 +55,7 @@ RUN set -eux; \
done; \
[ -n "$success" ]; \
\
- echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \
+ echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
\
success=; \
for url in $TOMCAT_ASC_URLS; do \
@@ -126,12 +86,13 @@ RUN set -eux; \
export CATALINA_HOME="$PWD"; \
cd "$nativeBuildDir/native"; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+ aprConfig="$(which apr-1-config)"; \
./configure \
--build="$gnuArch" \
--libdir="$TOMCAT_NATIVE_LIBDIR" \
--prefix="$CATALINA_HOME" \
- --with-apr="$(which apr-1-config)" \
- --with-java-home="$(docker-java-home)" \
+ --with-apr="$aprConfig" \
+ --with-java-home="$JAVA_HOME" \
--with-ssl=yes; \
make -j "$(nproc)"; \
make install; \
@@ -141,7 +102,15 @@ RUN set -eux; \
\
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \
+ | awk '/=>/ { print $(NF-1) }' \
+ | sort -u \
+ | xargs -r dpkg-query --search \
+ | cut -d: -f1 \
+ | sort -u \
+ | xargs -r apt-mark manual \
+ ; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
diff --git a/tomcat_latest/Dockerfile b/tomcat_jdk8-adoptopenjdk-openj9/Dockerfile
similarity index 71%
copy from tomcat_latest/Dockerfile
copy to tomcat_jdk8-adoptopenjdk-openj9/Dockerfile
index 1e1442d..0aa1cd6 100644
--- a/tomcat_latest/Dockerfile
+++ b/tomcat_jdk8-adoptopenjdk-openj9/Dockerfile
@@ -1,4 +1,4 @@
-FROM openjdk:8-jdk
+FROM adoptopenjdk:8-jdk-openj9
ENV CATALINA_HOME /usr/local/tomcat
ENV PATH $CATALINA_HOME/bin:$PATH
@@ -9,46 +9,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# runtime dependencies for Tomcat Native Libraries
-# Tomcat Native 1.2+ requires a newer version of OpenSSL than debian:jessie has available
-# > checking OpenSSL library version >= 1.0.2...
-# > configure: error: Your version of OpenSSL is not compatible with this version of tcnative
-# see http://tomcat.10.x6.nabble.com/VOTE-Release-Apache-Tomcat-8-0-32-tp5046007p5046024.html (and following discussion)
-# and https://github.com/docker-library/tomcat/pull/31
-ENV OPENSSL_VERSION 1.1.0j-1~deb9u1
-RUN set -ex; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl; \
- currentVersion="$(dpkg-query --show --showformat '${Version}\n' openssl)"; \
- if dpkg --compare-versions "$currentVersion" '<<' "$OPENSSL_VERSION"; then \
- if ! grep -q stretch /etc/apt/sources.list; then \
-# only add stretch if we're not already building from within stretch
- { \
- echo 'deb http://deb.debian.org/debian stretch main'; \
- echo 'deb http://security.debian.org stretch/updates main'; \
- echo 'deb http://deb.debian.org/debian stretch-updates main'; \
- } > /etc/apt/sources.list.d/stretch.list; \
- { \
-# add a negative "Pin-Priority" so that we never ever get packages from stretch unless we explicitly request them
- echo 'Package: *'; \
- echo 'Pin: release n=stretch*'; \
- echo 'Pin-Priority: -10'; \
- echo; \
-# ... except OpenSSL, which is the reason we're here
- echo 'Package: openssl libssl*'; \
- echo "Pin: version $OPENSSL_VERSION"; \
- echo 'Pin-Priority: 990'; \
- } > /etc/apt/preferences.d/stretch-openssl; \
- fi; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl="$OPENSSL_VERSION"; \
- rm -rf /var/lib/apt/lists/*; \
- fi
-
-RUN apt-get update && apt-get install -y --no-install-recommends \
- libapr1 \
- && rm -rf /var/lib/apt/lists/*
-
# see https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/KEYS
# see also "update.sh" (https://github.com/docker-library/tomcat/blob/master/update.sh)
ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 61B832AC2F1C5A90F0F9B00A1C506407564C17A3 713DA88BE50911535FE716F5208B0AB1D63011C7 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23
@@ -95,7 +55,7 @@ RUN set -eux; \
done; \
[ -n "$success" ]; \
\
- echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \
+ echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
\
success=; \
for url in $TOMCAT_ASC_URLS; do \
@@ -126,12 +86,13 @@ RUN set -eux; \
export CATALINA_HOME="$PWD"; \
cd "$nativeBuildDir/native"; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+ aprConfig="$(which apr-1-config)"; \
./configure \
--build="$gnuArch" \
--libdir="$TOMCAT_NATIVE_LIBDIR" \
--prefix="$CATALINA_HOME" \
- --with-apr="$(which apr-1-config)" \
- --with-java-home="$(docker-java-home)" \
+ --with-apr="$aprConfig" \
+ --with-java-home="$JAVA_HOME" \
--with-ssl=yes; \
make -j "$(nproc)"; \
make install; \
@@ -141,7 +102,15 @@ RUN set -eux; \
\
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \
+ | awk '/=>/ { print $(NF-1) }' \
+ | sort -u \
+ | xargs -r dpkg-query --search \
+ | cut -d: -f1 \
+ | sort -u \
+ | xargs -r apt-mark manual \
+ ; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
diff --git a/tomcat_slim/Dockerfile b/tomcat_jdk8-openjdk-slim/Dockerfile
similarity index 71%
rename from tomcat_slim/Dockerfile
rename to tomcat_jdk8-openjdk-slim/Dockerfile
index 129a4ce..d484a00 100644
--- a/tomcat_slim/Dockerfile
+++ b/tomcat_jdk8-openjdk-slim/Dockerfile
@@ -9,46 +9,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# runtime dependencies for Tomcat Native Libraries
-# Tomcat Native 1.2+ requires a newer version of OpenSSL than debian:jessie has available
-# > checking OpenSSL library version >= 1.0.2...
-# > configure: error: Your version of OpenSSL is not compatible with this version of tcnative
-# see http://tomcat.10.x6.nabble.com/VOTE-Release-Apache-Tomcat-8-0-32-tp5046007p5046024.html (and following discussion)
-# and https://github.com/docker-library/tomcat/pull/31
-ENV OPENSSL_VERSION 1.1.0j-1~deb9u1
-RUN set -ex; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl; \
- currentVersion="$(dpkg-query --show --showformat '${Version}\n' openssl)"; \
- if dpkg --compare-versions "$currentVersion" '<<' "$OPENSSL_VERSION"; then \
- if ! grep -q stretch /etc/apt/sources.list; then \
-# only add stretch if we're not already building from within stretch
- { \
- echo 'deb http://deb.debian.org/debian stretch main'; \
- echo 'deb http://security.debian.org stretch/updates main'; \
- echo 'deb http://deb.debian.org/debian stretch-updates main'; \
- } > /etc/apt/sources.list.d/stretch.list; \
- { \
-# add a negative "Pin-Priority" so that we never ever get packages from stretch unless we explicitly request them
- echo 'Package: *'; \
- echo 'Pin: release n=stretch*'; \
- echo 'Pin-Priority: -10'; \
- echo; \
-# ... except OpenSSL, which is the reason we're here
- echo 'Package: openssl libssl*'; \
- echo "Pin: version $OPENSSL_VERSION"; \
- echo 'Pin-Priority: 990'; \
- } > /etc/apt/preferences.d/stretch-openssl; \
- fi; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl="$OPENSSL_VERSION"; \
- rm -rf /var/lib/apt/lists/*; \
- fi
-
-RUN apt-get update && apt-get install -y --no-install-recommends \
- libapr1 \
- && rm -rf /var/lib/apt/lists/*
-
# see https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/KEYS
# see also "update.sh" (https://github.com/docker-library/tomcat/blob/master/update.sh)
ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 61B832AC2F1C5A90F0F9B00A1C506407564C17A3 713DA88BE50911535FE716F5208B0AB1D63011C7 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23
@@ -95,7 +55,7 @@ RUN set -eux; \
done; \
[ -n "$success" ]; \
\
- echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \
+ echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
\
success=; \
for url in $TOMCAT_ASC_URLS; do \
@@ -126,12 +86,13 @@ RUN set -eux; \
export CATALINA_HOME="$PWD"; \
cd "$nativeBuildDir/native"; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+ aprConfig="$(which apr-1-config)"; \
./configure \
--build="$gnuArch" \
--libdir="$TOMCAT_NATIVE_LIBDIR" \
--prefix="$CATALINA_HOME" \
- --with-apr="$(which apr-1-config)" \
- --with-java-home="$(docker-java-home)" \
+ --with-apr="$aprConfig" \
+ --with-java-home="$JAVA_HOME" \
--with-ssl=yes; \
make -j "$(nproc)"; \
make install; \
@@ -141,7 +102,15 @@ RUN set -eux; \
\
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \
+ | awk '/=>/ { print $(NF-1) }' \
+ | sort -u \
+ | xargs -r dpkg-query --search \
+ | cut -d: -f1 \
+ | sort -u \
+ | xargs -r apt-mark manual \
+ ; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
diff --git a/tomcat_latest/Dockerfile b/tomcat_latest/Dockerfile
index 1e1442d..fb3c3cc 100644
--- a/tomcat_latest/Dockerfile
+++ b/tomcat_latest/Dockerfile
@@ -9,46 +9,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# runtime dependencies for Tomcat Native Libraries
-# Tomcat Native 1.2+ requires a newer version of OpenSSL than debian:jessie has available
-# > checking OpenSSL library version >= 1.0.2...
-# > configure: error: Your version of OpenSSL is not compatible with this version of tcnative
-# see http://tomcat.10.x6.nabble.com/VOTE-Release-Apache-Tomcat-8-0-32-tp5046007p5046024.html (and following discussion)
-# and https://github.com/docker-library/tomcat/pull/31
-ENV OPENSSL_VERSION 1.1.0j-1~deb9u1
-RUN set -ex; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl; \
- currentVersion="$(dpkg-query --show --showformat '${Version}\n' openssl)"; \
- if dpkg --compare-versions "$currentVersion" '<<' "$OPENSSL_VERSION"; then \
- if ! grep -q stretch /etc/apt/sources.list; then \
-# only add stretch if we're not already building from within stretch
- { \
- echo 'deb http://deb.debian.org/debian stretch main'; \
- echo 'deb http://security.debian.org stretch/updates main'; \
- echo 'deb http://deb.debian.org/debian stretch-updates main'; \
- } > /etc/apt/sources.list.d/stretch.list; \
- { \
-# add a negative "Pin-Priority" so that we never ever get packages from stretch unless we explicitly request them
- echo 'Package: *'; \
- echo 'Pin: release n=stretch*'; \
- echo 'Pin-Priority: -10'; \
- echo; \
-# ... except OpenSSL, which is the reason we're here
- echo 'Package: openssl libssl*'; \
- echo "Pin: version $OPENSSL_VERSION"; \
- echo 'Pin-Priority: 990'; \
- } > /etc/apt/preferences.d/stretch-openssl; \
- fi; \
- apt-get update; \
- apt-get install -y --no-install-recommends openssl="$OPENSSL_VERSION"; \
- rm -rf /var/lib/apt/lists/*; \
- fi
-
-RUN apt-get update && apt-get install -y --no-install-recommends \
- libapr1 \
- && rm -rf /var/lib/apt/lists/*
-
# see https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/KEYS
# see also "update.sh" (https://github.com/docker-library/tomcat/blob/master/update.sh)
ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 61B832AC2F1C5A90F0F9B00A1C506407564C17A3 713DA88BE50911535FE716F5208B0AB1D63011C7 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23
@@ -95,7 +55,7 @@ RUN set -eux; \
done; \
[ -n "$success" ]; \
\
- echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \
+ echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
\
success=; \
for url in $TOMCAT_ASC_URLS; do \
@@ -126,12 +86,13 @@ RUN set -eux; \
export CATALINA_HOME="$PWD"; \
cd "$nativeBuildDir/native"; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+ aprConfig="$(which apr-1-config)"; \
./configure \
--build="$gnuArch" \
--libdir="$TOMCAT_NATIVE_LIBDIR" \
--prefix="$CATALINA_HOME" \
- --with-apr="$(which apr-1-config)" \
- --with-java-home="$(docker-java-home)" \
+ --with-apr="$aprConfig" \
+ --with-java-home="$JAVA_HOME" \
--with-ssl=yes; \
make -j "$(nproc)"; \
make install; \
@@ -141,7 +102,15 @@ RUN set -eux; \
\
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \
+ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
+ find "$TOMCAT_NATIVE_LIBDIR" -type f -executable -exec ldd '{}' ';' \
+ | awk '/=>/ { print $(NF-1) }' \
+ | sort -u \
+ | xargs -r dpkg-query --search \
+ | cut -d: -f1 \
+ | sort -u \
+ | xargs -r apt-mark manual \
+ ; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\ |
|
Build test of #6085; 6e0a90c; $ bashbrew build tomcat:9.0.21-jdk11-openjdk
Building bashbrew/cache:388bc80b4c713c540839f957ddaee99a55e30505518352146eacbbb8a77ed2b5 (tomcat:9.0.21-jdk11-openjdk)
Tagging tomcat:9.0.21-jdk11-openjdk
Tagging tomcat:9.0-jdk11-openjdk
Tagging tomcat:9-jdk11-openjdk
Tagging tomcat:9.0.21-jdk11
Tagging tomcat:9.0-jdk11
Tagging tomcat:9-jdk11
Tagging tomcat:9.0.21
Tagging tomcat:9.0
Tagging tomcat:9
$ test/run.sh tomcat:9.0.21-jdk11-openjdk
testing tomcat:9.0.21-jdk11-openjdk
'utc' [1/5]...passed
'cve-2014--shellshock' [2/5]...passed
'no-hard-coded-passwords' [3/5]...passed
'override-cmd' [4/5]...passed
'tomcat-hello-world' [5/5]....passed
$ bashbrew build tomcat:9.0.21-jdk11-openjdk-slim
Building bashbrew/cache:c22d7b578892cc3288e2cc5a3d9d9ad5f59f74e73128028d33b5c46ca353fa28 (tomcat:9.0.21-jdk11-openjdk-slim)
Tagging tomcat:9.0.21-jdk11-openjdk-slim
Tagging tomcat:9.0-jdk11-openjdk-slim
Tagging tomcat:9-jdk11-openjdk-slim
$ test/run.sh tomcat:9.0.21-jdk11-openjdk-slim
testing tomcat:9.0.21-jdk11-openjdk-slim
'utc' [1/5]...passed
'cve-2014--shellshock' [2/5]...passed
'no-hard-coded-passwords' [3/5]...passed
'override-cmd' [4/5]...passed
'tomcat-hello-world' [5/5]....passed
$ bashbrew build tomcat:9.0.21-jdk11-adoptopenjdk-hotspot
Building bashbrew/cache:984b973482efd59f0cd9d6da41aa323244308816e61fc3f304295db07d9c5ab5 (tomcat:9.0.21-jdk11-adoptopenjdk-hotspot)
Tagging tomcat:9.0.21-jdk11-adoptopenjdk-hotspot
Tagging tomcat:9.0-jdk11-adoptopenjdk-hotspot
Tagging tomcat:9-jdk11-adoptopenjdk-hotspot
$ test/run.sh tomcat:9.0.21-jdk11-adoptopenjdk-hotspot
testing tomcat:9.0.21-jdk11-adoptopenjdk-hotspot
'utc' [1/5]...passed
'cve-2014--shellshock' [2/5]...passed
'no-hard-coded-passwords' [3/5]...passed
'override-cmd' [4/5]...passed
'tomcat-hello-world' [5/5]....passed
$ bashbrew build tomcat:9.0.21-jdk11-adoptopenjdk-openj9
Building bashbrew/cache:cb3bccd8734f0017e02c0554b23fdec6b95e1bd7ce2479306b1dfde3e7995dbd (tomcat:9.0.21-jdk11-adoptopenjdk-openj9)
Tagging tomcat:9.0.21-jdk11-adoptopenjdk-openj9
Tagging tomcat:9.0-jdk11-adoptopenjdk-openj9
Tagging tomcat:9-jdk11-adoptopenjdk-openj9
$ test/run.sh tomcat:9.0.21-jdk11-adoptopenjdk-openj9
testing tomcat:9.0.21-jdk11-adoptopenjdk-openj9
'utc' [1/5]...passed
'cve-2014--shellshock' [2/5]...passed
'no-hard-coded-passwords' [3/5]...passed
'override-cmd' [4/5]...passed
'tomcat-hello-world' [5/5]....passed
$ bashbrew build tomcat:9.0.21-jdk8-openjdk
Building bashbrew/cache:d6ea00cdc5c1820913cde504e68ed47f53bcdcfc0b394f4db67755b9913ba263 (tomcat:9.0.21-jdk8-openjdk)
Tagging tomcat:9.0.21-jdk8-openjdk
Tagging tomcat:9.0-jdk8-openjdk
Tagging tomcat:9-jdk8-openjdk
Tagging tomcat:9.0.21-jdk8
Tagging tomcat:9.0-jdk8
Tagging tomcat:9-jdk8
$ test/run.sh tomcat:9.0.21-jdk8-openjdk
testing tomcat:9.0.21-jdk8-openjdk
'utc' [1/5]...passed
'cve-2014--shellshock' [2/5]...passed
'no-hard-coded-passwords' [3/5]...passed
'override-cmd' [4/5]...passed
'tomcat-hello-world' [5/5]....passed
$ bashbrew build tomcat:9.0.21-jdk8-openjdk-slim
Building bashbrew/cache:21b2396cd04512f3523b36cd1c2b383a2d07d5451a8a57bad197c59fc8f85f57 (tomcat:9.0.21-jdk8-openjdk-slim)
Tagging tomcat:9.0.21-jdk8-openjdk-slim
Tagging tomcat:9.0-jdk8-openjdk-slim
Tagging tomcat:9-jdk8-openjdk-slim
$ test/run.sh tomcat:9.0.21-jdk8-openjdk-slim
testing tomcat:9.0.21-jdk8-openjdk-slim
'utc' [1/5]...passed
'cve-2014--shellshock' [2/5]...passed
'no-hard-coded-passwords' [3/5]...passed
'override-cmd' [4/5]...passed
'tomcat-hello-world' [5/5]....passed
$ bashbrew build tomcat:9.0.21-jdk8-adoptopenjdk-hotspot
Building bashbrew/cache:8e43b227a6a68ae6e18f8b25d05cb701cd7e26dafe0c0a82eba25a3521b9fc4e (tomcat:9.0.21-jdk8-adoptopenjdk-hotspot)
Tagging tomcat:9.0.21-jdk8-adoptopenjdk-hotspot
Tagging tomcat:9.0-jdk8-adoptopenjdk-hotspot
Tagging tomcat:9-jdk8-adoptopenjdk-hotspot
$ test/run.sh tomcat:9.0.21-jdk8-adoptopenjdk-hotspot
testing tomcat:9.0.21-jdk8-adoptopenjdk-hotspot
'utc' [1/5]...passed
'cve-2014--shellshock' [2/5]...passed
'no-hard-coded-passwords' [3/5]...passed
'override-cmd' [4/5]...passed
'tomcat-hello-world' [5/5]....passed
$ bashbrew build tomcat:9.0.21-jdk8-adoptopenjdk-openj9
Building bashbrew/cache:874553889256b4ecb57e249937819b08c37a8640a5524d47c512bab821acc17b (tomcat:9.0.21-jdk8-adoptopenjdk-openj9)
Tagging tomcat:9.0.21-jdk8-adoptopenjdk-openj9
Tagging tomcat:9.0-jdk8-adoptopenjdk-openj9
Tagging tomcat:9-jdk8-adoptopenjdk-openj9
$ test/run.sh tomcat:9.0.21-jdk8-adoptopenjdk-openj9
testing tomcat:9.0.21-jdk8-adoptopenjdk-openj9
'utc' [1/5]...passed
'cve-2014--shellshock' [2/5]...passed
'no-hard-coded-passwords' [3/5]...passed
'override-cmd' [4/5]...passed
'tomcat-hello-world' [5/5]....passed
$ bashbrew build tomcat:8.5.42-jdk11-openjdk
Building bashbrew/cache:8750f88ed7bfa714aea0b8780923d84cb5d98b057990c137b704bfcf5d787fa1 (tomcat:8.5.42-jdk11-openjdk)
Tagging tomcat:8.5.42-jdk11-openjdk
Tagging tomcat:8.5-jdk11-openjdk
Tagging tomcat:8-jdk11-openjdk
Tagging tomcat:jdk11-openjdk
Tagging tomcat:8.5.42-jdk11
Tagging tomcat:8.5-jdk11
Tagging tomcat:8-jdk11
Tagging tomcat:jdk11
$ test/run.sh tomcat:8.5.42-jdk11-openjdk
testing tomcat:8.5.42-jdk11-openjdk
'utc' [1/5]...passed
'cve-2014--shellshock' [2/5]...passed
'no-hard-coded-passwords' [3/5]...passed
'override-cmd' [4/5]...passed
'tomcat-hello-world' [5/5]....passed
$ bashbrew build tomcat:8.5.42-jdk11-openjdk-slim
Building bashbrew/cache:ffc7dc918f8e1bd99edab8c8196bb13e46c22fcb3478c40a5480bc8b622d8792 (tomcat:8.5.42-jdk11-openjdk-slim)
Tagging tomcat:8.5.42-jdk11-openjdk-slim
Tagging tomcat:8.5-jdk11-openjdk-slim
Tagging tomcat:8-jdk11-openjdk-slim
Tagging tomcat:jdk11-openjdk-slim
$ test/run.sh tomcat:8.5.42-jdk11-openjdk-slim
testing tomcat:8.5.42-jdk11-openjdk-slim
'utc' [1/5]...passed
'cve-2014--shellshock' [2/5]...passed
'no-hard-coded-passwords' [3/5]...passed
'override-cmd' [4/5]...passed
'tomcat-hello-world' [5/5]....passed
$ bashbrew build tomcat:8.5.42-jdk11-adoptopenjdk-hotspot
Building bashbrew/cache:ad5e04d8381e94a77187b0b4c7800d109ca78b0e49f94624cff592f4c55173f6 (tomcat:8.5.42-jdk11-adoptopenjdk-hotspot)
Tagging tomcat:8.5.42-jdk11-adoptopenjdk-hotspot
Tagging tomcat:8.5-jdk11-adoptopenjdk-hotspot
Tagging tomcat:8-jdk11-adoptopenjdk-hotspot
Tagging tomcat:jdk11-adoptopenjdk-hotspot
$ test/run.sh tomcat:8.5.42-jdk11-adoptopenjdk-hotspot
testing tomcat:8.5.42-jdk11-adoptopenjdk-hotspot
'utc' [1/5]...passed
'cve-2014--shellshock' [2/5]...passed
'no-hard-coded-passwords' [3/5]...passed
'override-cmd' [4/5]...passed
'tomcat-hello-world' [5/5]....passed
$ bashbrew build tomcat:8.5.42-jdk11-adoptopenjdk-openj9
Building bashbrew/cache:42a72e71d1a88a506036eaa721a64c39702829fcce92864b703841dae5cad1e9 (tomcat:8.5.42-jdk11-adoptopenjdk-openj9)
Tagging tomcat:8.5.42-jdk11-adoptopenjdk-openj9
Tagging tomcat:8.5-jdk11-adoptopenjdk-openj9
Tagging tomcat:8-jdk11-adoptopenjdk-openj9
Tagging tomcat:jdk11-adoptopenjdk-openj9
$ test/run.sh tomcat:8.5.42-jdk11-adoptopenjdk-openj9
testing tomcat:8.5.42-jdk11-adoptopenjdk-openj9
'utc' [1/5]...passed
'cve-2014--shellshock' [2/5]...passed
'no-hard-coded-passwords' [3/5]...passed
'override-cmd' [4/5]...passed
'tomcat-hello-world' [5/5]....passed
$ bashbrew build tomcat:8.5.42-jdk8-openjdk
Building bashbrew/cache:b27e67a2c6b6fab6352942faebfbfbfe4a5da800585df1353feecad43d69df6f (tomcat:8.5.42-jdk8-openjdk)
Tagging tomcat:8.5.42-jdk8-openjdk
Tagging tomcat:8.5-jdk8-openjdk
Tagging tomcat:8-jdk8-openjdk
Tagging tomcat:jdk8-openjdk
Tagging tomcat:8.5.42-jdk8
Tagging tomcat:8.5-jdk8
Tagging tomcat:8-jdk8
Tagging tomcat:jdk8
Tagging tomcat:8.5.42
Tagging tomcat:8.5
Tagging tomcat:8
Tagging tomcat:latest
$ test/run.sh tomcat:8.5.42-jdk8-openjdk
testing tomcat:8.5.42-jdk8-openjdk
'utc' [1/5]...passed
'cve-2014--shellshock' [2/5]...passed
'no-hard-coded-passwords' [3/5]...passed
'override-cmd' [4/5]...passed
'tomcat-hello-world' [5/5]....passed
$ bashbrew build tomcat:8.5.42-jdk8-openjdk-slim
Building bashbrew/cache:94c4cc983663eda1a68e290d17243861eec015ee3ea4baa4582c2eec5071350a (tomcat:8.5.42-jdk8-openjdk-slim)
Tagging tomcat:8.5.42-jdk8-openjdk-slim
Tagging tomcat:8.5-jdk8-openjdk-slim
Tagging tomcat:8-jdk8-openjdk-slim
Tagging tomcat:jdk8-openjdk-slim
$ test/run.sh tomcat:8.5.42-jdk8-openjdk-slim
testing tomcat:8.5.42-jdk8-openjdk-slim
'utc' [1/5]...passed
'cve-2014--shellshock' [2/5]...passed
'no-hard-coded-passwords' [3/5]...passed
'override-cmd' [4/5]...passed
'tomcat-hello-world' [5/5]....passed
$ bashbrew build tomcat:8.5.42-jdk8-adoptopenjdk-hotspot
Building bashbrew/cache:29622a940287c1b6430430ce47e8fa7859ce4641ef6bb6b7e8b2d15bb49196d8 (tomcat:8.5.42-jdk8-adoptopenjdk-hotspot)
Tagging tomcat:8.5.42-jdk8-adoptopenjdk-hotspot
Tagging tomcat:8.5-jdk8-adoptopenjdk-hotspot
Tagging tomcat:8-jdk8-adoptopenjdk-hotspot
Tagging tomcat:jdk8-adoptopenjdk-hotspot
$ test/run.sh tomcat:8.5.42-jdk8-adoptopenjdk-hotspot
testing tomcat:8.5.42-jdk8-adoptopenjdk-hotspot
'utc' [1/5]...passed
'cve-2014--shellshock' [2/5]...passed
'no-hard-coded-passwords' [3/5]...passed
'override-cmd' [4/5]...passed
'tomcat-hello-world' [5/5]....passed
$ bashbrew build tomcat:8.5.42-jdk8-adoptopenjdk-openj9
Building bashbrew/cache:be95a85eb41f7f8a40661a9d8e09b6a54d56d115b820d2ab19251bbef3257a9e (tomcat:8.5.42-jdk8-adoptopenjdk-openj9)
Tagging tomcat:8.5.42-jdk8-adoptopenjdk-openj9
Tagging tomcat:8.5-jdk8-adoptopenjdk-openj9
Tagging tomcat:8-jdk8-adoptopenjdk-openj9
Tagging tomcat:jdk8-adoptopenjdk-openj9
$ test/run.sh tomcat:8.5.42-jdk8-adoptopenjdk-openj9
testing tomcat:8.5.42-jdk8-adoptopenjdk-openj9
'utc' [1/5]...passed
'cve-2014--shellshock' [2/5]...passed
'no-hard-coded-passwords' [3/5]...passed
'override-cmd' [4/5]...passed
'tomcat-hello-world' [5/5]....passed
$ bashbrew build tomcat:7.0.94-jdk8-openjdk
Building bashbrew/cache:209c982142895058e93457dab0755c06c76a1861064428029779450a0a91871f (tomcat:7.0.94-jdk8-openjdk)
Tagging tomcat:7.0.94-jdk8-openjdk
Tagging tomcat:7.0-jdk8-openjdk
Tagging tomcat:7-jdk8-openjdk
Tagging tomcat:7.0.94-jdk8
Tagging tomcat:7.0-jdk8
Tagging tomcat:7-jdk8
Tagging tomcat:7.0.94
Tagging tomcat:7.0
Tagging tomcat:7
$ test/run.sh tomcat:7.0.94-jdk8-openjdk
testing tomcat:7.0.94-jdk8-openjdk
'utc' [1/5]...passed
'cve-2014--shellshock' [2/5]...passed
'no-hard-coded-passwords' [3/5]...passed
'override-cmd' [4/5]...passed
'tomcat-hello-world' [5/5]....passed
$ bashbrew build tomcat:7.0.94-jdk8-openjdk-slim
Building bashbrew/cache:39c817292fc93a1d9c515090a643dfb89e6af95a13f1a0222a7903c5cb8ebacb (tomcat:7.0.94-jdk8-openjdk-slim)
Tagging tomcat:7.0.94-jdk8-openjdk-slim
Tagging tomcat:7.0-jdk8-openjdk-slim
Tagging tomcat:7-jdk8-openjdk-slim
$ test/run.sh tomcat:7.0.94-jdk8-openjdk-slim
testing tomcat:7.0.94-jdk8-openjdk-slim
'utc' [1/5]...passed
'cve-2014--shellshock' [2/5]...passed
'no-hard-coded-passwords' [3/5]...passed
'override-cmd' [4/5]...passed
'tomcat-hello-world' [5/5]....passed
$ bashbrew build tomcat:7.0.94-jdk8-adoptopenjdk-hotspot
Building bashbrew/cache:63834694626b8246da7f30ac80d53e7c66bc5e3a372f362a56a476636bd360b6 (tomcat:7.0.94-jdk8-adoptopenjdk-hotspot)
Tagging tomcat:7.0.94-jdk8-adoptopenjdk-hotspot
Tagging tomcat:7.0-jdk8-adoptopenjdk-hotspot
Tagging tomcat:7-jdk8-adoptopenjdk-hotspot
$ test/run.sh tomcat:7.0.94-jdk8-adoptopenjdk-hotspot
testing tomcat:7.0.94-jdk8-adoptopenjdk-hotspot
'utc' [1/5]...passed
'cve-2014--shellshock' [2/5]...passed
'no-hard-coded-passwords' [3/5]...passed
'override-cmd' [4/5]...passed
'tomcat-hello-world' [5/5]....passed
$ bashbrew build tomcat:7.0.94-jdk8-adoptopenjdk-openj9
Building bashbrew/cache:e43188ffea74794bed1ab11ad479de1d1a2d5a09904f158c46819671d802d6a2 (tomcat:7.0.94-jdk8-adoptopenjdk-openj9)
Tagging tomcat:7.0.94-jdk8-adoptopenjdk-openj9
Tagging tomcat:7.0-jdk8-adoptopenjdk-openj9
Tagging tomcat:7-jdk8-adoptopenjdk-openj9
$ test/run.sh tomcat:7.0.94-jdk8-adoptopenjdk-openj9
testing tomcat:7.0.94-jdk8-adoptopenjdk-openj9
'utc' [1/5]...passed
'cve-2014--shellshock' [2/5]...passed
'no-hard-coded-passwords' [3/5]...passed
'override-cmd' [4/5]...passed
'tomcat-hello-world' [5/5]....passed
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Changes: