From 0b2a9f7b51949ad0f5d0937214d9bcb9591837e3 Mon Sep 17 00:00:00 2001 From: Dmitrii Zolotukhin Date: Mon, 2 May 2022 15:58:50 +0200 Subject: [PATCH 1/4] DES-3866 Upgrade to CF Buildpack v4.28.4. --- Dockerfile | 2 +- README.md | 2 +- cf-buildpack.version | 2 +- docker-buildpack.version | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 446b9e33..5f2fd8d5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -13,7 +13,7 @@ FROM ${BUILDER_ROOTFS_IMAGE} AS builder ARG BUILD_PATH=project ARG DD_API_KEY # CF buildpack version -ARG CF_BUILDPACK=v4.24.0 +ARG CF_BUILDPACK=v4.28.4 # CF buildpack download URL ARG CF_BUILDPACK_URL=https://github.com/mendix/cf-mendix-buildpack/releases/download/${CF_BUILDPACK}/cf-mendix-buildpack.zip diff --git a/README.md b/README.md index 0af211bb..e5a1d0ff 100644 --- a/README.md +++ b/README.md @@ -57,7 +57,7 @@ For build you can provide next arguments: - **BUILD_PATH** indicates where the application model is located. It is a root directory of an unzipped .MDA or .MPK file. In the latter case, this is the directory where your .MPR file is located. Must be within [build context](https://docs.docker.com/engine/reference/commandline/build/#extended-description). Defaults to `./project`. - **ROOTFS_IMAGE** is a type of rootfs image. Defaults to `mendix/rootfs:ubi8` (Red Hat Universal Base Image 8). To use Ubuntu 18.04, change this to `mendix/rootfs:bionic`. It's also possible to use a custom rootfs image as described in [Advanced feature: full-build](#advanced-feature-full-build). - **BUILDER_ROOTFS_IMAGE** is a type of rootfs image used for downloading the Mendix app dependencies and compiling the Mendix app from source. Defaults to `mendix/rootfs:bionic`. It's also possible to use a custom rootfs image as described in [Advanced feature: full-build](#advanced-feature-full-build). -- **CF_BUILDPACK** is a version of CloudFoundry buildpack. Defaults to `v4.24.0`. For stable pipelines, it's recommended to use a fixed version from **v4.24.0** and later. CloudFoundry buildpack versions below **v4.24.0** are not supported. +- **CF_BUILDPACK** is a version of CloudFoundry buildpack. Defaults to `v4.28.4`. For stable pipelines, it's recommended to use a fixed version from **v4.28.4** and later. CloudFoundry buildpack versions below **v4.28.4** are not supported. - **EXCLUDE_LOGFILTER** will exclude the `mendix-logfilter` binary from the resulting Docker image if set to `true`. Defaults to `true`. Excluding `mendix-logfilter` will reduce the image size and remove a component that's not commonly used; the `LOG_RATELIMIT` environment variable option will be disabled. - **UNINSTALL_BUILD_DEPENDENCIES** will uninstall packages which are not needed to launch an app, and are only used during the build phase. Defaults to `true`. This option will remove several libraries which are known to have unpatched CVE vulnerabilities. - **CF_BUILDPACK_URL** specifies the URL where the CF buildpack should be downloaded from (for example, a local mirror). Defaults to `https://github.com/mendix/cf-mendix-buildpack/releases/download/${CF_BUILDPACK}/cf-mendix-buildpack.zip`. Specifying **CF_BUILDPACK_URL** will override the version from **CF_BUILDPACK**. diff --git a/cf-buildpack.version b/cf-buildpack.version index 099e8694..9a985647 100644 --- a/cf-buildpack.version +++ b/cf-buildpack.version @@ -1 +1 @@ -v4.24.0 \ No newline at end of file +v4.28.4 \ No newline at end of file diff --git a/docker-buildpack.version b/docker-buildpack.version index 4d0729e5..684a941c 100644 --- a/docker-buildpack.version +++ b/docker-buildpack.version @@ -1 +1 @@ -v3.5.0 \ No newline at end of file +v3.5.1 \ No newline at end of file From 1ef63f40a67d124f09c23dab9ed12599ba969d25 Mon Sep 17 00:00:00 2001 From: Dmitrii Zolotukhin Date: Mon, 2 May 2022 16:46:57 +0200 Subject: [PATCH 2/4] DES-3866 Workaround for CF Buildpack DEPS_DIR. --- Dockerfile | 4 ++-- scripts/compilation | 4 +++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 5f2fd8d5..943bd92b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -67,10 +67,10 @@ ENV NGINX_CUSTOM_BIN_PATH=/usr/sbin/nginx # 6. Create symlink for java prefs used by CF buildpack # 7. Update ownership of /opt/mendix so that the app can run as a non-root user # 8. Update permissions of /opt/mendix so that the app can run as a non-root user -RUN mkdir -p /tmp/buildcache /var/mendix/build /var/mendix/build/.local &&\ +RUN mkdir -p /tmp/buildcache /tmp/cf-deps /var/mendix/build /var/mendix/build/.local &&\ chmod +rx /opt/mendix/buildpack/compilation /opt/mendix/buildpack/git /opt/mendix/buildpack/buildpack/stage.py &&\ cd /opt/mendix/buildpack &&\ - ./compilation /opt/mendix/build /tmp/buildcache &&\ + ./compilation /opt/mendix/build /tmp/buildcache /tmp/cf-deps 0 &&\ rm -fr /tmp/buildcache /tmp/javasdk /tmp/opt /tmp/downloads /opt/mendix/buildpack/compilation /opt/mendix/buildpack/git &&\ ln -s /opt/mendix/.java /opt/mendix/build &&\ chown -R ${USER_UID}:0 /opt/mendix /var/mendix &&\ diff --git a/scripts/compilation b/scripts/compilation index 0a6b27c9..c9eb7474 100755 --- a/scripts/compilation +++ b/scripts/compilation @@ -12,6 +12,8 @@ from buildpack.stage import DOT_LOCAL_LOCATION BUILD_PATH = sys.argv[1] CACHE_PATH = sys.argv[2] +DEPS_DIR = sys.argv[3] +DEPS_IDX = sys.argv[4] logging.basicConfig( level=logging.INFO, @@ -35,7 +37,7 @@ def export_vcap_services(): def call_buildpack_compilation(): logging.debug("Executing call_buildpack_compilation...") - return subprocess.check_call(["/opt/mendix/buildpack/buildpack/stage.py", BUILD_PATH, CACHE_PATH]) + return subprocess.check_call(["/opt/mendix/buildpack/buildpack/stage.py", BUILD_PATH, CACHE_PATH, DEPS_DIR, DEPS_IDX]) def fix_logfilter(): exclude_logfilter = os.getenv("EXCLUDE_LOGFILTER", "true").lower() == "true" From f711f3a67a859d019231966018685cd67cd33f7d Mon Sep 17 00:00:00 2001 From: Dmitrii Zolotukhin Date: Mon, 2 May 2022 17:04:06 +0200 Subject: [PATCH 3/4] Made the readme more accurate. --- README.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/README.md b/README.md index e5a1d0ff..976e2e89 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ ![Test status](https://github.com/mendix/docker-mendix-buildpack/workflows/Test/badge.svg) -The Mendix Buildpack for Docker (aka docker-mendix-buildpack) provides a standard way to build and run your Mendix Application in a [Docker](https://www.docker.com/) container. +The Mendix Buildpack for Docker (aka docker-mendix-buildpack) is an example project you can use to build and run your Mendix Application in a [Docker](https://www.docker.com/) container. ## Try a sample mendix application @@ -188,8 +188,6 @@ environment: MIIGejCCBGKgAwIBAgIJANuKwREDEb4sM.... ``` -Requested a test scenario from Jouke and Xiwen, meanwhile will update docker-buildpack documentation. - ### Configuring Custom Runtime Settings To configure any of the advanced [Custom Runtime Settings](https://world.mendix.com/display/refguide6/Custom+Settings) you can use setting name prefixed with `MXRUNTIME_` as an environment variable. From 44a57952cfbd65ce0e78aa7adb6a26c43840331b Mon Sep 17 00:00:00 2001 From: Dmitrii Zolotukhin Date: Mon, 2 May 2022 19:04:01 +0200 Subject: [PATCH 4/4] DES-3866 Bumped NGINX version to 1.20. --- Dockerfile.rootfs.ubi8 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.rootfs.ubi8 b/Dockerfile.rootfs.ubi8 index 9fbd64a9..6400434b 100644 --- a/Dockerfile.rootfs.ubi8 +++ b/Dockerfile.rootfs.ubi8 @@ -12,7 +12,7 @@ ENV LC_ALL C.UTF-8 # install dependencies & remove package lists # doesn't include libpq5 python3-distutils libgdiplus RUN microdnf update -y && \ - microdnf module enable nginx:1.18 -y && \ + microdnf module enable nginx:1.20 -y && \ microdnf install -y wget curl glibc-langpack-en python3 openssl tar gzip unzip nginx nginx-mod-stream binutils fontconfig && \ microdnf clean all && rm -rf /var/cache/yum