From c6f54f0157388cc25c384b3d9f66e391c0febe53 Mon Sep 17 00:00:00 2001 From: Dave Cridland Date: Tue, 13 Aug 2024 17:20:23 +0100 Subject: [PATCH 01/14] Improvements to Docker file This changes the Dockerfile quite radically, so that Openfire is built within Docker rather than outside of it. This should simplify building the image, and also make the results more repeatable. In order to maximize the use of the cache while keeping the image size under control, this uses three stages. The first stage locates and extracts all the POM files and any JAR files. This stage will be re-run on any change, but it short. The second stage takes the output of the first stage and gathers dependencies. These will be cached, unless the output of the first stage (ie, the dependency information) changes. Then it copies in the full source, and builds it. Finally, the runtime container is setup much as it was before, except that the runtime files are copied from the build stage rather than the filesystem directly. The result is that a repeat build of the docker image now takes about two minutes, but can trivially be done on any docker platform (even without Java installed locally). Notes: * The build stage should be able to run the `mvn package` in offline mode, but maven (being maven) wants to download more during this stage. * The `.dockerignore` file has of course been changed, but someone who understands Java better than I might well improve it further. --- .dockerignore | 12 +++++------- Dockerfile | 39 +++++++++++++++++++++++++++++++++++---- 2 files changed, 40 insertions(+), 11 deletions(-) diff --git a/.dockerignore b/.dockerignore index 7cb38c0561..0f228722dc 100644 --- a/.dockerignore +++ b/.dockerignore @@ -10,13 +10,10 @@ Dockerfile build !build/docker -distribution -!distribution/target/distribution-base documentation -i18n -plugins -starter -xmppserver + +# Any intermediate build stuff. +**/target # Deeper stuff **/.DS_Store @@ -25,4 +22,5 @@ xmppserver **/.idea **/.project **/.settings -**/*.iml \ No newline at end of file +**/*.iml +**/*.class diff --git a/Dockerfile b/Dockerfile index 12b900f704..11919779e8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,3 +1,35 @@ +# This stage extracts all the pom.xml files. +# It'll get rebuilt with any source change, but that's OK. +FROM openjdk:11-jdk AS poms +WORKDIR /usr/src +COPY . . +# Wipe any files not called pom.xml or *.jar +RUN find . -type f -and \! -name pom.xml -and \! -name '*.jar' -delete +# Clear up any (now) empty diretories +RUN find . -type d -empty -delete +# Just for debug: +RUN find + +# Now we build: +FROM openjdk:11-jdk AS build +# Set up Maven. No need to clean caches, this doesn't end up in the runtime container +RUN apt-get update -qq +RUN apt-get install -qqy maven +WORKDIR /tmp/ +RUN mkdir /tmp/m2_home +ENV M2_HOME=/tmp/m2_home +WORKDIR /usr/src + +# First, copy in just the pom.xml files and fetch the dependencies: +COPY --from=poms /usr/src/ . +RUN mvn -e -B dependency:go-offline +# Above here is only affected by the pom.xml files, so the cache is stable. + +# Now, copy in all the source, and actually build it, skipping the tests. +COPY . . +RUN mvn -e -B package -Dmaven.test.skip + +# Final stage, build the runtime container: FROM openjdk:11-jre ENV OPENFIRE_USER=openfire \ @@ -10,10 +42,8 @@ RUN apt-get update -qq \ && adduser --disabled-password --quiet --system --home $OPENFIRE_DATA_DIR --gecos "Openfire XMPP server" --group $OPENFIRE_USER \ && rm -rf /var/lib/apt/lists/* -COPY ./build/docker/entrypoint.sh /sbin/entrypoint.sh -RUN chmod 755 /sbin/entrypoint.sh - -COPY --chown=openfire:openfire ./distribution/target/distribution-base /usr/local/openfire +COPY --chmod=0755 --from=build /usr/src/build/docker/entrypoint.sh /sbin/entrypoint.sh +COPY --chown=openfire:openfire --from=build /usr/src/distribution/target/distribution-base /usr/local/openfire RUN mv ${OPENFIRE_DIR}/conf ${OPENFIRE_DIR}/conf_org \ && mv ${OPENFIRE_DIR}/plugins ${OPENFIRE_DIR}/plugins_org \ && mv ${OPENFIRE_DIR}/resources/security ${OPENFIRE_DIR}/resources/security_org @@ -23,4 +53,5 @@ WORKDIR /usr/local/openfire EXPOSE 3478 3479 5005 5222 5223 5229 5262 5263 5275 5276 7070 7443 7777 9090 9091 VOLUME ["${OPENFIRE_DATA_DIR}"] +VOLUME ["${OPENFIRE_LOG_DIR}"] ENTRYPOINT [ "/sbin/entrypoint.sh" ] From d56022f1aa887ab6e627fb72958eb250c4ad5716 Mon Sep 17 00:00:00 2001 From: Dave Cridland Date: Sun, 25 Aug 2024 12:25:48 +0100 Subject: [PATCH 02/14] Better caching, use mvnw --- Dockerfile | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/Dockerfile b/Dockerfile index 11919779e8..8d9ec6f658 100644 --- a/Dockerfile +++ b/Dockerfile @@ -7,27 +7,33 @@ COPY . . RUN find . -type f -and \! -name pom.xml -and \! -name '*.jar' -delete # Clear up any (now) empty diretories RUN find . -type d -empty -delete -# Just for debug: -RUN find # Now we build: FROM openjdk:11-jdk AS build -# Set up Maven. No need to clean caches, this doesn't end up in the runtime container -RUN apt-get update -qq -RUN apt-get install -qqy maven WORKDIR /tmp/ RUN mkdir /tmp/m2_home ENV M2_HOME=/tmp/m2_home WORKDIR /usr/src +COPY mvnw . +RUN chmod +x mvnw +RUN /bin/sh -c 'echo Yes' +RUN ls -l ./mvnw +RUN ls -l /bin/sh +RUN /bin/bash -x /usr/src/mvnw # First, copy in just the pom.xml files and fetch the dependencies: COPY --from=poms /usr/src/ . -RUN mvn -e -B dependency:go-offline +RUN ./mvnw -e -B help:evaluate -Dexpression=project.modules -Doutput=/tmp/projects.xml +RUN cat /tmp/projects.xml| grep '' | sed -e 's/^.*string>\(.*\)<\/string.*$/\1/g' >/tmp/projects.txt +RUN ./mvnw -pl plugins -e -B help:evaluate -Dexpression=project.modules -Doutput=/tmp/projects.xml +RUN cat /tmp/projects.xml| grep '' | sed -e 's/^.*string>\(.*\)<\/string.*$/plugins\/\1/g' >>/tmp/projects.txt +RUN for project in $(cat /tmp/projects.txt); do ./mvnw -pl $project -e -B dependency:go-offline; done +RUN ./mvnw -e -B dependency:go-offline # Above here is only affected by the pom.xml files, so the cache is stable. # Now, copy in all the source, and actually build it, skipping the tests. COPY . . -RUN mvn -e -B package -Dmaven.test.skip +RUN ./mvnw -e -B package -Dmaven.test.skip # Final stage, build the runtime container: FROM openjdk:11-jre From ac64556df9f4abbc9479bf77cfe00c483406801b Mon Sep 17 00:00:00 2001 From: Dave Cridland Date: Sun, 25 Aug 2024 13:09:36 +0100 Subject: [PATCH 03/14] Get mvnw working --- .dockerignore | 4 ++++ Dockerfile | 8 +++----- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/.dockerignore b/.dockerignore index 0f228722dc..947bad9e1c 100644 --- a/.dockerignore +++ b/.dockerignore @@ -24,3 +24,7 @@ documentation **/.settings **/*.iml **/*.class + +# Make sure mvn stuff is present though. +!.mvn/wrapper +!.mvn/wrapper/maven-wrapper.properties diff --git a/Dockerfile b/Dockerfile index 8d9ec6f658..3392e4b725 100644 --- a/Dockerfile +++ b/Dockerfile @@ -14,12 +14,10 @@ WORKDIR /tmp/ RUN mkdir /tmp/m2_home ENV M2_HOME=/tmp/m2_home WORKDIR /usr/src -COPY mvnw . +COPY mvnw ./ RUN chmod +x mvnw -RUN /bin/sh -c 'echo Yes' -RUN ls -l ./mvnw -RUN ls -l /bin/sh -RUN /bin/bash -x /usr/src/mvnw +RUN mkdir -p .mvn +COPY .mvn/wrapper .mvn/wrapper # First, copy in just the pom.xml files and fetch the dependencies: COPY --from=poms /usr/src/ . From 56d84cea4886653679a1dfc8028e6cba8a81ab11 Mon Sep 17 00:00:00 2001 From: Dave Cridland Date: Sun, 25 Aug 2024 14:06:11 +0100 Subject: [PATCH 04/14] Switch to eclipse-temurin images Also build skeleton runtime as a distinct stage --- Dockerfile | 27 +++++++++++++++++++-------- 1 file changed, 19 insertions(+), 8 deletions(-) diff --git a/Dockerfile b/Dockerfile index 3392e4b725..4adff4f089 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,7 @@ # This stage extracts all the pom.xml files. # It'll get rebuilt with any source change, but that's OK. -FROM openjdk:11-jdk AS poms +# It doesn't matter what image we're using, really, so we may as well use one of the same images as elsewhere. +FROM eclipse-temurin:17-jre AS poms WORKDIR /usr/src COPY . . # Wipe any files not called pom.xml or *.jar @@ -9,7 +10,7 @@ RUN find . -type f -and \! -name pom.xml -and \! -name '*.jar' -delete RUN find . -type d -empty -delete # Now we build: -FROM openjdk:11-jdk AS build +FROM eclipse-temurin:17 AS build WORKDIR /tmp/ RUN mkdir /tmp/m2_home ENV M2_HOME=/tmp/m2_home @@ -33,19 +34,29 @@ RUN ./mvnw -e -B dependency:go-offline COPY . . RUN ./mvnw -e -B package -Dmaven.test.skip -# Final stage, build the runtime container: -FROM openjdk:11-jre +# Might as well create the user in a different stage if only to eliminate +# the ugly && chaining and increase parallelization +FROM eclipse-temurin:17-jre AS skeleton-runtime ENV OPENFIRE_USER=openfire \ OPENFIRE_DIR=/usr/local/openfire \ OPENFIRE_DATA_DIR=/var/lib/openfire \ OPENFIRE_LOG_DIR=/var/log/openfire -RUN apt-get update -qq \ - && apt-get install -yqq sudo \ - && adduser --disabled-password --quiet --system --home $OPENFIRE_DATA_DIR --gecos "Openfire XMPP server" --group $OPENFIRE_USER \ - && rm -rf /var/lib/apt/lists/* +RUN apt-get update -qq +RUN apt-get install -yyq sudo adduser +RUN adduser --disabled-password --quiet --system --home $OPENFIRE_DATA_DIR --gecos "Openfire XMPP server" --group $OPENFIRE_USER + +# Final stage, build the runtime container: +FROM eclipse-temurin:17-jre AS runtime + +ENV OPENFIRE_USER=openfire \ + OPENFIRE_DIR=/usr/local/openfire \ + OPENFIRE_DATA_DIR=/var/lib/openfire \ + OPENFIRE_LOG_DIR=/var/log/openfire +COPY --from=skeleton-runtime /etc/passwd /etc/shadow /etc/ +COPY --chown=openfire::openfire --from=skeleton-runtime $OPENFIRE_DATA_DIR $OPENFIRE_DATA_DIR COPY --chmod=0755 --from=build /usr/src/build/docker/entrypoint.sh /sbin/entrypoint.sh COPY --chown=openfire:openfire --from=build /usr/src/distribution/target/distribution-base /usr/local/openfire RUN mv ${OPENFIRE_DIR}/conf ${OPENFIRE_DIR}/conf_org \ From 50a4ce62bb1335210bdd3220cdc570204b3e336e Mon Sep 17 00:00:00 2001 From: Dave Cridland Date: Sun, 25 Aug 2024 14:18:30 +0100 Subject: [PATCH 05/14] Add docker building to workflow --- .../continuous-integration-workflow.yml | 20 ++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/.github/workflows/continuous-integration-workflow.yml b/.github/workflows/continuous-integration-workflow.yml index 103f3d1fcf..ae9ee41a0c 100644 --- a/.github/workflows/continuous-integration-workflow.yml +++ b/.github/workflows/continuous-integration-workflow.yml @@ -143,10 +143,16 @@ jobs: - name: check branch ${{ github.ref }} is either main or a version number id: check-branch run: | - if [[ ${{ github.ref }} == 'refs/heads/main' || ${{ github.ref }} =~ refs\/heads\/[0-9]+\.[0-9]+ ]]; then + if [[ ${{ github.ref }} == 'refs/heads/main'; then echo "is_publishable_branch=true" >> $GITHUB_OUTPUT + echo "branch_tag=latest" >> $GITHUB_OUTPUT + elif ${{ github.ref }} =~ refs\/heads\/[0-9]+\.[0-9]+ ]]; then + echo "is_publishable_branch=true" >> $GITHUB_OUTPUT + echo -n "branch_tag=" >> $GITHUT_OUTPUT + sed -e '!refs/heads/!!' >> $GITHUB_OUTPUT else echo "is_publishable_branch=false" >> $GITHUB_OUTPUT + echo "branch_tag=rando" >> $GITHHUB_OUTPUT fi connectivity: @@ -230,6 +236,18 @@ jobs: - '.github/workflows/continuous-integration-workflow.yml' - 'xmppserver/pom.xml' + docker: + name: Build (and maybe push) Docker image + needs: + - check_branch + runs-on: ubuntu-latest + steps: # could log into docker hub here, so we can push the image. + - name: Build docker image + uses: docker/build-push-action@v6 + with: + push: false ## ${{ needs.check_branch.output.is_publishable_branch == 'true' }} + tags: openfire/${{ needs.check_branch.outputs.branch_tag }} + sqlserver: name: Test SQL Server Upgrades needs: [build, should-do-database-upgrade-tests, check_branch] From a2d7af87bbef2fe8d6c4a5438a49e67c97b124c4 Mon Sep 17 00:00:00 2001 From: Dave Cridland Date: Sun, 25 Aug 2024 14:19:53 +0100 Subject: [PATCH 06/14] Add docker building to workflow (fix) --- .github/workflows/continuous-integration-workflow.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/continuous-integration-workflow.yml b/.github/workflows/continuous-integration-workflow.yml index ae9ee41a0c..07320ace8d 100644 --- a/.github/workflows/continuous-integration-workflow.yml +++ b/.github/workflows/continuous-integration-workflow.yml @@ -143,10 +143,10 @@ jobs: - name: check branch ${{ github.ref }} is either main or a version number id: check-branch run: | - if [[ ${{ github.ref }} == 'refs/heads/main'; then + if [[ ${{ github.ref }} == 'refs/heads/main' ]]; then echo "is_publishable_branch=true" >> $GITHUB_OUTPUT echo "branch_tag=latest" >> $GITHUB_OUTPUT - elif ${{ github.ref }} =~ refs\/heads\/[0-9]+\.[0-9]+ ]]; then + elif [[ ]${{ github.ref }} =~ refs\/heads\/[0-9]+\.[0-9]+ ]]; then echo "is_publishable_branch=true" >> $GITHUB_OUTPUT echo -n "branch_tag=" >> $GITHUT_OUTPUT sed -e '!refs/heads/!!' >> $GITHUB_OUTPUT From d7331c925c7ed4d89c10c74ef6539cdb145d2e22 Mon Sep 17 00:00:00 2001 From: Dave Cridland Date: Sun, 25 Aug 2024 14:22:03 +0100 Subject: [PATCH 07/14] Add docker building to workflow (fix) --- .../workflows/continuous-integration-workflow.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/continuous-integration-workflow.yml b/.github/workflows/continuous-integration-workflow.yml index 07320ace8d..e07a2dd0ff 100644 --- a/.github/workflows/continuous-integration-workflow.yml +++ b/.github/workflows/continuous-integration-workflow.yml @@ -144,15 +144,15 @@ jobs: id: check-branch run: | if [[ ${{ github.ref }} == 'refs/heads/main' ]]; then - echo "is_publishable_branch=true" >> $GITHUB_OUTPUT - echo "branch_tag=latest" >> $GITHUB_OUTPUT + echo "is_publishable_branch=true" >> "${GITHUB_OUTPUT}" + echo "branch_tag=latest" >> "${GITHUB_OUTPUT}" elif [[ ]${{ github.ref }} =~ refs\/heads\/[0-9]+\.[0-9]+ ]]; then - echo "is_publishable_branch=true" >> $GITHUB_OUTPUT - echo -n "branch_tag=" >> $GITHUT_OUTPUT - sed -e '!refs/heads/!!' >> $GITHUB_OUTPUT + echo "is_publishable_branch=true" >> "${GITHUB_OUTPUT}" + echo -n "branch_tag=" >> "${GITHUB_OUTPUT}" + sed -e '!refs/heads/!!' >> "${GITHUB_OUTPUT}" else - echo "is_publishable_branch=false" >> $GITHUB_OUTPUT - echo "branch_tag=rando" >> $GITHHUB_OUTPUT + echo "is_publishable_branch=false" >> "${GITHUB_OUTPUT}" + echo "branch_tag=rando" >> "${GITHUB_OUTPUT}" fi connectivity: From f51b61456bcd0f22a8d7f65a5415875987f57912 Mon Sep 17 00:00:00 2001 From: Dave Cridland Date: Sun, 25 Aug 2024 14:23:05 +0100 Subject: [PATCH 08/14] Add docker building to workflow (fix) --- .github/workflows/continuous-integration-workflow.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/continuous-integration-workflow.yml b/.github/workflows/continuous-integration-workflow.yml index e07a2dd0ff..3487567852 100644 --- a/.github/workflows/continuous-integration-workflow.yml +++ b/.github/workflows/continuous-integration-workflow.yml @@ -246,7 +246,7 @@ jobs: uses: docker/build-push-action@v6 with: push: false ## ${{ needs.check_branch.output.is_publishable_branch == 'true' }} - tags: openfire/${{ needs.check_branch.outputs.branch_tag }} + tags: openfire:${{ needs.check_branch.outputs.branch_tag }} sqlserver: name: Test SQL Server Upgrades From bade5e4ee7c8e6bbd155780c81565fa7133edbd8 Mon Sep 17 00:00:00 2001 From: Dave Cridland Date: Sun, 25 Aug 2024 14:24:23 +0100 Subject: [PATCH 09/14] Add docker building to workflow (fix) --- .github/workflows/continuous-integration-workflow.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/continuous-integration-workflow.yml b/.github/workflows/continuous-integration-workflow.yml index 3487567852..2a58d62f1e 100644 --- a/.github/workflows/continuous-integration-workflow.yml +++ b/.github/workflows/continuous-integration-workflow.yml @@ -139,6 +139,7 @@ jobs: runs-on: ubuntu-latest outputs: is_publishable_branch: ${{ steps.check-branch.outputs.is_publishable_branch }} + branch_tag: ${{ steps.check-branch.outputs.branch_tag }} steps: - name: check branch ${{ github.ref }} is either main or a version number id: check-branch From ca2812b95ee76362c0fb2498eb7d815d758d78f0 Mon Sep 17 00:00:00 2001 From: Dan Caseley Date: Sun, 8 Sep 2024 18:29:02 +0100 Subject: [PATCH 10/14] Fix groups and missing sudo for entrypoint --- Dockerfile | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 4adff4f089..e1edfd1ca9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -44,18 +44,21 @@ ENV OPENFIRE_USER=openfire \ OPENFIRE_LOG_DIR=/var/log/openfire RUN apt-get update -qq -RUN apt-get install -yyq sudo adduser +RUN apt-get install -yyq adduser RUN adduser --disabled-password --quiet --system --home $OPENFIRE_DATA_DIR --gecos "Openfire XMPP server" --group $OPENFIRE_USER # Final stage, build the runtime container: FROM eclipse-temurin:17-jre AS runtime +RUN apt-get update -qq +RUN apt-get install -yyq sudo + ENV OPENFIRE_USER=openfire \ OPENFIRE_DIR=/usr/local/openfire \ OPENFIRE_DATA_DIR=/var/lib/openfire \ OPENFIRE_LOG_DIR=/var/log/openfire -COPY --from=skeleton-runtime /etc/passwd /etc/shadow /etc/ +COPY --from=skeleton-runtime /etc/passwd /etc/shadow /etc/group /etc/ COPY --chown=openfire::openfire --from=skeleton-runtime $OPENFIRE_DATA_DIR $OPENFIRE_DATA_DIR COPY --chmod=0755 --from=build /usr/src/build/docker/entrypoint.sh /sbin/entrypoint.sh COPY --chown=openfire:openfire --from=build /usr/src/distribution/target/distribution-base /usr/local/openfire From f4982f51b6d6965b9f86ae36e98f737cad6e0886 Mon Sep 17 00:00:00 2001 From: Dave Cridland Date: Mon, 11 Nov 2024 10:29:58 +0000 Subject: [PATCH 11/14] Make mvnw work with standard sh The backticks are a deprecated bishism --- mvnw | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mvnw b/mvnw index d2f0ea3808..9684f02e11 100755 --- a/mvnw +++ b/mvnw @@ -50,7 +50,7 @@ fi cygwin=false; darwin=false; mingw=false -case "`uname`" in +case "$(uname)" in CYGWIN*) cygwin=true ;; MINGW*) mingw=true;; Darwin*) darwin=true @@ -68,7 +68,7 @@ esac if [ -z "$JAVA_HOME" ] ; then if [ -r /etc/gentoo-release ] ; then - JAVA_HOME=`java-config --jre-home` + JAVA_HOME=$(java-config --jre-home) fi fi From ae28d44c1f129bcb9bc54fbbe417191bf7341271 Mon Sep 17 00:00:00 2001 From: Dave Cridland Date: Mon, 11 Nov 2024 10:31:33 +0000 Subject: [PATCH 12/14] Get offline mode to work My word this is broken in Maven. --- Dockerfile | 18 +++++++++--------- pom.xml | 6 ++++++ 2 files changed, 15 insertions(+), 9 deletions(-) diff --git a/Dockerfile b/Dockerfile index e1edfd1ca9..0fe690b9d3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -12,8 +12,7 @@ RUN find . -type d -empty -delete # Now we build: FROM eclipse-temurin:17 AS build WORKDIR /tmp/ -RUN mkdir /tmp/m2_home -ENV M2_HOME=/tmp/m2_home +RUN mkdir /tmp/m2_repo WORKDIR /usr/src COPY mvnw ./ RUN chmod +x mvnw @@ -22,17 +21,18 @@ COPY .mvn/wrapper .mvn/wrapper # First, copy in just the pom.xml files and fetch the dependencies: COPY --from=poms /usr/src/ . -RUN ./mvnw -e -B help:evaluate -Dexpression=project.modules -Doutput=/tmp/projects.xml -RUN cat /tmp/projects.xml| grep '' | sed -e 's/^.*string>\(.*\)<\/string.*$/\1/g' >/tmp/projects.txt -RUN ./mvnw -pl plugins -e -B help:evaluate -Dexpression=project.modules -Doutput=/tmp/projects.xml -RUN cat /tmp/projects.xml| grep '' | sed -e 's/^.*string>\(.*\)<\/string.*$/plugins\/\1/g' >>/tmp/projects.txt -RUN for project in $(cat /tmp/projects.txt); do ./mvnw -pl $project -e -B dependency:go-offline; done -RUN ./mvnw -e -B dependency:go-offline +# I don't know why we need all three either. +RUN ./mvnw -e -B dependency:resolve-plugins -Dmaven.test.skip -Dmaven.repo.local=/tmp/m2_repo +RUN ./mvnw -e -B dependency:go-offline -Dmaven.test.skip -Dmaven.repo.local=/tmp/m2_repo +RUN ./mvnw -e -B de.qaware.maven:go-offline-maven-plugin:resolve-dependencies -Dmaven.repo.local=/tmp/m2_repo + # Above here is only affected by the pom.xml files, so the cache is stable. # Now, copy in all the source, and actually build it, skipping the tests. COPY . . -RUN ./mvnw -e -B package -Dmaven.test.skip +RUN ./mvnw -o -e -B package -Dmaven.test.skip -Dmaven.repo.local=/tmp/m2_repo +# In case of Windows, break glass. +RUN sed -i 's/\r//g' /usr/src/distribution/target/distribution-base/bin/openfire.sh # Might as well create the user in a different stage if only to eliminate # the ugly && chaining and increase parallelization diff --git a/pom.xml b/pom.xml index a27876f419..762883e7f6 100644 --- a/pom.xml +++ b/pom.xml @@ -222,6 +222,12 @@ + + de.qaware.maven + go-offline-maven-plugin + 1.2.8 + + org.apache.maven.plugins maven-jar-plugin From bcfa46764711c0d8eda615a166f10f58281b0003 Mon Sep 17 00:00:00 2001 From: Dave Cridland Date: Mon, 11 Nov 2024 10:32:13 +0000 Subject: [PATCH 13/14] Don't require sudo at runtime Or, indeed, at all. --- Dockerfile | 3 --- build/docker/entrypoint.sh | 13 +++++++------ 2 files changed, 7 insertions(+), 9 deletions(-) diff --git a/Dockerfile b/Dockerfile index 0fe690b9d3..79fbc243c0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -50,9 +50,6 @@ RUN adduser --disabled-password --quiet --system --home $OPENFIRE_DATA_DIR --gec # Final stage, build the runtime container: FROM eclipse-temurin:17-jre AS runtime -RUN apt-get update -qq -RUN apt-get install -yyq sudo - ENV OPENFIRE_USER=openfire \ OPENFIRE_DIR=/usr/local/openfire \ OPENFIRE_DATA_DIR=/var/lib/openfire \ diff --git a/build/docker/entrypoint.sh b/build/docker/entrypoint.sh index 09d120f68b..ddaa24033f 100644 --- a/build/docker/entrypoint.sh +++ b/build/docker/entrypoint.sh @@ -17,13 +17,14 @@ initialize_data_dir() { # initialize the data volume if [[ ! -d ${OPENFIRE_DATA_DIR}/conf ]]; then - sudo -HEu ${OPENFIRE_USER} cp -a ${OPENFIRE_DIR}/conf_org ${OPENFIRE_DATA_DIR}/conf - sudo -HEu ${OPENFIRE_USER} cp -a ${OPENFIRE_DIR}/plugins_org ${OPENFIRE_DATA_DIR}/plugins - sudo -HEu ${OPENFIRE_USER} cp -a ${OPENFIRE_DIR}/resources/security_org ${OPENFIRE_DATA_DIR}/conf/security + cp -a ${OPENFIRE_DIR}/conf_org ${OPENFIRE_DATA_DIR}/conf + cp -a ${OPENFIRE_DIR}/plugins_org ${OPENFIRE_DATA_DIR}/plugins + cp -a ${OPENFIRE_DIR}/resources/security_org ${OPENFIRE_DATA_DIR}/conf/security fi - sudo -HEu ${OPENFIRE_USER} mkdir -p ${OPENFIRE_DATA_DIR}/{plugins,embedded-db} - sudo -HEu ${OPENFIRE_USER} rm -rf ${OPENFIRE_DATA_DIR}/plugins/admin - sudo -HEu ${OPENFIRE_USER} ln -sf ${OPENFIRE_DIR}/plugins_org/admin ${OPENFIRE_DATA_DIR}/plugins/admin + mkdir -p ${OPENFIRE_DATA_DIR}/{plugins,embedded-db} + rm -rf ${OPENFIRE_DATA_DIR}/plugins/admin + ln -sf ${OPENFIRE_DIR}/plugins_org/admin ${OPENFIRE_DATA_DIR}/plugins/admin + chown -R ${OPENFIRE_USER}:${OPENFIRE_USER} ${OPENFIRE_DATA_DIR} # create version file CURRENT_VERSION= From 91eb1127737c96c7eda2d1c421ee7a3cfc0390fd Mon Sep 17 00:00:00 2001 From: Dave Cridland Date: Mon, 11 Nov 2024 10:32:28 +0000 Subject: [PATCH 14/14] main:HEAD is now latest --- .github/workflows/continuous-integration-workflow.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/continuous-integration-workflow.yml b/.github/workflows/continuous-integration-workflow.yml index 2a58d62f1e..b509af8045 100644 --- a/.github/workflows/continuous-integration-workflow.yml +++ b/.github/workflows/continuous-integration-workflow.yml @@ -146,7 +146,7 @@ jobs: run: | if [[ ${{ github.ref }} == 'refs/heads/main' ]]; then echo "is_publishable_branch=true" >> "${GITHUB_OUTPUT}" - echo "branch_tag=latest" >> "${GITHUB_OUTPUT}" + echo "branch_tag=development" >> "${GITHUB_OUTPUT}" elif [[ ]${{ github.ref }} =~ refs\/heads\/[0-9]+\.[0-9]+ ]]; then echo "is_publishable_branch=true" >> "${GITHUB_OUTPUT}" echo -n "branch_tag=" >> "${GITHUB_OUTPUT}"