-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile.06.jlink
More file actions
73 lines (59 loc) · 2.64 KB
/
Dockerfile.06.jlink
File metadata and controls
73 lines (59 loc) · 2.64 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
# ------------------------------------------------------------
# Stage: build
# Purpose: compile the application and produce a custom runtime via jlink
# Base image: maven:3.9.12-eclipse-temurin-21-noble
# Maven profile: -Pjlink
# Artifact: target/maven-jlink/classifiers/runtime-image (copied to /jre)
# Notes: maven-jlink-plugin produces a modular runtime image and a launcher; verify launcher name
# ------------------------------------------------------------
FROM maven:3.9.12-eclipse-temurin-21-noble AS build
LABEL maintainer="Emmanuel Bruno <emmanuel.bruno@univ-tln.fr>"
LABEL description="Java Hello World - jlink build stage"
LABEL license="MIT"
WORKDIR /app
# Maven Wrapper
COPY mvnw ./
COPY .mvn .mvn
RUN chmod +x mvnw
# Pré-chargement des dépendances (cache Docker)
COPY pom.xml ./
RUN --mount=type=cache,target=/root/.m2 \
./mvnw --batch-mode dependency:resolve
# Sources + build jlink
COPY src ./src
RUN --mount=type=cache,target=/root/.m2 \
./mvnw --batch-mode -Pjlink clean package
# Ensure jlink output is placed in a stable location inside the build image
# Some maven-jlink-plugin configurations produce the runtime image under
# target/maven-jlink/classifiers/runtime-image; copy its contents to /app/jre
RUN mkdir -p /app/jre \
&& if [ -d target/maven-jlink/classifiers/runtime-image ]; then \
cp -a target/maven-jlink/classifiers/runtime-image/* /app/jre/ ; \
fi
# ------------------------------------------------------------
# Stage: runtime
# Purpose: minimal runtime built from the jlink-generated runtime-image
# Base image: debian:bookworm-slim
# Copies: /jre (runtime image) from build stage to /jre in final image
# Notes: jlink runtime is custom and contains only required modules; run the launcher at /jre/bin/hello
# ------------------------------------------------------------
FROM debian:bookworm-slim
LABEL maintainer="Emmanuel Bruno <emmanuel.bruno@univ-tln.fr>"
LABEL description="Java Hello World - jlink runtime"
LABEL version="0.1.0"
# Répertoire applicatif
WORKDIR /app
# Runtime Java custom généré par jlink
COPY --from=build /app/jre /jre
# Utilisateur non-root (bonne pratique)
# Create a dedicated group 'appuser' and add the user to it, then set ownership on /jre
RUN groupadd -g 1001 appuser \
&& useradd --system --uid 1001 -g appuser -s /usr/sbin/nologin appuser \
&& chown -R appuser:appuser /jre \
&& chmod -R go-w /jre
USER appuser
# Exécution via le launcher jlink
# Prefer generic entrypoint: it will detect and exec the jlink launcher (/jre/bin/hello)
COPY entrypoint.sh /usr/local/bin/entrypoint.sh
RUN chmod +x /usr/local/bin/entrypoint.sh || true
ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]