-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
61 lines (48 loc) · 2.26 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
# Base image containing dependencies used in builder and final image
FROM ghcr.io/swissgrc/azure-pipelines-dockercli:27.4.1 AS base
# Make sure to fail due to an error at any stage in shell pipes
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
# Builder image
FROM base AS build
# Make sure to fail due to an error at any stage in shell pipes
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
# renovate: datasource=repology depName=debian_12/curl versioning=loose
ENV CURL_VERSION=7.88.1-10+deb12u8
# renovate: datasource=repology depName=debian_12/lsb-release versioning=loose
ENV LSBRELEASE_VERSION=12.0-1
# renovate: datasource=repology depName=debian_12/gnupg2 versioning=loose
ENV GNUPG_VERSION=2.2.40-1.1
RUN apt-get update -y && \
# Install necessary dependencies
apt-get install -y --no-install-recommends \
curl=${CURL_VERSION} \
gnupg=${GNUPG_VERSION} \
lsb-release=${LSBRELEASE_VERSION} && \
# Add Eclipse Adoptium public key
curl --proto "=https" -fsSL https://packages.adoptium.net/artifactory/api/gpg/key/public \
| tee /etc/apt/keyrings/adoptium.asc && \
# Add Eclipse Adoptium APT repository to the list of sources
echo "deb [signed-by=/etc/apt/keyrings/adoptium.asc] https://packages.adoptium.net/artifactory/deb $(awk -F= '/^VERSION_CODENAME/{print$2}' /etc/os-release) main" \
| tee /etc/apt/sources.list.d/adoptium.list > /dev/null
# Final image
FROM base AS final
LABEL org.opencontainers.image.vendor="Swiss GRC AG"
LABEL org.opencontainers.image.authors="Swiss GRC AG <[email protected]>"
LABEL org.opencontainers.image.title="azure-pipelines-openjdk"
LABEL org.opencontainers.image.documentation="https://github.com/swissgrc/docker-azure-pipelines-openjdk"
# Make sure to fail due to an error at any stage in shell pipes
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
WORKDIR /
COPY --from=build /etc/apt/keyrings/ /etc/apt/keyrings
COPY --from=build /etc/apt/sources.list.d/ /etc/apt/sources.list.d
# Install OpenJDK
# renovate: datasource=adoptium-java depName=java-jdk versioning=loose
ENV OPENJDK_VERSION=17.0.12.0.0+7
# Install OpenJDK
RUN apt-get update -y && \
apt-get install -y --no-install-recommends temurin-17-jdk=${OPENJDK_VERSION} && \
# Clean up
apt-get clean && \
rm -rf /var/lib/apt/lists/* && \
# Smoke test
java -version