ARTEMIS-3042 Add docker multistage build

This adds the possibility to create an artemis image with just the docker build command.
First the image is downloaded in an Eclipse Temurin installation and later transferred to an alpine image.
Thus, it ensures that only the relevant data is stored in alpine leading to a smaller attack surface.

artemis-docker/Dockerfile-alpine

@@ -0,0 +1,91 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+# ActiveMQ Artemis
+
+ARG CURRENT_VERSION=2.17.0
+
+FROM eclipse-temurin:11-jdk as builder
+ARG CURRENT_VERSION
+
+ENV VERSION=$CURRENT_VERSION
+
+RUN apt update -y && apt upgrade -y && apt install tree curl -y
+
+ADD ./prepare-docker.sh /bin/prepareDocker
+WORKDIR /root/artemis-build
+COPY ./Dockerfile-alpine .
+COPY docker-run.sh .
+RUN bash prepareDocker --from-release --artemis-version ${VERSION}
+
+
+FROM alpine:latest
+
+ARG CURRENT_VERSION
+
+ENV VERSION=$CURRENT_VERSION
+
+RUN apk --no-cache add openjdk17-jre-headless bash libaio\
+        --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community
+
+
+LABEL maintainer="Apache ActiveMQ Team"
+# Make sure pipes are considered to determine success, see: https://github.com/hadolint/hadolint/wiki/DL4006
+SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+WORKDIR /opt
+
+ENV ARTEMIS_USER artemis
+ENV ARTEMIS_PASSWORD artemis
+ENV ANONYMOUS_LOGIN false
+ENV EXTRA_ARGS --http-host 0.0.0.0 --relax-jolokia
+
+# add user and group for artemis
+RUN addgroup  -g 1001 artemis && adduser -u 1002 --ingroup artemis --disabled-password  artemis
+
+USER artemis
+
+COPY --from=builder /root/artemis-build/_TMP_/artemis/${VERSION}/ /opt/activemq-artemis
+
+# Web Server
+EXPOSE 8161 \
+# JMX Exporter
+    9404 \
+# Port for CORE,MQTT,AMQP,HORNETQ,STOMP,OPENWIRE
+    61616 \
+# Port for HORNETQ,STOMP
+    5445 \
+# Port for AMQP
+    5672 \
+# Port for MQTT
+    1883 \
+#Port for STOMP
+    61613
+
+USER root
+
+RUN mkdir /var/lib/artemis-instance && chown -R artemis.artemis /var/lib/artemis-instance
+
+COPY --from=builder /root/artemis-build/_TMP_/artemis/${VERSION}/docker/docker-run.sh /
+
+USER artemis
+
+# Expose some outstanding folders
+VOLUME ["/var/lib/artemis-instance"]
+WORKDIR /var/lib/artemis-instance
+
+ENTRYPOINT ["/docker-run.sh"]
+CMD ["run"]

artemis-docker/Dockerfile-centos7-11

@@ -17,12 +17,30 @@
 
 # ActiveMQ Artemis
 
+ARG CURRENT_VERSION=2.17.0
+
+FROM eclipse-temurin:11-jdk as builder
+ARG CURRENT_VERSION
+
+ENV VERSION=$CURRENT_VERSION
+
+RUN apt update -y && apt upgrade -y && apt install tree curl -y
+
+ADD ./prepare-docker.sh /bin/prepareDocker
+WORKDIR /root/artemis-build
+COPY ./Dockerfile-alpine .
+COPY docker-run.sh .
+RUN bash prepareDocker --from-release --artemis-version ${VERSION}
+
 FROM eclipse-temurin:11-centos7
 LABEL maintainer="Apache ActiveMQ Team"
 # Make sure pipes are considered to determine success, see: https://github.com/hadolint/hadolint/wiki/DL4006
 SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 WORKDIR /opt
 
+ARG CURRENT_VERSION
+
+ENV VERSION=$CURRENT_VERSION
 ENV ARTEMIS_USER artemis
 ENV ARTEMIS_PASSWORD artemis
 ENV ANONYMOUS_LOGIN false
@@ -36,7 +54,7 @@ RUN groupadd -g 1001 -r artemis && useradd -r -u 1001 -g artemis artemis \
 
 USER artemis
 
-ADD . /opt/activemq-artemis
+COPY --from=builder /root/artemis-build/_TMP_/artemis/${VERSION}/ /opt/activemq-artemis
 
 # Web Server
 EXPOSE 8161 \
@@ -57,7 +75,7 @@ USER root
 
 RUN mkdir /var/lib/artemis-instance && chown -R artemis.artemis /var/lib/artemis-instance
 
-COPY ./docker/docker-run.sh /
+COPY --from=builder /root/artemis-build/_TMP_/artemis/${VERSION}/docker/docker-run.sh /
 
 USER artemis
 

artemis-docker/Dockerfile-ubuntu-11

@@ -17,8 +17,28 @@
 
 # ActiveMQ Artemis
 
+ARG CURRENT_VERSION=2.17.0
+
+FROM eclipse-temurin:11-jdk as builder
+ARG CURRENT_VERSION
+
+ENV VERSION=$CURRENT_VERSION
+
+RUN apt update -y && apt upgrade -y && apt install tree curl -y
+
+ADD ./prepare-docker.sh /bin/prepareDocker
+WORKDIR /root/artemis-build
+COPY ./Dockerfile-alpine .
+COPY docker-run.sh .
+RUN bash prepareDocker --from-release --artemis-version ${VERSION}
+
 FROM eclipse-temurin:11
 LABEL maintainer="Apache ActiveMQ Team"
+
+ARG CURRENT_VERSION
+
+ENV VERSION=$CURRENT_VERSION
+
 # Make sure pipes are considered to determine success, see: https://github.com/hadolint/hadolint/wiki/DL4006
 SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 WORKDIR /opt
@@ -36,7 +56,8 @@ RUN groupadd -g 1001 -r artemis && useradd -r -u 1001 -g artemis artemis \
 
 USER artemis
 
-ADD . /opt/activemq-artemis
+COPY --from=builder /root/artemis-build/_TMP_/artemis/${VERSION}/ /opt/activemq-artemis
+
 
 # Web Server
 EXPOSE 8161 \
@@ -57,7 +78,8 @@ USER root
 
 RUN mkdir /var/lib/artemis-instance && chown -R artemis.artemis /var/lib/artemis-instance
 
-COPY ./docker/docker-run.sh /
+COPY --from=builder /root/artemis-build/_TMP_/artemis/${VERSION}/docker/docker-run.sh /
+
 
 USER artemis
 

artemis-docker/Dockerfile-ubuntu-11-jre

@@ -17,7 +17,30 @@
 
 # ActiveMQ Artemis
 
+ARG CURRENT_VERSION=2.17.0
+
+FROM eclipse-temurin:11-jdk as builder
+ARG CURRENT_VERSION
+
+ENV VERSION=$CURRENT_VERSION
+
+RUN apt update -y && apt upgrade -y && apt install tree curl -y
+
+ADD ./prepare-docker.sh /bin/prepareDocker
+WORKDIR /root/artemis-build
+COPY ./Dockerfile-alpine .
+COPY docker-run.sh .
+RUN bash prepareDocker --from-release --artemis-version ${VERSION}
+
 FROM eclipse-temurin:11-jre
+LABEL maintainer="Apache ActiveMQ Team"
+
+ARG CURRENT_VERSION
+
+ENV VERSION=$CURRENT_VERSION
+
+
+
 LABEL maintainer="Apache ActiveMQ Team"
 # Make sure pipes are considered to determine success, see: https://github.com/hadolint/hadolint/wiki/DL4006
 SHELL ["/bin/bash", "-o", "pipefail", "-c"]
@@ -36,7 +59,8 @@ RUN groupadd -g 1001 -r artemis && useradd -r -u 1001 -g artemis artemis \
 
 USER artemis
 
-ADD . /opt/activemq-artemis
+COPY --from=builder /root/artemis-build/_TMP_/artemis/${VERSION}/ /opt/activemq-artemis
+
 
 # Web Server
 EXPOSE 8161 \
@@ -57,7 +81,8 @@ USER root
 
 RUN mkdir /var/lib/artemis-instance && chown -R artemis.artemis /var/lib/artemis-instance
 
-COPY ./docker/docker-run.sh /
+COPY --from=builder /root/artemis-build/_TMP_/artemis/${VERSION}/docker/docker-run.sh /
+
 
 USER artemis
 

artemis-docker/prepare-docker.sh

@@ -48,26 +48,8 @@ HERE
 next_step () {
   cat <<HERE
 
-Well done! Now you can continue with building the Docker image:
-
-  # Go to $ARTEMIS_DIST_DIR
-  $ cd $ARTEMIS_DIST_DIR
-
-  # For CentOS with full JDK
-  $ docker build -f ./docker/Dockerfile-centos7-11 -t artemis-centos .
-
-  # For Ubuntu with full JDK
-  $ docker build -f ./docker/Dockerfile-ubuntu-11 -t artemis-ubuntu .
-
-  # For Ubuntu with just JRE
-  $ docker build -f ./docker/Dockerfile-ubuntu-11-jre -t artemis-ubuntu .
-
-  # For Ubuntu on Linux ARMv7/ARM64 with full JDK
-  $ docker buildx build --platform linux/arm64,linux/arm/v7 --push -t {your-repository}/apache-artemis:2.17.0-SNAPSHOT -f ./docker/Dockerfile-ubuntu-11 .
-
-Note: -t artemis-centos and -t artemis-ubuntu are just tag names for the purpose of this guide
-
-For more info see readme.md
+Installation complete. The builder is done building your image. Now it is time to copy your build to your image of
+choice.
 
 HERE
   exit 0
@@ -187,4 +169,4 @@ cp ./docker-run.sh "$ARTEMIS_DIST_DIR/docker"
 echo "Docker file support files at:"
 tree "$ARTEMIS_DIST_DIR/docker"
 
-next_step
+next_step