Added files for building and extension checking

Dockerfile

@@ -0,0 +1,81 @@
+ARG BASE_IMAGE_TAG=zulu-openjdk-17.0.3-alpine-2
+
+FROM com2mcore.azurecr.io/iot-base-image:$BASE_IMAGE_TAG
+
+ARG HIVEMQ_VERSION=2024.1
+ENV HIVEMQ_GID=10000
+ENV HIVEMQ_UID=10000
+
+# Additional JVM options, may be overwritten by user
+ENV JAVA_OPTS "-XX:+UnlockExperimentalVMOptions -XX:+UseNUMA"
+
+# Default allow all extension, set this to false to disable it
+ENV HIVEMQ_ALLOW_ALL_CLIENTS "false"
+
+# Set locale
+ENV LANG=en_US.UTF-8
+
+RUN set -x \
+	&& apk update \
+	&& apk add --no-cache tini
+
+COPY config.xml /opt/config.xml
+COPY docker-entrypoint.sh /opt/docker-entrypoint.sh
+
+# HiveMQ setup
+COPY build/distributions/hivemq-ce-${HIVEMQ_VERSION} /opt/hivemq-ce-${HIVEMQ_VERSION}
+RUN ln -s /opt/hivemq-ce-${HIVEMQ_VERSION} /opt/hivemq
+
+RUN ls -la /opt
+RUN ls -la /opt/hivemq-ce-${HIVEMQ_VERSION}
+
+WORKDIR /opt/hivemq
+
+# Configure user and group for HiveMQ
+RUN addgroup -g ${HIVEMQ_GID} hivemq \
+    && adduser -D -G hivemq -h /opt/hivemq-ce-${HIVEMQ_VERSION} --u ${HIVEMQ_UID} hivemq \
+    && chown -R hivemq:hivemq /opt/hivemq-ce-${HIVEMQ_VERSION} \
+    && chmod -R 777 /opt \
+    && chmod +x /opt/hivemq/bin/run.sh /opt/docker-entrypoint.sh
+
+# Substitute eval for exec and replace OOM flag if necessary (for older releases). This is necessary for proper signal propagation
+RUN sed -i -e 's|eval \\"java\\" "$HOME_OPT" "$JAVA_OPTS" -jar "$JAR_PATH"|exec "java" $HOME_OPT $JAVA_OPTS -jar "$JAR_PATH"|' /opt/hivemq/bin/run.sh && \
+    sed -i -e "s|-XX:OnOutOfMemoryError='sleep 5; kill -9 %p'|-XX:+CrashOnOutOfMemoryError|" /opt/hivemq/bin/run.sh
+
+RUN sed -i -e 's|exec "java" "${HOME_OPT}" "${HEAPDUMP_PATH_OPT}" ${JAVA_OPTS} -jar "${JAR_PATH}"|exec "java" "${HOME_OPT}" "${HEAPDUMP_PATH_OPT}" ${JAVA_OPTS} -XX:OnOutOfMemoryError="kill 0" -jar "${JAR_PATH}"|' /opt/hivemq/bin/run.sh
+
+RUN apk add libstdc++ --no-cache
+
+RUN rm -rf /opt/hivemq/extensions/hivemq-allow-all-extension
+
+ADD cronjobs /tmp/cronjobs
+RUN cat /tmp/cronjobs | crontab -
+RUN rm /tmp/cronjobs
+
+RUN mkdir -p /opt/hivemq/default-cert
+RUN mkdir -p /opt/hivemq/cert
+
+RUN chmod -R 777 /opt/hivemq
+RUN chmod -R 777 /opt/hivemq-ce-2024.1
+
+ADD check_extension.sh /opt/check_extension.sh
+RUN chmod +x /opt/check_extension.sh
+
+# Make broker data persistent throughout stop/start cycles
+VOLUME /opt/hivemq/data
+
+# Persist log data
+VOLUME /opt/hivemq/log
+
+VOLUME /opt/hivemq/cert
+
+#mqtt-clients
+EXPOSE 1883
+
+#websockets
+EXPOSE 8000
+
+WORKDIR /opt/hivemq
+
+ENTRYPOINT ["/sbin/tini", "--"]
+CMD ["/opt/hivemq/bin/run.sh"]

buildSrc/build.gradle.kts

@@ -6,7 +6,7 @@ group = "com.hivemq"
 
 java {
     toolchain {
-        languageVersion.set(JavaLanguageVersion.of(8))
+        languageVersion.set(JavaLanguageVersion.of(11))
     }
 }
 

check_extension.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+
+echo "$(date -u) Check Hive MQ Extensions." >> check_extension.log
+FILE=/opt/hivemq/extensions/mqtt-hivemq-broker-service/DISABLED
+
+if rm $FILE; then
+    echo "$(date -u) Disabled Extension found. Shutdown HiveMQ." >> check_extension.log
+    /opt/hivemq/bin/init-script/hivemq stop
+fi

config.xml

@@ -0,0 +1,20 @@
+<?xml version="1.0"?>
+<hivemq>
+    <listeners>
+        <tcp-listener>
+            <port>1883</port>
+            <bind-address>0.0.0.0</bind-address>
+        </tcp-listener>
+        <websocket-listener>
+            <port>8000</port>
+            <bind-address>0.0.0.0</bind-address>
+            <path>/mqtt</path>
+            <name>my-websocket-listener</name>
+            <subprotocols>
+                <subprotocol>mqttv3.1</subprotocol>
+                <subprotocol>mqtt</subprotocol>
+            </subprotocols>
+            <allow-extensions>true</allow-extensions>
+        </websocket-listener>
+    </listeners>
+</hivemq>

cronjobs

@@ -0,0 +1,2 @@
+* * * * * sleep 0; /opt/check_extension.sh
+* * * * * sleep 30; /opt/check_extension.sh

docker-entrypoint.sh

@@ -0,0 +1,56 @@
+#!/usr/bin/env bash
+
+set -eo pipefail
+
+# We set the bind address here to ensure HiveMQ uses the correct interface. Defaults to using the container hostname (which should be hardcoded in /etc/hosts)
+if [ -z "${HIVEMQ_BIND_ADDRESS}" ]; then
+    echo "Getting bind address from container hostname"
+    ADDR=$(getent hosts ${HOSTNAME} | grep -v 127.0.0.1 | awk '{ print $1 }' | head -n 1)
+else
+    echo "HiveMQ bind address was overridden by environment variable (value: ${HIVEMQ_BIND_ADDRESS})"
+    ADDR=${HIVEMQ_BIND_ADDRESS}
+fi
+
+# Remove allow all extension if applicable
+
+if [[ "${HIVEMQ_ALLOW_ALL_CLIENTS}" != "true" ]]; then
+    echo "Disabling allow all extension"
+    rm -rf /opt/hivemq/extensions/hivemq-allow-all-extension &>/dev/null || true
+fi
+
+echo "set bind address from container hostname to ${ADDR}"
+export HIVEMQ_BIND_ADDRESS=${ADDR}
+
+# Step down from root privilege, only when we're attempting to run HiveMQ though.
+if [[ "$1" = "/opt/hivemq/bin/run.sh" && "$(id -u)" = '0' && "${HIVEMQ_NO_ROOT_STEP_DOWN}" != "true" ]]; then
+    uid="hivemq"
+    gid="hivemq"
+    exec_cmd="exec gosu hivemq:hivemq"
+else
+    uid="$(id -u)"
+    gid="$(id -g)"
+    exec_cmd="exec"
+fi
+
+readonly uid
+readonly gid
+readonly exec_cmd
+
+if [[ "$(id -u)" = "0" ]]; then
+    chown "${uid}":"${gid}" /opt/hivemq/data
+    chmod 700 /opt/hivemq/data
+    # Any of the following may fail but still allow HiveMQ to start normally, so lets ignore errors
+    set +e
+    chown "${uid}":"${gid}" /opt/hivemq
+    chown "${uid}":"${gid}" /opt/hivemq-*
+    chown "${uid}":"${gid}" /opt/hivemq/log
+    chown "${uid}":"${gid}" /opt/hivemq/conf
+    chown "${uid}":"${gid}" /opt/hivemq/conf/config.xml
+    # Recursive for bin, no volume here
+    chown -R "${uid}":"${gid}" /opt/hivemq/bin
+    chmod 700 /opt/hivemq
+    chmod 700 /opt/hivemq-*
+    chmod -R 700 /opt/hivemq/bin
+fi
+
+HIVEMQ_BIND_ADDRESS=${ADDR} ${exec_cmd} "$@"