Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Convertigo official 7.7.0 release. #7281

Merged
merged 2 commits into from
Jan 16, 2020
Merged

Convertigo official 7.7.0 release. #7281

merged 2 commits into from
Jan 16, 2020

Conversation

nicolas-albert
Copy link
Contributor

Adds a AKS version with specific Kubernetes tools installed.

Still maintains the 7.6.x versions.

Happy new year and thx !

@nicolas-albert
Convertigo official 7.7.0 release.
7ad79ff 
Adds a AKS version with specific Kubernetes tools installed.

Still maintains the 7.6.x versions.
@yosifkit
Copy link
Member

Extra variants to images (or adding new images) that are only for a specific vendor platform (Amazon, Azure, Google Cloud, OpenShift, OpenStack, etc) breaks the whole "run anywhere" Docker experience. Images in Official-Images should be platform independent. It is up to image maintainers whether or not to adjust their images to better support the specific needs of a platform in a general way (e.g. docker-library/postgres#359 + docker-library/postgres#448).

(Note to future self: comment mostly from docker-solr/docker-solr#130 (comment))

Does convertigo use the azureCLI/kubectl directly? Would they be beneficial to be included all the time?

As far as feedback on the additions if they were added to the regular image:

  • curl | bash would be unacceptable (readme: image build) and should instead verify the download in some way before being used. It may be more transparent to just embed the steps it performs directly in the Dockerfile and skipping their script, since the same 3 steps are being done for kubectl.

    https://aka.ms/InstallAzureCLIDeb:
    # This script does three fundamental things:
    # 1. Add Microsoft's GPG Key has a trusted source of apt packages.
    # 2. Add Microsoft's repositories as a source for apt packages.
    # 3. Installs the Azure CLI from those repositories.

  • Keys downloaded from a keyserver via full fingerprint is recommended over curling a KEYS file (since a change in keys provides a natural docker build cache bust whereas changes to the KEYS file on the remote server will not cause a rebuild). It also allows better end-user introspection into exactly which keys are being added as trusted for apt packages.

  • Instead of apt-key add, we recommend using /etc/apt/trusted.gpg.d directly (see 'note' on https://manpages.debian.org/apt-key#COMMANDS)

    gpg --batch --armor --export "${repokey}" > /etc/apt/trusted.gpg.d/kubernetes.gpg.asc

  • chisel ... &: "it is highly recommended that the resulting image be just one concern per container; predominantly this means just one process per container, so there is no need for a full init system." (readme: init). Related comment from docker-library/haproxy:

    As a rule, we do not run secondary processes (like syslog) in a container. If there were an exception, it would require a supervisor process monitoring the two processes in the container. This supervisor would either start anew the offending process or exit the whole container (to allow a scheduler like Kubernetes or swarm to reschedule it) with the supervisor process deciding whether restart or exit is the correct response to the unexpected death of a child process. Even if this is rare/impossible, the official images, along with being a useful starting point, are meant to be prime examples of Dockerization.

    - ✨ Add syslogd option by environment variable haproxy#39 (comment)

@nicolas-albert
Let only the default latest image : 7.7.0
983a14e 
yosifkit is totally right and after a team discussion, we let only the
default latest version on the official repository.
The AKS variant and previous versions maintenance will be on our
convertigo public repository.
@yosifkit
Copy link
Member

Diff: 
diff --git a/_bashbrew-arches b/_bashbrew-arches
index e96d74f..4a3e1bd 100644
--- a/_bashbrew-arches
+++ b/_bashbrew-arches
@@ -1,3 +1 @@
 convertigo:latest @ amd64
-convertigo:openj9 @ amd64
-convertigo:slim @ amd64
diff --git a/_bashbrew-list b/_bashbrew-list
index 0d8e465..eccfc72 100644
--- a/_bashbrew-list
+++ b/_bashbrew-list
@@ -1,9 +1,3 @@
-convertigo:7.6
-convertigo:7.6-openj9
-convertigo:7.6-slim
-convertigo:7.6.6
-convertigo:7.6.6-openj9
-convertigo:7.6.6-slim
+convertigo:7.7
+convertigo:7.7.0
 convertigo:latest
-convertigo:openj9
-convertigo:slim
diff --git a/convertigo_latest/Dockerfile b/convertigo_latest/Dockerfile
index 7d4dbb8..22c60aa 100644
--- a/convertigo_latest/Dockerfile
+++ b/convertigo_latest/Dockerfile
@@ -13,7 +13,7 @@
 # You should have received a copy of the GNU General Public License
 # along with this program; if not, see<http://www.gnu.org/licenses/>.
 
-FROM tomcat:7-jdk8-openjdk
+FROM tomcat:9-jdk11-openjdk
 
 
 MAINTAINER Nicolas Albert nicolasa@convertigo.com
@@ -88,7 +88,7 @@ RUN sed -i.bak \
     && chown -R convertigo:convertigo conf temp work logs \
     && chmod -w conf/*
 
-ENV CONVERTIGO_VERSION 7.6.6
+ENV CONVERTIGO_VERSION 7.7.0
 
 ENV CONVERTIGO_WAR_URL https://github.com/convertigo/convertigo/releases/download/$CONVERTIGO_VERSION/convertigo-$CONVERTIGO_VERSION.war
 
diff --git a/convertigo_latest/docker-entrypoint.sh b/convertigo_latest/docker-entrypoint.sh
index 305bc5c..4f29ab6 100755
--- a/convertigo_latest/docker-entrypoint.sh
+++ b/convertigo_latest/docker-entrypoint.sh
@@ -7,7 +7,7 @@ if [ "$1" = "convertigo" ]; then
     ## function used to cipher passwords
     
     toHash() {
-        jrunscript -cp $CATALINA_HOME/webapps/convertigo/WEB-INF/lib/dependencies-*.jar -e "java.lang.System.out.println(org.apache.commons.codec.digest.DigestUtils.sha512Hex(\"$1\"))"
+        echo "System.out.println(org.apache.commons.codec.digest.DigestUtils.sha512Hex(\"$1\"))" | jshell --class-path $CATALINA_HOME/webapps/convertigo/WEB-INF/lib/dependencies-*.jar -
     }
         
     ## if needed, force the admin and testplatform accounts
diff --git a/convertigo_openj9/Dockerfile b/convertigo_openj9/Dockerfile
deleted file mode 100644
index 528be2e..0000000
diff --git a/convertigo_openj9/docker-entrypoint.sh b/convertigo_openj9/docker-entrypoint.sh
deleted file mode 100755
index 305bc5c..0000000
diff --git a/convertigo_openj9/root-index.html b/convertigo_openj9/root-index.html
deleted file mode 100644
index 06417fc..0000000
diff --git a/convertigo_slim/Dockerfile b/convertigo_slim/Dockerfile
deleted file mode 100644
index 02e941b..0000000
diff --git a/convertigo_slim/docker-entrypoint.sh b/convertigo_slim/docker-entrypoint.sh
deleted file mode 100755
index 305bc5c..0000000
diff --git a/convertigo_slim/root-index.html b/convertigo_slim/root-index.html
deleted file mode 100644
index 06417fc..0000000

@yosifkit
Copy link
Member

Build test of #7281; 983a14e; amd64 (convertigo):

$ bashbrew build convertigo:7.7.0
Using bashbrew/cache:97d1d2aa8e6f6583fad02117a483bd8ec100fc02296e9b3b25243159c52e07b8 (convertigo:7.7.0)
Tagging convertigo:7.7.0
Tagging convertigo:7.7
Tagging convertigo:latest

$ test/run.sh convertigo:7.7.0
testing convertigo:7.7.0
	'utc' [1/5]...passed
	'cve-2014--shellshock' [2/5]...passed
	'no-hard-coded-passwords' [3/5]...passed
	'override-cmd' [4/5]...passed
	'convertigo-hello-world' [5/5]....passed

@yosifkit yosifkit merged commit 030680e into docker-library:master Jan 16, 2020
@yosifkit yosifkit mentioned this pull request Dec 15, 2020
Merged
@nicolas-albert nicolas-albert deleted the convertigo-7.7.0 branch September 26, 2023 14:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
library/convertigo
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@nicolas-albert @yosifkit @docker-library-bot