From d8a16ab24c8e045cd193201ad77de1330092f4ba Mon Sep 17 00:00:00 2001 From: duncdrum Date: Sun, 5 Feb 2023 20:41:16 +0100 Subject: [PATCH] =?UTF-8?q?=E2=9C=A8=20feat(J17):=20:latest=20to=20J17?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit :release continous with J8 and J11 bump default dockerfile to J17 add _j11 docker file close #27 --- .github/workflows/ci-java11.yml | 87 ++++------------- .github/workflows/ci-java17.yml | 166 ++++++++++++++++++++++++++++++++ .github/workflows/ci-java8.yml | 71 +++----------- Dockerfile | 6 +- Dockerfile_j11 | 88 +++++++++++++++++ 5 files changed, 290 insertions(+), 128 deletions(-) create mode 100644 .github/workflows/ci-java17.yml create mode 100644 Dockerfile_j11 diff --git a/.github/workflows/ci-java11.yml b/.github/workflows/ci-java11.yml index da8d123..5bdd138 100644 --- a/.github/workflows/ci-java11.yml +++ b/.github/workflows/ci-java11.yml @@ -1,13 +1,13 @@ -name: Java 11 +name: Java 11 :release on: push: pull_request: schedule: - - cron: "11 */8 * * *" + - cron: "11 4 * * *" env: TEST_TAG: ${{ secrets.DOCKER_USERNAME }}/existdb:exist-ci - EXIST_VER: 6.2.0 + # EXIST_VER: 6.2.0 jobs: build: @@ -62,7 +62,8 @@ jobs: uses: docker/build-push-action@v4 with: context: . - file: ./Dockerfile + file: ./Dockerfile_j11 + build-args: BRANCH=master load: true tags: ${{ env.TEST_TAG }} @@ -70,8 +71,10 @@ jobs: uses: docker/build-push-action@v4 with: context: . - build-args: DISTRO_TAG=debug - file: ./Dockerfile + build-args: | + BRANCH=master + DISTRO_TAG=debug + file: ./Dockerfile_j11 load: true tags: ${{ env.TEST_TAG }}-debug @@ -80,9 +83,10 @@ jobs: with: context: . build-args: | + BRANCH=master DISTRO_TAG=nonroot USR=nonroot:nonroot - file: ./Dockerfile + file: ./Dockerfile_j11 load: true tags: ${{ env.TEST_TAG }}-nonroot @@ -105,66 +109,15 @@ jobs: - name: Run tests run: bats --tap test/bats/*.bats - # DP: this dynamically set the version from develop + # DP: this dynamically set the version from master # no longer necessary - # - name: Get SemVer string from test image - # run: | - # echo "EXIST_VER=$(docker exec exist-ci java org.exist.start.Main client --no-gui --xpath 'system:get-version()' | grep -i 'eXist version' | cut -d ' ' -f 3)" >> $GITHUB_ENV - # - name: Test GHA output - # run: echo $EXIST_VER + - name: Get SemVer string from test image + run: | + echo "EXIST_VER=$(docker exec exist-ci java org.exist.start.Main client --no-gui --xpath 'system:get-version()' | grep -i 'eXist version' | cut -d ' ' -f 3)" >> $GITHUB_ENV + - name: Test GHA output + run: echo $EXIST_VER # PUSH - # Latest - - name: Push :latest to Dockerhub - if: github.ref == 'refs/heads/main' - uses: docker/build-push-action@v4 - with: - context: ./ - platforms: linux/amd64,linux/arm64 - file: ./Dockerfile - build-args: BRANCH=develop - builder: ${{ steps.buildx.outputs.name }} - push: true - tags: | - ${{ secrets.DOCKER_USERNAME }}/existdb:latest - cache-from: type=registry,ref=${{ secrets.DOCKER_USERNAME }}/existdb:buildcache - cache-to: type=registry,ref=${{ secrets.DOCKER_USERNAME }}/existdb:buildcache,mode=max - - - name: Push :debug (latest) to Dockerhub - if: github.ref == 'refs/heads/main' - uses: docker/build-push-action@v4 - with: - context: ./ - platforms: linux/amd64,linux/arm64 - file: ./Dockerfile - build-args: | - DISTRO_TAG=debug - BRANCH=develop - builder: ${{ steps.buildx.outputs.name }} - push: true - tags: | - ${{ secrets.DOCKER_USERNAME }}/existdb:debug - cache-from: type=registry,ref=${{ secrets.DOCKER_USERNAME }}/existdb:buildcache - cache-to: type=registry,ref=${{ secrets.DOCKER_USERNAME }}/existdb:buildcache,mode=max - - - name: push :nonroot (latest) to Dockerhub - if: github.ref == 'refs/heads/main' - uses: docker/build-push-action@v4 - with: - context: ./ - platforms: linux/amd64,linux/arm64 - file: ./Dockerfile - build-args: | - DISTRO_TAG=nonroot - USR=nonroot:nonroot - BRANCH=develop - builder: ${{ steps.buildx.outputs.name }} - push: true - tags: | - ${{ secrets.DOCKER_USERNAME }}/existdb:nonroot - cache-from: type=registry,ref=${{ secrets.DOCKER_USERNAME }}/existdb:buildcache - cache-to: type=registry,ref=${{ secrets.DOCKER_USERNAME }}/existdb:buildcache,mode=max - # Release - name: Push :release to Dockerhub if: github.ref == 'refs/heads/main' @@ -172,7 +125,7 @@ jobs: with: context: ./ platforms: linux/amd64,linux/arm64 - file: ./Dockerfile + file: ./Dockerfile_j11 build-args: BRANCH=master builder: ${{ steps.buildx.outputs.name }} push: true @@ -188,7 +141,7 @@ jobs: with: context: ./ platforms: linux/amd64,linux/arm64 - file: ./Dockerfile + file: ./Dockerfile_j11 build-args: | DISTRO_TAG=debug BRANCH=master @@ -206,7 +159,7 @@ jobs: with: context: ./ platforms: linux/amd64,linux/arm64 - file: ./Dockerfile + file: ./Dockerfile_j11 build-args: | DISTRO_TAG=nonroot USR=nonroot:nonroot diff --git a/.github/workflows/ci-java17.yml b/.github/workflows/ci-java17.yml new file mode 100644 index 0000000..af82b80 --- /dev/null +++ b/.github/workflows/ci-java17.yml @@ -0,0 +1,166 @@ +name: Java 17 :latest +on: + push: + pull_request: + schedule: + - cron: "11 */8 * * *" + +env: + TEST_TAG: ${{ secrets.DOCKER_USERNAME }}/existdb:exist-ci + # EXIST_VER: 6.2.0 + +jobs: + build: + name: Build and Test Images + runs-on: ubuntu-latest + # NOTE (DP): Test on PRs and pushes + if: github.ref == 'refs/heads/main' || github.base_ref == 'main' + steps: + + # SETUP + - uses: actions/checkout@v3 + with: + fetch-depth: 1 + + - name: Set up JDK 17 + uses: actions/setup-java@v3 + with: + distribution: temurin + java-version: '17' + + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + with: + platforms: linux/amd64,linux/arm64 + # platforms: all + + - name: Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Make buildkit default + uses: docker/setup-buildx-action@v2 + id: buildx + with: + install: true + + - name: Install bats + # run: sudo apt-get install bats libsaxonb-java + run: sudo apt-get install bats + + - name: Check local images + run: docker image ls + + # TODO(DP) needs adjusting for multi-stage see #5 + # - name: Modify logging config + # run: saxonb-xslt -s:dump/exist-distribution-${{ env.EXIST_VER }}/etc/log4j2.xml -xsl:log4j2-docker.xslt -o:log4j2.xml + + # BUILD + - name: Build default images for testing on CI + uses: docker/build-push-action@v4 + with: + context: . + file: ./Dockerfile + load: true + tags: ${{ env.TEST_TAG }} + + - name: Build debug images for testing on CI + uses: docker/build-push-action@v4 + with: + context: . + build-args: DISTRO_TAG=debug + file: ./Dockerfile + load: true + tags: ${{ env.TEST_TAG }}-debug + + - name: Build nonroot images for testing on CI + uses: docker/build-push-action@v4 + with: + context: . + build-args: | + DISTRO_TAG=nonroot + USR=nonroot:nonroot + file: ./Dockerfile + load: true + tags: ${{ env.TEST_TAG }}-nonroot + + # TEST + - name: Start exist-ci containers + run: | + docker run -dit -p 8080:8080 --name exist-ci --rm ${{ env.TEST_TAG }} + docker run -dit -p 8181:8080 -v $pwd/exist/autodeploy:/exist/autodeploy --name nonroot --rm ${{ env.TEST_TAG }}-nonroot + sleep 35s + + # - name: Wait for exist-ci to boot + # run: | + # timeout 60 sh -c 'until docker logs exist-ci | grep -qe "Server has started"; do sleep 3; done' localhost 8080 + + - name: Check mem and cgroup config + run: | + docker logs exist-ci | grep -w "Approximate maximum amount of memory for JVM:" + docker logs exist-ci | grep -w "Number of processors available to JVM:" + + - name: Run tests + run: bats --tap test/bats/*.bats + + # DP: this dynamically set the version from develop + # no longer necessary + # - name: Get SemVer string from test image + # run: | + # echo "EXIST_VER=$(docker exec exist-ci java org.exist.start.Main client --no-gui --xpath 'system:get-version()' | grep -i 'eXist version' | cut -d ' ' -f 3)" >> $GITHUB_ENV + # - name: Test GHA output + # run: echo $EXIST_VER + + # PUSH + # Latest + - name: Push :latest to Dockerhub + if: github.ref == 'refs/heads/main' + uses: docker/build-push-action@v4 + with: + context: ./ + platforms: linux/amd64,linux/arm64 + file: ./Dockerfile + build-args: BRANCH=develop + builder: ${{ steps.buildx.outputs.name }} + push: true + tags: | + ${{ secrets.DOCKER_USERNAME }}/existdb:latest + cache-from: type=registry,ref=${{ secrets.DOCKER_USERNAME }}/existdb:buildcache + cache-to: type=registry,ref=${{ secrets.DOCKER_USERNAME }}/existdb:buildcache,mode=max + + - name: Push :debug (latest) to Dockerhub + if: github.ref == 'refs/heads/main' + uses: docker/build-push-action@v4 + with: + context: ./ + platforms: linux/amd64,linux/arm64 + file: ./Dockerfile + build-args: | + DISTRO_TAG=debug + BRANCH=develop + builder: ${{ steps.buildx.outputs.name }} + push: true + tags: | + ${{ secrets.DOCKER_USERNAME }}/existdb:debug + cache-from: type=registry,ref=${{ secrets.DOCKER_USERNAME }}/existdb:buildcache + cache-to: type=registry,ref=${{ secrets.DOCKER_USERNAME }}/existdb:buildcache,mode=max + + - name: push :nonroot (latest) to Dockerhub + if: github.ref == 'refs/heads/main' + uses: docker/build-push-action@v4 + with: + context: ./ + platforms: linux/amd64,linux/arm64 + file: ./Dockerfile + build-args: | + DISTRO_TAG=nonroot + USR=nonroot:nonroot + BRANCH=develop + builder: ${{ steps.buildx.outputs.name }} + push: true + tags: | + ${{ secrets.DOCKER_USERNAME }}/existdb:nonroot + cache-from: type=registry,ref=${{ secrets.DOCKER_USERNAME }}/existdb:buildcache + cache-to: type=registry,ref=${{ secrets.DOCKER_USERNAME }}/existdb:buildcache,mode=max \ No newline at end of file diff --git a/.github/workflows/ci-java8.yml b/.github/workflows/ci-java8.yml index 1fe2ded..eabe4e5 100644 --- a/.github/workflows/ci-java8.yml +++ b/.github/workflows/ci-java8.yml @@ -1,9 +1,9 @@ -name: Java 8 +name: Java 8 :release on: push: pull_request: schedule: - - cron: "11 */8 * * *" + - cron: "11 4 * * *" env: TEST_TAG: ${{ secrets.DOCKER_USERNAME }}/existdb:exist-ci @@ -62,6 +62,7 @@ jobs: uses: docker/build-push-action@v4 with: context: . + build-args: BRANCH=master file: ./Dockerfile_j8 load: true tags: ${{ env.TEST_TAG }} @@ -70,7 +71,9 @@ jobs: uses: docker/build-push-action@v4 with: context: . - build-args: DISTRO_TAG=debug + build-args: | + DISTRO_TAG=debug + BRANCH=master file: ./Dockerfile_j8 load: true tags: ${{ env.TEST_TAG }}-debug @@ -80,6 +83,7 @@ jobs: with: context: . build-args: | + BRANCH=master DISTRO_TAG=nonroot USR=nonroot:nonroot file: ./Dockerfile_j8 @@ -97,64 +101,13 @@ jobs: run: bats --tap test/bats/*.bats # DP: This is dynamically setting Version number of latest - # - name: Get SemVer string from test image - # run: | - # echo "EXIST_VER=$(docker exec exist-ci java org.exist.start.Main client --no-gui --xpath 'system:get-version()' | grep -i 'eXist version' | cut -d ' ' -f 3)" >> $GITHUB_ENV - # - name: Test GHA output - # run: echo $EXIST_VER + - name: Get SemVer string from test image + run: | + echo "EXIST_VER=$(docker exec exist-ci java org.exist.start.Main client --no-gui --xpath 'system:get-version()' | grep -i 'eXist version' | cut -d ' ' -f 3)" >> $GITHUB_ENV + - name: Test GHA output + run: echo $EXIST_VER # PUSH - # Latest - - name: Push :latest to Dockerhub - if: github.ref == 'refs/heads/main' - uses: docker/build-push-action@v4 - with: - context: ./ - platforms: linux/amd64,linux/arm64 - file: ./Dockerfile_j8 - build-args: BRANCH=develop - builder: ${{ steps.buildx.outputs.name }} - push: true - tags: | - ${{ secrets.DOCKER_USERNAME }}/existdb:latest-j8 - cache-from: type=registry,ref=${{ secrets.DOCKER_USERNAME }}/existdb:buildcache - cache-to: type=registry,ref=${{ secrets.DOCKER_USERNAME }}/existdb:buildcache,mode=max - - - name: Push :debug (latest) to Dockerhub - if: github.ref == 'refs/heads/main' - uses: docker/build-push-action@v4 - with: - context: ./ - platforms: linux/amd64,linux/arm64 - file: ./Dockerfile_j8 - build-args: | - DISTRO_TAG=debug - BRANCH=develop - builder: ${{ steps.buildx.outputs.name }} - push: true - tags: | - ${{ secrets.DOCKER_USERNAME }}/existdb:debug-j8 - cache-from: type=registry,ref=${{ secrets.DOCKER_USERNAME }}/existdb:buildcache - cache-to: type=registry,ref=${{ secrets.DOCKER_USERNAME }}/existdb:buildcache,mode=max - - - name: push :nonroot (latest) to Dockerhub - if: github.ref == 'refs/heads/main' - uses: docker/build-push-action@v4 - with: - context: ./ - platforms: linux/amd64,linux/arm64 - file: ./Dockerfile_j8 - build-args: | - DISTRO_TAG=nonroot - USR=nonroot:nonroot - BRANCH=develop - builder: ${{ steps.buildx.outputs.name }} - push: true - tags: | - ${{ secrets.DOCKER_USERNAME }}/existdb:nonroot-j8 - cache-from: type=registry,ref=${{ secrets.DOCKER_USERNAME }}/existdb:buildcache - cache-to: type=registry,ref=${{ secrets.DOCKER_USERNAME }}/existdb:buildcache,mode=max - # Release - name: Push :release to Dockerhub if: github.ref == 'refs/heads/main' diff --git a/Dockerfile b/Dockerfile index 266e6cf..f464cef 100644 --- a/Dockerfile +++ b/Dockerfile @@ -22,7 +22,7 @@ ARG DISTRO_TAG=latest -FROM maven:3-eclipse-temurin-11 as builder +FROM maven:3-eclipse-temurin-17 as builder ARG BRANCH=develop # TODO (DP) add cache mount ? @@ -36,7 +36,7 @@ mvn -q -DskipTests -Ddocker=false -Ddependency-check.skip=true -Dmac.signing=fal -FROM gcr.io/distroless/java11-debian11:${DISTRO_TAG} +FROM gcr.io/distroless/java17:${DISTRO_TAG} ARG USR=root @@ -70,6 +70,8 @@ ENV JAVA_TOOL_OPTIONS \ -Dexist.configurationFile=/exist/etc/conf.xml \ -Djetty.home=/exist \ -Dexist.jetty.config=/exist/etc/jetty/standard.enabled-jetty-configs \ + -XX:+UseNUMA \ + -XX:+UseZGC \ -XX:+UseStringDeduplication \ -XX:+UseContainerSupport \ -XX:MaxRAMPercentage=${JVM_MAX_RAM_PERCENTAGE:-75.0} \ diff --git a/Dockerfile_j11 b/Dockerfile_j11 new file mode 100644 index 0000000..266e6cf --- /dev/null +++ b/Dockerfile_j11 @@ -0,0 +1,88 @@ +# +# eXist-db Open Source Native XML Database +# Copyright (C) 2001 The eXist-db Authors +# +# info@exist-db.org +# http://www.exist-db.org +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA +# + +ARG DISTRO_TAG=latest + +FROM maven:3-eclipse-temurin-11 as builder +ARG BRANCH=develop + +# TODO (DP) add cache mount ? +RUN git clone --single-branch --branch=${BRANCH} --depth=1 https://github.com/eXist-db/exist.git + +WORKDIR /exist + +# Yay for buildkit +RUN --mount=type=cache,id=maven,target=/root/.m2 \ +mvn -q -DskipTests -Ddocker=false -Ddependency-check.skip=true -Dmac.signing=false -Dizpack-signing=false -Denv.CI=true -P '!mac-dmg-on-unix,!installer,!concurrency-stress-tests,!micro-benchmarks' package + + + +FROM gcr.io/distroless/java11-debian11:${DISTRO_TAG} + +ARG USR=root + +# Copy eXist-db +COPY --from=builder --chown=${USR} /exist/exist-distribution/target/exist-distribution-*-dir/LICENSE /exist/LICENSE +COPY --from=builder --chown=${USR} /exist/exist-distribution/target/exist-distribution-*-dir/autodeploy /exist/autodeploy +COPY --from=builder --chown=${USR} /exist/exist-distribution/target/exist-distribution-*-dir/etc /exist/etc +COPY --from=builder --chown=${USR} /exist/exist-distribution/target/exist-distribution-*-dir/lib /exist/lib +COPY --chown=${USR} log4j2.xml /exist/etc + + +EXPOSE 8080 8443 + +# make CACHE_MEM and MAX_BROKER available to users +ARG CACHE_MEM +ARG MAX_BROKER +ARG JVM_MAX_RAM_PERCENTAGE + +ENV EXIST_HOME "/exist" +ENV CLASSPATH=/exist/lib/* + + +ENV JAVA_TOOL_OPTIONS \ + -Dfile.encoding=UTF8 \ + -Dsun.jnu.encoding=UTF-8 \ + -Djava.awt.headless=true \ + -Dorg.exist.db-connection.cacheSize=${CACHE_MEM:-256}M \ + -Dorg.exist.db-connection.pool.max=${MAX_BROKER:-20} \ + -Dlog4j.configurationFile=/exist/etc/log4j2.xml \ + -Dexist.home=/exist \ + -Dexist.configurationFile=/exist/etc/conf.xml \ + -Djetty.home=/exist \ + -Dexist.jetty.config=/exist/etc/jetty/standard.enabled-jetty-configs \ + -XX:+UseStringDeduplication \ + -XX:+UseContainerSupport \ + -XX:MaxRAMPercentage=${JVM_MAX_RAM_PERCENTAGE:-75.0} \ + -XX:+ExitOnOutOfMemoryError + +USER ${USR} + +HEALTHCHECK CMD [ "java", "org.exist.start.Main", "client", \ + "--no-gui", \ + "--user", "guest", \ + "--password", "guest", \ + "--xpath", "system:get-version()" ] + +ENTRYPOINT [ "java", "org.exist.start.Main"] + +CMD ["jetty"] \ No newline at end of file