2025-12-22 14:49:16 +00:00
|
|
|
# syntax=docker/dockerfile:1.6
|
|
|
|
|
|
|
|
|
|
ARG JAVA_VERSION=21
|
|
|
|
|
ARG MAVEN_IMAGE=maven:3.9-eclipse-temurin-21
|
|
|
|
|
ARG JDK_IMAGE=eclipse-temurin:21-jdk
|
|
|
|
|
ARG DISTROLESS_IMAGE=gcr.io/distroless/base-debian12:nonroot
|
|
|
|
|
|
2025-11-30 23:17:57 +09:00
|
|
|
# =========================
|
2025-12-22 15:05:43 +00:00
|
|
|
# 1) Build
|
2025-11-30 23:17:57 +09:00
|
|
|
# =========================
|
2025-12-22 14:49:16 +00:00
|
|
|
FROM ${MAVEN_IMAGE} AS builder
|
2025-11-30 23:17:57 +09:00
|
|
|
WORKDIR /app
|
|
|
|
|
|
|
|
|
|
COPY pom.xml ./
|
|
|
|
|
RUN --mount=type=cache,target=/root/.m2 \
|
|
|
|
|
mvn -q -DskipTests dependency:go-offline
|
|
|
|
|
|
|
|
|
|
COPY . .
|
|
|
|
|
RUN --mount=type=cache,target=/root/.m2 \
|
|
|
|
|
mvn -q -DskipTests package
|
|
|
|
|
|
2025-12-22 14:49:16 +00:00
|
|
|
RUN set -eux; \
|
|
|
|
|
JAR="$(ls -1 target/*.jar | head -n 1)"; \
|
|
|
|
|
test -n "$JAR"; \
|
|
|
|
|
cp -f "$JAR" /app/app.jar
|
|
|
|
|
|
2025-12-22 13:49:35 +00:00
|
|
|
# =========================
|
2025-12-22 15:05:43 +00:00
|
|
|
# 2) Whatap Agent stage
|
2025-12-22 13:49:35 +00:00
|
|
|
# =========================
|
2025-12-22 14:49:16 +00:00
|
|
|
FROM ${JDK_IMAGE} AS whatap_agent
|
|
|
|
|
WORKDIR /work
|
2025-11-30 23:17:57 +09:00
|
|
|
|
2025-12-22 13:49:35 +00:00
|
|
|
COPY whatap/whatap.agent.java.tar.gz /tmp/whatap.agent.java.tar.gz
|
2025-12-22 14:49:16 +00:00
|
|
|
COPY paramkey.txt /tmp/paramkey.txt
|
2025-12-22 13:49:35 +00:00
|
|
|
|
|
|
|
|
RUN set -eux; \
|
|
|
|
|
mkdir -p /whatap; \
|
|
|
|
|
tar -xzf /tmp/whatap.agent.java.tar.gz -C /whatap; \
|
|
|
|
|
rm -f /tmp/whatap.agent.java.tar.gz; \
|
2025-12-22 15:05:43 +00:00
|
|
|
AGENT_JAR="$(find /whatap -maxdepth 6 -type f \
|
2025-12-22 14:49:16 +00:00
|
|
|
\( -name 'whatap.agent*.jar' -o -name '*whatap*agent*.jar' \) \
|
|
|
|
|
| head -n 1)"; \
|
2025-12-22 13:49:35 +00:00
|
|
|
test -n "$AGENT_JAR"; \
|
2025-12-22 13:54:35 +00:00
|
|
|
cp -f "$AGENT_JAR" /whatap/whatap.agent.jar; \
|
2025-12-22 14:49:16 +00:00
|
|
|
cp -f /tmp/paramkey.txt /whatap/paramkey.txt; \
|
2025-12-22 15:05:43 +00:00
|
|
|
# 파일은 읽기 가능(0644)로 두고, 디렉토리는 나중에 런타임에서 쓰기 가능하게
|
|
|
|
|
chmod 0644 /whatap/whatap.agent.jar /whatap/paramkey.txt; \
|
|
|
|
|
chmod 0755 /whatap
|
2025-12-22 14:49:16 +00:00
|
|
|
|
2025-11-30 23:17:57 +09:00
|
|
|
# =========================
|
2025-12-22 15:05:43 +00:00
|
|
|
# 3) jlink Slim JRE
|
2025-11-30 23:17:57 +09:00
|
|
|
# =========================
|
2025-12-22 14:49:16 +00:00
|
|
|
FROM ${JDK_IMAGE} AS jre
|
2025-11-30 23:17:57 +09:00
|
|
|
WORKDIR /jrebuild
|
|
|
|
|
|
2025-12-22 14:49:16 +00:00
|
|
|
COPY --from=builder /app/app.jar ./app.jar
|
2025-11-30 23:17:57 +09:00
|
|
|
|
|
|
|
|
RUN set -eux; \
|
2025-12-22 14:55:09 +00:00
|
|
|
DEPS="$(jdeps --ignore-missing-deps --multi-release=21 --print-module-deps app.jar)"; \
|
2025-11-30 23:17:57 +09:00
|
|
|
jlink --strip-debug --no-man-pages --no-header-files --compress=2 \
|
|
|
|
|
--add-modules "$DEPS,\
|
|
|
|
|
java.desktop,java.management,jdk.management,java.sql,java.naming,\
|
|
|
|
|
java.logging,java.security.jgss,jdk.security.auth,java.security.sasl,java.instrument,\
|
2025-12-22 15:05:43 +00:00
|
|
|
jdk.crypto.ec,jdk.unsupported,java.xml" \
|
2025-11-30 23:17:57 +09:00
|
|
|
--output /opt/jre
|
|
|
|
|
|
|
|
|
|
# =========================
|
2025-12-22 14:49:16 +00:00
|
|
|
# 4) Runtime (Distroless)
|
2025-11-30 23:17:57 +09:00
|
|
|
# =========================
|
2025-12-22 14:49:16 +00:00
|
|
|
FROM ${DISTROLESS_IMAGE}
|
2025-11-30 23:17:57 +09:00
|
|
|
WORKDIR /app
|
|
|
|
|
|
2025-12-22 14:49:16 +00:00
|
|
|
COPY --from=jre /opt/jre /opt/jre
|
|
|
|
|
COPY --from=builder /app/app.jar ./app.jar
|
2025-11-30 23:17:57 +09:00
|
|
|
|
2025-12-22 15:05:43 +00:00
|
|
|
# ✅ 핵심: /whatap 을 nonroot(65532)가 소유하도록 복사
|
|
|
|
|
COPY --from=whatap_agent --chown=65532:65532 /whatap /whatap
|
|
|
|
|
|
2025-12-22 14:49:16 +00:00
|
|
|
ENV JAVA_HOME=/opt/jre
|
2025-11-30 23:17:57 +09:00
|
|
|
ENV PATH="/opt/jre/bin:${PATH}"
|
|
|
|
|
|
2025-12-22 15:05:43 +00:00
|
|
|
# ✅ whatap home 명시(에이전트가 내부 파일 쓸 때 경로 확정)
|
|
|
|
|
ENV WHATAP_HOME=/whatap
|
|
|
|
|
|
2025-11-30 23:17:57 +09:00
|
|
|
ENV JAVA_TOOL_OPTIONS="\
|
2025-12-22 13:49:35 +00:00
|
|
|
-javaagent:/whatap/whatap.agent.jar \
|
2025-12-22 14:49:16 +00:00
|
|
|
-Dwhatap.paramkey=/whatap/paramkey.txt \
|
2025-12-22 15:12:03 +00:00
|
|
|
--add-opens=java.base/java.lang=ALL-UNNAMED \
|
2025-11-30 23:17:57 +09:00
|
|
|
-XX:+UseContainerSupport \
|
|
|
|
|
-XX:MaxRAMPercentage=75 \
|
|
|
|
|
-XX:+ExitOnOutOfMemoryError \
|
|
|
|
|
-XX:+AlwaysActAsServerClassMachine"
|
|
|
|
|
|
|
|
|
|
EXPOSE 8080
|
2025-12-22 14:49:16 +00:00
|
|
|
ENTRYPOINT ["/opt/jre/bin/java", "-jar", "/app/app.jar"]
|
