mirror of
https://github.com/spring-projects/spring-petclinic.git
synced 2025-12-27 19:07:28 +00:00
93 lines
2.7 KiB
Docker
93 lines
2.7 KiB
Docker
# syntax=docker/dockerfile:1.6
|
|
|
|
ARG JAVA_VERSION=21
|
|
ARG MAVEN_IMAGE=maven:3.9-eclipse-temurin-21
|
|
ARG JDK_IMAGE=eclipse-temurin:21-jdk
|
|
ARG DISTROLESS_IMAGE=gcr.io/distroless/base-debian12:nonroot
|
|
|
|
# =========================
|
|
# 1) Build
|
|
# =========================
|
|
FROM ${MAVEN_IMAGE} AS builder
|
|
WORKDIR /app
|
|
|
|
COPY pom.xml ./
|
|
RUN --mount=type=cache,target=/root/.m2 \
|
|
mvn -q -DskipTests dependency:go-offline
|
|
|
|
COPY . .
|
|
RUN --mount=type=cache,target=/root/.m2 \
|
|
mvn -q -DskipTests package
|
|
|
|
RUN set -eux; \
|
|
JAR="$(ls -1 target/*.jar | head -n 1)"; \
|
|
test -n "$JAR"; \
|
|
cp -f "$JAR" /app/app.jar
|
|
|
|
# =========================
|
|
# 2) Whatap Agent stage
|
|
# =========================
|
|
FROM ${JDK_IMAGE} AS whatap_agent
|
|
WORKDIR /work
|
|
|
|
COPY whatap/whatap.agent.java.tar.gz /tmp/whatap.agent.java.tar.gz
|
|
COPY paramkey.txt /tmp/paramkey.txt
|
|
|
|
RUN set -eux; \
|
|
mkdir -p /whatap; \
|
|
tar -xzf /tmp/whatap.agent.java.tar.gz -C /whatap; \
|
|
rm -f /tmp/whatap.agent.java.tar.gz; \
|
|
# agent jar 찾기
|
|
AGENT_JAR="$(find /whatap -maxdepth 6 -type f \
|
|
\( -name 'whatap.agent*.jar' -o -name '*whatap*agent*.jar' \) | head -n 1)"; \
|
|
test -n "$AGENT_JAR"; \
|
|
cp -f "$AGENT_JAR" /whatap/whatap.agent.jar; \
|
|
cp -f /tmp/paramkey.txt /whatap/paramkey.txt; \
|
|
chmod -R a=rX /whatap
|
|
|
|
# =========================
|
|
# 3) jlink Slim JRE
|
|
# =========================
|
|
FROM ${JDK_IMAGE} AS jre
|
|
WORKDIR /jrebuild
|
|
|
|
COPY --from=builder /app/app.jar ./app.jar
|
|
|
|
RUN set -eux; \
|
|
DEPS="$(jdeps --ignore-missing-deps --multi-release=21 --print-module-deps app.jar)"; \
|
|
jlink --strip-debug --no-man-pages --no-header-files --compress=2 \
|
|
--add-modules "$DEPS,\
|
|
java.desktop,java.management,jdk.management,java.sql,java.naming,\
|
|
java.logging,java.security.jgss,jdk.security.auth,java.security.sasl,java.instrument,\
|
|
jdk.crypto.ec,jdk.unsupported,java.xml" \
|
|
--output /opt/jre
|
|
|
|
# =========================
|
|
# 4) Runtime (Distroless)
|
|
# =========================
|
|
FROM ${DISTROLESS_IMAGE}
|
|
WORKDIR /app
|
|
|
|
COPY --from=jre /opt/jre /opt/jre
|
|
COPY --from=builder /app/app.jar ./app.jar
|
|
|
|
# ✅ 핵심: /whatap 을 nonroot(65532)가 소유하도록 복사
|
|
COPY --from=whatap_agent --chown=65532:65532 /whatap /whatap
|
|
|
|
ENV JAVA_HOME=/opt/jre
|
|
ENV PATH="/opt/jre/bin:${PATH}"
|
|
|
|
# ✅ whatap home 명시(에이전트가 내부 파일 쓸 때 경로 확정)
|
|
ENV WHATAP_HOME=/whatap
|
|
|
|
ENV JAVA_TOOL_OPTIONS="\
|
|
-javaagent:/whatap/whatap.agent.jar \
|
|
-Dwhatap.paramkey=/whatap/paramkey.txt \
|
|
--add-opens=java.base/java.lang=ALL-UNNAMED \
|
|
-XX:+UseContainerSupport \
|
|
-XX:MaxRAMPercentage=75 \
|
|
-XX:+ExitOnOutOfMemoryError \
|
|
-XX:+AlwaysActAsServerClassMachine"
|
|
|
|
EXPOSE 8080
|
|
ENTRYPOINT ["/opt/jre/bin/java", "-jar", "/app/app.jar"]
|