From 90cef9a78581e19ceda6decf93f141421bd1a85e Mon Sep 17 00:00:00 2001 From: Konstantin Demin Date: Wed, 9 Oct 2024 11:49:55 +0300 Subject: [PATCH] treewide: move data/dependencies to later layers base: - add PSL (share among layers) - remove fontconfig (not so essential dependency) jdk: - keep fontconfig --- Dockerfile.base | 29 +++++++++++++++++++++++------ Dockerfile.jdk | 31 +++++++++++++++++++------------ Dockerfile.jre | 5 ++--- 3 files changed, 44 insertions(+), 21 deletions(-) diff --git a/Dockerfile.base b/Dockerfile.base index 6fa1132..d4d7005 100644 --- a/Dockerfile.base +++ b/Dockerfile.base @@ -44,11 +44,6 @@ RUN apt-env.sh apt-get update ; \ apt-env.sh apt-get upgrade -y ; \ apt-clean.sh -## perl-base: hardlink->symlink -RUN d=/usr/bin ; \ - find "$d/" -wholename "$d/perl5*" -exec ln -fsv perl {} ';' ; \ - ls -li "$d/perl"* - ## remove unwanted binaries RUN set -f ; \ for i in \ @@ -157,7 +152,6 @@ RUN apt-remove.sh \ apt-install.sh \ ca-certificates \ ca-certificates-java \ - fontconfig \ p11-kit \ netbase \ openssl \ @@ -185,6 +179,21 @@ RUN _lang=en_US.UTF8 ; \ locale -a | grep -Fixq "${_lang}" ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8' +RUN find /run/ -mindepth 1 -ls -delete || : ; \ + install -d -m 01777 /run/lock + +## deduplicate (!) +RUN apt-install.sh jdupes ; \ + apt-clean.sh ; \ + echo ; \ + du -xd1 /usr/ | sort -Vk2 ; \ + echo ; \ + jdupes -1LSpr /usr/ ; \ + echo ; \ + du -xd1 /usr/ | sort -Vk2 ; \ + echo ; \ + apt-remove.sh jdupes + RUN find /usr/local/sbin/ ! -type d -ls -delete ; \ find /run/ -mindepth 1 -ls -delete || : ; \ install -d -m 01777 /run/lock @@ -222,6 +231,13 @@ RUN ca_file='/etc/ssl/certs/ca-certificates.crt' ; \ echo ; \ ls -l "${ca_file}" "${ca_file}.fp" "${java_ca_file}" +ARG PSL_URI='https://publicsuffix.org/list/public_suffix_list.dat' +ADD "${PSL_URI}" /tmp/public_suffix_list.dat + +RUN chmod 0644 /tmp/public_suffix_list.dat ; \ + mkdir -p /usr/local/share/publicsuffix ; \ + cp -f /tmp/public_suffix_list.dat /usr/local/share/publicsuffix/ + ## --- FROM base-intermediate AS base @@ -231,6 +247,7 @@ COPY /scripts/* /usr/local/sbin/ COPY --from=certs /etc/ssl/certs/ca-certificates.* /etc/ssl/certs/ COPY --from=certs /etc/ssl/certs/java/cacerts /etc/ssl/certs/java/ COPY --from=certs /usr/local/share/ca-certificates/ /usr/local/share/ca-certificates/ +COPY --from=certs /usr/local/share/publicsuffix/ /usr/local/share/publicsuffix/ ENTRYPOINT [ ] CMD [ "bash" ] diff --git a/Dockerfile.jdk b/Dockerfile.jdk index 12924eb..eb35812 100644 --- a/Dockerfile.jdk +++ b/Dockerfile.jdk @@ -6,20 +6,9 @@ FROM docker.io/rockdrilla/graalvm-debian:base-${IMAGE_VERSION} AS base FROM base as jdk-fetch SHELL [ "/bin/sh", "-ec" ] -COPY /scripts/* /usr/local/sbin/ - -# ARG JAVA_VERSION_MAJOR -# ARG GRAALVM_BASE_FILE="graalvm-jdk-${JAVA_VERSION_MAJOR}_linux-x64_bin.tar.gz" -# ARG GRAALVM_BASE_URI="https://download.oracle.com/graalvm/${JAVA_VERSION_MAJOR}/latest" -# ARG GRAALVM_URI="${GRAALVM_BASE_URI}/${GRAALVM_BASE_FILE}" -# ADD "${GRAALVM_URI}" /tmp/graalvm.tar.gz - ARG GRAALVM_BASE_FILE COPY "/artifact-cache/${GRAALVM_BASE_FILE}" /tmp/graalvm.tar.gz -ARG PSL_URI='https://publicsuffix.org/list/public_suffix_list.dat' -ADD "${PSL_URI}" /tmp/public_suffix_list.dat - WORKDIR /opt/graalvm RUN tar --strip-components=1 -xf /tmp/graalvm.tar.gz ; \ @@ -28,10 +17,11 @@ RUN tar --strip-components=1 -xf /tmp/graalvm.tar.gz ; \ license-information-user-manual.zip \ lib/security/cacerts \ lib/security/krb5.conf \ + lib/security/public_suffix_list.dat \ ; \ - cp -f /tmp/public_suffix_list.dat lib/security/ ; \ ln -sv /etc/ssl/certs/java/cacerts lib/security/ ; \ ln -sv /etc/krb5.conf lib/security/ ; \ + ln -sv /usr/local/share/publicsuffix/public_suffix_list.dat lib/security/ ; \ find "${PWD}/" -name '*.so' -exec dirname '{}' '+' \ | sort -uV > ld.so.conf ; \ chmod -R go-w "${PWD}/" @@ -74,6 +64,23 @@ RUN ln -s "${JAVA_HOME}/ld.so.conf" /etc/ld.so.conf.d/graalvm.conf ; \ ENV PATH="${JAVA_HOME}/bin:${PATH}" \ MALLOC_ARENA_MAX=4 +RUN apt-install.sh \ + binutils \ + curl \ + elfutils \ + fakechroot \ + fakeroot \ + faketime \ + file \ + fontconfig \ + unzip \ + wget \ + xz-utils \ + zip \ + zstd \ + ; \ + apt-clean.sh + ## qa/smoke RUN set -xv ; java -version ; \ find /tmp/ -mindepth 1 -ls -delete diff --git a/Dockerfile.jre b/Dockerfile.jre index d235ab7..58170be 100644 --- a/Dockerfile.jre +++ b/Dockerfile.jre @@ -20,10 +20,11 @@ RUN rm -rf /jre ; \ rm -rf \ lib/security/cacerts \ lib/security/krb5.conf \ + lib/security/public_suffix_list.dat \ ; \ - cp -f "${JAVA_HOME}/lib/security/public_suffix_list.dat" lib/security/ ; \ ln -sv /etc/ssl/certs/java/cacerts lib/security/ ; \ ln -sv /etc/krb5.conf lib/security/ ; \ + ln -sv /usr/local/share/publicsuffix/public_suffix_list.dat lib/security/ ; \ chmod -R go-w /jre RUN rm -rf "${JAVA_HOME}" ; \ @@ -61,8 +62,6 @@ SHELL [ "/bin/sh", "-ec" ] COPY /Dockerfile.jre /usr/local/share/ -COPY /scripts/* /usr/local/sbin/ - ENV JAVA_HOME=/opt/graalvm COPY --from=jdk-to-jre "${JAVA_HOME}/" "${JAVA_HOME}/"