Skip to content

Commit

Permalink
Update Dockerfile (#1501)
Browse files Browse the repository at this point in the history
  • Loading branch information
@injectives
injectives authored Nov 1, 2023
1 parent e3d1080 commit 30a5123
Showing 1 changed file with 10 additions and 10 deletions.
20 changes: 10 additions & 10 deletions testkit/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,16 +8,11 @@ RUN apt-get update && apt-get install -y \
curl \
apt-transport-https \
python3 \
p11-kit \
&& rm -rf /var/lib/apt/lists/*

# https://adoptium.net/en-GB/installation/linux
RUN mkdir -p /etc/apt/keyrings \
&& curl --location --silent --show-error https://packages.adoptium.net/artifactory/api/gpg/key/public -o /etc/apt/keyrings/adoptium.asc \
&& echo "deb [signed-by=/etc/apt/keyrings/adoptium.asc] https://packages.adoptium.net/artifactory/deb $(awk -F= '/^VERSION_CODENAME/{print$2}' /etc/os-release) main" | tee /etc/apt/sources.list.d/adoptium.list > /dev/null \
&& apt-get update && apt-get install -y \
temurin-17-jdk \
&& rm -rf /var/lib/apt/lists/* \
&& ln -s /usr/lib/jvm/temurin-17-jdk-* $JAVA_HOME
# https://hub.docker.com/_/eclipse-temurin
COPY --from=eclipse-temurin:17-jdk /opt/java/openjdk $JAVA_HOME

COPY --from=maven:3.9.2-eclipse-temurin-17 /usr/share/maven /opt/apache-maven

Expand All @@ -26,7 +21,12 @@ COPY --from=maven:3.9.2-eclipse-temurin-17 /usr/share/maven /opt/apache-maven
# JAVA_HOME needed by update-ca-certificates hook to update Java with changed system CAs.
COPY CAs/* /usr/local/share/ca-certificates/
COPY CustomCAs/* /usr/local/share/custom-ca-certificates/
RUN echo 'jdk.tls.disabledAlgorithms=jdk.tls.disabledAlgorithms=SSLv3, TLSv1, RC4, DES, MD5withRSA, DH keySize < 1024, EC keySize < 224, 3DES_EDE_CBC, anon, NULL' > /testkit.java.security \
&& update-ca-certificates
RUN echo 'jdk.tls.disabledAlgorithms=jdk.tls.disabledAlgorithms=SSLv3, TLSv1, RC4, DES, MD5withRSA, DH keySize < 1024, EC keySize < 224, 3DES_EDE_CBC, anon, NULL' > /testkit.java.security

# https://github.com/adoptium/containers/issues/293
# https://github.com/adoptium/containers/pull/392
# https://github.com/adoptium/containers/blob/f6d4923380ecb1ec4b0d58c633ebb0aeed4c8332/17/jdk/ubuntu/jammy/entrypoint.sh#L23
RUN update-ca-certificates \
&& trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$JAVA_HOME/lib/security/cacerts"

ENV PATH=$JAVA_HOME/bin:/opt/apache-maven/bin:$PATH

0 comments on commit 30a5123

Please sign in to comment.