Skip to content

#40 Add initial Dockerfile #126

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
kpalang wants to merge 3 commits into from
Closed

#40 Add initial Dockerfile #126

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
0e95732
#40 Add initial Dockerfile
kpalang Jun 25, 2025
1babeff
#40 Add license header to entrypoint.sh
kpalang Jun 25, 2025
d892f83
#40 Add github actions workflow
kpalang Jun 25, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 26 additions & 0 deletions .github/workflows/build-container.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
name: Build OpenIntegrationEngine Container

on:
push:
branches:
- main
paths:
- docker
pull_request:
branches:
- main
paths:
- docker

jobs:
build:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v4

- name: Build Container
working-directory: docker/
run: ./build-images.sh

- run: docker image ls
4 changes: 4 additions & 0 deletions .github/workflows/build.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,13 @@ on:
push:
branches:
- main
paths-ignore:
- docker
pull_request:
branches:
- main
paths-ignore:
- docker

jobs:
build:
Expand Down
2 changes: 2 additions & 0 deletions docker/.dockerignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
*
!entrypoint.sh
129 changes: 129 additions & 0 deletions docker/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,129 @@
# syntax=docker/dockerfile:1

ARG ALPINE_JRE_TAG=17.0.15_6-jre-alpine
ARG ALPINE_JDK_TAG=17.0.15_6-jdk-alpine
ARG UBUNTU_JRE_TAG=17.0.15_6-jre-noble
ARG UBUNTU_JDK_TAG=17.0.15_6-jdk-noble
Comment on lines +3 to +6
Copy link
Contributor

@jonbartels jonbartels Jun 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Each of these is ALMOST the same thing.

What about defining "JAVA_VERSION = 17.0.15" then bulding the tags from that so that we have ONE place to update the java version?

Alpine also supports just "17" or "21" do we need the 17.0.5 full notation?

Copy link
Contributor Author

@kpalang kpalang Jun 25, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think here specifying full tags is better, as realistically, there's not a single standard they're using for tags. So generating them on the fly introduces the risk of finding a non-existing tag.

Copy link
Contributor

@jonbartels jonbartels Jun 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is a clear standard. The common images use this pattern:

ARG ALPINE_JRE_TAG=${JAVA_VERSION}-jre-alpine
ARG ALPINE_JDK_TAG=${JAVA_VERSION}-jdk-alpine
ARG UBUNTU_JRE_TAG=${JAVA_VERSION}-jre-noble
ARG UBUNTU_JDK_TAG=${JAVA_VERSION}-jdk-noble

Thus you get the latest 17.whatever.something_patch

Copy link
Member

@tonygermano tonygermano Jun 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should use the full version in the tag rather than just a major version. That's good practice in docker just like it is with software library versions. I think there's a way with dependabot or other bots to have it automatically open PRs to upgrade the version when new ones are released.


ARG UID=14285
ARG GID=14285
Copy link
Contributor

@jonbartels jonbartels Jun 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is 14285 significant or just a random number?

Copy link
Contributor Author

@kpalang kpalang Jun 25, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Random. It is to try to eliminate conflicts with existing users.

Copy link
Member

@tonygermano tonygermano Jun 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I need to check some of the nextgen issues, but I think it is desirable to conflict with existing users when doing bind mounts.


FROM alpine:3.21.3 AS downloader

ARG UID
ARG GID

WORKDIR /opt

# Download Open Integration Engine release
RUN apk add --no-cache curl \
&& curl -L \
-o /opt/engine.tar.gz \
-H "Accept: application/vnd.github+json" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://github.com/OpenIntegrationEngine/engine/releases/download/v4.5.2-tp.1/oie_unix_4_5_2.tar.gz \
Copy link
Contributor

@jonbartels jonbartels Jun 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should this be an ARG like the nextgen image?

Copy link
Contributor Author

@kpalang kpalang Jun 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I will be. I've yet to figure out how to accommodate both the Github "Release" object and downloading arbitrary artifacts from actions.

&& tar xzf engine.tar.gz \
&& mv /opt/oie /opt/engine \
&& mkdir -p /opt/engine/appdata

WORKDIR /opt/engine
COPY --chmod=755 ./entrypoint.sh /opt/engine/entrypoint
Copy link
Contributor

@mgaffigan mgaffigan Jun 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I suggest either the checked-in file should not have the .sh extension or the copy should not change the name and ENTRYPOINT ["./entrypoint.sh"]. This seems to add unnecessary differences between dev and release file structure.


RUN rm -rf cli-lib manager-lib \
&& rm mirth-cli-launcher.jar oiecommand

RUN (cat oieserver.vmoptions docs/oieservice-java9+.vmoptions ; echo "") > oieserver_base.vmoptions
Copy link
Member

@tonygermano tonygermano Jun 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this step shouldn't be necessary. Our default vmoptions already include the java 9+ options


RUN chown -R ${UID}:${GID} /opt/engine

##########################################
#
# Alpine Images
#
##########################################

FROM eclipse-temurin:$ALPINE_JRE_TAG AS alpine-jre

ARG UID
ARG GID

COPY --from=downloader /opt/engine /opt/engine

RUN adduser -D -H -u $UID engine \
&& apk add --no-cache bash

VOLUME /opt/engine/appdata
VOLUME /opt/engine/custom-extensions
WORKDIR /opt/engine

EXPOSE 8443

USER engine
ENTRYPOINT ["./entrypoint"]
CMD ["./oieserver"]

FROM eclipse-temurin:$ALPINE_JDK_TAG AS alpine-jdk

ARG UID
ARG GID

COPY --from=downloader /opt/engine /opt/engine

RUN adduser -D -H -u $UID engine \
&& apk add --no-cache bash

VOLUME /opt/engine/appdata
VOLUME /opt/engine/custom-extensions
WORKDIR /opt/engine

EXPOSE 8443

USER engine
ENTRYPOINT ["./entrypoint"]
CMD ["./oieserver"]
Comment on lines +65 to +83
Copy link
Contributor

@mgaffigan mgaffigan Jun 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there a reason to duplicate for JRE and JDK? They are the same, and since the base tag is already an argument, it can be passed from build-images.sh.

I understand having two targets for alpine vs ubuntu, since those have differences.


##########################################
#
# Ubuntu Images
#
##########################################

FROM eclipse-temurin:$UBUNTU_JRE_TAG AS ubuntu-jre

ARG UID
ARG GID

COPY --from=downloader /opt/engine /opt/engine

RUN groupadd --gid ${GID} engine \
&& useradd -u ${UID} -g ${GID} -M engine

VOLUME /opt/engine/appdata
VOLUME /opt/engine/custom-extensions
WORKDIR /opt/engine

EXPOSE 8443

USER engine
ENTRYPOINT ["./entrypoint"]
CMD ["./oieserver"]

FROM eclipse-temurin:$UBUNTU_JDK_TAG AS ubuntu-jdk

ARG UID
ARG GID

COPY --from=downloader /opt/engine /opt/engine

RUN groupadd --gid ${GID} engine \
&& useradd -u ${UID} -g ${GID} -M engine

VOLUME /opt/engine/appdata
VOLUME /opt/engine/custom-extensions
WORKDIR /opt/engine

EXPOSE 8443

USER engine
ENTRYPOINT ["./entrypoint"]
CMD ["./oieserver"]
13 changes: 13 additions & 0 deletions docker/build-images.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
#!/bin/bash

set -e

# Build alpine-jre image
docker build -f Dockerfile --target alpine-jre -t openintegrationengine/engine:latest-alpine-jre .
Copy link
Contributor

@jonbartels jonbartels Jun 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I sent you a patch on Discord to DRY this up and to support arm64 architectures.

# Build ubuntu-jre image
docker build -f Dockerfile --target ubuntu-jre -t openintegrationengine/engine:latest-ubuntu-jre .

# Build alpine-jdk image
docker build -f Dockerfile --target alpine-jdk -t openintegrationengine/engine:latest-alpine-jdk .
# Build ubuntu-jdk image
docker build -f Dockerfile --target ubuntu-jdk -t openintegrationengine/engine:latest-alpine-jdk .
Copy link
Member

@tonygermano tonygermano Jun 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

missing newline at end of file

Loading
Loading