From eb776d87763ac92966562f5bba8ed6d28bc5accd Mon Sep 17 00:00:00 2001 From: Student User <student@workstation.lab.example.com> Date: Mon, 05 Aug 2019 17:41:37 +0200 Subject: [PATCH] smaller repo --- /dev/null | 6 -- nexus3/Dockerfile | 115 +++++++++++-------------------------- 2 files changed, 35 insertions(+), 86 deletions(-) diff --git a/nexus3/Dockerfile b/nexus3/Dockerfile index 0493f34..a7fd5bb 100644 --- a/nexus3/Dockerfile +++ b/nexus3/Dockerfile @@ -12,95 +12,50 @@ # See the License for the specific language governing permissions and # limitations under the License. -FROM registry.access.redhat.com/rhel7:7.6 -MAINTAINER Red Hat Training +FROM registry.access.redhat.com/ubi8/ubi +LABEL vendor=Sonatype \ + maintainer="Sonatype <cloud-ops@sonatype.com>" \ + com.sonatype.license="Apache License, Version 2.0" \ + com.sonatype.name="Nexus Repository Manager base image" -# Atomic Labels -LABEL name="Nexus Repository Manager" \ - vendor="Sonatype" \ - version="3.6.0-02" \ - release="3.6.0" \ - url="https://sonatype.com" \ - summary="The Nexus Repository Manager server \ - with universal support for popular component formats." \ - run="docker run -d --name NAME \ - -p 8081:8081 \ - IMAGE" \ - stop="docker stop NAME" +ARG NEXUS_VERSION=3.18.0-01 +ARG NEXUS_DOWNLOAD_URL=https://download.sonatype.com/nexus/3/nexus-${NEXUS_VERSION}-unix.tar.gz +ARG NEXUS_DOWNLOAD_SHA256_HASH=e1d9d84d8b169b2f6c735e7db35e3310cf9e242da12b4af83da4e3618acfc99e -# OpenShift Labels -LABEL io.k8s.description="The Nexus Repository Manager server \ - with universal support for popular component formats." \ - io.k8s.display-name="Nexus Repository Manager" \ - io.openshift.expose-services="8081:8081" \ -io.openshift.tags="Sonatype,Nexus,Repository Manager" - -LABEL com.sonatype.license="Apache License, Version 2.0" - -COPY help.1 uid_entrypoint / - -COPY licenses /licenses - - -RUN rpm --rebuilddb && \ - yum install -y \ - curl tar createrepo java-1.8.0-openjdk-devel \ - && yum clean all - - -# Install Nexus +# configure nexus runtime ENV SONATYPE_DIR=/opt/sonatype -ENV NEXUS_DATA=/nexus-data \ - NEXUS_HOME=${SONATYPE_DIR}/nexus \ - NEXUS_VERSION=3.6.0-02 \ - SONATYPE_WORK=${SONATYPE_DIR}/sonatype-work \ +ENV NEXUS_HOME=${SONATYPE_DIR}/nexus \ + NEXUS_DATA=/nexus-data \ NEXUS_CONTEXT='' \ - USER_NAME=nexus \ - USER_UID=200 + SONATYPE_WORK=${SONATYPE_DIR}/sonatype-work \ + DOCKER_TYPE='rh-docker' -# Install Nexus and Configure Nexus Runtime Environment -RUN mkdir -p ${NEXUS_HOME} && \ - curl --fail --silent --location --retry 3 \ - http://content.example.com/ocp3.6/x86_64/installers/nexus-${NEXUS_VERSION}-unix.tar.gz \ - | gunzip \ - | tar x -C ${NEXUS_HOME} --strip-components=1 nexus-${NEXUS_VERSION} && \ - chown -R root:root ${NEXUS_HOME} && \ - \ - sed \ - -e '/^nexus-context/ s:$:${NEXUS_CONTEXT}:' \ - -i ${NEXUS_HOME}/etc/nexus-default.properties && \ - \ - useradd -l -u ${USER_UID} -r -g 0 -m -d ${NEXUS_DATA} -s /sbin/no-login \ - -c "${USER_NAME} application user" ${USER_NAME} && \ - mkdir -p ${NEXUS_DATA}/etc ${NEXUS_DATA}/log ${NEXUS_DATA}/tmp ${SONATYPE_WORK} && \ - ln -s ${NEXUS_DATA} ${SONATYPE_WORK}/nexus3 && \ - chown -R ${USER_NAME}:0 ${NEXUS_DATA} && \ - chmod -R g+rw ${NEXUS_DATA} /etc/passwd && \ - chmod ug+x /uid_entrypoint && \ - find ${NEXUS_DATA} -type d -exec chmod g+x {} + +ARG NEXUS_REPOSITORY_MANAGER_COOKBOOK_VERSION="release-0.5.20190212-155606.d1afdfe" +ARG NEXUS_REPOSITORY_MANAGER_COOKBOOK_URL="https://github.com/sonatype/chef-nexus-repository-manager/releases/download/${NEXUS_REPOSITORY_MANAGER_COOKBOOK_VERSION}/chef-nexus-repository-manager.tar.gz" + +ADD solo.json.erb /var/chef/solo.json.erb + +# Install using chef-solo +# Chef version locked to avoid needing to accept the EULA on behalf of whomever builds the image +RUN yum install -y --disableplugin=subscription-manager hostname procps \ + && curl -L https://www.getchef.com/chef/install.sh | bash -s -- -v 14.12.9 \ + && /opt/chef/embedded/bin/erb /var/chef/solo.json.erb > /var/chef/solo.json \ + && chef-solo \ + --recipe-url ${NEXUS_REPOSITORY_MANAGER_COOKBOOK_URL} \ + --json-attributes /var/chef/solo.json \ + && rpm -qa *chef* | xargs rpm -e \ + && rm -rf /etc/chef \ + && rm -rf /opt/chefdk \ + && rm -rf /var/cache/yum \ + && rm -rf /var/chef \ + && yum clean all VOLUME ${NEXUS_DATA} -#Configure probes scripts -COPY probes/liveness.sh /usr/local/bin/liveness.sh -COPY probes/readiness.sh /usr/local/bin/readiness.sh - -RUN chmod 775 /usr/local/bin/liveness.sh && \ - chmod 775 /usr/local/bin/readiness.sh - -# arbitrary uid recognition at runtime - for OpenShift deployments -RUN sed "s@${USER_NAME}:x:${USER_UID}:@${USER_NAME}:x:\${USER_ID}:@g" /etc/passwd > /etc/passwd.template - -# Supply non variable to USER command ${USER_NAME} -USER 200 -WORKDIR ${NEXUS_HOME} - -ENV JAVA_MAX_MEM=1200m \ - JAVA_MIN_MEM=1200m - EXPOSE 8081 +USER nexus -ENTRYPOINT [ "/uid_entrypoint" ] -CMD ["bin/nexus", "run"] +ENV INSTALL4J_ADD_VM_PARAMS="-Xms1200m -Xmx1200m -XX:MaxDirectMemorySize=2g -Djava.util.prefs.userRoot=${NEXUS_DATA}/javaprefs" +CMD ["sh", "-c", "${SONATYPE_DIR}/start-nexus-repository-manager.sh"] diff --git a/nexus3/etc/training.repo b/nexus3/etc/training.repo deleted file mode 100644 index 18e48ef..0000000 --- a/nexus3/etc/training.repo +++ /dev/null @@ -1,54 +0,0 @@ -[rhel-7-dvd] -baseurl = http://content.example.com/rhel7.6/x86_64/dvd -enabled = true -gpgcheck = false -name = Remote classroom copy of RHEL DVD - -[rhel-server-rhscl-7-rpms] -baseurl = http://content.example.com/ocp4.0/x86_64/rhelrhscl -enabled = true -gpgcheck = false -name = Remote classroom copy of RHSCL - -[rhel-7-server-datapath-rpms] -baseurl = http://content.example.com/ocp4.0/x86_64/rheladditional/rhel-7-fast-datapath-rpms -enabled = true -gpgcheck = false -name = Remote classroom copy of RHEL 7.6 Datapath Packages - -[rhel-7-server-ansible-26] -baseurl = http://content.example.com/ocp4.0/x86_64/rheladditional/rhel-7-server-ansible-2.6-rpms -enabled = true -gpgcheck = false -name = Remote classroom copy of RHEL 7.6 Ansible Packages - -[rhel-7-server-extras-rpms] -baseurl = http://content.example.com/ocp4.0/x86_64/rheladditional/rhel-7-server-extras-rpms -enabled = true -gpgcheck = false -name = Remote classroom copy of RHEL 7.6 Extra Packages - -[rhel-7-server-common-rpms] -baseurl = http://content.example.com/ocp4.0/x86_64/rheladditional/rhel-7-server-rh-common-rpms -enabled = true -gpgcheck = false -name = Remote classroom copy of RHEL 7.6 Common Packages - -[rhel-7-server-supplementary] -baseurl = http://content.example.com/ocp4.0/x86_64/rhelsupplementary -enabled = true -gpgcheck = false -name = Remote classroom copy of RHEL 7.6 Supplementary Packages - -[rhel-7-server-optional-rpms] -baseurl = http://content.example.com/ocp4.0/x86_64/rhelopt -enabled = true -gpgcheck = false -name = Remote classroom copy of RHEL 7.6 Optional Packages - -[rhel-7-server-updates] -baseurl = http://content.example.com/ocp4.0/x86_64/rhelupdates -enabled = true -gpgcheck = false -name = Remote classroom copy of RHEL 7.6 Updates - diff --git a/nexus3/help.1 b/nexus3/help.1 deleted file mode 100644 index b74db88..0000000 --- a/nexus3/help.1 +++ /dev/null @@ -1,75 +0,0 @@ -.PP -% -.BR NEXUS (1) -Container Image Pages -% Sonatype -% November 21, 2016 -.TH NAME -.PP -nexus \- Nexus Repository Manager container image -.SH DESCRIPTION -.PP -The nexus image provides a containerized packaging of the Nexus Repository Manager. -Nexus Repository Manager is a repository manager with universal support for popular component formats including Maven, Docker, NuGet, npm, PyPi, Bower and more. -.PP -The nexus image is designed to be run by the atomic command with one of these options: -.PP -\fB\fCrun\fR -.PP -Starts the installed container with selected privileges to the host. -.PP -\fB\fCstop\fR -.PP -Stops the installed container -.PP -The container itself consists of: - \- Linux base image - \- Oracle Java JDK - \- Nexus Repository Manager - \- Atomic help file -.PP -Files added to the container during docker build include: /help.1. -.SH USAGE -.PP -To use the nexus container, you can run the atomic command with run, stop, or uninstall options: -.PP -To run the nexus container: -.IP -atomic run nexus -.PP -To stop the nexus container (after it is installed), run: -.IP -atomic stop nexus -.SH LABELS -.PP -The nexus container includes the following LABEL settings: -.PP -That atomic command runs the docker command set in this label: -.PP -\fB\fCRUN=\fR -.IP -LABEL RUN='docker run \-d \-p 8081:8081 \-\-name ${NAME} ${IMAGE}' -.IP -The contents of the RUN label tells an \fB\fCatomic run nexus\fR command to open port 8081 & set the name of the container. -.PP -\fB\fCSTOP=\fR -.IP -LABEL STOP='docker stop ${NAME}' -.PP -\fB\fCName=\fR -.PP -The registry location and name of the image. For example, Name="Nexus Repository Manager". -.PP -\fB\fCVersion=\fR -.PP -The Nexus Repository Manager version from which the container was built. For example, Version="3.0.2\-02". -.PP -When the atomic command runs the nexus container, it reads the command line associated with the selected option -from a LABEL set within the Docker container itself. It then runs that command. The following sections detail -each option and associated LABEL: -.SH SECURITY IMPLICATIONS -.PP -\fB\fC\-d\fR -.PP -Runs continuously as a daemon process in the background - diff --git a/nexus3/licenses/LICENSE b/nexus3/licenses/LICENSE deleted file mode 100644 index 6ddf595..0000000 --- a/nexus3/licenses/LICENSE +++ /dev/null @@ -1,10 +0,0 @@ -Sonatype Nexus (TM) Open Source Version -Copyright (c) 2008-present Sonatype, Inc. -All rights reserved. Includes the third-party code listed at http://links.sonatype.com/products/nexus/oss/attributions. - -This program and the accompanying materials are made available under the terms of the Eclipse Public License Version 1.0, -which accompanies this distribution and is available at http://www.eclipse.org/legal/epl-v10.html. - -Sonatype Nexus (TM) Professional Version is available from Sonatype, Inc. "Sonatype" and "Sonatype Nexus" are trademarks -of Sonatype, Inc. Apache Maven is a trademark of the Apache Software Foundation. M2eclipse is a trademark of the -Eclipse Foundation. All other trademarks are the property of their respective owners. diff --git a/nexus3/uid_entrypoint b/nexus3/uid_entrypoint deleted file mode 100644 index 02c2913..0000000 --- a/nexus3/uid_entrypoint +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh -USER_ID=$(id -u) -if [ ${USER_UID} != ${USER_ID} ]; then - sed "s@${USER_NAME}:x:\${USER_ID}:@${USER_NAME}:x:${USER_ID}:@g" /etc/passwd.template > /etc/passwd -fi -exec "$@" -- Gitblit v1.9.3