-FROM debian:bullseye-slim
+FROM debian:bookworm-slim
ARG USER="mta"
ARG USER_HOME_DIR="/home/${USER}"
&& apt-get update \
&& apt-get install -y openssl --no-install-recommends \
&& rm -rf /var/lib/apt/lists/* \
+ # smoke test
+ && openssl version \
&& useradd --home-dir ${USER_HOME_DIR} \
--create-home \
--shell /bin/bash \
--uid 1000 \
--comment 'Cloud MTA Build Tool' \
--password "$(echo weUseMta | openssl passwd -1 -stdin)" ${USER} \
- # allow anybody to write into the image user home directory
- && chmod a+w ${USER_HOME_DIR}
+ # allow anybody to write into the image user home directory
+ && chmod a+w ${USER_HOME_DIR} \
+ && apt-get remove --purge --autoremove -y openssl
ADD http://aia.pki.co.sap.com/aia/SAP%20Global%20Root%20CA.crt \
/etc/ssl/certs/SAP_Global_Root_CA.crt
-ARG NODE_VERSION=16.17.1
+ARG NODE_VERSION=18.20.2
RUN ARCH= && dpkgArch="$(dpkg --print-architecture)" \
&& case "${dpkgArch##*-}" in \
&& set -ex \
&& apt-get update \
# libatomic1 for arm
- && apt-get install -y ca-certificates curl wget gnupg dirmngr xz-utils libatomic1 --no-install-recommends \
+ && apt-get install -y ca-certificates curl gnupg dirmngr xz-utils libatomic1 --no-install-recommends \
&& rm -rf /var/lib/apt/lists/* \
+ && export GNUPGHOME="$(mktemp -d)" \
&& for key in \
4ED778F539E3634C779C87C6D7062848A1AB005C \
141F07595B7B3FFE74309A937405533BE57C7D57 \
- 94AE36675C464D64BAFA68DD7434390BDBE9B9C5 \
74F12602B6F1C4E913FAA37AD3A89613643B6201 \
- 71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 \
61FC681DFB92A079F1685E77973F295594EC4689 \
8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \
C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \
890C08DB8579162FEE0DF9DB8BEAB4DFCF555EF4 \
C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C \
- DD8F2338BAE7501E3DD5AC78C273792F7D83545D \
- A48C2BEE680E841632CD4E44F07496B3EB3C1762 \
108F52B48DB57BB0CC439B2997B01419BD92F80A \
- B9E2F5981AA6E0CD28160D9FF13993A75599653C \
+ DD792F5973C6DE52C432CBDAC77ABFA00DDBF2B7 \
+ A6023530FC53461FEC91F99C04CD3F2FDE079578 \
+ CC68F5A3106FF448322E48ED27F5E38D5B0A215F \
; do \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || \
- gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; \
+ gpg --batch --keyserver hkps://keyserver.ubuntu.com --recv-keys "$key" ; \
done \
&& curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz" \
&& curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \
&& gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \
&& grep " node-v$NODE_VERSION-linux-$ARCH.tar.xz\$" SHASUMS256.txt | sha256sum -c - \
&& tar -xJf "node-v$NODE_VERSION-linux-$ARCH.tar.xz" -C /usr/local --strip-components=1 --no-same-owner \
- && rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \
+ && rm -rf "$GNUPGHOME" "node-v$NODE_VERSION-linux-$ARCH.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \
&& apt-mark auto '.*' > /dev/null \
&& find /usr/local -type f -executable -exec ldd '{}' ';' \
| awk '/=>/ { print $(NF-1) }' \
RUN set -ex \
&& savedAptMark="$(apt-mark showmanual)" \
&& apt-get update \
- && apt-get install -y ca-certificates curl wget gnupg dirmngr --no-install-recommends \
+ && apt-get install -y ca-certificates curl gnupg dirmngr --no-install-recommends \
&& rm -rf /var/lib/apt/lists/* \
+ && export GNUPGHOME="$(mktemp -d)" \
&& for key in \
6A010C5166006599AA17F08146C2130DFD2497F5 \
; do \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || \
- gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; \
+ gpg --batch --keyserver hkps://keyserver.ubuntu.com --recv-keys "$key" ; \
done \
&& curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz" \
&& curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz.asc" \
&& tar -xzf yarn-v$YARN_VERSION.tar.gz -C /opt/ \
&& ln -s /opt/yarn-v$YARN_VERSION/bin/yarn /usr/local/bin/yarn \
&& ln -s /opt/yarn-v$YARN_VERSION/bin/yarnpkg /usr/local/bin/yarnpkg \
- && rm yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz \
+ && rm -rf "$GNUPGHOME" yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz \
&& apt-mark auto '.*' > /dev/null \
&& { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; } \
&& find /usr/local -type f -executable -exec ldd '{}' ';' \
# smoke test
&& yarn --version
-ARG SAPMACHINE_VERSION=11.0.16.1
+ARG SAPMACHINE_VERSION=11.0.23
-RUN ARCH= && dpkgArch="$(dpkg --print-architecture)" \
- && case "${dpkgArch##*-}" in \
+ENV JAVA_HOME /opt/jdk
+
+RUN sapmachine_install() { \
+ SAPMACHINE_MAJOR_VERSION=$(echo ${SAPMACHINE_VERSION} | cut -d. -f1); \
+ ARCH=; \
+ dpkgArch="$(dpkg --print-architecture)"; \
+ case "${dpkgArch##*-}" in \
amd64) ARCH='amd64';; \
*) echo "unsupported architecture"; exit 1 ;; \
- esac \
+ esac; \
+ apt-get update; \
+ apt-get install -y ca-certificates gnupg dirmngr --no-install-recommends; \
+ rm -rf /var/lib/apt/lists/*; \
+ export GNUPGHOME="$(mktemp -d)"; \
+ for key in \
+ CACB9FE09150307D1D22D82962754C3B3ABCFE23 \
+ ; do \
+ gpg --no-default-keyring --keyring gnupg-ring:/etc/apt/trusted.gpg.d/sapmachine.gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || \
+ gpg --no-default-keyring --keyring gnupg-ring:/etc/apt/trusted.gpg.d/sapmachine.gpg --batch --keyserver hkps://keyserver.ubuntu.com --recv-keys "$key" ; \
+ done; \
+ chmod 644 /etc/apt/trusted.gpg.d/sapmachine.gpg; \
+ echo "deb http://dist.sapmachine.io/debian/${ARCH}/ ./" | tee /etc/apt/sources.list.d/sapmachine.list; \
+ apt-get update; \
+ apt-get install -y sapmachine-${SAPMACHINE_MAJOR_VERSION}-jdk=${SAPMACHINE_VERSION} --no-install-recommends; \
+ rm -rf "$GNUPGHOME" /var/lib/apt/lists/*; \
+ apt-get remove --purge --autoremove -y ca-certificates gnupg dirmngr; \
+ ln -s /usr/lib/jvm/sapmachine-${SAPMACHINE_MAJOR_VERSION} ${JAVA_HOME}; \
+ }; \
+ sapjvm_install() { \
+ ARCH=; \
+ dpkgArch="$(dpkg --print-architecture)"; \
+ case "${dpkgArch##*-}" in \
+ amd64) ARCH='x64';; \
+ ppc64el) ARCH='ppc64le';; \
+ *) echo "unsupported architecture"; exit 1 ;; \
+ esac; \
+ apt-get update; \
+ apt-get install -y ca-certificates curl libarchive-tools --no-install-recommends; \
+ rm -rf /var/lib/apt/lists/*; \
+ curl -fsSLO --compressed -b 'eula_3_2_agreed=tools.hana.ondemand.com/developer-license-3_2.txt' https://tools.hana.ondemand.com/additional/sapjvm-${SAPMACHINE_VERSION}-linux-${ARCH}.zip; \
+ echo "d93abcb60271b7240e828ba2551646c2825b0f9a sapjvm-${SAPMACHINE_VERSION}-linux-${ARCH}.zip" | sha1sum -c -; \
+ bsdtar -xvf sapjvm-${SAPMACHINE_VERSION}-linux-${ARCH}.zip -C /usr/local --strip-components=1 --no-same-owner; \
+ rm -f sapjvm-${SAPMACHINE_VERSION}-linux-${ARCH}.zip; \
+ apt-get remove --purge --auto-remove -y ca-certificates curl libarchive-tools; \
+ ln -s /usr/local ${JAVA_HOME}; \
+ } \
&& set -ex \
- && apt-get update \
- && apt-get install -y ca-certificates wget --no-install-recommends \
- && rm -rf /var/lib/apt/lists/* \
- && wget -q -O - https://dist.sapmachine.io/debian/sapmachine.key | tee /etc/apt/trusted.gpg.d/sapmachine.gpg.asc \
- && echo "deb http://dist.sapmachine.io/debian/${ARCH}/ ./" | tee /etc/apt/sources.list.d/sapmachine.list \
- && apt-get update \
- && apt-get install -y sapmachine-$(echo ${SAPMACHINE_VERSION} | cut -d. -f1)-jdk=${SAPMACHINE_VERSION} --no-install-recommends \
- && rm -rf /var/lib/apt/lists/* \
- && apt-get remove --purge --autoremove -y ca-certificates wget \
+ && if [ $(echo ${SAPMACHINE_VERSION} | cut -d. -f1) -le 8 ]; then \
+ sapjvm_install; \
+ else \
+ sapmachine_install; \
+ fi \
# smoke test
- && java --version
+ && java -version
-ARG MAVEN_VERSION=3.8.6
-ARG SHA=f790857f3b1f90ae8d16281f902c689e4f136ebe584aba45e4b1fa66c80cba826d3e0e52fdd04ed44b4c66f6d3fe3584a057c26dfcac544a60b301e6d0f91c26
-ARG BASE_URL=https://apache.osuosl.org/maven/maven-3/${MAVEN_VERSION}/binaries
+ARG MAVEN_VERSION=3.9.6
+ARG BASE_URL=https://downloads.apache.org/maven/maven-3/${MAVEN_VERSION}/binaries
ENV MAVEN_HOME /usr/share/maven
ENV M2_HOME ${MAVEN_HOME}
RUN set -ex \
&& apt-get update \
- && apt-get install -y ca-certificates curl procps --no-install-recommends \
+ && apt-get install -y ca-certificates curl gnupg dirmngr --no-install-recommends \
&& rm -rf /var/lib/apt/lists/* \
+ && curl -fsSLO --compressed ${BASE_URL}/apache-maven-${MAVEN_VERSION}-bin.tar.gz \
+ && curl -fsSLO --compressed ${BASE_URL}/apache-maven-${MAVEN_VERSION}-bin.tar.gz.asc \
+ && export GNUPGHOME="$(mktemp -d)" \
+ && for key in \
+ 29BEA2A645F2D6CED7FB12E02B172E3E156466E8 \
+ ; do \
+ gpg --batch --keyserver hkps://pgp.surf.nl --recv-keys "$key" || \
+ gpg --batch --keyserver hkps://keyserver.ubuntu.com --recv-keys "$key" ; \
+ done \
+ && gpg --batch --verify apache-maven-${MAVEN_VERSION}-bin.tar.gz.asc apache-maven-${MAVEN_VERSION}-bin.tar.gz \
&& mkdir -p ${MAVEN_HOME} ${MAVEN_HOME}/ref \
- && curl -fsSL -o /tmp/apache-maven.tar.gz ${BASE_URL}/apache-maven-${MAVEN_VERSION}-bin.tar.gz \
- && echo "${SHA} /tmp/apache-maven.tar.gz" | sha512sum -c - \
- && tar -xzf /tmp/apache-maven.tar.gz -C ${MAVEN_HOME} --strip-components=1 \
- && rm -f /tmp/apache-maven.tar.gz \
+ && tar -xzf apache-maven-${MAVEN_VERSION}-bin.tar.gz -C ${MAVEN_HOME} --strip-components=1 \
+ && rm -rf "$GNUPGHOME" apache-maven-${MAVEN_VERSION}-bin.tar.gz.asc apache-maven-${MAVEN_VERSION}-bin.tar.gz \
+ && chmod -R a+w ${MAVEN_HOME}/conf/* \
&& ln -s ${MAVEN_HOME}/bin/mvn /usr/bin/mvn \
- && chmod --recursive a+w "${MAVEN_HOME}"/conf/* \
- && apt-get remove --purge --autoremove -y ca-certificates curl \
+ && apt-get remove --purge --autoremove -y ca-certificates curl gnupg dirmngr \
# smoke test
&& mvn --version
-ARG MBT_VERSION=1.2.18
+ARG MBT_VERSION=1.2.27
RUN set -ex \
- && npm install -g mbt@${MBT_VERSION} \
+ && npm install -g --unsafe-perm mbt@${MBT_VERSION} \
+ && npm cache clean -g --force \
# smoke test
&& mbt --version
# smoke test
&& python3 --version
+# Allow global npm packages install without sudo
+RUN set -ex \
+ && mkdir ${USER_HOME_DIR}/.npm-global \
+ && mkdir ${USER_HOME_DIR}/.npm-global/lib \
+ && chown -R ${USER}:${USER} ${USER_HOME_DIR}
+ENV NPM_CONFIG_PREFIX ${USER_HOME_DIR}/.npm-global
+
WORKDIR /project
USER ${USER}
repositories / mbt-docker.git / blobdiff