-
-
Notifications
You must be signed in to change notification settings - Fork 4.6k
Expand file tree
/
Copy pathDockerfile
More file actions
148 lines (117 loc) · 6.86 KB
/
Dockerfile
File metadata and controls
148 lines (117 loc) · 6.86 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
# escape=`
# hadolint shell=powershell
ARG JAVA_VERSION=17.0.17_10
ARG WINDOWS_VERSION=ltsc2022
FROM mcr.microsoft.com/windows/servercore:"${WINDOWS_VERSION}" AS jre-build
# $ProgressPreference: https://github.com/PowerShell/PowerShell/issues/2138#issuecomment-251261324
SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
ARG JAVA_VERSION=17.0.17_10
RUN New-Item -ItemType Directory -Path C:\temp | Out-Null ; `
$javaMajorVersion = $env:JAVA_VERSION.substring(0,2) ; `
$msiUrl = 'https://api.adoptium.net/v3/installer/version/jdk-{0}/windows/x64/jdk/hotspot/normal/eclipse?project=jdk' -f $env:JAVA_VERSION.Replace('_', '%2B') ; `
Invoke-WebRequest $msiUrl -OutFile 'C:\temp\jdk.msi' ; `
$proc = Start-Process -FilePath 'msiexec.exe' -ArgumentList '/i', 'C:\temp\jdk.msi', '/L*V', 'C:\temp\OpenJDK.log', '/quiet', 'ADDLOCAL=FeatureEnvironment,FeatureJarFileRunWith,FeatureJavaHome', "INSTALLDIR=C:\openjdk-${javaMajorVersion}" -Wait -Passthru ; `
$proc.WaitForExit() ; `
Remove-Item -Path C:\temp -Recurse | Out-Null
RUN Write-Host 'javac --version' ; javac --version ; `
Write-Host 'java --version' ; java --version
RUN $version = (jlink --version) ; `
$javaMajorVersion = $version.Substring(0,2) ; `
if ($javaMajorVersion -eq '25') { `
$openjdkFolder = 'openjdk-{0}' -f $javaMajorVersion ; `
Copy-Item -Path $openjdkFolder -Destination C:\javaruntime -Recurse ; `
} else { `
$options = '--compress=2' ; `
switch ($version.Substring(0,3)) { `
'17.' { $options = '--compress=2' } `
'21.' { $options = '--compress=zip-6' } `
Default { `
Write-Error 'ERROR: unmanaged jlink version pattern' ; `
exit 1 ; `
} `
} `
& jlink `
--strip-java-debug-attributes `
$options `
--add-modules ALL-MODULE-PATH `
--no-man-pages `
--no-header-files `
--output /javaruntime ; `
}
FROM mcr.microsoft.com/windows/servercore:"${WINDOWS_VERSION}" AS controller
ARG JAVA_HOME="C:/openjdk-17"
ENV JAVA_HOME=${JAVA_HOME}
COPY --from=jre-build /javaruntime $JAVA_HOME
SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
# Add java in PATH
RUN $CurrentPath = (Get-Itemproperty -path 'hklm:\system\currentcontrolset\control\session manager\environment' -Name Path).Path ; `
$NewPath = $CurrentPath + $(';{0}/bin' -f $env:JAVA_HOME) ; `
Set-ItemProperty -path 'hklm:\system\currentcontrolset\control\session manager\environment' -Name Path -Value $NewPath
ARG user=jenkins
ARG http_port=8080
ARG agent_port=50000
ARG JENKINS_HOME=C:/ProgramData/Jenkins/JenkinsHome
ARG COMMIT_SHA
ENV JENKINS_HOME=$JENKINS_HOME
ENV JENKINS_AGENT_PORT=${agent_port}
# Jenkins home directory is a volume, so configuration and build history
# can be persisted and survive image upgrades
VOLUME $JENKINS_HOME
# Jenkins is run with user `jenkins`
# If you bind mount a volume from the host or a data container,
# ensure you use the same uid
# hadolint ignore=DL4006
RUN New-LocalUser -Name $env:user -AccountNeverExpires -Description 'Jenkins User' -NoPassword -UserMayNotChangePassword | Out-Null ; `
Set-Localuser -Name $env:user -PasswordNeverExpires $true | Out-Null ; `
Add-LocalGroupMember -Group "Administrators" -Member "${env:user}" ; `
New-Item -Type Directory -Force -Path "C:/ProgramData/Jenkins" | Out-Null ; `
icacls.exe "C:/ProgramData/Jenkins" /setowner ${env:user} | Out-Null ; `
icacls.exe "C:/ProgramData/Jenkins" /inheritance:r | Out-Null ; `
icacls.exe "C:/ProgramData/Jenkins" /grant:r $('{0}:(CI)(OI)(F)' -f $env:user) /grant 'Administrators:(CI)(OI)(F)' | Out-Null ; `
icacls.exe "$env:JENKINS_HOME" /setowner ${env:user} | Out-Null ; `
icacls.exe "$env:JENKINS_HOME" /grant:r $('{0}:(CI)(OI)(F)' -f $env:user) /grant 'Administrators:(CI)(OI)(F)' | Out-Null
USER ${user}
# `C:/ProgramData/Jenkins/Reference/` contains all reference configuration we want
# to set on a fresh new installation. Use it to bundle additional plugins
# or config file with your custom jenkins Docker image.
# hadolint ignore=DL4006
RUN New-Item -ItemType Directory -Force -Path C:/ProgramData/Jenkins/Reference/init.groovy.d | Out-Null
# jenkins version being bundled in this docker image
ARG JENKINS_VERSION
ENV JENKINS_VERSION=${JENKINS_VERSION:-2.534}
# jenkins.war checksum, download will be validated using it
ARG WAR_SHA=fcf13a8ebbe69d678608cc4b3885ece7d7e697d6da4c3691025a06968ddef228
# Can be used to customize where jenkins.war get downloaded from
ARG WAR_URL=https://get.jenkins.io/war/${JENKINS_VERSION}/jenkins.war
# could use ADD but this one does not check Last-Modified header neither does it allow to control checksum
# see https://github.com/docker/docker/issues/8331
RUN Invoke-WebRequest -Uri "$env:WAR_URL" -OutFile C:/ProgramData/Jenkins/jenkins.war; `
if ((Get-FileHash C:/ProgramData/Jenkins/jenkins.war -Algorithm SHA256).Hash -ne $env:WAR_SHA) {exit 1}
ENV JENKINS_UC=https://updates.jenkins.io
ENV JENKINS_UC_EXPERIMENTAL=https://updates.jenkins.io/experimental
ENV JENKINS_INCREMENTALS_REPO_MIRROR=https://repo.jenkins-ci.org/incrementals
ARG PLUGIN_CLI_VERSION=2.13.2
ARG PLUGIN_CLI_URL=https://github.com/jenkinsci/plugin-installation-manager-tool/releases/download/${PLUGIN_CLI_VERSION}/jenkins-plugin-manager-${PLUGIN_CLI_VERSION}.jar
RUN $sha256sum = [System.Text.Encoding]::UTF8.GetString((Invoke-WebRequest -Uri ($env:PLUGIN_CLI_URL + '.sha256') -UseBasicParsing).Content); `
Invoke-WebRequest -Uri "$env:PLUGIN_CLI_URL" -OutFile C:/ProgramData/Jenkins/jenkins-plugin-manager.jar; `
if ((Get-FileHash -Path C:/ProgramData/Jenkins/jenkins-plugin-manager.jar -Algorithm SHA256).Hash -ne $sha256sum) {exit 1}
# for main web interface:
EXPOSE ${http_port}
# will be used by attached agents:
EXPOSE ${agent_port}
ENV COPY_REFERENCE_FILE_LOG=$JENKINS_HOME/copy_reference_file.log
COPY jenkins-support.psm1 C:/ProgramData/Jenkins
COPY jenkins.ps1 C:/ProgramData/Jenkins
# See https://github.com/jenkinsci/plugin-installation-manager-tool#cli-options for information on parameters for jenkins-plugin-cli.ps1 for installing plugins into the docker image
COPY jenkins-plugin-cli.ps1 C:/ProgramData/Jenkins
ENTRYPOINT ["powershell.exe", "-f", "C:/ProgramData/Jenkins/jenkins.ps1"]
# metadata labels
LABEL `
org.opencontainers.image.vendor="Jenkins project" `
org.opencontainers.image.title="Official Jenkins Docker image" `
org.opencontainers.image.description="The Jenkins Continuous Integration and Delivery server" `
org.opencontainers.image.version="${JENKINS_VERSION}" `
org.opencontainers.image.url="https://www.jenkins.io/" `
org.opencontainers.image.source="https://github.com/jenkinsci/docker" `
org.opencontainers.image.revision="${COMMIT_SHA}" `
org.opencontainers.image.licenses="MIT"