Provide Temurin images based on Debian

Question

Provide Temurin images based on Debian

msladek opened this issue a year ago · 7 comments

Tomcat Temurin images are all based on Ubuntu. Since there are no OpenJDK 11/17 images anymore (see docker-library/openjdk#495), we have to switch to Temurin images, thus also forcing us to switch base from Debian to Ubuntu.

I'm aware that Adoptium doesn't provide images based on Debian. Yet according to adoptium/containers#99 (comment) from @brunoborges it should be easily possible to build Tomcat Temurin images based on Debian. Could you consider doing so?

Answer 1 · 2023-06-18T16:46:45.000Z

When I say it is easy, I meant that for end users to go ahead and build their own. :-)

Answer 2 · 2023-06-18T20:16:13.000Z

It's not easy for me as an end user to build and maintain my own Tomcat image based on Debian, since there is a lot of added complexity by the Tomcat Dockerfile that may not be compatible with Debian. This is the case for many images that use Temurin in their parent chain.

While Adoptium afaik never provided Debian base images Tomcat did in fact do so for Java 11/17 until recently, hence my request here.

Answer 3 · 2023-06-18T21:44:44.000Z

Your best bet is either get a vendor who provides commercial support for Tomcat, and as value add provides container images, or build your own as I said before.

One company I know of that provides commercial support for Tomcat is Tomitribe. There may be others.

Answer 4 · 2023-06-20T21:43:27.000Z

See #299, where my concerns definitely very strongly mirror Bruno's closing paragraph in the comment you linked: 😅 ❤️

IMO pre-built container images are meant to be conveniences, not fully baked products. Publishing images for every little variation is time-consuming, error-prone, security risk, adds little value to the broader set of users, and takes a lot of time from the very few maintainers around.

(The very specific combination you've requested is not represented in #299, but the overall problem of doing so most certainly is.)

Answer 5 · 2023-06-20T21:56:56.000Z

It's not perfect (in fact, it could probably be shorter), but here's a basic example that should mostly work given the proximity between Ubuntu Jammy and Debian Bookworm, and even includes Tomcat Native:

FROM tomcat:10-jre11-temurin-jammy AS tomcat

FROM debian:bookworm-slim

# TODO wouldn't it be neat if we could "COPY --from" an environment variable? 🤔

ENV JAVA_HOME /opt/java/openjdk
COPY --from=tomcat $JAVA_HOME $JAVA_HOME

ENV CATALINA_HOME /usr/local/tomcat
COPY --from=tomcat $CATALINA_HOME $CATALINA_HOME
ENV PATH="${CATALINA_HOME}/bin:${JAVA_HOME}/bin:${PATH}"

ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR

RUN set -eux; \
	apt-get update; \
	xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \
	rm -rf /var/lib/apt/lists/*

CMD ["catalina.sh", "run"]

Answer 6 · 2023-12-15T01:37:41.000Z

@tianon you closed as Completed. Was there any work associated with this issue?

Answer 7 · 2023-12-15T18:47:20.000Z

I'm not sure I understand 😅

This isn't something we plan to action on, as discussed above (I just don't use GitHub's "close reasons" much because it being a simple "completed" vs "not planned" binary doesn't really convey much more accurately than the closed status already does in most cases).

The sample Dockerfile I've provided above is the most I plan to do here, leaving the larger discussion of "how nutty should the Tomcat matrix of builds be" for #299 instead. 🙇