switch to using ubi as the standard github build with Docker

.dockerignore

@@ -1,6 +1,5 @@
 .github/
 .idea/
-contrib/ci/
 contrib/docker/
 contrib/elasticsearch/
 contrib/helm/

.github/workflows/maven-ci.yml

@@ -9,39 +9,49 @@ on: # yamllint disable-line rule:truthy
 
 jobs:
   build:
-    name: Standard build on Java ${{ matrix.java-version }} with compiler target ${{ matrix.java-compiler }}
+    name: RHEL8 ${{ matrix.build-type }} build on Java ${{ matrix.java-version }} with compiler target ${{ matrix.java-compiler }}
     runs-on: ubuntu-latest
     strategy:
       fail-fast: false
       matrix:
         java-compiler: ['11', '17']
         java-version: ['17']
         experimental: [false]
+        build-type: ["experimental"]
+        verify-build: [false]
         include:
           - java-compiler: '11'
             java-version: '11'
             experimental: false
+            build-type: "standard"
+            verify-build: true
     continue-on-error: ${{ matrix.experimental }}
 
     steps:
-      - name: Checkout repo
+      - name: Checkout
         uses: actions/checkout@v4
 
-      - name: Configure Java & Maven
-        uses: actions/setup-java@v4
-        with:
-          java-version: '${{ matrix.java-version }}'
-          cache: "maven"
-          distribution: "corretto"
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
 
-      - name: Build with Maven
-        run: mvn -B -e -ntp "-Dstyle.color=always" -Dmaven.compiler.release=${{ matrix.java-compiler }} verify
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
 
-      - name: Verify Changed Files
-        run: contrib/ci/detect-changes.sh
+      - name: Build
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          push: false
+          file: contrib/docker/Dockerfile.ubi8
+          build-args: |
+            java_version=${{ matrix.java-version }}
+            java_compiler=${{ matrix.java-compiler }}
+            verify_build=${{ matrix.verify-build }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
 
-  ubi8-build:
-    name: UBI8 standard build with Docker on Java 11 with compiler target 11
+  centos7-build:
+    name: Centos7 legacy build on Java 11 with compiler target 11
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
@@ -58,12 +68,32 @@ jobs:
         with:
           context: .
           push: false
-          file: contrib/docker/Dockerfile.ubi8
+          file: contrib/docker/Dockerfile.centos7
+          build-args: |
+            verify_build=true
           cache-from: type=gha
           cache-to: type=gha,mode=max
 
+  macos-build:
+    name: MacOS non-standard build on Java 11 with compiler target 11
+    runs-on: macos-14
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v4
+
+      - name: Configure Java
+        uses: actions/setup-java@v4
+        with:
+          java-version: '11'
+          cache: 'maven'
+          distribution: 'corretto'
+          overwrite-settings: false
+
+      - name: Build with Maven
+        run: mvn -B -e -ntp "-Dstyle.color=always" clean verify -Pdist
+
   site-build:
-    name: Standard maven site build
+    name: Maven site build
     runs-on: ubuntu-latest
 
     steps:
@@ -81,7 +111,7 @@ jobs:
         run: mvn -B -e -ntp "-Dstyle.color=always" site
 
   error-prone-build:
-    name: Maven build using errorProne profile
+    name: Maven errorProne build
     runs-on: ubuntu-latest
 
     steps:

contrib/docker/Dockerfile.centos7

@@ -0,0 +1,77 @@
+ARG IMG_NAME=centos
+ARG IMG_TAG=7
+FROM ${IMG_NAME}:${IMG_TAG} AS base
+
+ARG java_version=11
+ARG user=emissary
+ARG group=emissary
+ARG uid=1000
+ARG gid=1000
+
+ENV JAVA_TOOL_OPTIONS -Dfile.encoding=UTF8
+ENV PROJECT_BASE=/opt/emissary
+
+RUN yum update -y \
+     && yum upgrade -y \
+     && rpm --import https://yum.corretto.aws/corretto.key \
+     && curl -L -o /etc/yum.repos.d/corretto.repo https://yum.corretto.aws/corretto.repo \
+     && yum install -y java-${java_version}-amazon-corretto-devel \
+     && yum install -y which \
+     && groupadd -g ${gid} ${group} \
+     && useradd -u ${uid} -g ${group} -m -s /bin/bash ${user} \
+     && yum clean all -y \
+     && rm -rf /var/cache/yum
+
+
+
+FROM base AS build
+
+ARG maven_version=3.9.6
+ARG java_compiler=11
+ENV MAVEN_OPTS -Xms512M -Xmx1024M -Xss1M -Djava.awt.headless=true
+ENV MAVEN_HOME /opt/maven
+
+RUN curl -L -o /tmp/maven.tar.gz https://dlcdn.apache.org/maven/maven-3/${maven_version}/binaries/apache-maven-${maven_version}-bin.tar.gz \
+     && tar xvf /tmp/maven.tar.gz -C /opt \
+     && ln -s /opt/apache-maven-${maven_version} ${MAVEN_HOME} \
+     && ln -s ${MAVEN_HOME}/bin/mvn /usr/bin/mvn
+
+COPY . ${PROJECT_BASE}
+RUN chown -R ${user}:${group} ${PROJECT_BASE} \
+    && chmod -R 744 ${PROJECT_BASE}  \
+    && (rm -f .mvn-classpath || true)
+
+USER ${user}
+WORKDIR ${PROJECT_BASE}
+RUN --mount=type=cache,uid=${uid},gid=${gid},target=/home/${user}/.m2 \
+    mvn -V -B -e -ntp "-Dstyle.color=always" -Dmaven.compiler.release=${java_compiler} clean verify -Pdist
+
+ARG verify_build=false
+RUN if ${verify_build} ; then ./contrib/ci/detect-changes.sh ; fi
+
+FROM base
+
+COPY --from=build ${PROJECT_BASE}/target/emissary-*-dist.tar.gz /tmp
+
+RUN tar -xf /tmp/emissary-*-dist.tar.gz -C /opt/ \
+    && version=`ls /opt | grep emissary- | awk '{ print $1 }'`  \
+    && echo "Linking /opt/${version} to ${PROJECT_BASE}"  \
+    && ln -s /opt/${version} ${PROJECT_BASE}  \
+    && mkdir -p ${PROJECT_BASE}/localoutput  \
+    && mkdir -p ${PROJECT_BASE}/target/data  \
+    && chmod -R a+rw ${PROJECT_BASE} \
+    && chown -R ${user}:${group} ${PROJECT_BASE}* \
+    && rm -f /tmp/*
+
+USER ${user}
+
+WORKDIR ${PROJECT_BASE}
+
+VOLUME ${PROJECT_BASE}/target/data
+VOLUME ${PROJECT_BASE}/localoutput
+
+EXPOSE 8001
+
+ENTRYPOINT ["./emissary"]
+
+CMD ["server", "-a", "2", "-p", "8001"]

contrib/docker/Dockerfile.ubi8

@@ -1,70 +1,74 @@
 ARG IMG_NAME=redhat/ubi8
-ARG IMG_TAG=8.8-1067
-FROM ${IMG_NAME}:${IMG_TAG} as base
+ARG IMG_TAG=8.9
+FROM ${IMG_NAME}:${IMG_TAG} AS base
 
 ARG java_version=11
 ARG user=emissary
 ARG group=emissary
 ARG uid=1000
 ARG gid=1000
 
-ENV JAVA_HOME /usr/lib/jvm/java-${java_version}-amazon-corretto
 ENV JAVA_TOOL_OPTIONS -Dfile.encoding=UTF8
 ENV PROJECT_BASE=/opt/emissary
 
-RUN rpm --import https://yum.corretto.aws/corretto.key \
+RUN dnf update -y \
+     && dnf upgrade -y \
+     && rpm --import https://yum.corretto.aws/corretto.key \
      && curl -L -o /etc/yum.repos.d/corretto.repo https://yum.corretto.aws/corretto.repo \
-     && yum install -y java-${java_version}-amazon-corretto-devel \
-     && dnf install -y langpacks-en glibc-all-langpacks \
+     && dnf install -y java-${java_version}-amazon-corretto-devel \
+     && dnf install -y glibc-langpack-en \
      && groupadd -g ${gid} ${group} \
      && useradd -u ${uid} -g ${group} -m -s /bin/sh ${user} \
-     && yum clean all -y \
+     && dnf clean all -y \
      && rm -rf /var/cache/yum
 
 
 
-FROM base as build
+FROM base AS build
 
 ARG maven_version=3.9.6
-ENV MAVEN_OPTS -Xms512M -Xmx1024M -Xss1M -XX:MaxPermSize=128M -Djava.awt.headless=true
+ARG java_compiler=11
+ENV MAVEN_OPTS -Xms512M -Xmx1024M -Xss1M -Djava.awt.headless=true
 ENV MAVEN_HOME /opt/maven
 
 RUN curl -L -o /tmp/maven.tar.gz https://dlcdn.apache.org/maven/maven-3/${maven_version}/binaries/apache-maven-${maven_version}-bin.tar.gz \
      && tar xvf /tmp/maven.tar.gz -C /opt \
      && ln -s /opt/apache-maven-${maven_version} ${MAVEN_HOME} \
-     && ln -s /opt/maven/bin/mvn /usr/bin/mvn
+     && ln -s ${MAVEN_HOME}/bin/mvn /usr/bin/mvn
 
-COPY . /opt/emissary
-RUN chown -R ${user}:${group} /opt/emissary \
-    && chmod -R 744 /opt/emissary  \
+COPY . ${PROJECT_BASE}
+RUN chown -R ${user}:${group} ${PROJECT_BASE} \
+    && chmod -R 744 ${PROJECT_BASE}  \
     && (rm -f .mvn-classpath || true)
 
 USER ${user}
-WORKDIR /opt/emissary
-RUN --mount=type=cache,uid=${uid},gid=${gid},target=/home/${user}/.m2 mvn -B -e -ntp "-Dstyle.color=always" clean verify -Pdist
-
+WORKDIR ${PROJECT_BASE}
+RUN --mount=type=cache,uid=${uid},gid=${gid},target=/home/${user}/.m2 \
+    mvn -V -B -e -ntp "-Dstyle.color=always" -Dmaven.compiler.release=${java_compiler} clean verify -Pdist
 
+ARG verify_build=false
+RUN if ${verify_build} ; then ./contrib/ci/detect-changes.sh ; fi
 
 FROM base
 
-COPY --from=build /opt/emissary/target/emissary-*-dist.tar.gz /tmp
+COPY --from=build ${PROJECT_BASE}/target/emissary-*-dist.tar.gz /tmp
 
 RUN tar -xf /tmp/emissary-*-dist.tar.gz -C /opt/ \
     && version=`ls /opt | grep emissary- | awk '{ print $1 }'`  \
-    && echo "Linking /opt/${version} to /opt/emissary"  \
-    && ln -s /opt/${version} /opt/emissary  \
-    && mkdir -p /opt/emissary/localoutput  \
-    && mkdir -p /opt/emissary/target/data  \
-    && chmod -R a+rw /opt/emissary \
-    && chown -R ${user}:${group} /opt/emissary* \
+    && echo "Linking /opt/${version} to ${PROJECT_BASE}"  \
+    && ln -s /opt/${version} ${PROJECT_BASE}  \
+    && mkdir -p ${PROJECT_BASE}/localoutput  \
+    && mkdir -p ${PROJECT_BASE}/target/data  \
+    && chmod -R a+rw ${PROJECT_BASE} \
+    && chown -R ${user}:${group} ${PROJECT_BASE}* \
     && rm -f /tmp/*
 
 USER ${user}
 
-WORKDIR /opt/emissary
+WORKDIR ${PROJECT_BASE}
 
-VOLUME /opt/emissary/target/data
-VOLUME /opt/emissary/localoutput
+VOLUME ${PROJECT_BASE}/target/data
+VOLUME ${PROJECT_BASE}/localoutput
 
 EXPOSE 8001
 

contrib/docker/docker-compose.ubi8.yml

@@ -8,7 +8,6 @@ services:
       context: ../../
       dockerfile: contrib/docker/Dockerfile.ubi8
     environment:
-      - PROJECT_BASE=/opt/emissary
       - JAVA_TOOL_OPTIONS=-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:8000 -Dfile.encoding=UTF8
     hostname: "emissary-server"
     command: "server -a 5 -p 8001 -s http -h emissary-server"