Switch to official Tomcat 9 - jre 11 base image

Dockerfile

@@ -1,22 +1,48 @@
-FROM ubuntu:22.04 as tomcat
+FROM tomcat:9.0.85-jdk11-temurin-jammy
+LABEL vendor="osgeo.org"
 
-ARG TOMCAT_VERSION=9.0.86
-ARG CORS_ENABLED=false
-ARG CORS_ALLOWED_ORIGINS=*
-ARG CORS_ALLOWED_METHODS=GET,POST,PUT,DELETE,HEAD,OPTIONS
+# Build arguments
+ARG ADDITIONAL_FONTS_PATH=./additional_fonts/
+ARG ADDITIONAL_LIBS_PATH=./additional_libs/
+ARG COMMUNITY_PLUGIN_URL=''
 ARG CORS_ALLOWED_HEADERS=*
+ARG CORS_ALLOWED_METHODS=GET,POST,PUT,DELETE,HEAD,OPTIONS
+ARG CORS_ALLOWED_ORIGINS=*
 ARG CORS_ALLOW_CREDENTIALS=false
+ARG CORS_ENABLED=false
+ARG GS_BUILD=release
+ARG GS_DATA_PATH=./geoserver_data/
+ARG GS_VERSION=2.24.2
+ARG STABLE_PLUGIN_URL=https://downloads.sourceforge.net/project/geoserver/GeoServer/${GS_VERSION}/extensions
+ARG WAR_ZIP_URL=https://downloads.sourceforge.net/project/geoserver/GeoServer/${GS_VERSION}/geoserver-${GS_VERSION}-war.zip
 
 # Environment variables
-ENV TOMCAT_VERSION=$TOMCAT_VERSION
-ENV CATALINA_HOME=/opt/apache-tomcat-${TOMCAT_VERSION}
-ENV EXTRA_JAVA_OPTS="-Xms256m -Xmx1g"
-ENV CORS_ENABLED=$CORS_ENABLED
-ENV CORS_ALLOWED_ORIGINS=$CORS_ALLOWED_ORIGINS
-ENV CORS_ALLOWED_METHODS=$CORS_ALLOWED_METHODS
+ENV ADDITIONAL_FONTS_DIR=/opt/additional_fonts/
+ENV ADDITIONAL_LIBS_DIR=/opt/additional_libs/
+ENV CATALINA_HOME=$CATALINA_HOME
+ENV COMMUNITY_EXTENSIONS=''
+ENV COMMUNITY_PLUGIN_URL=$COMMUNITY_PLUGIN_URL
+ENV CONFIG_DIR=/opt/config
+ENV CONFIG_OVERRIDES_DIR=/opt/config_overrides
 ENV CORS_ALLOWED_HEADERS=$CORS_ALLOWED_HEADERS
+ENV CORS_ALLOWED_METHODS=$CORS_ALLOWED_METHODS
+ENV CORS_ALLOWED_ORIGINS=$CORS_ALLOWED_ORIGINS
 ENV CORS_ALLOW_CREDENTIALS=$CORS_ALLOW_CREDENTIALS
-ENV DEBIAN_FRONTEND=noninteractive
+ENV CORS_ENABLED=$CORS_ENABLED
+ENV EXTRA_JAVA_OPTS="-Xms256m -Xmx1g"
+ENV GEOSERVER_BUILD=$GS_BUILD
+ENV GEOSERVER_DATA_DIR=/opt/geoserver_data/
+ENV GEOSERVER_LIB_DIR=$CATALINA_HOME/webapps/geoserver/WEB-INF/lib/
+ENV GEOSERVER_REQUIRE_FILE=$GEOSERVER_DATA_DIR/global.xml
+ENV GEOSERVER_VERSION=$GS_VERSION
+ENV HEALTHCHECK_URL=http://localhost:8080/geoserver/web/wicket/resource/org.geoserver.web.GeoServerBasePage/img/logo.png
+ENV INSTALL_EXTENSIONS=false
+ENV POSTGRES_JNDI_ENABLED=false
+ENV ROOT_WEBAPP_REDIRECT=false
+ENV SKIP_DEMO_DATA=false
+ENV STABLE_EXTENSIONS=''
+ENV STABLE_PLUGIN_URL=$STABLE_PLUGIN_URL
+ENV WAR_ZIP_URL=$WAR_ZIP_URL
 
 # see https://docs.geoserver.org/stable/en/user/production/container.html
 ENV CATALINA_OPTS="\$EXTRA_JAVA_OPTS \
@@ -29,98 +55,32 @@ ENV CATALINA_OPTS="\$EXTRA_JAVA_OPTS \
     -Dsun.java2d.renderer=sun.java2d.marlin.DMarlinRenderingEngine \
     -Dorg.geotools.coverage.jaiext.enabled=true"
 
-# init
-RUN apt update \
-    && apt -y upgrade \
-    && apt install -y --no-install-recommends openssl unzip gdal-bin wget curl openjdk-11-jdk gettext \
-    && apt clean \
-    && rm -rf /var/cache/apt/* \
-    && rm -rf /var/lib/apt/lists/*
-
-WORKDIR /opt/
-
-RUN wget -q https://archive.apache.org/dist/tomcat/tomcat-9/v${TOMCAT_VERSION}/bin/apache-tomcat-${TOMCAT_VERSION}.tar.gz \
-    && tar xf apache-tomcat-${TOMCAT_VERSION}.tar.gz \
-    && rm apache-tomcat-${TOMCAT_VERSION}.tar.gz \
-    && rm -rf /opt/apache-tomcat-${TOMCAT_VERSION}/webapps/ROOT \
-    && rm -rf /opt/apache-tomcat-${TOMCAT_VERSION}/webapps/docs \
-    && rm -rf /opt/apache-tomcat-${TOMCAT_VERSION}/webapps/examples \
-    && rm -rf /opt/apache-tomcat-${TOMCAT_VERSION}/webapps/host-manager \
-    && rm -rf /opt/apache-tomcat-${TOMCAT_VERSION}/webapps/manager
-
-# cleanup
-RUN apt purge -y  \
-    && apt autoremove --purge -y \
-    && rm -rf /var/lib/apt/lists/* \
-    && rm -rf /tmp/*
-
-FROM tomcat as download
-
-ARG GS_VERSION=2.24.1
-ARG GS_BUILD=release
-ARG WAR_ZIP_URL=https://downloads.sourceforge.net/project/geoserver/GeoServer/${GS_VERSION}/geoserver-${GS_VERSION}-war.zip
-ENV GEOSERVER_VERSION=$GS_VERSION
-ENV GEOSERVER_BUILD=$GS_BUILD
-
 WORKDIR /tmp
 
-RUN echo "Downloading GeoServer ${GS_VERSION} ${GS_BUILD}" \
+# Install dependencies and download geoserver
+RUN set -eux \
+    && export DEBIAN_FRONTEND=noninteractive \
+    && apt-get update \
+    && apt-get install -y --no-install-recommends openssl unzip curl gettext \
+    && apt-get clean \
+    && rm -rf /var/cache/apt/* \
+    && rm -rf /var/lib/apt/lists/* \
+    && echo "Downloading GeoServer ${GS_VERSION} ${GS_BUILD}" \
     && wget -q -O /tmp/geoserver.zip $WAR_ZIP_URL \
     && unzip geoserver.zip geoserver.war -d /tmp/ \
     && unzip -q /tmp/geoserver.war -d /tmp/geoserver \
-    && rm /tmp/geoserver.war
-
-FROM tomcat as install
-
-ARG GS_VERSION=2.24.1
-ARG GS_BUILD=release
-ARG STABLE_PLUGIN_URL=https://downloads.sourceforge.net/project/geoserver/GeoServer/${GS_VERSION}/extensions
-ARG COMMUNITY_PLUGIN_URL=''
-
-ARG GS_DATA_PATH=./geoserver_data/
-ARG ADDITIONAL_LIBS_PATH=./additional_libs/
-ARG ADDITIONAL_FONTS_PATH=./additional_fonts/
-
-ENV GEOSERVER_VERSION=$GS_VERSION
-ENV GEOSERVER_BUILD=$GS_BUILD
-ENV GEOSERVER_DATA_DIR=/opt/geoserver_data/
-ENV GEOSERVER_REQUIRE_FILE=$GEOSERVER_DATA_DIR/global.xml
-ENV GEOSERVER_LIB_DIR=$CATALINA_HOME/webapps/geoserver/WEB-INF/lib/
-ENV INSTALL_EXTENSIONS=false
-ENV WAR_ZIP_URL=$WAR_ZIP_URL
-ENV STABLE_EXTENSIONS=''
-ENV STABLE_PLUGIN_URL=$STABLE_PLUGIN_URL
-ENV COMMUNITY_EXTENSIONS=''
-ENV COMMUNITY_PLUGIN_URL=$COMMUNITY_PLUGIN_URL
-ENV ADDITIONAL_LIBS_DIR=/opt/additional_libs/
-ENV ADDITIONAL_FONTS_DIR=/opt/additional_fonts/
-ENV SKIP_DEMO_DATA=false
-ENV ROOT_WEBAPP_REDIRECT=false
-ENV POSTGRES_JNDI_ENABLED=false
-ENV CONFIG_DIR=/opt/config
-ENV CONFIG_OVERRIDES_DIR=/opt/config_overrides
-ENV HEALTHCHECK_URL=http://localhost:8080/geoserver/web/wicket/resource/org.geoserver.web.GeoServerBasePage/img/logo.png
-
-EXPOSE 8080
-
-WORKDIR /tmp
-
-RUN echo "Installing GeoServer $GS_VERSION $GS_BUILD"
-
-COPY --from=download /tmp/geoserver $CATALINA_HOME/webapps/geoserver
-
-RUN mv $CATALINA_HOME/webapps/geoserver/WEB-INF/lib/marlin-*.jar $CATALINA_HOME/lib/marlin.jar \
-&& mkdir -p $GEOSERVER_DATA_DIR
-
-RUN mv $CATALINA_HOME/webapps/geoserver/WEB-INF/lib/postgresql-*.jar $CATALINA_HOME/lib/
-
+    && rm /tmp/geoserver.war \
+    && echo "Installing GeoServer $GS_VERSION $GS_BUILD" \
+    && mv /tmp/geoserver $CATALINA_HOME/webapps/geoserver \
+    && mv $CATALINA_HOME/webapps/geoserver/WEB-INF/lib/marlin-*.jar $CATALINA_HOME/lib/marlin.jar \
+    && mv $CATALINA_HOME/webapps/geoserver/WEB-INF/lib/postgresql-*.jar $CATALINA_HOME/lib/ \
+    && mkdir -p $GEOSERVER_DATA_DIR
+
+# Copy data and additional libs / fonts
 COPY $GS_DATA_PATH $GEOSERVER_DATA_DIR
 COPY $ADDITIONAL_LIBS_PATH $GEOSERVER_LIB_DIR
 COPY $ADDITIONAL_FONTS_PATH /usr/share/fonts/truetype/
 
-# cleanup
-RUN rm -rf /tmp/*
-
 # Add default configs
 COPY config $CONFIG_DIR
 
@@ -140,13 +100,25 @@ COPY *.sh /opt/
 # CIS Docker benchmark: Remove setuid and setgid permissions in the images to prevent privilege escalation attacks within containers.
 RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true
 
+# cleanup
+RUN apt purge -y  \
+  && apt autoremove --purge -y \
+  && rm -rf /tmp/ \
+  && rm -rf $CATALINA_HOME/webapps/ROOT \
+  && rm -rf $CATALINA_HOME/webapps/docs \
+  && rm -rf $CATALINA_HOME/webapps/examples \
+  && rm -rf $CATALINA_HOME/webapps/host-manager \
+  && rm -rf $CATALINA_HOME/webapps/manager
+
 # GeoServer user => restrict access to $CATALINA_HOME and GeoServer directories
 # See also CIS Docker benchmark and docker best practices
 RUN chmod +x /opt/*.sh
 
+WORKDIR /opt
+
 ENTRYPOINT ["/opt/startup.sh"]
 
-WORKDIR /opt
+EXPOSE 8080
 
 HEALTHCHECK --interval=1m --timeout=20s --retries=3 \
   CMD curl --fail $HEALTHCHECK_URL || exit 1

README.md

@@ -1,15 +1,16 @@
-# A geoserver docker image
+# A GeoServer docker image
 
 This Dockerfile can be used to create images for all geoserver versions since 2.5.
 
-* Debian based Linux
-* OpenJDK 11
-* Tomcat 9
-* GeoServer
-  * Support of custom fonts (e.g. for SLD styling)
-  * CORS support
-  * Support extensions
-  * Support additional libraries
+* Based on the official [`tomcat` docker image](https://hub.docker.com/_/tomcat), in particular:
+  * Tomcat 9
+  * JRE11 (eclipse temurin)
+  * Ubuntu Jammy (22.04 LTS)
+* GeoServer installation is configurable and supports
+  * dynamic installation of extensions
+  * custom fonts (e.g. for SLD styling)
+  * CORS
+  * additional libraries
 
 This README.md file covers use of official docker image, additional [build](BUILD.md) and [release](RELEASE.md) instructions are available.
 
@@ -18,20 +19,20 @@ This README.md file covers use of official docker image, additional [build](BUIL
 To pull an official image use ``docker.osgeo.org/geoserver:{{VERSION}}``, e.g.:
 
 ```shell
-docker pull docker.osgeo.org/geoserver:2.24.1
+docker pull docker.osgeo.org/geoserver:2.24.2
 ```
 All the images can be found at: [https://repo.osgeo.org](https://repo.osgeo.org/#browse/browse:geoserver-docker:v2/geoserver/tags) and the latest stable and maintenance version numbers can be obtained from [https://geoserver.org/download/](https://geoserver.org/download/)
 
 Afterwards you can run the pulled image locally with:
 
 ```shell
-docker run -it -p 80:8080 docker.osgeo.org/geoserver:2.24.1
+docker run -it -p 80:8080 docker.osgeo.org/geoserver:2.24.2
 ```
 
 Or if you want to start the container daemonized, use e.g.:
 
 ```shell
-docker run -d -p 80:8080 docker.osgeo.org/geoserver:2.24.1
+docker run -d -p 80:8080 docker.osgeo.org/geoserver:2.24.2
 ```
 
 Check <http://localhost/geoserver> to see the geoserver page,
@@ -48,7 +49,7 @@ To use an external folder as your geoserver data directory.
 ```shell
 docker run -it -p 80:8080 \
   --mount src="/absolute/path/on/host",target=/opt/geoserver_data/,type=bind \
-  docker.osgeo.org/geoserver:2.24.1
+  docker.osgeo.org/geoserver:2.24.2
 ```
 
 An empty data directory will be populated on first use. You can easily update GeoServer while
@@ -63,7 +64,7 @@ The environment variable `SKIP_DEMO_DATA` can be set to `true` to create an empt
 ```shell
 docker run -it -p 80:8080 \
   --env SKIP_DEMO_DATA=true \
-  docker.osgeo.org/geoserver:2.24.1
+  docker.osgeo.org/geoserver:2.24.2
 ```
 
 ## How to issue a redirect from the root ("/") to GeoServer web interface ("/geoserver/web")?
@@ -93,7 +94,7 @@ Example installing wps and ysld extensions:
 ```shell
 docker run -it -p 80:8080 \
   --env INSTALL_EXTENSIONS=true --env STABLE_EXTENSIONS="wps,ysld" \
-  docker.osgeo.org/geoserver:2.24.1
+  docker.osgeo.org/geoserver:2.24.2
 ```
 
 The list of extensions (taken from SourceForge download page):
@@ -118,7 +119,7 @@ If you want to add geoserver extensions/libs, place the respective jar files in
 ```shell
 docker run -it -p 80:8080 \
   --mount src="/dir/with/libs/on/host",target=/opt/additional_libs,type=bind \
-  docker.osgeo.org/geoserver:2.24.1
+  docker.osgeo.org/geoserver:2.24.2
 ```
 
 ## How to add additional fonts to the docker image (e.g. for SLD styling)?
@@ -128,7 +129,7 @@ If you want to add custom fonts (the base image only contains 26 fonts) by using
 ```shell
 docker run -it -p 80:8080 \
   --mount src="/dir/with/fonts/on/host",target=/opt/additional_fonts,type=bind \
-  docker.osgeo.org/geoserver:2.24.1
+  docker.osgeo.org/geoserver:2.24.2
 ```
 
 **Note:** Do not change the target value!
@@ -183,15 +184,15 @@ Following is the list of the all the environment variables that can be passed do
 | VAR NAME | DESCRIPTION | SAMPLE VALUE |
 |--------------|-----------|------------|
 | PATH | Used by geoserver internally to find all the libs | `/usr/local/sbin:/usr/local/bin:` |
-| CATALINA_HOME | CATALINA home path | `/opt/apache-tomcat-9.0.86` |
+| CATALINA_HOME | CATALINA home path | `/usr/local/tomcat` (see also [here](https://github.com/docker-library/tomcat/blob/master/9.0/jdk17/temurin-jammy/Dockerfile)) |
 | EXTRA_JAVA_OPTS | Used to pass params to the JAVA environment. Check [ref](https://docs.oracle.com/en/java/javase/11/tools/java.html) | `-Xms256m -Xmx1g` |
 | CORS_ENABLED | CORS enabled configuration | `false` |
 | CORS_ALLOWED_ORIGINS | CORS origins configuration | `*` |
 | CORS_ALLOWED_METHODS | CORS method configuration | `GET,POST,PUT,DELETE,HEAD,OPTIONS` |
 | CORS_ALLOWED_HEADERS | CORS headers configuration | `*` |
 | DEBIAN_FRONTEND | Configures the Debian package manager frontend | `noninteractive`|
 | CATALINA_OPTS | Catalina options. Check [ref](https://www.baeldung.com/tomcat-catalina_opts-vs-java_opts) | `-Djava.awt.headless=true` |
-| GEOSERVER_DATA_DIR | Geosever data directory location | `/opt/geoserver_data/` |
+| GEOSERVER_DATA_DIR | Geoserver data directory location | `/opt/geoserver_data/` |
 | GEOSERVER_REQUIRE_FILE | Geoserver configuration used interally | `/opt/geoserver_data/global.xml` |
 | INSTALL_EXTENSIONS | Indicates whether additional GeoServer extensions should be installed | `false` |
 | WAR_ZIP_URL | Specifies the URL for a GeoServer Web Archive (WAR) file | |
@@ -209,7 +210,7 @@ The following values cannot really be safely changed (as they are used to downlo
 | VAR NAME | DESCRIPTION | SAMPLE VALUE |
 |--------------|-----------|------------|
 | GEOSERVER_VERSION | Geoserver version (used internally) | `2.24-SNAPSHOT`|
-| GEOSERVER_BUILD | Geosever build (used internally) | `1628` |
+| GEOSERVER_BUILD | Geoserver build (used internally) | `1628` |
 
 ## Troubleshooting
 

RELEASE.md

@@ -7,7 +7,7 @@ OSGeo maintains geoserver-docker.osgeo.org repository for publishing. The result
 Build locally:
 
 ```shell
-docker build -t geoserver-docker.osgeo.org/geoserver:2.24.1 .
+docker build -t geoserver-docker.osgeo.org/geoserver:2.24.2 .
 ```
 
 Login using with osgeo user id:
@@ -19,7 +19,7 @@ docker login geoserver-docker.osgeo.org
 Push to osgeo repository:
 
 ```shell
-docker push geoserver-docker.osgeo.org/geoserver:2.24.1
+docker push geoserver-docker.osgeo.org/geoserver:2.24.2
 ```
 
 ## How to automate release?
@@ -34,10 +34,10 @@ The third, optional, is used to supply the jenkins build number - triggering a n
 
 Examples:
 
-`./release.sh build 2.24.1`
+`./release.sh build 2.24.2`
 
-`./release.sh publish 2.24.1`
+`./release.sh publish 2.24.2`
 
-`./release.sh buildandpublish 2.24.1`
+`./release.sh buildandpublish 2.24.2`
 
 `./release.sh buildandpublish 2.24-SNAPSHOT 1234`

build/release.sh

@@ -9,7 +9,7 @@ function usage() {
   echo "$0 <mode> <version> [<build>]"
   echo ""
   echo " mode : The mode. Choose one of 'build', 'publish' or 'buildandpublish'"
-  echo " version : The released version to build an docker image for (eg: 2.24.1, ${MAIN}-SNAPSHOT, ${MAIN}-RC)"
+  echo " version : The released version to build an docker image for (eg: 2.24.2, ${MAIN}-SNAPSHOT, ${MAIN}-RC)"
   echo " build : Build number (optional)"
 }
 

docker-compose-demo.yml

@@ -4,7 +4,7 @@ services:
     build:
       context: .
       args:
-        - GEOSERVER_VERSION=2.24.1
+        - GEOSERVER_VERSION=2.24.2
         - CORS_ENABLED=true
         - CORS_ALLOWED_METHODS=GET,POST,PUT,HEAD,OPTIONS
     ports: