├── .gitignore
├── LICENSE
├── README.md
├── docker-baseimages
├── alpine-openjdk-jdk8
│ ├── Dockerfile
│ ├── README.md
│ └── test-build.sh
├── alpine-openjdk-jdk9
│ ├── Dockerfile
│ └── README.md
├── alpine-zulu-jdk13
│ ├── Dockerfile
│ ├── README.md
│ ├── hooks
│ │ └── build
│ └── shinit.sh
├── alpine-zulu-jdk8
│ ├── Dockerfile
│ ├── README.md
│ └── hooks
│ │ └── build
├── debase-openjdk-jdk10
│ ├── Dockerfile
│ ├── README.md
│ ├── hooks
│ │ └── build
│ └── shinit.sh
├── debian-sid-zulu-jdk8
│ ├── Dockerfile
│ └── README.md
├── debian-sid-zulu-jdk9
│ ├── Dockerfile
│ └── README.md
└── jvmprep
│ ├── Dockerfile
│ ├── README.md
│ └── shinit.sh
├── greylog2
├── Dockerfile
└── assets
│ └── plugin
│ └── AWSInput-0.4.0.jar
├── jenkins
├── Dockerfile
├── README.md
├── config.xml
├── hudson.tasks.Maven.xml
├── init.groovy
├── jenkins.sh
├── plugins.sh
└── plugins.txt
├── nexus
├── Dockerfile
└── README.md
├── parentpom
├── README.md
└── pom.xml
├── renovate.json
├── social coding.adoc
└── sonarqube
├── Dockerfile
├── README.md
└── run.sh
/.gitignore:
--------------------------------------------------------------------------------
1 | *.class
2 |
3 | # Package Files #
4 | *.jar
5 | *.war
6 | *.ear
7 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | Apache License
2 | Version 2.0, January 2004
3 | http://www.apache.org/licenses/
4 |
5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
6 |
7 | 1. Definitions.
8 |
9 | "License" shall mean the terms and conditions for use, reproduction,
10 | and distribution as defined by Sections 1 through 9 of this document.
11 |
12 | "Licensor" shall mean the copyright owner or entity authorized by
13 | the copyright owner that is granting the License.
14 |
15 | "Legal Entity" shall mean the union of the acting entity and all
16 | other entities that control, are controlled by, or are under common
17 | control with that entity. For the purposes of this definition,
18 | "control" means (i) the power, direct or indirect, to cause the
19 | direction or management of such entity, whether by contract or
20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the
21 | outstanding shares, or (iii) beneficial ownership of such entity.
22 |
23 | "You" (or "Your") shall mean an individual or Legal Entity
24 | exercising permissions granted by this License.
25 |
26 | "Source" form shall mean the preferred form for making modifications,
27 | including but not limited to software source code, documentation
28 | source, and configuration files.
29 |
30 | "Object" form shall mean any form resulting from mechanical
31 | transformation or translation of a Source form, including but
32 | not limited to compiled object code, generated documentation,
33 | and conversions to other media types.
34 |
35 | "Work" shall mean the work of authorship, whether in Source or
36 | Object form, made available under the License, as indicated by a
37 | copyright notice that is included in or attached to the work
38 | (an example is provided in the Appendix below).
39 |
40 | "Derivative Works" shall mean any work, whether in Source or Object
41 | form, that is based on (or derived from) the Work and for which the
42 | editorial revisions, annotations, elaborations, or other modifications
43 | represent, as a whole, an original work of authorship. For the purposes
44 | of this License, Derivative Works shall not include works that remain
45 | separable from, or merely link (or bind by name) to the interfaces of,
46 | the Work and Derivative Works thereof.
47 |
48 | "Contribution" shall mean any work of authorship, including
49 | the original version of the Work and any modifications or additions
50 | to that Work or Derivative Works thereof, that is intentionally
51 | submitted to Licensor for inclusion in the Work by the copyright owner
52 | or by an individual or Legal Entity authorized to submit on behalf of
53 | the copyright owner. For the purposes of this definition, "submitted"
54 | means any form of electronic, verbal, or written communication sent
55 | to the Licensor or its representatives, including but not limited to
56 | communication on electronic mailing lists, source code control systems,
57 | and issue tracking systems that are managed by, or on behalf of, the
58 | Licensor for the purpose of discussing and improving the Work, but
59 | excluding communication that is conspicuously marked or otherwise
60 | designated in writing by the copyright owner as "Not a Contribution."
61 |
62 | "Contributor" shall mean Licensor and any individual or Legal Entity
63 | on behalf of whom a Contribution has been received by Licensor and
64 | subsequently incorporated within the Work.
65 |
66 | 2. Grant of Copyright License. Subject to the terms and conditions of
67 | this License, each Contributor hereby grants to You a perpetual,
68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable
69 | copyright license to reproduce, prepare Derivative Works of,
70 | publicly display, publicly perform, sublicense, and distribute the
71 | Work and such Derivative Works in Source or Object form.
72 |
73 | 3. Grant of Patent License. Subject to the terms and conditions of
74 | this License, each Contributor hereby grants to You a perpetual,
75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable
76 | (except as stated in this section) patent license to make, have made,
77 | use, offer to sell, sell, import, and otherwise transfer the Work,
78 | where such license applies only to those patent claims licensable
79 | by such Contributor that are necessarily infringed by their
80 | Contribution(s) alone or by combination of their Contribution(s)
81 | with the Work to which such Contribution(s) was submitted. If You
82 | institute patent litigation against any entity (including a
83 | cross-claim or counterclaim in a lawsuit) alleging that the Work
84 | or a Contribution incorporated within the Work constitutes direct
85 | or contributory patent infringement, then any patent licenses
86 | granted to You under this License for that Work shall terminate
87 | as of the date such litigation is filed.
88 |
89 | 4. Redistribution. You may reproduce and distribute copies of the
90 | Work or Derivative Works thereof in any medium, with or without
91 | modifications, and in Source or Object form, provided that You
92 | meet the following conditions:
93 |
94 | (a) You must give any other recipients of the Work or
95 | Derivative Works a copy of this License; and
96 |
97 | (b) You must cause any modified files to carry prominent notices
98 | stating that You changed the files; and
99 |
100 | (c) You must retain, in the Source form of any Derivative Works
101 | that You distribute, all copyright, patent, trademark, and
102 | attribution notices from the Source form of the Work,
103 | excluding those notices that do not pertain to any part of
104 | the Derivative Works; and
105 |
106 | (d) If the Work includes a "NOTICE" text file as part of its
107 | distribution, then any Derivative Works that You distribute must
108 | include a readable copy of the attribution notices contained
109 | within such NOTICE file, excluding those notices that do not
110 | pertain to any part of the Derivative Works, in at least one
111 | of the following places: within a NOTICE text file distributed
112 | as part of the Derivative Works; within the Source form or
113 | documentation, if provided along with the Derivative Works; or,
114 | within a display generated by the Derivative Works, if and
115 | wherever such third-party notices normally appear. The contents
116 | of the NOTICE file are for informational purposes only and
117 | do not modify the License. You may add Your own attribution
118 | notices within Derivative Works that You distribute, alongside
119 | or as an addendum to the NOTICE text from the Work, provided
120 | that such additional attribution notices cannot be construed
121 | as modifying the License.
122 |
123 | You may add Your own copyright statement to Your modifications and
124 | may provide additional or different license terms and conditions
125 | for use, reproduction, or distribution of Your modifications, or
126 | for any such Derivative Works as a whole, provided Your use,
127 | reproduction, and distribution of the Work otherwise complies with
128 | the conditions stated in this License.
129 |
130 | 5. Submission of Contributions. Unless You explicitly state otherwise,
131 | any Contribution intentionally submitted for inclusion in the Work
132 | by You to the Licensor shall be under the terms and conditions of
133 | this License, without any additional terms or conditions.
134 | Notwithstanding the above, nothing herein shall supersede or modify
135 | the terms of any separate license agreement you may have executed
136 | with Licensor regarding such Contributions.
137 |
138 | 6. Trademarks. This License does not grant permission to use the trade
139 | names, trademarks, service marks, or product names of the Licensor,
140 | except as required for reasonable and customary use in describing the
141 | origin of the Work and reproducing the content of the NOTICE file.
142 |
143 | 7. Disclaimer of Warranty. Unless required by applicable law or
144 | agreed to in writing, Licensor provides the Work (and each
145 | Contributor provides its Contributions) on an "AS IS" BASIS,
146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
147 | implied, including, without limitation, any warranties or conditions
148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
149 | PARTICULAR PURPOSE. You are solely responsible for determining the
150 | appropriateness of using or redistributing the Work and assume any
151 | risks associated with Your exercise of permissions under this License.
152 |
153 | 8. Limitation of Liability. In no event and under no legal theory,
154 | whether in tort (including negligence), contract, or otherwise,
155 | unless required by applicable law (such as deliberate and grossly
156 | negligent acts) or agreed to in writing, shall any Contributor be
157 | liable to You for damages, including any direct, indirect, special,
158 | incidental, or consequential damages of any character arising as a
159 | result of this License or out of the use or inability to use the
160 | Work (including but not limited to damages for loss of goodwill,
161 | work stoppage, computer failure or malfunction, or any and all
162 | other commercial damages or losses), even if such Contributor
163 | has been advised of the possibility of such damages.
164 |
165 | 9. Accepting Warranty or Additional Liability. While redistributing
166 | the Work or Derivative Works thereof, You may choose to offer,
167 | and charge a fee for, acceptance of support, warranty, indemnity,
168 | or other liability obligations and/or rights consistent with this
169 | License. However, in accepting such obligations, You may act only
170 | on Your own behalf and on Your sole responsibility, not on behalf
171 | of any other Contributor, and only if You agree to indemnify,
172 | defend, and hold each Contributor harmless for any liability
173 | incurred by, or claims asserted against, such Contributor by reason
174 | of your accepting any such warranty or additional liability.
175 |
176 | END OF TERMS AND CONDITIONS
177 |
178 | APPENDIX: How to apply the Apache License to your work.
179 |
180 | To apply the Apache License to your work, attach the following
181 | boilerplate notice, with the fields enclosed by brackets "{}"
182 | replaced with your own identifying information. (Don't include
183 | the brackets!) The text should be enclosed in the appropriate
184 | comment syntax for the file format. We also recommend that a
185 | file or class name and description of purpose be included on the
186 | same "printed page" as the copyright notice for easier
187 | identification within third-party archives.
188 |
189 | Copyright {yyyy} {name of copyright owner}
190 |
191 | Licensed under the Apache License, Version 2.0 (the "License");
192 | you may not use this file except in compliance with the License.
193 | You may obtain a copy of the License at
194 |
195 | http://www.apache.org/licenses/LICENSE-2.0
196 |
197 | Unless required by applicable law or agreed to in writing, software
198 | distributed under the License is distributed on an "AS IS" BASIS,
199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
200 | See the License for the specific language governing permissions and
201 | limitations under the License.
202 |
203 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # Maven Infrastructure using Docker
2 |
3 | A collection of tools and recepies to make your Maven world shine :/)
4 |
5 | ## The basics: Some good small Java JDK Docker Baseimages
6 |
7 | ### Java 8 JDK
8 | * alpine-zulu-jdk8 [](https://microbadger.com/images/cantara/alpine-zulu-jdk8 "Get your own image badge on microbadger.com")
9 | * https://hub.docker.com/r/cantara/alpine-zulu-jdk8/
10 | * https://github.com/Cantara/maven-infrastructure/tree/master/docker-baseimages/alpine-zulu-jdk8
11 | * alpine-openjdk-jdk8 [](https://microbadger.com/images/cantara/alpine-openjdk-jdk8 "Get your own image badge on microbadger.com")
12 | * https://hub.docker.com/r/cantara/alpine-openjdk-jdk8/
13 | * https://github.com/Cantara/maven-infrastructure/tree/master/docker-baseimages/alpine-openjdk-jdk8
14 | * debian-sid-zulu-jdk8 [](https://microbadger.com/images/cantara/debian-sid-zulu-jdk8 "Get your own image badge on microbadger.com")
15 | * https://hub.docker.com/r/cantara/debian-sid-zulu-jdk8/
16 | * https://github.com/Cantara/maven-infrastructure/tree/master/docker-baseimages/debian-sid-zulu-jdk8
17 |
18 |
19 | # Tools
20 |
21 | ## Nexus [](https://microbadger.com/images/cantara/nexus "Get your own image badge on microbadger.com")
22 | * https://hub.docker.com/r/cantara/nexus/
23 | * https://github.com/Cantara/maven-infrastructure/tree/master/nexus
24 |
25 |
26 | ## Jenkins [](https://microbadger.com/images/cantara/jenkins "Get your own image badge on microbadger.com")
27 | * https://hub.docker.com/r/cantara/jenkins/
28 | * https://github.com/Cantara/maven-infrastructure/tree/master/jenkins
29 |
30 | ## SonarCube [](https://microbadger.com/images/cantara/sonarqube "Get your own image badge on microbadger.com")
31 | * https://hub.docker.com/r/cantara/sonarqube/
32 | * https://github.com/Cantara/maven-infrastructure/tree/master/sonarqube
33 |
34 |
35 | ## Webproxy
36 |
37 | Not using docker yet.
38 |
39 |
40 | sudo aptitude install apache and use something like the following for webproxy config:
41 |
42 | ```
43 | NameVirtualHost *:80
44 |
45 | ServerName jenkins.company.no
46 | ProxyRequests Off
47 | ProxyPreserveHost ON
48 | ProxyPass / http://localhost:8080/ nocanon
49 | ProxyPassReverse / http://localhost:8080/
50 | ProxyPassReverse / http://jenkins.company.no/i
51 | AllowEncodedSlashes NoDecode
52 |
53 |
54 | ServerName mvnrepo.company.no
55 | ProxyPreserveHost ON
56 | ProxyPass / http://localhost:8081/
57 | ProxyPassReverse / http://localhost:8081/
58 |
59 | ```
60 |
61 | ## Maven Parent POM
62 | https://github.com/Cantara/maven-infrastructure/tree/master/parentpom
63 |
64 | ## Version Control
65 |
66 | https://github.com/ or set up your own git server.
67 |
68 |
69 | ## Aggregated log-server
70 | An initial setup for the greylog2 log-server is provided
71 |
72 |
--------------------------------------------------------------------------------
/docker-baseimages/alpine-openjdk-jdk8/Dockerfile:
--------------------------------------------------------------------------------
1 | #
2 | # Alpine Linux - OpenJDK8 Dockerfile
3 | #
4 |
5 | FROM alpine:latest
6 |
7 | MAINTAINER Henrik Steen
8 |
9 | USER root
10 |
11 | RUN \
12 | apk update && \
13 | apk upgrade && \
14 | apk add openjdk8 && \
15 | rm -rf /var/cache/apk/*
16 |
17 | ENV JAVA_HOME /usr/lib/jvm/java-1.8-openjdk
18 |
19 | WORKDIR /tmp
20 |
21 | CMD ["sh"]
22 |
--------------------------------------------------------------------------------
/docker-baseimages/alpine-openjdk-jdk8/README.md:
--------------------------------------------------------------------------------
1 | # OpenJDK 8 image
2 |
3 | OpenJDK 8 using Alpine Linux. Image virtual size approx. 111.8 MB (as of 2nd Feb 2016)
4 |
5 | [](http://microbadger.com/images/cantara/alpine-openjdk-jdk8 "Get your own version badge on microbadger.com")
6 |
7 | Image published at https://hub.docker.com/r/cantara/alpine-openjdk8/
8 |
9 | ```bash
10 | sudo docker pull cantara/alpine-openjdk-jdk8
11 | sudo docker run -it --rm cantara/alpine-openjdk-jdk8 java -version
12 | ```
13 |
14 | Build and test locally with `./test-build.sh`
15 |
16 |
--------------------------------------------------------------------------------
/docker-baseimages/alpine-openjdk-jdk8/test-build.sh:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 |
3 | docker build -t cantara/alpine-openjdk-jdk8 .
4 | docker run --rm -it cantara/alpine-openjdk-jdk8 sh -c "java -version; cat /etc/os-release"
5 |
6 |
--------------------------------------------------------------------------------
/docker-baseimages/alpine-openjdk-jdk9/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM alpine:latest
2 |
3 | ARG OPENJDK9_ALPINE_URL=http://download.java.net/java/jdk9-alpine/archive/181/binaries/serverjre-9-ea+181_linux-x64-musl_bin.tar.gz
4 |
5 | # Download and untar openjdk9-alpine from $OPENJDK9_ALPINE_URL
6 | RUN mkdir -p /usr/lib/jvm \
7 | && wget -c -O- --header "Cookie: oraclelicense=accept-securebackup-cookie" $OPENJDK9_ALPINE_URL \
8 | | tar -zxC /usr/lib/jvm
9 |
10 | # Default to UTF-8 file.encoding
11 | ENV LANG C.UTF-8
12 |
13 | ENV JAVA_HOME /usr/lib/jvm/jdk-9
14 | ENV PATH $PATH:$JAVA_HOME/bin
15 |
--------------------------------------------------------------------------------
/docker-baseimages/alpine-openjdk-jdk9/README.md:
--------------------------------------------------------------------------------
1 | # OpenJDK 9 image
2 |
3 | OpenJDK 9 using Alpine Linux. Image virtual size approx. 111.8 MB (as of 2nd Feb 2016)
4 |
5 | [](http://microbadger.com/images/cantara/alpine-openjdk-jdk9 "Get your own version badge on microbadger.com")
6 |
7 | Image published at https://hub.docker.com/r/cantara/alpine-openjdk-jdk9/
8 |
9 | ```bash
10 | sudo docker pull cantara/alpine-openjdk-jdk9
11 | sudo docker run -it --rm cantara/alpine-openjdk-jdk9 java -version
12 | ```
13 |
14 | Build and test locally with `./test-build.sh`
15 |
16 |
--------------------------------------------------------------------------------
/docker-baseimages/alpine-zulu-jdk13/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM alpine:latest
2 | ENV LANG en_US.UTF-8
3 | ENV LANGUAGE en_US:en
4 | ENV LC_ALL en_US.UTF-8
5 | RUN \
6 | apk update && \
7 | apk upgrade && \
8 | apk add wget curl && \
9 | rm -rf /var/cache/apk/*
10 |
11 | RUN wget https://cdn.azul.com/public_keys/alpine-signing@azul.com-5d5dc44c.rsa.pub
12 | RUN cp alpine-signing@azul.com-5d5dc44c.rsa.pub /etc/apk/keys/
13 | RUN echo "https://repos.azul.com/zulu/alpine" >> /etc/apk/repositories
14 | RUN apk update && \
15 | apk add zulu13-jdk
16 |
17 | # ENV JAVA_HOME /usr/lib/jvm/java-1.8-openjdk
18 |
19 | RUN java -version
20 |
21 | WORKDIR /root
22 |
--------------------------------------------------------------------------------
/docker-baseimages/alpine-zulu-jdk13/README.md:
--------------------------------------------------------------------------------
1 | ### What is Zulu? Zulu Duke in a Box
2 |
3 | Zulu is a widely available binary distribution of OpenJDK. Zulu distributions are fully tested and compatibility verified builds of the latest versions of the OpenJDK 9, 8, 7, and 6 platforms. Zulu is available free of charge for Linux, Windows, and MacOS platforms, with commercial support available upon request.
4 |
5 | Zulu is built, tested, supported and made available by Azul Systems.
6 |
7 | http://www.azul.com/zulu
8 |
9 | This is a stripped down docker image with the Zulu Open JDK 9 early preview using the Alpine Linux distribution so it is one of the smallest JDK9 Docker distributions in the world.
10 |
11 | [](http://microbadger.com/images/cantara/alpine-zulu-jdk9 "Get your own version badge on microbadger.com")
12 |
13 | ```
14 | sudo docker pull cantara/alpine-zulu-jdk9
15 | sudo docker run -it cantara/alpine-zulu-jdk9 java -version
16 | ```
17 | And have some fun
18 |
19 | ```
20 | sudo docker run -it cantara/alpine-zulu-jdk9 jshell ### Start the new REPL jshell (Project Kulla)
21 | ```
22 |
--------------------------------------------------------------------------------
/docker-baseimages/alpine-zulu-jdk13/hooks/build:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env sh
2 |
3 | echo "------ HOOK START - BUILD -------"
4 | printenv
5 |
6 | docker build --build-arg BUILD_DATE=`date -u +"%Y-%m-%dT%H:%M:%SZ"` --build-arg VCS_REF=$SOURCE_COMMIT -t $IMAGE_NAME .
7 |
8 | echo "------ HOOK END - BUILD -------"
9 |
--------------------------------------------------------------------------------
/docker-baseimages/alpine-zulu-jdk13/shinit.sh:
--------------------------------------------------------------------------------
1 | if [ -f $JAVA_HOME/conf/net.properties ]; then
2 | dockerRoute=$(route | grep '*')
3 | dockerNet=${dockerRoute/\.0.*/.*}
4 | sed -i $JAVA_HOME/conf/net.properties -e "s/nonProxyHosts=localhost|/nonProxyHosts=${dockerNet}|localhost|/"
5 | fi
6 |
7 |
--------------------------------------------------------------------------------
/docker-baseimages/alpine-zulu-jdk8/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM alpine:latest
2 | # cantara/jvmprep
3 |
4 | MAINTAINER totto@totto.org
5 | # Based upon work by josh@grahamis.com
6 | # If release changes, the checksum and URL need to be updated
7 | # See http://www.azulsystems.com/products/zulu/downloads#Linux
8 | #
9 | # https://cdn.azul.com/zulu/bin/zulu8.31.0.1-jdk8.0.181-linux_x64.tar.gz
10 | ARG BUILD_DATE
11 | ARG VCS_REF
12 | LABEL org.label-schema.build-date=$BUILD_DATE \
13 | org.label-schema.docker.dockerfile="/maven-infrastructure/docker-baseimages/alpine-zulu-jdk9/Dockerfile" \
14 | org.label-schema.license="Apache License - Version 2.0" \
15 | org.label-schema.name="Maven Docker Infrastructure - Zulu JDK8 Baseimage" \
16 | org.label-schema.vcs-ref=$VCS_REF \
17 | org.label-schema.vcs-type="Github" \
18 | org.label-schema.vcs-url="https://github.com/Cantara/maven-infrastructure"
19 | # Replace duplicate files in JDK bin with links to JRE bin
20 | # If release changes, the checksum and URL need to be updated
21 | # See http://www.azulsystems.com/products/zulu/downloads#Linux
22 | #
23 | # Replace duplicate files in JDK bin with links to JRE bin
24 |
25 | RUN \
26 | apk update && \
27 | apk upgrade && \
28 | apk add wget curl && \
29 | rm -rf /var/cache/apk/*
30 |
31 | RUN wget https://cdn.azul.com/public_keys/alpine-signing@azul.com-5d5dc44c.rsa.pub
32 | RUN cp alpine-signing@azul.com-5d5dc44c.rsa.pub /etc/apk/keys/
33 | RUN echo "https://repos.azul.com/zulu/alpine" >> /etc/apk/repositories
34 | RUN apk update && \
35 | apk add zulu8-jdk
36 |
37 | # ENV JAVA_HOME /usr/lib/jvm/java-1.8-openjdk
38 |
39 | RUN java -version
40 |
41 | WORKDIR /root
42 |
43 |
--------------------------------------------------------------------------------
/docker-baseimages/alpine-zulu-jdk8/README.md:
--------------------------------------------------------------------------------
1 | ### What is Zulu? Zulu Duke in a Box
2 |
3 | Zulu is a widely available binary distribution of OpenJDK. Zulu distributions are fully tested and compatibility verified builds of the latest versions of the OpenJDK 9, 8, 7, and 6 platforms. Zulu is available free of charge for Linux, Windows, and MacOS platforms, with commercial support available upon request.
4 |
5 | Zulu is built, tested, supported and made available by Azul Systems.
6 |
7 | http://www.azul.com/zulu
8 |
9 | This is a stripped down docker image with the Zulu Open JDK 8 TCK verified distribution using the Alpine Linux distribution so it is one of the smallest JDK8 Docker distributions in the world.
10 |
11 | [](http://microbadger.com/images/cantara/alpine-zulu-jdk8 "Get your own version badge on microbadger.com")
12 |
13 | ```
14 | sudo docker pull cantara/alpine-zulu-jdk8
15 | sudo docker run -it cantara/alpine-zulu-jdk8 java -version
16 | ```
17 |
18 |
--------------------------------------------------------------------------------
/docker-baseimages/alpine-zulu-jdk8/hooks/build:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env sh
2 |
3 | echo "------ HOOK START - BUILD -------"
4 | printenv
5 |
6 | docker build --build-arg BUILD_DATE=`date -u +"%Y-%m-%dT%H:%M:%SZ"` --build-arg VCS_REF=$SOURCE_COMMIT -t $IMAGE_NAME .
7 |
8 | echo "------ HOOK END - BUILD -------"
9 |
--------------------------------------------------------------------------------
/docker-baseimages/debase-openjdk-jdk10/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM blitznote/debase:16.04
2 | # 17.10
3 | MAINTAINER bard.lind@gmail.com
4 |
5 | RUN apt-get update && apt-get upgrade -y
6 |
7 | RUN /usr/bin/curl -k -O https://download.java.net/java/GA/jdk10/10/binaries/openjdk-10_linux-x64_bin.tar.gz
8 | RUN ls
9 | RUN tar xzvf openjdk-10_linux-x64_bin.tar.gz && \
10 | mkdir /usr/lib/jvm && \
11 | chpst -u root mv jdk-10 /usr/lib/jvm/java-10-openjdk-x64/ && \
12 | rm openjdk-10_linux-x64_bin.tar.gz
13 | ENV PATH="/usr/lib/jvm/java-10-openjdk-x64/bin:${PATH}"
14 |
15 | RUN chpst -u root update-alternatives --install /usr/bin/java java /usr/lib/jvm/java-10-openjdk-x64/bin/java 1
16 | RUN chpst -u root update-alternatives --install /usr/bin/javac javac /usr/lib/jvm/java-10-openjdk-x64/bin/javac 1
17 | RUN java -version
18 |
--------------------------------------------------------------------------------
/docker-baseimages/debase-openjdk-jdk10/README.md:
--------------------------------------------------------------------------------
1 | ### Minimal Ubuntu distribution with JDK 10
2 |
3 | From https://github.com/Blitznote/debase
4 |
5 | ```
6 | sudo docker pull cantara/debase-openjdk-jdk10
7 | sudo docker run -it cantara/debase-openjdk-jdk10 java -version
8 | ```
9 | And have some fun
10 |
11 | ```
12 | sudo docker run -it cantara/debase-openjdk-jdk10 jshell ### Start the new REPL jshell (Project Kulla)
13 | ```
14 |
--------------------------------------------------------------------------------
/docker-baseimages/debase-openjdk-jdk10/hooks/build:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env sh
2 |
3 | echo "------ HOOK START - BUILD -------"
4 | printenv
5 |
6 | docker build --build-arg BUILD_DATE=`date -u +"%Y-%m-%dT%H:%M:%SZ"` --build-arg VCS_REF=$SOURCE_COMMIT -t $IMAGE_NAME .
7 |
8 | echo "------ HOOK END - BUILD -------"
9 |
--------------------------------------------------------------------------------
/docker-baseimages/debase-openjdk-jdk10/shinit.sh:
--------------------------------------------------------------------------------
1 | if [ -f $JAVA_HOME/conf/net.properties ]; then
2 | dockerRoute=$(route | grep '*')
3 | dockerNet=${dockerRoute/\.0.*/.*}
4 | sed -i $JAVA_HOME/conf/net.properties -e "s/nonProxyHosts=localhost|/nonProxyHosts=${dockerNet}|localhost|/"
5 | fi
6 |
7 |
--------------------------------------------------------------------------------
/docker-baseimages/debian-sid-zulu-jdk8/Dockerfile:
--------------------------------------------------------------------------------
1 | # Docker file inspired by
2 | ## https://github.com/docker-library/buildpack-deps/blob/a0a59c61102e8b079d568db69368fb89421f75f2/sid/curl/Dockerfile
3 | ## https://github.com/jenkinsci/docker
4 | ## https://github.com/docker-library/java/blob/b4a3c296023e590e410f645ab83d3c11a30cf535/openjdk-8-jdk/Dockerfile
5 | ## https://github.com/zulu-openjdk/zulu-openjdk/blob/master/debian/8u45-8.7.0.5/Dockerfile
6 | ## https://github.com/zulu-openjdk/zulu-openjdk/blob/master/debian/8u66-8.11.0.1/Dockerfile
7 | ## https://cdn.azul.com/zulu/bin/zulu8.31.0.1-jdk8.0.181-linux_x64.tar.gz
8 |
9 | FROM debian:sid
10 | MAINTAINER erik-dev@fjas.no
11 |
12 | RUN echo "export TERM=xtermc" >> ~/.bashrc
13 | # use norwegian debian mirror to speed up downloads
14 | #RUN echo "deb http://ftp.no.debian.org/debian/ sid main" > /etc/apt/sources.list
15 |
16 | RUN apt-get update &&apt-get upgrade -y && apt-get install -y --no-install-recommends \
17 | ca-certificates curl wget zip unzip bzip2 vim less procps gnupg2 dirmngr \
18 | && rm -rf /var/lib/apt/lists/*
19 |
20 |
21 | RUN echo "alias ll='ls -l --color=auto'" >> /etc/bash.bashrc
22 | RUN echo "alias la='ls -la --color=auto'" >> /etc/bash.bashrc
23 |
24 | ENV LANG C.UTF-8
25 |
26 | ### Install JDK
27 | # see https://bugs.debian.org/775775
28 | # and https://github.com/docker-library/java/issues/19#issuecomment-70546872
29 | ENV CA_CERTIFICATES_JAVA_VERSION 20140324
30 |
31 | # Pull Zulu OpenJDK binaries from official repository:
32 | # Jenkins Docker image has a reference to /usr/lib/jvm/zulu-8-amd64/ in config.xml. Review if changing to different jdk.
33 | # RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 0x219BD9C9
34 | # RUN echo "deb http://repos.azulsystems.com/debian stable main" >> /etc/apt/sources.list.d/zulu.list
35 | # RUN apt-get -qq update && apt-get -y install zulu-8=8.11.0.1 ca-certificates-java="$CA_CERTIFICATES_JAVA_VERSION" && rm -rf /var/lib/apt/lists/*
36 | RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 0x219BD9C9
37 | RUN echo 'deb http://repos.azulsystems.com/debian stable main' > /etc/apt/sources.list.d/zulu.list
38 | RUN apt-get update
39 | RUN apt-get -y upgrade
40 | RUN apt-get -y install fontconfig-config
41 | RUN apt-get -y install ucf
42 | RUN apt-get -y install zulu-8
43 | #=8.13.0.5
44 | #ca-certificates-java="$CA_CERTIFICATES_JAVA_VERSION"
45 | RUN rm -rf /var/lib/apt/lists/*
46 |
47 | # see CA_CERTIFICATES_JAVA_VERSION notes above
48 | #RUN /var/lib/dpkg/info/ca-certificates-java.postinst configure
49 |
--------------------------------------------------------------------------------
/docker-baseimages/debian-sid-zulu-jdk8/README.md:
--------------------------------------------------------------------------------
1 | What is Zulu? Zulu Duke in a Box
2 |
3 | Zulu is a widely available binary distribution of OpenJDK. Zulu distributions are fully tested and compatibility verified builds of the latest versions of the OpenJDK 9, 8, 7, and 6 platforms. Zulu is av
4 | ailable free of charge for Linux, Windows, and MacOS platforms, with commercial support available upon request.
5 |
6 | Zulu is built, tested, supported and made available by Azul Systems.
7 |
8 | http://www.azul.com/zulu
9 |
10 | This is a stripped down docker image with the Zulu Open JDK 8 on debian SID
11 |
12 | [](http://microbadger.com/images/cantara/debian-sid-zulu-jdk8 "Get your own version badge on microbadger.com")
13 |
14 | ```
15 | sudo docker pull cantara/debian-sid-zulu-jdk8
16 | sudo docker run -it cantara/debian-sid-zulu-jdk8 java -version
17 | ```
18 |
--------------------------------------------------------------------------------
/docker-baseimages/debian-sid-zulu-jdk9/Dockerfile:
--------------------------------------------------------------------------------
1 | # Docker file inspired by
2 | ## https://github.com/docker-library/buildpack-deps/blob/a0a59c61102e8b079d568db69368fb89421f75f2/sid/curl/Dockerfile
3 | ## https://github.com/jenkinsci/docker
4 | ## https://github.com/docker-library/java/blob/b4a3c296023e590e410f645ab83d3c11a30cf535/openjdk-8-jdk/Dockerfile
5 | ## https://github.com/zulu-openjdk/zulu-openjdk/blob/master/debian/8u45-8.7.0.5/Dockerfile
6 | ## https://github.com/zulu-openjdk/zulu-openjdk/blob/master/debian/8u66-8.11.0.1/Dockerfile
7 |
8 | FROM debian:sid-slim
9 | MAINTAINER erik-dev@fjas.no
10 |
11 | ARG BUILD_DATE
12 | ARG VCS_REF
13 | LABEL org.label-schema.build-date=$BUILD_DATE \
14 | org.label-schema.docker.dockerfile="/maven-infrastructure/docker-baseimages/alpine-zulu-jdk9/Dockerfile" \
15 | org.label-schema.license="Apache License - Version 2.0" \
16 | org.label-schema.name="Maven Docker Infrastructure - Zulu JDK9 Baseimage" \
17 | org.label-schema.vcs-ref=$VCS_REF \
18 | org.label-schema.vcs-type="Github" \
19 | org.label-schema.vcs-url="https://github.com/Cantara/maven-infrastructure"
20 |
21 |
22 | RUN echo "export TERM=xtermc" >> ~/.bashrc
23 | # use norwegian debian mirror to speed up downloads
24 | #RUN echo "deb http://ftp.no.debian.org/debian/ sid main" > /etc/apt/sources.list
25 |
26 | RUN apt-get update &&apt-get upgrade -y&&apt-get install -y --no-install-recommends \
27 | ca-certificates curl wget zip unzip bzip2 vim less \
28 | && rm -rf /var/lib/apt/lists/*
29 |
30 | RUN apt-get -y upgrade
31 |
32 | RUN echo "alias ll='ls -l --color=auto'" >> /etc/bash.bashrc
33 | RUN echo "alias la='ls -la --color=auto'" >> /etc/bash.bashrc
34 |
35 | ENV LANG C.UTF-8
36 |
37 | ### Install JDK
38 | # see https://bugs.debian.org/775775
39 | # and https://github.com/docker-library/java/issues/19#issuecomment-70546872
40 | ENV CA_CERTIFICATES_JAVA_VERSION 20140324
41 |
42 | # Pull Zulu OpenJDK binaries from official repository:
43 | # Jenkins Docker image has a reference to /usr/lib/jvm/zulu-8-amd64/ in config.xml. Review if changing to different jdk.
44 | # If release changes, the checksum and URL need to be updated
45 | # See http://www.azulsystems.com/products/zulu/downloads#Linux
46 | #
47 | # Replace duplicate files in JDK bin with links to JRE bin
48 | RUN \
49 | checksum="22c0564-cd07ef8-558feaef85100" && \
50 | url="http://cdn.azul.com/zulu/bin/zulu9.0.4.1-jdk9.0.4-linux_x64.tar.gz" && \
51 | referer="http://www.azulsystems.com/zuludoc" && \
52 | etag=$(curl -sI --referer "${referer}" "${url}" | awk -F"\"|:" '/^ETag: / {print $3}') && \
53 | # if [ "X${checksum}" == "X${etag}" ]; then \
54 | curl -O -L --referer "${referer}" "${url}"; \
55 | # else \
56 | # echo "[FATAL] Java ZIP ETag ${etag} doesn't match checksum ${checksum}. Exiting." >&2 && \
57 | # exit 1; \
58 | # fi && \
59 | tar -xzf zulu*.gz && \
60 | rm zulu*.gz
61 | # mkdir -p $(dirname ${JAVA_HOME}) && \
62 | # mv * ${JAVA_HOME} && \
63 | # cd .. && \
64 | # rmdir ${OLDPWD} && \
65 | # cd ${JAVA_HOME} && \
66 | # rm -rf *.zip demo man sample && \
67 | # for ff in ${JAVA_HOME}/bin/*; do f=$(basename $ff); if [ -e ${JRE}/bin/$f ]; then ln -snf ${JRE}/bin/$f $ff; fi; done && \
68 | # chmod a+w ${JRE}/lib ${JRE}/lib/net.properties && \
69 | # rm -rf /var/cache/apk/*
70 |
71 |
72 | RUN mv zul* /usr/local/java
73 | RUN ln -s /usr/local/java/bin/java /bin/java
74 |
75 | # see CA_CERTIFICATES_JAVA_VERSION notes above
76 | # RUN /var/lib/dpkg/info/ca-certificates-java.postinst configure
77 |
--------------------------------------------------------------------------------
/docker-baseimages/debian-sid-zulu-jdk9/README.md:
--------------------------------------------------------------------------------
1 | ### What is Zulu? Zulu Duke in a Box
2 |
3 | Zulu is a widely available binary distribution of OpenJDK. Zulu distributions are fully tested and compatibility verified builds of the latest versions of the OpenJDK 9, 8, 7, and 6 platforms. Zulu is av
4 | ailable free of charge for Linux, Windows, and MacOS platforms, with commercial support available upon request.
5 |
6 | Zulu is built, tested, supported and made available by Azul Systems.
7 |
8 | http://www.azul.com/zulu
9 |
10 | This is a stripped down docker image with the Zulu Open JDK 9 early preview using the Deboan Linux distribution.
11 |
12 | [](http://microbadger.com/images/cantara/debian-sid-zulu-jdk9 "Get your own version badge on microbadger.com")
13 |
14 | ```
15 | sudo docker pull cantara/debian-sid-zulu-jdk9
16 | sudo docker run -it cantara/debian-sid-zulu-jdk9 -version
17 | ```
18 | And have some fun
19 |
20 | ```
21 | sudo docker run -it cantara/debian-sid-zulu-jdk9 jshell ### Start the new REPL jshell (Project Kulla)
22 | ```
23 |
24 |
--------------------------------------------------------------------------------
/docker-baseimages/jvmprep/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM frolvlad/alpine-glibc:alpine-3.4
2 | # gliderlabs/alpine:3.4
3 | # alpine:latest
4 | # gliderlabs/alpine:3.2
5 |
6 | MAINTAINER totto@totto.org
7 |
8 | USER root
9 |
10 | # Install packages
11 | RUN \
12 | echo ipv6 >> /etc/modules && \
13 | apk update && \
14 | apk upgrade && \
15 | apk add --update ca-certificates curl
16 |
17 |
18 |
19 | # Secure the container so that no base users (e.g. root, operator) have a login.
20 | # Provide a script that runs every container invocation (specifically to update Java net.properties).
21 | # Get ready to accept a JVM installation.
22 |
23 | ENV JAVA_HOME /usr/local/java
24 | ENV JRE ${JAVA_HOME}/jre
25 | ENV JAVA_OPTS=-Djava.awt.headless=true PATH=${PATH}:${JRE}/bin:${JAVA_HOME}/bin
26 | ENV ENV=/etc/shinit.sh
27 |
28 | COPY shinit.sh /etc/
29 |
30 | RUN \
31 | chmod a=rx /etc/shinit.sh && \
32 | mkdir java
33 |
34 | WORKDIR /tmp/java
35 |
--------------------------------------------------------------------------------
/docker-baseimages/jvmprep/README.md:
--------------------------------------------------------------------------------
1 | BASE image for minimal JDK images on alpine linux
2 |
--------------------------------------------------------------------------------
/docker-baseimages/jvmprep/shinit.sh:
--------------------------------------------------------------------------------
1 | if [ -f $JRE/lib/net.properties ]; then
2 | dockerRoute=$(route | grep '*')
3 | dockerNet=${dockerRoute/\.0.*/.*}
4 | sed -i $JRE/lib/net.properties -e "s/nonProxyHosts=localhost|/nonProxyHosts=${dockerNet}|localhost|/"
5 | fi
6 |
--------------------------------------------------------------------------------
/greylog2/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM phusion/baseimage:0.10.2
2 | MAINTAINER Thor Henning Hetland
3 |
4 | ENV DEBIAN_FRONTEND noninteractive
5 |
6 | ENV JAVA_HOME /opt/graylog/embedded/jre
7 |
8 | RUN apt-get update && \
9 | apt-get install -y curl ntp ntpdate tzdata && \
10 | curl -O -L https://packages.graylog2.org/releases/graylog2-omnibus/ubuntu/graylog_latest.deb && \
11 | dpkg -i graylog_latest.deb && \
12 | rm graylog_latest.deb && \
13 | sed -i "0,/^\s*$/s//\/opt\/graylog\/embedded\/share\/docker\/run_graylogctl\n/" /etc/rc.local && \
14 | sed -i "0,/^\s*$/s//tail\ \-F\ \/var\/log\/graylog\/server\/current\ \&\n/" /etc/rc.local && \
15 | apt-get clean && \
16 | rm -rf /tmp/* /var/tmp/*
17 |
18 | VOLUME /var/opt/graylog/data
19 | VOLUME /var/log/graylog
20 | VOLUME /opt/graylog/plugin
21 | VOLUME /opt/graylog/conf/nginx/ca
22 |
23 | # add plugins
24 | # https://www.graylog.org/sign-in?glredirect=%2Fresource%2Fplugin%2F5453d4e0e4b0d324cb87ad5e%2F
25 | ADD assets/plugin/AWSInput-0.4.0.jar /opt/graylog/plugin/AWSInput-0.4.0.jar
26 |
27 |
28 | # web interface
29 | EXPOSE 9000
30 | EXPOSE 443
31 | # gelf tcp
32 | EXPOSE 12201
33 | # gelf udp
34 | EXPOSE 12201/udp
35 | # rest api
36 | EXPOSE 12900
37 | # etcd
38 | EXPOSE 4001
39 | # syslog
40 | EXPOSE 514
41 | EXPOSE 514/udp
42 |
43 | CMD ["/opt/graylog/embedded/share/docker/my_init"]
44 |
45 |
--------------------------------------------------------------------------------
/greylog2/assets/plugin/AWSInput-0.4.0.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Cantara/maven-infrastructure/b39d1748aa1c9396428227fdd7f4208bc20aad16/greylog2/assets/plugin/AWSInput-0.4.0.jar
--------------------------------------------------------------------------------
/jenkins/Dockerfile:
--------------------------------------------------------------------------------
1 | # Docker file inspired by:
2 | ## https://github.com/jenkinsci/docker
3 | ## https://github.com/docker-library/java/blob/b4a3c296023e590e410f645ab83d3c11a30cf535/openjdk-8-jdk/Dockerfile
4 | ## https://github.com/zulu-openjdk/zulu-openjdk/blob/master/debian/8u45-8.7.0.5/Dockerfile
5 | ## https://github.com/docker-library/buildpack-deps/blob/a0a59c61102e8b079d568db69368fb89421f75f2/sid/scm/Dockerfile
6 | ## https://github.com/docker-library/buildpack-deps/blob/a0a59c61102e8b079d568db69368fb89421f75f2/sid/curl/Dockerfile
7 |
8 | FROM cantara/debian-sid-zulu-jdk8
9 |
10 | MAINTAINER erik-dev@fjas.no
11 |
12 | RUN apt-get update &&apt-get upgrade -y
13 |
14 | # Jenkins is a strange product. It is often necessary to be able to log in to image and fix stuff.
15 | RUN apt-get update && apt-get upgrade -y && apt-get install -y --no-install-recommends \
16 | vim git openssh-client \
17 | && rm -rf /var/lib/apt/lists/*
18 |
19 |
20 | # Install StartCom certs
21 | ENV JAVA_HOME /usr/lib/jvm/zulu-8-amd64/
22 | #RUN wget --quiet --continue http://www.startssl.com/certs/ca.crt \
23 | # && keytool -import -trustcacerts -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit -noprompt -alias startcom.ca -file ca.crt \
24 | # && rm ca.crt
25 | #RUN wget --quiet --continue https://www.startssl.com/certs/sca.server1.crt \
26 | # && keytool -import -trustcacerts -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit -noprompt -alias startcom.ca.sub.class1 -file sca.server1.crt \
27 | # && rm sca.server1.crt
28 | #RUN wget --quiet --continue https://www.startssl.com/certs/sca.server2.crt \
29 | # && keytool -import -trustcacerts -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit -noprompt -alias startcom.ca.sub.class2 -file sca.server2.crt \
30 | # && rm sca.server2.crt
31 | #RUN wget --quiet --continue https://www.startssl.com/certs/sca.server3.crt \
32 | # && keytool -import -trustcacerts -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit -noprompt -alias startcom.ca.sub.class3 -file sca.server3.crt \
33 | # && rm sca.server3.crt
34 | #RUN wget --quiet --continue https://www.startssl.com/certs/sca.server4.crt \
35 | # && keytool -import -trustcacerts -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit -noprompt -alias startcom.ca.sub.class4 -file sca.server4.crt \
36 | # && rm sca.server4.crt
37 |
38 | ### Install maven
39 | ENV MAVEN_VERSION 3.3.3
40 |
41 | RUN curl --fail --silent --show-error --location --retry 3 \
42 | http://archive.apache.org/dist/maven/maven-3/$MAVEN_VERSION/binaries/apache-maven-$MAVEN_VERSION-bin.tar.gz \
43 | | tar xzf - -C /usr/share \
44 | && mv /usr/share/apache-maven-$MAVEN_VERSION /usr/share/maven \
45 | && ln -s /usr/share/maven/bin/mvn /usr/bin/mvn
46 |
47 | ENV MAVEN_HOME /usr/share/maven
48 |
49 | #CMD ["mvn"]
50 |
51 |
52 | ### Install Jenkins
53 | ENV JENKINS_HOME /var/jenkins_home
54 |
55 | # Jenkins is ran with user `jenkins`, uid = 1000
56 | # If you bind mount a volume from host/vloume from a data container,
57 | # ensure you use same uid
58 | RUN useradd -d "$JENKINS_HOME" -u 1000 -m -s /bin/bash jenkins
59 |
60 | # Jenkins home directoy is a volume, so configuration and build history
61 | # can be persisted and survive image upgrades
62 | VOLUME /var/jenkins_home
63 |
64 | # `/usr/share/jenkins/ref/` contains all reference configuration we want
65 | # to set on a fresh new installation. Use it to bundle additional plugins
66 | # or config file with your custom jenkins Docker image.
67 | RUN mkdir -p /usr/share/jenkins/ref/init.groovy.d
68 | COPY init.groovy /usr/share/jenkins/ref/init.groovy.d/tcp-slave-agent-port.groovy
69 |
70 | # ENV JENKINS_VERSION 1.609.3
71 | ENV JENKINS_VERSION 1.651.1
72 | #ENV JENKINS_SHA 96ee85602a41d68c164fb54d4796be5d1d9cc5d0
73 | ENV JENKINS_SHA bbfe03f35aad4e76ab744543587a04de0c7fe766
74 |
75 | # could use ADD but this one does not check Last-Modified header
76 | # see https://github.com/docker/docker/issues/8331
77 | RUN curl -L http://mirrors.jenkins-ci.org/war-stable/$JENKINS_VERSION/jenkins.war -o /usr/share/jenkins/jenkins.war
78 | #\
79 | # && echo "$JENKINS_SHA /usr/share/jenkins/jenkins.war" | sha1sum -c -
80 |
81 | ENV JENKINS_UC https://updates.jenkins-ci.org
82 | RUN chown -R jenkins "$JENKINS_HOME" /usr/share/jenkins/ref
83 |
84 | # for main web interface:
85 | EXPOSE 8080
86 |
87 | # will be used by attached slave agents:
88 | #EXPOSE 50000
89 |
90 | ENV COPY_REFERENCE_FILE_LOG /var/log/copy_reference_file.log
91 | RUN touch $COPY_REFERENCE_FILE_LOG && chown jenkins.jenkins $COPY_REFERENCE_FILE_LOG
92 |
93 | USER jenkins
94 |
95 | COPY jenkins.sh /usr/local/bin/jenkins.sh
96 | ENTRYPOINT ["/usr/local/bin/jenkins.sh"]
97 |
98 | # from a derived Dockerfile, can use `RUN plugin.sh active.txt` to setup /usr/share/jenkins/ref/plugins from a support bundle
99 | COPY plugins.sh /usr/local/bin/plugins.sh
100 |
101 |
102 | # preconfigure maven location
103 | COPY hudson.tasks.Maven.xml /usr/share/jenkins/ref/hudson.tasks.Maven.xml
104 | ## not working properly
105 | # https://raw.githubusercontent.com/paoloantinori/dockerfiles/master/centos/jenkins/Dockerfile
106 | #RUN printf " maven/usr/share/maven2" >> $JENKINS_HOME/hudson.tasks.Maven.xml ; chown jenkins:jenkins $JENKINS_HOME/hudson.tasks.Maven.xml
107 |
108 | #Ensure JDK path is set
109 | COPY config.xml /usr/share/jenkins/ref/config.xml
110 |
111 | COPY plugins.txt /usr/share/jenkins/plugins.txt
112 | RUN /usr/local/bin/plugins.sh /usr/share/jenkins/plugins.txt
113 |
--------------------------------------------------------------------------------
/jenkins/README.md:
--------------------------------------------------------------------------------
1 | # Jenkins continuous integration server
2 |
3 | Goal: Simplify installation and configuration of Jenkins for Java development.
4 |
5 | See https://github.com/jenkinsci/docker for tips, most of it is applicable to this fork as well.
6 |
7 | * Data is stored in a Data Volume Container. Latest Maven 3, Zulu JDK 8 and a few of the most useful plugins are preinstalled.
8 | * Jenkins Core: 1.609.3 (latest LTS), see http://jenkins-ci.org/changelog#stable
9 | * List of plugins: https://raw.githubusercontent.com/Cantara/maven-infrastructure/master/jenkins/plugins.txt
10 | * Webproxy (incl. TLS termination) is considered out of scope. Recommend using a separate docker container which links to this container.
11 | * https://docs.docker.com/userguide/dockerlinks/
12 |
13 | ## Install and use
14 |
15 | ### Install or upgrade Docker
16 |
17 | https://docs.docker.com/installation/ubuntulinux/
18 |
19 | ```
20 | wget -qO- https://get.docker.com/ | sh
21 | ```
22 |
23 |
24 | ### Install data volume container and jenkins
25 | ```
26 | sudo docker pull cantara/jenkins
27 | sudo docker create -v /var/jenkins_home --name jenkins-data cantara/jenkins
28 | sudo docker run -d -p 8080:8080 --volumes-from jenkins-data --name jenkins20150715 cantara/jenkins
29 | ```
30 |
31 | ### Initial Jenkins config, point your browser to http://localhost:8080/
32 | 1. Use jenkins to setup security and users
33 | * https://wiki.jenkins-ci.org/display/JENKINS/Standard+Security+Setup
34 | 2. Update plugins, http://localhost:8080/pluginManager/
35 | 3. Set up CI user with access to git/github repositories
36 | * Create SSH keys: https://developer.github.com/guides/managing-deploy-keys/#machine-users
37 | * Add SSH private key to Jenkins, http://localhost:8080/credentials/
38 | 4. Setup settings.xml to give Jenkins access to non-public Maven repos
39 | * Add settings.xml, http://localhost:8080/configfiles/
40 | * Remember to reference the settings.xml file in the build configuration for the Maven project.
41 |
42 | ## Backup
43 |
44 | See https://docs.docker.com/userguide/dockervolumes/#backup-restore-or-migrate-data-volumes
45 |
46 |
47 |
48 | ## Development
49 |
50 | ### TODO
51 |
52 | 1. Transitive plugin dependencies are not installed automatically and plugins are not updated to latest version. Perhaps this script https://gist.github.com/micw/e80d739c6099078ce0f3 can fix one or both problems?
53 |
54 |
55 | ### Build and run for development
56 |
57 | ```
58 | sudo docker build -t cantara/jenkins .
59 | sudo docker create -v /var/jenkins_home --name jenkins-data cantara/jenkins
60 | sudo docker run -d -p 8080:8080 --volumes-from jenkins-data --name jenkins20150515 cantara/jenkins
61 | ```
62 |
63 | * To stop and remove all containers:
64 | ```
65 | docker stop $(docker ps -a -q) && docker rm $(docker ps -a -q)
66 | ```
67 |
68 | * To log in to take a look:
69 | ```
70 | docker ps -a
71 | docker exec -it containerIdHere bash
72 | ```
73 |
74 | ### Decisions
75 |
76 | * Public git repo here: https://github.com/Cantara/maven-infrastructure
77 | * Dockerhub image built from source: cantara/jenkins
78 | * Decided to use Data Volume Container
79 | * Copied from https://github.com/jenkinsci/docker, instead of using _FROM jenkins_ because the published image used openjdk7.
80 | * Copied from https://github.com/docker-library/java/blob/b4a3c296023e590e410f645ab83d3c11a30cf535/openjdk-8-jdk/Dockerfile and switch to Zulu from OpenJDK
81 | * Install Maven using apt and update Jenkins config to reference it, _hudson.tasks.Maven.xml_.
82 | * Update Jenkins config to reference JDK installation, _config.xml_.
83 | * Install plugins usually used in Maven/Java projects.
84 |
85 |
86 | ### Plugins
87 |
88 | Maintain a list of plugins here to find plugin key, version and description of what it does.
89 |
90 | * https://wiki.jenkins-ci.org/display/JENKINS/SCM+API+Plugin
91 | * https://wiki.jenkins-ci.org/display/JENKINS/Git+Client+Plugin
92 | * https://wiki.jenkins-ci.org/display/JENKINS/GitHub+Plugin
93 | * https://wiki.jenkins-ci.org/display/JENKINS/Git+Plugin
94 | * https://wiki.jenkins-ci.org/display/JENKINS/Maven+Project+Plugin
95 | * https://wiki.jenkins-ci.org/display/JENKINS/Docker+Plugin
96 | * https://wiki.jenkins-ci.org/display/JENKINS/Config+File+Provider+Plugin#ConfigFileProviderPlugin-MavenServerCredentials%28since2.7%29
97 | * https://wiki.jenkins-ci.org/display/JENKINS/Build+Monitor+Plugin
98 | * https://wiki.jenkins-ci.org/display/JENKINS/Slack+Plugin
99 | * https://wiki.jenkins-ci.org/display/JENKINS/Static+Code+Analysis+Plug-ins
100 | * https://wiki.jenkins-ci.org/display/JENKINS/OWASP+Dependency-Check+Plugin
101 | * https://wiki.jenkins-ci.org/display/JENKINS/Release+Plugin
102 |
103 | ### Read more
104 |
105 | * http://www.catosplace.net/blog/2015/02/11/running-jenkins-in-docker-containers/
106 | * https://registry.hub.docker.com/_/jenkins/
107 | * https://github.com/jenkinsci/docker/blob/master/README.md
108 | * https://raw.githubusercontent.com/jenkinsci/docker/8f909abee98247ad482efb6d21833e2054e3e9de/Dockerfile
109 | * http://www.catosplace.net/blog/2015/02/11/running-jenkins-in-docker-containers/
110 | * http://container-solutions.com/2015/03/running-docker-in-jenkins-in-docker/
111 | * http://container-solutions.com/2014/12/understanding-volumes-docker/
112 | * http://container42.com/2014/11/18/data-only-container-madness/
113 | * https://github.com/paoloantinori/dockerfiles/blob/master/centos/jenkins/Dockerfile
114 |
--------------------------------------------------------------------------------
/jenkins/config.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | 1.596.3
5 | 2
6 | NORMAL
7 | true
8 |
9 |
10 | false
11 |
12 | ${JENKINS_HOME}/workspace/${ITEM_FULLNAME}
13 | ${ITEM_ROOTDIR}/builds
14 |
15 |
16 | zulu-8-amd64
17 | /usr/lib/jvm/zulu-8-amd64/
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 | 5
26 | 0
27 |
28 |
29 |
30 | All
31 | false
32 | false
33 |
34 |
35 |
36 | All
37 | 50000
38 |
39 |
40 |
41 |
42 |
--------------------------------------------------------------------------------
/jenkins/hudson.tasks.Maven.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | maven
6 | /usr/share/maven
7 |
8 |
9 |
10 |
11 |
--------------------------------------------------------------------------------
/jenkins/init.groovy:
--------------------------------------------------------------------------------
1 | import hudson.model.*;
2 | import jenkins.model.*;
3 |
4 |
5 | Thread.start {
6 | sleep 10000
7 | println "--> setting agent port for jnlp"
8 | Jenkins.instance.setSlaveAgentPort(50000)
9 | }
10 |
--------------------------------------------------------------------------------
/jenkins/jenkins.sh:
--------------------------------------------------------------------------------
1 | #! /bin/bash
2 |
3 | # Copy files from /usr/share/jenkins/ref into /var/jenkins_home
4 | # So the initial JENKINS-HOME is set with expected content.
5 | # Don't override, as this is just a reference setup, and use from UI
6 | # can then change this, upgrade plugins, etc.
7 | copy_reference_file() {
8 | f=${1%/}
9 | echo "$f" >> $COPY_REFERENCE_FILE_LOG
10 | rel=${f:23}
11 | dir=$(dirname ${f})
12 | echo " $f -> $rel" >> $COPY_REFERENCE_FILE_LOG
13 | if [[ ! -e /var/jenkins_home/${rel} ]]
14 | then
15 | echo "copy $rel to JENKINS_HOME" >> $COPY_REFERENCE_FILE_LOG
16 | mkdir -p /var/jenkins_home/${dir:23}
17 | cp -r /usr/share/jenkins/ref/${rel} /var/jenkins_home/${rel};
18 | fi;
19 | }
20 | export -f copy_reference_file
21 | echo "--- Copying files at $(date)" >> $COPY_REFERENCE_FILE_LOG
22 | find /usr/share/jenkins/ref/ -type f -exec bash -c 'copy_reference_file {}' \;
23 |
24 | # if `docker run` first argument start with `--` the user is passing jenkins launcher arguments
25 | if [[ $# -lt 1 ]] || [[ "$1" == "--"* ]]; then
26 | exec java $JAVA_OPTS -jar /usr/share/jenkins/jenkins.war $JENKINS_OPTS "$@"
27 | fi
28 |
29 | # As argument is not jenkins, assume user want to run his own process, for sample a `bash` shell to explore this image
30 | exec "$@"
31 |
32 |
--------------------------------------------------------------------------------
/jenkins/plugins.sh:
--------------------------------------------------------------------------------
1 | #! /bin/bash
2 |
3 | # Parse a support-core plugin -style txt file as specification for jenkins plugins to be installed
4 | # in the reference directory, so user can define a derived Docker image with just :
5 | #
6 | # FROM jenkins
7 | # COPY plugins.txt /plugins.txt
8 | # RUN /usr/local/bin/plugins.sh /plugins.txt
9 | #
10 |
11 | REF=/usr/share/jenkins/ref/plugins
12 | mkdir -p $REF
13 |
14 | while read spec; do
15 | plugin=(${spec//:/ });
16 | [[ ${plugin[0]} =~ ^# ]] && continue
17 | [[ ${plugin[0]} =~ ^\s*$ ]] && continue
18 | [[ -z ${plugin[1]} ]] && plugin[1]="latest"
19 | echo "Downloading ${plugin[0]}:${plugin[1]}"
20 | curl -s -L -f ${JENKINS_UC}/download/plugins/${plugin[0]}/${plugin[1]}/${plugin[0]}.hpi -o $REF/${plugin[0]}.hpi || echo "Failed to download ${plugin[0]}:${plugin[1]}"
21 | done < $1
22 |
--------------------------------------------------------------------------------
/jenkins/plugins.txt:
--------------------------------------------------------------------------------
1 | mailer:1.34.2
2 | token-macro:444.v52de7e9c573d
3 | javadoc:327.vdfe586651ee0
4 | scm-api:704.v3ce5c542825a_
5 | #ssh-credentials:1.11
6 | git-client:1.21.0
7 | #matrix-project:1.6
8 | #credentials:1.27
9 | git:2.6.5
10 | #github:1.18.2
11 | maven-plugin:3.26
12 | #docker-plugin:0.9.0-rc1
13 | #matrix-auth:1.2
14 | config-file-provider:982.vb_a_e458a_37021
15 | #script-security:1.14
16 | #antisamy-markup-formatter:1.3
17 | #cvs:2.12
18 | #subversion:2.5
19 | #pam-auth:1.2
20 | #translation:1.12
21 | #ldap:1.11
22 | junit:1312.v1a_235a_b_94a_31
23 | analysis-core:1.71
24 | dependency-check-jenkins-plugin:5.6.1
25 | slack:761.v2a_8770f0d169
26 | workflow-step-api:700.v6e45cb_a_5a_a_21
27 | build-monitor-plugin:1.14-979.v7d4d43828605
28 | release:2.19
29 | embeddable-build-status:548.v5653c6e28c41
30 | sonar:2.18
31 | jquery:1.12.4-3
32 |
--------------------------------------------------------------------------------
/nexus/Dockerfile:
--------------------------------------------------------------------------------
1 | # Docker file inspired by
2 | # https://github.com/Cantara/maven-infrastructure/blob/master/jenkins/Dockerfile
3 | # https://registry.hub.docker.com/u/sonatype/nexus/dockerfile/
4 |
5 | FROM cantara/debian-sid-zulu-jdk8
6 | #FROM cantara/alpine-zulu-jdk8
7 |
8 | MAINTAINER erik-dev@fjas.no
9 |
10 |
11 | RUN apt-get update &&apt-get upgrade -y
12 |
13 | ### Install Nexus
14 | ENV SONATYPE_WORK /sonatype-work/nexus
15 | ENV NEXUS_DL_URL http://download.sonatype.com/nexus/oss/nexus-2.12.1-01-bundle.tar.gz
16 | ENV NEXUS_VERSION 2.12.1-01
17 |
18 |
19 | RUN mkdir -p /opt/sonatype/nexus \
20 | && curl --fail --silent --show-error --location --retry 3 $NEXUS_DL_URL \
21 | | tar xzf - -C /tmp nexus-${NEXUS_VERSION} \
22 | && mv /tmp/nexus-${NEXUS_VERSION}/* /opt/sonatype/nexus/ \
23 | && rm -rf /tmp/nexus-${NEXUS_VERSION}
24 |
25 | # debian
26 | RUN adduser --system -u 1001 nexus
27 | # alpinelinx
28 | #RUN adduser -S -u 1001 -s /bin/false nexus
29 |
30 | EXPOSE 8081
31 | WORKDIR /opt/sonatype/nexus
32 | USER nexus
33 | ENV CONTEXT_PATH /
34 | ENV MAX_HEAP 768m
35 | ENV MIN_HEAP 256m
36 | ENV JAVA_OPTS -server -Djava.net.preferIPv4Stack=true
37 | ENV LAUNCHER_CONF ./conf/jetty.xml ./conf/jetty-requestlog.xml
38 | CMD java \
39 | -Dnexus-work=${SONATYPE_WORK} -Dnexus-webapp-context-path=${CONTEXT_PATH} \
40 | -Xms${MIN_HEAP} -Xmx${MAX_HEAP} \
41 | -cp 'conf/:lib/*' \
42 | ${JAVA_OPTS} \
43 | org.sonatype.nexus.bootstrap.Launcher ${LAUNCHER_CONF}
44 |
45 |
--------------------------------------------------------------------------------
/nexus/README.md:
--------------------------------------------------------------------------------
1 | # Nexus Artifact Repository
2 |
3 | Goal: Simplify installation and configuration of Nexus artifact repository.
4 |
5 | See https://registry.hub.docker.com/u/sonatype/nexus/ for tips, most of it is applicable to this fork as well.
6 |
7 | * Data is stored in a Data Volume Container. Latest Maven 3 and Zulu JDK 8 are preinstalled.
8 | * Nexus OSS: 2.11.3-01
9 | * Webproxy (incl. TLS termination) is considered out of scope. Recommend using a separate docker container which links to this container.
10 | * https://docs.docker.com/userguide/dockerlinks/
11 |
12 | ## Install and use
13 |
14 | ### Install or upgrade Docker
15 |
16 | https://docs.docker.com/installation/ubuntulinux/
17 |
18 | ```
19 | wget -qO- https://get.docker.com/ | sh
20 | ```
21 |
22 | ### Install data volume container and Nexus
23 | ```
24 | sudo docker pull cantara/nexus
25 | sudo docker create -v /sonatype-work --name nexus-data cantara/nexus
26 | sudo docker run -d -p 80:8081 --volumes-from nexus-data --name nexus20150708 cantara/nexus
27 | ```
28 |
29 | ### Test that service is running
30 | ```
31 | curl http://localhost:80/service/local/status
32 | ```
33 |
34 |
35 | ### Initial config, point your browser to http://localhost:80/
36 | 1. Review Post-Install Checklist and configure as appropriate
37 | * http://books.sonatype.com/nexus-book/reference/install-sect-repoman-post-install.html
38 | 2. Set up users and roles
39 | * https://wiki.cantara.no/display/sysadm/Artifact+repository+user+and+role+management
40 |
41 |
42 | ### Copy data from host into data volume container
43 | Nexus container must be running.
44 | Copy everything inside /path/to/hostdir/ into /sonatype-work/storage/ in container (which is a mounted data volume container).
45 | Change owner to nexus.
46 | Verify that everything looks like expected.
47 |
48 | ```
49 | cd /path/to/hostdir
50 | tar -cv * | sudo docker exec -i nexus20150714 tar x -C /sonatype-work/storage/
51 | sudo docker exec -i nexus20150714 chown nexus:nexus -R /sonatype-work/storage/
52 | sudo docker exec -it nexus20150714 ls -la /sonatype-work/storage
53 | ```
54 |
55 | * After copying repositories, add new hosted repositories matching the name of the copied folders.
56 | * https://books.sonatype.com/nexus-book/reference/config-sect-new-repo.html
57 | * Then add a scheduled task 'Rebuild Maven Metadata Files' and run it. It is not necessary to schedule it very often. Perhaps nightly or once a week..
58 | * http://blog.sonatype.com/2009/09/nexus-scheduled-tasks/#.VaUTSZO1mAk
59 |
60 |
61 |
62 | ## Backup
63 |
64 | See https://docs.docker.com/userguide/dockervolumes/#backup-restore-or-migrate-data-volumes
65 |
66 |
67 | ## Development
68 |
69 | ### Build and run for development
70 |
71 | ```
72 | sudo docker build -t cantara/nexus .
73 | sudo docker create -v /sonatype-work --name nexus-data cantara/nexus
74 | sudo docker run -d -p 8081:8081 --name nexus20150714 --volumes-from nexus-data cantara/nexus
75 | ```
76 |
77 | * To stop and remove all containers:
78 | ```
79 | sudo docker stop $(sudo docker ps -a -q) && sudo docker rm $(sudo docker ps -a -q)
80 | ```
81 |
82 | * To log in to take a look:
83 | ```
84 | sudo docker ps -a
85 | sudo docker exec -it containerIdHere bash
86 | ```
87 |
--------------------------------------------------------------------------------
/parentpom/README.md:
--------------------------------------------------------------------------------
1 | parentpom
2 | =========
3 | Maven Parent POM
4 | Inherit from this parent POM to avoid duplicating pluginManagement section.
5 |
--------------------------------------------------------------------------------
/parentpom/pom.xml:
--------------------------------------------------------------------------------
1 |
3 | 4.0.0
4 | no.cantara.emi
5 | parent
6 | 8
7 | pom
8 | Cantara Parent POM
9 |
10 | The responsibility of the parent pom is to avoid duplication of configuration that is identical between all Java projects.
11 | It should be minimal and non-intrusive - less is more.
12 | The responsibility is limited to
13 |
14 | * distributionManagement - default OSS repositories for snapshots and releases.
15 | It is possible to override this setting to use a customer project repository instead of the default, shared OSS repository.
16 |
17 | * pluginManagement - specify versions of build plugins to ensure build reproducability.
18 | Only plugins used by _most_ projects should be added.
19 | See description of recommendation here: https://maven.apache.org/guides/mini/guide-configuring-plugins.html.
20 |
21 | * maven-compiler-plugin - The default configuration for Maven Compiler Plugin is unsuited for most Java projects. The parent pom includes a configuration (for example JDK version and memory settings) considered appropritate for most Java projects.
22 |
23 |
24 | The parent pom should NOT be used for
25 | * depdendency management - dependencies will wary, adding dependency management to the parent pom creates a lot of unnecessary tight couplings.
26 | * build configuration - builds vary, except for java (see maven-compiler-plugin above), the parent pom should not be used for enforcing behaviour across projects.
27 | * reporting - maven reporting support is not that popular anymore
28 |
29 |
30 |
31 |
32 |
33 |
34 |
35 |
36 | cantara
37 | Cantara Release Repository
38 | https://mvnrepo.cantara.no/content/repositories/releases/
39 |
40 |
41 | cantara
42 | Cantara Snapshot Repository
43 | https://mvnrepo.cantara.no/content/repositories/snapshots/
44 |
45 |
46 |
47 |
48 |
49 |
50 |
51 | UTF-8
52 | 1.8
53 |
54 |
55 |
56 |
59 |
60 |
61 |
62 | org.apache.maven.plugins
63 | maven-assembly-plugin
64 | 3.7.1
65 |
66 |
67 | org.apache.maven.plugins
68 | maven-clean-plugin
69 | 3.4.1
70 |
71 |
72 | org.apache.maven.plugins
73 | maven-compiler-plugin
74 | 3.14.0
75 |
76 |
77 | org.apache.maven.plugins
78 | maven-deploy-plugin
79 | 3.1.4
80 |
81 |
82 | org.apache.maven.plugins
83 | maven-install-plugin
84 | 3.1.4
85 |
86 |
87 | org.apache.maven.plugins
88 | maven-jar-plugin
89 | 3.4.2
90 |
91 |
92 | org.apache.maven.plugins
93 | maven-javadoc-plugin
94 | 3.11.2
95 |
96 |
97 | org.apache.maven.plugins
98 | maven-release-plugin
99 | 3.1.1
100 |
101 |
102 | org.apache.maven.plugins
103 | maven-resources-plugin
104 | 3.3.1
105 |
106 |
107 | org.apache.maven.plugins
108 | maven-shade-plugin
109 | 3.6.0
110 |
111 |
112 | org.apache.maven.plugins
113 | maven-site-plugin
114 | 3.21.0
115 |
116 |
117 | org.apache.maven.plugins
118 | maven-source-plugin
119 | 3.3.1
120 |
121 |
122 | org.apache.maven.plugins
123 | maven-surefire-plugin
124 | 3.5.3
125 |
127 |
128 |
129 |
130 |
131 |
132 |
133 | maven-compiler-plugin
134 |
135 | ${jdk.version}
136 | ${jdk.version}
137 | ${project.build.sourceEncoding}
138 | 64m
139 | 512m
140 |
141 |
142 |
143 |
148 |
149 | org.apache.maven.plugins
150 | maven-enforcer-plugin
151 | 3.5.0
152 |
153 |
154 | enforce-maven
155 |
156 | enforce
157 |
158 |
159 |
160 |
161 | 3.0.5
162 |
163 |
164 |
165 |
166 |
167 |
168 |
169 |
170 |
171 |
--------------------------------------------------------------------------------
/renovate.json:
--------------------------------------------------------------------------------
1 | {
2 | "extends": [
3 | "config:base"
4 | ]
5 | }
6 |
--------------------------------------------------------------------------------
/social coding.adoc:
--------------------------------------------------------------------------------
1 | = Transparent social coding - tools, techniques and processes.
2 |
3 |
4 | == Motivation and goals
5 |
6 | In XX, we are changing almost every aspect of how we build the Xx platform. In order to try to be successful, we will have to optimize the processes and effort to the following key elements:
7 |
8 | Maximize for learning
9 | Learning by doing
10 | Experiment in "live", shared and transparent codebases.
11 | Transparency to learn/help each other and progress
12 | Speed - Move fast, learn and adjust
13 | Eliminate waste, collaborate by social codeing
14 | Transparency to reduce admin coordination overhead and double efforts
15 | Plan to fail, but fail early (and learn)
16 |
17 |
18 | A subnote: We all know that there is no "perfect" process for anything, the proposed flow below is meant to be the default mindset/flow. Deviations from the flow should be suggested and approved on case-to-case basis, especially in the beginning to build understanding of why and when deviations are needed and useful.are
19 |
20 | === Description
21 |
22 | ==== The benefits of social coding
23 |
24 | Social coding empowers knowledge exchange. Software engineers have ideas all day long. Through social coding, they can discover and reuse code or solutions that they might otherwise unnecessarily duplicate. With social coding, you can discover, share, and implement new ideas with friends, and even with strangers!
25 |
26 | Social coding can also increase the quality of your software. All developers can see and comment on the code changes. When you know that your code is going to be viewed by a wide audience, you have an added incentive to get it right. As the size of the audience increases, so does the likelihood that someone in the group knows the answer to a problem.
27 |
28 | Not only can you learn from social coding, but it can be fun. Social coding fosters a fun work environment, encourages peer recognition, and promotes meritocracy, all of which are important to the DevOps culture.
29 |
30 |
31 | ==== Reducing the size of the communications network
32 |
33 | Social coding tools such as GitHub greatly reduce the need for direct person-to-person communication in the software development process. GitHub employs extreme transparency, making all user actions publicly visible so that developers and teams can self-organize in a less centralized way.
34 |
35 | Perhaps the most important transparency features that GitHub provides are its embedded documentation, issues, and pull requests. In GitHub, a project's README file is a first class citizen that gets rendered on the project's home page and is indexed for search with the code. The README file is the first thing that a new contributor sees. If the file is well crafted, it can provide the information that a developer needs to get started rather than requiring that person to ask a project member for help.
36 |
37 | Issues are persisted message threads in the project context. Issues facilitate general project discussions and workflow management. Perhaps the most important characteristic of issues is that they are not addressed by default. Rather, all project maintainers are notified when a new issue is created and can respond or delegate the issue as needed. This structure frees a new contributor from having to discover who the right person on the project is to address their concerns.
38 |
39 | Because the features in GitHub are transparent, the communication network for a team can resemble a small-world network instead of a complete graph, reducing communication overhead to linear or even sublinear growth. One of the immediate implications of this efficient communication style is the ability to untangle cross-team dependencies that are related to prioritization and backlog management.
40 |
41 | For example, Team A uses code from Team B, and Team A needs a change in Team B's code. The traditional approach is to rely on Team B to make the change because that team possesses the knowledge to manage the code well. However, social coding empowers Team A to make and submit the change rather than wait for Team B to prioritize the work. Full project transparency gives Team A access to the same information that Team B has for how to manage the code.
42 |
43 |
44 | ==== Reducing communication overhead
45 |
46 | Beyond facilitating more effective and efficient team interactions, social coding tools and practices tend to reduce the number of conversations that are necessary. When project activities and conversations are publicly available and searchable, project maintainers are freed from having to answer the same questions repeatedly. Instead, users can search for answers to their questions before they ask the maintainers for guidance.
47 |
48 | GitHub facilitates long running asynchronous conversations through issues and sometimes pull requests. However, sometimes interacting in real time is a more efficient and productive way to work. SlackTeams provides a real-time collaboration experience that is both archived and searchable. While many instant messaging solutions are built primarily to facilitate point-to-point discussions, SlackTeams makes group chat a first-class feature. The focus on group chats is in keeping with the social coding principle of transparency, and it allows the broader team to benefit and learn from all conversations. Like GitHub issues, the group channels on SlackTeams are helpful because new contributors don't need to know who to address questions to. Rather, they can broadcast questions to all members of a channel and whomever has the answer can respond.
49 |
50 | What about when you need a whiteboard so that ideas can be generated quickly and reorganized later? This scenario is common in brainstorming sessions and retrospectives, which can be challenging to do through SlackTeams channels or GitHub issues. Thankfully, MURAL provides a shared, whiteboard context where teams can create and manage virtual sticky notes. These boards facilitate real-time collaboration and are persisted much like SlackTeams conversations.
51 | Tools
52 |
53 | As exemplified in the above description, we will leverage GitHub as the new source code repository for hero codebases. We will also leverage the use of GitHub issues to plan, track and communicate around the code. GitHub issues will not completely replace Jira, but will be the technical and codebase daily process tasks. Jira will continue to have a cross-repository, time-based functional view and will have an explicit or implicit mapping to codebases with their corresponding tasks. Jira issues which is not resolved with code/commits will not be mapped to GitHub issues. In many ways you might think of the Jira issues as a "What" perspective while GitHub issues will be the "How" perspective.
54 |
55 | ===== In GitHub, we will use a few dimensions to categorize an issue
56 |
57 | * Labels: This is typically non-functional requirements (scale ability (SLAs), health/readiness/introspection, multi-tenancy, evolve ability (patch/feature/semantic versioning/db migration++ or functional milestones and other categorizations like bug/new feature/critical_bug++
58 | * Milestones: Typically used as a organization of the backlog in terms of planned urgency and timeframe with examples like Blue sky (we do not know when), next tasks (always up for grabs), V1.2-release and such.
59 | * Projects: Is used to have an up-to-date view of the state of issues allocated to the current timeframe (sprint) including an explicit Definition-of-Done and DoD verification status.
60 |
61 |
62 | ==== Techniques and processes
63 |
64 | ===== Some words on commits
65 |
66 | To ensure an efficient and transparent code collaboration, we'll introduce a few guidelines.
67 |
68 | * Expectation of frequent commits
69 | ** it is OK to commit unfinished code, and we expect all developers to commit to the codebase daily(on master/head/trunk) when they are at work working on the codebase.
70 | * https://medium.com/@mattia.battiston/why-i-love-trunk-based-development-641fcf0b94a0[Why I love trunk-based development?]
71 | * We expect all developers to use 5-10 minutes every day browsing GitHub and look at their own and the others commit-diffs, and we expect developers to engage in other developers commit when they observe diffs which indicate misunderstandings, design and architectural degradation and bugs/error-prone design.
72 |
73 |
74 | ===== On README.md
75 |
76 | Links to running environments (for the common environments)
77 | API documentation(Swagger)
78 | CI/CD links
79 | Embedded repository status badges
80 | build status,
81 | version tag,
82 | SNYK-vulnerability status
83 | ++
84 | /health and/or /info endpoint links (displaying deployed version info and dataset-info)
85 | key service internals to help diagnose service staate
86 | service UI links
87 | Links to administrative info
88 | SCM (GitHib repo)
89 | Issues/Tasks/Porject links (Github + Jira) + dashboards
90 | Wikis (Github/Confluence)
91 | Developer introduction (build, test locally)
92 |
93 |
94 | When moving to many repositories/services it gets way more important to think of the README.md as a way to encourage/sell the value of the code-base to other developers/bystanders...
95 |
96 | - so adding working links to the README which show the /info of the service running live is useful...
97 | - i.e. a developer can then even from the Github web UI pick and merge a pull-request (dependency patch for example)...
98 | - check that it is built and working by clicking the CI status link for the repository...
99 | - and verifying that it is updated in DEVTEST by clicking the info link....
100 | - it simplifies and make using/updating/patching++ way, way more fast end efficient..
101 |
102 |
103 | .one use-case you may have in mind to guide is...
104 |
105 | - a developer is awoke at 0300 to fix a critical issue blocking the platform in production...
106 | - the developer is dead tired and has never seen the code-base before...
107 | - how to make sure that the developer fast get a correct understanding of the situation in order to fix the problem and release a patch to production as fast as possible
108 | (i.e. if production is running 1.2.5 and the current version of the code-base is 1.7.6 - the consequences for the result may be critical if a 1.7.6 patch is released versus a 1.2.7 patch..)
109 |
110 |
111 |
112 | ===== Some words on codebase dependencies.
113 |
114 | All codebases will use both SNYK and GitHub dependency analysis to expose known security vulnerabilities in dependencies. Patch-able vulnerable dependencies should be updated immediately, and are not allowed to remain un-patched for more than 2 patch-releases (see some words on semantic versoning and releases) as this represent a clear and present danger for XX as a business. In general, dependencies should never be more than 2 feature-releases from the latest dependency release without special dispensation.
115 | Some words on features
116 |
117 | All new business features on production codebases will be wrapped in Unleash feature toggles to provide they are not blocking release at any time to production. When the feature is done (see Definition-of-Done below), the developer and/or team are responsible to notify the product/module/feature owner without delay, so the product-team may verify and request changes to the feature as well as planning and getting ready for the feature release to our customers in the way the market and customers expect and require it. Features which require database changes (java microservices/modules) will use Flyway to auto-migrate existing datasources/databases.
118 |
119 |
120 | When we have features which spawn several services, the normal software engineering approach is to implement this in the core services first, and release these as we move up the stack to implement it in the services which depend on changes afterwords. if this is not possible, the last "safety-net" for partially implemented features across several services (meaning implementing old and new side by side, and disable the new stuff until it is complete/finished) as dscribed here: https://trunkbaseddevelopment.com/branch-by-abstraction/
121 |
122 |
123 | ===== Some words on semantic versioning and releases
124 |
125 | All modules in Xx will actively use semantic versioning to signal the state of releases. We will release (maven release for java modules/micro-services) very often to signal and enable testing and verification on all environments except DEVTEST. Typically we will release a feature release for each issue which has been completed(validated in DEVTEST -see Definition-of-Done). The developers may also release the codebase more frequently to enable more transparency, discussions and collaboration with product teams and other entities in the organization, typically as a patch-release.
126 |
127 |
128 | ===== Some words on Definition-of-Done
129 |
130 | In Xx, we will focus on defining our definition-of-done to mean verified in the DEVTEST environment, which will ensure that all developers access and validate the deployed service (after CI/CD) in a real "SNAPSHOT"-environment to ensure that we validate and find issues which can only be seen and tested in a real micro service environment which is available for anyone else to reproduce. This will ensure that all developers get as much learning as possible on real-world and production aspects of their and others code changes to they will produce better code moving forward. This also require a very automatic and efficient CI/CD and DEVTEST access flow so developers does not waste too much time validating and completing tasks/issues.
131 |
132 |
133 |
134 | ===== Some words on rythm
135 |
136 | ====== Monday commitments
137 |
138 | Kickstarts the week. Where are we in terms of our goals, and what do we need to focus on this week to reach the targets. Use 15 minutes to discuss
139 | and decide. The list is posted on slack and on the Xx channel on other channels for the rest of people which is interested in Xx activities and
140 | progress.
141 |
142 | ====== Fridays wins
143 |
144 | We share and celebrate this weeks achievements. The winners are shared/celebrated on both the team channel and shared to all on Slack.
145 |
146 |
147 |
148 | ===== Some references and similar articles
149 |
150 | ====== On trunk-based development
151 |
152 | * https://www.freecodecamp.org/news/what-is-trunk-based-development/
153 | * https://www.linkedin.com/feed/update/urn:li:activity:7244615791168352259/
154 |
--------------------------------------------------------------------------------
/sonarqube/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM cantara/alpine-zulu-jdk8
2 |
3 | MAINTAINER Oyvind Moldestad
4 |
5 | ENV SONAR_VERSION=6.0 \
6 | SONARQUBE_HOME=/opt/sonarqube \
7 | # Database configuration
8 | # Defaults to using H2
9 | SONARQUBE_JDBC_USERNAME=sonar \
10 | SONARQUBE_JDBC_PASSWORD=sonar \
11 | SONARQUBE_JDBC_URL=
12 |
13 | EXPOSE 9000
14 |
15 | RUN apk -Uu add gnupg curl \
16 | && rm -rf /var/cache/apk/*
17 |
18 | # pub 2048R/D26468DE 2015-05-25
19 | # Key fingerprint = F118 2E81 C792 9289 21DB CAB4 CFCA 4A29 D264 68DE
20 | # uid sonarsource_deployer (Sonarsource Deployer)
21 | # sub 2048R/06855C1D 2015-05-25
22 | RUN gpg --keyserver ha.pool.sks-keyservers.net --recv-keys F1182E81C792928921DBCAB4CFCA4A29D26468DE
23 |
24 | # Alpine Linux is missing the Name Service Switch file needed by Java for java.net.InetAddress.getLocalHost
25 | RUN echo 'hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4' > /etc/nsswitch.conf
26 |
27 | RUN set -x \
28 | && mkdir /opt \
29 | && cd /opt \
30 | && curl -o sonarqube.zip -fSL https://sonarsource.bintray.com/Distribution/sonarqube/sonarqube-$SONAR_VERSION.zip \
31 | && curl -o sonarqube.zip.asc -fSL https://sonarsource.bintray.com/Distribution/sonarqube/sonarqube-$SONAR_VERSION.zip.asc \
32 | && gpg --batch --verify sonarqube.zip.asc sonarqube.zip \
33 | && unzip sonarqube.zip \
34 | && mv sonarqube-$SONAR_VERSION sonarqube \
35 | && rm sonarqube.zip* \
36 | && rm -rf $SONARQUBE_HOME/bin/*
37 |
38 | RUN cd $SONARQUBE_HOME/extensions/plugins \
39 | && curl -o sonar-java-plugin-4.2.jar -fSL http://sonarsource.bintray.com/Distribution/sonar-java-plugin/sonar-java-plugin-4.2.jar \
40 | && curl -o sonar-javascript-plugin-2.15.jar -fSL http://sonarsource.bintray.com/Distribution/sonar-javascript-plugin/sonar-javascript-plugin-2.15.jar \
41 | && curl -o sonar-csharp-plugin-5.3.2.jar -fSL http://sonarsource.bintray.com/Distribution/sonar-csharp-plugin/sonar-csharp-plugin-5.3.2.jar \
42 | && curl -o sonar-scm-git-plugin-1.2.jar -fSL http://sonarsource.bintray.com/Distribution/sonar-scm-git-plugin/sonar-scm-git-plugin-1.2.jar \
43 | && curl -o sonar-scm-svn-plugin-1.3.jar -fSL http://sonarsource.bintray.com/Distribution/sonar-scm-svn-plugin/sonar-scm-svn-plugin-1.3.jar
44 |
45 |
46 | VOLUME ["$SONARQUBE_HOME/data", "$SONARQUBE_HOME/extensions"]
47 |
48 | WORKDIR $SONARQUBE_HOME
49 | COPY run.sh $SONARQUBE_HOME/bin/
50 | ENTRYPOINT ["./bin/run.sh"]
51 |
52 |
--------------------------------------------------------------------------------
/sonarqube/README.md:
--------------------------------------------------------------------------------
1 | # SonarQube using Docker
2 |
3 | Goal: Simplify installation of SonarQube
4 |
5 | - SonarQube version 6.0
6 | - Base image: https://github.com/Cantara/maven-infrastructure/tree/master/docker-baseimages/alpine-zulu-jdk8
7 |
8 | ## Install and use
9 |
10 | ### Install or upgrade Docker
11 |
12 | https://docs.docker.com/installation/ubuntulinux/
13 |
14 | $ wget -qO- https://get.docker.com/ | sh
15 |
16 | ### Install and run SonarQube
17 |
18 | $ sudo docker run \
19 | -d \
20 | -p 9000:9000 \
21 | -e SONARQUBE_JDBC_USERNAME= \
22 | -e SONARQUBE_JDBC_PASSWORD= \
23 | -e SONARQUBE_JDBC_URL= \
24 | --name sonarqube \
25 | cantara/sonarqube
26 |
27 | ### Initial SonarQube config
28 |
29 | 1. Point browser http://localhost:9000/
30 | 2. Login as admin
31 | * Default credentials are admin:admin
32 | 3. Change your password
33 | * http://localhost:9000/account/security
34 | 4. Force user authentication
35 | * http://localhost:9000/settings?category=security
36 | * Set *Force user authentication* to *true*
37 | 5. Generate security token for use with other services
38 | * http://localhost:9000/account/security
39 | 6. Update plugins
40 | * http://localhost:9000/updatecenter/installed
41 |
42 | ## Development
43 |
44 | ### Build and run with embedded database
45 |
46 | $ docker build -t cantara/sonarqube .
47 | $ docker run -d -p 9000:9000 --name sonarqube cantara/sonarqube
48 |
49 | ### Build and run with postgresql
50 |
51 | $ docker run -e POSTGRES_USER=sonar -e POSTGRES_PASSWORD=sonar -p 5432:5432 -d --name sonarqube-postgres postgres
52 | $ docker run -d --link sonarqube-postgres:pgsonar -e SONARQUBE_JDBC_USERNAME=sonar -e SONARQUBE_JDBC_PASSWORD=sonar -e SONARQUBE_JDBC_URL=jdbc:postgresql://pgsonar:5432/sonar --name sonarqube -p 9000:9000 cantara/sonarqube
53 |
54 | ### Plugins
55 |
56 | Maintain a list of plugins here to find plugin key, version and description of what it does.
57 |
58 | - http://sonarsource.bintray.com/Distribution/sonar-java-plugin/
59 | - http://sonarsource.bintray.com/Distribution/sonar-javascript-plugin/
60 | - http://sonarsource.bintray.com/Distribution/sonar-csharp-plugin/
61 | - http://sonarsource.bintray.com/Distribution/sonar-scm-git-plugin/
62 | - http://sonarsource.bintray.com/Distribution/sonar-scm-svn-plugin/
63 |
64 | ### Read more
65 |
66 | - http://docs.sonarqube.org/display/SONAR/Documentation
67 |
--------------------------------------------------------------------------------
/sonarqube/run.sh:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 |
3 | set -e
4 |
5 | if [ "${1:0:1}" != '-' ]; then
6 | exec "$@"
7 | fi
8 |
9 | exec "/usr/local/java/jre/bin/java" -jar lib/sonar-application-$SONAR_VERSION.jar \
10 | -Dsonar.log.console=true \
11 | -Dsonar.jdbc.username="$SONARQUBE_JDBC_USERNAME" \
12 | -Dsonar.jdbc.password="$SONARQUBE_JDBC_PASSWORD" \
13 | -Dsonar.jdbc.url="$SONARQUBE_JDBC_URL" \
14 | -Dsonar.web.javaAdditionalOpts="$SONARQUBE_WEB_JVM_OPTS -Djava.security.egd=file:/dev/./urandom" \
15 | "$@"
16 |
--------------------------------------------------------------------------------