ADD Docker build images, test, release (#25)

* ADD Docker build images, test, release

* snappy exclude linux/arm64/8

.github/workflows/build.yml

@@ -72,3 +72,98 @@ jobs:
           retention-days: 5
           path:  |
             openidm-zip/target/*.zip
+  build-docker:
+    runs-on: 'ubuntu-latest'
+    services:
+      registry:
+        image: registry:2
+        ports:
+          - 5000:5000
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: Get latest release version
+        shell: bash
+        run:   |
+          export git_version_last="$(curl -i -o - --silent https://api.github.com/repos/OpenIdentityPlatform/OpenIDM/releases/latest | grep -m1 "\"name\"" | cut -d\" -f4)" ; echo "last release: $git_version_last"
+          echo "release_version=$git_version_last" >> $GITHUB_ENV
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: |
+            localhost:5000/${{ github.repository }}
+          tags: |
+            type=raw,value=${{ env.release_version }}
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+        with:
+          driver-opts: network=host
+      - name: Build image (default)
+        uses: docker/build-push-action@v5
+        continue-on-error: true
+        with:
+          context: .
+          file: ./Dockerfile
+          build-args: |
+            VERSION=${{ env.release_version }}
+          platforms: linux/amd64, linux/arm64/8, linux/arm/v7, linux/ppc64le #, linux/s390x
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+      - name: Docker test
+        shell: bash
+        run: |
+          docker run --rm -it -d --memory="1g" --name=test localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}
+          timeout 3m bash -c 'until docker inspect --format="{{json .State.Health.Status}}" test | grep -q \"healthy\"; do sleep 10; done'
+  build-docker-alpine:
+    runs-on: 'ubuntu-latest'
+    services:
+      registry:
+        image: registry:2
+        ports:
+          - 5000:5000
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: Get latest release version
+        shell: bash
+        run:   |
+          export git_version_last="$(curl -i -o - --silent https://api.github.com/repos/OpenIdentityPlatform/OpenIDM/releases/latest | grep -m1 "\"name\"" | cut -d\" -f4)" ; echo "last release: $git_version_last"
+          echo "release_version=$git_version_last" >> $GITHUB_ENV
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: |
+            localhost:5000/${{ github.repository }}
+          tags: |
+            type=raw,value=alpine
+            type=raw,value=${{ env.release_version }}-alpine
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+        with:
+          driver-opts: network=host
+      - name: Build image
+        continue-on-error: true
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: ./Dockerfile-alpine
+          build-args: |
+            VERSION=${{ env.release_version }}
+          platforms: linux/amd64, linux/s390x, linux/386, linux/arm/v7, linux/arm/v6, linux/ppc64le #,linux/arm64/8
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+      - name: Docker test
+        shell: bash
+        run: |
+          docker run --rm -it -d --memory="1g" --name=test localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}-alpine
+          timeout 3m bash -c 'until docker inspect --format="{{json .State.Health.Status}}" test | grep -q \"healthy\"; do sleep 10; done'

.github/workflows/release.yml

@@ -69,3 +69,99 @@ jobs:
           generate_release_notes: true
           files: |
             openidm-zip/target/*.zip
+  release-docker:
+    name: Docker release
+    runs-on: 'ubuntu-latest'
+    needs:
+      - release-maven
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.inputs.releaseVersion }}
+          fetch-depth: 1
+          submodules: recursive
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: |
+            ${{ github.repository }}
+            ghcr.io/${{ github.repository }}/${{ github.event.repository.name }}
+          tags: |
+            type=raw,value=latest
+            type=raw,value=${{ github.event.inputs.releaseVersion }}
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Login to DockerHub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+      - name: Login to GHCR
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Build and push image
+        uses: docker/build-push-action@v5
+        continue-on-error: true
+        with:
+          context: .
+          file: ./Dockerfile
+          build-args: |
+            VERSION=${{ github.event.inputs.releaseVersion }}
+          platforms: linux/amd64, linux/arm64/8, linux/arm/v7, linux/ppc64le #, linux/s390x
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+  release-docker-alpine:
+    name: Docker release
+    runs-on: 'ubuntu-latest'
+    needs:
+      - release-maven
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.inputs.releaseVersion }}
+          fetch-depth: 1
+          submodules: recursive
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: |
+            ${{ github.repository }}
+            ghcr.io/${{ github.repository }}/${{ github.event.repository.name }}
+          tags: |
+            type=raw,value=alpine
+            type=raw,value=${{ github.event.inputs.releaseVersion }}-alpine
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Login to DockerHub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+      - name: Login to GHCR
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Build and push image
+        continue-on-error: true
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: ./Dockerfile-alpine
+          build-args: |
+            VERSION=${{ github.event.inputs.releaseVersion }}
+          platforms: linux/amd64, linux/s390x, linux/386, linux/arm/v7, linux/arm/v6, linux/ppc64le #,linux/arm64/8
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}

Dockerfile

@@ -0,0 +1,34 @@
+FROM eclipse-temurin:8-jre-jammy
+
+MAINTAINER Open Identity Platform Community <[email protected]>
+
+ENV USER="openidm"
+ENV OPENIDM_OPTS="-server -XX:+UseContainerSupport -Dlogback.configurationFile=conf/logging-config.groovy"
+ENV OPENIDM_PASSWORD="openidm-admin"
+
+ARG VERSION
+
+WORKDIR /opt
+
+#COPY openidm-zip/target/openidm-*.zip ./
+
+RUN apt-get update
+RUN apt-get install -y --no-install-recommends curl unzip
+RUN if [ ! -z "$VERSION" ] ; then rm -rf ./*.zip ; curl -L https://github.com/OpenIdentityPlatform/OpenIDM/releases/download/$VERSION/openidm-$VERSION.zip --output openidm-$VERSION.zip ; fi
+RUN unzip openidm-*.zip && rm -rf *.zip
+RUN apt-get remove -y --purge unzip
+RUN rm -rf /var/lib/apt/lists/*
+RUN groupadd $USER
+RUN useradd -m -r -u 1001 -g $USER $USER
+RUN install -d -o $USER /opt/openidm
+RUN chown -R $USER:$USER /opt/openidm
+RUN chmod -R g=u /opt/openidm
+RUN chmod +x /opt/openidm/*.sh
+
+EXPOSE 8080
+
+USER $USER
+
+HEALTHCHECK --interval=30s --timeout=30s --start-period=10s --retries=3 CMD curl -i -o - --silent --header "X-OpenIDM-Username: openidm-admin" --header "X-OpenIDM-Password: $OPENIDM_PASSWORD"  http://127.0.0.1:8080/openidm/info/ping | grep -q "\"ACTIVE_READY\""
+
+ENTRYPOINT ["/opt/openidm/startup.sh"]

Dockerfile-alpine

@@ -0,0 +1,35 @@
+FROM openjdk:8-jre-alpine
+
+MAINTAINER Open Identity Platform Community <[email protected]>
+
+ENV USER="openidm"
+ENV OPENIDM_OPTS="-server -XX:+UseContainerSupport -Dlogback.configurationFile=conf/logging-config.groovy"
+ENV OPENIDM_PASSWORD="openidm-admin"
+
+ARG VERSION
+
+WORKDIR /opt
+
+#COPY openidm-zip/target/openidm-*.zip ./
+
+RUN apk add --update --no-cache --virtual builddeps curl unzip
+RUN apk upgrade --update --no-cache
+RUN apk add bash
+RUN apk update && apk add java-snappy && apk add gcompat
+RUN if [ ! -z "$VERSION" ] ; then rm -rf ./*.zip ; curl -L https://github.com/OpenIdentityPlatform/OpenIDM/releases/download/$VERSION/openidm-$VERSION.zip --output openidm-$VERSION.zip ; fi
+RUN unzip openidm-*.zip && rm -rf *.zip
+RUN apk del unzip
+RUN addgroup -S $USER
+RUN adduser -S -u 1001 -G  $USER $USER
+RUN install -d -o $USER /opt/openidm
+RUN chown -R $USER:$USER /opt/openidm
+RUN chmod -R g=u /opt/openidm
+RUN chmod +x /opt/openidm/*.sh
+
+EXPOSE 8080
+
+USER $USER
+
+HEALTHCHECK --interval=30s --timeout=30s --start-period=10s --retries=3 CMD curl -i -o - --silent --header "X-OpenIDM-Username: openidm-admin" --header "X-OpenIDM-Password: $OPENIDM_PASSWORD"  http://127.0.0.1:8080/openidm/info/ping | grep -q "\"ACTIVE_READY\""
+
+ENTRYPOINT ["/opt/openidm/startup.sh"]

README.md

@@ -6,6 +6,7 @@
 [![Last commit](https://img.shields.io/github/last-commit/OpenIdentityPlatform/OpenIDM.svg)](https://github.com/OpenIdentityPlatform/OpenIDM/commits/master)
 [![License](https://img.shields.io/badge/license-CDDL-blue.svg)](https://github.com/OpenIdentityPlatform/OpenIDM/blob/master/LICENSE.md)
 [![Downloads](https://img.shields.io/github/downloads/OpenIdentityPlatform/OpenIDM/total.svg)](https://github.com/OpenIdentityPlatform/OpenIDM/releases)
+[![Docker](https://img.shields.io/docker/pulls/openidentityplatform/openidm.svg)](https://hub.docker.com/r/openidentityplatform/openidm)
 [![Gitter](https://img.shields.io/gitter/room/nwjs/nw.js.svg)](https://gitter.im/OpenIdentityPlatform/OpenIDM)
 [![Top language](https://img.shields.io/github/languages/top/OpenIdentityPlatform/OpenIDM.svg)](https://github.com/OpenIdentityPlatform/OpenIDM)
 [![Code size in bytes](https://img.shields.io/github/languages/code-size/OpenIdentityPlatform/OpenIDM.svg)](https://github.com/OpenIdentityPlatform/OpenIDM)