feat: build alpine container from release tar.gz

build/.gitignore

@@ -0,0 +1 @@
+puppetdb-*

puppetdb/Dockerfile.alpine

@@ -0,0 +1,176 @@
+FROM alpine:3.20 AS base
+
+# Install JDK
+RUN apk update && apk upgrade \
+    && apk add openjdk17-jre-headless bash \
+    && rm -rf /var/cache/apk/*
+
+################################################################################
+
+FROM base AS build
+
+ARG DB_VERSION=8.8.1
+ADD https://downloads.puppet.com/puppetdb/puppetdb-${DB_VERSION}.tar.gz /
+
+ARG prefix=${prefix:=/usr}
+ARG initdir=${initdir:=/etc/init.d}
+ARG unitdir_redhat=${unitdir:-/usr/lib/systemd/system}
+ARG unitdir_debian=${unitdir:-/lib/systemd/system}
+ARG defaultsdir_redhat=${defaultsdir:-/etc/sysconfig}
+ARG defaultsdir_debian=${defaultsdir:-/etc/default}
+ARG tmpfilesdir=${tmpfilesdir:=/usr/lib/tmpfiles.d}
+ARG datadir=${datadir:=${prefix}/share}
+ARG real_name=${real_name:=puppetdb}
+ARG projdatadir=${projdatadir:=${datadir}/${real_name}}
+ARG confdir=${confdir:=/etc}
+ARG projconfdir=${projconfdir:=${confdir}/puppetlabs/${real_name}}
+ARG rundir=${rundir:=/var/run/puppetlabs/${real_name}}
+# Application specific bin directory
+ARG bindir=${bindir:=/opt/puppetlabs/server/apps/${r`eal_name}/bin}
+# User facing bin directory, expected to be added to interactive shell PATH
+ARG uxbindir=${uxbindir:=/opt/puppetlabs/bin}
+# symlinks of server binaries
+ARG symbindir=${symbindir:=/opt/puppetlabs/server/bin}
+ARG app_prefix=${app_prefix:=/opt/puppetlabs/server/apps/${real_name}}
+ARG dest_apps_dir="${DESTDIR}${app_prefix}"
+ARG app_data=${app_data:=/opt/puppetlabs/server/data/${real_name}}
+ARG app_logdir=${app_logdir:=/var/log/puppetlabs/${real_name}}
+ARG system_config_dir=${system_config_dir:=${app_prefix}/config}
+ARG needrestart_confdir=${needrestart_dir:=/etc/needrestart/conf.d}
+
+RUN tar -xzf /puppetdb-${DB_VERSION}.tar.gz \
+&& cd /puppetdb-${SERVER_VERSION} \
+&& install -d -m 0755 "${dest_apps_dir}" \
+&& install -d -m 0770 "${app_data}" \
+&& install -m 0644 puppetdb.jar "${dest_apps_dir}" \
+&& install -m 0755 ext/ezbake-functions.sh "${dest_apps_dir}" \
+&& install -m 0644 ext/ezbake.manifest "${dest_apps_dir}" \
+&& install -d -m 0755 "${projconfdir}/conf.d" \
+&& install -m 0644 ext/config/bootstrap.cfg "${projconfdir}/bootstrap.cfg" \
+&& install -m 0644 ext/config/request-logging.xml "${projconfdir}/request-logging.xml" \
+&& install -m 0644 ext/config/logback.xml "${projconfdir}/logback.xml" \
+&& install -m 0644 ext/config/conf.d/config.ini "${projconfdir}/conf.d/config.ini" \
+&& install -m 0644 ext/config/conf.d/jetty.ini "${projconfdir}/conf.d/jetty.ini" \
+&& install -m 0644 ext/config/conf.d/repl.ini "${projconfdir}/conf.d/repl.ini" \
+&& install -m 0644 ext/config/conf.d/database.ini "${projconfdir}/conf.d/database.ini" \
+&& install -m 0644 ext/config/conf.d/auth.conf "${projconfdir}/conf.d/auth.conf" \
+&& install -d -m 0755 "${dest_apps_dir}/scripts" \
+&& install -m 0755 install.sh "${dest_apps_dir}/scripts" \
+&& install -d -m 0755 "${dest_apps_dir}/cli" \
+&& install -d -m 0755 "${dest_apps_dir}/cli/apps" \
+&& install -d -m 0755 "${bindir}" \
+&& install -m 0755 "ext/bin/${real_name}" "${bindir}/${real_name}" \
+&& install -d -m 0755 "${symbindir}" \
+&& ln -s "../apps/${real_name}/bin/${real_name}" "${symbindir}/${real_name}" \
+&& install -d -m 0755 "${uxbindir}" \
+&& ln -s "../server/apps/${real_name}/bin/${real_name}" "${uxbindir}/${real_name}" \
+&& install -m 0755 ext/cli/stop "${dest_apps_dir}/cli/apps/stop" \
+&& install -m 0755 ext/cli/config-migration "${dest_apps_dir}/cli/apps/config-migration" \
+&& install -m 0755 ext/cli/start "${dest_apps_dir}/cli/apps/start" \
+&& install -m 0755 ext/cli/foreground "${dest_apps_dir}/cli/apps/foreground" \
+&& install -m 0755 ext/cli/ssl-setup "${dest_apps_dir}/cli/apps/ssl-setup" \
+&& install -m 0755 ext/cli/anonymize "${dest_apps_dir}/cli/apps/anonymize" \
+&& install -m 0755 ext/cli/reload "${dest_apps_dir}/cli/apps/reload" \
+&& install -m 0755 ext/cli/delete-reports "${dest_apps_dir}/cli/apps/delete-reports" \
+&& install -m 0755 ext/cli/upgrade "${dest_apps_dir}/cli/apps/upgrade" \
+&& install -m 0755 ext/cli_defaults/cli-defaults.sh "${dest_apps_dir}/cli/" \
+&& install -d -m 0755 "${rundir}" \
+&& install -d -m 700 "${app_logdir}"
+
+################################################################################
+
+FROM base AS final
+
+ARG vcs_ref
+ARG build_date
+
+LABEL org.label-schema.maintainer="Voxpupuli Release Team <[email protected]>" \
+      org.label-schema.vendor="Vox Pupuli" \
+      org.label-schema.url="https://github.com/voxpupuli/container-puppetdb" \
+      org.label-schema.license="Apache-2.0" \
+      org.label-schema.vcs-url="https://github.com/voxpupuli/container-puppetdb" \
+      org.label-schema.schema-version="1.0" \
+      org.label-schema.dockerfile="/Dockerfile" \
+      org.label-schema.name="PuppetDB ($build_type)" \
+      org.label-schema.vcs-ref="$vcs_ref" \
+      org.label-schema.build-date="$build_date"
+
+ARG LOGDIR
+ENV LOGDIR=${LOGDIR:-/opt/puppetlabs/server/data/puppetdb/logs}
+
+ARG SSLDIR
+ENV SSLDIR=${SSLDIR:-/opt/puppetlabs/server/data/puppetdb/certs}
+
+ENV PUPPETDB_POSTGRES_HOSTNAME="postgres" \
+    PUPPETDB_POSTGRES_PORT="5432" \
+    PUPPETDB_POSTGRES_DATABASE="puppetdb" \
+    CERTNAME=puppetdb \
+    DNS_ALT_NAMES="" \
+    WAITFORCERT="" \
+    PUPPETDB_USER=puppetdb \
+    PUPPETDB_PASSWORD=puppetdb \
+    PUPPETDB_NODE_TTL=7d \
+    PUPPETDB_NODE_PURGE_TTL=14d \
+    PUPPETDB_REPORT_TTL=14d \
+    # used by entrypoint to determine if puppetserver should be contacted for config
+    # set to false when container tests are run
+    USE_PUPPETSERVER=true \
+    # this value may be set by users, keeping in mind that some of these values are mandatory
+    # -Djavax.net.debug=ssl may be particularly useful to set for debugging SSL
+    PUPPETDB_JAVA_ARGS="-Djava.net.preferIPv4Stack=true -Xms256m -Xmx256m -XX:+UseParallelGC -Xlog:gc*:file=$LOGDIR/puppetdb_gc.log -Djdk.tls.ephemeralDHKeySize=2048" \
+    PUPPET_DEB=puppet${PUPPET_RELEASE}-release-${UBUNTU_CODENAME}.deb \
+    DEBIAN_FRONTEND=noninteractive
+
+COPY --from=build /opt/puppetlabs /opt/puppetlabs
+COPY --from=build /etc/puppetlabs /etc/puppetlabs
+COPY --from=build /var/log/puppetlabs /var/log/puppetlabs
+COPY --from=build /var/run/puppetlabs /var/run/puppetlabs
+
+# puppetdb data and generated certs
+VOLUME /opt/puppetlabs/server/data/puppetdb
+
+ADD https://apt.puppet.com/${PUPPET_DEB} /${PUPPET_DEB}
+
+ADD ssl.sh \
+    wtfc.sh \
+    docker-entrypoint.sh \
+    healthcheck.sh \
+    /
+
+COPY docker-entrypoint.d /docker-entrypoint.d
+
+RUN dpkg -i /${PUPPET_DEB} && \
+    rm /${PUPPET_DEB} && \
+    apt update && \
+    apt install --no-install-recommends -y ca-certificates curl dnsutils netcat-traditional dumb-init && \
+    chmod +x /ssl.sh /wtfc.sh /docker-entrypoint.sh /healthcheck.sh /docker-entrypoint.d/*.sh && \
+    apt install --no-install-recommends -y puppetdb=${PUPPETDB_VERSION}-1${UBUNTU_CODENAME} && \
+    apt install --no-install-recommends -y openjdk-17-jre-headless && \
+    apt autoremove && \
+    rm -rf /var/lib/apt/lists/* && \
+    mkdir -p "$LOGDIR" && \
+    chown puppetdb:puppetdb "$LOGDIR" && \
+    # We want to use the HOCON database.conf and config.conf files, so get rid
+    # of the packaged files
+    rm -f /etc/puppetlabs/puppetdb/conf.d/database.ini && \
+    rm -f /etc/puppetlabs/puppetdb/conf.d/config.ini
+
+COPY logback.xml \
+      request-logging.xml \
+      /etc/puppetlabs/puppetdb/
+COPY conf.d /etc/puppetlabs/puppetdb/conf.d/
+COPY puppetdb /etc/default/puppetdb
+COPY Dockerfile /
+
+# The start-period is just a wild guess how long it takes PuppetDB to come
+# up in the worst case. The other timing parameters are set so that it
+# takes at most a minute to realize that PuppetDB has failed.
+# Probe failure during --start-period will not be counted towards the maximum number of retries
+# NOTE: k8s uses livenessProbe, startupProbe, readinessProbe and ignores HEALTHCHECK
+HEALTHCHECK --start-period=5m --interval=10s --timeout=10s --retries=6 CMD ["/healthcheck.sh"]
+
+# NOTE: this is just documentation on defaults
+EXPOSE 8080 8081
+
+ENTRYPOINT ["dumb-init", "/docker-entrypoint.sh"]
+CMD ["foreground"]