Update Repository Manager to 3.8.0-02 - INT-447 (#99)

* Update Repository Manager to 3.8.0-02

* Update Repository Manager Cookbook to release-0.5.20180205-125532.9212679

Dockerfile

@@ -20,27 +20,28 @@ LABEL vendor=Sonatype \
       com.sonatype.license="Apache License, Version 2.0" \
       com.sonatype.name="Nexus Repository Manager base image"
 
-ARG NEXUS_VERSION=3.7.1-02
+ARG NEXUS_VERSION=3.8.0-02
 ARG NEXUS_DOWNLOAD_URL=https://download.sonatype.com/nexus/3/nexus-${NEXUS_VERSION}-unix.tar.gz
-ARG NEXUS_DOWNLOAD_SHA256_HASH=d6605064eae2d6a0679054e3afb039c8b071862644632894e04558e1d067cbfb
+ARG NEXUS_DOWNLOAD_SHA256_HASH=949e2e5e99a685ebce6a63ba1ca0d56bc794068922a5279bca59d15bd3ae677c
 
 ENV JAVA_HOME=/opt/java \
     JAVA_VERSION_MAJOR=8 \
-    JAVA_VERSION_MINOR=152 \
-    JAVA_VERSION_BUILD=16 \
-    JAVA_DOWNLOAD_HASH=aa0333dd3019491ca4f6ddbe78cdb6d0
+    JAVA_VERSION_MINOR=162 \
+    JAVA_VERSION_BUILD=12 \
+    JAVA_DOWNLOAD_HASH=0da788060d494f5095bf8624735fa2f1
 
 ENV JAVA_URL=http://download.oracle.com/otn-pub/java/jdk/${JAVA_VERSION_MAJOR}u${JAVA_VERSION_MINOR}-b${JAVA_VERSION_BUILD}/${JAVA_DOWNLOAD_HASH}/server-jre-${JAVA_VERSION_MAJOR}u${JAVA_VERSION_MINOR}-linux-x64.tar.gz \
-    JAVA_DOWNLOAD_SHA256_HASH=e8a341ce566f32c3d06f6d0f0eeea9a0f434f538d22af949ae58bc86f2eeaae4
+    JAVA_DOWNLOAD_SHA256_HASH=6942684acb6001748a01fc090a18f52ebd8cbfcf7be27ec6131981906bfa8b53
 
 # configure nexus runtime
 ENV SONATYPE_DIR=/opt/sonatype
 ENV NEXUS_HOME=${SONATYPE_DIR}/nexus \
     NEXUS_DATA=/nexus-data \
     NEXUS_CONTEXT='' \
-    SONATYPE_WORK=${SONATYPE_DIR}/sonatype-work
+    SONATYPE_WORK=${SONATYPE_DIR}/sonatype-work \
+    DOCKER_TYPE='docker'
 
-ARG NEXUS_REPOSITORY_MANAGER_COOKBOOK_VERSION="release-0.5.20171219-161323.cc1040a"
+ARG NEXUS_REPOSITORY_MANAGER_COOKBOOK_VERSION="release-0.5.20180205-125532.9212679"
 ARG NEXUS_REPOSITORY_MANAGER_COOKBOOK_URL="https://github.com/sonatype/chef-nexus-repository-manager/releases/download/${NEXUS_REPOSITORY_MANAGER_COOKBOOK_VERSION}/chef-nexus-repository-manager.tar.gz"
 
 ADD solo.json.erb /var/chef/solo.json.erb

Dockerfile.rh.centos

@@ -0,0 +1,88 @@
+# Copyright (c) 2016-present Sonatype, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+FROM centos:centos7
+
+MAINTAINER Sonatype <cloud-ops@sonatype.com>
+
+LABEL name="Nexus Repository Manager" \
+      vendor=Sonatype \
+      version="3.8.0-02" \
+      release="3.8.0" \
+      url="https://sonatype.com" \
+      summary="The Nexus Repository Manager server \
+          with universal support for popular component formats." \
+      description="The Nexus Repository Manager server \
+          with universal support for popular component formats." \
+      run="docker run -d --name NAME \
+          -p 8081:8081 \
+          IMAGE" \
+      stop="docker stop NAME" \
+      com.sonatype.license="Apache License, Version 2.0" \
+      com.sonatype.name="Nexus Repository Manager base image" \
+      io.k8s.description="The Nexus Repository Manager server \
+          with universal support for popular component formats." \
+      io.k8s.display-name="Nexus Repository Manager" \
+      io.openshift.expose-services="8081:8081" \
+      io.openshift.tags="Sonatype,Nexus,Repository Manager"
+
+ARG NEXUS_VERSION=3.8.0-02
+ARG NEXUS_DOWNLOAD_URL=https://download.sonatype.com/nexus/3/nexus-${NEXUS_VERSION}-unix.tar.gz
+ARG NEXUS_DOWNLOAD_SHA256_HASH=949e2e5e99a685ebce6a63ba1ca0d56bc794068922a5279bca59d15bd3ae677c
+
+ENV JAVA_HOME=/opt/java \
+    JAVA_VERSION_MAJOR=8 \
+    JAVA_VERSION_MINOR=162 \
+    JAVA_VERSION_BUILD=12 \
+    JAVA_DOWNLOAD_HASH=0da788060d494f5095bf8624735fa2f1
+
+ENV JAVA_URL=http://download.oracle.com/otn-pub/java/jdk/${JAVA_VERSION_MAJOR}u${JAVA_VERSION_MINOR}-b${JAVA_VERSION_BUILD}/${JAVA_DOWNLOAD_HASH}/server-jre-${JAVA_VERSION_MAJOR}u${JAVA_VERSION_MINOR}-linux-x64.tar.gz \
+    JAVA_DOWNLOAD_SHA256_HASH=6942684acb6001748a01fc090a18f52ebd8cbfcf7be27ec6131981906bfa8b53
+
+# configure nexus runtime
+ENV SONATYPE_DIR=/opt/sonatype
+ENV NEXUS_HOME=${SONATYPE_DIR}/nexus \
+    NEXUS_DATA=/nexus-data \
+    NEXUS_CONTEXT='' \
+    SONATYPE_WORK=${SONATYPE_DIR}/sonatype-work \
+    DOCKER_TYPE='rh-docker'
+
+ARG NEXUS_REPOSITORY_MANAGER_COOKBOOK_VERSION="release-0.5.20180205-125532.9212679"
+ARG NEXUS_REPOSITORY_MANAGER_COOKBOOK_URL="https://github.com/sonatype/chef-nexus-repository-manager/releases/download/${NEXUS_REPOSITORY_MANAGER_COOKBOOK_VERSION}/chef-nexus-repository-manager.tar.gz"
+
+ADD solo.json.erb /var/chef/solo.json.erb
+
+# Install using chef-solo
+RUN curl -L https://www.getchef.com/chef/install.sh | bash \
+    && /opt/chef/embedded/bin/erb /var/chef/solo.json.erb > /var/chef/solo.json \
+    && chef-solo \
+       --node_name nexus_repository_red_hat_docker_build \
+       --recipe-url ${NEXUS_REPOSITORY_MANAGER_COOKBOOK_URL} \
+       --json-attributes /var/chef/solo.json \
+    && rpm -qa *chef* | xargs rpm -e \
+    && rpm --rebuilddb \
+    && rm -rf /etc/chef \
+    && rm -rf /opt/chefdk \
+    && rm -rf /var/cache/yum \
+    && rm -rf /var/chef
+
+VOLUME ${NEXUS_DATA}
+
+EXPOSE 8081
+USER nexus
+
+ENV INSTALL4J_ADD_VM_PARAMS="-Xms1200m -Xmx1200m -XX:MaxDirectMemorySize=2g -Djava.util.prefs.userRoot=${NEXUS_DATA}/javaprefs"
+
+ENTRYPOINT ["/uid_entrypoint.sh"]
+CMD ["sh", "-c", "${SONATYPE_DIR}/start-nexus-repository-manager.sh"]

Dockerfile.rh.el

@@ -0,0 +1,88 @@
+# Copyright (c) 2016-present Sonatype, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+FROM registry.access.redhat.com/rhel7/rhel
+
+MAINTAINER Sonatype <cloud-ops@sonatype.com>
+
+LABEL name="Nexus Repository Manager" \
+      vendor=Sonatype \
+      version="3.8.0-02" \
+      release="3.8.0" \
+      url="https://sonatype.com" \
+      summary="The Nexus Repository Manager server \
+          with universal support for popular component formats." \
+      description="The Nexus Repository Manager server \
+          with universal support for popular component formats." \
+      run="docker run -d --name NAME \
+          -p 8081:8081 \
+          IMAGE" \
+      stop="docker stop NAME" \
+      com.sonatype.license="Apache License, Version 2.0" \
+      com.sonatype.name="Nexus Repository Manager base image" \
+      io.k8s.description="The Nexus Repository Manager server \
+          with universal support for popular component formats." \
+      io.k8s.display-name="Nexus Repository Manager" \
+      io.openshift.expose-services="8081:8081" \
+      io.openshift.tags="Sonatype,Nexus,Repository Manager"
+
+ARG NEXUS_VERSION=3.8.0-02
+ARG NEXUS_DOWNLOAD_URL=https://download.sonatype.com/nexus/3/nexus-${NEXUS_VERSION}-unix.tar.gz
+ARG NEXUS_DOWNLOAD_SHA256_HASH=949e2e5e99a685ebce6a63ba1ca0d56bc794068922a5279bca59d15bd3ae677c
+
+ENV JAVA_HOME=/opt/java \
+    JAVA_VERSION_MAJOR=8 \
+    JAVA_VERSION_MINOR=162 \
+    JAVA_VERSION_BUILD=12 \
+    JAVA_DOWNLOAD_HASH=0da788060d494f5095bf8624735fa2f1
+
+ENV JAVA_URL=http://download.oracle.com/otn-pub/java/jdk/${JAVA_VERSION_MAJOR}u${JAVA_VERSION_MINOR}-b${JAVA_VERSION_BUILD}/${JAVA_DOWNLOAD_HASH}/server-jre-${JAVA_VERSION_MAJOR}u${JAVA_VERSION_MINOR}-linux-x64.tar.gz \
+    JAVA_DOWNLOAD_SHA256_HASH=6942684acb6001748a01fc090a18f52ebd8cbfcf7be27ec6131981906bfa8b53
+
+# configure nexus runtime
+ENV SONATYPE_DIR=/opt/sonatype
+ENV NEXUS_HOME=${SONATYPE_DIR}/nexus \
+    NEXUS_DATA=/nexus-data \
+    NEXUS_CONTEXT='' \
+    SONATYPE_WORK=${SONATYPE_DIR}/sonatype-work \
+    DOCKER_TYPE='rh-docker'
+
+ARG NEXUS_REPOSITORY_MANAGER_COOKBOOK_VERSION="release-0.5.20180205-125532.9212679"
+ARG NEXUS_REPOSITORY_MANAGER_COOKBOOK_URL="https://github.com/sonatype/chef-nexus-repository-manager/releases/download/${NEXUS_REPOSITORY_MANAGER_COOKBOOK_VERSION}/chef-nexus-repository-manager.tar.gz"
+
+ADD solo.json.erb /var/chef/solo.json.erb
+
+# Install using chef-solo
+RUN curl -L https://www.getchef.com/chef/install.sh | bash \
+    && /opt/chef/embedded/bin/erb /var/chef/solo.json.erb > /var/chef/solo.json \
+    && chef-solo \
+       --node_name nexus_repository_red_hat_docker_build \
+       --recipe-url ${NEXUS_REPOSITORY_MANAGER_COOKBOOK_URL} \
+       --json-attributes /var/chef/solo.json \
+    && rpm -qa *chef* | xargs rpm -e \
+    && rpm --rebuilddb \
+    && rm -rf /etc/chef \
+    && rm -rf /opt/chefdk \
+    && rm -rf /var/cache/yum \
+    && rm -rf /var/chef
+
+VOLUME ${NEXUS_DATA}
+
+EXPOSE 8081
+USER nexus
+
+ENV INSTALL4J_ADD_VM_PARAMS="-Xms1200m -Xmx1200m -XX:MaxDirectMemorySize=2g -Djava.util.prefs.userRoot=${NEXUS_DATA}/javaprefs"
+
+ENTRYPOINT ["/uid_entrypoint.sh"]
+CMD ["sh", "-c", "${SONATYPE_DIR}/start-nexus-repository-manager.sh"]

Jenkinsfile

@@ -17,7 +17,7 @@ properties([
 ])
 
 node('ubuntu-zion') {
-  def commitId, commitDate, version, imageId, branch, dockerFileLocation
+  def commitId, commitDate, version, imageId, branch, dockerFileLocations
   def organization = 'sonatype',
       gitHubRepository = 'docker-nexus3',
       credentialsId = 'integrations-github-api',
@@ -33,7 +33,11 @@ node('ubuntu-zion') {
 
       def checkoutDetails = checkout scm
 
-      dockerFileLocation = "${pwd()}/Dockerfile"
+      dockerFileLocations = [
+        "${pwd()}/Dockerfile",
+        "${pwd()}/Dockerfile.rh.centos",
+        "${pwd()}/Dockerfile.rh.el"
+      ]
 
       branch = checkoutDetails.GIT_BRANCH == 'origin/master' ? 'master' : checkoutDetails.GIT_BRANCH
       commitId = checkoutDetails.GIT_COMMIT
@@ -54,27 +58,13 @@ node('ubuntu-zion') {
       if (params.nexus_repository_manager_version && params.nexus_repository_manager_version_sha) {
         stage('Update Repository Manager Version') {
           OsTools.runSafe(this, "git checkout ${branch}")
-          def dockerFile = readFile(file: dockerFileLocation)
-
-          def versionRegex = /(ARG NEXUS_VERSION=)(\d\.\d{1,3}\.\d\-\d{2})/
-          def shaRegex = /(ARG NEXUS_DOWNLOAD_SHA256_HASH=)([A-Fa-f0-9]{64})/
-
-          dockerFile = dockerFile.replaceAll(versionRegex, "\$1${params.nexus_repository_manager_version}")
-          dockerFile = dockerFile.replaceAll(shaRegex, "\$1${params.nexus_repository_manager_version_sha}")
-
-          writeFile(file: dockerFileLocation, text: dockerFile)
+          dockerFileLocations.each { updateRepositoryManagerVersion(it) }
         }
       }
       if (params.nexus_repository_manager_cookbook_version) {
         stage('Update Repository Manager Cookbook Version') {
           OsTools.runSafe(this, "git checkout ${branch}")
-          def dockerFile = readFile(file: dockerFileLocation)
-
-          def cookbookVersionRegex = /(ARG NEXUS_REPOSITORY_MANAGER_COOKBOOK_VERSION=")(release-\d\.\d\.\d{8}\-\d{6}\.[a-z0-9]{7})(")/
-
-          dockerFile = dockerFile.replaceAll(cookbookVersionRegex, "\$1${params.nexus_repository_manager_cookbook_version}\$3")
-
-          writeFile(file: dockerFileLocation, text: dockerFile)
+          dockerFileLocations.each { updateRepositoryCookbookVersion(it) }
         }
       }
     }
@@ -188,6 +178,7 @@ node('ubuntu-zion') {
     OsTools.runSafe(this, 'git clean -f && git reset --hard origin/master')
   }
 }
+
 def readVersion() {
   def content = readFile 'Dockerfile'
   for (line in content.split('\n')) {
@@ -206,3 +197,31 @@ def getGemInstallDirectory() {
   }
   error 'Could not determine user gem install directory.'
 }
+
+def updateRepositoryManagerVersion(dockerFileLocation) {
+  def dockerFile = readFile(file: dockerFileLocation)
+
+  def metaVersionRegex = /(version=")(\d\.\d{1,3}\.\d\-\d{2})(" \\)/
+  def metaShortVersionRegex = /(release=")(\d\.\d{1,3}\.\d)(" \\)/
+
+  def versionRegex = /(ARG NEXUS_VERSION=)(\d\.\d{1,3}\.\d\-\d{2})/
+  def shaRegex = /(ARG NEXUS_DOWNLOAD_SHA256_HASH=)([A-Fa-f0-9]{64})/
+
+  dockerFile = dockerFile.replaceAll(metaVersionRegex, "\$1${params.nexus_repository_manager_version}\$3")
+  dockerFile = dockerFile.replaceAll(metaShortVersionRegex,
+    "\$1${params.nexus_repository_manager_version.substring(0, params.nexus_repository_manager_version.indexOf('-'))}\$3")
+  dockerFile = dockerFile.replaceAll(versionRegex, "\$1${params.nexus_repository_manager_version}")
+  dockerFile = dockerFile.replaceAll(shaRegex, "\$1${params.nexus_repository_manager_version_sha}")
+
+  writeFile(file: dockerFileLocation, text: dockerFile)
+}
+
+def updateRepositoryCookbookVersion(dockerFileLocation) {
+  def dockerFile = readFile(file: dockerFileLocation)
+
+  def cookbookVersionRegex = /(ARG NEXUS_REPOSITORY_MANAGER_COOKBOOK_VERSION=")(release-\d\.\d\.\d{8}\-\d{6}\.[a-z0-9]{7})(")/
+
+  dockerFile = dockerFile.replaceAll(cookbookVersionRegex, "\$1${params.nexus_repository_manager_cookbook_version}\$3")
+
+  writeFile(file: dockerFileLocation, text: dockerFile)
+}

README.md

@@ -27,6 +27,7 @@ A Dockerfile for Sonatype Nexus Repository Manager 3, based on CentOS.
 * [Building the Nexus Repository Manager image](#building-the-nexus-repository-manager-image)
 * [Chef Solo for Runtime and Application](#chef-solo-for-runtime-and-application)
 * [Testing the Dockerfile](#testing-the-dockerfile)
+* [Red Hat Certified Image](#red-hat-certified-image)
 * [Notes](#notes)
   * [Persistent Data](#persistent-data)
 * [Getting Help](#getting-help)
@@ -78,6 +79,14 @@ We are using `rspec` as the test framework. `serverspec` provides a docker backe
 
     rspec [--backtrace] spec/Dockerfile_spec.rb
 
+## Red Hat Certified Image
+
+A Red Hat certified container image can be created using `Dockerfile.rh.el` which is built to be compliant with Red Had certification.
+The image includes additional meta data to comform with Kubernetes and OpenShift standards, a directory with the
+licenses applicable to the software and a man file for help on how to use the software. It also uses an ENTRYPOINT
+script the ensure the running user has access to the appropriate permissions for OpenShift 'restricted' SCC. In addition to the
+Red Hat Enterprise Linux image, `Dockerfile.rh.centos` provides the same additions but with a CentOS base.
+
 ## Notes
 
 * Default credentials are: `admin` / `admin123`

solo.json.erb

@@ -15,12 +15,13 @@
 <%=
 require 'json'
 
+raise RuntimeError, 'environment variable DOCKER_TYPE is required' if ENV['DOCKER_TYPE'].nil? || ENV['DOCKER_TYPE'].empty?
 raise RuntimeError, 'environment variable SONATYPE_DIR is required' if ENV['SONATYPE_DIR'].nil? || ENV['SONATYPE_DIR'].empty?
 raise RuntimeError, 'environment variable NEXUS_HOME is required' if ENV['NEXUS_HOME'].nil? || ENV['NEXUS_HOME'].empty?
 raise RuntimeError, 'environment variable NEXUS_DATA is required' if ENV['NEXUS_DATA'].nil? || ENV['NEXUS_DATA'].empty?
 
 {
-  :run_list => [ 'recipe[nexus_repository_manager::docker]' ],
+  :run_list => [ "recipe[nexus_repository_manager::#{ENV['DOCKER_TYPE']}]" ],
   :java => {
     :jdk_version => ENV['JAVA_VERSION_MAJOR'],
     :java_home => ENV['JAVA_HOME'],