Updated to accomodate sonaqube 9.9.1
This commit is contained in:
@@ -1,4 +1,6 @@
|
||||
FROM alpine:3.15
|
||||
FROM eclipse-temurin:17-jre
|
||||
|
||||
LABEL org.opencontainers.image.url=https://github.com/SonarSource/docker-sonarqube
|
||||
|
||||
ENV LANG='en_US.UTF-8' \
|
||||
LANGUAGE='en_US:en' \
|
||||
@@ -7,11 +9,9 @@ ENV LANG='en_US.UTF-8' \
|
||||
#
|
||||
# SonarQube setup
|
||||
#
|
||||
ARG JAVA_VERSION=17
|
||||
ARG SONARQUBE_VERSION=9.8.0.63668
|
||||
ARG SONARQUBE_VERSION=9.9.1.69595
|
||||
ARG SONARQUBE_ZIP_URL=https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-${SONARQUBE_VERSION}.zip
|
||||
ENV JAVA_HOME="/usr/lib/jvm/java-${JAVA_VERSION}-openjdk" \
|
||||
PATH="/opt/java/openjdk/bin:$PATH" \
|
||||
ENV JAVA_HOME='/opt/java/openjdk' \
|
||||
SONARQUBE_HOME=/opt/sonarqube \
|
||||
SONAR_VERSION="${SONARQUBE_VERSION}" \
|
||||
SQ_DATA_DIR="/opt/sonarqube/data" \
|
||||
@@ -20,16 +20,16 @@ ENV JAVA_HOME="/usr/lib/jvm/java-${JAVA_VERSION}-openjdk" \
|
||||
SQ_TEMP_DIR="/opt/sonarqube/temp"
|
||||
|
||||
RUN set -eux; \
|
||||
addgroup -S -g 1000 sonarqube; \
|
||||
adduser -S -D -u 1000 -G sonarqube sonarqube; \
|
||||
apk add --no-cache --virtual build-dependencies gnupg unzip curl; \
|
||||
apk add --no-cache bash su-exec ttf-dejavu "openjdk${JAVA_VERSION}-jre"; \
|
||||
groupadd --system --gid 1000 sonarqube; \
|
||||
useradd --system --uid 1000 --gid sonarqube sonarqube; \
|
||||
apt-get update; \
|
||||
apt-get install -y gnupg unzip curl bash fonts-dejavu; \
|
||||
echo "networkaddress.cache.ttl=5" >> "${JAVA_HOME}/conf/security/java.security"; \
|
||||
sed --in-place --expression="s?securerandom.source=file:/dev/random?securerandom.source=file:/dev/urandom?g" "${JAVA_HOME}/conf/security/java.security"; \
|
||||
# pub 2048R/D26468DE 2015-05-25
|
||||
# Key fingerprint = F118 2E81 C792 9289 21DB CAB4 CFCA 4A29 D264 68DE
|
||||
# uid sonarsource_deployer (Sonarsource Deployer) <infra@sonarsource.com>
|
||||
# sub 2048R/06855C1D 2015-05-25
|
||||
echo "networkaddress.cache.ttl=5" >> "${JAVA_HOME}/conf/security/java.security"; \
|
||||
sed --in-place --expression="s?securerandom.source=file:/dev/random?securerandom.source=file:/dev/urandom?g" "${JAVA_HOME}/conf/security/java.security"; \
|
||||
for server in $(shuf -e hkps://keys.openpgp.org \
|
||||
hkps://keyserver.ubuntu.com) ; do \
|
||||
gpg --batch --keyserver "${server}" --recv-keys 679F1EE92B19609DE816FDE81DB198F93525EC1A && break || : ; \
|
||||
@@ -43,17 +43,18 @@ RUN set -eux; \
|
||||
mv "sonarqube-${SONARQUBE_VERSION}" sonarqube; \
|
||||
rm sonarqube.zip*; \
|
||||
rm -rf ${SONARQUBE_HOME}/bin/*; \
|
||||
chown -R sonarqube:sonarqube ${SONARQUBE_HOME}; \
|
||||
# this 777 will be replaced by 700 at runtime (allows semi-arbitrary "--user" values)
|
||||
chmod -R 777 "${SQ_DATA_DIR}" "${SQ_EXTENSIONS_DIR}" "${SQ_LOGS_DIR}" "${SQ_TEMP_DIR}"; \
|
||||
apk del --purge build-dependencies;
|
||||
ln -s "${SONARQUBE_HOME}/lib/sonar-application-${SONARQUBE_VERSION}.jar" "${SONARQUBE_HOME}/lib/sonarqube.jar"; \
|
||||
chmod -R 555 ${SONARQUBE_HOME}; \
|
||||
chmod -R ugo+wrX "${SQ_DATA_DIR}" "${SQ_EXTENSIONS_DIR}" "${SQ_LOGS_DIR}" "${SQ_TEMP_DIR}"; \
|
||||
apt-get remove -y gnupg unzip curl; \
|
||||
rm -rf /var/lib/apt/lists/*;
|
||||
|
||||
COPY --chown=sonarqube:sonarqube run.sh sonar.sh ${SONARQUBE_HOME}/bin/
|
||||
COPY entrypoint.sh ${SONARQUBE_HOME}/docker/
|
||||
|
||||
WORKDIR ${SONARQUBE_HOME}
|
||||
EXPOSE 9000
|
||||
|
||||
USER sonarqube
|
||||
STOPSIGNAL SIGINT
|
||||
|
||||
ENTRYPOINT ["/opt/sonarqube/bin/run.sh"]
|
||||
CMD ["/opt/sonarqube/bin/sonar.sh"]
|
||||
ENTRYPOINT ["/opt/sonarqube/docker/entrypoint.sh"]
|
||||
|
||||
13
9-comm/entrypoint.sh
Executable file
13
9-comm/entrypoint.sh
Executable file
@@ -0,0 +1,13 @@
|
||||
#!/bin/bash
|
||||
set -e
|
||||
|
||||
DEFAULT_CMD=('/opt/java/openjdk/bin/java' '-jar' 'lib/sonarqube.jar' '-Dsonar.log.console=true')
|
||||
|
||||
# this if will check if the first argument is a flag
|
||||
# but only works if all arguments require a hyphenated flag
|
||||
# -v; -SL; -f arg; etc will work, but not arg1 arg2
|
||||
if [ "$#" -eq 0 ] || [ "${1#-}" != "$1" ]; then
|
||||
set -- "${DEFAULT_CMD[@]}" "$@"
|
||||
fi
|
||||
|
||||
exec "$@"
|
||||
@@ -1,59 +0,0 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
declare -a sq_opts=()
|
||||
set_prop_from_deprecated_env_var() {
|
||||
if [ "$2" ]; then
|
||||
sq_opts+=("-D$1=$2")
|
||||
fi
|
||||
}
|
||||
|
||||
# if nothing is passed, assume we want to run sonarqube server
|
||||
if [ "$#" == 0 ]; then
|
||||
set -- /opt/sonarqube/bin/sonar.sh
|
||||
fi
|
||||
|
||||
# if first arg looks like a flag, assume we want to run sonarqube server with flags
|
||||
if [ "${1:0:1}" = '-' ]; then
|
||||
set -- /opt/sonarqube/bin/sonar.sh "$@"
|
||||
fi
|
||||
|
||||
if [[ "$1" = '/opt/sonarqube/bin/sonar.sh' ]]; then
|
||||
chown -R "$(id -u):$(id -g)" "${SQ_DATA_DIR}" "${SQ_EXTENSIONS_DIR}" "${SQ_LOGS_DIR}" "${SQ_TEMP_DIR}" 2>/dev/null || :
|
||||
chmod -R 700 "${SQ_DATA_DIR}" "${SQ_EXTENSIONS_DIR}" "${SQ_LOGS_DIR}" "${SQ_TEMP_DIR}" 2>/dev/null || :
|
||||
|
||||
# Allow the container to be started with `--user`
|
||||
if [[ "$(id -u)" = '0' ]]; then
|
||||
chown -R sonarqube:sonarqube "${SQ_DATA_DIR}" "${SQ_EXTENSIONS_DIR}" "${SQ_LOGS_DIR}" "${SQ_TEMP_DIR}"
|
||||
echo "Dropping Privileges"
|
||||
exec su-exec sonarqube "$0" "$@"
|
||||
fi
|
||||
|
||||
#
|
||||
# Deprecated way to pass settings to SonarQube that will be removed in future versions.
|
||||
# Please use environment variables (https://docs.sonarqube.org/latest/setup/environment-variables/)
|
||||
# instead to customize SonarQube.
|
||||
#
|
||||
while IFS='=' read -r envvar_key envvar_value
|
||||
do
|
||||
if [[ "$envvar_key" =~ sonar.* ]] || [[ "$envvar_key" =~ ldap.* ]]; then
|
||||
sq_opts+=("-D${envvar_key}=${envvar_value}")
|
||||
fi
|
||||
done < <(env)
|
||||
|
||||
#
|
||||
# Deprecated environment variable mapping that will be removed in future versions.
|
||||
# Please use environment variables from https://docs.sonarqube.org/latest/setup/environment-variables/
|
||||
# instead of using these 4 environment variables below.
|
||||
#
|
||||
set_prop_from_deprecated_env_var "sonar.jdbc.username" "${SONARQUBE_JDBC_USERNAME:-}"
|
||||
set_prop_from_deprecated_env_var "sonar.jdbc.password" "${SONARQUBE_JDBC_PASSWORD:-}"
|
||||
set_prop_from_deprecated_env_var "sonar.jdbc.url" "${SONARQUBE_JDBC_URL:-}"
|
||||
set_prop_from_deprecated_env_var "sonar.web.javaAdditionalOpts" "${SONARQUBE_WEB_JVM_OPTS:-}"
|
||||
if [ ${#sq_opts[@]} -ne 0 ]; then
|
||||
set -- "$@" "${sq_opts[@]}"
|
||||
fi
|
||||
fi
|
||||
|
||||
exec "$@"
|
||||
@@ -1,2 +0,0 @@
|
||||
#!/usr/bin/env bash
|
||||
exec java -jar lib/sonar-application-"${SONAR_VERSION}".jar -Dsonar.log.console=true "$@"
|
||||
Reference in New Issue
Block a user