summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authordanielhanrahan <daniel.hanrahan@est.tech>2022-07-08 15:52:48 +0100
committerdanielhanrahan <daniel.hanrahan@est.tech>2022-07-13 12:17:33 +0100
commitb33cb6c38637ffff8483f8b15763183abdbd5497 (patch)
tree7e482929f35a778a8a04d50d3fdc27b66821dfa0
parent82b4df0ab1dd63489d378b7f175d3b5fcccb541b (diff)
Reduce size of docker images for XACML-PDP
Avoid creating extra layers when extracting tarball Remove redundant chown/chmod commands Reduce size of Alpine image by 32% (379MB to 259MB) Reduce size of OpenSuse image by 23% (546MB to 423MB) Issue-ID: POLICY-4273 Signed-off-by: danielhanrahan <daniel.hanrahan@est.tech> Change-Id: I5b141b27d9db855c0b624612a54fc525845a02d7
-rw-r--r--packages/policy-xacmlpdp-docker/src/main/docker/Dockerfile20
-rw-r--r--packages/policy-xacmlpdp-docker/src/main/docker/suse.Dockerfile23
-rw-r--r--packages/policy-xacmlpdp-tarball/src/main/package/tarball/assembly.xml2
3 files changed, 27 insertions, 18 deletions
diff --git a/packages/policy-xacmlpdp-docker/src/main/docker/Dockerfile b/packages/policy-xacmlpdp-docker/src/main/docker/Dockerfile
index dd76e509..d87cfecc 100644
--- a/packages/policy-xacmlpdp-docker/src/main/docker/Dockerfile
+++ b/packages/policy-xacmlpdp-docker/src/main/docker/Dockerfile
@@ -19,6 +19,12 @@
# SPDX-License-Identifier: Apache-2.0
# ============LICENSE_END=========================================================
#-------------------------------------------------------------------------------
+
+FROM busybox AS tarball
+RUN mkdir /packages /extracted
+COPY /maven/lib/policy-xacmlpdp.tar.gz /packages/
+RUN tar xvzf /packages/policy-xacmlpdp.tar.gz --directory /extracted/
+
FROM onap/policy-jre-alpine:2.4.3
LABEL maintainer="Policy Team"
@@ -39,17 +45,15 @@ ENV POLICY_HOME=$POLICY_HOME/pdpx
RUN apk update && \
apk add mariadb-client && \
apk add postgresql-client && \
- mkdir -p $POLICY_HOME $POLICY_LOGS $POLICY_HOME/etc/ssl $POLICY_HOME/bin $POLICY_HOME/apps && \
- chown -R policy:policy $POLICY_HOME $POLICY_LOGS && mkdir /packages
+ mkdir -p $POLICY_HOME $POLICY_LOGS && \
+ chown -R policy:policy $POLICY_HOME $POLICY_LOGS
-COPY /maven/* /packages
-RUN tar xvfz /packages/policy-xacmlpdp.tar.gz --directory $POLICY_HOME && \
- rm /packages/policy-xacmlpdp.tar.gz
+COPY --chown=policy:policy --from=tarball /extracted $POLICY_HOME
WORKDIR $POLICY_HOME
-COPY policy-pdpx.sh bin/.
-COPY policy-pdpx-pg.sh bin/.
-RUN chown -R policy:policy * && chmod 755 bin/*.sh && chmod 755 mysql/bin/*.sh && chmod 755 postgres/bin/*.sh
+COPY --chown=policy:policy policy-pdpx.sh bin/
+COPY --chown=policy:policy policy-pdpx-pg.sh bin/
+RUN chmod 755 bin/*.sh
USER policy
WORKDIR $POLICY_HOME/bin
diff --git a/packages/policy-xacmlpdp-docker/src/main/docker/suse.Dockerfile b/packages/policy-xacmlpdp-docker/src/main/docker/suse.Dockerfile
index 67ae7c1e..c8732ca8 100644
--- a/packages/policy-xacmlpdp-docker/src/main/docker/suse.Dockerfile
+++ b/packages/policy-xacmlpdp-docker/src/main/docker/suse.Dockerfile
@@ -18,6 +18,12 @@
# SPDX-License-Identifier: Apache-2.0
# ============LICENSE_END=========================================================
#-------------------------------------------------------------------------------
+
+FROM busybox AS tarball
+RUN mkdir /packages /extracted
+COPY /maven/lib/policy-xacmlpdp.tar.gz /packages/
+RUN tar xvzf /packages/policy-xacmlpdp.tar.gz --directory /extracted/
+
FROM opensuse/leap:15.4
LABEL maintainer="Policy Team"
@@ -37,22 +43,19 @@ ENV POLICY_HOME=/opt/app/policy/pdpx
ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8
ENV JAVA_HOME=/usr/lib64/jvm/java-11-openjdk-11
-RUN zypper -n -q install --no-recommends gzip java-11-openjdk-headless mariadb-client netcat-openbsd postgresql tar && \
+RUN zypper -n -q install --no-recommends java-11-openjdk-headless mariadb-client netcat-openbsd postgresql && \
zypper -n -q update && zypper -n -q clean --all && \
groupadd --system policy && \
useradd --system --shell /bin/sh -G policy policy && \
- mkdir -p $POLICY_LOGS $POLICY_HOME $POLICY_HOME/etc/ssl $POLICY_HOME/bin $POLICY_HOME/apps && \
- chown -R policy:policy $POLICY_HOME $POLICY_LOGS && \
- mkdir /packages
+ mkdir -p $POLICY_HOME $POLICY_LOGS && \
+ chown -R policy:policy $POLICY_HOME $POLICY_LOGS
-COPY /maven/* /packages
-RUN tar xvfz /packages/policy-xacmlpdp.tar.gz --directory $POLICY_HOME && \
- rm /packages/policy-xacmlpdp.tar.gz
+COPY --chown=policy:policy --from=tarball /extracted $POLICY_HOME
WORKDIR $POLICY_HOME
-COPY policy-pdpx.sh bin/.
-COPY policy-pdpx-pg.sh bin/.
-RUN chown -R policy:policy * && chmod 755 bin/*.sh && chmod 755 mysql/bin/*.sh && chmod 755 postgres/bin/*.sh
+COPY --chown=policy:policy policy-pdpx.sh bin/
+COPY --chown=policy:policy policy-pdpx-pg.sh bin/
+RUN chmod 755 bin/*.sh
USER policy
WORKDIR $POLICY_HOME/bin
diff --git a/packages/policy-xacmlpdp-tarball/src/main/package/tarball/assembly.xml b/packages/policy-xacmlpdp-tarball/src/main/package/tarball/assembly.xml
index 354b12a7..8a8c1544 100644
--- a/packages/policy-xacmlpdp-tarball/src/main/package/tarball/assembly.xml
+++ b/packages/policy-xacmlpdp-tarball/src/main/package/tarball/assembly.xml
@@ -68,6 +68,7 @@
</includes>
<outputDirectory>${file.separator}mysql${file.separator}bin</outputDirectory>
<lineEnding>unix</lineEnding>
+ <fileMode>0755</fileMode>
</fileSet>
<fileSet>
<directory>${project.basedir}/src/main/resources/mysql/sql
@@ -86,6 +87,7 @@
</includes>
<outputDirectory>${file.separator}postgres${file.separator}bin</outputDirectory>
<lineEnding>unix</lineEnding>
+ <fileMode>0755</fileMode>
</fileSet>
<fileSet>
<directory>${project.basedir}/src/main/resources/postgres/sql