From 494dce4ce8ed1711c4cd52d29e1fd84d09659361 Mon Sep 17 00:00:00 2001 From: mershad-manesh <105240903+mershad-manesh@users.noreply.github.com> Date: Wed, 7 Jan 2026 12:43:08 -0500 Subject: [PATCH 01/23] use UBI10 --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 18a5a4e..9a9c2e6 100644 --- a/Makefile +++ b/Makefile @@ -10,7 +10,7 @@ SHELL := bash -o nounset -o pipefail -o errexit BUILD_DATE := $(shell date -u +"%Y-%m-%dT%H:%M:%SZ") -BASE_IMAGE := registry.access.redhat.com/ubi9-minimal +BASE_IMAGE := registry.access.redhat.com/ubi10-minimal DOCKER_BUILDKIT := 1 DOCKER_CLI_EXPERIMENTAL := enabled From aff989bdb19dc7142bf32112569ffb9c17db6edd Mon Sep 17 00:00:00 2001 From: Morteza E <105240903+mershad-manesh@users.noreply.github.com> Date: Thu, 8 Jan 2026 11:10:58 -0500 Subject: [PATCH 02/23] use JDK 21 --- Dockerfile.tpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.tpl b/Dockerfile.tpl index b05e0d4..10e5721 100644 --- a/Dockerfile.tpl +++ b/Dockerfile.tpl @@ -35,7 +35,7 @@ RUN microdnf -y install \ automake \ gcc \ git \ - java-1.8.0-openjdk-devel \ + java-21-openjdk-devel \ libtool \ make From 77aaafa6a18495477b2e4c2069824e00e8e097c7 Mon Sep 17 00:00:00 2001 From: Morteza E <105240903+mershad-manesh@users.noreply.github.com> Date: Thu, 8 Jan 2026 11:52:44 -0500 Subject: [PATCH 03/23] use latest jicmp --- Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 9a9c2e6..fdaa017 100644 --- a/Makefile +++ b/Makefile @@ -41,10 +41,10 @@ BUILD_URL ?= unset BUILD_BRANCH ?= $(shell git branch --show-current) JICMP_GIT_REPO_URL := https://github.com/opennms/jicmp -JICMP_VERSION := jicmp-3.0.0-2 +JICMP_VERSION := jicmp-3.0.5-1 JICMP6_GIT_REPO_URL := https://github.com/opennms/jicmp6 -JICMP6_VERSION := jicmp6-3.0.0-2 +JICMP6_VERSION := jicmp6-3.0.5-1 JATTACH_GIT_REPO_URL := https://github.com/jattach/jattach JATTACH_VERSION := v2.1 From 0a4a402814f8c40011a53e0cd7d80902c6c53915 Mon Sep 17 00:00:00 2001 From: Morteza E <105240903+mershad-manesh@users.noreply.github.com> Date: Thu, 8 Jan 2026 11:56:15 -0500 Subject: [PATCH 04/23] update Major java version --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index fdaa017..6572ffc 100644 --- a/Makefile +++ b/Makefile @@ -18,7 +18,7 @@ ARCHITECTURE := linux/amd64 BUILDER_INSTANCE := env-deploy-base-oci TAG_ARCH := $(subst /,-,$(subst linux/,,$(ARCHITECTURE))) -JAVA_MAJOR_VERSION := 11 +JAVA_MAJOR_VERSION := 21 JAVA_PKG := openjdk-$(JAVA_MAJOR_VERSION)-jre-headless JAVA_HOME = /usr/lib/jvm/jre-${JAVA_MAJOR_VERSION} From f10ce9b87a16d9a6dfbc7e013488763a65619fc3 Mon Sep 17 00:00:00 2001 From: Morteza E <105240903+mershad-manesh@users.noreply.github.com> Date: Tue, 3 Feb 2026 09:26:27 -0500 Subject: [PATCH 05/23] temp test --- Dockerfile.tpl | 2 ++ Makefile | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/Dockerfile.tpl b/Dockerfile.tpl index 10e5721..3385b4d 100644 --- a/Dockerfile.tpl +++ b/Dockerfile.tpl @@ -45,6 +45,7 @@ RUN git config --global advice.detachedHead false RUN git clone --depth 1 --branch "${JICMP_VERSION}" "${JICMP_GIT_REPO_URL}" /usr/src/jicmp && \ cd /usr/src/jicmp && \ git submodule update --init --recursive --depth 1 && \ + git Checkout ronny/JICMP-27 && \ autoreconf -fvi && \ ./configure RUN cd /usr/src/jicmp && make -j1 @@ -53,6 +54,7 @@ RUN cd /usr/src/jicmp && make -j1 RUN git clone --depth 1 --branch "${JICMP6_VERSION}" "${JICMP6_GIT_REPO_URL}" /usr/src/jicmp6 && \ cd /usr/src/jicmp6 && \ git submodule update --init --recursive --depth 1 && \ + git Checkout ronny/JICMP-27 && \ autoreconf -fvi && \ ./configure RUN cd /usr/src/jicmp6 && make -j1 diff --git a/Makefile b/Makefile index 6572ffc..94fc32f 100644 --- a/Makefile +++ b/Makefile @@ -24,7 +24,7 @@ JAVA_HOME = /usr/lib/jvm/jre-${JAVA_MAJOR_VERSION} # Version fallback uses the latest git version tag or the git hash if no git version is set. # e.g. last git version tag is v1.1.0 -> 1.1.0 is used, otherwise the git hash -VERSION ?= ubi9-$(shell cat version.txt | sed -e 's,[\r\n]*,,') +VERSION ?= ubi10-$(shell cat version.txt | sed -e 's,[\r\n]*,,') CONTAINER_REGISTRY ?= localhost CONTAINER_REGISTRY_LOGIN ?= unset CONTAINER_REGISTRY_PASS ?= unset From 8e3983686e41c13ada1e80d62364c1085478633f Mon Sep 17 00:00:00 2001 From: Morteza E <105240903+mershad-manesh@users.noreply.github.com> Date: Tue, 3 Feb 2026 09:30:08 -0500 Subject: [PATCH 06/23] thanks autocorrect --- Dockerfile.tpl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile.tpl b/Dockerfile.tpl index 3385b4d..75e522f 100644 --- a/Dockerfile.tpl +++ b/Dockerfile.tpl @@ -45,7 +45,7 @@ RUN git config --global advice.detachedHead false RUN git clone --depth 1 --branch "${JICMP_VERSION}" "${JICMP_GIT_REPO_URL}" /usr/src/jicmp && \ cd /usr/src/jicmp && \ git submodule update --init --recursive --depth 1 && \ - git Checkout ronny/JICMP-27 && \ + git checkout ronny/JICMP-27 && \ autoreconf -fvi && \ ./configure RUN cd /usr/src/jicmp && make -j1 @@ -54,7 +54,7 @@ RUN cd /usr/src/jicmp && make -j1 RUN git clone --depth 1 --branch "${JICMP6_VERSION}" "${JICMP6_GIT_REPO_URL}" /usr/src/jicmp6 && \ cd /usr/src/jicmp6 && \ git submodule update --init --recursive --depth 1 && \ - git Checkout ronny/JICMP-27 && \ + git checkout ronny/JICMP-27 && \ autoreconf -fvi && \ ./configure RUN cd /usr/src/jicmp6 && make -j1 From 5e1b75a2604418933d6350f7795c569ef73a262b Mon Sep 17 00:00:00 2001 From: Morteza E <105240903+mershad-manesh@users.noreply.github.com> Date: Tue, 3 Feb 2026 09:35:37 -0500 Subject: [PATCH 07/23] autocorrect again --- Dockerfile.tpl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile.tpl b/Dockerfile.tpl index 75e522f..d11f8e3 100644 --- a/Dockerfile.tpl +++ b/Dockerfile.tpl @@ -45,7 +45,7 @@ RUN git config --global advice.detachedHead false RUN git clone --depth 1 --branch "${JICMP_VERSION}" "${JICMP_GIT_REPO_URL}" /usr/src/jicmp && \ cd /usr/src/jicmp && \ git submodule update --init --recursive --depth 1 && \ - git checkout ronny/JICMP-27 && \ + git checkout ronny/jicmp-27 && \ autoreconf -fvi && \ ./configure RUN cd /usr/src/jicmp && make -j1 @@ -54,7 +54,7 @@ RUN cd /usr/src/jicmp && make -j1 RUN git clone --depth 1 --branch "${JICMP6_VERSION}" "${JICMP6_GIT_REPO_URL}" /usr/src/jicmp6 && \ cd /usr/src/jicmp6 && \ git submodule update --init --recursive --depth 1 && \ - git checkout ronny/JICMP-27 && \ + git checkout ronny/jicmp-27 && \ autoreconf -fvi && \ ./configure RUN cd /usr/src/jicmp6 && make -j1 From e0a5c35bc3826a026dbf23f617bbc91e3f4cbdf9 Mon Sep 17 00:00:00 2001 From: Morteza E <105240903+mershad-manesh@users.noreply.github.com> Date: Tue, 3 Feb 2026 09:42:31 -0500 Subject: [PATCH 08/23] pull branch list first --- Dockerfile.tpl | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Dockerfile.tpl b/Dockerfile.tpl index d11f8e3..94258b3 100644 --- a/Dockerfile.tpl +++ b/Dockerfile.tpl @@ -45,7 +45,9 @@ RUN git config --global advice.detachedHead false RUN git clone --depth 1 --branch "${JICMP_VERSION}" "${JICMP_GIT_REPO_URL}" /usr/src/jicmp && \ cd /usr/src/jicmp && \ git submodule update --init --recursive --depth 1 && \ + git branch -r && \ git checkout ronny/jicmp-27 && \ + git pull && \ autoreconf -fvi && \ ./configure RUN cd /usr/src/jicmp && make -j1 @@ -54,7 +56,9 @@ RUN cd /usr/src/jicmp && make -j1 RUN git clone --depth 1 --branch "${JICMP6_VERSION}" "${JICMP6_GIT_REPO_URL}" /usr/src/jicmp6 && \ cd /usr/src/jicmp6 && \ git submodule update --init --recursive --depth 1 && \ + git branch -r && \ git checkout ronny/jicmp-27 && \ + git pull && \ autoreconf -fvi && \ ./configure RUN cd /usr/src/jicmp6 && make -j1 From ef9e159e2aeb73cafb4fa6f1107e60c21d656886 Mon Sep 17 00:00:00 2001 From: Morteza E <105240903+mershad-manesh@users.noreply.github.com> Date: Tue, 3 Feb 2026 12:51:30 -0500 Subject: [PATCH 09/23] temp fix --- Dockerfile.tpl | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/Dockerfile.tpl b/Dockerfile.tpl index 94258b3..e441f2c 100644 --- a/Dockerfile.tpl +++ b/Dockerfile.tpl @@ -39,26 +39,25 @@ RUN microdnf -y install \ libtool \ make +RUN curl -LO https://github.com/adoptium/temurin8-binaries/releases/download/jdk8u482-b08/OpenJDK8U-jdk_x64_linux_hotspot_8u482b08.tar.gz +RUN tar -xzf OpenJDK8U-jdk_x64_linux_hotspot_8u482b08.tar.gz -C /opt + ## Checkout and build JICMP RUN git config --global advice.detachedHead false -RUN git clone --depth 1 --branch "${JICMP_VERSION}" "${JICMP_GIT_REPO_URL}" /usr/src/jicmp && \ +RUN export JAVA_HOME=/opt/jdk8u482-b08 && export PATH=$JAVA_HOME/bin:$PATH && \ + git clone --depth 1 --branch "${JICMP_VERSION}" "${JICMP_GIT_REPO_URL}" /usr/src/jicmp && \ cd /usr/src/jicmp && \ git submodule update --init --recursive --depth 1 && \ - git branch -r && \ - git checkout ronny/jicmp-27 && \ - git pull && \ autoreconf -fvi && \ ./configure RUN cd /usr/src/jicmp && make -j1 # Checkout and build JICMP6 -RUN git clone --depth 1 --branch "${JICMP6_VERSION}" "${JICMP6_GIT_REPO_URL}" /usr/src/jicmp6 && \ +RUN export JAVA_HOME=/opt/jdk8u482-b08 && export PATH=$JAVA_HOME/bin:$PATH && \ + git clone --depth 1 --branch "${JICMP6_VERSION}" "${JICMP6_GIT_REPO_URL}" /usr/src/jicmp6 && \ cd /usr/src/jicmp6 && \ git submodule update --init --recursive --depth 1 && \ - git branch -r && \ - git checkout ronny/jicmp-27 && \ - git pull && \ autoreconf -fvi && \ ./configure RUN cd /usr/src/jicmp6 && make -j1 @@ -141,4 +140,3 @@ LABEL org.opencontainers.image.created="${BUILD_DATE}" \ org.opennms.cicd.branch="${BUILD_BRANCH}" \ org.opennms.cicd.buildurl="${BUILD_URL}" \ org.opennms.cicd.buildnumber="${BUILD_NUMBER}" - From 3b003c88d8d103c395a18dc3de9f7ef6148c7f2f Mon Sep 17 00:00:00 2001 From: Morteza E <105240903+mershad-manesh@users.noreply.github.com> Date: Tue, 3 Feb 2026 15:04:24 -0500 Subject: [PATCH 10/23] ignore sha1 --- Dockerfile.tpl | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Dockerfile.tpl b/Dockerfile.tpl index e441f2c..25a6a77 100644 --- a/Dockerfile.tpl +++ b/Dockerfile.tpl @@ -122,7 +122,9 @@ RUN curl -L "${PROM_JMX_EXPORTER_URL}" --output ./jmx_prometheus_javaagent.jar & RUN curl -L --output /tmp/repo.rpm https://yum.opennms.org/repofiles/opennms-repo-stable-rhel9.noarch.rpm && \ rpm -Uf /tmp/repo.rpm && \ - rpm --import https://yum.opennms.org/OPENNMS-GPG-KEY + update-crypto-policies --set DEFAULT:SHA1 && \ + rpm --import https://yum.opennms.org/OPENNMS-GPG-KEY && \ + update-crypto-policies --set DEFAULT LABEL org.opencontainers.image.created="${BUILD_DATE}" \ org.opencontainers.image.title="OpenNMS deploy based on ${BASE_IMAGE}" \ From 095aeb4f678fe1984af4e77c42d0685779a943aa Mon Sep 17 00:00:00 2001 From: Morteza E <105240903+mershad-manesh@users.noreply.github.com> Date: Tue, 3 Feb 2026 15:08:18 -0500 Subject: [PATCH 11/23] install crypto --- Dockerfile.tpl | 1 + 1 file changed, 1 insertion(+) diff --git a/Dockerfile.tpl b/Dockerfile.tpl index 25a6a77..7c63d44 100644 --- a/Dockerfile.tpl +++ b/Dockerfile.tpl @@ -122,6 +122,7 @@ RUN curl -L "${PROM_JMX_EXPORTER_URL}" --output ./jmx_prometheus_javaagent.jar & RUN curl -L --output /tmp/repo.rpm https://yum.opennms.org/repofiles/opennms-repo-stable-rhel9.noarch.rpm && \ rpm -Uf /tmp/repo.rpm && \ + microdnf install -y crypto-policies && \ update-crypto-policies --set DEFAULT:SHA1 && \ rpm --import https://yum.opennms.org/OPENNMS-GPG-KEY && \ update-crypto-policies --set DEFAULT From b2010b0946a86725bf623a8f7abfbc070339772f Mon Sep 17 00:00:00 2001 From: Morteza E <105240903+mershad-manesh@users.noreply.github.com> Date: Tue, 3 Feb 2026 15:36:01 -0500 Subject: [PATCH 12/23] unsafe option --- Dockerfile.tpl | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/Dockerfile.tpl b/Dockerfile.tpl index 7c63d44..bf4b418 100644 --- a/Dockerfile.tpl +++ b/Dockerfile.tpl @@ -122,10 +122,7 @@ RUN curl -L "${PROM_JMX_EXPORTER_URL}" --output ./jmx_prometheus_javaagent.jar & RUN curl -L --output /tmp/repo.rpm https://yum.opennms.org/repofiles/opennms-repo-stable-rhel9.noarch.rpm && \ rpm -Uf /tmp/repo.rpm && \ - microdnf install -y crypto-policies && \ - update-crypto-policies --set DEFAULT:SHA1 && \ - rpm --import https://yum.opennms.org/OPENNMS-GPG-KEY && \ - update-crypto-policies --set DEFAULT + rpm --import --nosignature --nodigest https://yum.opennms.org/OPENNMS-GPG-KEY LABEL org.opencontainers.image.created="${BUILD_DATE}" \ org.opencontainers.image.title="OpenNMS deploy based on ${BASE_IMAGE}" \ From eb33a81c19ce013940f1cd9d3f29f813180065ab Mon Sep 17 00:00:00 2001 From: Morteza E <105240903+mershad-manesh@users.noreply.github.com> Date: Tue, 3 Feb 2026 15:52:41 -0500 Subject: [PATCH 13/23] test --- Dockerfile.tpl | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/Dockerfile.tpl b/Dockerfile.tpl index bf4b418..c50632d 100644 --- a/Dockerfile.tpl +++ b/Dockerfile.tpl @@ -35,7 +35,6 @@ RUN microdnf -y install \ automake \ gcc \ git \ - java-21-openjdk-devel \ libtool \ make @@ -45,7 +44,7 @@ RUN tar -xzf OpenJDK8U-jdk_x64_linux_hotspot_8u482b08.tar.gz -C /opt ## Checkout and build JICMP RUN git config --global advice.detachedHead false -RUN export JAVA_HOME=/opt/jdk8u482-b08 && export PATH=$JAVA_HOME/bin:$PATH && \ +RUN export JAVA_HOME=/opt/jdk8u482-b08 && export PATH=/opt/jdk8u482-b08/bin:$PATH && \ git clone --depth 1 --branch "${JICMP_VERSION}" "${JICMP_GIT_REPO_URL}" /usr/src/jicmp && \ cd /usr/src/jicmp && \ git submodule update --init --recursive --depth 1 && \ @@ -54,7 +53,7 @@ RUN export JAVA_HOME=/opt/jdk8u482-b08 && export PATH=$JAVA_HOME/bin:$PATH && \ RUN cd /usr/src/jicmp && make -j1 # Checkout and build JICMP6 -RUN export JAVA_HOME=/opt/jdk8u482-b08 && export PATH=$JAVA_HOME/bin:$PATH && \ +RUN export JAVA_HOME=/opt/jdk8u482-b08 && export PATH=/opt/jdk8u482-b08/bin:$PATH && \ git clone --depth 1 --branch "${JICMP6_VERSION}" "${JICMP6_GIT_REPO_URL}" /usr/src/jicmp6 && \ cd /usr/src/jicmp6 && \ git submodule update --init --recursive --depth 1 && \ From 04917390b96d0d33439d0cb21e51416c2244bd26 Mon Sep 17 00:00:00 2001 From: Morteza E <105240903+mershad-manesh@users.noreply.github.com> Date: Tue, 3 Feb 2026 16:01:28 -0500 Subject: [PATCH 14/23] different items --- Dockerfile.tpl | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Dockerfile.tpl b/Dockerfile.tpl index c50632d..1bb615a 100644 --- a/Dockerfile.tpl +++ b/Dockerfile.tpl @@ -120,8 +120,9 @@ RUN curl -L "${PROM_JMX_EXPORTER_URL}" --output ./jmx_prometheus_javaagent.jar & chmod 0664 /opt/prom-jmx-exporter/* RUN curl -L --output /tmp/repo.rpm https://yum.opennms.org/repofiles/opennms-repo-stable-rhel9.noarch.rpm && \ - rpm -Uf /tmp/repo.rpm && \ - rpm --import --nosignature --nodigest https://yum.opennms.org/OPENNMS-GPG-KEY + rpm -Uvh --nodigest --nosignature --noverify /tmp/repo.rpm && \ + sed -i 's/gpgcheck=1/gpgcheck=0/g' /etc/yum.repos.d/opennms*.repo && \ + rm -f /tmp/repo.rpm LABEL org.opencontainers.image.created="${BUILD_DATE}" \ org.opencontainers.image.title="OpenNMS deploy based on ${BASE_IMAGE}" \ From 3ffaaa992597362b97241098a835d0c10031c1cc Mon Sep 17 00:00:00 2001 From: Morteza E <105240903+mershad-manesh@users.noreply.github.com> Date: Tue, 3 Feb 2026 16:46:39 -0500 Subject: [PATCH 15/23] a very risky change to java --- Dockerfile.tpl | 107 +++++++++++++++++++++++++++++++++---------------- 1 file changed, 72 insertions(+), 35 deletions(-) diff --git a/Dockerfile.tpl b/Dockerfile.tpl index 1bb615a..8e0a3c9 100644 --- a/Dockerfile.tpl +++ b/Dockerfile.tpl @@ -9,18 +9,18 @@ FROM ${BASE_IMAGE} AS core # TODO: switch `vim` back to `vim-minimal` once https://issues.redhat.com/browse/RHEL-25748 is resolved RUN microdnf -y upgrade && \ microdnf -y install \ - hostname \ - iputils \ - less \ - ncurses \ - openssh-clients \ - rsync \ - tar \ - unzip \ - uuid \ - vim-minimal \ - /usr/bin/ps \ - /usr/bin/which \ + hostname \ + iputils \ + less \ + ncurses \ + openssh-clients \ + rsync \ + tar \ + unzip \ + uuid \ + vim-minimal \ + /usr/bin/ps \ + /usr/bin/which \ && \ rm -rf /var/cache/yum @@ -70,13 +70,50 @@ RUN cd /usr/src/jattach && make ## FROM core -RUN microdnf -y install \ - "java-${JAVA_MAJOR_VERSION}-openjdk-headless" \ +# if JAVA_MAJOR_VERSION is 11, use this: +# https://github.com/adoptium/temurin11-binaries/releases/download/jdk-11.0.30%2B7/OpenJDK11U-jdk_x64_linux_hotspot_11.0.30_7.tar.gz +RUN if [ "${JAVA_MAJOR_VERSION}" = "11" ]; then \ + if [ "${ARCHITECTURE}" = "amd64" ]; then \ + curl -L "https://github.com/adoptium/temurin11-binaries/releases/download/jdk-11.0.30%2B7/OpenJDK11U-jdk_x64_linux_hotspot_11.0.30_7.tar.gz" --output /tmp/openjdk.tar.gz && \ + elif [ "${ARCHITECTURE}" = "arm64" ]; then \ + curl -L "https://github.com/adoptium/temurin11-binaries/releases/download/jdk-11.0.30%2B7/OpenJDK11U-jdk_aarch64_linux_hotspot_11.0.30_7.tar.gz" --output /tmp/openjdk.tar.gz && \ + fi && \ + tar -xzf /tmp/openjdk.tar.gz -C /opt && \ + rm -f /tmp/openjdk.tar.gz; \ + fi +# if JAVA_MAJOR_VERSION is 17, use this: +# https://github.com/adoptium/temurin17-binaries/releases/download/jdk-17.0.18%2B8/OpenJDK17U-jdk_x64_linux_hotspot_17.0.18_8.tar.gz +RUN if [ "${JAVA_MAJOR_VERSION}" = "17" ]; then \ + if [ "${ARCHITECTURE}" = "amd64" ]; then \ + curl -L "https://github.com/adoptium/temurin17-binaries/releases/download/jdk-17.0.18%2B8/OpenJDK17U-jdk_x64_linux_hotspot_17.0.18_8.tar.gz" --output /tmp/openjdk.tar.gz && \ + elif [ "${ARCHITECTURE}" = "arm64" ]; then \ + curl -L "https://github.com/adoptium/temurin17-binaries/releases/download/jdk-17.0.18%2B8/OpenJDK17U-jdk_aarch64_linux_hotspot_17.0.18_8.tar.gz" --output /tmp/openjdk.tar.gz && \ + fi && \ + tar -xzf /tmp/openjdk.tar.gz -C /opt && \ + rm -f /tmp/openjdk.tar.gz; \ + fi +# else install using microdnf +RUN if [ "${JAVA_MAJOR_VERSION}" != "11" ] && [ "${JAVA_MAJOR_VERSION}" != "17" ]; then \ + echo "Installing OpenJDK ${JAVA_MAJOR_VERSION} via microdnf"; \ + microdnf -y install \ + "java-${JAVA_MAJOR_VERSION}-openjdk-headless" \ && \ - rm -rf /var/cache/yum - + rm -rf /var/cache/yum \ + fi + +# Set JAVA_HOME based on installed version +RUN if [ "${JAVA_MAJOR_VERSION}" = "11" ]; then \ + export JAVA_HOME=/opt/jdk-11.0.30+7; \ + elif [ "${JAVA_MAJOR_VERSION}" = "17" ]; then \ + export JAVA_HOME=/opt/jdk-17.0.18+8; \ + else \ + export JAVA_HOME=$(dirname $(dirname $(readlink -f $(which java)))); \ + fi && \ + echo "JAVA_HOME is set to ${JAVA_HOME}" && \ + echo "${JAVA_HOME}" > /etc/java_home + # Set JAVA_HOME at runtime -ENV JAVA_HOME=${JAVA_HOME} +# ENV JAVA_HOME=${JAVA_HOME} # To be able to use DGRAM to send ICMP messages we have to give the java binary CAP_NET_RAW capabilities in Linux. COPY do-setcap.sh /usr/local/bin/ @@ -84,11 +121,11 @@ RUN /usr/local/bin/do-setcap.sh # Install confd RUN if [ "$(uname -m)" = "x86_64" ]; then \ - curl -L "${CONFD_SOURCE}/releases/download/v${CONFD_VERSION}/confd-v${CONFD_VERSION}-linux-amd64.tar.gz" --output /tmp/confd.tar.gz; \ + curl -L "${CONFD_SOURCE}/releases/download/v${CONFD_VERSION}/confd-v${CONFD_VERSION}-linux-amd64.tar.gz" --output /tmp/confd.tar.gz; \ elif [ "$(uname -m)" = "armv7l" ]; then \ - curl -L "${CONFD_SOURCE}/releases/download/v${CONFD_VERSION}/confd-v${CONFD_VERSION}-linux-arm7.tar.gz" --output /tmp/confd.tar.gz; \ + curl -L "${CONFD_SOURCE}/releases/download/v${CONFD_VERSION}/confd-v${CONFD_VERSION}-linux-arm7.tar.gz" --output /tmp/confd.tar.gz; \ else \ - curl -L "${CONFD_SOURCE}/releases/download/v${CONFD_VERSION}/confd-v${CONFD_VERSION}-linux-arm64.tar.gz" --output /tmp/confd.tar.gz; \ + curl -L "${CONFD_SOURCE}/releases/download/v${CONFD_VERSION}/confd-v${CONFD_VERSION}-linux-arm64.tar.gz" --output /tmp/confd.tar.gz; \ fi && \ cd /usr/bin && \ tar -xzf /tmp/confd.tar.gz && \ @@ -125,18 +162,18 @@ RUN curl -L --output /tmp/repo.rpm https://yum.opennms.org/repofiles/opennms-rep rm -f /tmp/repo.rpm LABEL org.opencontainers.image.created="${BUILD_DATE}" \ - org.opencontainers.image.title="OpenNMS deploy based on ${BASE_IMAGE}" \ - org.opencontainers.image.source="${VCS_SOURCE}" \ - org.opencontainers.image.revision="${VCS_REVISION}" \ - org.opencontainers.image.version="${VERSION}" \ - org.opencontainers.image.vendor="The OpenNMS Group, Inc." \ - org.opencontainers.image.authors="OpenNMS Community" \ - org.opencontainers.image.licenses="AGPL-3.0" \ - org.opennms.image.base="${BASE_IMAGE}" \ - org.opennms.image.java.version="${JAVA_MAJOR_VERSION}" \ - org.opennms.image.java.home="${JAVA_HOME}" \ - org.opennms.image.jicmp.version="${JICMP_VERSION}" \ - org.opennms.image.jicmp6.version="${JICMP6_VERSION}" \ - org.opennms.cicd.branch="${BUILD_BRANCH}" \ - org.opennms.cicd.buildurl="${BUILD_URL}" \ - org.opennms.cicd.buildnumber="${BUILD_NUMBER}" + org.opencontainers.image.title="OpenNMS deploy based on ${BASE_IMAGE}" \ + org.opencontainers.image.source="${VCS_SOURCE}" \ + org.opencontainers.image.revision="${VCS_REVISION}" \ + org.opencontainers.image.version="${VERSION}" \ + org.opencontainers.image.vendor="The OpenNMS Group, Inc." \ + org.opencontainers.image.authors="OpenNMS Community" \ + org.opencontainers.image.licenses="AGPL-3.0" \ + org.opennms.image.base="${BASE_IMAGE}" \ + org.opennms.image.java.version="${JAVA_MAJOR_VERSION}" \ + org.opennms.image.java.home="${JAVA_HOME}" \ + org.opennms.image.jicmp.version="${JICMP_VERSION}" \ + org.opennms.image.jicmp6.version="${JICMP6_VERSION}" \ + org.opennms.cicd.branch="${BUILD_BRANCH}" \ + org.opennms.cicd.buildurl="${BUILD_URL}" \ + org.opennms.cicd.buildnumber="${BUILD_NUMBER}" From 5b533466cbea68d57ca2d5e88f98330576cfb8ae Mon Sep 17 00:00:00 2001 From: Morteza E <105240903+mershad-manesh@users.noreply.github.com> Date: Tue, 3 Feb 2026 16:54:23 -0500 Subject: [PATCH 16/23] more changes --- Dockerfile.tpl | 32 +++++++++++++++----------------- 1 file changed, 15 insertions(+), 17 deletions(-) diff --git a/Dockerfile.tpl b/Dockerfile.tpl index 8e0a3c9..8d3e427 100644 --- a/Dockerfile.tpl +++ b/Dockerfile.tpl @@ -73,10 +73,10 @@ FROM core # if JAVA_MAJOR_VERSION is 11, use this: # https://github.com/adoptium/temurin11-binaries/releases/download/jdk-11.0.30%2B7/OpenJDK11U-jdk_x64_linux_hotspot_11.0.30_7.tar.gz RUN if [ "${JAVA_MAJOR_VERSION}" = "11" ]; then \ - if [ "${ARCHITECTURE}" = "amd64" ]; then \ - curl -L "https://github.com/adoptium/temurin11-binaries/releases/download/jdk-11.0.30%2B7/OpenJDK11U-jdk_x64_linux_hotspot_11.0.30_7.tar.gz" --output /tmp/openjdk.tar.gz && \ - elif [ "${ARCHITECTURE}" = "arm64" ]; then \ - curl -L "https://github.com/adoptium/temurin11-binaries/releases/download/jdk-11.0.30%2B7/OpenJDK11U-jdk_aarch64_linux_hotspot_11.0.30_7.tar.gz" --output /tmp/openjdk.tar.gz && \ + if echo "${ARCHITECTURE}" | grep -q "amd64"; then \ + curl -L "https://github.com/adoptium/temurin11-binaries/releases/download/jdk-11.0.30%2B7/OpenJDK11U-jdk_x64_linux_hotspot_11.0.30_7.tar.gz" --output /tmp/openjdk.tar.gz; \ + elif echo "${ARCHITECTURE}" | grep -q "arm64"; then \ + curl -L "https://github.com/adoptium/temurin11-binaries/releases/download/jdk-11.0.30%2B7/OpenJDK11U-jdk_aarch64_linux_hotspot_11.0.30_7.tar.gz" --output /tmp/openjdk.tar.gz; \ fi && \ tar -xzf /tmp/openjdk.tar.gz -C /opt && \ rm -f /tmp/openjdk.tar.gz; \ @@ -84,10 +84,10 @@ RUN if [ "${JAVA_MAJOR_VERSION}" = "11" ]; then \ # if JAVA_MAJOR_VERSION is 17, use this: # https://github.com/adoptium/temurin17-binaries/releases/download/jdk-17.0.18%2B8/OpenJDK17U-jdk_x64_linux_hotspot_17.0.18_8.tar.gz RUN if [ "${JAVA_MAJOR_VERSION}" = "17" ]; then \ - if [ "${ARCHITECTURE}" = "amd64" ]; then \ - curl -L "https://github.com/adoptium/temurin17-binaries/releases/download/jdk-17.0.18%2B8/OpenJDK17U-jdk_x64_linux_hotspot_17.0.18_8.tar.gz" --output /tmp/openjdk.tar.gz && \ - elif [ "${ARCHITECTURE}" = "arm64" ]; then \ - curl -L "https://github.com/adoptium/temurin17-binaries/releases/download/jdk-17.0.18%2B8/OpenJDK17U-jdk_aarch64_linux_hotspot_17.0.18_8.tar.gz" --output /tmp/openjdk.tar.gz && \ + if echo "${ARCHITECTURE}" | grep -q "amd64"; then \ + curl -L "https://github.com/adoptium/temurin17-binaries/releases/download/jdk-17.0.18%2B8/OpenJDK17U-jdk_x64_linux_hotspot_17.0.18_8.tar.gz" --output /tmp/openjdk.tar.gz; \ + elif echo "${ARCHITECTURE}" | grep -q "arm64"; then \ + curl -L "https://github.com/adoptium/temurin17-binaries/releases/download/jdk-17.0.18%2B8/OpenJDK17U-jdk_aarch64_linux_hotspot_17.0.18_8.tar.gz" --output /tmp/openjdk.tar.gz; \ fi && \ tar -xzf /tmp/openjdk.tar.gz -C /opt && \ rm -f /tmp/openjdk.tar.gz; \ @@ -101,19 +101,17 @@ RUN if [ "${JAVA_MAJOR_VERSION}" != "11" ] && [ "${JAVA_MAJOR_VERSION}" != "17" rm -rf /var/cache/yum \ fi -# Set JAVA_HOME based on installed version +# Set JAVA_HOME based on installed version - create a symlink for consistency RUN if [ "${JAVA_MAJOR_VERSION}" = "11" ]; then \ - export JAVA_HOME=/opt/jdk-11.0.30+7; \ + ln -sf /opt/jdk-11.0.30+7 /opt/java; \ elif [ "${JAVA_MAJOR_VERSION}" = "17" ]; then \ - export JAVA_HOME=/opt/jdk-17.0.18+8; \ + ln -sf /opt/jdk-17.0.18+8 /opt/java; \ else \ - export JAVA_HOME=$(dirname $(dirname $(readlink -f $(which java)))); \ - fi && \ - echo "JAVA_HOME is set to ${JAVA_HOME}" && \ - echo "${JAVA_HOME}" > /etc/java_home - + ln -sf $(dirname $(dirname $(readlink -f $(which java)))) /opt/java; \ + fi + # Set JAVA_HOME at runtime -# ENV JAVA_HOME=${JAVA_HOME} +ENV JAVA_HOME=/opt/java # To be able to use DGRAM to send ICMP messages we have to give the java binary CAP_NET_RAW capabilities in Linux. COPY do-setcap.sh /usr/local/bin/ From 6a730d1deb6245a645294a65ae90575b6265911c Mon Sep 17 00:00:00 2001 From: Morteza E <105240903+mershad-manesh@users.noreply.github.com> Date: Tue, 3 Feb 2026 16:58:58 -0500 Subject: [PATCH 17/23] add ; and clean up extra lines --- Dockerfile.tpl | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/Dockerfile.tpl b/Dockerfile.tpl index 8d3e427..9a7d8cd 100644 --- a/Dockerfile.tpl +++ b/Dockerfile.tpl @@ -96,9 +96,8 @@ RUN if [ "${JAVA_MAJOR_VERSION}" = "17" ]; then \ RUN if [ "${JAVA_MAJOR_VERSION}" != "11" ] && [ "${JAVA_MAJOR_VERSION}" != "17" ]; then \ echo "Installing OpenJDK ${JAVA_MAJOR_VERSION} via microdnf"; \ microdnf -y install \ - "java-${JAVA_MAJOR_VERSION}-openjdk-headless" \ - && \ - rm -rf /var/cache/yum \ + "java-${JAVA_MAJOR_VERSION}-openjdk-headless" && \ + rm -rf /var/cache/yum; \ fi # Set JAVA_HOME based on installed version - create a symlink for consistency From e0eddca588805f31ac593965cc1d3ad45de10c57 Mon Sep 17 00:00:00 2001 From: Morteza E <105240903+mershad-manesh@users.noreply.github.com> Date: Wed, 4 Feb 2026 09:41:50 -0500 Subject: [PATCH 18/23] make sure to use correct java for the architecture --- Dockerfile.tpl | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/Dockerfile.tpl b/Dockerfile.tpl index 9a7d8cd..9492c35 100644 --- a/Dockerfile.tpl +++ b/Dockerfile.tpl @@ -38,8 +38,13 @@ RUN microdnf -y install \ libtool \ make -RUN curl -LO https://github.com/adoptium/temurin8-binaries/releases/download/jdk8u482-b08/OpenJDK8U-jdk_x64_linux_hotspot_8u482b08.tar.gz -RUN tar -xzf OpenJDK8U-jdk_x64_linux_hotspot_8u482b08.tar.gz -C /opt + +RUN if [ "${ARCHITECTURE}" = "amd64" ]; then \ + curl -LO https://github.com/adoptium/temurin8-binaries/releases/download/jdk8u482-b08/OpenJDK8U-jdk_x64_linux_hotspot_8u482b08.tar.gz --output /tmp/openjdk8.tar.gz; \ + elif [ "${ARCHITECTURE}" = "arm64" ]; then \ + curl -LO https://github.com/adoptium/temurin8-binaries/releases/download/jdk8u482-b08/OpenJDK8U-jdk_aarch64_linux_hotspot_8u482b08.tar.gz --output /tmp/openjdk8.tar.gz; \ + fi && \ + tar -xzf /tmp/openjdk8.tar.gz -C /opt ## Checkout and build JICMP RUN git config --global advice.detachedHead false From 916f5ad1ae63cdce24c7b60e8d8d15d2239be785 Mon Sep 17 00:00:00 2001 From: Morteza E <105240903+mershad-manesh@users.noreply.github.com> Date: Wed, 4 Feb 2026 09:44:42 -0500 Subject: [PATCH 19/23] tweak the if statement --- Dockerfile.tpl | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile.tpl b/Dockerfile.tpl index 9492c35..c724ade 100644 --- a/Dockerfile.tpl +++ b/Dockerfile.tpl @@ -39,10 +39,10 @@ RUN microdnf -y install \ make -RUN if [ "${ARCHITECTURE}" = "amd64" ]; then \ - curl -LO https://github.com/adoptium/temurin8-binaries/releases/download/jdk8u482-b08/OpenJDK8U-jdk_x64_linux_hotspot_8u482b08.tar.gz --output /tmp/openjdk8.tar.gz; \ - elif [ "${ARCHITECTURE}" = "arm64" ]; then \ - curl -LO https://github.com/adoptium/temurin8-binaries/releases/download/jdk8u482-b08/OpenJDK8U-jdk_aarch64_linux_hotspot_8u482b08.tar.gz --output /tmp/openjdk8.tar.gz; \ +RUN if [ "$(uname -m)" = "x86_64" ]; then \ + curl -LO https://github.com/adoptium/temurin8-binaries/releases/download/jdk8u482-b08/OpenJDK8U-jdk_x64_linux_hotspot_8u482b08.tar.gz --output /tmp/openjdk8.tar.gz; \ + elif [ "$(uname -m)" = "aarch64" ] || [ "$(uname -m)" = "arm64" ]; then \ + curl -LO https://github.com/adoptium/temurin8-binaries/releases/download/jdk8u482-b08/OpenJDK8U-jdk_aarch64_linux_hotspot_8u482b08.tar.gz --output /tmp/openjdk8.tar.gz; \ fi && \ tar -xzf /tmp/openjdk8.tar.gz -C /opt From 1ee87037a0f6d274534fa3e56c7cc9a0db9ca05f Mon Sep 17 00:00:00 2001 From: Morteza E <105240903+mershad-manesh@users.noreply.github.com> Date: Wed, 4 Feb 2026 09:49:05 -0500 Subject: [PATCH 20/23] fix the bug --- Dockerfile.tpl | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/Dockerfile.tpl b/Dockerfile.tpl index c724ade..421ee97 100644 --- a/Dockerfile.tpl +++ b/Dockerfile.tpl @@ -40,11 +40,12 @@ RUN microdnf -y install \ RUN if [ "$(uname -m)" = "x86_64" ]; then \ - curl -LO https://github.com/adoptium/temurin8-binaries/releases/download/jdk8u482-b08/OpenJDK8U-jdk_x64_linux_hotspot_8u482b08.tar.gz --output /tmp/openjdk8.tar.gz; \ + curl -L https://github.com/adoptium/temurin8-binaries/releases/download/jdk8u482-b08/OpenJDK8U-jdk_x64_linux_hotspot_8u482b08.tar.gz --output /tmp/openjdk8.tar.gz; \ elif [ "$(uname -m)" = "aarch64" ] || [ "$(uname -m)" = "arm64" ]; then \ - curl -LO https://github.com/adoptium/temurin8-binaries/releases/download/jdk8u482-b08/OpenJDK8U-jdk_aarch64_linux_hotspot_8u482b08.tar.gz --output /tmp/openjdk8.tar.gz; \ + curl -L https://github.com/adoptium/temurin8-binaries/releases/download/jdk8u482-b08/OpenJDK8U-jdk_aarch64_linux_hotspot_8u482b08.tar.gz --output /tmp/openjdk8.tar.gz; \ fi && \ - tar -xzf /tmp/openjdk8.tar.gz -C /opt + tar -xzf /tmp/openjdk8.tar.gz -C /opt && \ + rm -f /tmp/openjdk8.tar.gz; \ ## Checkout and build JICMP RUN git config --global advice.detachedHead false @@ -78,9 +79,9 @@ FROM core # if JAVA_MAJOR_VERSION is 11, use this: # https://github.com/adoptium/temurin11-binaries/releases/download/jdk-11.0.30%2B7/OpenJDK11U-jdk_x64_linux_hotspot_11.0.30_7.tar.gz RUN if [ "${JAVA_MAJOR_VERSION}" = "11" ]; then \ - if echo "${ARCHITECTURE}" | grep -q "amd64"; then \ + if [ "$(uname -m)" = "x86_64" ]; then \ curl -L "https://github.com/adoptium/temurin11-binaries/releases/download/jdk-11.0.30%2B7/OpenJDK11U-jdk_x64_linux_hotspot_11.0.30_7.tar.gz" --output /tmp/openjdk.tar.gz; \ - elif echo "${ARCHITECTURE}" | grep -q "arm64"; then \ + elif [ "$(uname -m)" = "aarch64" ] || [ "$(uname -m)" = "arm64" ]; then \ curl -L "https://github.com/adoptium/temurin11-binaries/releases/download/jdk-11.0.30%2B7/OpenJDK11U-jdk_aarch64_linux_hotspot_11.0.30_7.tar.gz" --output /tmp/openjdk.tar.gz; \ fi && \ tar -xzf /tmp/openjdk.tar.gz -C /opt && \ @@ -89,9 +90,9 @@ RUN if [ "${JAVA_MAJOR_VERSION}" = "11" ]; then \ # if JAVA_MAJOR_VERSION is 17, use this: # https://github.com/adoptium/temurin17-binaries/releases/download/jdk-17.0.18%2B8/OpenJDK17U-jdk_x64_linux_hotspot_17.0.18_8.tar.gz RUN if [ "${JAVA_MAJOR_VERSION}" = "17" ]; then \ - if echo "${ARCHITECTURE}" | grep -q "amd64"; then \ + if [ "$(uname -m)" = "x86_64" ]; then \ curl -L "https://github.com/adoptium/temurin17-binaries/releases/download/jdk-17.0.18%2B8/OpenJDK17U-jdk_x64_linux_hotspot_17.0.18_8.tar.gz" --output /tmp/openjdk.tar.gz; \ - elif echo "${ARCHITECTURE}" | grep -q "arm64"; then \ + elif [ "$(uname -m)" = "aarch64" ] || [ "$(uname -m)" = "arm64" ]; then \ curl -L "https://github.com/adoptium/temurin17-binaries/releases/download/jdk-17.0.18%2B8/OpenJDK17U-jdk_aarch64_linux_hotspot_17.0.18_8.tar.gz" --output /tmp/openjdk.tar.gz; \ fi && \ tar -xzf /tmp/openjdk.tar.gz -C /opt && \ From 623cf1e15d7c8b892738bdea2b1007028e2b9ec5 Mon Sep 17 00:00:00 2001 From: Morteza E <105240903+mershad-manesh@users.noreply.github.com> Date: Wed, 4 Feb 2026 09:51:10 -0500 Subject: [PATCH 21/23] oops --- Dockerfile.tpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.tpl b/Dockerfile.tpl index 421ee97..28fbe86 100644 --- a/Dockerfile.tpl +++ b/Dockerfile.tpl @@ -45,7 +45,7 @@ RUN if [ "$(uname -m)" = "x86_64" ]; then \ curl -L https://github.com/adoptium/temurin8-binaries/releases/download/jdk8u482-b08/OpenJDK8U-jdk_aarch64_linux_hotspot_8u482b08.tar.gz --output /tmp/openjdk8.tar.gz; \ fi && \ tar -xzf /tmp/openjdk8.tar.gz -C /opt && \ - rm -f /tmp/openjdk8.tar.gz; \ + rm -f /tmp/openjdk8.tar.gz ## Checkout and build JICMP RUN git config --global advice.detachedHead false From b582e93a6cb6897f39cc3486d9f33a185c70854b Mon Sep 17 00:00:00 2001 From: Morteza E <105240903+mershad-manesh@users.noreply.github.com> Date: Wed, 4 Feb 2026 11:26:56 -0500 Subject: [PATCH 22/23] fix the filters --- .circleci/config.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.circleci/config.yml b/.circleci/config.yml index 8be3533..2ea0878 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -161,6 +161,7 @@ workflows: ignore: - master - variant/ubi + - variant/ubi10 - publish-single-arch: matrix: parameters: @@ -174,6 +175,7 @@ workflows: only: - master - variant/ubi + - variant/ubi10 - publish-multi-arch: matrix: parameters: @@ -188,3 +190,4 @@ workflows: only: - master - variant/ubi + - variant/ubi10 \ No newline at end of file From 77959fd37de326dadaf587e3bb52b11c68513355 Mon Sep 17 00:00:00 2001 From: Morteza E <105240903+mershad-manesh@users.noreply.github.com> Date: Wed, 4 Feb 2026 12:41:50 -0500 Subject: [PATCH 23/23] Add a note to callout gpg checking --- Dockerfile.tpl | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Dockerfile.tpl b/Dockerfile.tpl index 28fbe86..50adf40 100644 --- a/Dockerfile.tpl +++ b/Dockerfile.tpl @@ -159,6 +159,9 @@ RUN curl -L "${PROM_JMX_EXPORTER_URL}" --output ./jmx_prometheus_javaagent.jar & chmod 2775 /opt/prom-jmx-exporter && \ chmod 0664 /opt/prom-jmx-exporter/* +# Install OpenNMS yum repo, +# NOTE: we are disabling gpgcheck and signature verification here to avoid issues with +# our current signing setup; RUN curl -L --output /tmp/repo.rpm https://yum.opennms.org/repofiles/opennms-repo-stable-rhel9.noarch.rpm && \ rpm -Uvh --nodigest --nosignature --noverify /tmp/repo.rpm && \ sed -i 's/gpgcheck=1/gpgcheck=0/g' /etc/yum.repos.d/opennms*.repo && \