You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@solr.apache.org by ho...@apache.org on 2022/05/13 22:52:39 UTC
[solr] branch branch_9_0 updated: SOLR-16196: Use Solr KEYS in official Dockerfile (#861)
This is an automated email from the ASF dual-hosted git repository.
houston pushed a commit to branch branch_9_0
in repository https://gitbox.apache.org/repos/asf/solr.git
The following commit(s) were added to refs/heads/branch_9_0 by this push:
new 2a96f77a803 SOLR-16196: Use Solr KEYS in official Dockerfile (#861)
2a96f77a803 is described below
commit 2a96f77a803d0975942427a38fe49bf8e391137f
Author: Houston Putman <ho...@apache.org>
AuthorDate: Fri May 13 18:45:00 2022 -0400
SOLR-16196: Use Solr KEYS in official Dockerfile (#861)
Also address other issues required by official images team.
(cherry picked from commit f8d0d19f981feaf432c4de94187c1677ff48aba5)
---
solr/docker/templates/Dockerfile.body.template | 33 +++++++++++++---------
.../templates/Dockerfile.official.header.template | 27 ++++++++----------
2 files changed, 30 insertions(+), 30 deletions(-)
diff --git a/solr/docker/templates/Dockerfile.body.template b/solr/docker/templates/Dockerfile.body.template
index 0bcdd1faee9..58b93ae86fa 100644
--- a/solr/docker/templates/Dockerfile.body.template
+++ b/solr/docker/templates/Dockerfile.body.template
@@ -26,20 +26,14 @@
#-#
#-#
-# add symlink to /opt/solr, remove what we don't want.
-# Remove the Dockerfile because it might not represent the dockerfile that was used to generate the image.
-RUN set -ex; \
- (cd /opt; ln -s solr-*/ solr); \
- rm -Rf /opt/solr/docs /opt/solr/docker/Dockerfile;
-
-LABEL maintainer="The Apache Solr Project"
-LABEL url="https://solr.apache.org"
-LABEL repository="https://github.com/apache/solr"
-
-RUN set -ex; \
- apt-get update; \
- apt-get -y install acl dirmngr lsof procps wget netcat gosu tini jattach; \
- rm -rf /var/lib/apt/lists/*;
+LABEL org.opencontainers.image.title="Apache Solr"
+LABEL org.opencontainers.image.description="Apache Solr is the popular, blazing-fast, open source search platform built on Apache Lucene."
+LABEL org.opencontainers.image.authors="The Apache Solr Project"
+LABEL org.opencontainers.image.url="https://solr.apache.org"
+LABEL org.opencontainers.image.source="https://github.com/apache/solr"
+LABEL org.opencontainers.image.documentation="https://solr.apache.org/guide/"
+LABEL org.opencontainers.image.version="${SOLR_VERSION}"
+LABEL org.opencontainers.image.licenses="Apache-2.0"
ENV SOLR_USER="solr" \
SOLR_UID="8983" \
@@ -57,6 +51,12 @@ RUN set -ex; \
groupadd -r --gid "$SOLR_GID" "$SOLR_GROUP"; \
useradd -r --uid "$SOLR_UID" --gid "$SOLR_GID" "$SOLR_USER"
+# add symlink to /opt/solr, remove what we don't want.
+# Remove the Dockerfile because it might not represent the dockerfile that was used to generate the image.
+RUN set -ex; \
+ (cd /opt; ln -s solr-*/ solr); \
+ rm -Rf /opt/solr/docs /opt/solr/docker/Dockerfile;
+
RUN set -ex; \
mkdir -p /opt/solr/server/solr/lib /docker-entrypoint-initdb.d; \
cp /opt/solr/bin/solr.in.sh /etc/default/solr.in.sh; \
@@ -68,6 +68,11 @@ RUN set -ex; \
ln -s /opt/solr/modules /opt/solr/contrib; \
ln -s /opt/solr/prometheus-exporter /opt/solr/modules/prometheus-exporter;
+RUN set -ex; \
+ apt-get update; \
+ apt-get -y install acl dirmngr lsof procps wget netcat gosu tini jattach; \
+ rm -rf /var/lib/apt/lists/*;
+
VOLUME /var/solr
EXPOSE 8983
WORKDIR /opt/solr
diff --git a/solr/docker/templates/Dockerfile.official.header.template b/solr/docker/templates/Dockerfile.official.header.template
index 4715907baad..413f5112f2f 100644
--- a/solr/docker/templates/Dockerfile.official.header.template
+++ b/solr/docker/templates/Dockerfile.official.header.template
@@ -22,7 +22,6 @@
FROM _REPLACE_BASE_IMAGE_
# TODO: remove things that exist solely for downstream specialization since Dockerfile.local now exists for that
-# TODO: replace 3rd party keyservers with official Apache Solr KEYS url
ARG SOLR_VERSION="_REPLACE_SOLR_VERSION_"
ARG SOLR_SHA512="_REPLACE_SOLR_TGZ_SHA_"
@@ -44,26 +43,22 @@ ARG SOLR_ARCHIVE_URL="https://archive.apache.org/dist/solr/solr/$SOLR_VERSION/so
RUN set -ex; \
apt-get update; \
- apt-get -y install wget gpg; \
+ apt-get -y install wget gpg dirmngr; \
rm -rf /var/lib/apt/lists/*; \
export GNUPGHOME="/tmp/gnupg_home"; \
mkdir -p "$GNUPGHOME"; \
chmod 700 "$GNUPGHOME"; \
echo "disable-ipv6" >> "$GNUPGHOME/dirmngr.conf"; \
- for key in $SOLR_KEYS; do \
- found=''; \
- for server in \
- pgp.mit.edu \
- keyserver.ubuntu.com \
- hkp://keyserver.ubuntu.com:80 \
- ; do \
- echo " trying $server for $key"; \
- gpg --batch --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$key" && found=yes && break; \
- gpg --batch --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$key" && found=yes && break; \
- done; \
- test -z "$found" && echo >&2 "error: failed to fetch $key from several disparate servers -- network issues?" && exit 1; \
- done; \
- MAX_REDIRECTS=2; \
+ if [ -n "$SOLR_KEYS" ]; then \
+ # Install all Solr GPG Keys to start
+ wget -nv "https://downloads.apache.org/solr/KEYS" -O- | \
+ gpg --batch --import --key-origin 'url,https://downloads.apache.org/solr/KEYS'; \
+ # Save just the release key
+ release_keys="$(gpg --batch --export -a ${SOLR_KEYS})"; \
+ rm -rf "$GNUPGHOME"/*; \
+ echo "${release_keys}" | gpg --batch --import; \
+ fi; \
+ MAX_REDIRECTS=3; \
if [ -n "$SOLR_DOWNLOAD_URL" ]; then \
# If a custom URL is defined, we download from non-ASF mirror URL and allow more redirects and skip GPG step
# This takes effect only if the SOLR_DOWNLOAD_URL build-arg is specified, typically in downstream Dockerfiles