0

The below image couldn't be built because this image doesn't support shell form and supports only exec form, hence RUN as well as ENTRYPOINT support only vector form. Please suggest how to build the exact image as it is important to use this one.

FROM gcr.io/distroless/java:8

RUN apt-get update && apt-get install -y --no-install-recommends \
    curl \
    && rm -rf /aaa/bbb/*

COPY target/${JAR_FILE} /xyz/yy.jar
ENTRYPOINT exec java $JAVA_OPTS -Djdk.tls.client.protocols="tls" -jar /xyz/yy.jar $0 $@

Also, When I try to specify RUN in vector form I get "exec: "apt-get" executable file not found in $PATH".

Improve this question
2
  • 1
    apt-get doesn't exist in gcr.io/distroless/java:8. In fact, the only useful executables that do are java and openssl - it doesn't even contain ls, cat, or even sh. Either directly COPY the executables you need, or consider using another base image. Commented May 21, 2021 at 8:08
  • Thank you @koorkevani How would I copy executables. Can I somehow simply get shell form in this image? Bcoz if that becomes possible then I won't have to change RUN and ENTRYPOINT from shell form to exec form. May be by using multi stage build? Commented May 21, 2021 at 11:10

1 Answer 1

Reset to default
1

The exec ... $@ use seems a bit strange here...

ENTRYPOINT is configuring your container to run as the executable, allowing your CMD to provide default arguments to your executable, so the use of $0 $@ is 100% unnecessary.

Although I don't have any Java lying around to use, something like this should in theory work:

ARG JAR_FILE=build/*.jar

FROM gcr.io/distroless/java:8

RUN export DEBIAN_FRONTEND=noninteractive \
    && apt-get update \
    && apt-get install -qqy --no-install-recommends \
      curl \
    && rm -rf /var/lib/apt/lists/*```

COPY ${JAR_FILE} app.jar

ENV JAVA_OPTS="-Djdk.tls.client.protocols=tls"

ENTRYPOINT ["java", "-jar", "$JAVA_OPTS", "-jar", "app.jar"]

# By providing an entrypoint above, your CMD can optionally define any default
# arguments you might want to fallback to.
# CMD [ "--java", "--things" ]

The preferred usage however is to leverage your CMD as the exec and not include the ENTRYPOINT in this type of use at all. Then, your entirely CMD is customizable and you can remove the need for $JAVA_OPTS:

ARG JAR_FILE=build/*.jar

FROM gcr.io/distroless/java:8

RUN export DEBIAN_FRONTEND=noninteractive \
    && apt-get update \
    && apt-get install -qqy --no-install-recommends \
      curl \
    && rm -rf /var/lib/apt/lists/*```

COPY ${JAR_FILE} app.jar

ENV JAVA_OPTS="-Djdk.tls.client.protocols=tls"

# By providing an entrypoint above, your CMD can optionally define any default
# arguments you might want to fallback to.
CMD ["java", "-jar", "$JAVA_OPTS", "-jar", "app.jar"]

If you did keep it the same, an additional change I made was moving your JAVA_OPTS to an ARG. The simple rule of thumb here is: ARG is for build, ENV is for runtime.

Warning: The above over simplification is overly simple.

But, this would change your build command (if you needed to overwrite the JAR_FILE to this:

docker build -t jarjar/binks --build-arg JAR_FILE=another/file.jar .

And you would run it quite similarly:

JAVA_OPTS="-Djdk.tls.client.protocols='TLSv1,TLSv1.1' -Xms#G -Xmx#G" &&
docker run jarjar/binksjarjar/binks --args=here

I do encourage you to read further into both CMD and `ENTRYPOINT to understand the pros/cons of using them together/separately.

Edit: Follow up

Unfortunately I wasn't actually able to run any of these before posting my answer, and reviewing the comment from koorkevani, that's 100% more the issue you're going to be running into over my feedback.

Take his answer and let us know if you run into any other issues :)

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Thanks @syntaqx Pardon me if I am asking very basic questions but I am new to docker world and command line as well. what I did is removed everything else and kept just below dockerfile: FROM gcr.io/distroless/java:8 ARG JAR_FILE COPY target/${JAR_FILE} /xyz/yy.jar ENTRYPOINT ["java", "$JAVA_OPTS", "-Djdk.tls.client.protocols=tls", "-jar", "/opt/witness.jar"]. and then just did just "docker run dockerRepoName". I got an error saying Could not find or load mail class $JAVA_OPTS. Also, I didn't understand why to give -jar infront of $JAVA_OPTS.Also,executed incorrect docker run cmd.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.