From 6c386ede3706ca0bff2a65d6559e15497d8e4a30 Mon Sep 17 00:00:00 2001
From: Vincent Massol <vincent@massol.net>
Date: Wed, 1 Feb 2017 15:52:04 +0100
Subject: [PATCH] [Misc] Apply best practices as reported by yosifkit on
 https://github.com/docker-library/official-images/pull/2563#issuecomment-276541490
 * Removed the not needed sh files * Allow passing parameters to catalina.sh
 from the docker command line * Removed unnecessary apt upgrade + unncessary
 --force-yes option * Verify sha of xwiki war to make sure the right WAR is
 downloaded and avoid man in the middle attacks * Simplify the sed expression
 and do it in one step * Remove unnecessary EXPOSE (done by the tomcat image)
 * Install the MySQL JDBC driver using apt-get (libmysql-java package) instead
 of getting it directly from upstream

---
 xwiki-mysql-tomcat/Dockerfile                 | 32 ++++++-----------
 xwiki-mysql-tomcat/xwiki/docker-entrypoint.sh | 36 ++++++++++++++-----
 .../xwiki/xwiki-config-replace.sh             | 26 --------------
 xwiki-mysql-tomcat/xwiki/xwiki-set-cfg        | 25 -------------
 xwiki-mysql-tomcat/xwiki/xwiki-set-properties | 25 -------------
 5 files changed, 39 insertions(+), 105 deletions(-)
 delete mode 100755 xwiki-mysql-tomcat/xwiki/xwiki-config-replace.sh
 delete mode 100755 xwiki-mysql-tomcat/xwiki/xwiki-set-cfg
 delete mode 100755 xwiki-mysql-tomcat/xwiki/xwiki-set-properties

diff --git a/xwiki-mysql-tomcat/Dockerfile b/xwiki-mysql-tomcat/Dockerfile
index c1468a1..a853240 100644
--- a/xwiki-mysql-tomcat/Dockerfile
+++ b/xwiki-mysql-tomcat/Dockerfile
@@ -25,32 +25,29 @@ MAINTAINER Vincent Massol <vincent@massol.net>
 
 # Install LibreOffice + other tools
 RUN apt-get update && \
-  apt-get -y upgrade && \
-  apt-get --no-install-recommends -y --force-yes install \
+  apt-get --no-install-recommends -y install \
     curl \
     libreoffice \
-    unzip && \
+    unzip \
+    libmysql-java && \
   rm -rf /var/lib/apt/lists/*
 
 # Install XWiki as the ROOT webapp context in Tomcat
 # Create the Tomcat temporary directory
 # Configure the XWiki permanent directory
 ENV XWIKI_VERSION=8.4.4
+ENV XWIKI_URL_PREFIX "http://maven.xwiki.org/releases/org/xwiki/enterprise/xwiki-enterprise-web/${XWIKI_VERSION}"
+ENV XWIKI_DOWNLOAD_SHA256 b414edb4527e3d8b27c40a8c3f2f09423980de7963207b7dc89da71d14e7fb23
 RUN rm -rf /usr/local/tomcat/webapps/* && \
   mkdir -p /usr/local/tomcat/temp && \
   mkdir -p /usr/local/xwiki/data && \
-  curl -L "http://download.forge.ow2.org/xwiki/xwiki-enterprise-web-${XWIKI_VERSION}.war" -o xwiki.war && \ 
+  curl -fSL "${XWIKI_URL_PREFIX}/xwiki-enterprise-web-${XWIKI_VERSION}.war" -o xwiki.war && \
+  echo "$XWIKI_DOWNLOAD_SHA256 xwiki.war" | sha256sum -c - && \
   unzip -d /usr/local/tomcat/webapps/ROOT xwiki.war && \
   rm -f xwiki.war
 
-# Download the MySQL JDBC driver and install it in the XWiki webapp
-ENV MYSQL_DRIVER_VERSION=5.1.38
-RUN curl -L https://dev.mysql.com/get/Downloads/Connector-J/mysql-connector-java-${MYSQL_DRIVER_VERSION}.tar.gz \
-    -o mysql-connector-java-${MYSQL_DRIVER_VERSION}.tar.gz && \
-  tar xvf mysql-connector-java-${MYSQL_DRIVER_VERSION}.tar.gz \
-    mysql-connector-java-${MYSQL_DRIVER_VERSION}/mysql-connector-java-${MYSQL_DRIVER_VERSION}-bin.jar -O > \
-    /usr/local/tomcat/webapps/ROOT/WEB-INF/lib/mysql-connector-java-${MYSQL_DRIVER_VERSION}-bin.jar && \
-  rm -f mysql-connector-java-${MYSQL_DRIVER_VERSION}.tar.gz
+# Copy the MySQL JDBC driver in the XWiki webapp
+RUN cp /usr/share/java/mysql-connector-java-*.jar /usr/local/tomcat/webapps/ROOT/WEB-INF/lib/
 
 # Configure Tomcat. For example set the memory for the Tomcat JVM since the default value is too small for XWiki
 COPY tomcat/setenv.sh /usr/local/tomcat/bin/
@@ -60,25 +57,18 @@ ENV MYSQL_DATABASE=xwiki
 COPY xwiki/hibernate.cfg.xml /usr/local/tomcat/webapps/ROOT/WEB-INF/hibernate.cfg.xml
 
 # Set a specific distribution id in XWiki for this docker packaging.
-RUN sed "s/<id>org.xwiki.enterprise:xwiki-enterprise-web/<id>org.xwiki.enterprise:xwiki-enterprise-docker/" \
-    < /usr/local/tomcat/webapps/ROOT/META-INF/extension.xed > /usr/local/tomcat/webapps/ROOT/META-INF/extension2.xed && \
-  mv /usr/local/tomcat/webapps/ROOT/META-INF/extension2.xed /usr/local/tomcat/webapps/ROOT/META-INF/extension.xed
+RUN sed -i 's/<id>org.xwiki.enterprise:xwiki-enterprise-web/<id>org.xwiki.enterprise:xwiki-enterprise-docker/' \
+    /usr/local/tomcat/webapps/ROOT/META-INF/extension.xed
 
 # Add scripts required to make changes to XWiki configuration files at execution time
 # Note: we don't run CHMOD since 1) it's not required since the executabe bit is already set in git and 2) running
 # CHMOD after a COPY will sometimes fail, depending on different host-specific factors (especially on AUFS).
-COPY xwiki/xwiki-config-replace.sh /usr/local/bin/xwiki-config-replace.sh
-COPY xwiki/xwiki-set-cfg /usr/local/bin/xwiki-set-cfg
-COPY xwiki/xwiki-set-properties /usr/local/bin/xwiki-set-properties
 COPY xwiki/docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
 
 # Make the XWiki directory (the permanent directory is included in it) persist on the host (so that it's not recreated
 # across runs)
 VOLUME /var/lib/xwiki
 
-# Expose the Tomcat port
-EXPOSE 8080
-
 # At this point the image is done and what remains below are the runtime configuration used by the user to configure
 # the container that will be created out of the image. Namely the user can override some environment variables with
 #   docker run -e "var1=val1" -e "var2=val2" ...
diff --git a/xwiki-mysql-tomcat/xwiki/docker-entrypoint.sh b/xwiki-mysql-tomcat/xwiki/docker-entrypoint.sh
index d8ba210..a1f9367 100755
--- a/xwiki-mysql-tomcat/xwiki/docker-entrypoint.sh
+++ b/xwiki-mysql-tomcat/xwiki/docker-entrypoint.sh
@@ -26,23 +26,42 @@ function first_start() {
   touch /usr/local/xwiki/.first_start_completed
 }
 
+# $1 - the path to xwiki.[cfg|properties]
+# $2 - the setting/property to set
+# $3 - the new value
+function xwiki_replace() {
+  sed -i s~"\#\? \?$2 \?=.*"~"$2=$3"~g "$1"
+}
+
+# $1 - the setting/property to set
+# $2 - the new value
+function xwiki_set_cfg() {
+  xwiki_replace /usr/local/tomcat/webapps/ROOT/WEB-INF/xwiki.cfg "$1" "$2"
+}
+
+# $1 - the setting/property to set
+# $2 - the new value
+function xwiki_set_properties() {
+  xwiki_replace /usr/local/tomcat/webapps/ROOT/WEB-INF/xwiki.properties "$1" "$2"
+}
+
 function configure() {
   echo 'Configuring XWiki...'
   sed -i "s/replacemysqluser/${MYSQL_USERNAME:-xwiki}/g" /usr/local/tomcat/webapps/ROOT/WEB-INF/hibernate.cfg.xml
   sed -i "s/replacemysqlpassword/${MYSQL_PASSWORD:-xwiki}/g" /usr/local/tomcat/webapps/ROOT/WEB-INF/hibernate.cfg.xml
 
   echo '  Using filesystem-based attachments...'
-  xwiki-set-cfg 'xwiki.store.attachment.hint' 'file'
-  xwiki-set-cfg 'xwiki.store.attachment.versioning.hint' 'file'
-  xwiki-set-cfg 'xwiki.store.attachment.recyclebin.hint' 'file'
+  xwiki_set_cfg 'xwiki.store.attachment.hint' 'file'
+  xwiki_set_cfg 'xwiki.store.attachment.versioning.hint' 'file'
+  xwiki_set_cfg 'xwiki.store.attachment.recyclebin.hint' 'file'
   echo '  Generating authentication validation and encryption keys...'
-  xwiki-set-cfg 'xwiki.authentication.validationKey' "$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)"
-  xwiki-set-cfg 'xwiki.authentication.encryptionKey' "$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)"
+  xwiki_set_cfg 'xwiki.authentication.validationKey' "$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)"
+  xwiki_set_cfg 'xwiki.authentication.encryptionKey' "$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)"
 
   echo '  Setting permanent directory...'
-  xwiki-set-properties 'environment.permanentDirectory' '/usr/local/xwiki/data'
+  xwiki_set_properties 'environment.permanentDirectory' '/usr/local/xwiki/data'
   echo '  Configure libreoffice...'
-  xwiki-set-properties 'openoffice.autoStart' 'true'
+  xwiki_set_properties 'openoffice.autoStart' 'true'
 }
 
 # This if will check if the first argument is a flag but only works if all arguments require a hyphenated flag
@@ -56,7 +75,8 @@ if [ "$1" = 'xwiki' ]; then
   if [[ ! -f /usr/local/xwiki/.first_start_completed ]]; then
     first_start
   fi
-  /usr/local/tomcat/bin/catalina.sh run
+  shift
+  set -- catalina.sh run "$@"
 fi
 
 # Else default to run whatever the user wanted like "bash"
diff --git a/xwiki-mysql-tomcat/xwiki/xwiki-config-replace.sh b/xwiki-mysql-tomcat/xwiki/xwiki-config-replace.sh
deleted file mode 100755
index 82b62d0..0000000
--- a/xwiki-mysql-tomcat/xwiki/xwiki-config-replace.sh
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/bin/bash
-# ---------------------------------------------------------------------------
-# See the NOTICE file distributed with this work for additional
-# information regarding copyright ownership.
-#
-# This is free software; you can redistribute it and/or modify it
-# under the terms of the GNU Lesser General Public License as
-# published by the Free Software Foundation; either version 2.1 of
-# the License, or (at your option) any later version.
-#
-# This software is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser General Public License for more details.
-#
-# You should have received a copy of the GNU Lesser General Public
-# License along with this software; if not, write to the Free
-# Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-# 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-# ---------------------------------------------------------------------------
-
-# $1 - the path to xwiki.[cfg|properties]
-# $2 - the setting/property to set
-# $3 - the new value
-
-sed -i s~"\#\? \?$2 \?=.*"~"$2=$3"~g "$1"
\ No newline at end of file
diff --git a/xwiki-mysql-tomcat/xwiki/xwiki-set-cfg b/xwiki-mysql-tomcat/xwiki/xwiki-set-cfg
deleted file mode 100755
index a623a79..0000000
--- a/xwiki-mysql-tomcat/xwiki/xwiki-set-cfg
+++ /dev/null
@@ -1,25 +0,0 @@
-#!/bin/bash
-# ---------------------------------------------------------------------------
-# See the NOTICE file distributed with this work for additional
-# information regarding copyright ownership.
-#
-# This is free software; you can redistribute it and/or modify it
-# under the terms of the GNU Lesser General Public License as
-# published by the Free Software Foundation; either version 2.1 of
-# the License, or (at your option) any later version.
-#
-# This software is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser General Public License for more details.
-#
-# You should have received a copy of the GNU Lesser General Public
-# License along with this software; if not, write to the Free
-# Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-# 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-# ---------------------------------------------------------------------------
-
-# $1 - the setting/property to set
-# $2 - the new value
-
-xwiki-config-replace.sh /usr/local/tomcat/webapps/ROOT/WEB-INF/xwiki.cfg "$1" "$2"
\ No newline at end of file
diff --git a/xwiki-mysql-tomcat/xwiki/xwiki-set-properties b/xwiki-mysql-tomcat/xwiki/xwiki-set-properties
deleted file mode 100755
index 4ead840..0000000
--- a/xwiki-mysql-tomcat/xwiki/xwiki-set-properties
+++ /dev/null
@@ -1,25 +0,0 @@
-#!/bin/bash
-# ---------------------------------------------------------------------------
-# See the NOTICE file distributed with this work for additional
-# information regarding copyright ownership.
-#
-# This is free software; you can redistribute it and/or modify it
-# under the terms of the GNU Lesser General Public License as
-# published by the Free Software Foundation; either version 2.1 of
-# the License, or (at your option) any later version.
-#
-# This software is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser General Public License for more details.
-#
-# You should have received a copy of the GNU Lesser General Public
-# License along with this software; if not, write to the Free
-# Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-# 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-# ---------------------------------------------------------------------------
-
-# $1 - the setting/property to set
-# $2 - the new value
-
-xwiki-config-replace.sh /usr/local/tomcat/webapps/ROOT/WEB-INF/xwiki.properties "$1" "$2"
\ No newline at end of file
-- 
GitLab