impr(optimization/refactor): Optimized Debian dockerfiles, Enhanced readability + Enhanced code structure. (@Ilolm)

debian/bookworm-slim/hotspot/Dockerfile

@@ -1,27 +1,39 @@
 ARG BOOKWORM_TAG=20241111
 
-FROM debian:bookworm-"${BOOKWORM_TAG}"-slim as jre-build
+######################################################
+#                   BUILD STAGE                      #
+######################################################
+FROM debian:bookworm-"${BOOKWORM_TAG}"-slim AS jre-build
 
 ARG JAVA_VERSION=17.0.13_11
 
 SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 
-COPY jdk-download-url.sh /usr/bin/jdk-download-url.sh
-COPY jdk-download.sh /usr/bin/jdk-download.sh
+COPY ["./jdk-download-url.sh", "./jdk-download.sh", "/usr/bin/"]
 
 RUN apt-get update \
-  && apt-get install --no-install-recommends -y \
-    ca-certificates \
-    curl \
-    jq \
-  && rm -rf /var/lib/apt/lists/* \
-  && /usr/bin/jdk-download.sh
+    && apt-get install --no-install-recommends -y \
+        ca-certificates \
+        curl \
+        jq \
+        && \
+
+    echo "Downloading jdk" \
+    && chmod +x /usr/bin/jdk-download.sh \
+    && /usr/bin/jdk-download.sh && \
+
+    echo "Cleaning up" \
+    && apt-get autoremove \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
 
 ENV PATH="/opt/jdk-${JAVA_VERSION}/bin:${PATH}"
 
-# Generate smaller java runtime without unneeded files
-# for now we include the full module path to maintain compatibility
-# while still saving space (approx 200mb from the full distribution)
+#--------------------------------------------------------------------#
+# Generate smaller java runtime without unneeded files               #
+# for now we include the full module path to maintain compatibility  #
+# while still saving space (approx 200mb from the full distribution) #
+#--------------------------------------------------------------------#
 RUN case "$(jlink --version 2>&1)" in \
       "17."*) set -- "--compress=2" ;; \
       # the compression argument is different for JDK21
@@ -36,37 +48,74 @@ RUN case "$(jlink --version 2>&1)" in \
       --no-header-files \
       --output /javaruntime
 
-FROM debian:bookworm-"${BOOKWORM_TAG}"-slim AS controller
 
-RUN apt-get update \
-  && apt-get install -y --no-install-recommends \
-    ca-certificates \
-    curl \
-    git \
-    gnupg \
-    gpg \
-    libfontconfig1 \
-    libfreetype6 \
-    procps \
-    ssh-client \
-    tini \
-    unzip \
-    tzdata \
-  && rm -rf /var/lib/apt/lists/*
-
-RUN curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh -o /tmp/script.deb.sh \
-  && bash /tmp/script.deb.sh \
-  && rm -f /tmp/script.deb.sh \
-  && apt-get install -y --no-install-recommends \
-    git-lfs \
-  && rm -rf /var/lib/apt/lists/* \
-  && git lfs install
+######################################################
+#               CONTROLLER STAGE                     #
+######################################################
+FROM debian:bookworm-"${BOOKWORM_TAG}"-slim AS controller
 
-ENV LANG=C.UTF-8
+#----------------------------------------------------#
+# jenkins version being bundled in this docker image #
+#----------------------------------------------------#
+ARG JENKINS_VERSION
+ENV JENKINS_VERSION=${JENKINS_VERSION:-2.479}
 
 ARG TARGETARCH
 ARG COMMIT_SHA
 
+#-----------------#
+# metadata labels #
+#-----------------#
+LABEL \
+    org.opencontainers.image.vendor="Jenkins project" \
+    org.opencontainers.image.title="Official Jenkins Docker image" \
+    org.opencontainers.image.description="The Jenkins Continuous Integration and Delivery server" \
+    org.opencontainers.image.version="${JENKINS_VERSION}" \
+    org.opencontainers.image.url="https://www.jenkins.io/" \
+    org.opencontainers.image.source="https://github.com/jenkinsci/docker" \
+    org.opencontainers.image.revision="${COMMIT_SHA}" \
+    org.opencontainers.image.licenses="MIT"
+
+#------------------------------#
+# Installing required packages #
+#------------------------------#
+RUN apt-get update \
+    && apt-get install -y --no-install-recommends \
+        ca-certificates \
+        curl \
+        git \
+        gnupg \
+        gpg \
+        libfontconfig1 \
+        libfreetype6 \
+        procps \
+        ssh-client \
+        tini \
+        unzip \
+        tzdata \
+        && \
+
+    echo "Cleaning up" \
+    && apt-get autoremove \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
+
+#--------------------#
+# Installing git-lfs #
+#--------------------#
+RUN curl -fsSL https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh -o /tmp/script.deb.sh \
+    && bash /tmp/script.deb.sh \
+    && rm -f /tmp/script.deb.sh \
+    && apt-get install -y --no-install-recommends git-lfs \
+    && git lfs install && \
+
+    echo "Cleaning up" \
+    && apt-get autoremove \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
+
+ENV LANG=C.UTF-8
+
 ARG user=jenkins
 ARG group=jenkins
 ARG uid=1000
@@ -80,39 +129,39 @@ ENV JENKINS_HOME=$JENKINS_HOME
 ENV JENKINS_SLAVE_AGENT_PORT=${agent_port}
 ENV REF=$REF
 
-# Jenkins is run with user `jenkins`, uid = 1000
-# If you bind mount a volume from the host or a data container,
-# ensure you use the same uid
+#---------------------------------------------------------------#
+# Jenkins is run with user `jenkins`, uid = 1000                #
+# If you bind mount a volume from the host or a data container, #
+# ensure you use the same uid(e.g. 1000)                        #
+#---------------------------------------------------------------#
 RUN mkdir -p $JENKINS_HOME \
-  && chown ${uid}:${gid} $JENKINS_HOME \
-  && groupadd -g ${gid} ${group} \
-  && useradd -d "$JENKINS_HOME" -u ${uid} -g ${gid} -l -m -s /bin/bash ${user}
-
-# Jenkins home directory is a volume, so configuration and build history
-# can be persisted and survive image upgrades
-VOLUME $JENKINS_HOME
-
-# $REF (defaults to `/usr/share/jenkins/ref/`) contains all reference configuration we want
-# to set on a fresh new installation. Use it to bundle additional plugins
-# or config file with your custom jenkins Docker image.
+    && chown ${uid}:${gid} $JENKINS_HOME \
+    && groupadd -g ${gid} ${group} \
+    && useradd -d "$JENKINS_HOME" -u ${uid} -g ${gid} -l -m -s /bin/bash ${user}
+
+#-----------------------------------------------------------------------------------#
+# $REF (defaults to `/usr/share/jenkins/ref/`) contains all reference configuration #
+# we want to set on a fresh new installation. Use it to bundle additional plugins   #
+# or config file with your custom jenkins Docker image.                             #
+#-----------------------------------------------------------------------------------#
 RUN mkdir -p ${REF}/init.groovy.d
 
-# jenkins version being bundled in this docker image
-ARG JENKINS_VERSION
-ENV JENKINS_VERSION=${JENKINS_VERSION:-2.479}
-
-# jenkins.war checksum, download will be validated using it
+#------------------------------------------------------------------------#
+# JENKINS_SHA: jenkins.war checksum, download will be validated using it #
+#-----------------------------------------------------------------------------#
+# JENKINS_URL: Can be used to customize where jenkins.war get downloaded from #
+#-----------------------------------------------------------------------------#
 ARG JENKINS_SHA=910ea36cef37c45087e39d65e335988e036fccea47c79cc5a52e721a10cb1b49
+ARG JENKINS_URL="https://repo.jenkins-ci.org/public/org/jenkins-ci/main/jenkins-war/${JENKINS_VERSION}/jenkins-war-${JENKINS_VERSION}.war"
 
-# Can be used to customize where jenkins.war get downloaded from
-ARG JENKINS_URL=https://repo.jenkins-ci.org/public/org/jenkins-ci/main/jenkins-war/${JENKINS_VERSION}/jenkins-war-${JENKINS_VERSION}.war
-
-# could use ADD but this one does not check Last-Modified header neither does it allow to control checksum
-# see https://github.com/docker/docker/issues/8331
+#----------------------------------------------------------------------------------------------------------#
+# could use ADD but this one does not check Last-Modified header neither does it allow to control checksum #
+# see https://github.com/docker/docker/issues/8331                                                         #
+#----------------------------------------------------------------------------------------------------------#
 RUN curl -fsSL ${JENKINS_URL} -o /usr/share/jenkins/jenkins.war \
-  && echo "${JENKINS_SHA}  /usr/share/jenkins/jenkins.war" >/tmp/jenkins_sha \
-  && sha256sum -c --strict /tmp/jenkins_sha \
-  && rm -f /tmp/jenkins_sha
+    && echo "${JENKINS_SHA}  /usr/share/jenkins/jenkins.war" >/tmp/jenkins_sha \
+    && sha256sum -c --strict /tmp/jenkins_sha \
+    && rm -f /tmp/jenkins_sha
 
 ENV JENKINS_UC=https://updates.jenkins.io
 ENV JENKINS_UC_EXPERIMENTAL=https://updates.jenkins.io/experimental
@@ -122,37 +171,32 @@ RUN chown -R ${user} "$JENKINS_HOME" "$REF"
 ARG PLUGIN_CLI_VERSION=2.13.2
 ARG PLUGIN_CLI_URL=https://github.com/jenkinsci/plugin-installation-manager-tool/releases/download/${PLUGIN_CLI_VERSION}/jenkins-plugin-manager-${PLUGIN_CLI_VERSION}.jar
 RUN curl -fsSL ${PLUGIN_CLI_URL} -o /opt/jenkins-plugin-manager.jar \
-  && echo "$(curl -fsSL "${PLUGIN_CLI_URL}.sha256")  /opt/jenkins-plugin-manager.jar" >/tmp/jenkins_sha \
-  && sha256sum -c --strict /tmp/jenkins_sha \
-  && rm -f /tmp/jenkins_sha
-
-# for main web interface:
-EXPOSE ${http_port}
-
-# will be used by attached agents:
-EXPOSE ${agent_port}
+    && echo "$(curl -fsSL "${PLUGIN_CLI_URL}.sha256")  /opt/jenkins-plugin-manager.jar" >/tmp/jenkins_sha \
+    && sha256sum -c --strict /tmp/jenkins_sha \
+    && rm -f /tmp/jenkins_sha
 
 ENV COPY_REFERENCE_FILE_LOG=$JENKINS_HOME/copy_reference_file.log
 
 ENV JAVA_HOME=/opt/java/openjdk
 ENV PATH="${JAVA_HOME}/bin:${PATH}"
+
 COPY --from=jre-build /javaruntime $JAVA_HOME
 
-USER ${user}
+COPY ["./jenkins-support", "./jenkins.sh", "/usr/local/bin/"]
+COPY ["./jenkins-plugin-cli.sh", "/bin/jenkins-plugin-cli"]
 
-COPY jenkins-support /usr/local/bin/jenkins-support
-COPY jenkins.sh /usr/local/bin/jenkins.sh
-COPY jenkins-plugin-cli.sh /bin/jenkins-plugin-cli
+#---------------------------------------------------------------#
+# Jenkins home directory is a volume, so configuration          #
+# and build history can be persisted and survive image upgrades #
+#---------------------------------------------------------------#
+VOLUME $JENKINS_HOME
 
-ENTRYPOINT ["/usr/bin/tini", "--", "/usr/local/bin/jenkins.sh"]
+#------------------------------------------#
+# ${http_port}:     for main web interface #
+#------------------------------------------#
+# ${agent_port}:    for attached agents    #
+#------------------------------------------#
+EXPOSE ${http_port} ${agent_port}
 
-# metadata labels
-LABEL \
-    org.opencontainers.image.vendor="Jenkins project" \
-    org.opencontainers.image.title="Official Jenkins Docker image" \
-    org.opencontainers.image.description="The Jenkins Continuous Integration and Delivery server" \
-    org.opencontainers.image.version="${JENKINS_VERSION}" \
-    org.opencontainers.image.url="https://www.jenkins.io/" \
-    org.opencontainers.image.source="https://github.com/jenkinsci/docker" \
-    org.opencontainers.image.revision="${COMMIT_SHA}" \
-    org.opencontainers.image.licenses="MIT"
+USER ${user}
+ENTRYPOINT ["/usr/bin/tini", "--", "/usr/local/bin/jenkins.sh"]