external-software/github_OpenIdentityPlatform_OpenDJ.git

parent: 5bf62657 | patch | commit | show whitespace

vharseko

17.40.2022 c4d282a77ef7701d79db2226136bfbd8e147d95d

Docker refactoring (#229)

* DOCKER remove unused apk
* Docker refactoring
* FIX exclude Build package local where has MAVEN_USERNAME+MAVEN_PASSWORD

5 files modified

	.github/workflows/build.yml	71 ●●●●● patch \| view \| raw \| blame \| history
	.github/workflows/deploy.yml	9 ●●●●● patch \| view \| raw \| blame \| history
	.github/workflows/release.yml	69 ●●●●● patch \| view \| raw \| blame \| history
	opendj-packages/opendj-docker/Dockerfile	10 ●●●●● patch \| view \| raw \| blame \| history
	opendj-packages/opendj-docker/Dockerfile-alpine	8 ●●●●● patch \| view \| raw \| blame \| history

 .github/workflows/build.yml

@@ -1,4 +1,4 @@
name: Build Maven
name: Build

on:
  push:
@@ -7,8 +7,7 @@
    branches: [ master ]

jobs:
  build:
    name: Maven build
  build-maven:
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
@@ -62,7 +61,6 @@
            opendj-dsml-servlet/target/*.war
            opendj-rest2ldap-servlet/target/*.war
  build-docker:
    name: Docker build
    runs-on: 'ubuntu-latest'
    services:
      registry:
@@ -79,7 +77,7 @@
        run:   |
          git fetch -t; export git_version_last="$(git describe --abbrev=0 --tags)" ; echo "last release: $git_version_last"
          echo "release_version=$git_version_last" >> $GITHUB_ENV
      - name: Docker meta (default)
      - name: Docker meta
        id: meta
        uses: docker/metadata-action@v3
        with:
@@ -88,15 +86,6 @@
          tags: |
            type=raw,value=latest
            type=raw,value=${{ env.release_version }}
      - name: Docker meta (alpine)
        id: meta_alpine
        uses: docker/metadata-action@v3
        with:
          images: |
            localhost:5000/${{ github.repository }}
          tags: |
            type=raw,value=alpine
            type=raw,value=${{ env.release_version }}-alpine
      - name: Set up QEMU
        uses: docker/setup-qemu-action@v1
      - name: Set up Docker Buildx
@@ -118,12 +107,41 @@
      - name: Docker test
        shell: bash
        run: |
          export docker_image="localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}"
          echo "last release: ${{ env.release_version }}, docker image: ${docker_image}"
          docker run --rm -it -d --name=opendj_1 --health-cmd='/opt/opendj/bin/ldapsearch --hostname localhost --port 1636 --bindDN "cn=Directory Manager" --bindPassword password --useSsl --trustAll --baseDN "" --searchScope base "(objectClass=*)" 1.1 || /opt/opendj/bin/stop-ds || exit 1'  --health-retries=10 --health-timeout=10s ${docker_image}
          timeout 3m bash -c 'until docker inspect --format="{{json .State.Health.Status}}" opendj_1 | grep -q \"healthy\"; do sleep 10; done'
          docker stop opendj_1 || true
      - name: Build image (alpine)
          docker run --rm -it -d --name=test localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}
          timeout 3m bash -c 'until docker inspect --format="{{json .State.Health.Status}}" test | grep -q \"healthy\"; do sleep 10; done'
  build-docker-alpine:
    runs-on: 'ubuntu-latest'
    services:
      registry:
        image: registry:2
        ports:
          - 5000:5000
    steps:
      - uses: actions/checkout@v3
        with:
          fetch-depth: 0
          submodules: recursive
      - name: Get latest release version
        shell: bash
        run:   |
          git fetch -t; export git_version_last="$(git describe --abbrev=0 --tags)" ; echo "last release: $git_version_last"
          echo "release_version=$git_version_last" >> $GITHUB_ENV
      - name: Docker meta 
        id: meta
        uses: docker/metadata-action@v3
        with:
          images: |
            localhost:5000/${{ github.repository }}
          tags: |
            type=raw,value=alpine
            type=raw,value=${{ env.release_version }}-alpine
      - name: Set up QEMU
        uses: docker/setup-qemu-action@v1
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v1
        with:
          driver-opts: network=host
      - name: Build image
        continue-on-error: true
        uses: docker/build-push-action@v2
        with:
@@ -133,13 +151,10 @@
            VERSION=${{ env.release_version }}
          platforms: linux/amd64,linux/arm64/8, linux/s390x, linux/386, linux/arm/v7, linux/arm/v6, linux/ppc64le
          push: true
          tags: ${{ steps.meta_alpine.outputs.tags }}
          labels: ${{ steps.meta_alpine.outputs.labels }}
      - name: Docker alpine test
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
      - name: Docker test
        shell: bash
        run: |
          export docker_image="localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}-alpine"
          echo "last release: ${{ env.release_version }}, docker image: ${docker_image}"
          docker run --rm -it -d --name=opendj_alpine --health-cmd='/opt/opendj/bin/ldapsearch --hostname localhost --port 1636 --bindDN "cn=Directory Manager" --bindPassword password --useSsl --trustAll --baseDN "" --searchScope base "(objectClass=*)" 1.1 || /opt/opendj/bin/stop-ds || exit 1'  --health-retries=10 --health-timeout=10s ${docker_image}
          timeout 3m bash -c 'until docker inspect --format="{{json .State.Health.Status}}" opendj_alpine | grep -q \"healthy\"; do sleep 10; done'
          docker stop opendj_alpine || true
          docker run --rm -it -d --name=test localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}-alpine
          timeout 3m bash -c 'until docker inspect --format="{{json .State.Health.Status}}" test | grep -q \"healthy\"; do sleep 10; done'

 .github/workflows/deploy.yml

@@ -1,13 +1,12 @@
name: Package/Deploy Maven
name: Package/Deploy

on:
  workflow_run:
    branches: [ master ]
    workflows: ["Build Maven"]
    workflows: ["Build"]
    types: [completed]
jobs:
  deploy:
    name: Maven deploy
  deploy-maven:
    if: ${{ github.event.workflow_run.conclusion == 'success' }}
    runs-on: 'ubuntu-latest'
    steps:
@@ -53,6 +52,8 @@
           gpg --list-secret-keys --keyid-format LONG
      - name: Build package local
        env:
          MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
          MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}
          MAVEN_OPTS: -Dhttps.protocols=TLSv1.2 -Dmaven.wagon.httpconnectionManager.ttlSeconds=120 -Dmaven.wagon.http.retryHandler.requestSentEnabled=true -Dmaven.wagon.http.retryHandler.count=10
        if: ${{ !(github.event.workflow_run.event=='push' && env.MAVEN_USERNAME!='' && env.MAVEN_PASSWORD!='')}}
        run: mvn --batch-mode --errors --update-snapshots -Dgpg.passphrase=${{ secrets.GPG_PASSPHRASE }} package --file pom.xml

 .github/workflows/release.yml

@@ -1,4 +1,4 @@
name: Release Maven
name: Release

on:
  workflow_dispatch:
@@ -12,8 +12,7 @@
        required: true
        default: "X.Y.Z-SNAPSHOT"
jobs:
  release:
    name: Maven release
  release-maven:
    runs-on: 'ubuntu-latest'
    steps:
      - name: Print github context
@@ -113,14 +112,14 @@
    name: Docker release
    runs-on: 'ubuntu-latest'
    needs:
      - release
      - release-maven
    steps:
      - uses: actions/checkout@v3
        with:
          ref: ${{ github.event.inputs.releaseVersion }}
          fetch-depth: 1
          submodules: recursive
      - name: Docker meta (default)
      - name: Docker meta
        id: meta
        uses: docker/metadata-action@v3
        with:
@@ -130,8 +129,46 @@
          tags: |
            type=raw,value=latest
            type=raw,value=${{ github.event.inputs.releaseVersion }}
      - name: Docker meta (alpine)
        id: meta_alpine
      - name: Set up QEMU
        uses: docker/setup-qemu-action@v1
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v1
      - name: Login to DockerHub
        uses: docker/login-action@v1
        with:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_PASSWORD }}
      - name: Login to GHCR
        uses: docker/login-action@v1
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Build and push image
        uses: docker/build-push-action@v2
        continue-on-error: true
        with:
          context: ./opendj-packages/opendj-docker
          file: ./opendj-packages/opendj-docker/Dockerfile
          build-args: |
            VERSION=${{ github.event.inputs.releaseVersion }}
          platforms: linux/amd64,linux/arm64/8
          push: true
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
  release-docker-alpine:
    name: Docker release
    runs-on: 'ubuntu-latest'
    needs:
      - release-maven
    steps:
      - uses: actions/checkout@v3
        with:
          ref: ${{ github.event.inputs.releaseVersion }}
          fetch-depth: 1
          submodules: recursive
      - name: Docker meta
        id: meta
        uses: docker/metadata-action@v3
        with:
          images: |
@@ -155,19 +192,7 @@
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Build and push image (default)
        uses: docker/build-push-action@v2
        continue-on-error: true
        with:
          context: ./opendj-packages/opendj-docker
          file: ./opendj-packages/opendj-docker/Dockerfile
          build-args: |
            VERSION=${{ github.event.inputs.releaseVersion }}
          platforms: linux/amd64,linux/arm64/8
          push: true
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
      - name: Build and push image (alpine)
      - name: Build and push image
        continue-on-error: true
        uses: docker/build-push-action@v2
        with:
@@ -177,5 +202,5 @@
            VERSION=${{ github.event.inputs.releaseVersion }}
          platforms: linux/amd64,linux/arm64/8, linux/s390x, linux/386, linux/arm/v7, linux/arm/v6, linux/ppc64le
          push: true
          tags: ${{ steps.meta_alpine.outputs.tags }}
          labels: ${{ steps.meta_alpine.outputs.labels }}
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}

 opendj-packages/opendj-docker/Dockerfile

@@ -1,4 +1,4 @@
FROM openjdk:11-jre-slim
FROM openjdk:11

MAINTAINER Open Identity Platform Community <open-identity-platform-opendj@googlegroups.com>

@@ -20,10 +20,10 @@
WORKDIR /opt

RUN apt-get update \
 && apt-get install -y --no-install-recommends wget unzip \
 && wget --quiet https://github.com/OpenIdentityPlatform/OpenDJ/releases/download/$VERSION/opendj-$VERSION.zip \
 && apt-get install -y --no-install-recommends curl unzip \
 && curl -L https://github.com/OpenIdentityPlatform/OpenDJ/releases/download/$VERSION/opendj-$VERSION.zip --output opendj-$VERSION.zip \
 && unzip opendj-$VERSION.zip \
 && apt-get remove -y --purge unzip \
 && apt-get remove -y --purge curl unzip \
 && rm -rf /var/lib/apt/lists/* \
 && rm -r opendj-*.zip \
 && groupadd $OPENDJ_USER \
@@ -41,4 +41,6 @@

USER $OPENDJ_USER

HEALTHCHECK --interval=30s --timeout=30s --start-period=1s --retries=3 CMD opendj/bin/ldapsearch --hostname localhost --port 1636 --bindDN "$ROOT_USER_DN" --bindPassword $ROOT_PASSWORD --useSsl --trustAll --baseDN "$BASE_DN" --searchScope base "(objectClass=*)" 1.1 || exit 1

ENTRYPOINT ["/opt/opendj/run.sh"]

 opendj-packages/opendj-docker/Dockerfile-alpine

@@ -19,12 +19,14 @@

WORKDIR /opt

RUN apk add --update --no-cache --virtual builddeps wget unzip \
RUN apk add --update --no-cache --virtual builddeps curl unzip \
 && apk upgrade --update --no-cache \
 && apk add bash \
 && wget --quiet https://github.com/OpenIdentityPlatform/OpenDJ/releases/download/$VERSION/opendj-$VERSION.zip \
 && curl -L https://github.com/OpenIdentityPlatform/OpenDJ/releases/download/$VERSION/opendj-$VERSION.zip --output opendj-$VERSION.zip \
 && unzip opendj-$VERSION.zip \
 && apk del builddeps \
 && apk del curl \
 && apk del unzip \
 && rm -r opendj-$VERSION.zip \
 && addgroup -S $OPENDJ_USER \
 && adduser -S -u 1001 -G $OPENDJ_USER $OPENDJ_USER \
@@ -41,4 +43,6 @@

USER $OPENDJ_USER

HEALTHCHECK --interval=30s --timeout=30s --start-period=1s --retries=3 CMD opendj/bin/ldapsearch --hostname localhost --port 1636 --bindDN "$ROOT_USER_DN" --bindPassword $ROOT_PASSWORD --useSsl --trustAll --baseDN "$BASE_DN" --searchScope base "(objectClass=*)" 1.1 || exit 1

ENTRYPOINT ["/opt/opendj/run.sh"]

			@@ -1,4 +1,4 @@
			name: Build Maven
			name: Build

			on:
			push:
			@@ -7,8 +7,7 @@
			branches: [ master ]

			jobs:
			build:
			name: Maven build
			build-maven:
			runs-on: ${{ matrix.os }}
			strategy:
			matrix:
			@@ -62,7 +61,6 @@
			opendj-dsml-servlet/target/*.war
			opendj-rest2ldap-servlet/target/*.war
			build-docker:
			name: Docker build
			runs-on: 'ubuntu-latest'
			services:
			registry:
			@@ -79,7 +77,7 @@
			run: \|
			git fetch -t; export git_version_last="$(git describe --abbrev=0 --tags)" ; echo "last release: $git_version_last"
			echo "release_version=$git_version_last" >> $GITHUB_ENV
			- name: Docker meta (default)
			- name: Docker meta
			id: meta
			uses: docker/metadata-action@v3
			with:
			@@ -88,15 +86,6 @@
			tags: \|
			type=raw,value=latest
			type=raw,value=${{ env.release_version }}
			- name: Docker meta (alpine)
			id: meta_alpine
			uses: docker/metadata-action@v3
			with:
			images: \|
			localhost:5000/${{ github.repository }}
			tags: \|
			type=raw,value=alpine
			type=raw,value=${{ env.release_version }}-alpine
			- name: Set up QEMU
			uses: docker/setup-qemu-action@v1
			- name: Set up Docker Buildx
			@@ -118,12 +107,41 @@
			- name: Docker test
			shell: bash
			run: \|
			export docker_image="localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}"
			echo "last release: ${{ env.release_version }}, docker image: ${docker_image}"
			docker run --rm -it -d --name=opendj_1 --health-cmd='/opt/opendj/bin/ldapsearch --hostname localhost --port 1636 --bindDN "cn=Directory Manager" --bindPassword password --useSsl --trustAll --baseDN "" --searchScope base "(objectClass=*)" 1.1 \|\| /opt/opendj/bin/stop-ds \|\| exit 1' --health-retries=10 --health-timeout=10s ${docker_image}
			timeout 3m bash -c 'until docker inspect --format="{{json .State.Health.Status}}" opendj_1 \| grep -q \"healthy\"; do sleep 10; done'
			docker stop opendj_1 \|\| true
			- name: Build image (alpine)
			docker run --rm -it -d --name=test localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}
			timeout 3m bash -c 'until docker inspect --format="{{json .State.Health.Status}}" test \| grep -q \"healthy\"; do sleep 10; done'
			build-docker-alpine:
			runs-on: 'ubuntu-latest'
			services:
			registry:
			image: registry:2
			ports:
			- 5000:5000
			steps:
			- uses: actions/checkout@v3
			with:
			fetch-depth: 0
			submodules: recursive
			- name: Get latest release version
			shell: bash
			run: \|
			git fetch -t; export git_version_last="$(git describe --abbrev=0 --tags)" ; echo "last release: $git_version_last"
			echo "release_version=$git_version_last" >> $GITHUB_ENV
			- name: Docker meta
			id: meta
			uses: docker/metadata-action@v3
			with:
			images: \|
			localhost:5000/${{ github.repository }}
			tags: \|
			type=raw,value=alpine
			type=raw,value=${{ env.release_version }}-alpine
			- name: Set up QEMU
			uses: docker/setup-qemu-action@v1
			- name: Set up Docker Buildx
			uses: docker/setup-buildx-action@v1
			with:
			driver-opts: network=host
			- name: Build image
			continue-on-error: true
			uses: docker/build-push-action@v2
			with:
			@@ -133,13 +151,10 @@
			VERSION=${{ env.release_version }}
			platforms: linux/amd64,linux/arm64/8, linux/s390x, linux/386, linux/arm/v7, linux/arm/v6, linux/ppc64le
			push: true
			tags: ${{ steps.meta_alpine.outputs.tags }}
			labels: ${{ steps.meta_alpine.outputs.labels }}
			- name: Docker alpine test
			tags: ${{ steps.meta.outputs.tags }}
			labels: ${{ steps.meta.outputs.labels }}
			- name: Docker test
			shell: bash
			run: \|
			export docker_image="localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}-alpine"
			echo "last release: ${{ env.release_version }}, docker image: ${docker_image}"
			docker run --rm -it -d --name=opendj_alpine --health-cmd='/opt/opendj/bin/ldapsearch --hostname localhost --port 1636 --bindDN "cn=Directory Manager" --bindPassword password --useSsl --trustAll --baseDN "" --searchScope base "(objectClass=*)" 1.1 \|\| /opt/opendj/bin/stop-ds \|\| exit 1' --health-retries=10 --health-timeout=10s ${docker_image}
			timeout 3m bash -c 'until docker inspect --format="{{json .State.Health.Status}}" opendj_alpine \| grep -q \"healthy\"; do sleep 10; done'
			docker stop opendj_alpine \|\| true
			docker run --rm -it -d --name=test localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}-alpine
			timeout 3m bash -c 'until docker inspect --format="{{json .State.Health.Status}}" test \| grep -q \"healthy\"; do sleep 10; done'

			@@ -1,13 +1,12 @@
			name: Package/Deploy Maven
			name: Package/Deploy

			on:
			workflow_run:
			branches: [ master ]
			workflows: ["Build Maven"]
			workflows: ["Build"]
			types: [completed]
			jobs:
			deploy:
			name: Maven deploy
			deploy-maven:
			if: ${{ github.event.workflow_run.conclusion == 'success' }}
			runs-on: 'ubuntu-latest'
			steps:
			@@ -53,6 +52,8 @@
			gpg --list-secret-keys --keyid-format LONG
			- name: Build package local
			env:
			MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
			MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}
			MAVEN_OPTS: -Dhttps.protocols=TLSv1.2 -Dmaven.wagon.httpconnectionManager.ttlSeconds=120 -Dmaven.wagon.http.retryHandler.requestSentEnabled=true -Dmaven.wagon.http.retryHandler.count=10
			if: ${{ !(github.event.workflow_run.event=='push' && env.MAVEN_USERNAME!='' && env.MAVEN_PASSWORD!='')}}
			run: mvn --batch-mode --errors --update-snapshots -Dgpg.passphrase=${{ secrets.GPG_PASSPHRASE }} package --file pom.xml

			@@ -1,4 +1,4 @@
			name: Release Maven
			name: Release

			on:
			workflow_dispatch:
			@@ -12,8 +12,7 @@
			required: true
			default: "X.Y.Z-SNAPSHOT"
			jobs:
			release:
			name: Maven release
			release-maven:
			runs-on: 'ubuntu-latest'
			steps:
			- name: Print github context
			@@ -113,14 +112,14 @@
			name: Docker release
			runs-on: 'ubuntu-latest'
			needs:
			- release
			- release-maven
			steps:
			- uses: actions/checkout@v3
			with:
			ref: ${{ github.event.inputs.releaseVersion }}
			fetch-depth: 1
			submodules: recursive
			- name: Docker meta (default)
			- name: Docker meta
			id: meta
			uses: docker/metadata-action@v3
			with:
			@@ -130,8 +129,46 @@
			tags: \|
			type=raw,value=latest
			type=raw,value=${{ github.event.inputs.releaseVersion }}
			- name: Docker meta (alpine)
			id: meta_alpine
			- name: Set up QEMU
			uses: docker/setup-qemu-action@v1
			- name: Set up Docker Buildx
			uses: docker/setup-buildx-action@v1
			- name: Login to DockerHub
			uses: docker/login-action@v1
			with:
			username: ${{ secrets.DOCKER_USERNAME }}
			password: ${{ secrets.DOCKER_PASSWORD }}
			- name: Login to GHCR
			uses: docker/login-action@v1
			with:
			registry: ghcr.io
			username: ${{ github.repository_owner }}
			password: ${{ secrets.GITHUB_TOKEN }}
			- name: Build and push image
			uses: docker/build-push-action@v2
			continue-on-error: true
			with:
			context: ./opendj-packages/opendj-docker
			file: ./opendj-packages/opendj-docker/Dockerfile
			build-args: \|
			VERSION=${{ github.event.inputs.releaseVersion }}
			platforms: linux/amd64,linux/arm64/8
			push: true
			tags: ${{ steps.meta.outputs.tags }}
			labels: ${{ steps.meta.outputs.labels }}
			release-docker-alpine:
			name: Docker release
			runs-on: 'ubuntu-latest'
			needs:
			- release-maven
			steps:
			- uses: actions/checkout@v3
			with:
			ref: ${{ github.event.inputs.releaseVersion }}
			fetch-depth: 1
			submodules: recursive
			- name: Docker meta
			id: meta
			uses: docker/metadata-action@v3
			with:
			images: \|
			@@ -155,19 +192,7 @@
			registry: ghcr.io
			username: ${{ github.repository_owner }}
			password: ${{ secrets.GITHUB_TOKEN }}
			- name: Build and push image (default)
			uses: docker/build-push-action@v2
			continue-on-error: true
			with:
			context: ./opendj-packages/opendj-docker
			file: ./opendj-packages/opendj-docker/Dockerfile
			build-args: \|
			VERSION=${{ github.event.inputs.releaseVersion }}
			platforms: linux/amd64,linux/arm64/8
			push: true
			tags: ${{ steps.meta.outputs.tags }}
			labels: ${{ steps.meta.outputs.labels }}
			- name: Build and push image (alpine)
			- name: Build and push image
			continue-on-error: true
			uses: docker/build-push-action@v2
			with:
			@@ -177,5 +202,5 @@
			VERSION=${{ github.event.inputs.releaseVersion }}
			platforms: linux/amd64,linux/arm64/8, linux/s390x, linux/386, linux/arm/v7, linux/arm/v6, linux/ppc64le
			push: true
			tags: ${{ steps.meta_alpine.outputs.tags }}
			labels: ${{ steps.meta_alpine.outputs.labels }}
			tags: ${{ steps.meta.outputs.tags }}
			labels: ${{ steps.meta.outputs.labels }}

			@@ -1,4 +1,4 @@
			FROM openjdk:11-jre-slim
			FROM openjdk:11

			MAINTAINER Open Identity Platform Community <open-identity-platform-opendj@googlegroups.com>

			@@ -20,10 +20,10 @@
			WORKDIR /opt

			RUN apt-get update \
			&& apt-get install -y --no-install-recommends wget unzip \
			&& wget --quiet https://github.com/OpenIdentityPlatform/OpenDJ/releases/download/$VERSION/opendj-$VERSION.zip \
			&& apt-get install -y --no-install-recommends curl unzip \
			&& curl -L https://github.com/OpenIdentityPlatform/OpenDJ/releases/download/$VERSION/opendj-$VERSION.zip --output opendj-$VERSION.zip \
			&& unzip opendj-$VERSION.zip \
			&& apt-get remove -y --purge unzip \
			&& apt-get remove -y --purge curl unzip \
			&& rm -rf /var/lib/apt/lists/* \
			&& rm -r opendj-*.zip \
			&& groupadd $OPENDJ_USER \
			@@ -41,4 +41,6 @@

			USER $OPENDJ_USER

			HEALTHCHECK --interval=30s --timeout=30s --start-period=1s --retries=3 CMD opendj/bin/ldapsearch --hostname localhost --port 1636 --bindDN "$ROOT_USER_DN" --bindPassword $ROOT_PASSWORD --useSsl --trustAll --baseDN "$BASE_DN" --searchScope base "(objectClass=*)" 1.1 \|\| exit 1

			ENTRYPOINT ["/opt/opendj/run.sh"]

			@@ -19,12 +19,14 @@

			WORKDIR /opt

			RUN apk add --update --no-cache --virtual builddeps wget unzip \
			RUN apk add --update --no-cache --virtual builddeps curl unzip \
			&& apk upgrade --update --no-cache \
			&& apk add bash \
			&& wget --quiet https://github.com/OpenIdentityPlatform/OpenDJ/releases/download/$VERSION/opendj-$VERSION.zip \
			&& curl -L https://github.com/OpenIdentityPlatform/OpenDJ/releases/download/$VERSION/opendj-$VERSION.zip --output opendj-$VERSION.zip \
			&& unzip opendj-$VERSION.zip \
			&& apk del builddeps \
			&& apk del curl \
			&& apk del unzip \
			&& rm -r opendj-$VERSION.zip \
			&& addgroup -S $OPENDJ_USER \
			&& adduser -S -u 1001 -G $OPENDJ_USER $OPENDJ_USER \
			@@ -41,4 +43,6 @@

			USER $OPENDJ_USER

			HEALTHCHECK --interval=30s --timeout=30s --start-period=1s --retries=3 CMD opendj/bin/ldapsearch --hostname localhost --port 1636 --bindDN "$ROOT_USER_DN" --bindPassword $ROOT_PASSWORD --useSsl --trustAll --baseDN "$BASE_DN" --searchScope base "(objectClass=*)" 1.1 \|\| exit 1

			ENTRYPOINT ["/opt/opendj/run.sh"]