From c3259531d81b2061c4a81d609d274550d383f9f2 Mon Sep 17 00:00:00 2001 From: Valera V Harseko Date: Tue, 23 Jun 2026 19:59:46 +0300 Subject: [PATCH 1/2] Modernize Docker images and broaden multi-arch build matrix - Dockerfile: bump base image eclipse-temurin:25-jre-jammy -> 25-jre-noble (Ubuntu 24.04) - Dockerfile-alpine: bump JDK openjdk17 -> openjdk25-jre to align the Alpine runtime with the Ubuntu JRE 25 image and enable linux/riscv64 - build.yml / release.yml: add linux/riscv64 to both the Ubuntu and Alpine docker build platforms - release.yml: add the CDDL license header linux/386 is intentionally not added: OpenIDM is compiled for Java 17+ (maven.compiler.target=17) and Alpine ships no Java 17+ build for 32-bit x86 (only openjdk11), so a 386 image cannot run OpenIDM. --- .github/workflows/build.yml | 4 ++-- .github/workflows/release.yml | 17 +++++++++++++++-- Dockerfile | 2 +- Dockerfile-alpine | 2 +- 4 files changed, 19 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index a8cd52449..2311dce21 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -304,7 +304,7 @@ jobs: file: ./Dockerfile build-args: | VERSION=${{ env.release_version }} - platforms: linux/amd64, linux/arm64/8, linux/ppc64le, linux/s390x #, linux/arm/v7 + platforms: linux/amd64, linux/arm64/8, linux/ppc64le, linux/s390x, linux/riscv64 #, linux/arm/v7 push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} @@ -352,7 +352,7 @@ jobs: file: ./Dockerfile-alpine build-args: | VERSION=${{ env.release_version }} - platforms: linux/amd64, linux/arm64/8, linux/s390x, linux/ppc64le + platforms: linux/amd64, linux/arm64/8, linux/s390x, linux/ppc64le, linux/riscv64 push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 77b061bca..419930073 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,3 +1,16 @@ +# The contents of this file are subject to the terms of the Common Development and +# Distribution License (the License). You may not use this file except in compliance with the +# License. +# +# You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the +# specific language governing permission and limitations under the License. +# +# When distributing Covered Software, include this CDDL Header Notice in each file and include +# the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL +# Header, with the fields enclosed by brackets [] replaced by your own identifying +# information: "Portions copyright [year] [name of copyright owner]". +# +# Copyright 2024-2026 3A Systems, LLC. name: Release on: @@ -153,7 +166,7 @@ jobs: file: ./Dockerfile build-args: | VERSION=${{ github.event.inputs.releaseVersion }} - platforms: linux/amd64, linux/arm64/8, linux/ppc64le, linux/s390x #, linux/arm/v7 + platforms: linux/amd64, linux/arm64/8, linux/ppc64le, linux/s390x, linux/riscv64 #, linux/arm/v7 push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} @@ -201,7 +214,7 @@ jobs: file: ./Dockerfile-alpine build-args: | VERSION=${{ github.event.inputs.releaseVersion }} - platforms: linux/amd64, linux/arm64/8, linux/s390x, linux/ppc64le + platforms: linux/amd64, linux/arm64/8, linux/s390x, linux/ppc64le, linux/riscv64 push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} diff --git a/Dockerfile b/Dockerfile index 9ea6cdbd4..4f48c3638 100644 --- a/Dockerfile +++ b/Dockerfile @@ -11,7 +11,7 @@ # information: "Portions copyright [year] [name of copyright owner]". # # Copyright 2024-2026 3A Systems, LLC. -FROM eclipse-temurin:25-jre-jammy +FROM eclipse-temurin:25-jre-noble LABEL org.opencontainers.image.authors="Open Identity Platform Community" diff --git a/Dockerfile-alpine b/Dockerfile-alpine index ef3731ff5..20349dd6d 100644 --- a/Dockerfile-alpine +++ b/Dockerfile-alpine @@ -24,7 +24,7 @@ WORKDIR /opt #COPY openidm-zip/target/openidm-*.zip ./ -RUN apk add --update --no-cache --virtual builddeps curl unzip libc6-compat openjdk17 \ +RUN apk add --update --no-cache --virtual builddeps curl unzip libc6-compat openjdk25-jre \ && apk upgrade --update --no-cache \ && apk add bash \ && apk update \ From 1b6934689365b3c4c90dceeb6e37b2237bdc9e97 Mon Sep 17 00:00:00 2001 From: Valera V Harseko Date: Tue, 23 Jun 2026 20:19:37 +0300 Subject: [PATCH 2/2] Print container logs in Docker test steps Add "docker logs test" as the final command of both Docker test steps (build-docker and build-docker-alpine) in build.yml, so the container output is captured in CI for easier diagnosis of failed health checks. --- .github/workflows/build.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 2311dce21..745762e0d 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -313,6 +313,7 @@ jobs: run: | docker run --rm -it -d --memory="1g" --name=test localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }} timeout 3m bash -c 'until docker inspect --format="{{json .State.Health.Status}}" test | grep -q \"healthy\"; do sleep 10; done' + docker logs test build-docker-alpine: runs-on: 'ubuntu-latest' services: @@ -361,3 +362,4 @@ jobs: run: | docker run --rm -it -d --memory="1g" --name=test localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}-alpine timeout 3m bash -c 'until docker inspect --format="{{json .State.Health.Status}}" test | grep -q \"healthy\"; do sleep 10; done' + docker logs test