bltuckerdevblog/Dockerfile

## Dockerfile
FROM openjdk:8-jdk

LABEL author="Brett Tucker"

LABEL version="1.0"

LABEL description="This image will use the pre boot and post boot payara scripts to add a \
    google cloud sql datasource to a payara server and then automatically deploy a given war file."


ARG CLOUD_SSL_KEY_PASSWORD_ARG

ARG CLOUD_SSL_STORE_PASSWORD_ARG

ARG PAYARA_ADMIN_PASSWORD_ARG

ARG CLOUD_SQL_PASSWORD_ARG

ARG CLOUD_SQL_JDBC_URL_ARG

ARG CLOUD_SQL_SERVER_NAME_ARG

ARG CLOUD_SQL_USERNAME_ARG


ENV PAYARA_ADMIN_PASSWORD $PAYARA_ADMIN_PASSWORD_ARG

ENV CLOUD_SSL_STORE_PASSWORD $CLOUD_SSL_STORE_PASSWORD_ARG

ENV CLOUD_SQL_PASSWORD $CLOUD_SQL_PASSWORD_ARG

ENV CLOUD_SQL_JDBC_URL $CLOUD_SQL_JDBC_URL_ARG

ENV CLOUD_SQL_SERVER_NAME $CLOUD_SQL_SERVER_NAME_ARG

ENV CLOUD_SQL_USERNAME $CLOUD_SQL_USERNAME_ARG

ENV CERT_DIRECTORY /opt/cloud-sql-certs


ADD payara.zip /opt/

RUN unzip /opt/payara.zip -d /opt

ADD mysql-connector.jar /opt/payara41/glassfish/lib/

RUN mkdir $CERT_DIRECTORY

ADD client-cert.pem $CERT_DIRECTORY

ADD client-key.pem $CERT_DIRECTORY

ADD server-ca.pem $CERT_DIRECTORY

RUN openssl pkcs12 -export -in ${CERT_DIRECTORY}/client-cert.pem -inkey ${CERT_DIRECTORY}/client-key.pem -out ${CERT_DIRECTORY}/gcloudsql.p12 -name gcloudsql -CAfile ${CERT_DIRECTORY}/server-ca.pem -caname gcloudsqlCA -passout env:CLOUD_SSL_STORE_PASSWORD

RUN keytool -importkeystore -deststorepass ${CLOUD_SSL_STORE_PASSWORD} -destkeypass ${CLOUD_SSL_KEY_PASSWORD_ARG} -destkeystore /opt/payara41/glassfish/domains/payaradomain/config/my-keystore.jks -srckeystore ${CERT_DIRECTORY}/gcloudsql.p12 -srcstoretype PKCS12 -srcstorepass ${CLOUD_SSL_STORE_PASSWORD} -alias gcloudsql

RUN openssl x509 -outform der -in ${CERT_DIRECTORY}/server-ca.pem -out server-ca.der

RUN keytool -import -noprompt -deststorepass changeit -alias gcloudCA -keystore /opt/payara41/glassfish/domains/payaradomain/config/cacerts.jks -file server-ca.der

ADD resource.xml /opt

RUN touch /tmp/changepassword.txt

RUN chmod 600 /tmp/changepassword.txt

RUN echo "AS_ADMIN_PASSWORD=\n" > /tmp/changepassword.txt

RUN echo "AS_ADMIN_NEWPASSWORD=$PAYARA_ADMIN_PASSWORD" >> /tmp/changepassword.txt

RUN touch /tmp/password.txt

RUN chmod 600 /tmp/password.txt

RUN echo "AS_ADMIN_PASSWORD=$PAYARA_ADMIN_PASSWORD" > /tmp/password.txt

EXPOSE 4848 8009 8080 8181

ADD preboot-script.txt /opt/

ADD postboot-script.txt /opt/

WORKDIR /opt/payara41/bin

ADD startup.sh .

RUN chmod a+x startup.sh

ADD application.war /opt/

ENTRYPOINT ./startup.sh
	FROM openjdk:8-jdk

	LABEL author="Brett Tucker"

	LABEL version="1.0"

	LABEL description="This image will use the pre boot and post boot payara scripts to add a \
	google cloud sql datasource to a payara server and then automatically deploy a given war file."



	ARG CLOUD_SSL_KEY_PASSWORD_ARG

	ARG CLOUD_SSL_STORE_PASSWORD_ARG

	ARG PAYARA_ADMIN_PASSWORD_ARG

	ARG CLOUD_SQL_PASSWORD_ARG

	ARG CLOUD_SQL_JDBC_URL_ARG

	ARG CLOUD_SQL_SERVER_NAME_ARG

	ARG CLOUD_SQL_USERNAME_ARG



	ENV PAYARA_ADMIN_PASSWORD $PAYARA_ADMIN_PASSWORD_ARG

	ENV CLOUD_SSL_STORE_PASSWORD $CLOUD_SSL_STORE_PASSWORD_ARG

	ENV CLOUD_SQL_PASSWORD $CLOUD_SQL_PASSWORD_ARG

	ENV CLOUD_SQL_JDBC_URL $CLOUD_SQL_JDBC_URL_ARG

	ENV CLOUD_SQL_SERVER_NAME $CLOUD_SQL_SERVER_NAME_ARG

	ENV CLOUD_SQL_USERNAME $CLOUD_SQL_USERNAME_ARG

	ENV CERT_DIRECTORY /opt/cloud-sql-certs



	ADD payara.zip /opt/

	RUN unzip /opt/payara.zip -d /opt

	ADD mysql-connector.jar /opt/payara41/glassfish/lib/

	RUN mkdir $CERT_DIRECTORY

	ADD client-cert.pem $CERT_DIRECTORY

	ADD client-key.pem $CERT_DIRECTORY

	ADD server-ca.pem $CERT_DIRECTORY

	RUN openssl pkcs12 -export -in ${CERT_DIRECTORY}/client-cert.pem -inkey ${CERT_DIRECTORY}/client-key.pem -out ${CERT_DIRECTORY}/gcloudsql.p12 -name gcloudsql -CAfile ${CERT_DIRECTORY}/server-ca.pem -caname gcloudsqlCA -passout env:CLOUD_SSL_STORE_PASSWORD

	RUN keytool -importkeystore -deststorepass ${CLOUD_SSL_STORE_PASSWORD} -destkeypass ${CLOUD_SSL_KEY_PASSWORD_ARG} -destkeystore /opt/payara41/glassfish/domains/payaradomain/config/my-keystore.jks -srckeystore ${CERT_DIRECTORY}/gcloudsql.p12 -srcstoretype PKCS12 -srcstorepass ${CLOUD_SSL_STORE_PASSWORD} -alias gcloudsql

	RUN openssl x509 -outform der -in ${CERT_DIRECTORY}/server-ca.pem -out server-ca.der

	RUN keytool -import -noprompt -deststorepass changeit -alias gcloudCA -keystore /opt/payara41/glassfish/domains/payaradomain/config/cacerts.jks -file server-ca.der

	ADD resource.xml /opt

	RUN touch /tmp/changepassword.txt

	RUN chmod 600 /tmp/changepassword.txt

	RUN echo "AS_ADMIN_PASSWORD=\n" > /tmp/changepassword.txt

	RUN echo "AS_ADMIN_NEWPASSWORD=$PAYARA_ADMIN_PASSWORD" >> /tmp/changepassword.txt

	RUN touch /tmp/password.txt

	RUN chmod 600 /tmp/password.txt

	RUN echo "AS_ADMIN_PASSWORD=$PAYARA_ADMIN_PASSWORD" > /tmp/password.txt

	EXPOSE 4848 8009 8080 8181

	ADD preboot-script.txt /opt/

	ADD postboot-script.txt /opt/

	WORKDIR /opt/payara41/bin

	ADD startup.sh .

	RUN chmod a+x startup.sh

	ADD application.war /opt/

	ENTRYPOINT ./startup.sh