Even the upgrade to the (still supported) Tomcat 8.5 in a9a439310051256b79f0c1a5384ed536e16f544d
is not the latest version of 8.5, because the offfical Tomcat image seems to be no longer maintained in an alpine variant.
See docker-library/tomcat#158 and docker-library/tomcat#166.
Non-alpine altnerative: tomcat:8.5.47 amd64 linux : 231 MB
Alternative: bitnami/tomcat:8.5.41: 112 MB
Or Switch to 9 right away?
bitnami/tomcat:9.0.27: 105 MB
tomcat:9.0.27-jdk8-adoptopenjdk-hotspot : 157 MB
tomcat:9.0.27-jdk8-adoptopenjdk-openj9 : 169 MB
tomcat:9.0.27-jdk8-corretto : 198 MB
tomcat:9.0.27-jdk8-openjdk : 232 MB
The size is one argument for bitnami (because smeagol-galore ist 350MB already).
What's more, bitnami already implements security features that are implemented in smeagol-galore's Dockerfile. But Bitnami is probably more experienced in hardening Tomcat. So better rely on them.
Migrating to bitnami image means some changes, though. Path's in the image will change and the Env vars as well.
And: Bitnami tomcat 9 runs on JDK 11, which might cause problems with smeagol, CAS and even SCMv2.
drrmitep sh bitnami/tomcat:9.0.31-debian-10-r25 -c 'java --version
openjdk 11.0.6 2020-01-14
Even the upgrade to the (still supported) Tomcat 8.5 in a9a439310051256b79f0c1a5384ed536e16f544d is not the latest version of 8.5, because the offfical Tomcat image seems to be no longer maintained in an
alpine
variant. See docker-library/tomcat#158 and docker-library/tomcat#166.So: We need to switch to a different distro.
A short comparison created with docker-images-size:
For Tomcat 8.5
tomcat:8.5.41-jre8-alpine
: 71 MBtomcat:8.5.47 amd64 linux
: 231 MBbitnami/tomcat:8.5.41
: 112 MBOr Switch to 9 right away?
bitnami/tomcat:9.0.27
: 105 MBtomcat:9.0.27-jdk8-adoptopenjdk-hotspot
: 157 MBtomcat:9.0.27-jdk8-adoptopenjdk-openj9
: 169 MBtomcat:9.0.27-jdk8-corretto
: 198 MBtomcat:9.0.27-jdk8-openjdk
: 232 MBThe size is one argument for bitnami (because smeagol-galore ist 350MB already). What's more, bitnami already implements security features that are implemented in smeagol-galore's Dockerfile. But Bitnami is probably more experienced in hardening Tomcat. So better rely on them.
Migrating to bitnami image means some changes, though. Path's in the image will change and the Env vars as well. And: Bitnami tomcat 9 runs on JDK 11, which might cause problems with smeagol, CAS and even SCMv2.