confluentinc · rahejaprince · Nov 16, 2025 · Nov 16, 2025 · Nov 16, 2025 · Nov 16, 2025
@@ -72,7 +72,8 @@ global_job_config:
       - export DOCKER_UPSTREAM_REGISTRY=$DOCKER_PROD_REGISTRY
       - export LATEST_TAG=$BRANCH_TAG-latest
       - export DOCKER_UPSTREAM_TAG="$LATEST_TAG"
-      - export DOCKER_REPOS="confluentinc/cp-base-java confluentinc/cp-base-new confluentinc/cp-base-lite confluentinc/cp-jmxterm"
+#      - export DOCKER_REPOS="confluentinc/cp-base-java confluentinc/cp-base-new confluentinc/cp-base-lite confluentinc/cp-jmxterm"
+      - export DOCKER_REPOS="confluentinc/cp-base-java"
       - export COMMUNITY_DOCKER_REPOS=""
       - |
         if [[ $SKIP_COMMUNITY == "True" ]]; then

@@ -0,0 +1,94 @@
+ARG UBI_MICRO_VERSION
+ARG UBI9_VERSION
+ARG TEMURIN_JDK_VERSION
+ARG DOCKER_UPSTREAM_REGISTRY
+ARG DOCKER_UPSTREAM_TAG
+ARG GOLANG_VERSION
+
+FROM docker.io/golang:${GOLANG_VERSION} AS build-ub-package-dedupe
+ENV GO_BIN="/go/bin"
+ARG CP_DOCKER_UTILS_VERSION
+
+RUN useradd --no-log-init --create-home --shell /bin/bash appuser
+
+RUN CGO_ENABLED=0 go install -ldflags="-w -s" github.com/confluentinc/cp-docker-utils/cmd/ub@${CP_DOCKER_UTILS_VERSION}
+
+RUN CGO_ENABLED=0 go install -ldflags="-w -s" github.com/confluentinc/cp-docker-utils/cmd/package_dedupe@${CP_DOCKER_UTILS_VERSION}
+
+FROM registry.access.redhat.com/ubi9:${UBI9_VERSION} AS jdk-builder
+ARG TEMURIN_JDK_VERSION
+ARG PROCPS_VERSION
+ARG CRYPTO_POLICIES_SCRIPTS_VERSION
+ARG FINDUTILS_VERSION
+ARG HOSTNAME_VERSION
+
+RUN printf "[temurin-jre] \n\
+name=temurin-jre \n\
+baseurl=https://adoptium.jfrog.io/artifactory/rpm/rhel/\$releasever/\$basearch \n\
+enabled=1 \n\
+gpgcheck=1 \n\
+gpgkey=https://adoptium.jfrog.io/artifactory/api/gpg/key/public \n\
+" > /etc/yum.repos.d/adoptium.repo
+
+RUN mkdir -p /microdir
+
+RUN echo "installing temurin-21-jre:${TEMURIN_JDK_VERSION}" \
+    && dnf install --installroot=/microdir --releasever=9 --setopt=install_weak_deps=False --nodocs -y \
+       temurin-21-jre${TEMURIN_JDK_VERSION} \
+       procps-ng${PROCPS_VERSION} \
+       crypto-policies-scripts${CRYPTO_POLICIES_SCRIPTS_VERSION} \
+       findutils${FINDUTILS_VERSION} \
+       hostname${HOSTNAME_VERSION} \
+       shadow-utils \
+    && dnf --installroot=/microdir clean all \
+    && rm -rf /microdir/var/cache/* /microdir/var/log/dnf* /microdir/var/log/yum.* \
+    && rm /etc/yum.repos.d/adoptium.repo
+
+RUN chroot /microdir useradd --no-log-init --create-home --shell /bin/bash appuser
+
+FROM registry.access.redhat.com/ubi9-micro:${UBI_MICRO_VERSION} AS REFRESH
+ARG PROJECT_VERSION
+ARG ARTIFACT_ID
+
+LABEL io.confluent.docker.git.repo="confluentinc/common-docker"
+
+ARG GIT_COMMIT
+LABEL io.confluent.docker.git.id=$GIT_COMMIT
+
+ARG BUILD_NUMBER=-1
+LABEL io.confluent.docker.build.number=$BUILD_NUMBER
+
+LABEL maintainer="[email protected]"
+LABEL vendor="Confluent"
+LABEL version=$GIT_COMMIT
+LABEL release=$PROJECT_VERSION
+LABEL name=$ARTIFACT_ID
+LABEL summary="Common base image for new Confluent ultra-lightweight Docker images based on ubi9-micro."
+LABEL description="Common base image for Confluent ultra-lightweight Docker images based on ubi9-micro."
+LABEL io.confluent.docker=true
+
+ENV LANG="C.UTF-8"
+ENV USE_LOG4J_2="True"
+
+COPY --from=jdk-builder /microdir/ /
+
+RUN mkdir -p /etc/confluent/docker /usr/logs /licenses \
+    && chown appuser:appuser -R /etc/confluent/ /usr/logs
+
+RUN update-crypto-policies --set FIPS
+
+COPY license.txt /licenses
+COPY --from=build-ub-package-dedupe /go/bin/package_dedupe /usr/bin/package_dedupe
+COPY --from=build-ub-package-dedupe /go/bin/ub /usr/bin/ub
+
+COPY --chown=appuser:appuser target/${ARTIFACT_ID}-${PROJECT_VERSION}-package/share/doc/* /usr/share/doc/${ARTIFACT_ID}/
+COPY --chown=appuser:appuser target/${ARTIFACT_ID}-${PROJECT_VERSION}-package/share/java/${ARTIFACT_ID}/* /usr/share/java/${ARTIFACT_ID}/
+COPY --chown=appuser:appuser include/etc/confluent/docker /etc/confluent/docker
+COPY --chown=appuser:appuser include/etc/cp-base-java-micro /etc/cp-base-java-micro
+
+RUN ln -s /usr/share/java/${ARTIFACT_ID} /usr/share/java/cp-base-new
+
+RUN find / -perm /6000 -type f -exec chmod a-s {} \; 2>/dev/null || true
+
+USER appuser
+WORKDIR /home/appuser
@@ -0,0 +1,23 @@
+#
+# Copyright 2018 Confluent Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -o nounset \
+    -o errexit
+
+# Trace may expose passwords/credentials by printing them to stdout, so turn on with care.
+if [ "${TRACE:-}" == "true" ]; then
+  set -o verbose \
+      -o xtrace
+fi
@@ -0,0 +1,27 @@
+#!/usr/bin/env bash
+
+set +o nounset
+
+if [ -z $SKIP_MESOS_AUTO_SETUP ]; then
+    if [ -n $MESOS_SANDBOX ] && [ -e $MESOS_SANDBOX/.ssl/scheduler.crt ] && [ -e $MESOS_SANDBOX/.ssl/scheduler.key ]; then
+        echo "Entering Mesos auto setup for Java SSL truststore. You should not see this if you are not on mesos ..."
+
+        openssl pkcs12 -export -in $MESOS_SANDBOX/.ssl/scheduler.crt -inkey $MESOS_SANDBOX/.ssl/scheduler.key \
+                       -out /tmp/keypair.p12 -name keypair \
+                       -CAfile $MESOS_SANDBOX/.ssl/ca-bundle.crt -caname root -passout pass:export
+
+        keytool -importkeystore \
+                -deststorepass changeit -destkeypass changeit -destkeystore /tmp/kafka-keystore.jks \
+                -srckeystore /tmp/keypair.p12 -srcstoretype PKCS12 -srcstorepass export \
+                -alias keypair
+
+        keytool -import \
+                -trustcacerts \
+                -alias root \
+                -file $MESOS_SANDBOX/.ssl/ca-bundle.crt \
+                -storepass changeit \
+                -keystore /tmp/kafka-truststore.jks -noprompt
+    fi
+fi
+
+set -o nounset
@@ -0,0 +1,18 @@
+Configuration:
+  Appenders:
+    Console:
+      name: stderr
+      target: SYSTEM_ERR
+      PatternLayout:
+        pattern: "%m%n"
+
+  Loggers:
+    Root:
+      level: OFF
+    Logger:
+      - name: org.apache.kafka
+        level: ERROR
+      - name: io.confluent.admin.utils
+        level: INFO
+        AppenderRef:
+          - ref: stderr
@@ -0,0 +1 @@
+Copyright 2023 Confluent, Inc.
@@ -0,0 +1,170 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--~
+  ~ Copyright 2017 Confluent Inc.
+  ~
+  ~ Licensed under the Apache License, Version 2.0 (the "License");
+  ~ you may not use this file except in compliance with the License.
+  ~ You may obtain a copy of the License at
+  ~
+  ~ http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing, software
+  ~ distributed under the License is distributed on an "AS IS" BASIS,
+  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~ See the License for the specific language governing permissions and
+  ~ limitations under the License.
+  ~-->
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+
+    <modelVersion>4.0.0</modelVersion>
+
+    <parent>
+        <groupId>io.confluent</groupId>
+        <artifactId>common-docker</artifactId>
+        <version>8.1.1-0</version>
+    </parent>
+
+    <packaging>pom</packaging>
+
+    <artifactId>cp-base-java-micro</artifactId>
+
+    <description>Base for new Confluent ultra-lightweight Docker images based on ubi9-micro</description>
+    <name>${project.artifactId}</name>
+
+    <properties>
+        <docker.skip-build>false</docker.skip-build>
+        <docker.skip-test>false</docker.skip-test>
+        <docker.pull-image>true</docker.pull-image>
+        <docker.file>Dockerfile.ubi9</docker.file>
+    </properties>
+
+    <dependencies>
+        <dependency>
+            <groupId>io.confluent</groupId>
+            <artifactId>utility-belt</artifactId>
+            <version>${io.confluent.common-docker.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>junit</groupId>
+            <artifactId>junit</artifactId>
+            <version>${junit.version}</version>
+            <scope>test</scope>
+        </dependency>
+
+        <dependency>
+            <groupId>org.jolokia</groupId>
+            <artifactId>jolokia-jvm</artifactId>
+            <version>${jolokia-jvm.version}</version>
+        </dependency>
+
+        <dependency>
+            <groupId>io.prometheus.jmx</groupId>
+            <artifactId>jmx_prometheus_javaagent</artifactId>
+            <version>${jmx_prometheus_javaagent.version}</version>
+        </dependency>
+
+        <dependency>
+            <groupId>io.confluent</groupId>
+            <artifactId>disk-usage-agent</artifactId>
+            <version>${io.confluent.common.version}</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.slf4j</groupId>
+                    <artifactId>slf4j-log4j12</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-reload4j</artifactId>
+        </dependency>
+
+        <dependency>
+            <groupId>org.apache.logging.log4j</groupId>
+            <artifactId>log4j-slf4j-impl</artifactId>
+        </dependency>
+
+        <dependency>
+            <groupId>io.confluent</groupId>
+            <artifactId>logredactor</artifactId>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <plugins>
+            <plugin>
+                <artifactId>maven-resources-plugin</artifactId>
+                <version>${maven-resources-plugin.version}</version>
+                <executions>
+                    <execution>
+                        <id>copy-resources</id>
+                        <phase>compile</phase>
+                        <goals>
+                            <goal>copy-resources</goal>
+                        </goals>
+                        <configuration>
+                            <overwrite>true</overwrite>
+                            <outputDirectory>target</outputDirectory>
+                            <resources>
+                                <resource>
+                                    <directory>${basedir}/../docker-utils/target</directory>
+                                    <includes>
+                                        <include>docker-utils-${CONFLUENT_VERSION}-jar-with-dependencies.jar</include>
+                                    </includes>
+                                </resource>
+                            </resources>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>
+            <plugin>
+                <groupId>com.spotify</groupId>
+                <artifactId>dockerfile-maven-plugin</artifactId>
+                <configuration>
+                    <buildArgs>
+                        <UBI_MICRO_VERSION>${ubi9-micro.image.version}</UBI_MICRO_VERSION>
+                        <UBI9_VERSION>${ubi9.image.version}</UBI9_VERSION>
+                        <TEMURIN_JDK_VERSION>-${ubi9-minimal.temurin-21-jdk.version}</TEMURIN_JDK_VERSION>
+                        <PROCPS_VERSION>-${ubi9-minimal.procps-ng.version}</PROCPS_VERSION>
+                        <SKIP_SECURITY_UPDATE_CHECK>${docker.skip-security-update-check}</SKIP_SECURITY_UPDATE_CHECK>
+                        <GOLANG_VERSION>${golang.image.version}</GOLANG_VERSION>
+                        <CRYPTO_POLICIES_SCRIPTS_VERSION>-${ubi9-minimal.crypto-policies-scripts.version}</CRYPTO_POLICIES_SCRIPTS_VERSION>
+                        <FINDUTILS_VERSION>-${ubi9-minimal.findutils.version}</FINDUTILS_VERSION>
+                        <HOSTNAME_VERSION>-${ubi9-minimal.hostname.version}</HOSTNAME_VERSION>
+                        <CP_DOCKER_UTILS_VERSION>${git-repo.cp-docker-utils.tag}</CP_DOCKER_UTILS_VERSION>
+                    </buildArgs>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>io.fabric8</groupId>
+                <artifactId>docker-maven-plugin</artifactId>
+                <version>0.43.4</version>
+                <configuration>
+                    <images>
+                        <image>
+                            <build>
+                                <args>
+                                    <UBI_MICRO_VERSION>${ubi9-micro.image.version}</UBI_MICRO_VERSION>
+                                    <UBI9_VERSION>${ubi9.image.version}</UBI9_VERSION>
+                                    <TEMURIN_JDK_VERSION>-${ubi9-minimal.temurin-21-jdk.version}</TEMURIN_JDK_VERSION>
+                                    <PROCPS_VERSION>-${ubi9-minimal.procps-ng.version}</PROCPS_VERSION>
+                                    <SKIP_SECURITY_UPDATE_CHECK>
+                                        ${docker.skip-security-update-check}
+                                    </SKIP_SECURITY_UPDATE_CHECK>
+                                    <GOLANG_VERSION>${golang.image.version}</GOLANG_VERSION>
+                                    <CRYPTO_POLICIES_SCRIPTS_VERSION>-${ubi9-minimal.crypto-policies-scripts.version}</CRYPTO_POLICIES_SCRIPTS_VERSION>
+                                    <FINDUTILS_VERSION>-${ubi9-minimal.findutils.version}</FINDUTILS_VERSION>
+                                    <HOSTNAME_VERSION>-${ubi9-minimal.hostname.version}</HOSTNAME_VERSION>
+                                    <CP_DOCKER_UTILS_VERSION>${git-repo.cp-docker-utils.tag}</CP_DOCKER_UTILS_VERSION>
+                                </args>
+                            </build>
+                        </image>
+                    </images>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+</project>
@@ -0,0 +1 @@
+git+https://github.com/confluentinc/[email protected]
@@ -0,0 +1,23 @@
+from setuptools import setup
+
+
+setup(
+    name='common-tests',
+    version='4.1.0',
+
+    author="Confluent, Inc.",
+
+    description='Docker image tests',
+
+    url="https://github.com/confluentinc/common",
+
+    dependency_links=open('requirements.txt').read().split("\n"),
+
+    packages=['test'],
+
+    include_package_data=True,
+
+    python_requires='>=2.7',
+    setup_requires=['setuptools-git'],
+
+)
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		git+https://github.com/confluentinc/[email protected]