Update tomcat #18225
Merged
Update tomcat #18225
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Changes: - docker-library/tomcat@f95862b: Merge pull request docker-library/tomcat#329 from infosiftr/11-17 - docker-library/tomcat@b5d947e: Add Java 17 to Tomcat 11.0 - docker-library/tomcat@a1c74a7: Merge pull request docker-library/tomcat#327 from infosiftr/KEYS - docker-library/tomcat@f92b352: Source PGP keys from upstream KEYS - docker-library/tomcat@87618e7: Simplify and update `verify-templating.yml`
Diff for d822eb0:diff --git a/_bashbrew-cat b/_bashbrew-cat
index cab5bf0..a66195a 100644
--- a/_bashbrew-cat
+++ b/_bashbrew-cat
@@ -3,180 +3,200 @@ GitRepo: https://github.com/docker-library/tomcat.git
Tags: 9.0.98-jdk8-corretto-al2, 9.0-jdk8-corretto-al2, 9-jdk8-corretto-al2, 9.0.98-jdk8-corretto, 9.0-jdk8-corretto, 9-jdk8-corretto
Architectures: amd64, arm64v8
-GitCommit: 3473b76f4f050aff1529e0a585894b2140adc5a7
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 9.0/jdk8/corretto-al2
Tags: 9.0.98-jdk8-temurin-jammy, 9.0-jdk8-temurin-jammy, 9-jdk8-temurin-jammy
Architectures: amd64, arm32v7, arm64v8, ppc64le
-GitCommit: 3473b76f4f050aff1529e0a585894b2140adc5a7
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 9.0/jdk8/temurin-jammy
Tags: 9.0.98-jdk8-temurin-noble, 9.0-jdk8-temurin-noble, 9-jdk8-temurin-noble, 9.0.98-jdk8-temurin, 9.0-jdk8-temurin, 9-jdk8-temurin, 9.0.98-jdk8, 9.0-jdk8, 9-jdk8
Architectures: amd64, arm32v7, arm64v8, ppc64le
-GitCommit: 3473b76f4f050aff1529e0a585894b2140adc5a7
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 9.0/jdk8/temurin-noble
Tags: 9.0.98-jdk11-corretto-al2, 9.0-jdk11-corretto-al2, 9-jdk11-corretto-al2, 9.0.98-jdk11-corretto, 9.0-jdk11-corretto, 9-jdk11-corretto
Architectures: amd64, arm64v8
-GitCommit: 3473b76f4f050aff1529e0a585894b2140adc5a7
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 9.0/jdk11/corretto-al2
Tags: 9.0.98-jdk11-temurin-jammy, 9.0-jdk11-temurin-jammy, 9-jdk11-temurin-jammy
Architectures: amd64, arm32v7, arm64v8, ppc64le, s390x
-GitCommit: 3473b76f4f050aff1529e0a585894b2140adc5a7
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 9.0/jdk11/temurin-jammy
Tags: 9.0.98-jdk11-temurin-noble, 9.0-jdk11-temurin-noble, 9-jdk11-temurin-noble, 9.0.98-jdk11-temurin, 9.0-jdk11-temurin, 9-jdk11-temurin, 9.0.98-jdk11, 9.0-jdk11, 9-jdk11
Architectures: amd64, arm32v7, arm64v8, ppc64le, s390x
-GitCommit: 3473b76f4f050aff1529e0a585894b2140adc5a7
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 9.0/jdk11/temurin-noble
Tags: 9.0.98-jdk17-corretto-al2, 9.0-jdk17-corretto-al2, 9-jdk17-corretto-al2, 9.0.98-jdk17-corretto, 9.0-jdk17-corretto, 9-jdk17-corretto
Architectures: amd64, arm64v8
-GitCommit: 3473b76f4f050aff1529e0a585894b2140adc5a7
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 9.0/jdk17/corretto-al2
Tags: 9.0.98-jdk17-temurin-jammy, 9.0-jdk17-temurin-jammy, 9-jdk17-temurin-jammy
Architectures: amd64, arm32v7, arm64v8, ppc64le, s390x
-GitCommit: 3473b76f4f050aff1529e0a585894b2140adc5a7
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 9.0/jdk17/temurin-jammy
Tags: 9.0.98-jdk17-temurin-noble, 9.0-jdk17-temurin-noble, 9-jdk17-temurin-noble, 9.0.98-jdk17-temurin, 9.0-jdk17-temurin, 9-jdk17-temurin, 9.0.98-jdk17, 9.0-jdk17, 9-jdk17
Architectures: amd64, arm32v7, arm64v8, ppc64le, riscv64, s390x
-GitCommit: 3473b76f4f050aff1529e0a585894b2140adc5a7
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 9.0/jdk17/temurin-noble
Tags: 9.0.98-jdk21-corretto-al2, 9.0-jdk21-corretto-al2, 9-jdk21-corretto-al2, 9.0.98-jdk21-corretto, 9.0-jdk21-corretto, 9-jdk21-corretto
Architectures: amd64, arm64v8
-GitCommit: 3473b76f4f050aff1529e0a585894b2140adc5a7
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 9.0/jdk21/corretto-al2
Tags: 9.0.98-jdk21-temurin-jammy, 9.0-jdk21-temurin-jammy, 9-jdk21-temurin-jammy
Architectures: amd64, arm64v8, ppc64le, s390x
-GitCommit: 3473b76f4f050aff1529e0a585894b2140adc5a7
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 9.0/jdk21/temurin-jammy
Tags: 9.0.98-jdk21-temurin-noble, 9.0-jdk21-temurin-noble, 9-jdk21-temurin-noble, 9.0.98-jdk21-temurin, 9.0-jdk21-temurin, 9-jdk21-temurin, 9.0.98-jdk21, 9.0-jdk21, 9-jdk21, 9.0.98, 9.0, 9
Architectures: amd64, arm64v8, ppc64le, riscv64, s390x
-GitCommit: 3473b76f4f050aff1529e0a585894b2140adc5a7
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 9.0/jdk21/temurin-noble
Tags: 9.0.98-jre8-temurin-jammy, 9.0-jre8-temurin-jammy, 9-jre8-temurin-jammy
Architectures: amd64, arm32v7, arm64v8, ppc64le
-GitCommit: 3473b76f4f050aff1529e0a585894b2140adc5a7
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 9.0/jre8/temurin-jammy
Tags: 9.0.98-jre8-temurin-noble, 9.0-jre8-temurin-noble, 9-jre8-temurin-noble, 9.0.98-jre8-temurin, 9.0-jre8-temurin, 9-jre8-temurin, 9.0.98-jre8, 9.0-jre8, 9-jre8
Architectures: amd64, arm32v7, arm64v8, ppc64le
-GitCommit: 3473b76f4f050aff1529e0a585894b2140adc5a7
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 9.0/jre8/temurin-noble
Tags: 9.0.98-jre11-temurin-jammy, 9.0-jre11-temurin-jammy, 9-jre11-temurin-jammy
Architectures: amd64, arm32v7, arm64v8, ppc64le, s390x
-GitCommit: 3473b76f4f050aff1529e0a585894b2140adc5a7
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 9.0/jre11/temurin-jammy
Tags: 9.0.98-jre11-temurin-noble, 9.0-jre11-temurin-noble, 9-jre11-temurin-noble, 9.0.98-jre11-temurin, 9.0-jre11-temurin, 9-jre11-temurin, 9.0.98-jre11, 9.0-jre11, 9-jre11
Architectures: amd64, arm32v7, arm64v8, ppc64le, s390x
-GitCommit: 3473b76f4f050aff1529e0a585894b2140adc5a7
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 9.0/jre11/temurin-noble
Tags: 9.0.98-jre17-temurin-jammy, 9.0-jre17-temurin-jammy, 9-jre17-temurin-jammy
Architectures: amd64, arm32v7, arm64v8, ppc64le, s390x
-GitCommit: 3473b76f4f050aff1529e0a585894b2140adc5a7
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 9.0/jre17/temurin-jammy
Tags: 9.0.98-jre17-temurin-noble, 9.0-jre17-temurin-noble, 9-jre17-temurin-noble, 9.0.98-jre17-temurin, 9.0-jre17-temurin, 9-jre17-temurin, 9.0.98-jre17, 9.0-jre17, 9-jre17
Architectures: amd64, arm32v7, arm64v8, ppc64le, riscv64, s390x
-GitCommit: 3473b76f4f050aff1529e0a585894b2140adc5a7
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 9.0/jre17/temurin-noble
Tags: 9.0.98-jre21-temurin-jammy, 9.0-jre21-temurin-jammy, 9-jre21-temurin-jammy
Architectures: amd64, arm64v8, ppc64le, s390x
-GitCommit: 3473b76f4f050aff1529e0a585894b2140adc5a7
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 9.0/jre21/temurin-jammy
Tags: 9.0.98-jre21-temurin-noble, 9.0-jre21-temurin-noble, 9-jre21-temurin-noble, 9.0.98-jre21-temurin, 9.0-jre21-temurin, 9-jre21-temurin, 9.0.98-jre21, 9.0-jre21, 9-jre21
Architectures: amd64, arm64v8, ppc64le, riscv64, s390x
-GitCommit: 3473b76f4f050aff1529e0a585894b2140adc5a7
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 9.0/jre21/temurin-noble
Tags: 10.1.34-jdk11-temurin-jammy, 10.1-jdk11-temurin-jammy, 10-jdk11-temurin-jammy
Architectures: amd64, arm32v7, arm64v8, ppc64le, s390x
-GitCommit: 6e18efa87b91c6478ea52666322b06e472647044
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 10.1/jdk11/temurin-jammy
Tags: 10.1.34-jdk11-temurin-noble, 10.1-jdk11-temurin-noble, 10-jdk11-temurin-noble, 10.1.34-jdk11-temurin, 10.1-jdk11-temurin, 10-jdk11-temurin, 10.1.34-jdk11, 10.1-jdk11, 10-jdk11
Architectures: amd64, arm32v7, arm64v8, ppc64le, s390x
-GitCommit: 6e18efa87b91c6478ea52666322b06e472647044
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 10.1/jdk11/temurin-noble
Tags: 10.1.34-jdk17-temurin-jammy, 10.1-jdk17-temurin-jammy, 10-jdk17-temurin-jammy
Architectures: amd64, arm32v7, arm64v8, ppc64le, s390x
-GitCommit: 6e18efa87b91c6478ea52666322b06e472647044
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 10.1/jdk17/temurin-jammy
Tags: 10.1.34-jdk17-temurin-noble, 10.1-jdk17-temurin-noble, 10-jdk17-temurin-noble, 10.1.34-jdk17-temurin, 10.1-jdk17-temurin, 10-jdk17-temurin, 10.1.34-jdk17, 10.1-jdk17, 10-jdk17
Architectures: amd64, arm32v7, arm64v8, ppc64le, riscv64, s390x
-GitCommit: 6e18efa87b91c6478ea52666322b06e472647044
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 10.1/jdk17/temurin-noble
Tags: 10.1.34-jdk21-temurin-jammy, 10.1-jdk21-temurin-jammy, 10-jdk21-temurin-jammy
Architectures: amd64, arm64v8, ppc64le, s390x
-GitCommit: 6e18efa87b91c6478ea52666322b06e472647044
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 10.1/jdk21/temurin-jammy
Tags: 10.1.34-jdk21-temurin-noble, 10.1-jdk21-temurin-noble, 10-jdk21-temurin-noble, 10.1.34-jdk21-temurin, 10.1-jdk21-temurin, 10-jdk21-temurin, 10.1.34-jdk21, 10.1-jdk21, 10-jdk21, 10.1.34, 10.1, 10
Architectures: amd64, arm64v8, ppc64le, riscv64, s390x
-GitCommit: 6e18efa87b91c6478ea52666322b06e472647044
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 10.1/jdk21/temurin-noble
Tags: 10.1.34-jre11-temurin-jammy, 10.1-jre11-temurin-jammy, 10-jre11-temurin-jammy
Architectures: amd64, arm32v7, arm64v8, ppc64le, s390x
-GitCommit: 6e18efa87b91c6478ea52666322b06e472647044
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 10.1/jre11/temurin-jammy
Tags: 10.1.34-jre11-temurin-noble, 10.1-jre11-temurin-noble, 10-jre11-temurin-noble, 10.1.34-jre11-temurin, 10.1-jre11-temurin, 10-jre11-temurin, 10.1.34-jre11, 10.1-jre11, 10-jre11
Architectures: amd64, arm32v7, arm64v8, ppc64le, s390x
-GitCommit: 6e18efa87b91c6478ea52666322b06e472647044
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 10.1/jre11/temurin-noble
Tags: 10.1.34-jre17-temurin-jammy, 10.1-jre17-temurin-jammy, 10-jre17-temurin-jammy
Architectures: amd64, arm32v7, arm64v8, ppc64le, s390x
-GitCommit: 6e18efa87b91c6478ea52666322b06e472647044
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 10.1/jre17/temurin-jammy
Tags: 10.1.34-jre17-temurin-noble, 10.1-jre17-temurin-noble, 10-jre17-temurin-noble, 10.1.34-jre17-temurin, 10.1-jre17-temurin, 10-jre17-temurin, 10.1.34-jre17, 10.1-jre17, 10-jre17
Architectures: amd64, arm32v7, arm64v8, ppc64le, riscv64, s390x
-GitCommit: 6e18efa87b91c6478ea52666322b06e472647044
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 10.1/jre17/temurin-noble
Tags: 10.1.34-jre21-temurin-jammy, 10.1-jre21-temurin-jammy, 10-jre21-temurin-jammy
Architectures: amd64, arm64v8, ppc64le, s390x
-GitCommit: 6e18efa87b91c6478ea52666322b06e472647044
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 10.1/jre21/temurin-jammy
Tags: 10.1.34-jre21-temurin-noble, 10.1-jre21-temurin-noble, 10-jre21-temurin-noble, 10.1.34-jre21-temurin, 10.1-jre21-temurin, 10-jre21-temurin, 10.1.34-jre21, 10.1-jre21, 10-jre21
Architectures: amd64, arm64v8, ppc64le, riscv64, s390x
-GitCommit: 6e18efa87b91c6478ea52666322b06e472647044
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 10.1/jre21/temurin-noble
+Tags: 11.0.2-jdk17-temurin-jammy, 11.0-jdk17-temurin-jammy, 11-jdk17-temurin-jammy, jdk17-temurin-jammy
+Architectures: amd64, arm32v7, arm64v8, ppc64le, s390x
+GitCommit: b5d947eda39355b9e53cde8f997392a24cfaed79
+Directory: 11.0/jdk17/temurin-jammy
+
+Tags: 11.0.2-jdk17-temurin-noble, 11.0-jdk17-temurin-noble, 11-jdk17-temurin-noble, jdk17-temurin-noble, 11.0.2-jdk17-temurin, 11.0-jdk17-temurin, 11-jdk17-temurin, jdk17-temurin, 11.0.2-jdk17, 11.0-jdk17, 11-jdk17, jdk17
+Architectures: amd64, arm32v7, arm64v8, ppc64le, riscv64, s390x
+GitCommit: b5d947eda39355b9e53cde8f997392a24cfaed79
+Directory: 11.0/jdk17/temurin-noble
+
Tags: 11.0.2-jdk21-temurin-jammy, 11.0-jdk21-temurin-jammy, 11-jdk21-temurin-jammy, jdk21-temurin-jammy
Architectures: amd64, arm64v8, ppc64le, s390x
-GitCommit: 5ce1ce35636f6156807e296e0a09e6686892c8d3
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 11.0/jdk21/temurin-jammy
Tags: 11.0.2-jdk21-temurin-noble, 11.0-jdk21-temurin-noble, 11-jdk21-temurin-noble, jdk21-temurin-noble, 11.0.2-jdk21-temurin, 11.0-jdk21-temurin, 11-jdk21-temurin, jdk21-temurin, 11.0.2-jdk21, 11.0-jdk21, 11-jdk21, jdk21, 11.0.2, 11.0, 11, latest
Architectures: amd64, arm64v8, ppc64le, riscv64, s390x
-GitCommit: 5ce1ce35636f6156807e296e0a09e6686892c8d3
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 11.0/jdk21/temurin-noble
+Tags: 11.0.2-jre17-temurin-jammy, 11.0-jre17-temurin-jammy, 11-jre17-temurin-jammy, jre17-temurin-jammy
+Architectures: amd64, arm32v7, arm64v8, ppc64le, s390x
+GitCommit: b5d947eda39355b9e53cde8f997392a24cfaed79
+Directory: 11.0/jre17/temurin-jammy
+
+Tags: 11.0.2-jre17-temurin-noble, 11.0-jre17-temurin-noble, 11-jre17-temurin-noble, jre17-temurin-noble, 11.0.2-jre17-temurin, 11.0-jre17-temurin, 11-jre17-temurin, jre17-temurin, 11.0.2-jre17, 11.0-jre17, 11-jre17, jre17
+Architectures: amd64, arm32v7, arm64v8, ppc64le, riscv64, s390x
+GitCommit: b5d947eda39355b9e53cde8f997392a24cfaed79
+Directory: 11.0/jre17/temurin-noble
+
Tags: 11.0.2-jre21-temurin-jammy, 11.0-jre21-temurin-jammy, 11-jre21-temurin-jammy, jre21-temurin-jammy
Architectures: amd64, arm64v8, ppc64le, s390x
-GitCommit: 5ce1ce35636f6156807e296e0a09e6686892c8d3
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 11.0/jre21/temurin-jammy
Tags: 11.0.2-jre21-temurin-noble, 11.0-jre21-temurin-noble, 11-jre21-temurin-noble, jre21-temurin-noble, 11.0.2-jre21-temurin, 11.0-jre21-temurin, 11-jre21-temurin, jre21-temurin, 11.0.2-jre21, 11.0-jre21, 11-jre21, jre21
Architectures: amd64, arm64v8, ppc64le, riscv64, s390x
-GitCommit: 5ce1ce35636f6156807e296e0a09e6686892c8d3
+GitCommit: f92b3525db29825c365efaf76ae21b8133ad75b4
Directory: 11.0/jre21/temurin-noble
diff --git a/_bashbrew-list b/_bashbrew-list
index 5f9e30c..9341f10 100644
--- a/_bashbrew-list
+++ b/_bashbrew-list
@@ -197,36 +197,68 @@ tomcat:10.1.34-jre21-temurin
tomcat:10.1.34-jre21-temurin-jammy
tomcat:10.1.34-jre21-temurin-noble
tomcat:11
+tomcat:11-jdk17
+tomcat:11-jdk17-temurin
+tomcat:11-jdk17-temurin-jammy
+tomcat:11-jdk17-temurin-noble
tomcat:11-jdk21
tomcat:11-jdk21-temurin
tomcat:11-jdk21-temurin-jammy
tomcat:11-jdk21-temurin-noble
+tomcat:11-jre17
+tomcat:11-jre17-temurin
+tomcat:11-jre17-temurin-jammy
+tomcat:11-jre17-temurin-noble
tomcat:11-jre21
tomcat:11-jre21-temurin
tomcat:11-jre21-temurin-jammy
tomcat:11-jre21-temurin-noble
tomcat:11.0
+tomcat:11.0-jdk17
+tomcat:11.0-jdk17-temurin
+tomcat:11.0-jdk17-temurin-jammy
+tomcat:11.0-jdk17-temurin-noble
tomcat:11.0-jdk21
tomcat:11.0-jdk21-temurin
tomcat:11.0-jdk21-temurin-jammy
tomcat:11.0-jdk21-temurin-noble
+tomcat:11.0-jre17
+tomcat:11.0-jre17-temurin
+tomcat:11.0-jre17-temurin-jammy
+tomcat:11.0-jre17-temurin-noble
tomcat:11.0-jre21
tomcat:11.0-jre21-temurin
tomcat:11.0-jre21-temurin-jammy
tomcat:11.0-jre21-temurin-noble
tomcat:11.0.2
+tomcat:11.0.2-jdk17
+tomcat:11.0.2-jdk17-temurin
+tomcat:11.0.2-jdk17-temurin-jammy
+tomcat:11.0.2-jdk17-temurin-noble
tomcat:11.0.2-jdk21
tomcat:11.0.2-jdk21-temurin
tomcat:11.0.2-jdk21-temurin-jammy
tomcat:11.0.2-jdk21-temurin-noble
+tomcat:11.0.2-jre17
+tomcat:11.0.2-jre17-temurin
+tomcat:11.0.2-jre17-temurin-jammy
+tomcat:11.0.2-jre17-temurin-noble
tomcat:11.0.2-jre21
tomcat:11.0.2-jre21-temurin
tomcat:11.0.2-jre21-temurin-jammy
tomcat:11.0.2-jre21-temurin-noble
+tomcat:jdk17
+tomcat:jdk17-temurin
+tomcat:jdk17-temurin-jammy
+tomcat:jdk17-temurin-noble
tomcat:jdk21
tomcat:jdk21-temurin
tomcat:jdk21-temurin-jammy
tomcat:jdk21-temurin-noble
+tomcat:jre17
+tomcat:jre17-temurin
+tomcat:jre17-temurin-jammy
+tomcat:jre17-temurin-noble
tomcat:jre21
tomcat:jre21-temurin
tomcat:jre21-temurin-jammy
diff --git a/_bashbrew-list-build-order b/_bashbrew-list-build-order
index 9fe6618..b2d28a1 100644
--- a/_bashbrew-list-build-order
+++ b/_bashbrew-list-build-order
@@ -30,7 +30,11 @@ tomcat:10-jre17
tomcat:10-jre17-temurin-jammy
tomcat:10-jre21
tomcat:10-jre21-temurin-jammy
+tomcat:jdk17
+tomcat:jdk17-temurin-jammy
tomcat:jdk21-temurin-jammy
+tomcat:jre17
+tomcat:jre17-temurin-jammy
tomcat:jre21-temurin-jammy
tomcat:latest
tomcat:jre21
diff --git a/tomcat_10-jdk11-temurin-jammy/Dockerfile b/tomcat_10-jdk11-temurin-jammy/Dockerfile
index 57f0ca2..8280e13 100644
--- a/tomcat_10-jdk11-temurin-jammy/Dockerfile
+++ b/tomcat_10-jdk11-temurin-jammy/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7
-
ENV TOMCAT_MAJOR 10
ENV TOMCAT_VERSION 10.1.34
ENV TOMCAT_SHA512 e29c4d0e26295d64dfeee399e7719b5baac2682ac0e7b53702f26d630fea761f93ddf60674dfe87c41ddd9b79d4938a6a533a280bb3d7fb83c2a1b7cd5da6b09
@@ -58,10 +54,23 @@ RUN set -eux; \
ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \
echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
- export GNUPGHOME="$(mktemp -d)"; \
- for key in $GPG_KEYS; do \
- gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ curl -fL -o upstream-KEYS 'https://www.apache.org/dist/tomcat/tomcat-10/KEYS'; \
+ gpg --batch --import upstream-KEYS; \
+# filter upstream KEYS file to *just* known/precomputed fingerprints
+ printf '' > filtered-KEYS; \
+# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS
+ for key in \
+ 'A9C5DF4D22E99998D9875A5110C01C5A2F6059E7' \
+ '5C3C5F3E314C866292F359A8F3AD5C94A67F707E' \
+ ; do \
+ gpg --batch --fingerprint "$key"; \
+ gpg --batch --export --armor "$key" >> filtered-KEYS; \
done; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ gpg --batch --import filtered-KEYS; \
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
tar -xf tomcat.tar.gz --strip-components=1; \
rm bin/*.bat; \
diff --git a/tomcat_10-jdk11/Dockerfile b/tomcat_10-jdk11/Dockerfile
index 66786d9..ffee4bb 100644
--- a/tomcat_10-jdk11/Dockerfile
+++ b/tomcat_10-jdk11/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7
-
ENV TOMCAT_MAJOR 10
ENV TOMCAT_VERSION 10.1.34
ENV TOMCAT_SHA512 e29c4d0e26295d64dfeee399e7719b5baac2682ac0e7b53702f26d630fea761f93ddf60674dfe87c41ddd9b79d4938a6a533a280bb3d7fb83c2a1b7cd5da6b09
@@ -58,10 +54,23 @@ RUN set -eux; \
ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \
echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
- export GNUPGHOME="$(mktemp -d)"; \
- for key in $GPG_KEYS; do \
- gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ curl -fL -o upstream-KEYS 'https://www.apache.org/dist/tomcat/tomcat-10/KEYS'; \
+ gpg --batch --import upstream-KEYS; \
+# filter upstream KEYS file to *just* known/precomputed fingerprints
+ printf '' > filtered-KEYS; \
+# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS
+ for key in \
+ 'A9C5DF4D22E99998D9875A5110C01C5A2F6059E7' \
+ '5C3C5F3E314C866292F359A8F3AD5C94A67F707E' \
+ ; do \
+ gpg --batch --fingerprint "$key"; \
+ gpg --batch --export --armor "$key" >> filtered-KEYS; \
done; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ gpg --batch --import filtered-KEYS; \
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
tar -xf tomcat.tar.gz --strip-components=1; \
rm bin/*.bat; \
diff --git a/tomcat_10-jdk17-temurin-jammy/Dockerfile b/tomcat_10-jdk17-temurin-jammy/Dockerfile
index 6755246..f76dbea 100644
--- a/tomcat_10-jdk17-temurin-jammy/Dockerfile
+++ b/tomcat_10-jdk17-temurin-jammy/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7
-
ENV TOMCAT_MAJOR 10
ENV TOMCAT_VERSION 10.1.34
ENV TOMCAT_SHA512 e29c4d0e26295d64dfeee399e7719b5baac2682ac0e7b53702f26d630fea761f93ddf60674dfe87c41ddd9b79d4938a6a533a280bb3d7fb83c2a1b7cd5da6b09
@@ -58,10 +54,23 @@ RUN set -eux; \
ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \
echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
- export GNUPGHOME="$(mktemp -d)"; \
- for key in $GPG_KEYS; do \
- gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ curl -fL -o upstream-KEYS 'https://www.apache.org/dist/tomcat/tomcat-10/KEYS'; \
+ gpg --batch --import upstream-KEYS; \
+# filter upstream KEYS file to *just* known/precomputed fingerprints
+ printf '' > filtered-KEYS; \
+# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS
+ for key in \
+ 'A9C5DF4D22E99998D9875A5110C01C5A2F6059E7' \
+ '5C3C5F3E314C866292F359A8F3AD5C94A67F707E' \
+ ; do \
+ gpg --batch --fingerprint "$key"; \
+ gpg --batch --export --armor "$key" >> filtered-KEYS; \
done; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ gpg --batch --import filtered-KEYS; \
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
tar -xf tomcat.tar.gz --strip-components=1; \
rm bin/*.bat; \
diff --git a/tomcat_10-jdk17/Dockerfile b/tomcat_10-jdk17/Dockerfile
index dfcdd5e..ec4777d 100644
--- a/tomcat_10-jdk17/Dockerfile
+++ b/tomcat_10-jdk17/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7
-
ENV TOMCAT_MAJOR 10
ENV TOMCAT_VERSION 10.1.34
ENV TOMCAT_SHA512 e29c4d0e26295d64dfeee399e7719b5baac2682ac0e7b53702f26d630fea761f93ddf60674dfe87c41ddd9b79d4938a6a533a280bb3d7fb83c2a1b7cd5da6b09
@@ -58,10 +54,23 @@ RUN set -eux; \
ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \
echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
- export GNUPGHOME="$(mktemp -d)"; \
- for key in $GPG_KEYS; do \
- gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ curl -fL -o upstream-KEYS 'https://www.apache.org/dist/tomcat/tomcat-10/KEYS'; \
+ gpg --batch --import upstream-KEYS; \
+# filter upstream KEYS file to *just* known/precomputed fingerprints
+ printf '' > filtered-KEYS; \
+# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS
+ for key in \
+ 'A9C5DF4D22E99998D9875A5110C01C5A2F6059E7' \
+ '5C3C5F3E314C866292F359A8F3AD5C94A67F707E' \
+ ; do \
+ gpg --batch --fingerprint "$key"; \
+ gpg --batch --export --armor "$key" >> filtered-KEYS; \
done; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ gpg --batch --import filtered-KEYS; \
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
tar -xf tomcat.tar.gz --strip-components=1; \
rm bin/*.bat; \
diff --git a/tomcat_10-jdk21-temurin-jammy/Dockerfile b/tomcat_10-jdk21-temurin-jammy/Dockerfile
index 6fa1a92..bf8b1f1 100644
--- a/tomcat_10-jdk21-temurin-jammy/Dockerfile
+++ b/tomcat_10-jdk21-temurin-jammy/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7
-
ENV TOMCAT_MAJOR 10
ENV TOMCAT_VERSION 10.1.34
ENV TOMCAT_SHA512 e29c4d0e26295d64dfeee399e7719b5baac2682ac0e7b53702f26d630fea761f93ddf60674dfe87c41ddd9b79d4938a6a533a280bb3d7fb83c2a1b7cd5da6b09
@@ -58,10 +54,23 @@ RUN set -eux; \
ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \
echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
- export GNUPGHOME="$(mktemp -d)"; \
- for key in $GPG_KEYS; do \
- gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ curl -fL -o upstream-KEYS 'https://www.apache.org/dist/tomcat/tomcat-10/KEYS'; \
+ gpg --batch --import upstream-KEYS; \
+# filter upstream KEYS file to *just* known/precomputed fingerprints
+ printf '' > filtered-KEYS; \
+# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS
+ for key in \
+ 'A9C5DF4D22E99998D9875A5110C01C5A2F6059E7' \
+ '5C3C5F3E314C866292F359A8F3AD5C94A67F707E' \
+ ; do \
+ gpg --batch --fingerprint "$key"; \
+ gpg --batch --export --armor "$key" >> filtered-KEYS; \
done; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ gpg --batch --import filtered-KEYS; \
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
tar -xf tomcat.tar.gz --strip-components=1; \
rm bin/*.bat; \
diff --git a/tomcat_10-jre11-temurin-jammy/Dockerfile b/tomcat_10-jre11-temurin-jammy/Dockerfile
index 8984161..fccec42 100644
--- a/tomcat_10-jre11-temurin-jammy/Dockerfile
+++ b/tomcat_10-jre11-temurin-jammy/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7
-
ENV TOMCAT_MAJOR 10
ENV TOMCAT_VERSION 10.1.34
ENV TOMCAT_SHA512 e29c4d0e26295d64dfeee399e7719b5baac2682ac0e7b53702f26d630fea761f93ddf60674dfe87c41ddd9b79d4938a6a533a280bb3d7fb83c2a1b7cd5da6b09
diff --git a/tomcat_10-jre11/Dockerfile b/tomcat_10-jre11/Dockerfile
index 4345de8..e395955 100644
--- a/tomcat_10-jre11/Dockerfile
+++ b/tomcat_10-jre11/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7
-
ENV TOMCAT_MAJOR 10
ENV TOMCAT_VERSION 10.1.34
ENV TOMCAT_SHA512 e29c4d0e26295d64dfeee399e7719b5baac2682ac0e7b53702f26d630fea761f93ddf60674dfe87c41ddd9b79d4938a6a533a280bb3d7fb83c2a1b7cd5da6b09
diff --git a/tomcat_10-jre17-temurin-jammy/Dockerfile b/tomcat_10-jre17-temurin-jammy/Dockerfile
index d64acf3..7fe8934 100644
--- a/tomcat_10-jre17-temurin-jammy/Dockerfile
+++ b/tomcat_10-jre17-temurin-jammy/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7
-
ENV TOMCAT_MAJOR 10
ENV TOMCAT_VERSION 10.1.34
ENV TOMCAT_SHA512 e29c4d0e26295d64dfeee399e7719b5baac2682ac0e7b53702f26d630fea761f93ddf60674dfe87c41ddd9b79d4938a6a533a280bb3d7fb83c2a1b7cd5da6b09
diff --git a/tomcat_10-jre17/Dockerfile b/tomcat_10-jre17/Dockerfile
index 05cfa9a..9c9eb71 100644
--- a/tomcat_10-jre17/Dockerfile
+++ b/tomcat_10-jre17/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7
-
ENV TOMCAT_MAJOR 10
ENV TOMCAT_VERSION 10.1.34
ENV TOMCAT_SHA512 e29c4d0e26295d64dfeee399e7719b5baac2682ac0e7b53702f26d630fea761f93ddf60674dfe87c41ddd9b79d4938a6a533a280bb3d7fb83c2a1b7cd5da6b09
diff --git a/tomcat_10-jre21-temurin-jammy/Dockerfile b/tomcat_10-jre21-temurin-jammy/Dockerfile
index 4ebe3a2..ea92571 100644
--- a/tomcat_10-jre21-temurin-jammy/Dockerfile
+++ b/tomcat_10-jre21-temurin-jammy/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7
-
ENV TOMCAT_MAJOR 10
ENV TOMCAT_VERSION 10.1.34
ENV TOMCAT_SHA512 e29c4d0e26295d64dfeee399e7719b5baac2682ac0e7b53702f26d630fea761f93ddf60674dfe87c41ddd9b79d4938a6a533a280bb3d7fb83c2a1b7cd5da6b09
diff --git a/tomcat_10-jre21/Dockerfile b/tomcat_10-jre21/Dockerfile
index de57ff6..bf4efbe 100644
--- a/tomcat_10-jre21/Dockerfile
+++ b/tomcat_10-jre21/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7
-
ENV TOMCAT_MAJOR 10
ENV TOMCAT_VERSION 10.1.34
ENV TOMCAT_SHA512 e29c4d0e26295d64dfeee399e7719b5baac2682ac0e7b53702f26d630fea761f93ddf60674dfe87c41ddd9b79d4938a6a533a280bb3d7fb83c2a1b7cd5da6b09
diff --git a/tomcat_10/Dockerfile b/tomcat_10/Dockerfile
index 79e2cf0..e82dc5e 100644
--- a/tomcat_10/Dockerfile
+++ b/tomcat_10/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 5C3C5F3E314C866292F359A8F3AD5C94A67F707E A9C5DF4D22E99998D9875A5110C01C5A2F6059E7
-
ENV TOMCAT_MAJOR 10
ENV TOMCAT_VERSION 10.1.34
ENV TOMCAT_SHA512 e29c4d0e26295d64dfeee399e7719b5baac2682ac0e7b53702f26d630fea761f93ddf60674dfe87c41ddd9b79d4938a6a533a280bb3d7fb83c2a1b7cd5da6b09
@@ -58,10 +54,23 @@ RUN set -eux; \
ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \
echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
- export GNUPGHOME="$(mktemp -d)"; \
- for key in $GPG_KEYS; do \
- gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ curl -fL -o upstream-KEYS 'https://www.apache.org/dist/tomcat/tomcat-10/KEYS'; \
+ gpg --batch --import upstream-KEYS; \
+# filter upstream KEYS file to *just* known/precomputed fingerprints
+ printf '' > filtered-KEYS; \
+# see https://www.apache.org/dist/tomcat/tomcat-10/KEYS
+ for key in \
+ 'A9C5DF4D22E99998D9875A5110C01C5A2F6059E7' \
+ '5C3C5F3E314C866292F359A8F3AD5C94A67F707E' \
+ ; do \
+ gpg --batch --fingerprint "$key"; \
+ gpg --batch --export --armor "$key" >> filtered-KEYS; \
done; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ gpg --batch --import filtered-KEYS; \
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
tar -xf tomcat.tar.gz --strip-components=1; \
rm bin/*.bat; \
diff --git a/tomcat_9-jdk11-corretto/Dockerfile b/tomcat_9-jdk11-corretto/Dockerfile
index 17c8077..7cd103c 100644
--- a/tomcat_9-jdk11-corretto/Dockerfile
+++ b/tomcat_9-jdk11-corretto/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243
-
ENV TOMCAT_MAJOR 9
ENV TOMCAT_VERSION 9.0.98
ENV TOMCAT_SHA512 07d87286e8ee84bb291069c596cf36233e56a14e3ecb6d65eea0fa7c7042ce5e75f5db31f210b96b6b25b80b34e626dd26c5a6ed5c052384a8587d62658b5e16
@@ -71,10 +67,23 @@ RUN set -eux; \
ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \
echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
- export GNUPGHOME="$(mktemp -d)"; \
- for key in $GPG_KEYS; do \
- gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ curl -fL -o upstream-KEYS 'https://www.apache.org/dist/tomcat/tomcat-9/KEYS'; \
+ gpg --batch --import upstream-KEYS; \
+# filter upstream KEYS file to *just* known/precomputed fingerprints
+ printf '' > filtered-KEYS; \
+# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
+ for key in \
+ 'DCFD35E0BF8CA7344752DE8B6FB21E8933C60243' \
+ 'A9C5DF4D22E99998D9875A5110C01C5A2F6059E7' \
+ '48F8E69F6390C9F25CFEDCD268248959359E722B' \
+ ; do \
+ gpg --batch --fingerprint "$key"; \
+ gpg --batch --export --armor "$key" >> filtered-KEYS; \
done; \
+ rm -rf "$GNUPGHOME"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ gpg --batch --import filtered-KEYS; \
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
tar -xf tomcat.tar.gz --strip-components=1; \
rm bin/*.bat; \
diff --git a/tomcat_9-jdk11-temurin-jammy/Dockerfile b/tomcat_9-jdk11-temurin-jammy/Dockerfile
index b7183f0..0de8623 100644
--- a/tomcat_9-jdk11-temurin-jammy/Dockerfile
+++ b/tomcat_9-jdk11-temurin-jammy/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243
-
ENV TOMCAT_MAJOR 9
ENV TOMCAT_VERSION 9.0.98
ENV TOMCAT_SHA512 07d87286e8ee84bb291069c596cf36233e56a14e3ecb6d65eea0fa7c7042ce5e75f5db31f210b96b6b25b80b34e626dd26c5a6ed5c052384a8587d62658b5e16
@@ -58,10 +54,24 @@ RUN set -eux; \
ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \
echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
- export GNUPGHOME="$(mktemp -d)"; \
- for key in $GPG_KEYS; do \
- gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ curl -fL -o upstream-KEYS 'https://www.apache.org/dist/tomcat/tomcat-9/KEYS'; \
+ gpg --batch --import upstream-KEYS; \
+# filter upstream KEYS file to *just* known/precomputed fingerprints
+ printf '' > filtered-KEYS; \
+# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
+ for key in \
+ 'DCFD35E0BF8CA7344752DE8B6FB21E8933C60243' \
+ 'A9C5DF4D22E99998D9875A5110C01C5A2F6059E7' \
+ '48F8E69F6390C9F25CFEDCD268248959359E722B' \
+ ; do \
+ gpg --batch --fingerprint "$key"; \
+ gpg --batch --export --armor "$key" >> filtered-KEYS; \
done; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ gpg --batch --import filtered-KEYS; \
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
tar -xf tomcat.tar.gz --strip-components=1; \
rm bin/*.bat; \
diff --git a/tomcat_9-jdk11/Dockerfile b/tomcat_9-jdk11/Dockerfile
index 3d58dc5..c288f86 100644
--- a/tomcat_9-jdk11/Dockerfile
+++ b/tomcat_9-jdk11/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243
-
ENV TOMCAT_MAJOR 9
ENV TOMCAT_VERSION 9.0.98
ENV TOMCAT_SHA512 07d87286e8ee84bb291069c596cf36233e56a14e3ecb6d65eea0fa7c7042ce5e75f5db31f210b96b6b25b80b34e626dd26c5a6ed5c052384a8587d62658b5e16
@@ -58,10 +54,24 @@ RUN set -eux; \
ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \
echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
- export GNUPGHOME="$(mktemp -d)"; \
- for key in $GPG_KEYS; do \
- gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ curl -fL -o upstream-KEYS 'https://www.apache.org/dist/tomcat/tomcat-9/KEYS'; \
+ gpg --batch --import upstream-KEYS; \
+# filter upstream KEYS file to *just* known/precomputed fingerprints
+ printf '' > filtered-KEYS; \
+# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
+ for key in \
+ 'DCFD35E0BF8CA7344752DE8B6FB21E8933C60243' \
+ 'A9C5DF4D22E99998D9875A5110C01C5A2F6059E7' \
+ '48F8E69F6390C9F25CFEDCD268248959359E722B' \
+ ; do \
+ gpg --batch --fingerprint "$key"; \
+ gpg --batch --export --armor "$key" >> filtered-KEYS; \
done; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ gpg --batch --import filtered-KEYS; \
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
tar -xf tomcat.tar.gz --strip-components=1; \
rm bin/*.bat; \
diff --git a/tomcat_9-jdk17-corretto/Dockerfile b/tomcat_9-jdk17-corretto/Dockerfile
index 2719ccf..54dbc6e 100644
--- a/tomcat_9-jdk17-corretto/Dockerfile
+++ b/tomcat_9-jdk17-corretto/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243
-
ENV TOMCAT_MAJOR 9
ENV TOMCAT_VERSION 9.0.98
ENV TOMCAT_SHA512 07d87286e8ee84bb291069c596cf36233e56a14e3ecb6d65eea0fa7c7042ce5e75f5db31f210b96b6b25b80b34e626dd26c5a6ed5c052384a8587d62658b5e16
@@ -71,10 +67,23 @@ RUN set -eux; \
ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \
echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
- export GNUPGHOME="$(mktemp -d)"; \
- for key in $GPG_KEYS; do \
- gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ curl -fL -o upstream-KEYS 'https://www.apache.org/dist/tomcat/tomcat-9/KEYS'; \
+ gpg --batch --import upstream-KEYS; \
+# filter upstream KEYS file to *just* known/precomputed fingerprints
+ printf '' > filtered-KEYS; \
+# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
+ for key in \
+ 'DCFD35E0BF8CA7344752DE8B6FB21E8933C60243' \
+ 'A9C5DF4D22E99998D9875A5110C01C5A2F6059E7' \
+ '48F8E69F6390C9F25CFEDCD268248959359E722B' \
+ ; do \
+ gpg --batch --fingerprint "$key"; \
+ gpg --batch --export --armor "$key" >> filtered-KEYS; \
done; \
+ rm -rf "$GNUPGHOME"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ gpg --batch --import filtered-KEYS; \
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
tar -xf tomcat.tar.gz --strip-components=1; \
rm bin/*.bat; \
diff --git a/tomcat_9-jdk17-temurin-jammy/Dockerfile b/tomcat_9-jdk17-temurin-jammy/Dockerfile
index 58ae6c9..04ec0bc 100644
--- a/tomcat_9-jdk17-temurin-jammy/Dockerfile
+++ b/tomcat_9-jdk17-temurin-jammy/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243
-
ENV TOMCAT_MAJOR 9
ENV TOMCAT_VERSION 9.0.98
ENV TOMCAT_SHA512 07d87286e8ee84bb291069c596cf36233e56a14e3ecb6d65eea0fa7c7042ce5e75f5db31f210b96b6b25b80b34e626dd26c5a6ed5c052384a8587d62658b5e16
@@ -58,10 +54,24 @@ RUN set -eux; \
ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \
echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
- export GNUPGHOME="$(mktemp -d)"; \
- for key in $GPG_KEYS; do \
- gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ curl -fL -o upstream-KEYS 'https://www.apache.org/dist/tomcat/tomcat-9/KEYS'; \
+ gpg --batch --import upstream-KEYS; \
+# filter upstream KEYS file to *just* known/precomputed fingerprints
+ printf '' > filtered-KEYS; \
+# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
+ for key in \
+ 'DCFD35E0BF8CA7344752DE8B6FB21E8933C60243' \
+ 'A9C5DF4D22E99998D9875A5110C01C5A2F6059E7' \
+ '48F8E69F6390C9F25CFEDCD268248959359E722B' \
+ ; do \
+ gpg --batch --fingerprint "$key"; \
+ gpg --batch --export --armor "$key" >> filtered-KEYS; \
done; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ gpg --batch --import filtered-KEYS; \
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
tar -xf tomcat.tar.gz --strip-components=1; \
rm bin/*.bat; \
diff --git a/tomcat_9-jdk17/Dockerfile b/tomcat_9-jdk17/Dockerfile
index 81c72fd..9ee0765 100644
--- a/tomcat_9-jdk17/Dockerfile
+++ b/tomcat_9-jdk17/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243
-
ENV TOMCAT_MAJOR 9
ENV TOMCAT_VERSION 9.0.98
ENV TOMCAT_SHA512 07d87286e8ee84bb291069c596cf36233e56a14e3ecb6d65eea0fa7c7042ce5e75f5db31f210b96b6b25b80b34e626dd26c5a6ed5c052384a8587d62658b5e16
@@ -58,10 +54,24 @@ RUN set -eux; \
ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \
echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
- export GNUPGHOME="$(mktemp -d)"; \
- for key in $GPG_KEYS; do \
- gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ curl -fL -o upstream-KEYS 'https://www.apache.org/dist/tomcat/tomcat-9/KEYS'; \
+ gpg --batch --import upstream-KEYS; \
+# filter upstream KEYS file to *just* known/precomputed fingerprints
+ printf '' > filtered-KEYS; \
+# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
+ for key in \
+ 'DCFD35E0BF8CA7344752DE8B6FB21E8933C60243' \
+ 'A9C5DF4D22E99998D9875A5110C01C5A2F6059E7' \
+ '48F8E69F6390C9F25CFEDCD268248959359E722B' \
+ ; do \
+ gpg --batch --fingerprint "$key"; \
+ gpg --batch --export --armor "$key" >> filtered-KEYS; \
done; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ gpg --batch --import filtered-KEYS; \
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
tar -xf tomcat.tar.gz --strip-components=1; \
rm bin/*.bat; \
diff --git a/tomcat_9-jdk21-corretto/Dockerfile b/tomcat_9-jdk21-corretto/Dockerfile
index 6b3f07f..b81e041 100644
--- a/tomcat_9-jdk21-corretto/Dockerfile
+++ b/tomcat_9-jdk21-corretto/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243
-
ENV TOMCAT_MAJOR 9
ENV TOMCAT_VERSION 9.0.98
ENV TOMCAT_SHA512 07d87286e8ee84bb291069c596cf36233e56a14e3ecb6d65eea0fa7c7042ce5e75f5db31f210b96b6b25b80b34e626dd26c5a6ed5c052384a8587d62658b5e16
@@ -71,10 +67,23 @@ RUN set -eux; \
ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \
echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
- export GNUPGHOME="$(mktemp -d)"; \
- for key in $GPG_KEYS; do \
- gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ curl -fL -o upstream-KEYS 'https://www.apache.org/dist/tomcat/tomcat-9/KEYS'; \
+ gpg --batch --import upstream-KEYS; \
+# filter upstream KEYS file to *just* known/precomputed fingerprints
+ printf '' > filtered-KEYS; \
+# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
+ for key in \
+ 'DCFD35E0BF8CA7344752DE8B6FB21E8933C60243' \
+ 'A9C5DF4D22E99998D9875A5110C01C5A2F6059E7' \
+ '48F8E69F6390C9F25CFEDCD268248959359E722B' \
+ ; do \
+ gpg --batch --fingerprint "$key"; \
+ gpg --batch --export --armor "$key" >> filtered-KEYS; \
done; \
+ rm -rf "$GNUPGHOME"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ gpg --batch --import filtered-KEYS; \
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
tar -xf tomcat.tar.gz --strip-components=1; \
rm bin/*.bat; \
diff --git a/tomcat_9-jdk21-temurin-jammy/Dockerfile b/tomcat_9-jdk21-temurin-jammy/Dockerfile
index 2fac2c5..7e81654 100644
--- a/tomcat_9-jdk21-temurin-jammy/Dockerfile
+++ b/tomcat_9-jdk21-temurin-jammy/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243
-
ENV TOMCAT_MAJOR 9
ENV TOMCAT_VERSION 9.0.98
ENV TOMCAT_SHA512 07d87286e8ee84bb291069c596cf36233e56a14e3ecb6d65eea0fa7c7042ce5e75f5db31f210b96b6b25b80b34e626dd26c5a6ed5c052384a8587d62658b5e16
@@ -58,10 +54,24 @@ RUN set -eux; \
ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \
echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
- export GNUPGHOME="$(mktemp -d)"; \
- for key in $GPG_KEYS; do \
- gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ curl -fL -o upstream-KEYS 'https://www.apache.org/dist/tomcat/tomcat-9/KEYS'; \
+ gpg --batch --import upstream-KEYS; \
+# filter upstream KEYS file to *just* known/precomputed fingerprints
+ printf '' > filtered-KEYS; \
+# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
+ for key in \
+ 'DCFD35E0BF8CA7344752DE8B6FB21E8933C60243' \
+ 'A9C5DF4D22E99998D9875A5110C01C5A2F6059E7' \
+ '48F8E69F6390C9F25CFEDCD268248959359E722B' \
+ ; do \
+ gpg --batch --fingerprint "$key"; \
+ gpg --batch --export --armor "$key" >> filtered-KEYS; \
done; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ gpg --batch --import filtered-KEYS; \
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
tar -xf tomcat.tar.gz --strip-components=1; \
rm bin/*.bat; \
diff --git a/tomcat_9-jdk8-corretto/Dockerfile b/tomcat_9-jdk8-corretto/Dockerfile
index 4db6129..bb5b91c 100644
--- a/tomcat_9-jdk8-corretto/Dockerfile
+++ b/tomcat_9-jdk8-corretto/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243
-
ENV TOMCAT_MAJOR 9
ENV TOMCAT_VERSION 9.0.98
ENV TOMCAT_SHA512 07d87286e8ee84bb291069c596cf36233e56a14e3ecb6d65eea0fa7c7042ce5e75f5db31f210b96b6b25b80b34e626dd26c5a6ed5c052384a8587d62658b5e16
@@ -71,10 +67,23 @@ RUN set -eux; \
ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \
echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
- export GNUPGHOME="$(mktemp -d)"; \
- for key in $GPG_KEYS; do \
- gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ curl -fL -o upstream-KEYS 'https://www.apache.org/dist/tomcat/tomcat-9/KEYS'; \
+ gpg --batch --import upstream-KEYS; \
+# filter upstream KEYS file to *just* known/precomputed fingerprints
+ printf '' > filtered-KEYS; \
+# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
+ for key in \
+ 'DCFD35E0BF8CA7344752DE8B6FB21E8933C60243' \
+ 'A9C5DF4D22E99998D9875A5110C01C5A2F6059E7' \
+ '48F8E69F6390C9F25CFEDCD268248959359E722B' \
+ ; do \
+ gpg --batch --fingerprint "$key"; \
+ gpg --batch --export --armor "$key" >> filtered-KEYS; \
done; \
+ rm -rf "$GNUPGHOME"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ gpg --batch --import filtered-KEYS; \
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
tar -xf tomcat.tar.gz --strip-components=1; \
rm bin/*.bat; \
diff --git a/tomcat_9-jdk8-temurin-jammy/Dockerfile b/tomcat_9-jdk8-temurin-jammy/Dockerfile
index 75540d3..00e7929 100644
--- a/tomcat_9-jdk8-temurin-jammy/Dockerfile
+++ b/tomcat_9-jdk8-temurin-jammy/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243
-
ENV TOMCAT_MAJOR 9
ENV TOMCAT_VERSION 9.0.98
ENV TOMCAT_SHA512 07d87286e8ee84bb291069c596cf36233e56a14e3ecb6d65eea0fa7c7042ce5e75f5db31f210b96b6b25b80b34e626dd26c5a6ed5c052384a8587d62658b5e16
@@ -58,10 +54,24 @@ RUN set -eux; \
ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \
echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
- export GNUPGHOME="$(mktemp -d)"; \
- for key in $GPG_KEYS; do \
- gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ curl -fL -o upstream-KEYS 'https://www.apache.org/dist/tomcat/tomcat-9/KEYS'; \
+ gpg --batch --import upstream-KEYS; \
+# filter upstream KEYS file to *just* known/precomputed fingerprints
+ printf '' > filtered-KEYS; \
+# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
+ for key in \
+ 'DCFD35E0BF8CA7344752DE8B6FB21E8933C60243' \
+ 'A9C5DF4D22E99998D9875A5110C01C5A2F6059E7' \
+ '48F8E69F6390C9F25CFEDCD268248959359E722B' \
+ ; do \
+ gpg --batch --fingerprint "$key"; \
+ gpg --batch --export --armor "$key" >> filtered-KEYS; \
done; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ gpg --batch --import filtered-KEYS; \
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
tar -xf tomcat.tar.gz --strip-components=1; \
rm bin/*.bat; \
diff --git a/tomcat_9-jdk8/Dockerfile b/tomcat_9-jdk8/Dockerfile
index 3cc5a73..7c5ce40 100644
--- a/tomcat_9-jdk8/Dockerfile
+++ b/tomcat_9-jdk8/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243
-
ENV TOMCAT_MAJOR 9
ENV TOMCAT_VERSION 9.0.98
ENV TOMCAT_SHA512 07d87286e8ee84bb291069c596cf36233e56a14e3ecb6d65eea0fa7c7042ce5e75f5db31f210b96b6b25b80b34e626dd26c5a6ed5c052384a8587d62658b5e16
@@ -58,10 +54,24 @@ RUN set -eux; \
ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \
echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
- export GNUPGHOME="$(mktemp -d)"; \
- for key in $GPG_KEYS; do \
- gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ curl -fL -o upstream-KEYS 'https://www.apache.org/dist/tomcat/tomcat-9/KEYS'; \
+ gpg --batch --import upstream-KEYS; \
+# filter upstream KEYS file to *just* known/precomputed fingerprints
+ printf '' > filtered-KEYS; \
+# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
+ for key in \
+ 'DCFD35E0BF8CA7344752DE8B6FB21E8933C60243' \
+ 'A9C5DF4D22E99998D9875A5110C01C5A2F6059E7' \
+ '48F8E69F6390C9F25CFEDCD268248959359E722B' \
+ ; do \
+ gpg --batch --fingerprint "$key"; \
+ gpg --batch --export --armor "$key" >> filtered-KEYS; \
done; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ gpg --batch --import filtered-KEYS; \
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
tar -xf tomcat.tar.gz --strip-components=1; \
rm bin/*.bat; \
diff --git a/tomcat_9-jre11-temurin-jammy/Dockerfile b/tomcat_9-jre11-temurin-jammy/Dockerfile
index 9334797..3c8f6e9 100644
--- a/tomcat_9-jre11-temurin-jammy/Dockerfile
+++ b/tomcat_9-jre11-temurin-jammy/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243
-
ENV TOMCAT_MAJOR 9
ENV TOMCAT_VERSION 9.0.98
ENV TOMCAT_SHA512 07d87286e8ee84bb291069c596cf36233e56a14e3ecb6d65eea0fa7c7042ce5e75f5db31f210b96b6b25b80b34e626dd26c5a6ed5c052384a8587d62658b5e16
diff --git a/tomcat_9-jre11/Dockerfile b/tomcat_9-jre11/Dockerfile
index c66d8d8..66f72f1 100644
--- a/tomcat_9-jre11/Dockerfile
+++ b/tomcat_9-jre11/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243
-
ENV TOMCAT_MAJOR 9
ENV TOMCAT_VERSION 9.0.98
ENV TOMCAT_SHA512 07d87286e8ee84bb291069c596cf36233e56a14e3ecb6d65eea0fa7c7042ce5e75f5db31f210b96b6b25b80b34e626dd26c5a6ed5c052384a8587d62658b5e16
diff --git a/tomcat_9-jre17-temurin-jammy/Dockerfile b/tomcat_9-jre17-temurin-jammy/Dockerfile
index 7eeb843..80b3d4d 100644
--- a/tomcat_9-jre17-temurin-jammy/Dockerfile
+++ b/tomcat_9-jre17-temurin-jammy/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243
-
ENV TOMCAT_MAJOR 9
ENV TOMCAT_VERSION 9.0.98
ENV TOMCAT_SHA512 07d87286e8ee84bb291069c596cf36233e56a14e3ecb6d65eea0fa7c7042ce5e75f5db31f210b96b6b25b80b34e626dd26c5a6ed5c052384a8587d62658b5e16
diff --git a/tomcat_9-jre17/Dockerfile b/tomcat_9-jre17/Dockerfile
index 5b11ae4..bfd65e7 100644
--- a/tomcat_9-jre17/Dockerfile
+++ b/tomcat_9-jre17/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243
-
ENV TOMCAT_MAJOR 9
ENV TOMCAT_VERSION 9.0.98
ENV TOMCAT_SHA512 07d87286e8ee84bb291069c596cf36233e56a14e3ecb6d65eea0fa7c7042ce5e75f5db31f210b96b6b25b80b34e626dd26c5a6ed5c052384a8587d62658b5e16
diff --git a/tomcat_9-jre21-temurin-jammy/Dockerfile b/tomcat_9-jre21-temurin-jammy/Dockerfile
index 13dd564..857a002 100644
--- a/tomcat_9-jre21-temurin-jammy/Dockerfile
+++ b/tomcat_9-jre21-temurin-jammy/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243
-
ENV TOMCAT_MAJOR 9
ENV TOMCAT_VERSION 9.0.98
ENV TOMCAT_SHA512 07d87286e8ee84bb291069c596cf36233e56a14e3ecb6d65eea0fa7c7042ce5e75f5db31f210b96b6b25b80b34e626dd26c5a6ed5c052384a8587d62658b5e16
diff --git a/tomcat_9-jre21/Dockerfile b/tomcat_9-jre21/Dockerfile
index 457a7a0..0e91fc9 100644
--- a/tomcat_9-jre21/Dockerfile
+++ b/tomcat_9-jre21/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243
-
ENV TOMCAT_MAJOR 9
ENV TOMCAT_VERSION 9.0.98
ENV TOMCAT_SHA512 07d87286e8ee84bb291069c596cf36233e56a14e3ecb6d65eea0fa7c7042ce5e75f5db31f210b96b6b25b80b34e626dd26c5a6ed5c052384a8587d62658b5e16
diff --git a/tomcat_9-jre8-temurin-jammy/Dockerfile b/tomcat_9-jre8-temurin-jammy/Dockerfile
index 3a905ef..33068aa 100644
--- a/tomcat_9-jre8-temurin-jammy/Dockerfile
+++ b/tomcat_9-jre8-temurin-jammy/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243
-
ENV TOMCAT_MAJOR 9
ENV TOMCAT_VERSION 9.0.98
ENV TOMCAT_SHA512 07d87286e8ee84bb291069c596cf36233e56a14e3ecb6d65eea0fa7c7042ce5e75f5db31f210b96b6b25b80b34e626dd26c5a6ed5c052384a8587d62658b5e16
diff --git a/tomcat_9-jre8/Dockerfile b/tomcat_9-jre8/Dockerfile
index bf9245d..95ae424 100644
--- a/tomcat_9-jre8/Dockerfile
+++ b/tomcat_9-jre8/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243
-
ENV TOMCAT_MAJOR 9
ENV TOMCAT_VERSION 9.0.98
ENV TOMCAT_SHA512 07d87286e8ee84bb291069c596cf36233e56a14e3ecb6d65eea0fa7c7042ce5e75f5db31f210b96b6b25b80b34e626dd26c5a6ed5c052384a8587d62658b5e16
diff --git a/tomcat_9/Dockerfile b/tomcat_9/Dockerfile
index 03f59ab..7e8a43c 100644
--- a/tomcat_9/Dockerfile
+++ b/tomcat_9/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243
-
ENV TOMCAT_MAJOR 9
ENV TOMCAT_VERSION 9.0.98
ENV TOMCAT_SHA512 07d87286e8ee84bb291069c596cf36233e56a14e3ecb6d65eea0fa7c7042ce5e75f5db31f210b96b6b25b80b34e626dd26c5a6ed5c052384a8587d62658b5e16
@@ -58,10 +54,24 @@ RUN set -eux; \
ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \
echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
- export GNUPGHOME="$(mktemp -d)"; \
- for key in $GPG_KEYS; do \
- gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ curl -fL -o upstream-KEYS 'https://www.apache.org/dist/tomcat/tomcat-9/KEYS'; \
+ gpg --batch --import upstream-KEYS; \
+# filter upstream KEYS file to *just* known/precomputed fingerprints
+ printf '' > filtered-KEYS; \
+# see https://www.apache.org/dist/tomcat/tomcat-9/KEYS
+ for key in \
+ 'DCFD35E0BF8CA7344752DE8B6FB21E8933C60243' \
+ 'A9C5DF4D22E99998D9875A5110C01C5A2F6059E7' \
+ '48F8E69F6390C9F25CFEDCD268248959359E722B' \
+ ; do \
+ gpg --batch --fingerprint "$key"; \
+ gpg --batch --export --armor "$key" >> filtered-KEYS; \
done; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ gpg --batch --import filtered-KEYS; \
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
tar -xf tomcat.tar.gz --strip-components=1; \
rm bin/*.bat; \
diff --git a/tomcat_jdk21-temurin-jammy/Dockerfile b/tomcat_jdk17-temurin-jammy/Dockerfile
similarity index 88%
copy from tomcat_jdk21-temurin-jammy/Dockerfile
copy to tomcat_jdk17-temurin-jammy/Dockerfile
index a31911e..ed3a61d 100644
--- a/tomcat_jdk21-temurin-jammy/Dockerfile
+++ b/tomcat_jdk17-temurin-jammy/Dockerfile
@@ -4,7 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-FROM eclipse-temurin:21-jdk-jammy
+FROM eclipse-temurin:17-jdk-jammy
ENV CATALINA_HOME /usr/local/tomcat
ENV PATH $CATALINA_HOME/bin:$PATH
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7
-
ENV TOMCAT_MAJOR 11
ENV TOMCAT_VERSION 11.0.2
ENV TOMCAT_SHA512 635d0b704d47a97050e3de995d372ef361ddb7589efbc53003afd6ac692d8db4a4125ae5dcc01af9e7371e8e598c98982e2a25617179b6ba0a04406299cca544
@@ -58,10 +54,23 @@ RUN set -eux; \
ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \
echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
- export GNUPGHOME="$(mktemp -d)"; \
- for key in $GPG_KEYS; do \
- gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ curl -fL -o upstream-KEYS 'https://www.apache.org/dist/tomcat/tomcat-11/KEYS'; \
+ gpg --batch --import upstream-KEYS; \
+# filter upstream KEYS file to *just* known/precomputed fingerprints
+ printf '' > filtered-KEYS; \
+# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS
+ for key in \
+ 'A9C5DF4D22E99998D9875A5110C01C5A2F6059E7' \
+ '48F8E69F6390C9F25CFEDCD268248959359E722B' \
+ ; do \
+ gpg --batch --fingerprint "$key"; \
+ gpg --batch --export --armor "$key" >> filtered-KEYS; \
done; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ gpg --batch --import filtered-KEYS; \
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
tar -xf tomcat.tar.gz --strip-components=1; \
rm bin/*.bat; \
diff --git a/tomcat_jdk21-temurin-jammy/Dockerfile b/tomcat_jdk17/Dockerfile
similarity index 88%
copy from tomcat_jdk21-temurin-jammy/Dockerfile
copy to tomcat_jdk17/Dockerfile
index a31911e..c5149c8 100644
--- a/tomcat_jdk21-temurin-jammy/Dockerfile
+++ b/tomcat_jdk17/Dockerfile
@@ -4,7 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-FROM eclipse-temurin:21-jdk-jammy
+FROM eclipse-temurin:17-jdk-noble
ENV CATALINA_HOME /usr/local/tomcat
ENV PATH $CATALINA_HOME/bin:$PATH
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7
-
ENV TOMCAT_MAJOR 11
ENV TOMCAT_VERSION 11.0.2
ENV TOMCAT_SHA512 635d0b704d47a97050e3de995d372ef361ddb7589efbc53003afd6ac692d8db4a4125ae5dcc01af9e7371e8e598c98982e2a25617179b6ba0a04406299cca544
@@ -58,10 +54,23 @@ RUN set -eux; \
ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \
echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
- export GNUPGHOME="$(mktemp -d)"; \
- for key in $GPG_KEYS; do \
- gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ curl -fL -o upstream-KEYS 'https://www.apache.org/dist/tomcat/tomcat-11/KEYS'; \
+ gpg --batch --import upstream-KEYS; \
+# filter upstream KEYS file to *just* known/precomputed fingerprints
+ printf '' > filtered-KEYS; \
+# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS
+ for key in \
+ 'A9C5DF4D22E99998D9875A5110C01C5A2F6059E7' \
+ '48F8E69F6390C9F25CFEDCD268248959359E722B' \
+ ; do \
+ gpg --batch --fingerprint "$key"; \
+ gpg --batch --export --armor "$key" >> filtered-KEYS; \
done; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ gpg --batch --import filtered-KEYS; \
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
tar -xf tomcat.tar.gz --strip-components=1; \
rm bin/*.bat; \
diff --git a/tomcat_jdk21-temurin-jammy/Dockerfile b/tomcat_jdk21-temurin-jammy/Dockerfile
index a31911e..8de0192 100644
--- a/tomcat_jdk21-temurin-jammy/Dockerfile
+++ b/tomcat_jdk21-temurin-jammy/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7
-
ENV TOMCAT_MAJOR 11
ENV TOMCAT_VERSION 11.0.2
ENV TOMCAT_SHA512 635d0b704d47a97050e3de995d372ef361ddb7589efbc53003afd6ac692d8db4a4125ae5dcc01af9e7371e8e598c98982e2a25617179b6ba0a04406299cca544
@@ -58,10 +54,23 @@ RUN set -eux; \
ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \
echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
- export GNUPGHOME="$(mktemp -d)"; \
- for key in $GPG_KEYS; do \
- gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ curl -fL -o upstream-KEYS 'https://www.apache.org/dist/tomcat/tomcat-11/KEYS'; \
+ gpg --batch --import upstream-KEYS; \
+# filter upstream KEYS file to *just* known/precomputed fingerprints
+ printf '' > filtered-KEYS; \
+# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS
+ for key in \
+ 'A9C5DF4D22E99998D9875A5110C01C5A2F6059E7' \
+ '48F8E69F6390C9F25CFEDCD268248959359E722B' \
+ ; do \
+ gpg --batch --fingerprint "$key"; \
+ gpg --batch --export --armor "$key" >> filtered-KEYS; \
done; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ gpg --batch --import filtered-KEYS; \
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
tar -xf tomcat.tar.gz --strip-components=1; \
rm bin/*.bat; \
diff --git a/tomcat_jre21-temurin-jammy/Dockerfile b/tomcat_jre17-temurin-jammy/Dockerfile
similarity index 80%
copy from tomcat_jre21-temurin-jammy/Dockerfile
copy to tomcat_jre17-temurin-jammy/Dockerfile
index 1c0adc6..3c046e6 100644
--- a/tomcat_jre21-temurin-jammy/Dockerfile
+++ b/tomcat_jre17-temurin-jammy/Dockerfile
@@ -4,7 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-FROM eclipse-temurin:21-jre-jammy
+FROM eclipse-temurin:17-jre-jammy
ENV CATALINA_HOME /usr/local/tomcat
ENV PATH $CATALINA_HOME/bin:$PATH
@@ -15,15 +15,11 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7
-
ENV TOMCAT_MAJOR 11
ENV TOMCAT_VERSION 11.0.2
ENV TOMCAT_SHA512 635d0b704d47a97050e3de995d372ef361ddb7589efbc53003afd6ac692d8db4a4125ae5dcc01af9e7371e8e598c98982e2a25617179b6ba0a04406299cca544
-COPY --from=tomcat:11.0.2-jdk21-temurin-jammy $CATALINA_HOME $CATALINA_HOME
+COPY --from=tomcat:11.0.2-jdk17-temurin-jammy $CATALINA_HOME $CATALINA_HOME
RUN set -eux; \
apt-get update; \
xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \
diff --git a/tomcat_jre21-temurin-jammy/Dockerfile b/tomcat_jre17/Dockerfile
similarity index 80%
copy from tomcat_jre21-temurin-jammy/Dockerfile
copy to tomcat_jre17/Dockerfile
index 1c0adc6..9b15e15 100644
--- a/tomcat_jre21-temurin-jammy/Dockerfile
+++ b/tomcat_jre17/Dockerfile
@@ -4,7 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-FROM eclipse-temurin:21-jre-jammy
+FROM eclipse-temurin:17-jre-noble
ENV CATALINA_HOME /usr/local/tomcat
ENV PATH $CATALINA_HOME/bin:$PATH
@@ -15,15 +15,11 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7
-
ENV TOMCAT_MAJOR 11
ENV TOMCAT_VERSION 11.0.2
ENV TOMCAT_SHA512 635d0b704d47a97050e3de995d372ef361ddb7589efbc53003afd6ac692d8db4a4125ae5dcc01af9e7371e8e598c98982e2a25617179b6ba0a04406299cca544
-COPY --from=tomcat:11.0.2-jdk21-temurin-jammy $CATALINA_HOME $CATALINA_HOME
+COPY --from=tomcat:11.0.2-jdk17-temurin-noble $CATALINA_HOME $CATALINA_HOME
RUN set -eux; \
apt-get update; \
xargs -rt apt-get install -y --no-install-recommends < "$TOMCAT_NATIVE_LIBDIR/.dependencies.txt"; \
diff --git a/tomcat_jre21-temurin-jammy/Dockerfile b/tomcat_jre21-temurin-jammy/Dockerfile
index 1c0adc6..63cbfa9 100644
--- a/tomcat_jre21-temurin-jammy/Dockerfile
+++ b/tomcat_jre21-temurin-jammy/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7
-
ENV TOMCAT_MAJOR 11
ENV TOMCAT_VERSION 11.0.2
ENV TOMCAT_SHA512 635d0b704d47a97050e3de995d372ef361ddb7589efbc53003afd6ac692d8db4a4125ae5dcc01af9e7371e8e598c98982e2a25617179b6ba0a04406299cca544
diff --git a/tomcat_jre21/Dockerfile b/tomcat_jre21/Dockerfile
index aeba7f2..8600d81 100644
--- a/tomcat_jre21/Dockerfile
+++ b/tomcat_jre21/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7
-
ENV TOMCAT_MAJOR 11
ENV TOMCAT_VERSION 11.0.2
ENV TOMCAT_SHA512 635d0b704d47a97050e3de995d372ef361ddb7589efbc53003afd6ac692d8db4a4125ae5dcc01af9e7371e8e598c98982e2a25617179b6ba0a04406299cca544
diff --git a/tomcat_latest/Dockerfile b/tomcat_latest/Dockerfile
index e057fa6..f3ad807 100644
--- a/tomcat_latest/Dockerfile
+++ b/tomcat_latest/Dockerfile
@@ -15,10 +15,6 @@ WORKDIR $CATALINA_HOME
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
-# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS
-# see also "versions.sh" (https://github.com/docker-library/tomcat/blob/master/versions.sh)
-ENV GPG_KEYS 48F8E69F6390C9F25CFEDCD268248959359E722B A9C5DF4D22E99998D9875A5110C01C5A2F6059E7
-
ENV TOMCAT_MAJOR 11
ENV TOMCAT_VERSION 11.0.2
ENV TOMCAT_SHA512 635d0b704d47a97050e3de995d372ef361ddb7589efbc53003afd6ac692d8db4a4125ae5dcc01af9e7371e8e598c98982e2a25617179b6ba0a04406299cca544
@@ -58,10 +54,23 @@ RUN set -eux; \
ddist 'tomcat.tar.gz' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz"; \
echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum --strict --check -; \
ddist 'tomcat.tar.gz.asc' "tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc" "$TOMCAT_VERSION/tomcat-$TOMCAT_VERSION.tar.gz.asc"; \
- export GNUPGHOME="$(mktemp -d)"; \
- for key in $GPG_KEYS; do \
- gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ curl -fL -o upstream-KEYS 'https://www.apache.org/dist/tomcat/tomcat-11/KEYS'; \
+ gpg --batch --import upstream-KEYS; \
+# filter upstream KEYS file to *just* known/precomputed fingerprints
+ printf '' > filtered-KEYS; \
+# see https://www.apache.org/dist/tomcat/tomcat-11/KEYS
+ for key in \
+ 'A9C5DF4D22E99998D9875A5110C01C5A2F6059E7' \
+ '48F8E69F6390C9F25CFEDCD268248959359E722B' \
+ ; do \
+ gpg --batch --fingerprint "$key"; \
+ gpg --batch --export --armor "$key" >> filtered-KEYS; \
done; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ gpg --batch --import filtered-KEYS; \
gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
tar -xf tomcat.tar.gz --strip-components=1; \
rm bin/*.bat; \Relevant Maintainers: |
yosifkit
approved these changes
Jan 13, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Changes:
verify-templating.yml