FEAT: Dockerfile for CLI verapdf (#404)

* FEAT: Dockerfile for CLI verapdf

- added Dockerfile that:
  - downloads and installs veraPDF to the `app-installer` container;
  - builds a custom Alpine JRE on the jre-builder
  - copies both of the above to an Alpine docker container.
- added basic build and run instructions to the README.
- added GitHub actions for pushing cli image

.github/workflows/push-github.yml

@@ -0,0 +1,70 @@
+name: Publish image to GitHub Packages
+on:
+  push:
+    tags:
+      - v1.27.*
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: veraPDF/cli
+
+jobs:
+  publish:
+    if: github.repository == 'veraPDF/veraPDF-apps'
+    name: Build and push Docker image to GitHub packages
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Log in to the Container registry
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract metadata (tags, labels) for GitHub
+        id: meta
+        uses: docker/metadata-action@v2
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+
+      - name: Calculate version
+        env:
+          TAG: ${{ github.ref_name }}
+        id: version
+        run: echo "::set-output name=version::${TAG##*.}"
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          push: true
+          file: Dockerfile
+          build-args: |
+            VERAPDF_VERSION=1.27
+            VERAPDF_MINOR_VERSION=${{ steps.version.outputs.version }}
+            VERAPDF_INSTALLER_FOLDER=develop
+          tags: ghcr.io/verapdf/cli:dev,ghcr.io/verapdf/cli:${{ github.ref_name }}
+          labels: ${{ steps.meta.outputs.labels }}
+
+  send-notification:
+    runs-on: ubuntu-latest
+    needs: [checkout-and-build, merge]
+    if: |
+      always() &&
+      github.repository == 'veraPDF/veraPDF-apps' &&
+      (contains(needs.*.result, 'failure') ||
+      contains(needs.*.result, 'skipped') ||
+      contains(needs.*.result, 'cancelled'))
+    steps:
+      - name: Send notification if build or push failed
+        env:
+          SLACK_BOT_TOKEN: ${{ secrets.SLACK_NOTIFICATIONS_BOT_TOKEN }}
+        uses: voxmedia/github-action-slack-notify-build@v1
+        with:
+          channel_id: C03E3JJGLQL
+          status: FAILED
+          color: danger
+

Dockerfile

@@ -0,0 +1,57 @@
+# See https://docs.docker.com/engine/userguide/eng-image/multistage-build/
+# First build the app on a maven open jdk 11 container
+ARG VERAPDF_VERSION
+ARG VERAPDF_MINOR_VERSION
+ARG VERAPDF_INSTALLER_FOLDER
+FROM eclipse-temurin:11-jdk-alpine AS app-installer
+ENV VERAPDF_VERSION=${VERAPDF_VERSION:-1.26}
+ENV VERAPDF_MINOR_VERSION=${VERAPDF_MINOR_VERSION:-2}
+ENV VERAPDF_INSTALLER_FOLDER=${VERAPDF_INSTALLER_FOLDER:-releases}
+
+WORKDIR /tmp
+COPY docker-install.xml .
+RUN wget -O /tmp/verapdf-installer.zip https://software.verapdf.org/${VERAPDF_INSTALLER_FOLDER}/${VERAPDF_VERSION}/verapdf-greenfield-${VERAPDF_VERSION}.${VERAPDF_MINOR_VERSION}-installer.zip
+RUN unzip verapdf-installer.zip && java -jar ./verapdf-greenfield-${VERAPDF_VERSION}.${VERAPDF_MINOR_VERSION}/verapdf-izpack-installer-${VERAPDF_VERSION}.${VERAPDF_MINOR_VERSION}.jar docker-install.xml
+
+# Now build a Java JRE for the Alpine application image
+# https://github.com/docker-library/docs/blob/master/eclipse-temurin/README.md#creating-a-jre-using-jlink
+FROM eclipse-temurin:11-jdk-alpine AS jre-builder
+
+# Create a custom Java runtime
+RUN "$JAVA_HOME/bin/jlink" \
+         --add-modules java.base,java.logging,java.xml,jdk.crypto.ec,java.desktop,jdk.management \
+         --strip-debug \
+         --no-man-pages \
+         --no-header-files \
+         --compress=2 \
+         --output /javaruntime
+
+# Now the final application image
+FROM alpine:3
+
+# Set for additional arguments passed to the java run command, no default
+ARG JAVA_OPTS
+ENV JAVA_OPTS=$JAVA_OPTS
+# Specify the veraPDF REST version if you want to (to be used in build automation)
+ARG VERAPDF_VERSION
+ENV VERAPDF_VERSION=${VERAPDF_VERSION}
+
+# Copy the JRE from the previous stage
+ENV JAVA_HOME=/opt/java/openjdk
+ENV PATH "${JAVA_HOME}/bin:${PATH}"
+COPY --from=jre-builder /javaruntime $JAVA_HOME
+
+# Since this is a running network service we'll create an unprivileged account
+# which will be used to perform the rest of the work and run the actual service:
+RUN addgroup -S verapdf && adduser -S -G verapdf -h /opt/verapdf verapdf
+RUN mkdir --parents /var/opt/verapdf/logs && chown -R verapdf:verapdf /var/opt/verapdf
+
+USER verapdf
+
+# Copy the application from the previous stage
+COPY --from=app-installer /opt/verapdf/ /opt/verapdf/
+
+WORKDIR /data
+VOLUME /data
+
+ENTRYPOINT ["/opt/verapdf/verapdf"]

README.md

@@ -1,5 +1,5 @@
-veraPDF-apps
-===============
+# veraPDF-apps
+
 *Command line and GUI industry supported PDF/A and PDF/UA Validation*
 
 [![Build Status](https://jenkins.openpreservation.org/job/veraPDF/job/1.27/job/apps/badge/icon)](https://jenkins.openpreservation.org/job/veraPDF/job/1.27/job/apps/ "OPF Jenkins")
@@ -16,24 +16,27 @@ Licensing
 ---------
 The veraPDF PDF/A Validation Library is dual-licensed, see:
 
- - [GPLv3+](LICENSE.GPL "GNU General Public License, version 3")
- - [MPLv2+](LICENSE.MPL "Mozilla Public License, version 2.0")
+- [GPLv3+](LICENSE.GPL "GNU General Public License, version 3")
+- [MPLv2+](LICENSE.MPL "Mozilla Public License, version 2.0")
+
+## Documentation
 
-Documentation
--------------
 See the [veraPDF documentation site](https://docs.verapdf.org/).
 
-Quick Start
------------
+## Quick Start
 
 ### veraPDF GUI
+
 #### Download release version
+
 You can download a Java-based installer for the latest veraPDF GUI release [from our download site](https://software.verapdf.org/rel/verapdf-installer.zip). The current installation process requires Java 8, 11, 17 or 21 to be pre-installed.
 
 #### Download latest development version
+
 If you want to try the latest development version you can obtain it from our [development download site](https://software.verapdf.org/dev/verapdf-installer.zip). Be aware that we release development snapshots regularly, often more than once a day. While we try to ensure that development builds are well tested there are no guarantees.
 
 #### Install from zip package
+
 Once downloaded unzip the archive which contains the installer jar with batch and shell scripts to launch, the zip contents are as follows:
 
     verapdf-${project.version}/verapdf-install.bat
@@ -47,6 +50,7 @@ Windows users should run the 'verapdf-install.bat' batch file, while Linux and O
     java -jar <path-to-installer-jar>/verapdf-izpack-installer-${project.version}.jar
 
 #### Linux full command line download and install
+
 Linux users can download and execute the veraPDF installer using the following commands:
 
     wget http://downloads.verapdf.org/rel/verapdf-installer.zip
@@ -55,28 +59,32 @@ Linux users can download and execute the veraPDF installer using the following c
     ./verapdf-install
 
 #### veraPDF GUI manual
+
 We've prepared a manual for the GUI which is included in the library project and can be [downloaded from GitHub](https://github.com/veraPDF/veraPDF-apps/raw/integration/veraPDFPDFAConformanceCheckerGUI.pdf).
 
 #### JVM configuration options
+
 The startup script found in the install dir, e.g. `.../verapdf/verapdf-gui` for Linux, or `.../verapdf/verapdf-gui.bat` for Windows can be used to pass
 configuration options to the JVM. This is done by setting `$JAVA_OPTS` for Linux, or `%JAVA_OPTS%` in the Window batch file. Alternatively these can be
 passed directly as parameters when calling the shell or batch script.
 
-Building the veraPDF-apps from Source
-----------------------------------------
+## Building the veraPDF-apps from Source
+
 ### Pre-requisites
 
 In order to build this project you'll need:
 
- * Java 8, 11, 17 or 21, which can be downloaded [from Oracle](https://www.oracle.com/technetwork/java/javase/downloads/index.html), or for Linux users [OpenJDK](https://openjdk.java.net/install/index.html).
- * [Maven v3+](https://maven.apache.org/)
+- Java 8, 11, 17 or 21, which can be downloaded [from Oracle](https://www.oracle.com/technetwork/java/javase/downloads/index.html), or for Linux users [OpenJDK](https://openjdk.java.net/install/index.html).
+- [Maven v3+](https://maven.apache.org/)
 
 Life will be easier if you also use [Git](https://git-scm.com/) to obtain and manage the source.
 
 ### Building veraPDF
+
 First you'll need to obtain a version of the veraPDF-apps source code. You can compile either the latest release version or the latest development source.
 
 #### Downloading the latest release source
+
 Use Git to clone the repository and ensure that the `master` branch is checked out:
 
     git clone https://github.com/veraPDF/veraPDF-apps
@@ -86,6 +94,7 @@ Use Git to clone the repository and ensure that the `master` branch is checked o
 or download the latest [tar archive](https://github.com/veraPDF/veraPDF-apps/archive/master.tar.gz "veraPDF-apps latest GitHub tar archive") or [zip archive](https://github.com/veraPDF/veraPDF-apps/archive/master.zip "veraPDF-apps latest GitHub zip archive") from GitHub.
 
 #### Downloading the latest development source
+
 Use Git to clone the repository and ensure that the `integration` branch is checked out:
 
     git clone https://github.com/veraPDF/veraPDF-apps
@@ -95,13 +104,32 @@ Use Git to clone the repository and ensure that the `integration` branch is chec
 or download the latest [tar archive](https://github.com/veraPDF/veraPDF-apps/archive/integration.tar.gz "veraPDF-apps latest GitHub tar archive") or [zip archive](https://github.com/veraPDF/veraPDF-apps/archive/integration.zip "veraPDF-apps latest GitHub zip archive") from GitHub.
 
 #### Use Maven to compile the source
+
 Call Maven install:
 
     mvn clean install
 
 #### Testing the build
+
 You can test your build by running the greenfield GUI application from the `greenfield-apps` sub-module.
 
     java -jar greenfield-apps/target/greenfield-apps-${project.version}.jar
 
 Where `${project.version}` is the current Maven project version. This should bring up the veraPDF GUI main window if the build was successful.
+
+## Building the Docker image
+
+The accompanying [`Dockerfile`](Dockerfile) can be used to build a Docker image containing the veraPDF CLI and GUI applications. The image is based on the official Alpine image. It doesn't build the project, instead it downloads a version of the installer. It also builds a slimline JRE which is used to trim the final image size.
+
+The version built is controlled by three arguments in the Dockerfile, `VERAPDF_VERSION`, `VERAPDF_MINOR_VERSION` and `VERAPDF_INSTALLER_FOLDER`. These can be used to select a specific installer at invocation time. The default values are `VERAPDF_VERSION=1.26`, `VERAPDF_MINOR_VERSION=2` and `VERAPDF_INSTALLER_FOLDER=releases`, which builds the latest production version, e.g. `1.26.2`.
+
+To build and run the very latest version:
+
+    docker build -t verapdf .
+    docker run -it -v "$(pwd)":/data --name verapdf verapdf a.pdf 
+
+To build a specific version, e.g. `1.22.3`:
+
+    docker build --build-arg VERAPDF_VERSION=1.22 --build-arg VERAPDF_MINOR_VERSION=3 -t verapdf .
+
+To build a specific development version argument `VERAPDF_INSTALLER_FOLDER` should be set to `develop`.

docker-install.xml

@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<AutomatedInstallation langpack="eng">
+    <com.izforge.izpack.panels.htmlhello.HTMLHelloPanel id="welcome"/>
+    <com.izforge.izpack.panels.target.TargetPanel id="install_dir">
+        <installpath>/opt/verapdf</installpath>
+    </com.izforge.izpack.panels.target.TargetPanel>
+    <com.izforge.izpack.panels.packs.PacksPanel id="sdk_pack_select">
+        <pack index="0" name="veraPDF GUI" selected="true"/>
+        <pack index="1" name="veraPDF Mac and *nix Scripts" selected="true"/>
+        <pack index="2" name="veraPDF Validation model" selected="false"/>
+        <pack index="3" name="veraPDF Documentation" selected="false"/>
+        <pack index="4" name="veraPDF Sample Plugins" selected="false"/>
+    </com.izforge.izpack.panels.packs.PacksPanel>
+    <com.izforge.izpack.panels.install.InstallPanel id="install"/>
+    <com.izforge.izpack.panels.finish.FinishPanel id="finish"/>
+</AutomatedInstallation>