diff --git a/docker/orthanc/AmazonLinux2Dockerfile b/docker/orthanc/AmazonLinux2Dockerfile index add3fb0..649011d 100644 --- a/docker/orthanc/AmazonLinux2Dockerfile +++ b/docker/orthanc/AmazonLinux2Dockerfile @@ -1,92 +1,55 @@ -# ===> https://github.com/orthanc-server/orthanc-builder/blob/11d6930/docker/orthanc/Dockerfile.runner-base - -########################## orthanc-runner-base +################## +# The dockerfile below is copied+adapted from docker/orthanc/Dockerfile.runner-base +################## # base image to build and execute orthanc. # This image should contain only the packages that are common to both ! # The purpose of this intermediate image is to benefit from Docker cache. -ARG BASE_DEBIAN_IMAGE=bookworm-20250113-slim -FROM debian:$BASE_DEBIAN_IMAGE AS orthanc-runner-base - -# we had some issues with one of the mirror -> force it to the Belgian mirror -# RUN rm /etc/apt/sources.list.d/debian.sources -# RUN echo "deb http://ftp.be.debian.org/debian/ bookworm main" | tee /etc/apt/sources.list.d/belgium.mirror.list - -RUN export DEBIAN_FRONTEND=noninteractive && \ - apt-get --assume-yes update && \ - apt-get --assume-yes install python3 && \ - apt-get --assume-yes install python3-pip && \ - apt-get --assume-yes install ca-certificates && \ - apt-get --assume-yes install tzdata && \ - apt-get --assume-yes install locales && \ - apt-get --assume-yes install libcurl4 && \ - apt-get --assume-yes install libdcmtk17 && \ - apt-get --assume-yes install libboost-log1.74.0 libboost-filesystem1.74.0 libboost-locale1.74.0 libboost-regex1.74.0 libboost-system1.74.0 libboost-thread1.74.0 libboost-iostreams1.74.0 && \ - apt-get --assume-yes install libjpeg62-turbo && \ - apt-get --assume-yes install libjsoncpp25 && \ - apt-get --assume-yes install liblua5.4 && \ - apt-get --assume-yes install libpng16-16 && \ - apt-get --assume-yes install libpugixml1v5 && \ - apt-get --assume-yes install libsqlite3-0 && \ - apt-get --assume-yes install libssl3 && \ - apt-get --assume-yes install libuuid1 && \ - apt-get --assume-yes install lsb-base && \ - apt-get --assume-yes install zlib1g && \ - apt-get --assume-yes install libpq5 && \ - apt-get --assume-yes install libmariadb3 && \ - apt-get --assume-yes install unixodbc && \ - apt-get --assume-yes install libopenslide0 && \ - apt-get --assume-yes install libcrypto++ && \ - apt-get --assume-yes install libcpprest && \ - apt-get --assume-yes install libprotobuf32 && \ - apt-get --assume-yes clean && \ - rm --recursive --force /var/lib/apt/lists/* +FROM 707767160287.dkr.ecr.us-east-1.amazonaws.com/gen3/amazonlinux-base:master AS orthanc-runner-base + +RUN dnf -y update && \ + dnf -y install python3.11-devel \ + ca-certificates tzdata \ + libcurl-devel boost-devel libjpeg-turbo-devel \ + jsoncpp-devel lua-devel libpng-devel sqlite-devel \ + openssl-devel libuuid-devel unixODBC-devel \ + protobuf-devel && \ + dnf clean all # Make sure the en_US locale has been generated (required for # case-insensitive comparison of strings with accents) -RUN echo "en_US.UTF-8 UTF-8" > /etc/locale.gen -RUN locale-gen +# (pauline 02/2025) The lines below don't work, but everything seems to work fine without this +# RUN dnf -y install glibc-locale-source glibc-langpack-en +# RUN localedef -i en_US -f UTF-8 en_US.UTF-8 -# ===> https://github.com/orthanc-server/orthanc-builder/blob/11d6930/docker/orthanc/Dockerfile.builder-base +################## +# The dockerfile below is copied+adapted from docker/orthanc/Dockerfile.builder-base +################## -########################## Orthanc builder base # image to compile Orthanc and its plugins dynamically FROM orthanc-runner-base AS orthanc-builder-base -RUN export DEBIAN_FRONTEND=noninteractive -RUN apt-get --assume-yes update -RUN apt-get --assume-yes install wget -RUN apt-get --assume-yes install build-essential -RUN apt-get --assume-yes install unzip -RUN apt-get --assume-yes install uuid-dev -RUN apt-get --assume-yes install apt-utils -RUN apt-get --assume-yes install libcurl4-openssl-dev -RUN apt-get --assume-yes install curl -RUN apt-get --assume-yes install apt-transport-https -RUN apt-get --assume-yes install liblua5.4-dev -RUN apt-get --assume-yes install libgtest-dev -RUN apt-get --assume-yes install libpng-dev -RUN apt-get --assume-yes install libsqlite3-dev -RUN apt-get --assume-yes install libjpeg-dev zlib1g-dev libdcmtk-dev libboost-all-dev libwrap0-dev libcharls-dev libjsoncpp-dev libpugixml-dev -RUN apt-get --assume-yes install git -RUN apt-get --assume-yes install mercurial -RUN apt-get --assume-yes install zip -RUN apt-get --assume-yes install libpq-dev postgresql-server-dev-all -RUN apt-get --assume-yes install python3-dev -RUN apt-get --assume-yes install unixodbc-dev -RUN apt-get --assume-yes install libgmock-dev -RUN apt-get --assume-yes install protobuf-compiler -# on recent Debian, the libmysql-dev package is not available anymore -# and the MariaDbConfiguration.cmake does not handle it correctly -> use the downloaded mariadb_client -RUN apt-get --assume-yes install default-libmysqlclient-dev -# RUN apt-get --assume-yes install libmariadb-dev - -RUN apt-get --assume-yes install cmake -RUN apt-get --assume-yes install awscli -# for orthanc-stl plugin: -RUN apt-get --assume-yes install libgl1-mesa-dev libxt-dev - -RUN apt-get --assume-yes install default-jdk +RUN dnf -y update && \ + dnf -y install wget unzip gcc gcc-c++ make cmake libuuid-devel \ + ca-certificates tzdata libcurl-devel boost-devel \ + libjpeg-turbo-devel zlib-devel git mercurial zip \ + libpq libpq-devel postgresql-libs postgresql-devel \ + protobuf-compiler aws-cli libpng-devel sqlite-devel \ + lua-devel \ + unixODBC-devel \ + tar python-pip \ + readline-devel libicu-devel openssl-devel \ + java-11-amazon-corretto \ + patch gtest gtest-devel && \ + dnf clean all + +RUN wget https://ftp.postgresql.org/pub/source/v16.5/postgresql-16.5.tar.gz && tar -zxvf postgresql-16.5.tar.gz && cd postgresql-16.5 && ./configure --bindir=/usr/bin --with-openssl && make -C src/bin install && make -C src/include install && make -C src/interfaces install + +# install googletest, pugixml and cryptopp from source because the packages are not available +# in this amazon linux 2 base image +RUN git clone https://github.com/google/googletest.git && cd googletest && mkdir build && cd build && cmake .. && make && make install +RUN git clone https://github.com/zeux/pugixml.git && cd pugixml && mkdir build && cd build && cmake .. && make && make install +RUN git clone https://github.com/weidai11/cryptopp.git && cd cryptopp && make && make install # # install a recent cmake version (required later by recent vcpkg versions that we don't use now !) # WORKDIR /tmp @@ -153,7 +116,9 @@ COPY build-or-download.sh /scripts # ARG STONE_INTERMEDIATE_TARGET=build-stone-viewer-amd64 -# ===> https://github.com/orthanc-server/orthanc-builder/blob/11d6930/docker/orthanc/Dockerfile +################## +# The dockerfile below is copied+adapted from docker/orthanc/Dockerfile +################## # FROM orthanc-builder-base ARG ARG_AWS_ACCESS_KEY_ID @@ -201,8 +166,6 @@ RUN /scripts/build-or-download.sh version=$STABLE_OR_UNSTABLE target=orthanc-gdc FROM orthanc-builder-base AS build-plugin-pg ARG ORTHANC_PG_COMMIT_ID -# RUN echo debughere -# RUN hg --debug clone "https://bitbucket.org/sjodogne/orthanc" RUN /scripts/build-or-download.sh version=$STABLE_OR_UNSTABLE target=orthanc-pg commitId=$ORTHANC_PG_COMMIT_ID baseImage=$PLATFORM/$BASE_IMAGE_TAG preferDownloads=$PREFER_DOWNLOADS enableUploads=$ENABLE_UPLOAD ########################## Orthanc MySQL @@ -470,7 +433,10 @@ RUN if [[ ! -z "$TARGETPLATFORM" ]] && [[ "$TARGETPLATFORM" != "linux/amd64" ]]; RUN chmod +x /usr/share/orthanc/plugins-available/* RUN chmod +x /usr/local/bin/* -RUN pip install envsubst==0.1.5 --break-system-packages +RUN dnf -y update && \ + dnf -y install python-pip vim git libpq && \ + dnf clean all +RUN pip install envsubst==0.1.5 # configure SSL for azure rest sdk (azure object storage plugin) ENV SSL_CERT_DIR=/etc/ssl/certs @@ -489,16 +455,12 @@ COPY *.lua /lua-scripts/ COPY test-aliveness.py /probes/ -# cleanup unnecessary packages that can trigger errors during security scan -RUN apt purge --assume-yes build-essential perl bzip2 gnupg xdg-user-dirs && apt --assume-yes autoremove - - -# always create an 'orthanc' group (gid=999) and an orthanc user (uid=999) +# always create an 'orthanc' group (gid=1000) and an orthanc user (uid=1000) # and grants him all permissions on files that can be modified by the docker-entrypoint.sh # The default root users can still access these files too. # for the /etc/hostid -> we must make sure the file exists to grant the permission -RUN groupadd --system orthanc --gid=999; \ - useradd --system --gid=orthanc --uid=999 --home-dir=/var/lib/orthanc --shell=/bin/false orthanc; \ +RUN groupadd --system orthanc --gid=1000; \ + useradd --system --gid=orthanc --uid=1000 --home-dir=/var/lib/orthanc --shell=/bin/false orthanc; \ mkdir -p /var/lib/orthanc; \ chown -R orthanc:orthanc /var/lib/orthanc; \ chown -R orthanc:orthanc /tmp; \ diff --git a/docker/orthanc/build-or-download.sh b/docker/orthanc/build-or-download.sh index 4ac397a..8dab96c 100755 --- a/docker/orthanc/build-or-download.sh +++ b/docker/orthanc/build-or-download.sh @@ -95,9 +95,12 @@ if [[ $target == "orthanc" ]]; then # note: building with static DCMTK while waiting for Debian bullseye to update to latest DCMTK issues (we need DCMTK 3.6.7: https://www.hipaajournal.com/warning-issued-about-3-high-severity-vulnerabilities-in-offis-dicom-software/) # also force latest OpenSSL (and therefore, we need to force static libcurl) - cmake -DALLOW_DOWNLOADS=ON -DCMAKE_BUILD_TYPE:STRING=Release -DSTANDALONE_BUILD=ON -DUSE_GOOGLE_TEST_DEBIAN_PACKAGE=ON -DUSE_SYSTEM_CIVETWEB=OFF -DUSE_SYSTEM_DCMTK=OFF -DUSE_SYSTEM_OPENSSL=OFF -DUSE_SYSTEM_CURL=OFF $sourcesRootPath/OrthancServer + # (pauline 02/2025) Setting `DUSE_GOOGLE_TEST_DEBIAN_PACKAGE` to `OFF` to fix error when + # the CI runs the tests: `Please install the libgtest-dev package` + cmake -DALLOW_DOWNLOADS=ON -DCMAKE_BUILD_TYPE:STRING=Release -DSTANDALONE_BUILD=ON -DUSE_GOOGLE_TEST_DEBIAN_PACKAGE=OFF -DUSE_SYSTEM_CIVETWEB=OFF -DUSE_SYSTEM_DCMTK=OFF -DUSE_SYSTEM_OPENSSL=OFF -DUSE_SYSTEM_CURL=OFF $sourcesRootPath/OrthancServer make -j 4 - # HttpClient.Ssl and HttpClient.SslNoVerification are failing + # (pauline 02/2025) Commenting out unit tests to fix error when the CI runs the tests: + # `HttpClient.Ssl and HttpClient.SslNoVerification are failing` # $buildRootPath/UnitTests upload Orthanc @@ -165,7 +168,10 @@ elif [[ $target == "orthanc-pg" ]]; then hg clone https://orthanc.uclouvain.be/hg/orthanc-databases/ -r $commitId $sourcesRootPath pushd $buildRootPath - cmake -DALLOW_DOWNLOADS=ON -DCMAKE_BUILD_TYPE:STRING=Release -DUSE_SYSTEM_GOOGLE_TEST=ON -DUSE_SYSTEM_ORTHANC_SDK=OFF $sourcesRootPath/PostgreSQL + # (pauline 02/2025) Adding "-D PostgreSQL_TYPE_INCLUDE_DIR=`pg_config --includedir-server`" + # to fix error: `CMake Error: The following variables are used in this project, but they + # are set to NOTFOUND. PostgreSQL_TYPE_INCLUDE_DIR` + cmake -DALLOW_DOWNLOADS=ON -DCMAKE_BUILD_TYPE:STRING=Release -DUSE_SYSTEM_GOOGLE_TEST=ON -DUSE_SYSTEM_ORTHANC_SDK=OFF -D PostgreSQL_TYPE_INCLUDE_DIR=`pg_config --includedir-server` $sourcesRootPath/PostgreSQL make -j 4 upload libOrthancPostgreSQLIndex.so