Defining the Application Container (Dockerfile)

Goal: To explain the key files in your application's Git repository. These files are cloned by the Jenkins pipeline and used to build and deploy the application.

Project Files in Git

Your Git repository contains all the necessary components for this deployment:

  1. Dockerfile: The blueprint for the application image.
  2. manager-context.xml: A helper file to configure the Tomcat manager.
  3. Deployment.yaml: Kubernetes manifest.
  4. service.yaml: Kubernetes manifest.
  5. ingress.yaml: Kubernetes manifest.
  6. your-app.war: (The Application) The compiled EGL RUI application file.

This chapter focuses on the Dockerfile and its helper, manager-context.xml.

File 1: Dockerfile (Application Blueprint)

This is the Dockerfile located in the Git repository. The docker build command in the pipeline will use it.
FROM tomcat:9.0.90

# Clean logs and prepare webapps
RUN rm -rf /usr/local/tomcat/logs/* && \
    cp -r /usr/local/tomcat/webapps.dist/* /usr/local/tomcat/webapps

# Copy your WAR file (passed at build time)
ARG WARFILE
COPY ${WARFILE} /usr/local/tomcat/webapps/

# Set Tomcat manager credentials
ARG TOMCAT_USER=tomcat
ARG TOMCAT_PASSWORD=tomcat
RUN cat > /usr/local/tomcat/conf/tomcat-users.xml <<EOF
<tomcat-users>
  <role rolename="manager-gui"/>
  <role rolename="manager-script"/>
  <role rolename="admin-gui"/>
  <user username="${TOMCAT_USER}" password="${TOMCAT_PASSWORD}" roles="manager-gui,manager-script,admin-gui"/>
</tomcat-users>
EOF

# Replace context.xml to remove RemoteAddrValve restriction
# This allows the manager to be accessed from any IP
COPY manager-context.xml /usr/local/tomcat/webapps/manager/META-INF/context.xml

WORKDIR /usr/local/tomcat

File 2: manager-context.xml (Tomcat Helper)

This file is also in the Git repo and is used by the COPY command in the Dockerfile. Its purpose is to remove the default IP address restriction on the Tomcat Manager application, which is necessary for this demo.
<?xml version="1.0" encoding="UTF-8"?>
<Context antiResourceLocking="false" privileged="true">
  </Context>

Dockerfile Explanation

This section outlines the functionality of each command in the Dockerfile.

Command Purpose
FROM tomcat:9.0.90 Uses the official Apache Tomcat 9.0.90 image as the base. This provides a stable Java and Tomcat server environment.
RUN rm -rf ... && cp -r ... Cleans the Tomcat environment. It deletes old logs and copies the default webapps.dist (manager, host-manager, etc.) files back into the webapps directory. This ensures a clean, predictable state for every build.
ARG WARFILE Declares a build-time argument named WARFILE. The Jenkins pipeline will pass the path to the .war file in the workspace (e.g., app.war) to this argument.
COPY ${WARFILE} ... Copies the .war file (cloned from Git) directly from the Jenkins workspace into Tomcat's webapps directory. Tomcat will auto-deploy this file when the container starts.
ARG TOMCAT_USER=... & ARG TOMCAT_PASSWORD=... Declares build-time arguments to set credentials for the Tomcat Manager securely. The Jenkins pipeline passes values to these.
RUN cat > ... tomcat-users.xml ... Dynamically creates the /usr/local/tomcat/conf/tomcat-users.xml file. It injects the values from the TOMCAT_USER and TOMCAT_PASSWORD arguments, creating a new manager user with full admin roles.
COPY manager-context.xml ... Copies the manager-context.xml file (also cloned from Git) and overwrites the default one for the /manager application. This is for demo purposes only and must be removed in production.
WORKDIR /usr/local/tomcat Sets the final working directory of the image.

Docker Image Naming Convention

In the pipeline, the final image name is dynamically constructed.
us-central1-docker.pkg.dev/hclsw-gcp-rbd/hcl-rbd2/hcl-rbd2:${params.IMAGE_TAG}
  • us-central1-docker.pkg.dev: The regional domain for Google Artifact Registry.
  • hclsw-gcp-rbd: Your GCP Project ID.
  • hcl-rbd2 (first): The name of the Artifact Registry repository.
  • hcl-rbd2 (second): The name of the specific image.
  • ${params.IMAGE_TAG}: The tag (e.g., v1, latest) passed as a parameter to the Jenkins job.