Distroless image?

build-minecraft.jenkins

@@ -7,12 +7,11 @@ def kanikoImage = "${repository}/library/kaniko:latest"
 def repositoryCreds = "harbor-repository-creds"
 
 // Container Variables
-def baseImage = "${repository}/library/alpine"
+def buildImage = "${repository}/library/alpine"
-def baseImageTag = "latest"
+def buildImageTag = "latest"
-def alpineJavaPackage = "openjdk17"
 
 // PaperMC URL
-def paperVersion = "1.17.1"
+def paperVersion = "1.18"
 
 // Minecraft Configuration
 def memoryMin = "1g"
@@ -45,6 +44,32 @@ spec:
         // Set working directory
         def workspace = pwd()
 
+        // Set dockerfile
+        def dockerFile = """
+
+FROM ${buildImage}:${buildImageTag} as builder
+
+RUN addgroup -S -g 1000 minecraft && \\
+    adduser --disabled-password -G minecraft --gecos "application account" --home "/minecraft" --shell "/sbin/nologin" --uid 1000 minecraft && \\
+    apk add --no-cache curl && \\
+    mkdir /minecraft && \\
+    mkdir /minecraft/data && \\
+    mkdir /minecraft/html && \\
+    curl --location --fail --silent \${paperDownload} -o /minecraft/paper-mc.jar
+
+FROM gcr.io/distroless/java17:latest
+
+COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
+COPY --from=builder /etc/passwd /etc/group /etc/
+COPY --from=builder --chown=minecraft:minecraft /minecraft/ /minecraft/
+
+USER minecraft
+
+WORKDIR /minecraft/data
+
+CMD ["java", "-Xms${memoryMin}", "-Xmx${memoryMax}", "-jar ../paper-mc.jar"]
+"""
+
         stage ("Prepare Kaniko") {
             container ("kaniko") {
                 withCredentials([usernameColonPassword(
@@ -66,34 +91,11 @@ spec:
             }
         }
 
-		stage ("Pre-Build") {
+        stage ("Create Dockerfile") {
-			def dockerFile = """
-FROM ${baseImage}:${baseImageTag}
-
-ARG paperDownload
-
-MAINTAINER The_Spider <spider@smoothnet.org>
-
-RUN sed -i -r -e 's/v3.14\\/community/edge\\/community/' /etc/apk/repositories && \\
-    apk add --no-cache ${alpineJavaPackage} curl jq && \\
-    addgroup -S -g 1000 minecraft && \\
-    adduser -S minecraft -G minecraft -h /minecraft -u 1000 && \\
-    curl --location --fail --silent \${paperDownload} -o /minecraft/paper-mc.jar && \\
-    mkdir /minecraft/data && \\
-    mkdir /minecraft/html && \\
-    chown -R minecraft:minecraft /minecraft
-
-USER minecraft
-
-WORKDIR /minecraft
-
-CMD cd data; java -Xms${memoryMin} -Xmx${memoryMax} -jar ../paper-mc.jar
-"""
-
             writeFile(file: workspace + '/Dockerfile', text: dockerFile)
         }
 
-		stage ("Build & Push") {
+        stage ("Get Paper-MC Version") {
             container ("alpine") {
                 sh "apk add --no-cache curl jq"
                 paperDownload = sh (
@@ -105,10 +107,17 @@ CMD cd data; java -Xms${memoryMin} -Xmx${memoryMax} -jar ../paper-mc.jar
                     returnStdout: true
                 ).trim()
             }
+        }
 
+        stage ("Build & Push") {
             container ("kaniko") {
                 sh """
-					/kaniko/executor --cleanup --context "${workspace}" -f "${workspace}/Dockerfile" --destination "${repository}/library/minecraft:latest" --build-arg "paperDownload=${paperDownload}"
+                    /kaniko/executor \\
+                        --cleanup \\
+                        --context "${workspace}" \\
+                        -f "${workspace}/Dockerfile" \\
+                        --destination "${repository}/library/minecraft:latest" \\
+                        --build-arg "paperDownload=${paperDownload}"
                 """
             }
         }