Hi Sean,
I am afraid I am responsible for creating those images :)…
Chris asked me already to move them to the official Apache repo, which is on my
list of things to do.
In the past, openJDK gave me problem when using some advanced SSL features,
like certificate authentication - not sure if that is the case any more.
I think we could start with your proposal [1] and then possibly implement [3].
BTW all these images are based on OODT-1.0, and contain only a few core
services (File Manager, Workflow Manager, Crawler).
thanks, Luca
> On Nov 8, 2017, at 12:34 PM, Chris Mattmann <mattm...@apache.org> wrote:
>
> Great catch!
>
> I would vote to just switch it to OpenJDK yay….
>
> Cheers
> Chris
>
>
>
>
> On 11/8/17, 11:33 AM, "Sean Kelly" <ke...@apache.org> wrote:
>
> Hi folks:
>
> I'm playing more and more with Docker and happily discovered that
> there's already an OODT presence on the Docker Store [1].
>
> So I pulled the oodt-node image [2] and looked inside ("docker history
> --no-trunc") and saw that one of the steps performed is:
>
> /bin/sh -c wget --no-cookies --no-check-certificate --header "Cookie:
> oraclelicense=accept-securebackup-cookie" -O
> /tmp/jdk-8-linux-x64.rpm
>
> "http://download.oracle.com/otn-pub/java/jdk/${JAVA_VERSION}-${JAVA_BUILD_VERSION}/d54c1d3a095b4ff2b6607d096fa80163/jdk-${JAVA_VERSION}-linux-x64.rpm";
>
> What stands out is the cookie.
>
> My fear is that using this image effectively makes the user accept
> Oracle's license agreement for Java but in no way notifies the user this
> is happening.
>
> Could we at least update the page at [1] to warn users, similar to the
> way this unofficial Java 8 image does it [3]? Or even better, try OpenJDK?
>
> --Sean
>
> [1] https://store.docker.com/profiles/oodthub
> [2] https://store.docker.com/community/images/oodthub/oodt-node
> [3] https://store.docker.com/community/images/lwieske/java-8
>
> --
> Sean Kelly
> Member, Apache Software Foundation
>
>
>
signature.asc
Description: Message signed with OpenPGP using GPGMail
