[
https://issues.apache.org/jira/browse/FINERACT-830?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17102634#comment-17102634
]
Yemdjih Kaze Nasser commented on FINERACT-830:
----------------------------------------------
I was looking into https://issues.apache.org/jira/browse/FINERACT-882, but then
I noticed kubernetes build is broken. I get the following error
{code:java}
08-May-2020 12:15:18.874 WARNING [main]
com.sun.jersey.multipart.impl.MultiPartReaderClientSide.createMimeConfig Cannot
create temporary files. Multipart attachments will be limited to 4096 bytes.
java.io.IOException: Permission denied
{code}
I think making some changes to the dockerfile might fix this but on the
otherhand resolving this issue might be a better approach to resolving this
inconvenience.
> Use distroless base image instead of bitnami/tomcat in container
> ----------------------------------------------------------------
>
> Key: FINERACT-830
> URL: https://issues.apache.org/jira/browse/FINERACT-830
> Project: Apache Fineract
> Issue Type: Improvement
> Reporter: Michael Vorburger
> Priority: Major
> Labels: kubernetes, technical
>
> Rohit Verma on the mailing list raised using a "more hardened base image like
> distroless".
> I'll admit that I'm personally not a huge fan of "FROM bitnami/tomcat:7.0.94"
> myself! Any contributions you'd like to make on this front would be very very
> welcome, from my side.
> https://github.com/GoogleContainerTools/distroless is a great alternative.
> (BTW
> https://access.redhat.com/containers/?tab=images#/registry.access.redhat.com/redhat-openjdk-18/openjdk18-openshift
> is a another great choice, if you're into something supported.)
> Your mission, should you choose to accept it and work on this issue, would be
> to raise a PR modifying our Dockerfile, but then still have the related test
> at the end of .travis.yml pass - everything (container, Docker Compose,
> Kubernetes) should, obviously, still "work as is", even if you go for
> changing the base image. Makes sense and sounds fair?
>
> PS: What we really should do at some point is move away from 1990s style
> WAR-in-Tomcat, and make java -jar fineract.war work instead (and then use
> that in the container)... people working on this could also contribute,
> before or after, to FINERACT-730. (On a related front, there's also
> FINERACT-764, but both are probably independent enough from each other to be
> tackled separately.)
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
