Fix container signal handling so the JVM receives SIGTERM for clean shutdown#536
Merged
uhurusurfa merged 1 commit intoJun 13, 2026
Conversation
…hutdown The Docker entrypoint used the shell form, so PID 1 was /bin/sh and SIGTERM from 'docker stop' (or a Kubernetes pod termination) never reached the Java process. The JVM's registered shutdown hook never ran, modules were not stopped cleanly, and every stop ended with SIGKILL after the full grace period (10s default). Changes: - Dockerfile: use exec-form ENTRYPOINT (also fixes the JSONArgsRecommended build check warning) - start-container.sh: exec the startup script instead of forking it - start-openas2.sh: exec java in foreground (non-daemon) mode so the JVM is the final process in the chain; daemon mode is unchanged Verified on the 4.8.2 image: before, 'docker stop' took 10.2s and ended in SIGKILL with no shutdown logs; after, java runs as PID 1, stop completes in ~0.2s and logs show all modules stopped and 'OpenAS2 has shut down'.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
The Docker image's
ENTRYPOINTuses the shell form, so PID 1 inside the container is/bin/sh -c, not the OpenAS2 JVM.SIGTERMsent bydocker stop(or by Kubernetes on pod termination) is delivered to the shell, which does not forward it. As a result:DbTrackingModulewith the embedded H2 database) are never stopped cleanly.SIGKILL.JSONArgsRecommendedwarns about on the current Dockerfile.Fix
Three small changes so the signal chain reaches the JVM:
ENTRYPOINT ["/opt/openas2/bin/start-container.sh"](exec form cannot expand variables; the path is already fixed byENV OPENAS2_BASEin the same Dockerfile, and the scripts keep using the variable at runtime).execthe startup script instead of forking it.execjava in the foreground (non-daemon) branch so the JVM ends up as the final process. Daemon mode (OPENAS2_AS_DAEMON=true) is unchanged, and the exit code behavior of the foreground branch is preserved (execmakes the script's exit status the JVM's exit status).Verification (on the 4.8.2 image)
Before:
docker stoptakes 10.2s (full grace period, then SIGKILL)After:
psinside the container shows PID 1 = javadocker stopcompletes in ~0.2sThe
docker buildcheck warningJSONArgsRecommendedis also gone.