*   bump tomcat version to mitigate cve as explain here (spring-framework-rce-mitigation-alternative)[https://spring.io/blog/2022/04/01/spring-framework-rce-mitigation-alternative]

*   bump tomcat version to mitigate cve as explain here (spring-framework-rce-mitigation-alternative)[https://spring.io/blog/2022/04/01/spring-framework-rce-mitigation-alternative]

*   bump tomcat version to mitigate cve as explain here (spring-framework-rce-mitigation-alternative)[https://spring.io/blog/2022/04/01/spring-framework-rce-mitigation-alternative]

+ There is no need to declare env using the form `VAR_NAME  ${VAR_NAME:-defaultvalue}` when there is no ARG declared on that variable
* use binary mode for sha256 check (no double space needed)
* remove unused `rm -rf /var/lib/apt/lists/*` that was for ubuntu only

+ Use correct entry point
Avoid execution of bonita specific things when the CMD is overriden
This allows to easily change catalina command line argument or it allows to run
other tools. When other tools are run, we do not do the customization of scripts.
This is required to have docker hub tests working.

maven central require to have metadata in poms we publish

It was ok before because that bonita-runtime-bom had a parent

this is required to have tests on docker hub official images to run.

see https://github.com/docker-library/official-images/blob/master/test/tests/override-cmd/run.sh

Relates to [RUNTIME-912](https://bonitasoft.atlassian.net/browse/RUNTIME-912)

The correct way to define ENTRYPOINT and CMD is described here:
https://github.com/docker-library/official-images/blob/d28cb89e79417cac50c2a8ae163a9b3b79167f79/README.md#consistency

The idea is that the startup.sh script is the ENTRYPOINT and execute
the CMD given in the docker file, overridable by the docker command

* fix rights on logger configuration file

Relates to [RUNTIME-912](https://bonitasoft.atlassian.net/browse/RUNTIME-912)

Using directly alpine as base image allow to:

* keep mutli arch support in community.
* keep default cacerts path same as 7.13 version, so it will be easily for a customer that put their ssl certificat in /etc/ssl/certs/java ( default location ) to migrate to 7.14. It's not the case if we keep eclipse-temurin as base image ( default located /opt/java/openjdk/lib/security/cacerts ).

Relates to [RUNTIME-912](https://bonitasoft.atlassian.net/browse/RUNTIME-912)

docker official image can't be built using a non-listed docker tag.

since the more specific tag can be updated at any time, it is easier to
reference a more generic version

Relates to
[RUNTIME-912](https://bonitasoft.atlassian.net/browse/RUNTIME-912)

More precisely:
* REMOTE_IP_VALVE_ENABLED
* ACCESSLOGS_STDOUT_ENABLED
* ACCESSLOGS_FILES_ENABLED
* ACCESSLOGS_PATH
* ACCESSLOGS_PATH_APPEND_HOSTNAME
* ACCESSLOGS_MAX_DAYS
* HTTP_MAX_THREADS

Closes [RUNTIME-911](https://bonitasoft.atlassian.net/browse/RUNTIME-911)

More precisely if HTTP_API=true and custom HTTP_API_PASSWORD not set.

relates to [RUNTIME-887](https://bonitasoft.atlassian.net/browse/RUNTIME-887)
relates to [RUNTIME-603](https://bonitasoft.atlassian.net/browse/RUNTIME-603)

Relates to [RUNTIME-912](https://bonitasoft.atlassian.net/browse/RUNTIME-912)

Bump tomcat version to  8.5.76 and 9.0.58 to fix cve
[CVE-2022-23181](https://lists.apache.org/thread/l8x62p3k19yfcb208jo4zrb83k5mfwg9)

Relates to [RUNTIME-880](https://bonitasoft.atlassian.net/browse/RUNTIME-880)

Bump tomcat version to  8.5.76 and 9.0.58 to fix cve
[CVE-2022-23181](https://lists.apache.org/thread/l8x62p3k19yfcb208jo4zrb83k5mfwg9)

Relates to [RUNTIME-880](https://bonitasoft.atlassian.net/browse/RUNTIME-880)

This was set to false because engin code never let a stop using a connection without releasing it. However, extensions like custom page might do that (even if it's not recommended to use bonita datasource to do sql queries)

Remove deprecated `removeAbandoned` property.

Closes [RUNTIME-918](https://bonitasoft.atlassian.net/browse/RUNTIME-918)
Closes [RUNTIME-862](https://bonitasoft.atlassian.net/browse/RUNTIME-862)