Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use wolfi as base image #16599

Draft
wants to merge 2 commits into
base: main
Choose a base branch
from
+95 −156
Draft

Use wolfi as base image #16599

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
969a918
- replace ubuntu base image to wolfi
kaisecheng Oct 24, 2024
6c2e8c8
update docker tests
kaisecheng Oct 24, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
51 changes: 13 additions & 38 deletions docker/Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ SHELL=/bin/bash
ELASTIC_REGISTRY ?= docker.elastic.co

# Determine the version to build.
ELASTIC_VERSION := $(shell ../vendor/jruby/bin/jruby bin/elastic-version)
ELASTIC_VERSION ?= $(shell ../vendor/jruby/bin/jruby bin/elastic-version)

ifdef STAGING_BUILD_NUM
VERSION_TAG := $(ELASTIC_VERSION)-$(STAGING_BUILD_NUM)
Expand All @@ -14,6 +14,10 @@ ifdef DOCKER_ARCHITECTURE
ARCHITECTURE := $(DOCKER_ARCHITECTURE)
else
ARCHITECTURE := $(shell uname -m)
# macOS
ifeq ($(ARCHITECTURE), arm64)
ARCHITECTURE := aarch64
endif
endif

IMAGE_FLAVORS ?= oss full ubi8 wolfi
Expand All @@ -26,7 +30,7 @@ all: build-from-local-artifacts build-from-local-oss-artifacts public-dockerfile

# Build from artifacts on the local filesystem, using an http server (running
# in a container) to provide the artifacts to the Dockerfile.
build-from-local-full-artifacts: dockerfile env2yaml
build-from-local-full-artifacts: dockerfile
docker run --rm -d --name=$(HTTPD) \
-p 8000:8000 --expose=8000 -v $(ARTIFACTS_DIR):/mnt \
python:3 bash -c 'cd /mnt && python3 -m http.server'
Expand All @@ -36,7 +40,7 @@ build-from-local-full-artifacts: dockerfile env2yaml
docker tag $(IMAGE_TAG)-full:$(VERSION_TAG) $(IMAGE_TAG):$(VERSION_TAG);
docker kill $(HTTPD)

build-from-local-oss-artifacts: dockerfile env2yaml
build-from-local-oss-artifacts: dockerfile
docker run --rm -d --name=$(HTTPD) \
-p 8000:8000 --expose=8000 -v $(ARTIFACTS_DIR):/mnt \
python:3 bash -c 'cd /mnt && python3 -m http.server'
Expand All @@ -45,7 +49,7 @@ build-from-local-oss-artifacts: dockerfile env2yaml
(docker kill $(HTTPD); false);
-docker kill $(HTTPD)

build-from-local-ubi8-artifacts: dockerfile env2yaml
build-from-local-ubi8-artifacts: dockerfile
docker run --rm -d --name=$(HTTPD) \
-p 8000:8000 --expose=8000 -v $(ARTIFACTS_DIR):/mnt \
python:3 bash -c 'cd /mnt && python3 -m http.server'
Expand All @@ -66,8 +70,6 @@ build-from-local-wolfi-artifacts: dockerfile
COPY_FILES := $(ARTIFACTS_DIR)/docker/config/pipelines.yml $(ARTIFACTS_DIR)/docker/config/logstash-oss.yml $(ARTIFACTS_DIR)/docker/config/logstash-full.yml
COPY_FILES += $(ARTIFACTS_DIR)/docker/config/log4j2.file.properties $(ARTIFACTS_DIR)/docker/config/log4j2.properties
COPY_FILES += $(ARTIFACTS_DIR)/docker/pipeline/default.conf $(ARTIFACTS_DIR)/docker/bin/docker-entrypoint
COPY_FILES += $(ARTIFACTS_DIR)/docker/env2yaml/env2yaml-arm64
COPY_FILES += $(ARTIFACTS_DIR)/docker/env2yaml/env2yaml-amd64

$(ARTIFACTS_DIR)/docker/config/pipelines.yml: data/logstash/config/pipelines.yml
$(ARTIFACTS_DIR)/docker/config/logstash-oss.yml: data/logstash/config/logstash-oss.yml
Expand All @@ -76,8 +78,6 @@ $(ARTIFACTS_DIR)/docker/config/log4j2.file.properties: data/logstash/config/log4
$(ARTIFACTS_DIR)/docker/config/log4j2.properties: data/logstash/config/log4j2.properties
$(ARTIFACTS_DIR)/docker/pipeline/default.conf: data/logstash/pipeline/default.conf
$(ARTIFACTS_DIR)/docker/bin/docker-entrypoint: data/logstash/bin/docker-entrypoint
$(ARTIFACTS_DIR)/docker/env2yaml/env2yaml-arm64: data/logstash/env2yaml/env2yaml-arm64
$(ARTIFACTS_DIR)/docker/env2yaml/env2yaml-amd64: data/logstash/env2yaml/env2yaml-amd64

$(ARTIFACTS_DIR)/docker/%:
cp -f $< $@
Expand All @@ -86,7 +86,6 @@ docker_paths:
mkdir -p $(ARTIFACTS_DIR)/docker/
mkdir -p $(ARTIFACTS_DIR)/docker/bin
mkdir -p $(ARTIFACTS_DIR)/docker/config
mkdir -p $(ARTIFACTS_DIR)/docker/env2yaml
mkdir -p $(ARTIFACTS_DIR)/docker/pipeline

COPY_IRONBANK_FILES := $(ARTIFACTS_DIR)/ironbank/scripts/config/pipelines.yml $(ARTIFACTS_DIR)/ironbank/scripts/config/logstash.yml
Expand Down Expand Up @@ -132,7 +131,7 @@ public-dockerfiles_full: templates/Dockerfile.erb docker_paths $(COPY_FILES)
templates/Dockerfile.erb > "${ARTIFACTS_DIR}/Dockerfile-full" && \
cd $(ARTIFACTS_DIR)/docker && \
cp $(ARTIFACTS_DIR)/Dockerfile-full Dockerfile && \
tar -zcf ../logstash-$(VERSION_TAG)-docker-build-context.tar.gz Dockerfile bin config env2yaml pipeline
tar -zcf ../logstash-$(VERSION_TAG)-docker-build-context.tar.gz Dockerfile bin config pipeline

public-dockerfiles_oss: templates/Dockerfile.erb docker_paths $(COPY_FILES)
../vendor/jruby/bin/jruby -S erb -T "-"\
Expand All @@ -146,7 +145,7 @@ public-dockerfiles_oss: templates/Dockerfile.erb docker_paths $(COPY_FILES)
templates/Dockerfile.erb > "${ARTIFACTS_DIR}/Dockerfile-oss" && \
cd $(ARTIFACTS_DIR)/docker && \
cp $(ARTIFACTS_DIR)/Dockerfile-oss Dockerfile && \
tar -zcf ../logstash-oss-$(VERSION_TAG)-docker-build-context.tar.gz Dockerfile bin config env2yaml pipeline
tar -zcf ../logstash-oss-$(VERSION_TAG)-docker-build-context.tar.gz Dockerfile bin config pipeline

public-dockerfiles_ubi8: templates/Dockerfile.erb docker_paths $(COPY_FILES)
../vendor/jruby/bin/jruby -S erb -T "-"\
Expand All @@ -160,7 +159,7 @@ public-dockerfiles_ubi8: templates/Dockerfile.erb docker_paths $(COPY_FILES)
templates/Dockerfile.erb > "${ARTIFACTS_DIR}/Dockerfile-ubi8" && \
cd $(ARTIFACTS_DIR)/docker && \
cp $(ARTIFACTS_DIR)/Dockerfile-ubi8 Dockerfile && \
tar -zcf ../logstash-ubi8-$(VERSION_TAG)-docker-build-context.tar.gz Dockerfile bin config env2yaml pipeline
tar -zcf ../logstash-ubi8-$(VERSION_TAG)-docker-build-context.tar.gz Dockerfile bin config pipeline

public-dockerfiles_wolfi: templates/Dockerfile.erb docker_paths $(COPY_FILES)
../vendor/jruby/bin/jruby -S erb -T "-"\
Expand All @@ -174,7 +173,7 @@ public-dockerfiles_wolfi: templates/Dockerfile.erb docker_paths $(COPY_FILES)
templates/Dockerfile.erb > "${ARTIFACTS_DIR}/Dockerfile-wolfi" && \
cd $(ARTIFACTS_DIR)/docker && \
cp $(ARTIFACTS_DIR)/Dockerfile-wolfi Dockerfile && \
tar -zcf ../logstash-wolfi-$(VERSION_TAG)-docker-build-context.tar.gz Dockerfile bin config env2yaml pipeline
tar -zcf ../logstash-wolfi-$(VERSION_TAG)-docker-build-context.tar.gz Dockerfile bin config pipeline

public-dockerfiles_ironbank: templates/hardening_manifest.yaml.erb templates/Dockerfile.erb ironbank_docker_paths $(COPY_IRONBANK_FILES)
../vendor/jruby/bin/jruby -S erb -T "-"\
Expand All @@ -193,30 +192,6 @@ public-dockerfiles_ironbank: templates/hardening_manifest.yaml.erb templates/Doc
cp $(ARTIFACTS_DIR)/Dockerfile-ironbank Dockerfile && \
tar -zcf ../logstash-ironbank-$(VERSION_TAG)-docker-build-context.tar.gz scripts Dockerfile hardening_manifest.yaml LICENSE README.md

# Push the image to the dedicated push endpoint at "push.docker.elastic.co"
push:
$(foreach FLAVOR, $(IMAGE_FLAVORS), \
docker tag $(IMAGE_TAG)-$(FLAVOR):$(VERSION_TAG) push.$(IMAGE_TAG)-$(FLAVOR):$(VERSION_TAG); \
docker push push.$(IMAGE_TAG)-$(FLAVOR):$(VERSION_TAG); \
docker rmi push.$(IMAGE_TAG)-$(FLAVOR):$(VERSION_TAG); \
)
# Also push the default version, with no suffix like '-oss' or '-full'
docker tag $(IMAGE_TAG):$(VERSION_TAG) push.$(IMAGE_TAG):$(VERSION_TAG);
docker push push.$(IMAGE_TAG):$(VERSION_TAG);
docker rmi push.$(IMAGE_TAG):$(VERSION_TAG);

# Compile "env2yaml", the helper for configuring logstash.yml via environment
# variables.
env2yaml:
docker run --rm \
-v "$(PWD)/data/logstash/env2yaml:/usr/src/env2yaml" \
-e GOARCH=arm64 -e GOOS=linux \
-w /usr/src/env2yaml golang:1 go build -o /usr/src/env2yaml/env2yaml-arm64
docker run --rm \
-v "$(PWD)/data/logstash/env2yaml:/usr/src/env2yaml" \
-e GOARCH=amd64 -e GOOS=linux \
-w /usr/src/env2yaml golang:1 go build -o /usr/src/env2yaml/env2yaml-amd64

# Generate the Dockerfiles from ERB templates.
dockerfile: templates/Dockerfile.erb
$(foreach FLAVOR, $(IMAGE_FLAVORS), \
Expand All @@ -226,7 +201,7 @@ dockerfile: templates/Dockerfile.erb
arch="${ARCHITECTURE}" \
version_tag="${VERSION_TAG}" \
image_flavor="${FLAVOR}" \
local_artifacts="true" \
local_artifacts="${LOCAL_ARTIFACTS}" \
templates/Dockerfile.erb > "${ARTIFACTS_DIR}/Dockerfile-${FLAVOR}" ; \
)

Expand Down
Loading