Skip to content

Commit

Permalink
Update ironbank build with latest docker context (#67504)
Browse files Browse the repository at this point in the history
The file `download.json` is replaced by `hardening_manifest.yaml`, which
includes various pieces of information about the Iron Bank build.
  • Loading branch information
pugnascotia committed Jan 19, 2021
1 parent 991cb24 commit 867754e
Show file tree
Hide file tree
Showing 6 changed files with 60 additions and 25 deletions.
2 changes: 1 addition & 1 deletion distribution/docker/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ ext.expansions = { Architecture architecture, boolean oss, DockerBase base, bool
buildArgs = """
ARG BASE_REGISTRY=nexus-docker-secure.levelup-nexus.svc.cluster.local:18082
ARG BASE_IMAGE=redhat/ubi/ubi8
ARG BASE_TAG=8.2
ARG BASE_TAG=8.3
"""
}

Expand Down
4 changes: 3 additions & 1 deletion distribution/docker/src/docker/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -153,6 +153,7 @@ RUN chmod g=u /etc/passwd && \\

EXPOSE 9200 9300

<% if (docker_base != 'iron_bank') { %>
LABEL org.label-schema.build-date="${build_date}" \\
org.label-schema.license="${license}" \\
org.label-schema.name="Elasticsearch" \\
Expand All @@ -172,8 +173,9 @@ LABEL org.label-schema.build-date="${build_date}" \\
org.opencontainers.image.url="https://www.elastic.co/products/elasticsearch" \\
org.opencontainers.image.vendor="Elastic" \\
org.opencontainers.image.version="${version}"
<% } %>

<% if (docker_base == 'ubi' || docker_base == 'iron_bank') { %>
<% if (docker_base == 'ubi') { %>
LABEL name="Elasticsearch" \\
maintainer="[email protected]" \\
vendor="Elastic" \\
Expand Down
2 changes: 0 additions & 2 deletions distribution/docker/src/docker/iron_bank/Jenkinsfile

This file was deleted.

20 changes: 0 additions & 20 deletions distribution/docker/src/docker/iron_bank/download.json

This file was deleted.

53 changes: 53 additions & 0 deletions distribution/docker/src/docker/iron_bank/hardening_manifest.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
---
apiVersion: 1

# The repository name in registry1, excluding /ironbank/
name: "elastic/elasticsearch/elasticsearch"

# List of tags to push for the repository in registry1
# The most specific version should be the first tag and will be shown
# on ironbank.dsop.io
tags:
- "${version}"
- "latest"

# Build args passed to Dockerfile ARGs
args:
BASE_IMAGE: "redhat/ubi/ubi8"
BASE_TAG: "8.3"

# Docker image labels
labels:
org.opencontainers.image.title: "elasticsearch"
# Human-readable description of the software packaged in the image
org.opencontainers.image.description: "You know, for search."
# License(s) under which contained software is distributed
org.opencontainers.image.licenses: "${license}"
# URL to find more information on the image
org.opencontainers.image.url: "https://github.com/elastic/elasticsearch"
# Name of the distributing entity, organization or individual
org.opencontainers.image.vendor: "Elastic"
org.opencontainers.image.version: "${version}"
# Keywords to help with search (ex. "cicd,gitops,golang")
mil.dso.ironbank.image.keywords: "search,elastic,elasticsearch,java"
# This value can be "opensource" or "commercial"
mil.dso.ironbank.image.type: "commercial"
# Product the image belongs to for grouping multiple images
mil.dso.ironbank.product.name: "elasticsearch"

# List of resources to make available to the offline build context
resources:
- filename: "elasticsearch-${version}-linux-x86_64.tar.gz"
url: "<artifact_path>/elasticsearch-${version}-linux-x86_64.tar.gz"
- filename: "tini"
url: "https://github.com/krallin/tini/releases/download/v0.19.0/tini-amd64"
validation:
type: "sha256"
value: "93dcc18adc78c65a028a84799ecf8ad40c936fdfc5f2a57b1acda5a8117fa82c"

# List of project maintainers
maintainers:
- name: "Nassim Kammah"
email: "[email protected]"
- name: "Rory Hunter"
email: "[email protected]"
Original file line number Diff line number Diff line change
Expand Up @@ -110,7 +110,9 @@ public void teardownTest() {
/**
* Checks that the Docker image can be run, and that it passes various checks.
*/
public void test010Install() {
public void test010Install() throws Exception {
// Wait for the container to come up, because we assert the state of some files that Elasticsearch creates on startup.
waitForElasticsearch(installation);
verifyContainerInstallation(installation, distribution());
}

Expand Down

0 comments on commit 867754e

Please sign in to comment.