From d1d6de1230e1754709885879e5d223eb178282fa Mon Sep 17 00:00:00 2001 From: Rory Hunter Date: Thu, 5 Aug 2021 07:50:53 +0100 Subject: [PATCH] Revert "Fixes for Iron Bank (#76087) (#76090)" This reverts commit e29a633fab9866f6d06febbba460601815272354. --- distribution/docker/build.gradle | 8 ++++---- distribution/docker/src/docker/Dockerfile | 15 +++++---------- .../src/docker/iron_bank/hardening_manifest.yaml | 14 ++------------ 3 files changed, 11 insertions(+), 26 deletions(-) diff --git a/distribution/docker/build.gradle b/distribution/docker/build.gradle index 94da3a86c5684..a5f797836aad3 100644 --- a/distribution/docker/build.gradle +++ b/distribution/docker/build.gradle @@ -53,9 +53,9 @@ ext.expansions = { Architecture architecture, DockerBase base -> String buildArgs = '' if (base == DockerBase.IRON_BANK) { buildArgs = """ -ARG BASE_REGISTRY=registry1.dso.mil -ARG BASE_IMAGE=ironbank/redhat/ubi/ubi8 -ARG BASE_TAG=8.4 +ARG BASE_REGISTRY=nexus-docker-secure.levelup-nexus.svc.cluster.local:18082 +ARG BASE_IMAGE=redhat/ubi/ubi8 +ARG BASE_TAG=8.3 """ } @@ -68,7 +68,7 @@ ARG BASE_TAG=8.4 'build_date' : BuildParams.buildDate, 'config_dir' : base == DockerBase.IRON_BANK ? 'scripts' : 'config', 'git_revision' : BuildParams.gitRevision, - 'license' : base == DockerBase.IRON_BANK ? 'Elastic License 1.0' : 'Elastic-License-2.0', + 'license' : 'Elastic-License-2.0', 'package_manager' : base == DockerBase.UBI ? 'microdnf' : 'yum', 'docker_base' : base.name().toLowerCase(), 'version' : VersionProperties.elasticsearch, diff --git a/distribution/docker/src/docker/Dockerfile b/distribution/docker/src/docker/Dockerfile index bb35052fbeeb1..1ff270ff58638 100644 --- a/distribution/docker/src/docker/Dockerfile +++ b/distribution/docker/src/docker/Dockerfile @@ -156,17 +156,12 @@ FROM ${base_image} AS builder RUN mkdir /usr/share/elasticsearch WORKDIR /usr/share/elasticsearch -<% if (docker_base == "iron_bank") { - // Iron Bank always copies the local artifact -%> -COPY elasticsearch-7.14.0-linux-x86_64.tar.gz /opt/elasticsearch.tar.gz -<% } else { - // Fetch the appropriate Elasticsearch distribution for this architecture. - // Keep this command on one line - it is replaced with a `COPY` during local builds. - // It uses the `arch` command to fetch the correct distro for the build machine. -%> +<% /* + Fetch the appropriate Elasticsearch distribution for this architecture. + Keep this command on one line - it is replaced with a `COPY` during local builds. + It uses the `arch` command to fetch the correct distro for the build machine. +*/ %> RUN curl --retry 10 -S -L --output /opt/elasticsearch.tar.gz https://artifacts-no-kpi.elastic.co/downloads/elasticsearch/elasticsearch-${version}-linux-\$(arch).tar.gz -<% } %> RUN tar -zxf /opt/elasticsearch.tar.gz --strip-components=1 diff --git a/distribution/docker/src/docker/iron_bank/hardening_manifest.yaml b/distribution/docker/src/docker/iron_bank/hardening_manifest.yaml index 63da9424a0c45..a48944aada7ee 100644 --- a/distribution/docker/src/docker/iron_bank/hardening_manifest.yaml +++ b/distribution/docker/src/docker/iron_bank/hardening_manifest.yaml @@ -39,9 +39,6 @@ labels: resources: - filename: "elasticsearch-${version}-linux-x86_64.tar.gz" url: "/elasticsearch-${version}-linux-x86_64.tar.gz" - validation: - type: "sha512" - value: "" - filename: "tini" url: "https://github.com/krallin/tini/releases/download/v0.19.0/tini-amd64" validation: @@ -50,14 +47,7 @@ resources: # List of project maintainers maintainers: + - name: "Nassim Kammah" + email: "nassim.kammah@elastic.co" - name: "Rory Hunter" email: "rory.hunter@elastic.co" - username: "rory" - - email: "klepal_alexander@bah.com" - name: "Alexander Klepal" - username: "alexander.klepal" - cht_member: true - - email: "yalabe.dukuly@anchore.com" - name: "Yalabe Dukuly" - username: "yalabe.dukuly" - cht_member: true