Skip to content

Commit

Permalink
chore(kuma-init): use distroless image (#5945)
Browse files Browse the repository at this point in the history
Signed-off-by: Ilya Lobkov <[email protected]>

---------

Signed-off-by: slonka <[email protected]>
Signed-off-by: Krzysztof Słonka <[email protected]>
Co-authored-by: slonka <[email protected]>
  • Loading branch information
2 people authored and kumahq[bot] committed Nov 28, 2024
1 parent 4bd2288 commit 1e30b67
Show file tree
Hide file tree
Showing 4 changed files with 19 additions and 5 deletions.
12 changes: 7 additions & 5 deletions tools/releases/dockerfiles/kuma-init.Dockerfile
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
<<<<<<< HEAD
# until there is a distroless iptables image we have to use something else
FROM ubuntu:jammy-20240111@sha256:6042500cf4b44023ea1894effe7890666b0c5c7871ed83a97c36c76ae560bb9b
=======
FROM gcr.io/k8s-staging-build-image/distroless-iptables:v0.6.4
>>>>>>> d5963e709 (chore(kuma-init): use distroless image (#5945))
ARG ARCH

RUN apt-get update && \
apt-get install --no-install-recommends -y iptables=1.8.7-1ubuntu5.2 iproute2=5.15.0-1ubuntu2 && \
rm -rf /var/lib/apt/lists/*

COPY /build/artifacts-linux-$ARCH/kumactl/kumactl /usr/bin

# this will be from a base image once it is done
Expand All @@ -15,7 +15,9 @@ COPY /tools/releases/templates/LICENSE \

COPY /tools/releases/templates/NOTICE /kuma/NOTICE

RUN adduser --system --disabled-password --group kumactl --uid 5678
# Copy modified system files
COPY /tools/releases/templates/passwd /etc/passwd
COPY /tools/releases/templates/group /etc/group

ENTRYPOINT ["/usr/bin/kumactl"]
CMD ["install", "transparent-proxy"]
2 changes: 2 additions & 0 deletions tools/releases/dockerfiles/kuma-init.Dockerfile.dockerignore
Original file line number Diff line number Diff line change
Expand Up @@ -6,3 +6,5 @@
!tools/releases/templates/LICENSE
!tools/releases/templates/NOTICE
!tools/releases/templates/README
!tools/releases/templates/group
!tools/releases/templates/passwd
6 changes: 6 additions & 0 deletions tools/releases/templates/group
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
root:x:0:
nobody:x:65534:
tty:x:5:
staff:x:50:
nonroot:x:65532:
kumactl:x:5678:
4 changes: 4 additions & 0 deletions tools/releases/templates/passwd
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
root:x:0:0:root:/root:/sbin/nologin
nobody:x:65534:65534:nobody:/nonexistent:/sbin/nologin
nonroot:x:65532:65532:nonroot:/home/nonroot:/sbin/nologin
kumactl:x:5678:5678::/tmp:/usr/sbin/nologin

0 comments on commit 1e30b67

Please sign in to comment.