-
Notifications
You must be signed in to change notification settings - Fork 211
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use distroless image for operator image #533
Changes from 3 commits
9706b5f
cabf888
d7e43b5
4a455cb
864ecb9
3590248
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,6 @@ | ||
ARG DOCKER_REGISTRY | ||
ARG ALPINE_VERSION=3.15 | ||
FROM ${DOCKER_REGISTRY:+$DOCKER_REGISTRY/}golang:1.18-alpine${ALPINE_VERSION} as go-builder | ||
ARG ALPINE_VERSION=3.17 | ||
FROM ${DOCKER_REGISTRY:+$DOCKER_REGISTRY/}golang:1.19-alpine${ALPINE_VERSION} as go-builder | ||
|
||
ARG PROJECT_NAME=zookeeper-operator | ||
ARG REPO_PATH=github.com/pravega/$PROJECT_NAME | ||
|
@@ -28,14 +28,10 @@ COPY controllers/ controllers/ | |
RUN GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -o /src/${PROJECT_NAME} \ | ||
-ldflags "-X ${REPO_PATH}/pkg/version.Version=${VERSION} -X ${REPO_PATH}/pkg/version.GitSHA=${GIT_SHA}" main.go | ||
|
||
FROM ${DOCKER_REGISTRY:+$DOCKER_REGISTRY/}alpine:${ALPINE_VERSION} AS final | ||
|
||
FROM gcr.io/distroless/static:nonroot AS final | ||
|
||
ARG PROJECT_NAME=zookeeper-operator | ||
|
||
COPY --from=go-builder /src/${PROJECT_NAME} /usr/local/bin/${PROJECT_NAME} | ||
|
||
RUN adduser -D ${PROJECT_NAME} | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. @AKamyshnikova why are we removing the user There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. @anishakj For distrolless image we cannot run adduser command. I will add update this. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. @anishakj Seems this setting is no longer required. |
||
USER ${PROJECT_NAME} | ||
|
||
ENTRYPOINT ["/usr/local/bin/zookeeper-operator"] |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,6 @@ | ||
module github.com/pravega/zookeeper-operator | ||
|
||
go 1.18 | ||
go 1.19 | ||
|
||
require ( | ||
github.com/ghodss/yaml v1.0.0 | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Currently available images are: https://github.com/GoogleContainerTools/distroless#what-images-are-available
That is, maybe we should use
gcr.io/distroless/static-debian11
directly instead ofgcr.io/distroless/static
. I thinkstatic
is a link to the latest buildstatic-debian11
, but we should use the latest build explicitly, so that we have a reproducible build and so we don't auto-upgrade images when thestatic
link changes.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done