-
Notifications
You must be signed in to change notification settings - Fork 527
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: add wolfi based image #12671
feat: add wolfi based image #12671
Conversation
This pull request does not have a backport label. Could you fix it @kruskall? 🙏
NOTE: |
This pull request is now in conflicts. Could you fix it @kruskall? 🙏
|
Use chainguard images for base image and building image. Remove shell script entrypoint and run apm-server directly. We lose the ability to run other binaries as the entrypoint but that's fine since there are no other binaries in the image. Update apm-server config in the builder image since we do not have posix tools in the static image. Drop tini since it is now included in docker.
0029b5c
to
1855fdc
Compare
Finished running the smoke test on ubuntu, debian, amazon linux 2 and RHEL. They all completed successfully. |
I've just created a feature branch to see if the packaging in the DRA works as expected: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM! Minor comment on config file location but I assume the default is relative to the executable.
|
||
EXPOSE 8200 | ||
ENTRYPOINT ["/usr/share/apm-server/apm-server", "--environment=container"] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is the default apm-server config file relative?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The config file is copied in the workdir so /usr/share/apm-server
This is the same behaviour as the current ubuntu-based docker image:
apm-server/packaging/docker/Dockerfile
Line 87 in 76ef6b2
COPY --chmod=0644 apm-server.yml ./apm-server.yml |
* upstream/main: chore: Update .go-version with Golang version 1.22.4 (#13367) build(deps): bump github.com/jaegertracing/jaeger from 1.56.0 to 1.57.0 in /systemtest (#13316) [updatecli] Bump elastic stack version to 8.15.0-725cdb43 (#13363) feat: add wolfi based image (#12671) Add Amazon Linux 2023 to the smoke tests (#13358) Update apm-data and remap for OTel hostmetrics to elastic metrics (#13196) build(deps): bump github.com/elastic/go-elasticsearch/v8 from 8.13.1 to 8.14.0 (#13356)
Motivation/summary
See https://edu.chainguard.dev/chainguard/chainguard-images/reference/static/
Migrate docker base image to
cgr.dev/chainguard/static:latest
. This Image has a single user nonroot with uid 65532, belonging to gid 65532. The image produced from the make task went from 196Mb to 61Mb.Remove tini as it's currently included in docker and call the apm-server binary directly in the entrypoint.
Checklist
For functional changes, consider:
How to test these changes
Related issues
Closes #11918
Blocked by #12670