Skip to content

Commit

Permalink
[8.16] chore(NA): revert wolfi base os usage for cloud images (#204809)
Browse files Browse the repository at this point in the history 
This PR reverts the usage of wolfi base os on cloud images back to
ubuntu on 8.16 as discussed by the Eng Prod team.
  • Loading branch information
@mistic
mistic authored Dec 19, 2024
1 parent 4125ba9 commit 690be37
Show file tree
Hide file tree
Showing 3 changed files with 8 additions and 8 deletions.
6 changes: 3 additions & 3 deletions src/dev/build/tasks/os_packages/create_os_package_tasks.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -148,14 +148,14 @@ export const CreateDockerCloud: Task = {
async run(config, log, build) {
await runDockerGenerator(config, log, build, {
architecture: 'x64',
baseImage: 'wolfi',
baseImage: 'ubuntu',
context: false,
cloud: true,
image: true,
});
await runDockerGenerator(config, log, build, {
architecture: 'aarch64',
baseImage: 'wolfi',
baseImage: 'ubuntu',
context: false,
cloud: true,
image: true,
Expand Down Expand Up @@ -205,7 +205,7 @@ export const CreateDockerContexts: Task = {
image: false,
});
await runDockerGenerator(config, log, build, {
baseImage: 'wolfi',
baseImage: 'ubuntu',
cloud: true,
context: true,
image: false,
Expand Down
2 changes: 1 addition & 1 deletion src/dev/build/tasks/os_packages/docker_generator/run.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ export async function runDockerGenerator(

let imageFlavor = '';
if (flags.baseImage === 'ubi') imageFlavor += `-ubi`;
if (flags.baseImage === 'wolfi' && !flags.serverless && !flags.cloud) imageFlavor += `-wolfi`;
if (flags.baseImage === 'wolfi' && !flags.serverless) imageFlavor += `-wolfi`;
if (flags.ironbank) imageFlavor += '-ironbank';
if (flags.cloud) imageFlavor += '-cloud';
if (flags.serverless) imageFlavor += '-serverless';
Expand Down
8 changes: 4 additions & 4 deletions src/dev/build/tasks/os_packages/docker_generator/templates/base/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ RUN set -e ; \
make install > /dev/null ; \
rm -rf "/usr/share/kibana/openssl-${OPENSSL_VERSION}" ; \
chown -R 1000:0 "${OPENSSL_PATH}";

{{/fips}}
# Ensure that group permissions are the same as user permissions.
# This will help when relying on GID-0 to run Kibana, rather than UID-1000.
Expand Down Expand Up @@ -152,8 +152,8 @@ WORKDIR /usr/share/kibana
{{#fips}}

# Enable FIPS for Kibana only. In the future we can override OS wide with ENV OPENSSL_CONF
RUN /bin/echo -e '\n--enable-fips' >> config/node.options
RUN echo '--openssl-config=/usr/share/kibana/config/nodejs.cnf' >> config/node.options
RUN /usr/bin/echo -e '\n--enable-fips' >> config/node.options
RUN /usr/bin/echo '--openssl-config=/usr/share/kibana/config/nodejs.cnf' >> config/node.options
COPY --chown=1000:0 openssl/nodejs.cnf "/usr/share/kibana/config/nodejs.cnf"
ENV OPENSSL_MODULES=/usr/share/kibana/openssl/lib/ossl-modules
ENV XPACK_SECURITY_EXPERIMENTAL_FIPSMODE_ENABLED=true
Expand Down Expand Up @@ -231,7 +231,7 @@ ENTRYPOINT ["/bin/tini", "--"]
CMD ["/app/kibana.sh"]
# Generate a stub command that will be overwritten at runtime
RUN mkdir /app && \
/bin/echo -e '#!/bin/bash\nexec /usr/local/bin/kibana-docker' > /app/kibana.sh && \
/usr/bin/echo -e '#!/bin/bash\nexec /usr/local/bin/kibana-docker' > /app/kibana.sh && \
chmod 0555 /app/kibana.sh
{{/cloud}}

Expand Down

0 comments on commit 690be37

Please sign in to comment.