From 7151060474f3cd6db55baf4f495150a8e4f2255c Mon Sep 17 00:00:00 2001 From: Tiago Costa Date: Wed, 18 Dec 2024 17:20:41 +0000 Subject: [PATCH] chore(NA): revert wolfi base os usage for cloud images --- .../build/tasks/os_packages/create_os_package_tasks.ts | 6 +++--- src/dev/build/tasks/os_packages/docker_generator/run.ts | 2 +- .../docker_generator/templates/base/Dockerfile | 8 ++++---- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/src/dev/build/tasks/os_packages/create_os_package_tasks.ts b/src/dev/build/tasks/os_packages/create_os_package_tasks.ts index 938211bc5580b..a34d6002ad8f7 100644 --- a/src/dev/build/tasks/os_packages/create_os_package_tasks.ts +++ b/src/dev/build/tasks/os_packages/create_os_package_tasks.ts @@ -148,14 +148,14 @@ export const CreateDockerCloud: Task = { async run(config, log, build) { await runDockerGenerator(config, log, build, { architecture: 'x64', - baseImage: 'wolfi', + baseImage: 'ubuntu', context: false, cloud: true, image: true, }); await runDockerGenerator(config, log, build, { architecture: 'aarch64', - baseImage: 'wolfi', + baseImage: 'ubuntu', context: false, cloud: true, image: true, @@ -205,7 +205,7 @@ export const CreateDockerContexts: Task = { image: false, }); await runDockerGenerator(config, log, build, { - baseImage: 'wolfi', + baseImage: 'ubuntu', cloud: true, context: true, image: false, diff --git a/src/dev/build/tasks/os_packages/docker_generator/run.ts b/src/dev/build/tasks/os_packages/docker_generator/run.ts index be9fe9f12512d..583185654b392 100644 --- a/src/dev/build/tasks/os_packages/docker_generator/run.ts +++ b/src/dev/build/tasks/os_packages/docker_generator/run.ts @@ -55,7 +55,7 @@ export async function runDockerGenerator( let imageFlavor = ''; if (flags.baseImage === 'ubi') imageFlavor += `-ubi`; - if (flags.baseImage === 'wolfi' && !flags.serverless && !flags.cloud) imageFlavor += `-wolfi`; + if (flags.baseImage === 'wolfi' && !flags.serverless) imageFlavor += `-wolfi`; if (flags.ironbank) imageFlavor += '-ironbank'; if (flags.cloud) imageFlavor += '-cloud'; if (flags.serverless) imageFlavor += '-serverless'; diff --git a/src/dev/build/tasks/os_packages/docker_generator/templates/base/Dockerfile b/src/dev/build/tasks/os_packages/docker_generator/templates/base/Dockerfile index 59c0765e7d3f2..c63bdb3ca0404 100644 --- a/src/dev/build/tasks/os_packages/docker_generator/templates/base/Dockerfile +++ b/src/dev/build/tasks/os_packages/docker_generator/templates/base/Dockerfile @@ -59,7 +59,7 @@ RUN set -e ; \ make install > /dev/null ; \ rm -rf "/usr/share/kibana/openssl-${OPENSSL_VERSION}" ; \ chown -R 1000:0 "${OPENSSL_PATH}"; - + {{/fips}} # Ensure that group permissions are the same as user permissions. # This will help when relying on GID-0 to run Kibana, rather than UID-1000. @@ -152,8 +152,8 @@ WORKDIR /usr/share/kibana {{#fips}} # Enable FIPS for Kibana only. In the future we can override OS wide with ENV OPENSSL_CONF -RUN /bin/echo -e '\n--enable-fips' >> config/node.options -RUN echo '--openssl-config=/usr/share/kibana/config/nodejs.cnf' >> config/node.options +RUN /usr/bin/echo -e '\n--enable-fips' >> config/node.options +RUN /usr/bin/echo '--openssl-config=/usr/share/kibana/config/nodejs.cnf' >> config/node.options COPY --chown=1000:0 openssl/nodejs.cnf "/usr/share/kibana/config/nodejs.cnf" ENV OPENSSL_MODULES=/usr/share/kibana/openssl/lib/ossl-modules ENV XPACK_SECURITY_EXPERIMENTAL_FIPSMODE_ENABLED=true @@ -231,7 +231,7 @@ ENTRYPOINT ["/bin/tini", "--"] CMD ["/app/kibana.sh"] # Generate a stub command that will be overwritten at runtime RUN mkdir /app && \ - /bin/echo -e '#!/bin/bash\nexec /usr/local/bin/kibana-docker' > /app/kibana.sh && \ + /usr/bin/echo -e '#!/bin/bash\nexec /usr/local/bin/kibana-docker' > /app/kibana.sh && \ chmod 0555 /app/kibana.sh {{/cloud}}