Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: replace ubuntu base image with chainguard static #12671

Open
wants to merge 8 commits into
base: main
Choose a base branch
from
Open

feat: replace ubuntu base image with chainguard static #12671

wants to merge 8 commits into from
+10 −47

Conversation

kruskall
Copy link
Member

Motivation/summary

See https://edu.chainguard.dev/chainguard/chainguard-images/reference/static/

Migrate docker base image to cgr.dev/chainguard/static:latest. This Image has a single user nonroot with uid 65532, belonging to gid 65532. The image produced from the make task went from 196Mb to 61Mb.

Remove tini as it's currently included in docker and call the apm-server binary directly in the entrypoint.

Checklist

For functional changes, consider:

  • Is it observable through the addition of either logging or metrics?
  • Is its use being published in telemetry to enable product improvement?
  • Have system tests been added to avoid regression?

How to test these changes

Related issues

Closes #11918
Blocked by #12670

@kruskall
feat: replace bash script with apm-server binary in docker entrypoint
b0ae4c3
@kruskall
feat: remove tini from the entrypoint
b0f2f74 
This is not needed anymore now that the apm-server binary is running directly.
Finally, tini has been merged into docker and can be enabled with the --init flag.
@kruskall
feat: replace ubuntu base image with chainguard static
9022753 
By default chainguard image is running with a user called nonroot with id 65532.
Set proper ownership using --chown
Update config in the builder image as busybox tools are missing from the final image.
@kruskall kruskall requested a review from a team as a code owner February 16, 2024 23:20
@mergify Mergify
Copy link
Contributor

mergify bot commented Feb 16, 2024

This pull request does not have a backport label. Could you fix it @kruskall? 🙏
To fixup this pull request, you need to add the backport labels for the needed
branches, such as:

  • backport-7.17 is the label to automatically backport to the 7.17 branch.
  • backport-8./d is the label to automatically backport to the 8./d branch. /d is the digit.

NOTE: backport-skip has been added to this pull request.

@mergify mergify bot added the backport-skip Skip notification from the automated backport with mergify label Feb 16, 2024
@kruskall kruskall marked this pull request as draft February 19, 2024 15:59
@mergify Mergify
Copy link
Contributor

mergify bot commented Apr 15, 2024

This pull request is now in conflicts. Could you fix it @kruskall? 🙏
To fixup this pull request, you can check out it locally. See documentation: https://help.github.com/articles/checking-out-pull-requests-locally/

git fetch upstream
git checkout -b feat/chainguard-image upstream/feat/chainguard-image
git merge upstream/main
git push upstream feat/chainguard-image

@kruskall kruskall marked this pull request as ready for review May 8, 2024 14:47
@v1v v1v mentioned this pull request May 13, 2024
Merged
2 tasks
@mergify mergify bot mentioned this pull request May 24, 2024
Merged
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
backport-skip Skip notification from the automated backport with mergify
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Move away from ubuntu docker base image
1 participant
@kruskall