-
Notifications
You must be signed in to change notification settings - Fork 115
/
Copy pathDockerfile
59 lines (49 loc) · 2.24 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
# Build the manager binary
FROM golang:1.23.0 AS builder
WORKDIR /workspace
# Copy the Go Modules manifests
COPY go.mod go.mod
COPY go.sum go.sum
# cache deps before building and copying source so that we don't need to re-download as much
# and so that source changes don't invalidate our downloaded layer
RUN go mod download
# Copy the go source
COPY main.go main.go
COPY api/ api/
COPY controllers/ controllers/
COPY pkg/ pkg/
COPY tools/ tools/
COPY hack hack/
# Build
RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -o manager main.go
# Use distroless as minimal base image to package the manager binary
# Refer to https://github.com/GoogleContainerTools/distroless for more details
# This sha relates to ubi version 8.10-1132, which is tagged as 8.10 and latest as of Nov 15, 2024
FROM registry.access.redhat.com/ubi8/ubi@sha256:8990388831e1b41c9a67389e4b691dae8b1283f77d5fb7263e1f4fc69c0a9d05
ENV OPERATOR=/manager \
USER_UID=1001 \
USER_NAME=nonroot
RUN yum -y install shadow-utils
RUN useradd -ms /bin/bash nonroot -u 1001
RUN yum update -y krb5-libs && yum clean all
RUN yum -y update-minimal --security --sec-severity=Important --sec-severity=Critical
RUN yum -y update-minimal --security --sec-severity=Moderate
RUN yum -y update-minimal --security --sec-severity=Low
LABEL name="splunk" \
maintainer="[email protected]" \
vendor="splunk" \
version="2.2.1" \
release="1" \
summary="Simplify the Deployment & Management of Splunk Products on Kubernetes" \
description="The Splunk Operator for Kubernetes (SOK) makes it easy for Splunk Administrators to deploy and operate Enterprise deployments in a Kubernetes infrastructure. Packaged as a container, it uses the operator pattern to manage Splunk-specific custom resources, following best practices to manage all the underlying Kubernetes objects for you."
WORKDIR /
RUN mkdir /licenses
RUN mkdir -p /tools/k8_probes
COPY --from=builder /workspace/manager .
COPY tools/EULA_Red_Hat_Universal_Base_Image_English_20190422.pdf /licenses
COPY LICENSE /licenses/LICENSE-2.0.txt
COPY tools/k8_probes/livenessProbe.sh /tools/k8_probes/
COPY tools/k8_probes/readinessProbe.sh /tools/k8_probes/
COPY tools/k8_probes/startupProbe.sh /tools/k8_probes/
USER 1001
ENTRYPOINT ["/manager"]