Skip to content

Commit

Permalink
nifi ironbank image addition
Browse files Browse the repository at this point in the history
Signed-off-by: Rajat <[email protected]>
  • Loading branch information
Rajat0002 committed Dec 27, 2023
1 parent 578953a commit 1b88689
Show file tree
Hide file tree
Showing 14 changed files with 591 additions and 148 deletions.
208 changes: 136 additions & 72 deletions .github/workflows/image_run_pr_v3.yml

Large diffs are not rendered by default.

192 changes: 120 additions & 72 deletions .github/workflows/image_run_v3.yml

Large diffs are not rendered by default.

4 changes: 3 additions & 1 deletion .github/workflows/monitor.yml
Original file line number Diff line number Diff line change
Expand Up @@ -118,6 +118,8 @@ jobs:
run: docker pull rapidfort/nginx-ib
- name: Pull NGINX Official
run: docker pull rapidfort/nginx-official
- name: Pull Apache Nifi IronBank
run: docker pull rapidfort/nifi-ib
- name: Pull Grafana Oncall
run: docker pull rapidfort/oncall
- name: Pull PostgreSQL
Expand Down Expand Up @@ -168,5 +170,5 @@ jobs:
curl -X POST \
-H "Accept: application/json" \
-H "Authorization: Bearer ${PULL_COUNTER_MAGIC_TOKEN}" \
-d '{ "rapidfort/airflow": 1 , "rapidfort/airflow-ib": 1 , "rapidfort/airflow-scheduler": 1 , "rapidfort/airflow-worker": 1 , "rapidfort/apache": 1 , "rapidfort/apache2-ib": 1 , "rapidfort/apache-official": 1 , "rapidfort/cassandra-official": 1 , "rapidfort/consul": 1 , "rapidfort/consul-ib": 1 , "rapidfort/consul-official": 1 , "rapidfort/couchdb": 1 , "rapidfort/couchdb_3-ib": 1 , "rapidfort/couchdb-official": 1 , "rapidfort/curl": 1 , "rapidfort/elasticsearch": 1 , "rapidfort/elasticsearch-official": 1 , "rapidfort/envoy": 1 , "rapidfort/envoy-official": 1 , "rapidfort/etcd": 1 , "rapidfort/etcd-ib": 1 , "rapidfort/fluent-bit": 1 , "rapidfort/fluent-bit-ib": 1 , "rapidfort/fluentd": 1 , "rapidfort/fluentd-ib": 1 , "rapidfort/fluentd-official": 1 , "rapidfort/ghost": 1 , "rapidfort/grafana-ib": 1 , "rapidfort/haproxy": 1 , "rapidfort/haproxy24-ib": 1 , "rapidfort/haproxy-official": 1 , "rapidfort/influxdb": 1 , "rapidfort/keycloak-official": 1 , "rapidfort/kong": 1 , "rapidfort/mariadb": 1 , "rapidfort/mariadb-ib": 1 , "rapidfort/mariadb-official": 1 , "rapidfort/memcached": 1 , "rapidfort/memcached-ib": 1 , "rapidfort/memcached-official": 1 , "rapidfort/microsoft-sql-server-2019-ib": 1 , "rapidfort/mongodb": 1 , "rapidfort/mongodb-ib": 1 , "rapidfort/mongodb-official": 1 , "rapidfort/mysql": 1 , "rapidfort/mysql8-ib": 1 , "rapidfort/mysql-official": 1 , "rapidfort/nats": 1 , "rapidfort/nats-ib": 1 , "rapidfort/nats-official": 1 , "rapidfort/nginx": 1 , "rapidfort/nginx-ib": 1 , "rapidfort/nginx-official": 1 , "rapidfort/oncall": 1 , "rapidfort/postgresql": 1 , "rapidfort/postgresql12-ib": 1 , "rapidfort/postgresql-official": 1 , "rapidfort/prometheus": 1 , "rapidfort/prometheus-ib": 1 , "rapidfort/rabbitmq": 1 , "rapidfort/redis": 1 , "rapidfort/redis-cluster": 1 , "rapidfort/redis6-ib": 1 , "rapidfort/redis-official": 1 , "rapidfort/telegraf": 1 , "rapidfort/traefik": 1 , "rapidfort/traefik-ib": 1 , "rapidfort/vault": 1 , "rapidfort/wordpress": 1 , "rapidfort/wordpress-ib": 1 , "rapidfort/yourls": 1 , "rapidfort/zookeeper": 1 , "rapidfort/zookeeper-ib": 1 , "rapidfort/zookeeper-official": 1 }' \
-d '{ "rapidfort/airflow": 1 , "rapidfort/airflow-ib": 1 , "rapidfort/airflow-scheduler": 1 , "rapidfort/airflow-worker": 1 , "rapidfort/apache": 1 , "rapidfort/apache2-ib": 1 , "rapidfort/apache-official": 1 , "rapidfort/cassandra-official": 1 , "rapidfort/consul": 1 , "rapidfort/consul-ib": 1 , "rapidfort/consul-official": 1 , "rapidfort/couchdb": 1 , "rapidfort/couchdb_3-ib": 1 , "rapidfort/couchdb-official": 1 , "rapidfort/curl": 1 , "rapidfort/elasticsearch": 1 , "rapidfort/elasticsearch-official": 1 , "rapidfort/envoy": 1 , "rapidfort/envoy-official": 1 , "rapidfort/etcd": 1 , "rapidfort/etcd-ib": 1 , "rapidfort/fluent-bit": 1 , "rapidfort/fluent-bit-ib": 1 , "rapidfort/fluentd": 1 , "rapidfort/fluentd-ib": 1 , "rapidfort/fluentd-official": 1 , "rapidfort/ghost": 1 , "rapidfort/grafana-ib": 1 , "rapidfort/haproxy": 1 , "rapidfort/haproxy24-ib": 1 , "rapidfort/haproxy-official": 1 , "rapidfort/influxdb": 1 , "rapidfort/keycloak-official": 1 , "rapidfort/kong": 1 , "rapidfort/mariadb": 1 , "rapidfort/mariadb-ib": 1 , "rapidfort/mariadb-official": 1 , "rapidfort/memcached": 1 , "rapidfort/memcached-ib": 1 , "rapidfort/memcached-official": 1 , "rapidfort/microsoft-sql-server-2019-ib": 1 , "rapidfort/mongodb": 1 , "rapidfort/mongodb-ib": 1 , "rapidfort/mongodb-official": 1 , "rapidfort/mysql": 1 , "rapidfort/mysql8-ib": 1 , "rapidfort/mysql-official": 1 , "rapidfort/nats": 1 , "rapidfort/nats-ib": 1 , "rapidfort/nats-official": 1 , "rapidfort/nginx": 1 , "rapidfort/nginx-ib": 1 , "rapidfort/nginx-official": 1 , "rapidfort/nifi-ib": 1 , "rapidfort/oncall": 1 , "rapidfort/postgresql": 1 , "rapidfort/postgresql12-ib": 1 , "rapidfort/postgresql-official": 1 , "rapidfort/prometheus": 1 , "rapidfort/prometheus-ib": 1 , "rapidfort/rabbitmq": 1 , "rapidfort/redis": 1 , "rapidfort/redis-cluster": 1 , "rapidfort/redis6-ib": 1 , "rapidfort/redis-official": 1 , "rapidfort/telegraf": 1 , "rapidfort/traefik": 1 , "rapidfort/traefik-ib": 1 , "rapidfort/vault": 1 , "rapidfort/wordpress": 1 , "rapidfort/wordpress-ib": 1 , "rapidfort/yourls": 1 , "rapidfort/zookeeper": 1 , "rapidfort/zookeeper-ib": 1 , "rapidfort/zookeeper-official": 1 }' \
https://data-receiver.rapidfort.com/counts/internal_image_pulls
10 changes: 9 additions & 1 deletion .github/workflows/readme_updater.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ jobs:

steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v4
- uses: actions/checkout@v3

- name: Generate new readme and image files
run: |
Expand Down Expand Up @@ -466,6 +466,14 @@ jobs:
repository: rapidfort/nginx-official
readme-filepath: ./community_images/nginx/official/README.md.dockerhub
short-description: RapidFort optimized, hardened image for NGINX Official
- name: Docker Hub Description Apache Nifi IronBank
uses: peter-evans/dockerhub-description@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
repository: rapidfort/nifi-ib
readme-filepath: ./community_images/nif/ironbank/README.md.dockerhub
short-description: RapidFort optimized, hardened image for Apache Nifi IronBank
- name: Docker Hub Description Grafana Oncall
uses: peter-evans/dockerhub-description@v3
with:
Expand Down
3 changes: 2 additions & 1 deletion builder.lst
Original file line number Diff line number Diff line change
Expand Up @@ -69,4 +69,5 @@ nats/ironbank
airflow/airflow/ironbank
keycloak/official
fluent-bit/ironbank
fluent-bit/bitnami
fluent-bit/bitnami
nifi/ironbank
1 change: 1 addition & 0 deletions community_images/nifi/ironbank/.rfignore
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
opt/nifi/nifi-current/licenses
140 changes: 140 additions & 0 deletions community_images/nifi/ironbank/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,140 @@
<a href="https://us01.rapidfort.com/app/community/imageinfo/registry1.dso.mil%2Fironbank%2Fopensource%2Fapache%2Fnifi?utm_source=github&utm_medium=ci_view_report&utm_campaign=sep_01_sprint&utm_term=nifi-ib&utm_content=rapidfort_logo">
<img src="https://raw.githubusercontent.com/rapidfort/community-images/main/contrib/github_logo.png" alt="RapidFort" width="200" />
</a>

<br>

[![rf-h][rf-h-badge]][rf-view-report-button]
[![DH Image][dh-rf-badge]][rf-dh-image-link]
[![Slack][slack-badge]][slack-link]
[![FOSSA Status][fossa-badge]][fossa-link]

# RapidFort hardened image for Apache Nifi IronBank

RapidFort’s container optimization process hardened this Apache Nifi IronBank container. This container is free to use and has no license limitations.

It is the same as the [Platform One Apache Nifi IronBank][source-image-repo-link] image but more secure.

Every day, we optimize and harden a variety of Docker Hub’s most famous images. Check out our [entire library](https://hub.docker.com/u/rapidfort) of secured containers.
<br>

[Get the full report here or click on the image below][rf-view-report-link]

[![Metrics][metrics-link]][rf-image-metrics-link]

<h2> Vulnerabilities: Original vs. Hardened

</h2>

[![CVE Reduction][cve-reduction-link]][rf-image-cve-reduction-link]

<a href="https://us01.rapidfort.com/app/community/imageinfo/registry1.dso.mil%2Fironbank%2Fopensource%2Fapache%2Fnifi?utm_source=github&utm_medium=ci_view_report&utm_campaign=sep_01_sprint&utm_term=nifi-ib&utm_content=get_full_report_button">
<img align="center" src="https://raw.githubusercontent.com/rapidfort/community-images/main/contrib/github_button_3.svg" alt="View Report" height="50" />
</a>
<br>
<br>


## What is Apache Nifi IronBank?

> NiFi is an easy to use, powerful, and reliable system to process and distribute data.

[Overview of Apache Nifi IronBank](https://nifi.apache.org)

Trademarks: This software listing is packaged by RapidFort. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement.


## How do I use this hardened Apache Nifi IronBank image?

The runtime instructions for this container are no different from the official release. Follow the instructions in their readme, but use our hardened image.

<a href="https://repo1.dso.mil/dsop/opensource/apache/nifi/-/blob/development/README.md">
<img align="center" src="https://raw.githubusercontent.com/rapidfort/community-images/main/contrib/view_detailed_instructions_button.svg" alt="View Detailed Instructions" height="50" />
</a>
<br>
<br>

```sh
# Using docker run:
$ docker run -it --name my-nifi -p 8080:80 rapidfort/nifi-ib
# PWD can be replaced with the directory containing all your HTML.

```

## What is a hardened image?

A hardened image is a copy of a container that has been optimized and reduced for significantly improved security. Because every container uses many open-source software components and their dependencies, there’s a lot of extra weight that can be trimmed.

This image is a hardened version of the official [Platform One Apache Nifi IronBank][source-image-repo-link] image on Docker Hub.

RapidFort is an industry-leading container optimization solution that minimizes software attack surfaces by removing unused code. Most containers can be reduced by at least 50%, which reduces the opportunity for malicious attacks and CVE exploits. Learn more at [RapidFort.com][rf-link].

Our hardened images are updated daily using the latest vulnerability information available.

<a href="https://github.com/rapidfort/community-images/tree/main/community_images/nif/ironbank">
<img align="center" src="https://raw.githubusercontent.com/rapidfort/community-images/main/contrib/view_on_github_button.svg" alt="View on GitHub" height="50" />
</a>
<br>
<br>

## What’s the difference between the official [Platform One Apache Nifi IronBank][source-image-repo-link] image and this hardened image?
RapidFort’s hardened [rapidfort/nifi-ib][rf-dh-image-link] image has been optimized by our proprietary scanning and slimming technology. We are big fans of open-source software, containerized infrastructure, and security.

We are making secure copies of the images we use every day and the most popular ones on Docker Hub. We want to make the world a safer place to operate.

## Supported tags and respective `Dockerfile` links

## Need support

Join our slack community for any questions.

<a href="https://join.slack.com/t/rapidfortcommunity/shared_invite/zt-1g3wy28lv-DaeGexTQ5IjfpbmYW7Rm_Q">
<img src="https://raw.githubusercontent.com/rapidfort/community-images/main/contrib/github_banner.png" alt="RapidFort Community Slack" width="600" />
</a>

## 🌟 Support this project

[![](https://user-images.githubusercontent.com/48997634/174794647-0c851917-e5c9-4fb9-bf88-b61d89dc2f4f.gif)](https://github.com/rapidfort/community-images/stargazers)

### [⏫⭐️ Scroll to the star button](#start-of-content)

If you believe this project has potential, feel free to **star this repo** just like many [amazing people](https://github.com/rapidfort/community-images/stargazers)
have.

## Have questions?

[![RapidFort](https://raw.githubusercontent.com/rapidfort/community-images/main/contrib/github_logo_footer.png)][rf-rapidfort-footer-logo-link]


If you'd like to learn more about RapidFort or our container optimization process, visit [RapidFort.com][rf-link].

<br>
<br>


[dh-rf-badge]: https://img.shields.io/badge/dockerhub-images-important.svg?logo=Docker

[fossa-badge]: https://app.fossa.com/api/projects/git%2Bgithub.com%2Frapidfort%2Fcommunity-images.svg?type=shield
[fossa-link]: https://app.fossa.com/projects/git%2Bgithub.com%2Frapidfort%2Fcommunity-images?ref=badge_shield

[rf-link]: https://rapidfort.com?utm_source=github&utm_medium=ci_rf_link&utm_campaign=sep_01_sprint&utm_term=nifi-ib&utm_content=rapidfort_have_questions

[rf-rapidfort-footer-logo-link]: https://us01.rapidfort.com/app/community/imageinfo/registry1.dso.mil%2Fironbank%2Fopensource%2Fapache%2Fnifi?utm_source=github&utm_medium=ci_view_report&utm_campaign=sep_01_sprint&utm_term=nifi-ib&utm_content=rapidfort_footer_logo
[rf-view-report-button]: https://us01.rapidfort.com/app/community/imageinfo/registry1.dso.mil%2Fironbank%2Fopensource%2Fapache%2Fnifi?utm_source=github&utm_medium=ci_view_report&utm_campaign=sep_01_sprint&utm_term=nifi-ib&utm_content=view_report_button
[rf-view-report-link]: https://us01.rapidfort.com/app/community/imageinfo/registry1.dso.mil%2Fironbank%2Fopensource%2Fapache%2Fnifi?utm_source=github&utm_medium=ci_view_report&utm_campaign=sep_01_sprint&utm_term=nifi-ib&utm_content=view_report_link
[rf-image-metrics-link]: https://us01.rapidfort.com/app/community/imageinfo/registry1.dso.mil%2Fironbank%2Fopensource%2Fapache%2Fnifi?utm_source=github&utm_medium=ci_view_report&utm_campaign=sep_01_sprint&utm_term=nifi-ib&utm_content=image_metrics_link
[rf-image-cve-reduction-link]: https://us01.rapidfort.com/app/community/imageinfo/registry1.dso.mil%2Fironbank%2Fopensource%2Fapache%2Fnifi?utm_source=github&utm_medium=ci_view_report&utm_campaign=sep_01_sprint&utm_term=nifi-ib&utm_content=image_cve_reduction_link

[dh-img-size-badge]: https://img.shields.io/docker/image-size/rapidfort/nifi-ib?logo=docker&logoColor=white&sort=semver
[dh-img-pulls-badge]: https://img.shields.io/docker/pulls/rapidfort/nifi-ib?logo=docker&logoColor=white

[slack-badge]: https://img.shields.io/static/v1?label=Join&message=slack&logo=slack&logoColor=E01E5A&color=4A154B
[slack-link]: https://join.slack.com/t/rapidfortcommunity/shared_invite/zt-1g3wy28lv-DaeGexTQ5IjfpbmYW7Rm_Q

[rf-h-badge]: https://img.shields.io/static/v1?label=RapidFort&labelColor=333F48&message=hardened&color=50B4C4&logo=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACcAAAAkCAYAAAAKNyObAAAACXBIWXMAACE4AAAhOAFFljFgAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAHvSURBVHgB7ZjvTcMwEMUvEgNkhNuAjOAR2IAyQbsB2YAyQbsBYoKwQdjA3aAjHA514Xq1Hf9r6QeeFKVJ3tkv+cWOVYCAiKg124b82gZqe0+NNlsHJbLBxthg1o+RASetIEdTJxnBRvtUMCHgM6TIBtMZwY7SiQFfrhUsN+Ao/TJYR3WC5QY88/Nge6oXLBRwO+P/GcnNMZzZteBR0zQfogM0O4Q47Uz9TtSrUIHs71+paugw16Dn+qt5xJ/TD4viEcrE25tepaXPaHxP350GXtD10WwHQWjQxKhl7YUGRg/MuPaY9vxuzPFA+RpEW9rj0yCMbcCsmG9B+Xpk7YRo4RnjQEEttBiBtAefyI23BtoYpBrmRO6ZX0EZWo60c1yfaGBMOKRzdKVocYZO/NpuMss7E9cHitcc0gFS5Qig2LUUtCGkmmJwOsJJvLlokdWtfMFzAvLGctCOooYPtg2USoRQ7HwM2hXzIzuvKQenIxzHm4oWmZ9TKF1AnAR8sI2moB093nKcjoBvtnHFzoXQ8qeMDGcLtUW/i4NYtJ3jJhRcSnRYHMSg1Q5PD5cWHT4/ih0vIpDOf9QrhZtQLsWxlILT8AjXEol/iQRaiVTBX4pO57D6U0WJBFoFtyaLtuqLfwf19G62e7hFWbQKKuoLYovGDo9dW28AAAAASUVORK5CYII=
[metrics-link]: https://github.com/rapidfort/community-images/raw/main/community_images/nif/ironbank/assets/metrics.webp
[cve-reduction-link]: https://github.com/rapidfort/community-images/raw/main/community_images/nif/ironbank/assets/cve_reduction.webp

[source-image-repo-link]: https://registry1.dso.mil/harbor/projects/3/repositories/opensource%2Fapache%2Fnifi
[rf-dh-image-link]: https://hub.docker.com/r/rapidfort/nifi-ib
28 changes: 28 additions & 0 deletions community_images/nifi/ironbank/dc_coverage.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
#!/bin/bash

set -x
set -e

SCRIPTPATH="$( cd -- "$(dirname "$0")" >/dev/null 2>&1 ; pwd -P )"

# shellcheck disable=SC1091
. "${SCRIPTPATH}"/../../common/scripts/bash_helper.sh

JSON_PARAMS="$1"

JSON=$(cat "$JSON_PARAMS")

echo "Json params for docker compose coverage = $JSON"

PROJECT_NAME=$(jq -r '.project_name' < "$JSON_PARAMS")

CONTAINER_NAME="${PROJECT_NAME}"-nifi-1
sleep 10

# Start the NiFi template
docker exec -i "${CONTAINER_NAME}" /opt/nifi/nifi-current/bin/nifi.sh nifi start -f /tmp/test-template.xml
# Wait for the data flow to process some data
sleep 60

docker exec -i "${CONTAINER_NAME}" /opt/nifi/nifi-current/bin/nifi.sh nifi pg-list
docker exec -i "${CONTAINER_NAME}" /opt/nifi/nifi-current/bin/nifi.sh nifi status
11 changes: 11 additions & 0 deletions community_images/nifi/ironbank/docker-compose.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
version: '2'

services:
nifi:
image: ${NIFI_IMAGE_REPOSITORY}:${NIFI_IMAGE_TAG}
cap_add:
- SYS_PTRACE
ports:
- "0.0.0.0::8080"
volumes:
- ./test-template.xml:/tmp/test-template.xml
44 changes: 44 additions & 0 deletions community_images/nifi/ironbank/image.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
name: nifi-ib
official_name: Apache Nifi IronBank
official_website: https://nifi.apache.org
source_image_provider: Platform One
source_image_repo: registry1.dso.mil/ironbank/opensource/apache/nifi
source_image_repo_link: https://registry1.dso.mil/harbor/projects/3/repositories/opensource%2Fapache%2Fnifi
source_image_readme: https://repo1.dso.mil/dsop/opensource/apache/nifi/-/blob/development/README.md
rf_docker_link: rapidfort/nifi-ib
image_workflow_name: nifi_ironbank
github_location: nif/ironbank
report_url: https://us01.rapidfort.com/app/community/imageinfo/registry1.dso.mil%2Fironbank%2Fopensource%2Fapache%2Fnifi
usage_instructions: |
# Using docker run:
$ docker run -it --name my-nifi -p 8080:80 rapidfort/nifi-ib
# PWD can be replaced with the directory containing all your HTML.
what_is_text: |
NiFi is an easy to use, powerful, and reliable system to process and distribute data.
disclaimer: |
Trademarks: This software listing is packaged by RapidFort. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement.
input_registry:
registry: registry1.dso.mil
account: ironbank
repo_sets:
- opensource/apache/nifi:
input_base_tag: "1.24."
output_repo: nifi-ib
runtimes:
- type: docker_compose
script: dc_coverage.sh
compose_file: docker-compose.yml
image_keys:
nifi-ib:
repository: "NIFI_IMAGE_REPOSITORY"
tag: "NIFI_IMAGE_TAG"
- type: k8s
script: k8s_coverage.sh
use_helm: False
image_keys:
nifi-ib:
repository: "image.repository"
tag: "image.tag"
override_file: "overrides.yml"
readiness_wait_pod_name_suffix:
- ""
30 changes: 30 additions & 0 deletions community_images/nifi/ironbank/k8s_coverage.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
#!/bin/bash

set -x
set -e

# shellcheck disable=SC1091
SCRIPTPATH="$( cd -- "$(dirname "$0")" >/dev/null 2>&1 ; pwd -P )"

# shellcheck disable=SC1091
. "${SCRIPTPATH}"/../../common/scripts/bash_helper.sh

JSON_PARAMS="$1"

JSON=$(cat "$JSON_PARAMS")

echo "Json params for k8s coverage = $JSON"

NAMESPACE=$(jq -r '.namespace_name' < "$JSON_PARAMS")
RELEASE_NAME=$(jq -r '.release_name' < "$JSON_PARAMS")
CONTAINER_NAME="${RELEASE_NAME}"

kubectl exec -i "${CONTAINER_NAME}" -n "${NAMESPACE}" -- /opt/nifi/nifi-current/bin/nifi.sh
sleep 60
kubectl logs -n "${NAMESPACE}" "${CONTAINER_NAME}"
kubectl exec -i "${CONTAINER_NAME}" -n "${NAMESPACE}" -- tail -n 100 /opt/nifi/nifi-current/logs/nifi-app.log

kubectl exec -i "${CONTAINER_NAME}" -n "${NAMESPACE}" -- ls -l /opt/nifi/nifi-current/bin
kubectl exec -i "${CONTAINER_NAME}" -n "${NAMESPACE}" -- ps aux | grep nifi

kubectl exec -i "${CONTAINER_NAME}" -n "${NAMESPACE}" -- /opt/nifi/nifi-current/bin/nifi.sh list-processors
18 changes: 18 additions & 0 deletions community_images/nifi/ironbank/overrides.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
image:
pullSecrets: ["rf-regcred"]
pullPolicy: Always
containerSecurityContext:
enabled: true
runAsUser: 1001
allowPrivilegeEscalation: true
capabilities:
add: ["SYS_PTRACE"]
extraEnvVars:
- name: "RF_VERBOSE"
value: "0"
livenessProbe:
initialDelaySeconds: 30
timeoutSeconds: 30
readinessProbe:
initialDelaySeconds: 30
timeoutSeconds: 30
Loading

0 comments on commit 1b88689

Please sign in to comment.