-
Notifications
You must be signed in to change notification settings - Fork 116
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
12 changed files
with
117 additions
and
239 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,12 +1,17 @@ | ||
# Setup defaults for build arguments | ||
ARG PLATFORMS ?= linux/amd64 | ||
ARG BASE_OS ?= registry.access.redhat.com/ubi8/ubi | ||
ARG BASE_OS_VERSION ?= 8.10 | ||
|
||
# Build the manager binary | ||
FROM golang:1.23.0 AS builder | ||
FROM golang:1.23.0 as builder | ||
|
||
WORKDIR /workspace | ||
|
||
# Copy the Go Modules manifests | ||
COPY go.mod go.mod | ||
COPY go.sum go.sum | ||
# cache deps before building and copying source so that we don't need to re-download as much | ||
# and so that source changes don't invalidate our downloaded layer | ||
# Cache dependencies before building and copying source to reduce re-downloading | ||
RUN go mod download | ||
|
||
# Copy the go source | ||
|
@@ -18,22 +23,25 @@ COPY tools/ tools/ | |
COPY hack hack/ | ||
|
||
# Build | ||
RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -o manager main.go | ||
# TARGETOS and TARGETARCH are provided(inferred) by buildx via the --platforms flag | ||
RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -a -o manager main.go | ||
|
||
# Use BASE_OS as the base image | ||
FROM ${BASE_OS}:{BASE_OS_VERSION} | ||
|
||
# Use distroless as minimal base image to package the manager binary | ||
# Refer to https://github.com/GoogleContainerTools/distroless for more details | ||
FROM registry.access.redhat.com/ubi8/ubi:8.10 | ||
ENV OPERATOR=/manager \ | ||
USER_UID=1001 \ | ||
USER_NAME=nonroot | ||
|
||
# Install necessary packages and configure user | ||
RUN yum -y install shadow-utils && \ | ||
useradd -ms /bin/bash nonroot -u 1001 && \ | ||
yum update -y krb5-libs && yum clean all && \ | ||
yum -y update-minimal --security --sec-severity=Important --sec-severity=Critical && \ | ||
yum -y update-minimal --security --sec-severity=Moderate && \ | ||
yum -y update-minimal --security --sec-severity=Low | ||
|
||
# Metadata | ||
LABEL name="splunk" \ | ||
maintainer="[email protected]" \ | ||
vendor="splunk" \ | ||
|
@@ -42,17 +50,21 @@ LABEL name="splunk" \ | |
summary="Simplify the Deployment & Management of Splunk Products on Kubernetes" \ | ||
description="The Splunk Operator for Kubernetes (SOK) makes it easy for Splunk Administrators to deploy and operate Enterprise deployments in a Kubernetes infrastructure. Packaged as a container, it uses the operator pattern to manage Splunk-specific custom resources, following best practices to manage all the underlying Kubernetes objects for you." | ||
|
||
# Set up workspace | ||
WORKDIR / | ||
RUN mkdir /licenses && \ | ||
mkdir -p /tools/k8_probes | ||
|
||
# Copy necessary files from the builder stage and other resources | ||
COPY --from=builder /workspace/manager . | ||
COPY tools/EULA_Red_Hat_Universal_Base_Image_English_20190422.pdf /licenses | ||
COPY LICENSE /licenses/LICENSE-2.0.txt | ||
COPY tools/k8_probes/livenessProbe.sh /tools/k8_probes/ | ||
COPY tools/k8_probes/readinessProbe.sh /tools/k8_probes/ | ||
COPY tools/k8_probes/startupProbe.sh /tools/k8_probes/ | ||
|
||
# Set the user | ||
USER 1001 | ||
|
||
ENTRYPOINT ["/manager"] | ||
# Start the manager | ||
ENTRYPOINT ["/manager"] |
Oops, something went wrong.