From 5012ec506feca05a518e0ec7ead7b6cb294901a7 Mon Sep 17 00:00:00 2001 From: Rosyya Date: Wed, 14 Aug 2024 18:01:01 +0800 Subject: [PATCH 1/8] fix distroless image --- Dockerfile.distroless | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/Dockerfile.distroless b/Dockerfile.distroless index 2683b03..97e9105 100644 --- a/Dockerfile.distroless +++ b/Dockerfile.distroless @@ -22,5 +22,9 @@ FROM gcr.io/distroless/base-debian11 USER nonroot:nonroot WORKDIR /home/nonroot -COPY --from=builder --chown=nonroot:nonroot /gnfd-qa-test-monitor/build/monitor $WORKDIR -ENTRYPOINT ["./monitor"] \ No newline at end of file +# COPY --from=builder --chown=nonroot:nonroot /gnfd-qa-test-monitor/build/monitor $WORKDIR +# ENTRYPOINT ["./monitor"] + +COPY --from=builder --chown=nonroot:nonroot /gnfd-qa-test-monitor/build/* ${WORKDIR}/ + +ENTRYPOINT ["/app/monitor"] \ No newline at end of file From feb20c6fb42256d556c4f0299fbe3edea77a31dc Mon Sep 17 00:00:00 2001 From: Rosyya Date: Wed, 14 Aug 2024 18:10:20 +0800 Subject: [PATCH 2/8] test distroless image --- Dockerfile.distroless | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/Dockerfile.distroless b/Dockerfile.distroless index 97e9105..0e99163 100644 --- a/Dockerfile.distroless +++ b/Dockerfile.distroless @@ -18,13 +18,12 @@ RUN apk add --no-cache gcc libstdc++-dev libc-dev RUN cd /gnfd-qa-test-monitor \ && go build -o ./build/monitor main.go -FROM gcr.io/distroless/base-debian11 +RUN pwd && ls -al + +FROM alpine:3.17 USER nonroot:nonroot WORKDIR /home/nonroot -# COPY --from=builder --chown=nonroot:nonroot /gnfd-qa-test-monitor/build/monitor $WORKDIR -# ENTRYPOINT ["./monitor"] - -COPY --from=builder --chown=nonroot:nonroot /gnfd-qa-test-monitor/build/* ${WORKDIR}/ - -ENTRYPOINT ["/app/monitor"] \ No newline at end of file +COPY --from=builder --chown=nonroot:nonroot /gnfd-qa-test-monitor/build/monitor $WORKDIR +RUN pwd && ls -al +ENTRYPOINT ["./monitor"] \ No newline at end of file From f55089c1755554ddab92acd4086640e7470f8109 Mon Sep 17 00:00:00 2001 From: Rosyya Date: Wed, 14 Aug 2024 18:25:41 +0800 Subject: [PATCH 3/8] test distroless image --- Dockerfile.distroless | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/Dockerfile.distroless b/Dockerfile.distroless index 0e99163..5c9d980 100644 --- a/Dockerfile.distroless +++ b/Dockerfile.distroless @@ -18,12 +18,13 @@ RUN apk add --no-cache gcc libstdc++-dev libc-dev RUN cd /gnfd-qa-test-monitor \ && go build -o ./build/monitor main.go -RUN pwd && ls -al +RUN cd /gnfd-qa-test-monitor && pwd && ls -al FROM alpine:3.17 USER nonroot:nonroot WORKDIR /home/nonroot -COPY --from=builder --chown=nonroot:nonroot /gnfd-qa-test-monitor/build/monitor $WORKDIR -RUN pwd && ls -al +# COPY --from=builder --chown=nonroot:nonroot /gnfd-qa-test-monitor/build/monitor $WORKDIR +COPY --from=builder /gnfd-qa-test-monitor/build/monitor $WORKDIR +RUN cd /gnfd-qa-test-monitor && pwd && ls -al ENTRYPOINT ["./monitor"] \ No newline at end of file From 9cf2d7829a8a38ccceecc1eb010c0eadc92403e1 Mon Sep 17 00:00:00 2001 From: Rosyya Date: Wed, 14 Aug 2024 18:30:41 +0800 Subject: [PATCH 4/8] test distroless image --- Dockerfile.distroless | 25 +++++++++++++++++++------ 1 file changed, 19 insertions(+), 6 deletions(-) diff --git a/Dockerfile.distroless b/Dockerfile.distroless index 5c9d980..8cfd7d9 100644 --- a/Dockerfile.distroless +++ b/Dockerfile.distroless @@ -18,13 +18,26 @@ RUN apk add --no-cache gcc libstdc++-dev libc-dev RUN cd /gnfd-qa-test-monitor \ && go build -o ./build/monitor main.go -RUN cd /gnfd-qa-test-monitor && pwd && ls -al +RUN cd /gnfd-qa-test-monitor/build && pwd && ls -al FROM alpine:3.17 -USER nonroot:nonroot -WORKDIR /home/nonroot -# COPY --from=builder --chown=nonroot:nonroot /gnfd-qa-test-monitor/build/monitor $WORKDIR -COPY --from=builder /gnfd-qa-test-monitor/build/monitor $WORKDIR +ARG USER=sp +ARG USER_UID=1000 +ARG USER_GID=1000 + +ENV WORKDIR=/app + +WORKDIR ${WORKDIR} + +COPY --from=builder /gnfd-qa-test-monitor/build/* ${WORKDIR}/ +RUN chown -R ${USER_UID}:${USER_GID} ${WORKDIR} +USER ${USER_UID}:${USER_GID} RUN cd /gnfd-qa-test-monitor && pwd && ls -al -ENTRYPOINT ["./monitor"] \ No newline at end of file +ENTRYPOINT ["/app/monitor"] + +# USER nonroot:nonroot +# WORKDIR /home/nonroot +# COPY --from=builder --chown=nonroot:nonroot /gnfd-qa-test-monitor/build/monitor $WORKDIR +# RUN cd /gnfd-qa-test-monitor && pwd && ls -al +# ENTRYPOINT ["./monitor"] \ No newline at end of file From b74e756b049558c671ba1a4518e544c11180a8e0 Mon Sep 17 00:00:00 2001 From: Rosyya Date: Wed, 14 Aug 2024 18:34:33 +0800 Subject: [PATCH 5/8] test distroless image --- Dockerfile.distroless | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/Dockerfile.distroless b/Dockerfile.distroless index 8cfd7d9..5e81156 100644 --- a/Dockerfile.distroless +++ b/Dockerfile.distroless @@ -26,14 +26,12 @@ ARG USER=sp ARG USER_UID=1000 ARG USER_GID=1000 -ENV WORKDIR=/app +WORKDIR /app -WORKDIR ${WORKDIR} - -COPY --from=builder /gnfd-qa-test-monitor/build/* ${WORKDIR}/ +COPY --from=builder /gnfd-qa-test-monitor/build/* ${WORKDIR} RUN chown -R ${USER_UID}:${USER_GID} ${WORKDIR} USER ${USER_UID}:${USER_GID} -RUN cd /gnfd-qa-test-monitor && pwd && ls -al +RUN cd /app && pwd && ls -al ENTRYPOINT ["/app/monitor"] # USER nonroot:nonroot From 9092b19c06a5ec44ba595e60c4506146a30c018d Mon Sep 17 00:00:00 2001 From: Rosyya Date: Wed, 14 Aug 2024 18:37:35 +0800 Subject: [PATCH 6/8] test distroless image --- Dockerfile.distroless | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile.distroless b/Dockerfile.distroless index 5e81156..84b1302 100644 --- a/Dockerfile.distroless +++ b/Dockerfile.distroless @@ -28,10 +28,10 @@ ARG USER_GID=1000 WORKDIR /app -COPY --from=builder /gnfd-qa-test-monitor/build/* ${WORKDIR} +COPY --from=builder /gnfd-qa-test-monitor/build/* ${WORKDIR}/ RUN chown -R ${USER_UID}:${USER_GID} ${WORKDIR} USER ${USER_UID}:${USER_GID} -RUN cd /app && pwd && ls -al +RUN cd ${WORKDIR}/ && pwd && ls -al ENTRYPOINT ["/app/monitor"] # USER nonroot:nonroot From 15ddb6fc666379c3f4970ce499bf6a50e9e75413 Mon Sep 17 00:00:00 2001 From: Rosyya Date: Wed, 14 Aug 2024 18:40:05 +0800 Subject: [PATCH 7/8] test distroless image --- Dockerfile.distroless | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile.distroless b/Dockerfile.distroless index 84b1302..11376e1 100644 --- a/Dockerfile.distroless +++ b/Dockerfile.distroless @@ -21,12 +21,12 @@ RUN cd /gnfd-qa-test-monitor \ RUN cd /gnfd-qa-test-monitor/build && pwd && ls -al FROM alpine:3.17 - +ENV WORKDIR=/app ARG USER=sp ARG USER_UID=1000 ARG USER_GID=1000 -WORKDIR /app +WORKDIR ${WORKDIR} COPY --from=builder /gnfd-qa-test-monitor/build/* ${WORKDIR}/ RUN chown -R ${USER_UID}:${USER_GID} ${WORKDIR} From e5080caf20d0a95259209013a8ee01c605ad0167 Mon Sep 17 00:00:00 2001 From: Rosyya Date: Wed, 14 Aug 2024 18:49:56 +0800 Subject: [PATCH 8/8] test distroless image --- Dockerfile.distroless | 37 +++++++++++++++++++------------------ 1 file changed, 19 insertions(+), 18 deletions(-) diff --git a/Dockerfile.distroless b/Dockerfile.distroless index 11376e1..c536c6d 100644 --- a/Dockerfile.distroless +++ b/Dockerfile.distroless @@ -20,22 +20,23 @@ RUN cd /gnfd-qa-test-monitor \ RUN cd /gnfd-qa-test-monitor/build && pwd && ls -al -FROM alpine:3.17 -ENV WORKDIR=/app -ARG USER=sp -ARG USER_UID=1000 -ARG USER_GID=1000 - +# FROM gcr.io/distroless/base-debian11 +# ENV WORKDIR=/app +# ARG USER=sp +# ARG USER_UID=1000 +# ARG USER_GID=1000 + +# WORKDIR ${WORKDIR} + +# COPY --from=builder /gnfd-qa-test-monitor/build/* ${WORKDIR}/ +# RUN chown -R ${USER_UID}:${USER_GID} ${WORKDIR} +# USER ${USER_UID}:${USER_GID} +# RUN cd ${WORKDIR}/ && pwd && ls -al +# ENTRYPOINT ["/app/monitor"] + +FROM gcr.io/distroless/base-debian11 +USER nonroot:nonroot +ENV WORKDIR=/home/nonroot WORKDIR ${WORKDIR} - -COPY --from=builder /gnfd-qa-test-monitor/build/* ${WORKDIR}/ -RUN chown -R ${USER_UID}:${USER_GID} ${WORKDIR} -USER ${USER_UID}:${USER_GID} -RUN cd ${WORKDIR}/ && pwd && ls -al -ENTRYPOINT ["/app/monitor"] - -# USER nonroot:nonroot -# WORKDIR /home/nonroot -# COPY --from=builder --chown=nonroot:nonroot /gnfd-qa-test-monitor/build/monitor $WORKDIR -# RUN cd /gnfd-qa-test-monitor && pwd && ls -al -# ENTRYPOINT ["./monitor"] \ No newline at end of file +COPY --from=builder --chown=nonroot:nonroot /gnfd-qa-test-monitor/build/* ${WORKDIR}/ +ENTRYPOINT ["/home/nonroot/monitor"] \ No newline at end of file