porthole/images/compute-utility/Dockerfile.ubuntu_bionic
astebenkova 3824cae821 [images] Decrease images size
+ update K8s patch version to v1.28.5
+ update percona-toolkit patch version to v3.5.5
+ switch to secure https postgres repository
A bunch of redundant third-party packages are installed inside the images, many with
security vulnerabilities. Implementing best practices should solve both problems.

Change-Id: I2105fe0b6058b64ae49d2977da5f1e8bad976991
2023-12-21 19:04:12 +02:00

56 lines
1.9 KiB
Docker

ARG FROM=docker.io/ubuntu:bionic
FROM ${FROM}
LABEL org.opencontainers.image.authors='airship-discuss@lists.airshipit.org, irc://#airshipit@freenode' \
org.opencontainers.image.url='https://airshipit.org' \
org.opencontainers.image.documentation='https://opendev.org/airship/porthole' \
org.opencontainers.image.source='https://opendev.org/airship/porthole' \
org.opencontainers.image.vendor='The Airship Authors' \
org.opencontainers.image.licenses='Apache-2.0'
ARG KUBE_VERSION=1.24.6
ARG DEBIAN_FRONTEND=noninteractive
RUN set -xe \
&& sed -i '/nobody/d' /etc/passwd \
&& echo "nobody:x:65534:65534:nobody:/nonexistent:/bin/bash" >> /etc/passwd \
&& apt-get update \
&& apt-get install -y apt-transport-https \
bash \
ca-certificates \
openvswitch-switch \
curl \
gnupg \
hexedit \
iperf \
jq \
moreutils \
radosgw \
rsyslog \
s3cmd \
rsync \
sudo \
wget \
xz-utils \
python3.6 \
python3-pip \
&& pip3 install --upgrade pip \
&& pip3 install \
oslo.rootwrap==6.2.0 \
&& apt-get remove --purge -y wget apt-transport-https \
&& apt-get autoremove -y \
&& apt-get clean \
&& curl --silent -L https://dl.k8s.io/v${KUBE_VERSION}/kubernetes-client-linux-amd64.tar.gz \
| tar -zC /usr/bin --strip-components=3 --wildcards -x "*/*/*/kubectl" \
&& rm -rf \
/var/lib/apt/lists/*
RUN PYTHON_LOCATION=$(pip3 show oslo.rootwrap|grep Location|awk '{print $2}') \
&& sed -i "/rootwrap_logger.setLevel/s/.*/#&/" $PYTHON_LOCATION/oslo_rootwrap/wrapper.py \
&& sed -i "/handler.setFormatter/s/.*/#&/" $PYTHON_LOCATION/oslo_rootwrap/wrapper.py \
&& sed -i "/os.path.basename/s/.*/#&/" $PYTHON_LOCATION/oslo_rootwrap/wrapper.py \
&& sed -i "/rootwrap_logger.addHandler/s/.*/#&/" $PYTHON_LOCATION/oslo_rootwrap/wrapper.py
CMD ["/bin/bash"]