Skip to content

Commit 03b08e4

Browse files
amacaskillamacaskill
committed
change to distroless base image
1 parent a7055c9 commit 03b08e4

File tree

1 file changed

+72
-21
lines changed

1 file changed

+72
-21
lines changed

Dockerfile

+72-21
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,6 @@
1212
# See the License for the specific language governing permissions and
1313
# limitations under the License.
1414

15-
1615
ARG BUILDPLATFORM
1716

1817
FROM --platform=$BUILDPLATFORM golang:1.17.2 as builder
@@ -24,30 +23,82 @@ WORKDIR /go/src/sigs.k8s.io/gcp-compute-persistent-disk-csi-driver
2423
ADD . .
2524
RUN GOARCH=$(echo $TARGETPLATFORM | cut -f2 -d '/') GCE_PD_CSI_STAGING_VERSION=$STAGINGVERSION make gce-pd-driver
2625

27-
# MAD HACKS: Build a version first so we can take the scsi_id bin and put it somewhere else in our real build
26+
# MAD HACKS: Build a version first so we can take the scsi_id bin and put it somewhere else in our real build.
2827
FROM k8s.gcr.io/build-image/debian-base:buster-v1.9.0 as mad-hack
29-
RUN clean-install udev
28+
RUN clean-install udev
3029

31-
# Start from Kubernetes Debian base
30+
# Start from Kubernetes Debian base.
3231
FROM k8s.gcr.io/build-image/debian-base:buster-v1.9.0 as debian
33-
COPY --from=builder /go/src/sigs.k8s.io/gcp-compute-persistent-disk-csi-driver/bin/gce-pd-csi-driver /gce-pd-csi-driver
34-
35-
3632
# Install necessary dependencies
3733
RUN clean-install util-linux e2fsprogs mount ca-certificates udev xfsprogs
38-
39-
FROM gcr.io/distroless/base
34+
# Since we're leveraging apt to pull in dependencies, we use `gcr.io/distroless/base` because it includes glibc.
35+
FROM gcr.io/distroless/base-debian11
36+
# Copy necessary dependencies into distroless base.
4037
COPY --from=builder /go/src/sigs.k8s.io/gcp-compute-persistent-disk-csi-driver/bin/gce-pd-csi-driver /gce-pd-csi-driver
4138
COPY --from=mad-hack /lib/udev/scsi_id /lib/udev_containerized/scsi_id
42-
# COPY --from=debian /lib/xfsprogs/ /lib/xfsprogs_containerized/
43-
# COPY --from=debian /lib/util-linux/ /lib/util-linux_containerized/
44-
45-
46-
47-
ENTRYPOINT ["/gce-pd-csi-driver"]
48-
49-
# Since you're leveraging apt to pull in dependencies, you'd want to use `gcr.io/distroless/base` as the ultimate base because it includes glibc
50-
51-
52-
# COPY --from=builder /lib/x86_64-linux-gnu/libpthread.so.0 /lib/x86_64-linux-gnu/]
53-
# RUN ["/busybox/sh", "-c", "clean-install util-linux e2fsprogs mount ca-certificates udev xfsprogs"]
39+
COPY --from=debian /bin/umount /bin/umount
40+
COPY --from=debian /bin/mount /bin/mount
41+
COPY --from=debian /sbin/resize2fs /sbin/resize2fs
42+
COPY --from=debian /sbin/e2mmpstatus /sbin/e2mmpstatus
43+
COPY --from=debian /sbin/blockdev /sbin/blockdev
44+
COPY --from=debian /sbin/e* /sbin/
45+
COPY --from=debian /sbin/mke2fs /sbin/mke2fs
46+
COPY --from=debian /etc/mke2fs.conf /etc/mke2fs.conf
47+
COPY --from=debian /sbin/dumpe2fs /sbin/dumpe2fs
48+
COPY --from=debian /sbin/mkfs* /sbin/
49+
COPY --from=debian /sbin/fsck /sbin/fsck
50+
COPY --from=debian /sbin/fsck* /sbin/
51+
COPY --from=debian /sbin/fsck.xfs /sbin/fsck.xfs
52+
COPY --from=debian /sbin/e2fsck /sbin/e2fsck
53+
COPY --from=debian /sbin/xfs_repair /sbin/xfs_repair
54+
COPY --from=debian /usr/sbin/xfs* /usr/sbin/
55+
COPY --from=debian /usr/include/xfs /usr/include/xfs
56+
COPY --from=debian /usr/lib/xfsprogs/xfs* /usr/lib/xfsprogs/
57+
COPY --from=debian /usr/include/xfs /usr/include/xfs
58+
COPY --from=debian /sbin/blkid /sbin/blkid
59+
60+
# Copy x86 shared libraries into distroless base.
61+
COPY --from=debian /lib/x86_64-linux-gnu/libselinux.so.1 /lib/x86_64-linux-gnu/libselinux.so.1
62+
COPY --from=debian /lib/x86_64-linux-gnu/libblkid.so.1 /lib/x86_64-linux-gnu/libblkid.so.1
63+
COPY --from=debian /lib/x86_64-linux-gnu/libuuid.so.1.3.0 /lib/x86_64-linux-gnu/libuuid.so.1.3.0
64+
COPY --from=debian /lib/x86_64-linux-gnu/libuuid.so.1 /lib/x86_64-linux-gnu/libuuid.so.1
65+
COPY --from=debian /lib/x86_64-linux-gnu/libext2fs.so.2.4 /lib/x86_64-linux-gnu/libext2fs.so.2.4
66+
COPY --from=debian /lib/x86_64-linux-gnu/libext2fs.so.2 /lib/x86_64-linux-gnu/libext2fs.so.2
67+
COPY --from=debian /lib/x86_64-linux-gnu/libcom_err.so.2 /lib/x86_64-linux-gnu/libcom_err.so.2
68+
COPY --from=debian /lib/x86_64-linux-gnu/libcom_err.so.2.1 /lib/x86_64-linux-gnu/libcom_err.so.2.1
69+
COPY --from=debian /lib/x86_64-linux-gnu/libreadline.so.5 /lib/x86_64-linux-gnu/libreadline.so.5
70+
COPY --from=debian /lib/x86_64-linux-gnu/libreadline.so.5.2 /lib/x86_64-linux-gnu/libreadline.so.5.2
71+
COPY --from=debian /lib/x86_64-linux-gnu/libpcre.so.3 /lib/x86_64-linux-gnu/libpcre.so.3
72+
COPY --from=debian /lib/x86_64-linux-gnu/libpcre.so.3.13.3 /lib/x86_64-linux-gnu/libpcre.so.3.13.3
73+
COPY --from=debian /lib/x86_64-linux-gnu/libtinfo.so.6 /lib/x86_64-linux-gnu/libtinfo.so.6
74+
COPY --from=debian /lib/x86_64-linux-gnu/libtinfo.so.6.1 /lib/x86_64-linux-gnu/libtinfo.so.6.1
75+
COPY --from=debian /lib/x86_64-linux-gnu/libe2p.so.2 /lib/x86_64-linux-gnu/libe2p.so.2
76+
COPY --from=debian /lib/x86_64-linux-gnu/libe2p.so.2.3 /lib/x86_64-linux-gnu/libe2p.so.2.3
77+
COPY --from=debian /lib/x86_64-linux-gnu/libmount.so.1.1.0 /lib/x86_64-linux-gnu/libmount.so.1.1.0
78+
COPY --from=debian /lib/x86_64-linux-gnu/libmount.so.1 /lib/x86_64-linux-gnu/libmount.so.1
79+
80+
# # We need /bin/sh for the if statement below.
81+
# COPY --from=debian /bin/sh /bin/sh
82+
# # Copy x86 shared libraries into distroless base.
83+
# RUN if ["$(TARGETPLATFORM)" = "amd64" ]; then \
84+
# COPY --from=debian /lib/x86_64-linux-gnu/libselinux.so.1 /lib/x86_64-linux-gnu/libselinux.so.1 && \
85+
# COPY --from=debian /lib/x86_64-linux-gnu/libblkid.so.1 /lib/x86_64-linux-gnu/libblkid.so.1 && \
86+
# COPY --from=debian /lib/x86_64-linux-gnu/libuuid.so.1.3.0 /lib/x86_64-linux-gnu/libuuid.so.1.3.0 && \
87+
# COPY --from=debian /lib/x86_64-linux-gnu/libuuid.so.1 /lib/x86_64-linux-gnu/libuuid.so.1 && \
88+
# COPY --from=debian /lib/x86_64-linux-gnu/libext2fs.so.2.4 /lib/x86_64-linux-gnu/libext2fs.so.2.4 && \
89+
# COPY --from=debian /lib/x86_64-linux-gnu/libext2fs.so.2 /lib/x86_64-linux-gnu/libext2fs.so.2 && \
90+
# COPY --from=debian /lib/x86_64-linux-gnu/libcom_err.so.2 /lib/x86_64-linux-gnu/libcom_err.so.2 && \
91+
# COPY --from=debian /lib/x86_64-linux-gnu/libcom_err.so.2.1 /lib/x86_64-linux-gnu/libcom_err.so.2.1 && \
92+
# COPY --from=debian /lib/x86_64-linux-gnu/libreadline.so.5 /lib/x86_64-linux-gnu/libreadline.so.5 && \
93+
# COPY --from=debian /lib/x86_64-linux-gnu/libreadline.so.5.2 /lib/x86_64-linux-gnu/libreadline.so.5.2 && \
94+
# COPY --from=debian /lib/x86_64-linux-gnu/libpcre.so.3 /lib/x86_64-linux-gnu/libpcre.so.3 && \
95+
# COPY --from=debian /lib/x86_64-linux-gnu/libpcre.so.3.13.3 /lib/x86_64-linux-gnu/libpcre.so.3.13.3 && \
96+
# COPY --from=debian /lib/x86_64-linux-gnu/libtinfo.so.6 /lib/x86_64-linux-gnu/libtinfo.so.6 && \
97+
# COPY --from=debian /lib/x86_64-linux-gnu/libtinfo.so.6.1 /lib/x86_64-linux-gnu/libtinfo.so.6.1 && \
98+
# COPY --from=debian /lib/x86_64-linux-gnu/libe2p.so.2 /lib/x86_64-linux-gnu/libe2p.so.2 && \
99+
# COPY --from=debian /lib/x86_64-linux-gnu/libe2p.so.2.3 /lib/x86_64-linux-gnu/libe2p.so.2.3 && \
100+
# COPY --from=debian /lib/x86_64-linux-gnu/libmount.so.1.1.0 /lib/x86_64-linux-gnu/libmount.so.1.1.0 && \
101+
# COPY --from=debian /lib/x86_64-linux-gnu/libmount.so.1 /lib/x86_64-linux-gnu/libmount.so.1 /; \
102+
# fi
103+
104+
ENTRYPOINT ["/gce-pd-csi-driver"]

0 commit comments

Comments
 (0)