Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: replace the base image UBI-minimal by UBI-micro #6662

Closed
wants to merge 1 commit into from
Closed

chore: replace the base image UBI-minimal by UBI-micro #6662

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion images/custom-scorecard-tests/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ COPY . .
RUN GOOS=linux GOARCH=$TARGETARCH make build/custom-scorecard-tests

# Final image.
FROM registry.access.redhat.com/ubi8/ubi-minimal:8.9
FROM registry.access.redhat.com/ubi8/ubi-micro:8.9

ENV HOME=/opt/custom-scorecard-tests \
USER_NAME=custom-scorecard-tests \
Expand Down
2 changes: 1 addition & 1 deletion images/helm-operator/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ COPY . .
RUN GOOS=linux GOARCH=$TARGETARCH make build/helm-operator

# Final image.
FROM registry.access.redhat.com/ubi8/ubi-minimal:8.9
FROM registry.access.redhat.com/ubi8/ubi-micro:8.9

ENV HOME=/opt/helm \
USER_NAME=helm \
Expand Down
13 changes: 1 addition & 12 deletions images/operator-sdk/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,18 +17,7 @@ COPY . .
RUN GOOS=linux GOARCH=$TARGETARCH make build/operator-sdk

# Final image.
FROM registry.access.redhat.com/ubi8/ubi-minimal:8.9

ENV GO_VERSION 1.19

ARG TARGETARCH
RUN microdnf install -y make gcc which tar gzip
RUN curl -sSLo /tmp/go.tar.gz https://golang.org/dl/go${GO_VERSION}.linux-${TARGETARCH}.tar.gz \
&& rm -rf /usr/local/go \
&& tar -C /usr/local -xzf /tmp/go.tar.gz \
&& ln -sf /usr/local/go/bin/* /usr/local/bin/ \
&& rm -f /tmp/go.tar.gz \
&& go version
Comment on lines -22 to -31
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you elaborate on why this was removed?

I believe that Go is required to be present in the final image due to the go plugin running things like go mod tidy at the end of scaffolding of files. Without Go being present in the final image, using this image will fail to scaffold Go based operator projects.

I believe that the ubi micro images don't include a package manager so we might be able to COPY --from=builder ... the necessary stuff to have Go "installed" in the final image.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That should be removed from the runtime not the builder image. go mod tidy should be run at build time in the builder image. Is that not the case?
If I understand you correctly you are saying that the same image is used for build and run time. If that's the case it should get split for introducing UBI-micro. Adding golang, tar would kill the purpose (reducing the attack surface) of the exercise.

Copy link
Contributor

@everettraven everettraven Jan 22, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

go mod tidy should be run at build time in the builder image. Is that not the case?

The go mod tidy operation that I am referring to is run as part of the scaffolding logic that gets run when you are creating a new Go based operator project using operator-sdk init .... Due to this, Go must be installed in the final image.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am probably missing the target. For golang operator there is in kubebuilder:
FROM gcr.io/distroless/static:nonroot
this gets replaced in operator-sdk so that operator-sdk init generates (without removing the comment about distroless :-) )
FROM registry.access.redhat.com/ubi8/ubi-minimal:8.8
This is where I would like to see ubi-micro.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That replacement should only occur in an operator scaffolded with the OpenShift version of the operator-sdk and not the community (operator-framework) version of the operator-sdk.

FROM registry.access.redhat.com/ubi8/ubi-micro:8.9

COPY --from=builder /workspace/build/operator-sdk /usr/local/bin/operator-sdk

Expand Down
2 changes: 1 addition & 1 deletion images/scorecard-test/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ COPY . .
RUN GOOS=linux GOARCH=$TARGETARCH make build/scorecard-test

# Final image.
FROM registry.access.redhat.com/ubi8/ubi-minimal:8.9
FROM registry.access.redhat.com/ubi8/ubi-micro:8.9

ENV HOME=/opt/scorecard-test \
USER_NAME=scorecard-test \
Expand Down
2 changes: 1 addition & 1 deletion images/scorecard-untar/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM registry.access.redhat.com/ubi8:8.7
FROM registry.access.redhat.com/ubi8/ubi-micro:8.9

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

does ubi-micro include the tar command? scorecard uses this image in container within a Pod for untaring bundle contents using the tar command. Without the tar command present in this image, I believe scorecard will always fail.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe we should not migrate scorecard to UBI-Micro. It is not that important as it does not end up as a base image of the end product operator.
To answer your question: tar is not included in ubi-micro.

## Create a new non-root user to run as
ENV HOME=/opt/scorecard-untar \
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v3/memcached-operator/Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ endif

# Set the Operator SDK version to use. By default, what is installed on the system is used.
# This is useful for CI or a project to utilize a specific version of the operator-sdk toolkit.
OPERATOR_SDK_VERSION ?= v1.32.0
OPERATOR_SDK_VERSION ?= v1.33.0

# Image URL to use all building/pushing image targets
IMG ?= controller:latest
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v3/memcached-operator/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,7 @@ More information can be found via the [Kubebuilder Documentation](https://book.k

## License

Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v3/memcached-operator/api/v1alpha1/groupversion_info.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v3/memcached-operator/api/v1alpha1/memcached_types.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v3/memcached-operator/api/v1alpha1/memcached_webhook.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v3/memcached-operator/api/v1alpha1/webhook_suite_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v3/memcached-operator/api/v1alpha1/zz_generated.deepcopy.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion testdata/go/v3/memcached-operator/controllers/memcached_controller.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v3/memcached-operator/controllers/memcached_controller_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v3/memcached-operator/controllers/suite_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v3/memcached-operator/hack/boilerplate.go.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v3/memcached-operator/main.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v3/monitoring/memcached-operator/Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ endif

# Set the Operator SDK version to use. By default, what is installed on the system is used.
# This is useful for CI or a project to utilize a specific version of the operator-sdk toolkit.
OPERATOR_SDK_VERSION ?= v1.32.0
OPERATOR_SDK_VERSION ?= v1.33.0

# Image URL to use all building/pushing image targets
IMG ?= controller:latest
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v3/monitoring/memcached-operator/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,7 @@ More information can be found via the [Kubebuilder Documentation](https://book.k

## License

Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v3/monitoring/memcached-operator/api/v1alpha1/groupversion_info.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v3/monitoring/memcached-operator/api/v1alpha1/memcached_types.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v3/monitoring/memcached-operator/api/v1alpha1/memcached_webhook.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v3/monitoring/memcached-operator/api/v1alpha1/webhook_suite_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v3/monitoring/memcached-operator/api/v1alpha1/zz_generated.deepcopy.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion testdata/go/v3/monitoring/memcached-operator/controllers/memcached_controller.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v3/monitoring/memcached-operator/controllers/memcached_controller_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v3/monitoring/memcached-operator/controllers/suite_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v3/monitoring/memcached-operator/hack/boilerplate.go.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v3/monitoring/memcached-operator/main.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v3/monitoring/memcached-operator/monitoring/alerts.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v3/monitoring/memcached-operator/monitoring/metrics.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v3/monitoring/memcached-operator/monitoring/metricsdocs/metricsdocs.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v3/monitoring/memcached-operator/monitoring/prom-rule-ci/rule-spec-dumper.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v4/memcached-operator/Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ endif

# Set the Operator SDK version to use. By default, what is installed on the system is used.
# This is useful for CI or a project to utilize a specific version of the operator-sdk toolkit.
OPERATOR_SDK_VERSION ?= v1.32.0
OPERATOR_SDK_VERSION ?= v1.33.0

# Image URL to use all building/pushing image targets
IMG ?= controller:latest
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v4/memcached-operator/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,7 @@ More information can be found via the [Kubebuilder Documentation](https://book.k

## License

Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v4/memcached-operator/api/v1alpha1/groupversion_info.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v4/memcached-operator/api/v1alpha1/memcached_types.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v4/memcached-operator/api/v1alpha1/memcached_webhook.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v4/memcached-operator/api/v1alpha1/webhook_suite_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v4/memcached-operator/api/v1alpha1/zz_generated.deepcopy.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion testdata/go/v4/memcached-operator/cmd/main.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v4/memcached-operator/hack/boilerplate.go.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v4/memcached-operator/internal/controller/memcached_controller.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v4/memcached-operator/internal/controller/memcached_controller_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v4/memcached-operator/internal/controller/suite_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v4/monitoring/memcached-operator/Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ endif

# Set the Operator SDK version to use. By default, what is installed on the system is used.
# This is useful for CI or a project to utilize a specific version of the operator-sdk toolkit.
OPERATOR_SDK_VERSION ?= v1.32.0
OPERATOR_SDK_VERSION ?= v1.33.0

# Image URL to use all building/pushing image targets
IMG ?= controller:latest
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v4/monitoring/memcached-operator/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,7 @@ More information can be found via the [Kubebuilder Documentation](https://book.k

## License

Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v4/monitoring/memcached-operator/api/v1alpha1/groupversion_info.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v4/monitoring/memcached-operator/api/v1alpha1/memcached_types.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v4/monitoring/memcached-operator/api/v1alpha1/memcached_webhook.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion testdata/go/v4/monitoring/memcached-operator/api/v1alpha1/webhook_suite_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
Copyright 2023.
Copyright 2024.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
Loading
Loading