From 8aa1eba29746ffe83367b7634fc7cb0b4f44c6db Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Emilio=20Alvarez=20Pi=C3=B1eiro?= <95703246+emilioalvap@users.noreply.github.com> Date: Thu, 31 Mar 2022 16:12:21 +0200 Subject: [PATCH] Unpack beats in elastic-agent docker image (#30873) Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> (cherry picked from commit 37e2649d837f26fffc9c063960909496bdb8ca89) --- dev-tools/packaging/packages.yml | 1 + .../templates/docker/Dockerfile.elastic-agent.tmpl | 14 +++++++++++++- 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/dev-tools/packaging/packages.yml b/dev-tools/packaging/packages.yml index 8bd34bd3853e..69242c0922c4 100644 --- a/dev-tools/packaging/packages.yml +++ b/dev-tools/packaging/packages.yml @@ -483,6 +483,7 @@ shared: user: '{{ .BeatName }}' linux_capabilities: '' image_name: '' + beats_install_path: "install" files: 'elastic-agent.yml': source: 'elastic-agent.docker.yml' diff --git a/dev-tools/packaging/templates/docker/Dockerfile.elastic-agent.tmpl b/dev-tools/packaging/templates/docker/Dockerfile.elastic-agent.tmpl index 97a371da7500..daedd570a6b1 100644 --- a/dev-tools/packaging/templates/docker/Dockerfile.elastic-agent.tmpl +++ b/dev-tools/packaging/templates/docker/Dockerfile.elastic-agent.tmpl @@ -27,7 +27,7 @@ FROM {{ .from }} ENV BEAT_SETUID_AS={{ .user }} {{- if contains .from "ubi-minimal" }} -RUN for iter in {1..10}; do microdnf update -y && microdnf install -y findutils shadow-utils && microdnf clean all && exit_code=0 && break || exit_code=$? && echo "microdnf error: retry $iter in 10s" && sleep 10; done; (exit $exit_code) +RUN for iter in {1..10}; do microdnf update -y && microdnf install -y tar gzip findutils shadow-utils && microdnf clean all && exit_code=0 && break || exit_code=$? && echo "microdnf error: retry $iter in 10s" && sleep 10; done; (exit $exit_code) {{- else }} RUN for iter in {1..10}; do \ apt-get update -y && \ @@ -161,6 +161,18 @@ RUN useradd -M --uid 1000 --gid 1000 --groups 0 --home {{ $beatHome }} {{ .user RUN chown {{ .user }} $NODE_PATH {{- end }} {{- end }} + +# Unpack beats to default install directory +RUN mkdir -p {{ $beatHome }}/data/{{.BeatName}}-{{ commit_short }}/{{ .beats_install_path }} && \ + for beatPath in {{ $beatHome }}/data/{{.BeatName}}-{{ commit_short }}/downloads/*.tar.gz; do \ + tar xf $beatPath -C {{ $beatHome }}/data/{{.BeatName}}-{{ commit_short }}/{{ .beats_install_path }}; \ + done && \ + chown -R {{ .user }}:{{ .user }} {{ $beatHome }}/data/{{.BeatName}}-{{ commit_short }}/{{ .beats_install_path }} && \ + chown -R root:root {{ $beatHome }}/data/{{.BeatName}}-{{ commit_short }}/{{ .beats_install_path }}/*/*.yml && \ + chmod 0644 {{ $beatHome }}/data/{{.BeatName}}-{{ commit_short }}/{{ .beats_install_path }}/*/*.yml && \ + # heartbeat requires cap_net_raw,cap_setuid to run ICMP checks and change npm user + setcap cap_net_raw,cap_setuid+p {{ $beatHome }}/data/{{.BeatName}}-{{ commit_short }}/{{ .beats_install_path }}/heartbeat-*/heartbeat + USER {{ .user }} {{- if (and (contains .image_name "-complete") (not (contains .from "ubi-minimal"))) }}