Skip to content

Commit

Permalink
[8.16] chore(NA): revert wolfi base os usage for cloud images (elasti…
Browse files Browse the repository at this point in the history
…c#204809)

This PR reverts the usage of wolfi base os on cloud images back to
ubuntu on 8.16 as discussed by the Eng Prod team.
  • Loading branch information
mistic authored Dec 19, 2024
1 parent 4125ba9 commit 690be37
Show file tree
Hide file tree
Showing 3 changed files with 8 additions and 8 deletions.
6 changes: 3 additions & 3 deletions src/dev/build/tasks/os_packages/create_os_package_tasks.ts
Original file line number Diff line number Diff line change
Expand Up @@ -148,14 +148,14 @@ export const CreateDockerCloud: Task = {
async run(config, log, build) {
await runDockerGenerator(config, log, build, {
architecture: 'x64',
baseImage: 'wolfi',
baseImage: 'ubuntu',
context: false,
cloud: true,
image: true,
});
await runDockerGenerator(config, log, build, {
architecture: 'aarch64',
baseImage: 'wolfi',
baseImage: 'ubuntu',
context: false,
cloud: true,
image: true,
Expand Down Expand Up @@ -205,7 +205,7 @@ export const CreateDockerContexts: Task = {
image: false,
});
await runDockerGenerator(config, log, build, {
baseImage: 'wolfi',
baseImage: 'ubuntu',
cloud: true,
context: true,
image: false,
Expand Down
2 changes: 1 addition & 1 deletion src/dev/build/tasks/os_packages/docker_generator/run.ts
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ export async function runDockerGenerator(

let imageFlavor = '';
if (flags.baseImage === 'ubi') imageFlavor += `-ubi`;
if (flags.baseImage === 'wolfi' && !flags.serverless && !flags.cloud) imageFlavor += `-wolfi`;
if (flags.baseImage === 'wolfi' && !flags.serverless) imageFlavor += `-wolfi`;
if (flags.ironbank) imageFlavor += '-ironbank';
if (flags.cloud) imageFlavor += '-cloud';
if (flags.serverless) imageFlavor += '-serverless';
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ RUN set -e ; \
make install > /dev/null ; \
rm -rf "/usr/share/kibana/openssl-${OPENSSL_VERSION}" ; \
chown -R 1000:0 "${OPENSSL_PATH}";

{{/fips}}
# Ensure that group permissions are the same as user permissions.
# This will help when relying on GID-0 to run Kibana, rather than UID-1000.
Expand Down Expand Up @@ -152,8 +152,8 @@ WORKDIR /usr/share/kibana
{{#fips}}

# Enable FIPS for Kibana only. In the future we can override OS wide with ENV OPENSSL_CONF
RUN /bin/echo -e '\n--enable-fips' >> config/node.options
RUN echo '--openssl-config=/usr/share/kibana/config/nodejs.cnf' >> config/node.options
RUN /usr/bin/echo -e '\n--enable-fips' >> config/node.options
RUN /usr/bin/echo '--openssl-config=/usr/share/kibana/config/nodejs.cnf' >> config/node.options
COPY --chown=1000:0 openssl/nodejs.cnf "/usr/share/kibana/config/nodejs.cnf"
ENV OPENSSL_MODULES=/usr/share/kibana/openssl/lib/ossl-modules
ENV XPACK_SECURITY_EXPERIMENTAL_FIPSMODE_ENABLED=true
Expand Down Expand Up @@ -231,7 +231,7 @@ ENTRYPOINT ["/bin/tini", "--"]
CMD ["/app/kibana.sh"]
# Generate a stub command that will be overwritten at runtime
RUN mkdir /app && \
/bin/echo -e '#!/bin/bash\nexec /usr/local/bin/kibana-docker' > /app/kibana.sh && \
/usr/bin/echo -e '#!/bin/bash\nexec /usr/local/bin/kibana-docker' > /app/kibana.sh && \
chmod 0555 /app/kibana.sh
{{/cloud}}

Expand Down

0 comments on commit 690be37

Please sign in to comment.