-
Notifications
You must be signed in to change notification settings - Fork 1k
/
Copy pathDockerfile.slim
62 lines (52 loc) · 2.61 KB
/
Dockerfile.slim
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
FROM python:3.12-alpine3.20
LABEL maintainer="[email protected]"
ARG TARGETARCH
ENV KUBECTL_DEFAULT_RELEASE=1.22.17
ENV KUBECTL_RELEASES="${KUBECTL_DEFAULT_RELEASE} 1.26.12 1.27.9 1.28.5 1.29.0"
ENV AWS_CLI_VERSION=2.15.57
ENV AWS_AIM_AUTHENTICATOR_VERSION=0.6.14
ENV GOOGLE_CLOUD_SDK_VERSION=476.0.0
ENV ECR_TOKEN_VERSION=v1.0.2
ENV PATH="$PATH:/usr/local/bin/:/opt/google-cloud-sdk/bin/:/usr/local/bin/aws-iam-authenticator"
RUN apk update \
&& apk upgrade \
&& apk --no-cache add --update \
bash \
ca-certificates \
curl \
wget \
openjdk17 \
git \
openssh-client \
unzip
# AWS CLI 2
RUN apk add aws-cli=${AWS_CLI_VERSION}-r0
# Google cloud SDK
RUN [ $TARGETARCH == 'amd64' ] && export GCP_ARCH="x86_64" || export GCP_ARCH="arm" \
&& wget -nv https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-sdk-${GOOGLE_CLOUD_SDK_VERSION}-linux-${GCP_ARCH}.tar.gz \
&& mkdir -p /opt && cd /opt \
&& tar -xzf /google-cloud-sdk-${GOOGLE_CLOUD_SDK_VERSION}-linux-${GCP_ARCH}.tar.gz \
&& rm /google-cloud-sdk-${GOOGLE_CLOUD_SDK_VERSION}-linux-${GCP_ARCH}.tar.gz \
&& CLOUDSDK_PYTHON="python3" /opt/google-cloud-sdk/install.sh --usage-reporting=false --bash-completion=false \
--additional-components app-engine-java app-engine-go gke-gcloud-auth-plugin \
&& rm -rf ~/.config/gcloud \
&& rm -rf /opt/google-cloud-sdk/.install/.backup
# kubectl + AWS IAM authenticator
RUN for version in $KUBECTL_RELEASES; do \
release_version=$(echo ${version} | cut -d. -f1,2); \
wget -nv https://cdn.dl.k8s.io/release/v${version}/bin/linux/${TARGETARCH}/kubectl -O /usr/local/bin/kubectl-${release_version}; \
chmod +x /usr/local/bin/kubectl-${release_version}; \
done \
&& ln -sf "/usr/local/bin/kubectl-$(echo ${KUBECTL_DEFAULT_RELEASE} | cut -d. -f1,2)" /usr/local/bin/kubectl \
&& wget -nv -O aws-iam-authenticator https://github.com/kubernetes-sigs/aws-iam-authenticator/releases/download/v${AWS_AIM_AUTHENTICATOR_VERSION}/aws-iam-authenticator_${AWS_AIM_AUTHENTICATOR_VERSION}_linux_${TARGETARCH} \
&& chmod +x ./aws-iam-authenticator \
&& mv ./aws-iam-authenticator /usr/local/bin/aws-iam-authenticator\
&& ln -sf /usr/local/bin/aws-iam-authenticator /usr/local/bin/heptio-authenticator-aws
RUN rm /var/cache/apk/*
RUN addgroup -S -g 10111 spinnaker
RUN adduser -S -G spinnaker -u 10111 spinnaker
COPY clouddriver-web/build/install/clouddriver /opt/clouddriver
RUN mkdir -p /opt/clouddriver/plugins && chown -R spinnaker:nogroup /opt/clouddriver/plugins
USER spinnaker
HEALTHCHECK CMD curl --fail http://localhost:7002/health
CMD ["/opt/clouddriver/bin/clouddriver"]