Skip to content

etcd images: aspect of licensing/busybox #15034

New issue
New issue
Closed
Closed
etcd images: aspect of licensing/busybox#15034
Labels
type/feature
@ptabor

Description

@ptabor
ptabor
opened on Dec 21, 2022

What would you like to be added?

Follow up to #13556

Currently we generate images based on:

FROM --platform=linux/s390x busybox:1.34.1 as source
FROM --platform=linux/s390x gcr.io/distroless/base-debian11
...
RUN mkdir -p /var/etcd/
RUN mkdir -p /var/lib/etcd/
...
RUN echo 'hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4' >> /etc/nsswitch.conf

CMD ["/usr/local/bin/etcd"]

Seems that:

  1. We can use https://docs.docker.com/engine/reference/builder/#workdir to get rid of MKDIR
  2. We can copy the /etc/nsswitch.conf to avoid need for echo and bash redirect syntax (>>)
  3. I don't see other reasons to keep /bin/sh
  4. As etcd is statically compiled, we might not need base-debian11 image at all

Why is this needed?

To isolate from security and licensing problems.

Metadata

Metadata

Assignees

No one assigned

    Labels

    type/feature

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions