1# Copyright 2022 Google LLC
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14
15# This Dockerfile builds a thin image containing the recorder binary
16ARG BUILDER_IMG
17
18# Build the recorder binary
19FROM ${BUILDER_IMG} AS builder
20
21# Prepare a directory containing the binary and other artifacts, and configure
22# any required permissions
23FROM alpine:latest AS packager
24WORKDIR /configconnector/
25COPY --from=builder /go/src/github.com/GoogleCloudPlatform/k8s-config-connector/recorder .
26COPY --from=builder /go/src/github.com/GoogleCloudPlatform/k8s-config-connector/THIRD_PARTY_NOTICES/ THIRD_PARTY_NOTICES/
27COPY --from=builder /go/src/github.com/GoogleCloudPlatform/k8s-config-connector/MIRRORED_LIBRARY_SOURCE/ MIRRORED_LIBRARY_SOURCE/
28
29# Set user with UID 1000 as the owner of the directory
30RUN chown 1000 /configconnector
31
32# Copy the directory into a thin, distroless image (go/gke-distroless)
33FROM gcr.io/gke-release/gke-distroless/static:gke_distroless_20230307.00_p0 AS final
34WORKDIR /configconnector/
35COPY --from=packager /configconnector /configconnector
36ENV PATH="/configconnector/:${PATH}"
37
38# Set the user to user with UID 1000 for subsequent commands
39USER 1000
40ENTRYPOINT ["./recorder"]
View as plain text