mirror of
https://github.com/falcosecurity/falco.git
synced 2025-07-11 05:33:33 +00:00
fix(docker): adapt dockerfiles to HOST_ROOT env var
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
This commit is contained in:
Leonardo Di Donato
Lorenzo Fontana
parent
17bc344381
commit
3e9ebfb354
@ -6,7 +6,7 @@ ENV FALCO_REPOSITORY dev
|
||||
|
||||
LABEL RUN="docker run -i -t -v /var/run/docker.sock:/host/var/run/docker.sock -v /dev:/host/dev -v /proc:/host/proc:ro -v /boot:/host/boot:ro -v /lib/modules:/host/lib/modules:ro -v /usr:/host/usr:ro --name NAME IMAGE"
|
||||
|
||||
ENV SYSDIG_HOST_ROOT /host
|
||||
ENV HOST_ROOT /host
|
||||
|
||||
ENV HOME /root
|
||||
|
||||
@ -91,7 +91,7 @@ RUN sed -e 's/time_format_iso_8601: false/time_format_iso_8601: true/' < /etc/fa
|
||||
# If it's not empty, docker build will fail instead of
|
||||
# silently overwriting the existing directory
|
||||
RUN rm -df /lib/modules \
|
||||
&& ln -s $SYSDIG_HOST_ROOT/lib/modules /lib/modules
|
||||
&& ln -s $HOST_ROOT/lib/modules /lib/modules
|
||||
|
||||
# debian:unstable head contains binutils 2.31, which generates
|
||||
# binaries that are incompatible with kernels < 4.16. So manually
|
||||
|
||||
@ -7,7 +7,7 @@ ARG FALCO_VERSION=
|
||||
RUN test -n FALCO_VERSION
|
||||
ENV FALCO_VERSION ${FALCO_VERSION}
|
||||
|
||||
ENV SYSDIG_HOST_ROOT /host
|
||||
ENV HOST_ROOT /host
|
||||
|
||||
ENV HOME /root
|
||||
|
||||
@ -89,7 +89,7 @@ RUN rm -rf /usr/bin/clang \
|
||||
# If it's not empty, docker build will fail instead of
|
||||
# silently overwriting the existing directory
|
||||
RUN rm -df /lib/modules \
|
||||
&& ln -s $SYSDIG_HOST_ROOT/lib/modules /lib/modules
|
||||
&& ln -s $HOST_ROOT/lib/modules /lib/modules
|
||||
|
||||
ADD falco-${FALCO_VERSION}-x86_64.deb /
|
||||
RUN dpkg -i /falco-${FALCO_VERSION}-x86_64.deb
|
||||
|
||||
@ -12,7 +12,7 @@ LABEL name="falco" \
|
||||
|
||||
COPY help.md /tmp/
|
||||
|
||||
ENV SYSDIG_HOST_ROOT /host
|
||||
ENV HOST_ROOT /host
|
||||
ENV HOME /root
|
||||
|
||||
ADD http://download.draios.com/stable/rpm/draios.repo /etc/yum.repos.d/draios.repo
|
||||
@ -28,7 +28,7 @@ RUN rpm --import https://s3.amazonaws.com/download.draios.com/DRAIOS-GPG-KEY.pub
|
||||
go-md2man -in /tmp/help.md -out /help.1 && \
|
||||
### we delete everything on /usr/src/kernels otherwise it messes up docker-entrypoint.sh
|
||||
rm -fr /usr/src/kernels && \
|
||||
rm -df /lib/modules && ln -s $SYSDIG_HOST_ROOT/lib/modules /lib/modules && \
|
||||
rm -df /lib/modules && ln -s $HOST_ROOT/lib/modules /lib/modules && \
|
||||
yum clean all
|
||||
|
||||
COPY ./docker-entrypoint.sh /
|
||||
|
||||
@ -6,7 +6,7 @@ ENV FALCO_REPOSITORY dev
|
||||
|
||||
LABEL RUN="docker run -i -t -v /var/run/docker.sock:/host/var/run/docker.sock -v /dev:/host/dev -v /proc:/host/proc:ro -v /boot:/host/boot:ro -v /lib/modules:/host/lib/modules:ro -v /usr:/host/usr:ro --name NAME IMAGE"
|
||||
|
||||
ENV SYSDIG_HOST_ROOT /host
|
||||
ENV HOST_ROOT /host
|
||||
|
||||
ENV HOME /root
|
||||
|
||||
@ -42,7 +42,7 @@ RUN sed -e 's/time_format_iso_8601: false/time_format_iso_8601: true/' < /etc/fa
|
||||
# If it's not empty, docker build will fail instead of
|
||||
# silently overwriting the existing directory
|
||||
RUN rm -df /lib/modules \
|
||||
&& ln -s $SYSDIG_HOST_ROOT/lib/modules /lib/modules
|
||||
&& ln -s $HOST_ROOT/lib/modules /lib/modules
|
||||
|
||||
#COPY ./entrypoint.sh /
|
||||
# ENTRYPOINT ["/entrypoint.sh"]
|
||||
|
||||
@ -6,7 +6,7 @@ ENV FALCO_REPOSITORY stable
|
||||
|
||||
LABEL RUN="docker run -i -t -v /var/run/docker.sock:/host/var/run/docker.sock -v /dev:/host/dev -v /proc:/host/proc:ro -v /boot:/host/boot:ro -v /lib/modules:/host/lib/modules:ro -v /usr:/host/usr:ro --name NAME IMAGE"
|
||||
|
||||
ENV SYSDIG_HOST_ROOT /host
|
||||
ENV HOST_ROOT /host
|
||||
|
||||
ENV HOME /root
|
||||
|
||||
@ -42,7 +42,7 @@ RUN sed -e 's/time_format_iso_8601: false/time_format_iso_8601: true/' < /etc/fa
|
||||
# If it's not empty, docker build will fail instead of
|
||||
# silently overwriting the existing directory
|
||||
RUN rm -df /lib/modules \
|
||||
&& ln -s $SYSDIG_HOST_ROOT/lib/modules /lib/modules
|
||||
&& ln -s $HOST_ROOT/lib/modules /lib/modules
|
||||
|
||||
#COPY ./entrypoint.sh /
|
||||
# ENTRYPOINT ["/entrypoint.sh"]
|
||||
|
||||
@ -6,7 +6,7 @@ ENV FALCO_REPOSITORY stable
|
||||
|
||||
LABEL RUN="docker run -i -t -v /var/run/docker.sock:/host/var/run/docker.sock -v /dev:/host/dev -v /proc:/host/proc:ro -v /boot:/host/boot:ro -v /lib/modules:/host/lib/modules:ro -v /usr:/host/usr:ro --name NAME IMAGE"
|
||||
|
||||
ENV SYSDIG_HOST_ROOT /host
|
||||
ENV HOST_ROOT /host
|
||||
|
||||
ENV HOME /root
|
||||
|
||||
@ -91,7 +91,7 @@ RUN sed -e 's/time_format_iso_8601: false/time_format_iso_8601: true/' < /etc/fa
|
||||
# If it's not empty, docker build will fail instead of
|
||||
# silently overwriting the existing directory
|
||||
RUN rm -df /lib/modules \
|
||||
&& ln -s $SYSDIG_HOST_ROOT/lib/modules /lib/modules
|
||||
&& ln -s $HOST_ROOT/lib/modules /lib/modules
|
||||
|
||||
# debian:unstable head contains binutils 2.31, which generates
|
||||
# binaries that are incompatible with kernels < 4.16. So manually
|
||||
|
||||
Loading…
Reference in New Issue
Block a user