mirror of
https://github.com/falcosecurity/falco.git
synced 2025-08-02 06:52:10 +00:00
fix(docker): fixed small issues in the new images.
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
This commit is contained in:
Federico Di Pierro
poiana
parent
01ab1661c0
commit
77695ace72
@ -14,7 +14,7 @@ ENV VERSION_BUCKET=${VERSION_BUCKET}
|
||||
ENV HOST_ROOT /host
|
||||
ENV HOME /root
|
||||
|
||||
RUN apt-get -y update && apt-get -y install ca-certificates curl jq libelf1 ca-certificates \
|
||||
RUN apt-get -y update && apt-get -y install ca-certificates curl jq libelf1 ca-certificates gnupg2 \
|
||||
&& apt clean -y && rm -rf /var/lib/apt/lists/*
|
||||
|
||||
WORKDIR /
|
||||
@ -29,6 +29,6 @@ RUN curl -s https://falco.org/repo/falcosecurity-packages.asc | apt-key add - \
|
||||
# Falcoctl is not included here.
|
||||
RUN rm -rf /usr/bin/falcoctl /etc/falcoctl/
|
||||
|
||||
RUN sed -e -i 's/time_format_iso_8601: false/time_format_iso_8601: true/' < /etc/falco/falco.yaml
|
||||
RUN sed -i -e 's/time_format_iso_8601: false/time_format_iso_8601: true/' /etc/falco/falco.yaml
|
||||
|
||||
CMD ["/usr/bin/falco"]
|
||||
CMD ["/usr/bin/falco"]
|
||||
|
||||
@ -1,12 +1,20 @@
|
||||
FROM cgr.dev/chainguard/wolfi-base as builder
|
||||
FROM cgr.dev/chainguard/wolfi-base
|
||||
|
||||
LABEL maintainer="cncf-falco-dev@lists.cncf.io"
|
||||
LABEL org.opencontainers.image.source="https://github.com/falcosecurity/falco"
|
||||
|
||||
LABEL usage="docker run -i -t --privileged -v /var/run/docker.sock:/host/var/run/docker.sock -v /dev:/host/dev -v /proc:/host/proc:ro --name NAME IMAGE"
|
||||
# NOTE: for the "least privileged" use case, please refer to the official documentation
|
||||
|
||||
ARG FALCO_VERSION
|
||||
ARG VERSION_BUCKET=bin
|
||||
|
||||
ENV FALCO_VERSION=${FALCO_VERSION}
|
||||
ENV VERSION_BUCKET=${VERSION_BUCKET}
|
||||
ENV HOST_ROOT /host
|
||||
ENV HOME /root
|
||||
|
||||
RUN apk update && apk add curl ca-certificates jq libelf
|
||||
RUN apk update && apk add curl ca-certificates jq libelf libstdc++
|
||||
|
||||
WORKDIR /
|
||||
|
||||
@ -16,28 +24,13 @@ RUN FALCO_VERSION_URLENCODED=$(echo -n ${FALCO_VERSION}|jq -sRr @uri) && \
|
||||
tar -xvf falco.tar.gz && \
|
||||
rm -f falco.tar.gz && \
|
||||
mv falco-${FALCO_VERSION}-$(uname -m) falco && \
|
||||
rm -rf /falco/usr/src/falco-*
|
||||
rm -rf /falco/usr/src/falco-* && \
|
||||
cp -r /falco/* / && \
|
||||
rm -rf /falco
|
||||
|
||||
RUN sed -e 's/time_format_iso_8601: false/time_format_iso_8601: true/' < /falco/etc/falco/falco.yaml > /falco/etc/falco/falco.yaml.new \
|
||||
&& mv /falco/etc/falco/falco.yaml.new /falco/etc/falco/falco.yaml
|
||||
RUN sed -i -e 's/time_format_iso_8601: false/time_format_iso_8601: true/' /etc/falco/falco.yaml
|
||||
|
||||
# Falcoctl is not included here.
|
||||
RUN rm -rf /falco/usr/bin/falcoctl /falco/etc/falcoctl/
|
||||
RUN rm -rf /usr/bin/falcoctl /etc/falcoctl/
|
||||
|
||||
FROM cgr.dev/chainguard/wolfi-base
|
||||
|
||||
LABEL maintainer="cncf-falco-dev@lists.cncf.io"
|
||||
LABEL org.opencontainers.image.source="https://github.com/falcosecurity/falco"
|
||||
|
||||
LABEL usage="docker run -i -t --privileged -v /var/run/docker.sock:/host/var/run/docker.sock -v /dev:/host/dev -v /proc:/host/proc:ro --name NAME IMAGE"
|
||||
# NOTE: for the "least privileged" use case, please refer to the official documentation
|
||||
|
||||
RUN apk update && apk add curl ca-certificates jq libelf
|
||||
|
||||
ENV HOST_ROOT /host
|
||||
ENV HOME /root
|
||||
|
||||
USER root
|
||||
COPY --from=builder /falco /
|
||||
|
||||
CMD ["/usr/bin/falco"]
|
||||
CMD ["/usr/bin/falco"]
|
||||
|
||||
Loading…
Reference in New Issue
Block a user