github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-09-02 15:15:17 +00:00
Code Issues Projects Releases Wiki Activity

chore(docker): remove UBI

Browse Source 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
This commit is contained in:
Leonardo Grasso
2023-08-04 14:59:52 +02:00
committed by poiana
parent 120a3accc8
commit e3be7a7309
2 changed files with 0 additions and 85 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
docker/ubi/Dockerfile
View File

@@ -1,46 +0,0 @@
ARG UBI_VERSION=latest
FROM registry.access.redhat.com/ubi8/ubi:${UBI_VERSION}
ARG FALCO_VERSION
RUN test -n "$FALCO_VERSION" || (echo "FALCO_VERSION not set" && false)
ENV FALCO_VERSION=${FALCO_VERSION}
LABEL "name"="Falco Runtime Security"
LABEL "vendor"="Falco"
LABEL "version"="${FALCO_VERSION}"
LABEL "release"="${FALCO_VERSION}"
LABEL "ubi-version"="${UBI_VERSION}"
LABEL "summary"="Falco is a security policy engine that monitors system calls and cloud events, and fires alerts when security policies are violated."
LABEL "description"="Falco is a security policy engine that monitors system calls and cloud events, and fires alerts when security policies are violated."
LABEL "io.k8s.display-name"="Falco"
LABEL "io.k8s.description"="Falco is a security policy engine that monitors system calls and cloud events, and fires alerts when security policies are violated."
LABEL maintainer="cncf-falco-dev@lists.cncf.io"
LABEL org.opencontainers.image.source="https://github.com/falcosecurity/falco"
LABEL usage="docker run -i -t --privileged -v /var/run/docker.sock:/host/var/run/docker.sock -v /dev:/host/dev -v /proc:/host/proc:ro -v /boot:/host/boot:ro -v /lib/modules:/host/lib/modules:ro -v /usr:/host/usr:ro -v /etc:/host/etc --name NAME IMAGE"
ENV HOST_ROOT /host
ENV HOME /root
RUN dnf -y update && \
dnf -y install \
curl \
make \
cmake \
gcc \
llvm-toolset \
clang \
kmod \
&& dnf -y clean all ; rm -rf /var/cache/{dnf,yum}
RUN mkdir /build && cd /build/ && curl --remote-name-all -L https://github.com/dell/dkms/archive/refs/tags/v3.0.3.tar.gz && \
tar xvf v3.0.3.tar.gz && cd dkms-3.0.3 && make install-redhat && rm -rf /build
RUN mkdir /deploy && cd /deploy/ && curl --remote-name-all -L https://download.falco.org/packages/bin/$(uname -m)/falco-${FALCO_VERSION}-$(uname -m).tar.gz && \
cd / && tar --strip-components=1 -xvf /deploy/falco-${FALCO_VERSION}-$(uname -m).tar.gz && \
rm -rf /deploy
COPY ./docker-entrypoint.sh /
ENTRYPOINT ["/docker-entrypoint.sh"]
CMD ["/usr/bin/falco"]

39
docker/ubi/docker-entrypoint.sh
View File

@@ -1,39 +0,0 @@
#!/bin/bash
#
# Copyright (C) 2022 The Falco Authors.
#
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# Set the SKIP_DRIVER_LOADER variable to skip loading the driver
if [[ -z "${SKIP_DRIVER_LOADER}" ]]; then
# Required by dkms to find the required dependencies on RedHat UBI
rm -fr /usr/src/kernels/ && rm -fr /usr/src/debug/
rm -fr /lib/modules && ln -s $HOST_ROOT/lib/modules /lib/modules
rm -fr /boot && ln -s $HOST_ROOT/boot /boot
echo "* Setting up /usr/src links from host"
for i in "$HOST_ROOT/usr/src"/*
do
base=$(basename "$i")
ln -s "$i" "/usr/src/$base"
done
/usr/bin/falco-driver-loader
fi
exec "$@"