mirror of
https://github.com/kata-containers/kata-containers.git
synced 2026-07-02 07:02:16 +00:00
Build kata-monitor images by extracting the binary from the shim-v2-go tarball and shipping it on top of gcr.io/distroless/static-debian13. Because the binary is built inside an Ubuntu (glibc) toolchain it cannot run on a pure musl/alpine base — users hit __fprintf_chk / __vfprintf_chk relocation errors. To get a small, distroless runtime image we use the same pattern as tools/packaging/kata-deploy/Dockerfile: copy the glibc libraries the binary needs (plus the dynamic linker) via ldd from a glibc base image. In order to do so, we also added a helper script to build and publish architecture-specific monitor images from tarball artifacts. Reported-by: Steve Linde <stevenlinde@google.com> Signed-off-by: Fabiano Fidêncio <ffidencio@nvidia.com> Assisted-by: OpenAI Codex <codex@openai.com>