diff --git a/pkg/metadata/Dockerfile b/pkg/metadata/Dockerfile index 6a82a8895..66ea12fa8 100644 --- a/pkg/metadata/Dockerfile +++ b/pkg/metadata/Dockerfile @@ -6,7 +6,7 @@ ENV GOPATH=/go PATH=$PATH:/go/bin COPY . /go/src/metadata/ RUN go-compile.sh /go/src/metadata -RUN mkdir -p out/tmp out/var out/dev out/etc out/etc/ssl/certs +RUN mkdir -p out/tmp out/var out/run out/dev out/etc out/etc/ssl/certs FROM scratch ENTRYPOINT [] @@ -15,4 +15,3 @@ WORKDIR / COPY --from=mirror /go/bin/metadata /usr/bin/metadata COPY --from=mirror /out/ / CMD ["/usr/bin/metadata"] -LABEL org.mobyproject.config='{"binds": ["/dev:/dev", "/var:/var", "/sys:/sys", "/etc/resolv.conf:/etc/resolv.conf", "/etc/ssl/certs:/etc/ssl/certs"], "tmpfs": ["/tmp"], "readonly": true, "capabilities": ["CAP_SYS_ADMIN", "CAP_NET_ADMIN"]}' diff --git a/pkg/metadata/build.yml b/pkg/metadata/build.yml index 60df83ac5..cf0f1d552 100644 --- a/pkg/metadata/build.yml +++ b/pkg/metadata/build.yml @@ -1 +1,15 @@ image: metadata +config: + binds: + - /dev:/dev + - /var:/var + - /run:/run + - /sys:/sys + - /etc/resolv.conf:/etc/resolv.conf + - /etc/ssl/certs:/etc/ssl/certs + tmpfs: + - /tmp + readonly: true + capabilities: + - CAP_SYS_ADMIN + - CAP_NET_ADMIN