From 22587b2366a1fa25e3945e2714e1e359951c0704 Mon Sep 17 00:00:00 2001 From: SonicDeathMonkey Date: Thu, 21 Jan 2021 13:17:18 -0700 Subject: [PATCH 1/4] 5.5.3 port --- Dockerfile | 24 +++++++++---------- hardening_manifest.yaml | 23 +++++++++--------- .../etc/confluent/docker/configure | 0 .../etc/confluent/docker/ensure | 0 .../docker/kafka.properties.template | 0 .../etc/confluent/docker/launch | 0 .../docker/log4j.properties.template | 0 {include => scripts}/etc/confluent/docker/run | 0 .../docker/tools-log4j.properties.template | 0 9 files changed, 24 insertions(+), 23 deletions(-) rename {include => scripts}/etc/confluent/docker/configure (100%) rename {include => scripts}/etc/confluent/docker/ensure (100%) rename {include => scripts}/etc/confluent/docker/kafka.properties.template (100%) rename {include => scripts}/etc/confluent/docker/launch (100%) rename {include => scripts}/etc/confluent/docker/log4j.properties.template (100%) rename {include => scripts}/etc/confluent/docker/run (100%) rename {include => scripts}/etc/confluent/docker/tools-log4j.properties.template (100%) diff --git a/Dockerfile b/Dockerfile index c5acfce..2a7374a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -56,18 +56,18 @@ RUN dnf install -y openssl tar procps iputils hostname \ ## dub installed ######################################## -RUN mkdir -p /etc/confluent/docker /usr/logs \ - && useradd --no-log-init --create-home --shell /bin/bash appuser \ - && chown appuser:appuser -R /etc/confluent/ /usr/logs +RUN mkdir -p /etc/confluent/docker /usr/logs /licenses \ + && useradd --no-log-init --create-home --shell /bin/bash appuser -ADD --chown=appuser:appuser cp-base-new-5.5.2_doc.tar.gz /usr/share/doc/cp-base-new/ -ADD --chown=appuser:appuser cp-base-new-5.5.2_java.tar.gz /usr/share/java/cp-base-new/ - -COPY --chown=appuser:appuser include/etc/confluent/docker /etc/confluent/docker - -RUN mkdir /licenses +COPY --chown=appuser:appuser cp-base-new-5.5.2_doc.tar.gz /usr/share/doc/cp-base-new/ +COPY --chown=appuser:appuser cp-base-new-5.5.3_java.tar.gz /usr/share/java/cp-base-new/ +COPY --chown=appuser:appuser scripts/etc/confluent/docker /etc/confluent/docker COPY license.txt /licenses +RUN chown appuser:appuser -R /etc/confluent/ /usr/logs \ + && cd /usr/share/doc/cp-base-new/ && tar -xvf cp-base-new-5.5.2_doc.tar.gz && rm cp-base-new-5.5.2_doc.tar.gz \ + && cd /usr/share/java/cp-base-new/ && tar -xvf cp-base-new-5.5.3_java.tar.gz && rm cp-base-new-5.5.3_java.tar.gz + ############ ^^^^^ Base Container Details ^^^^^ ############ ############################################################ ############ vvvvv This Container Below vvvvv ############ @@ -81,12 +81,12 @@ ENV KAFKA_ADVERTISED_LISTENERS=${KAFKA_ADVERTISED_LISTENERS} ENV COMPONENT=kafka # Copy in the RPMs we want to install -COPY ./confluent-kafka-2.12-5.5.2-1.noarch.rpm /tmp/confluent-kafka-2.12-5.5.2-1.noarch.rpm +COPY ./confluent-kafka-2.12-5.5.3-1.noarch.rpm /tmp/ USER root RUN echo "===> Installing ${COMPONENT}..." \ - && dnf install --nogpgcheck -y /tmp/confluent-kafka-2.12-5.5.2-1.noarch.rpm \ + && dnf install --nogpgcheck -y /tmp/confluent-kafka-2.12-5.5.3-1.noarch.rpm \ && dnf update -y \ && echo "===> clean up ..." \ && dnf update -y \ @@ -99,7 +99,7 @@ RUN echo "===> Installing ${COMPONENT}..." \ VOLUME ["/var/lib/${COMPONENT}/data", "/etc/${COMPONENT}/secrets"] -COPY --chown=appuser:appuser include/etc/confluent/docker /etc/confluent/docker +COPY --chown=appuser:appuser scripts/etc/confluent/docker /etc/confluent/docker # primary EXPOSE 9092 diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml index 8b02dad..0597bd2 100644 --- a/hardening_manifest.yaml +++ b/hardening_manifest.yaml @@ -8,7 +8,7 @@ name: "confluent/kafka/cp-kafka-5.5.x" # The most specific version should be the first tag and will be shown # on ironbank.dsop.io tags: -- "5.5.2" +- "5.5.3" - "5.5.x" - "5.5" @@ -22,9 +22,9 @@ labels: org.opencontainers.image.title: "cp-kafka-5.5.x" org.opencontainers.image.description: "Confluent Platform Kafka." org.opencontainers.image.licenses: "CONFLUENT ENTERPRISE LICENSE" - org.opencontainers.image.url: "https://docs.confluent.io/5.5.2/installation/docker/image-reference.html#image-reference" + org.opencontainers.image.url: "https://docs.confluent.io/5.5.3/installation/docker/image-reference.html#image-reference" org.opencontainers.image.vendor: "Confluent" - org.opencontainers.image.version: "5.5.2" + org.opencontainers.image.version: "5.5.3" mil.dso.ironbank.image.keywords: "confluent,kafka,zookeeper" mil.dso.ironbank.image.type: "commercial" mil.dso.ironbank.product.name: "Confluent Platform" @@ -236,11 +236,6 @@ resources: validation: type: sha256 value: fce7fc47dfc976152e82d53ff92fa0407700c21acd20886a13777a0d20e655dc -- filename: confluent-kafka-2.12-5.5.2-1.noarch.rpm - url: https://packages.confluent.io/rpm/5.5/confluent-kafka-2.12-5.5.2-1.noarch.rpm - validation: - type: sha256 - value: a65232ad4ee53acdc54fbe394c636caa956b7c17302c1631289b110be51ff2b4 - filename: confluent_docker_utils-0.0.40-py3-none-any.whl url: https://ironbank-files.s3.amazonaws.com/confluent_docker_utils-0.0.40-py3-none-any.whl validation: @@ -251,11 +246,17 @@ resources: validation: type: sha256 value: a9f0dde812daa1e9d0c20a092c03e099f75786493ea6eb6e8fb56e358a57710d -- filename: cp-base-new-5.5.2_java.tar.gz - url: https://ironbank-files.s3.amazonaws.com/cp-base-new-5.5.2_java.tar.gz +- filename: cp-base-new-5.5.3_java.tar.gz + url: https://ironbank-files.s3.amazonaws.com/cp-base-new-5.5.3_java.tar.gz + validation: + type: sha256 + value: 50605f8df545b6914fc96567be5c00bfc402d97a3cd888b456d62dc523cc8c47 +- filename: confluent-kafka-5.5.3-1.noarch.rpm + url: https://packages.confluent.io/rpm/5.5/confluent-kafka-2.12-5.5.3-1.noarch.rpm validation: type: sha256 - value: 4f3c6d93c5b3e80d318dccc6f82a2bc6c8ea14ddd13e6f06842081fef62f2061 + value: 33f8bd99f08bb4cfb50c989acca0af04c4369b136a48409617cca741dcf9fa27 + # List of project maintainers maintainers: diff --git a/include/etc/confluent/docker/configure b/scripts/etc/confluent/docker/configure similarity index 100% rename from include/etc/confluent/docker/configure rename to scripts/etc/confluent/docker/configure diff --git a/include/etc/confluent/docker/ensure b/scripts/etc/confluent/docker/ensure similarity index 100% rename from include/etc/confluent/docker/ensure rename to scripts/etc/confluent/docker/ensure diff --git a/include/etc/confluent/docker/kafka.properties.template b/scripts/etc/confluent/docker/kafka.properties.template similarity index 100% rename from include/etc/confluent/docker/kafka.properties.template rename to scripts/etc/confluent/docker/kafka.properties.template diff --git a/include/etc/confluent/docker/launch b/scripts/etc/confluent/docker/launch similarity index 100% rename from include/etc/confluent/docker/launch rename to scripts/etc/confluent/docker/launch diff --git a/include/etc/confluent/docker/log4j.properties.template b/scripts/etc/confluent/docker/log4j.properties.template similarity index 100% rename from include/etc/confluent/docker/log4j.properties.template rename to scripts/etc/confluent/docker/log4j.properties.template diff --git a/include/etc/confluent/docker/run b/scripts/etc/confluent/docker/run similarity index 100% rename from include/etc/confluent/docker/run rename to scripts/etc/confluent/docker/run diff --git a/include/etc/confluent/docker/tools-log4j.properties.template b/scripts/etc/confluent/docker/tools-log4j.properties.template similarity index 100% rename from include/etc/confluent/docker/tools-log4j.properties.template rename to scripts/etc/confluent/docker/tools-log4j.properties.template -- GitLab From 84102451428468a8c6fd3d44d56f6fa666a9f75a Mon Sep 17 00:00:00 2001 From: SonicDeathMonkey Date: Thu, 21 Jan 2021 14:28:07 -0700 Subject: [PATCH 2/4] take two --- hardening_manifest.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml index 0597bd2..12f203e 100644 --- a/hardening_manifest.yaml +++ b/hardening_manifest.yaml @@ -251,7 +251,7 @@ resources: validation: type: sha256 value: 50605f8df545b6914fc96567be5c00bfc402d97a3cd888b456d62dc523cc8c47 -- filename: confluent-kafka-5.5.3-1.noarch.rpm +- filename: confluent-kafka-2.12-5.5.3-1.noarch.rpm url: https://packages.confluent.io/rpm/5.5/confluent-kafka-2.12-5.5.3-1.noarch.rpm validation: type: sha256 -- GitLab From 2975d6a8b523f471c17b1b4a78b6f3af98c63d34 Mon Sep 17 00:00:00 2001 From: SonicDeathMonkey Date: Mon, 25 Jan 2021 15:33:39 -0700 Subject: [PATCH 3/4] image name updates --- hardening_manifest.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml index 12f203e..cea20c0 100644 --- a/hardening_manifest.yaml +++ b/hardening_manifest.yaml @@ -2,7 +2,7 @@ apiVersion: v1 # The repository name in registry1, excluding /ironbank/ -name: "confluent/kafka/cp-kafka-5.5.x" +name: "confluent/cp-kafka" # List of tags to push for the repository in registry1 # The most specific version should be the first tag and will be shown @@ -19,7 +19,7 @@ args: # Docker image labels labels: - org.opencontainers.image.title: "cp-kafka-5.5.x" + org.opencontainers.image.title: "cp-kafka" org.opencontainers.image.description: "Confluent Platform Kafka." org.opencontainers.image.licenses: "CONFLUENT ENTERPRISE LICENSE" org.opencontainers.image.url: "https://docs.confluent.io/5.5.3/installation/docker/image-reference.html#image-reference" -- GitLab From daf2500c35e4c4eace625b7c4fb4a9dc82756412 Mon Sep 17 00:00:00 2001 From: SonicDeathMonkey Date: Tue, 26 Jan 2021 07:33:24 -0700 Subject: [PATCH 4/4] revert --- hardening_manifest.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml index cea20c0..12f203e 100644 --- a/hardening_manifest.yaml +++ b/hardening_manifest.yaml @@ -2,7 +2,7 @@ apiVersion: v1 # The repository name in registry1, excluding /ironbank/ -name: "confluent/cp-kafka" +name: "confluent/kafka/cp-kafka-5.5.x" # List of tags to push for the repository in registry1 # The most specific version should be the first tag and will be shown @@ -19,7 +19,7 @@ args: # Docker image labels labels: - org.opencontainers.image.title: "cp-kafka" + org.opencontainers.image.title: "cp-kafka-5.5.x" org.opencontainers.image.description: "Confluent Platform Kafka." org.opencontainers.image.licenses: "CONFLUENT ENTERPRISE LICENSE" org.opencontainers.image.url: "https://docs.confluent.io/5.5.3/installation/docker/image-reference.html#image-reference" -- GitLab