From 7a67ab0fd044d300029e4d8082807b56659493a9 Mon Sep 17 00:00:00 2001 From: "shen_vickie@bah.com" Date: Thu, 6 Aug 2020 18:02:36 -0400 Subject: [PATCH 1/3] added healthcheck --- Dockerfile | 5 ++++- renovate.json | 4 ++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 280fee1..4ad32ff 100644 --- a/Dockerfile +++ b/Dockerfile @@ -17,9 +17,12 @@ LABEL org.opencontainers.image.title="calico/node" \ RUN dnf upgrade -y && \ dnf clean all && \ rm -rf /var/cache/dnf -s + COPY --from=base /bin/calico-node /bin/calico-node USER nobody +HEALTHCHECK --interval=10s --timeout=1s --start-period=10s --retries=6 \ + CMD curl -f http://locahost:9099/liveness || exit 1 + CMD ["start_runit"] diff --git a/renovate.json b/renovate.json index 6233c75..f222f1f 100644 --- a/renovate.json +++ b/renovate.json @@ -7,7 +7,7 @@ "matchStrings": [ "version=\"(?.*?)\"" ], - "depNameTemplate": "quay.io/calico/node", + "depNameTemplate": "openpolicyagent/gatekeeper", "datasourceTemplate": "docker" }, { @@ -15,7 +15,7 @@ "matchStrings": [ "version:\\s+\"(?.*?)\"" ], - "depNameTemplate": "quay.io/calico/node", + "depNameTemplate": "openpolicyagent/gatekeeper", "datasourceTemplate": "docker" } ] -- GitLab From be139dae7f8e3a54bd78ae53aaac46a4aa1e2db7 Mon Sep 17 00:00:00 2001 From: "shen_vickie@bah.com" Date: Thu, 6 Aug 2020 18:08:10 -0400 Subject: [PATCH 2/3] updated base registry --- Dockerfile | 5 ++--- renovate.json | 4 ++-- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index 4ad32ff..b59c4ee 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,8 +1,7 @@ -ARG BASE_REGISTRY=nexus-docker-secure.levelup-dev.io -ARG BASE_IMAGE=ubi8 +ARG BASE_REGISTRY=registry1.dsop.io +ARG BASE_IMAGE=ironbank/redhat/ubi/ubi8 ARG BASE_TAG=8.2 - FROM quay.io/calico/node:v3.15.1 as base FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} diff --git a/renovate.json b/renovate.json index f222f1f..6233c75 100644 --- a/renovate.json +++ b/renovate.json @@ -7,7 +7,7 @@ "matchStrings": [ "version=\"(?.*?)\"" ], - "depNameTemplate": "openpolicyagent/gatekeeper", + "depNameTemplate": "quay.io/calico/node", "datasourceTemplate": "docker" }, { @@ -15,7 +15,7 @@ "matchStrings": [ "version:\\s+\"(?.*?)\"" ], - "depNameTemplate": "openpolicyagent/gatekeeper", + "depNameTemplate": "quay.io/calico/node", "datasourceTemplate": "docker" } ] -- GitLab From 3cef9d6190080a745ecfc8b46f9966cca2ba9ec4 Mon Sep 17 00:00:00 2001 From: "shen_vickie@bah.com" Date: Fri, 7 Aug 2020 13:46:16 -0400 Subject: [PATCH 3/3] dropped non-privilege user --- Dockerfile | 2 -- 1 file changed, 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index b59c4ee..1a36b3e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -19,8 +19,6 @@ RUN dnf upgrade -y && \ COPY --from=base /bin/calico-node /bin/calico-node -USER nobody - HEALTHCHECK --interval=10s --timeout=1s --start-period=10s --retries=6 \ CMD curl -f http://locahost:9099/liveness || exit 1 -- GitLab