Skip to content

Commit

Permalink
Set unprivileged user to container image (open-telemetry#2838)
Browse files Browse the repository at this point in the history
* Set unprivileged user to container image

Signed-off-by: Juraci Paixão Kröhling <juraci@kroehling.de>

* Set alpine version to 3.13

Signed-off-by: Juraci Paixão Kröhling <juraci@kroehling.de>
  • Loading branch information
jpkrohling authored and pjanotti committed Apr 6, 2021
1 parent aa04e81 commit 4e0f358
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 4 deletions.
10 changes: 7 additions & 3 deletions cmd/otelcol/Dockerfile
Original file line number Diff line number Diff line change
@@ -1,16 +1,20 @@
FROM alpine:3.12 as certs
FROM alpine:3.13 as certs
RUN apk --update add ca-certificates

FROM alpine:3.12 AS otelcol
FROM alpine:3.13 AS otelcol
COPY otelcol /
# Note that this shouldn't be necessary, but in some cases the file seems to be
# copied with the execute bit lost (see #1317)
RUN chmod 755 /otelcol

FROM scratch

ARG USER_UID=10001
USER ${USER_UID}

COPY --from=certs /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
COPY --from=otelcol /otelcol /
COPY config.yaml /etc/otel/config.yaml
ENTRYPOINT ["/otelcol"]
CMD ["--config", "/etc/otel/config.yaml"]
EXPOSE 55678 55679
EXPOSE 4317 55678 55679
2 changes: 1 addition & 1 deletion examples/demo/app/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
FROM golang:1.14
FROM golang:1.16
COPY . /usr/src/app/
WORKDIR /usr/src/app/
RUN go env -w GOPROXY=direct
Expand Down

0 comments on commit 4e0f358

Please sign in to comment.