22c32a30e6
Currently we use couple of curl options throughout Dockerfiles, this change adds all common options to curlrc (-sSLf) and removes usage of those in Dockerfiles. Change-Id: I46b77978926fc2b578a68d1aaa944b2198af0685
33 lines
1.1 KiB
Django/Jinja
33 lines
1.1 KiB
Django/Jinja
FROM {{ namespace }}/{{ infra_image_prefix }}prometheus-base:{{ tag }}
|
|
{% block labels %}
|
|
LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build_date }}"
|
|
{% endblock %}
|
|
|
|
{% block prometheus_mtail_header %}{% endblock %}
|
|
|
|
{% if base_arch not in ['x86_64'] %}
|
|
|
|
RUN echo 'There are no mtail binaries for {{ base_arch }}' \
|
|
&& /bin/false
|
|
|
|
{% endif %}
|
|
|
|
{% block prometheus_mtail_version %}
|
|
ARG prometheus_mtail_version=v3.0.0-rc35
|
|
ARG prometheus_mtail_url=https://github.com/google/mtail/releases/download/${prometheus_mtail_version}/mtail_${prometheus_mtail_version}_linux_amd64
|
|
{% endblock %}
|
|
|
|
{% block prometheus_mtail_install %}
|
|
RUN curl -o /opt/mtail ${prometheus_mtail_url} \
|
|
&& chmod +x /opt/mtail
|
|
{% endblock %}
|
|
|
|
{% block prometheus_mtail_footer %}{% endblock %}
|
|
{% block footer %}{% endblock %}
|
|
|
|
# NOTE(dszumski): We run as root so that mtail can scrape root owned logs
|
|
# such as /var/log/secure which are mounted into the container as read only
|
|
# for auditing purposes. Longer term we should use a more secure mechanism
|
|
# for tailing these logs.
|
|
USER root
|