Multiarch and dockerhost wait entrypoint

uselagoon · Jul 28, 2024 · 4720e75 · 4720e75
1 parent 384e920
commit 4720e75
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 10 deletions.
diff --git a/insights-scanner/Dockerfile b/insights-scanner/Dockerfile
@@ -1,7 +1,8 @@
 ARG UPSTREAM_REPO
 ARG UPSTREAM_TAG
 ARG GO_VER
-FROM ${UPSTREAM_REPO:-uselagoon}/commons:${UPSTREAM_TAG:-latest} as commons
+FROM ${UPSTREAM_REPO:-uselagoon}/commons:${UPSTREAM_TAG:-latest} AS commons
+FROM aquasec/trivy:0.52.2 AS trivy
 
 FROM docker:20.10.24
 
@@ -28,18 +29,16 @@ ENV TMPDIR=/tmp \
     BASH_ENV=/home/.bashrc
 
 # Defining Versions
-ENV KUBECTL_VERSION=v1.27.6
+ENV KUBECTL_VERSION=v1.30.3
 
 RUN apk add -U --repository http://dl-cdn.alpinelinux.org/alpine/edge/testing aufs-util \
-    && apk upgrade --no-cache openssh openssh-keygen openssh-client-common openssh-client-default \
-    && apk add --no-cache openssl curl parallel bash git py-pip skopeo \
-    && git config --global user.email "lagoon@lagoon.io" && git config --global user.name lagoon \
-    && pip install shyaml \
-    && curl -Lo /usr/bin/kubectl https://storage.googleapis.com/kubernetes-release/release/${KUBECTL_VERSION}/bin/linux/amd64/kubectl \
-    && chmod +x /usr/bin/kubectl
+    && apk add --no-cache curl bash skopeo
 
-RUN curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.52.2
+RUN architecture=$(case $(uname -m) in x86_64 | amd64) echo "amd64" ;; aarch64 | arm64 | armv8) echo "arm64" ;; *) echo "amd64" ;; esac) \
+    && curl -Lo /usr/bin/kubectl https://dl.k8s.io/release/$KUBECTL_VERSION/bin/linux/${architecture}/kubectl \
+    && chmod +x /usr/bin/kubectl
 
+COPY --from=trivy /usr/local/bin/trivy /usr/local/bin/trivy
 
 WORKDIR /app
 
@@ -50,5 +49,8 @@ RUN chmod +x /app/run.sh && /bin/fix-permissions /app/run.sh
 # We'll set DOCKER_HOST to the lagoon default, but with the assumption that it's overridable at runtime by insights-handler
 ENV DOCKER_HOST=docker-host.lagoon.svc
 
+# bring in entrypoint to kill startup if the appropriate DOCLER_HOST isn't found
+COPY ./dockerhost-entrypoint.sh /lagoon/entrypoints/100-docker-entrypoint.sh
+
 ENTRYPOINT ["/sbin/tini", "--", "/lagoon/entrypoints.sh"]
-CMD ["/app/run.sh"]
+CMD ["/app/run.sh"]
diff --git a/insights-scanner/dockerhost-entrypoint.sh b/insights-scanner/dockerhost-entrypoint.sh
@@ -0,0 +1,17 @@
+#!/bin/bash
+set -e
+
+# try connect to docker-host 10 times before giving up
+DOCKER_HOST_COUNTER=1
+DOCKER_HOST_TIMEOUT=10
+until docker -H ${DOCKER_HOST} info &> /dev/null
+do
+if [ $DOCKER_HOST_COUNTER -lt $DOCKER_HOST_TIMEOUT ]; then
+    let DOCKER_HOST_COUNTER=DOCKER_HOST_COUNTER+1
+    echo "${DOCKER_HOST} not available yet, waiting for 5 secs"
+    sleep 5
+else
+    echo "could not connect to ${DOCKER_HOST}"
+    exit 1
+fi
+done