Merge pull request #1514 from timstclair/scratch

DirectXMan12 · web-flow · commit fd216f1bb9e2 · 2017-03-11T16:45:52.000-08:00
Rebase heapster image on scratch &amp; don't run as root
diff --git a/Makefile b/Makefile
@@ -39,22 +39,6 @@ TEST_NAMESPACE=heapster-e2e-tests
 
 HEAPSTER_LDFLAGS=-w -X k8s.io/heapster/version.HeapsterVersion=$(VERSION) -X k8s.io/heapster/version.GitCommit=$(GIT_COMMIT)
 
-ifeq ($(ARCH),amd64)
-	BASEIMAGE?=busybox
-endif
-ifeq ($(ARCH),arm)
-	BASEIMAGE?=armhf/busybox
-endif
-ifeq ($(ARCH),arm64)
-	BASEIMAGE?=aarch64/busybox
-endif
-ifeq ($(ARCH),ppc64le)
-	BASEIMAGE?=ppc64le/busybox
-endif
-ifeq ($(ARCH),s390x)
-	BASEIMAGE?=s390x/busybox
-endif
-
 fmt:
 	find . -type f -name "*.go" | grep -v "./vendor*" | xargs gofmt -s -w
 
@@ -89,8 +73,6 @@ container:
 		&& GOARCH=$(ARCH) CGO_ENABLED=0 go build -ldflags \"$(HEAPSTER_LDFLAGS)\" -o /build/eventer k8s.io/heapster/events"
 
 	cp deploy/docker/Dockerfile $(TEMP_DIR)
-	cd $(TEMP_DIR) && sed -i -e "s|BASEIMAGE|$(BASEIMAGE)|g" Dockerfile
-
 	docker build --pull -t $(PREFIX)/heapster-$(ARCH):$(VERSION) $(TEMP_DIR)
 ifneq ($(OVERRIDE_IMAGE_NAME),)
 	docker tag -f $(PREFIX)/heapster-$(ARCH):$(VERSION) $(OVERRIDE_IMAGE_NAME)
diff --git a/deploy/docker/Dockerfile b/deploy/docker/Dockerfile
@@ -1,6 +1,8 @@
-FROM BASEIMAGE
+FROM scratch
 
 COPY heapster eventer /
 COPY ca-certificates.crt /etc/ssl/certs/
 
+#   nobody:nobody
+USER 65534:65534
 ENTRYPOINT ["/heapster"]
