Merge pull request #368 from telefonicaid/recover-distroless-image

AlvaroVega · web-flow · commit d99a83b0ab27 · 2025-09-02T10:11:41.000+02:00
FIX recover distroless image
diff --git a/docker/Dockerfile b/docker/Dockerfile
@@ -155,35 +155,34 @@ RUN sed -i -r "/^(root|nobody)/!d" /etc/passwd /etc/shadow /etc/group \
 # - IOTA_AUTH_USER, IOTA_AUTH_PASSWORD - when using Keystone Security 
 # - IOTA_AUTH_CLIENT_ID, IOTA_AUTH_CLIENT_SECRET - when using OAuth2 Security
 #
-# FIXME: distroless stuff disabled. See https://github.com/telefonicaid/iotagent-json/issues/891
-#
 ########################################################################################
-#FROM gcr.io/distroless/nodejs:${NODE_VERSION} AS distroless
-#ARG GITHUB_ACCOUNT
-#ARG GITHUB_REPOSITORY
-#ARG NODE_VERSION
-#
-#LABEL "maintainer"="FIWARE IoTAgent Team. Telefónica I+D"
-#LABEL "org.opencontainers.image.authors"="iot_support@tid.es"
-#LABEL "org.opencontainers.image.documentation"="https://github.com/telefonicaid/iotagent-manager/blob/master/README.md"
-#LABEL "org.opencontainers.image.vendor"="Telefónica Investigación y Desarrollo, S.A.U"
-#LABEL "org.opencontainers.image.licenses"="AGPL-3.0-only"
-#LABEL "org.opencontainers.image.title"="FIWARE IoT Agent Manager (Distroless)"
-#LABEL "org.opencontainers.image.description"="The IoT Agent Manager works as a proxy for scenarios where multiple IoT Agents offer different southbound protocols. The IoTA Manager appears as a single administration endpoint for provisioning tasks, redirecting provisioning requests to the appropriate IoTAgent based on the declared protocol."
-#LABEL "org.opencontainers.image.source"="https://github.com/${GITHUB_ACCOUNT}/${GITHUB_REPOSITORY}"
-#LABEL "org.nodejs.version"="${NODE_VERSION}"
-#
-#COPY --from=builder /opt/iotaManager /opt/iotaManager
-#COPY --from=anon-user /etc/passwd /etc/shadow /etc/group /etc/
-#WORKDIR /opt/iotaManager
-#
-#USER nobody
-#ENV NODE_ENV=production
-## Expose 8082 for IOTA_SERVER_PORT
-#EXPOSE ${IOTA_SERVER_PORT:-8082}
-#CMD ["./bin/iota-manager", "-- ", "config.js"]
-#HEALTHCHECK  --interval=30s --timeout=3s --start-period=10s \
-#  CMD ["/nodejs/bin/node", "./bin/healthcheck"]
+# hadolint ignore=DL3006,DL3007
+FROM gcr.io/distroless/nodejs${NODE_VERSION}-debian12 AS distroless
+ARG GITHUB_ACCOUNT
+ARG GITHUB_REPOSITORY
+ARG NODE_VERSION
+
+LABEL "maintainer"="FIWARE IoTAgent Team. Telefónica I+D"
+LABEL "org.opencontainers.image.authors"="iot_support@tid.es"
+LABEL "org.opencontainers.image.documentation"="https://github.com/telefonicaid/iotagent-manager/blob/master/README.md"
+LABEL "org.opencontainers.image.vendor"="Telefónica Investigación y Desarrollo, S.A.U"
+LABEL "org.opencontainers.image.licenses"="AGPL-3.0-only"
+LABEL "org.opencontainers.image.title"="FIWARE IoT Agent Manager (Distroless)"
+LABEL "org.opencontainers.image.description"="The IoT Agent Manager works as a proxy for scenarios where multiple IoT Agents offer different southbound protocols. The IoTA Manager appears as a single administration endpoint for provisioning tasks, redirecting provisioning requests to the appropriate IoTAgent based on the declared protocol."
+LABEL "org.opencontainers.image.source"="https://github.com/${GITHUB_ACCOUNT}/${GITHUB_REPOSITORY}"
+LABEL "org.nodejs.version"="${NODE_VERSION}"
+
+COPY --from=builder /opt/iotaManager /opt/iotaManager
+COPY --from=anon-user /etc/passwd /etc/shadow /etc/group /etc/
+WORKDIR /opt/iotaManager
+
+USER nobody
+ENV NODE_ENV=production
+# Expose 8082 for IOTA_SERVER_PORT
+EXPOSE ${IOTA_SERVER_PORT:-8082}
+CMD ["./bin/iota-manager", "-- ", "config.js"]
+HEALTHCHECK  --interval=30s --timeout=3s --start-period=10s \
+  CMD ["/nodejs/bin/node", "./bin/healthcheck"]
 
 
 ########################################################################################
diff --git a/docker/hooks/build b/docker/hooks/build
@@ -35,13 +35,12 @@ docker image build --build-arg SOURCE_BRANCH=$SOURCE_BRANCH \
 	-t $IMAGE_NAME \
 	.
 
-# FIXME: distroless stuff disabled. See https://github.com/telefonicaid/iotagent-json/issues/891
-#docker image build --build-arg SOURCE_BRANCH=$SOURCE_BRANCH \
-#	--label "org.opencontainers.image.created"=$(date +%Y-%m-%d) \
-#	--label "org.opencontainers.image.revision"=$SOURCE_COMMIT \
-#	--label "org.opencontainers.image.version"=$DOCKER_TAG \
-#	--target=distroless \
-#	-t $IMAGE_NAME-distroless \
-#	.
+docker image build --build-arg SOURCE_BRANCH=$SOURCE_BRANCH \
+	--label "org.opencontainers.image.created"=$(date +%Y-%m-%d) \
+	--label "org.opencontainers.image.revision"=$SOURCE_COMMIT \
+	--label "org.opencontainers.image.version"=$DOCKER_TAG \
+	--target=distroless \
+	-t $IMAGE_NAME-distroless \
+	.
 
 
diff --git a/docker/hooks/post_push b/docker/hooks/post_push
@@ -28,7 +28,6 @@
 # Not every repository needs hooks, only the ones that needs special tunning. Standard
 # dockerhub autobuild works well most of the times.
 
-# FIXME: distroless stuff disabled. See https://github.com/telefonicaid/iotagent-json/issues/891
-#docker image push $IMAGE_NAME-distroless
+docker image push $IMAGE_NAME-distroless
 
 
