Open pebrc opened 1 month ago
Update: it seems both use cases are already covered: I built a snapshot with SNAPSHOT=true PLATFORMS=linux/arm64 PACKAGES=docker mage package
and was able to run /usr/sbin/update-ca-certificates
as root.
tar
was also present, it seems to be coming out of /bin/busybox
. So unless there are plans to trim down this image further, I think we are good to close this issue.
(Should have waiting for the build to finish before writing the original issue here)
Describe the enhancement: ECK is the Kubernetes operator for the Elastic stack and targets self-hosted Kubernetes deployments (i.e. not Hosted ESS or Serverless) It uses the regular stack images to deploy Elastic Agent.
If we want to support the wolfi based version of the Agent image
docker.elastic.co/beats/elastic-agent-wolfi
we need to ensure that:Describe a specific use case for the enhancement or feature:
/usr/sbin/update-ca-certificates
tool with the self-signed ECK-managed Elasticsearch CA. (source)kubectl exec
uting thediagnostics collect
subcommand in the container. It then uses the equivalent ofkubectl cp
to extract the resulting file from the container. This requires the presence of thetar
utility in the image. (source)What is the definition of done?
A successful run of the ECK e2e tests with a wolfi image or workarounds for the two use cases.
cc @rdner