WiP/Testing: Convert kubectl from ubi minimal to micro
What does this MR do?
Convert kubectl from UBI minimal to micro
- Use UBI micro instead of minimal as base image for kubectl.
- Install openssl, gawk and openssh-server in the build image and only copy the required binaries to the final image.
- Apply execution permission to binaries in the build image instead of the final image.
Changelog: changed
Related issues
Relates #1794
Checklist
See Definition of done.
For anything in this list which will not be completed, please provide a reason in the MR discussion
Required
-
Merge Request Title, and Description are up to date, accurate, and descriptive -
MR targeting the appropriate branch -
MR has a green pipeline on GitLab.com -
When ready for review, MR is labeled "~workflow::ready for review" per the Distribution MR workflow
Test Plan
TBD
Impact in container size
> docker inspect -f "{{ .Size }}" registry.gitlab.com/gitlab-org/build/cng/kubectl:distroless-kubectl-ubi8-ubi8
90323124
> docker inspect -f "{{ .Size }}" registry.gitlab.com/gitlab-org/build/cng/kubectl:master-ubi8
233944289
(Compressed) layers with skopeo
> skopeo inspect docker://registry.gitlab.com/gitlab-org/build/cng/kubectl:distroless-kubectl-ubi8-ubi8 | jq '.LayersData'
[
{
"MIMEType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
"Digest": "sha256:35306c8c38ea2dff2075a75fb9d50c546f657d10c4cfa35d26d05c5b455a96f7",
"Size": 10414370,
"Annotations": null
},
{
"MIMEType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
"Digest": "sha256:8098d867d44bd1cf10a664999fc1a28a57fc80fe48bda07ccb33673ae461b306",
"Size": 22033657,
"Annotations": null
},
{
"MIMEType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
"Digest": "sha256:0f368160683bf2a0bf3b8462ff14d7fd620e9b86783d809a60a42244c7cc7ade",
"Size": 1581,
"Annotations": null
}
]
> skopeo inspect docker://registry.gitlab.com/gitlab-org/build/cng/kubectl:master-ubi8 | jq '.LayersData'
[
{
"MIMEType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
"Digest": "sha256:fe36fc382320e890319831cb8d26ae397191e146bd196836d24a82262e534a62",
"Size": 37022106,
"Annotations": null
},
{
"MIMEType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
"Digest": "sha256:f5a3dcb6e5de52399e8ccebde09dde4389980e6b286a0a562c3cb06fb5b38da1",
"Size": 18665660,
"Annotations": null
},
{
"MIMEType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
"Digest": "sha256:9db05a1681c90b99fd4e564c8ba660c629ed96ef80492ffd6be8760a6db46a3b",
"Size": 29851382,
"Annotations": null
}
]
Expected (please provide an explanation if not completing)
-
Test plan indicating conditions for success has been posted and passes -
Documentation created/updated -
Integration tests added to GitLab QA -
The impact any change in container size has should be evaluated -
New dependencies are managed with dependencies.io
Edited by Clemens Beck