Skip to content

WiP/Testing: Convert kubectl from ubi minimal to micro

Clemens Beck requested to merge distroless-kubectl-ubi8 into master

What does this MR do?

Convert kubectl from UBI minimal to micro

  • Use UBI micro instead of minimal as base image for kubectl.
  • Install openssl, gawk and openssh-server in the build image and only copy the required binaries to the final image.
  • Apply execution permission to binaries in the build image instead of the final image.

Changelog: changed

Related issues

Relates #1794

Checklist

See Definition of done.

For anything in this list which will not be completed, please provide a reason in the MR discussion

Required

  • Merge Request Title, and Description are up to date, accurate, and descriptive
  • MR targeting the appropriate branch
  • MR has a green pipeline on GitLab.com
  • When ready for review, MR is labeled "~workflow::ready for review" per the Distribution MR workflow

Test Plan

TBD

Impact in container size

> docker inspect -f "{{ .Size }}" registry.gitlab.com/gitlab-org/build/cng/kubectl:distroless-kubectl-ubi8-ubi8
90323124
> docker inspect -f "{{ .Size }}" registry.gitlab.com/gitlab-org/build/cng/kubectl:master-ubi8
233944289
(Compressed) layers with skopeo 
> skopeo inspect docker://registry.gitlab.com/gitlab-org/build/cng/kubectl:distroless-kubectl-ubi8-ubi8 | jq '.LayersData'
[
  {
    "MIMEType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
    "Digest": "sha256:35306c8c38ea2dff2075a75fb9d50c546f657d10c4cfa35d26d05c5b455a96f7",
    "Size": 10414370,
    "Annotations": null
  },
  {
    "MIMEType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
    "Digest": "sha256:8098d867d44bd1cf10a664999fc1a28a57fc80fe48bda07ccb33673ae461b306",
    "Size": 22033657,
    "Annotations": null
  },
  {
    "MIMEType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
    "Digest": "sha256:0f368160683bf2a0bf3b8462ff14d7fd620e9b86783d809a60a42244c7cc7ade",
    "Size": 1581,
    "Annotations": null
  }
]
> skopeo inspect docker://registry.gitlab.com/gitlab-org/build/cng/kubectl:master-ubi8 | jq '.LayersData'
[
  {
    "MIMEType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
    "Digest": "sha256:fe36fc382320e890319831cb8d26ae397191e146bd196836d24a82262e534a62",
    "Size": 37022106,
    "Annotations": null
  },
  {
    "MIMEType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
    "Digest": "sha256:f5a3dcb6e5de52399e8ccebde09dde4389980e6b286a0a562c3cb06fb5b38da1",
    "Size": 18665660,
    "Annotations": null
  },
  {
    "MIMEType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
    "Digest": "sha256:9db05a1681c90b99fd4e564c8ba660c629ed96ef80492ffd6be8760a6db46a3b",
    "Size": 29851382,
    "Annotations": null
  }
]

Expected (please provide an explanation if not completing)

  • Test plan indicating conditions for success has been posted and passes
  • Documentation created/updated
  • Integration tests added to GitLab QA
  • The impact any change in container size has should be evaluated
  • New dependencies are managed with dependencies.io
Edited by Clemens Beck

Merge request reports