diff --git a/docker/forwarder/Dockerfile b/docker/forwarder/Dockerfile index 5182398..b603ffd 100644 --- a/docker/forwarder/Dockerfile +++ b/docker/forwarder/Dockerfile @@ -1,24 +1,65 @@ +############################################################################### +# Build layer - download and extract artifact +############################################################################### +FROM eclipse-temurin:21-jre-noble AS builder + +ARG GRAYLOG_FORWARDER_VERSION +ARG DEBIAN_FRONTEND=noninteractive + +# We default to an empty file instead of leaving LOCAL_BUILD_TGZ blank +# because Docker would execute the following COPY command with a blank +# value: +# COPY "" "/tmp/forwarder.tgz" +# That creates a /tmp/forwarder.tgz *directory* in the container with +# all files from the build context. +ARG LOCAL_BUILD_TGZ=.empty + +COPY "${LOCAL_BUILD_TGZ}" "/tmp/local-forwarder.tgz" + +# An empty /tmp/forwarder.tgz file indicates that we don't use a +# custom LOCAL_BUILD_TGZ file. +RUN if [ -f "/tmp/local-forwarder.tgz" ] && [ -s "/tmp/local-forwarder.tgz" ]; then \ + mv "/tmp/local-forwarder.tgz" "/tmp/forwarder.tgz"; \ + fi; \ + if [ "${LOCAL_BUILD_TGZ}" = ".empty" ]; then \ + curl -fsSL --retry 3 --output "/tmp/forwarder.tgz" \ + "https://downloads.graylog.org/releases/cloud/forwarder/${GRAYLOG_FORWARDER_VERSION}/graylog-forwarder-${GRAYLOG_FORWARDER_VERSION}-bin.tar.gz"; \ + fi && \ + install -d -o root -g root -m 0755 "/tmp/forwarder"; \ + tar -C "/tmp/forwarder" -xvzf "/tmp/forwarder.tgz"; \ + rm -f "/tmp/forwarder.tgz" "/tmp/local-forwarder.tgz" + +############################################################################### +# Final layer +############################################################################### FROM eclipse-temurin:21-jre-noble +ARG LABEL_MAINTAINER="Graylog, Inc. " +ARG LABEL_NAME="Graylog Forwarder Docker Image" +ARG LABEL_DESCRIPTION="Official Graylog Forwarder Docker image" +ARG LABEL_URL="https://www.graylog.org/" +ARG LABEL_VCS_URL="https://github.com/Graylog2/graylog-docker" +ARG LABEL_VENDOR="Graylog, Inc." +ARG SLUG="graylog" + ARG VCS_REF ARG BUILD_DATE -ARG GRAYLOG_FORWARDER_VERSION ARG GRAYLOG_FORWARDER_IMAGE_VERSION -ARG GRAYLOG_FORWARDER_ROOT=/usr/share/graylog-forwarder -ARG GRAYLOG_FORWARDER_FILE=/tmp/graylog-forwarder-bin.tar.gz +ARG GRAYLOG_FORWARDER_ROOT=/usr/share/${SLUG}-forwarder ARG DEBIAN_FRONTEND=noninteractive -ENV FORWARDER_CONFIG_FILE=/etc/graylog/forwarder/forwarder.conf -ENV FORWARDER_JVM_OPTIONS_FILE=/etc/graylog/forwarder/jvm.options -ENV FORWARDER_DATA_DIR=/var/lib/graylog-forwarder +ENV FORWARDER_CONFIG_FILE=/etc/${SLUG}/forwarder/forwarder.conf +ENV FORWARDER_JVM_OPTIONS_FILE=/etc/${SLUG}/forwarder/jvm.options +ENV FORWARDER_DATA_DIR=/var/lib/${SLUG}-forwarder # We are using an empty forwarder.conf file so we are setting defaults # via environment variables: -ENV GRAYLOG_BIN_DIR=/usr/share/graylog-forwarder/bin -ENV GRAYLOG_PLUGIN_DIR=/usr/share/graylog-forwarder/plugin -ENV GRAYLOG_DATA_DIR=/var/lib/graylog-forwarder/data -ENV GRAYLOG_MESSAGE_JOURNAL_DIR=/var/lib/graylog-forwarder/journal -ENV GRAYLOG_NODE_ID_FILE=/var/lib/graylog-forwarder/node-id +ENV GRAYLOG_BIN_DIR=/usr/share/${SLUG}-forwarder/bin +ENV GRAYLOG_BIN_SCRIPT=${GRAYLOG_BIN_DIR}/${SLUG}-forwarder +ENV GRAYLOG_PLUGIN_DIR=/usr/share/${SLUG}-forwarder/plugin +ENV GRAYLOG_DATA_DIR=/var/lib/${SLUG}-forwarder/data +ENV GRAYLOG_MESSAGE_JOURNAL_DIR=/var/lib/${SLUG}-forwarder/journal +ENV GRAYLOG_NODE_ID_FILE=/var/lib/${SLUG}-forwarder/node-id # hadolint ignore=DL3008 RUN apt-get update && \ @@ -29,33 +70,27 @@ RUN apt-get update && \ SHELL ["/bin/bash", "-o", "pipefail", "-c"] -RUN curl \ - --silent \ - --location \ - --retry 3 \ - --output "$GRAYLOG_FORWARDER_FILE" \ - "https://packages.graylog2.org/releases/cloud/forwarder/${GRAYLOG_FORWARDER_VERSION}/graylog-forwarder-${GRAYLOG_FORWARDER_VERSION}-bin.tar.gz" && \ - install -d -o root -g root -m 0755 "$GRAYLOG_FORWARDER_ROOT" && \ - tar -C "$GRAYLOG_FORWARDER_ROOT" -xzf "$GRAYLOG_FORWARDER_FILE" && \ - chown -R root.root "$GRAYLOG_FORWARDER_ROOT" && \ - install -d -o root -g root -m 0755 "$FORWARDER_DATA_DIR" && \ +RUN install -d -o root -g root -m 0755 "$GRAYLOG_FORWARDER_ROOT" + +COPY --from=builder --chown=root:root /tmp/forwarder "${GRAYLOG_FORWARDER_ROOT}/" + +RUN install -d -o root -g root -m 0755 "$FORWARDER_DATA_DIR" && \ install -d -o root -g root -m 0755 "$(dirname $FORWARDER_CONFIG_FILE)" && \ touch "$FORWARDER_CONFIG_FILE" && \ echo "forwarder_server_hostname =" >> "$FORWARDER_CONFIG_FILE" && \ echo "forwarder_grpc_api_token =" >> "$FORWARDER_CONFIG_FILE" && \ mv "${GRAYLOG_FORWARDER_ROOT}/config/jvm.options" "$FORWARDER_JVM_OPTIONS_FILE" && \ - rmdir "${GRAYLOG_FORWARDER_ROOT}/config" && \ - rm -f "$GRAYLOG_FORWARDER_FILE" + rmdir "${GRAYLOG_FORWARDER_ROOT}/config" COPY docker/forwarder/forwarder-entrypoint.sh / -LABEL maintainer="Graylog, Inc. " \ - org.label-schema.name="Graylog Forwarder Docker Image" \ - org.label-schema.description="Official Graylog Forwarder Docker image" \ - org.label-schema.url="https://www.graylog.org/" \ +LABEL maintainer="${LABEL_MAINTAINER}" \ + org.label-schema.name="${LABEL_NAME}" \ + org.label-schema.description="${LABEL_DESCRIPTION}" \ + org.label-schema.url="${LABEL_URL}" \ org.label-schema.vcs-ref=${VCS_REF} \ - org.label-schema.vcs-url="https://github.com/Graylog2/graylog-docker" \ - org.label-schema.vendor="Graylog, Inc." \ + org.label-schema.vcs-url="${LABEL_VCS_URL}" \ + org.label-schema.vendor="${LABEL_VENDOR}" \ org.label-schema.version=${GRAYLOG_FORWARDER_IMAGE_VERSION} \ org.label-schema.schema-version="1.0" \ org.label-schema.build-date=${BUILD_DATE} diff --git a/docker/forwarder/forwarder-entrypoint.sh b/docker/forwarder/forwarder-entrypoint.sh index 0ff76a9..bcb663a 100755 --- a/docker/forwarder/forwarder-entrypoint.sh +++ b/docker/forwarder/forwarder-entrypoint.sh @@ -26,4 +26,4 @@ done /usr/bin/install -d -o root -g root -m 0755 "$GRAYLOG_DATA_DIR" /usr/bin/install -d -o root -g root -m 0755 "$GRAYLOG_MESSAGE_JOURNAL_DIR" -exec "${GRAYLOG_BIN_DIR}/graylog-forwarder" run -f "$FORWARDER_CONFIG_FILE" +exec "${GRAYLOG_BIN_SCRIPT}" run -f "$FORWARDER_CONFIG_FILE"