diff --git a/bitnami/kubeapps-pinniped-proxy/2/debian-10/Dockerfile b/bitnami/kubeapps-pinniped-proxy/2/debian-10/Dockerfile new file mode 100644 index 000000000000..ff0eb3ab222c --- /dev/null +++ b/bitnami/kubeapps-pinniped-proxy/2/debian-10/Dockerfile @@ -0,0 +1,24 @@ +FROM docker.io/bitnami/minideb:buster +LABEL maintainer "Bitnami " + +ENV HOME="/" \ + OS_ARCH="amd64" \ + OS_FLAVOUR="debian-10" \ + OS_NAME="linux" + +COPY prebuildfs / +# Install required system packages and dependencies +RUN install_packages ca-certificates curl gzip libc6 libgcc1 libssl1.1 procps tar wget +RUN wget -nc -P /tmp/bitnami/pkg/cache/ https://downloads.bitnami.com/files/stacksmith/kubeapps-pinniped-proxy-2.1.0-1-linux-amd64-debian-10.tar.gz && \ + echo "15cce91cc9ee5672b48c2514071d4865772ae7deb36f804207e0bc41d4596923 /tmp/bitnami/pkg/cache/kubeapps-pinniped-proxy-2.1.0-1-linux-amd64-debian-10.tar.gz" | sha256sum -c - && \ + tar -zxf /tmp/bitnami/pkg/cache/kubeapps-pinniped-proxy-2.1.0-1-linux-amd64-debian-10.tar.gz -P --transform 's|^[^/]*/files|/opt/bitnami|' --wildcards '*/files' && \ + rm -rf /tmp/bitnami/pkg/cache/kubeapps-pinniped-proxy-2.1.0-1-linux-amd64-debian-10.tar.gz +RUN chmod g+rwX /opt/bitnami + +ENV BITNAMI_APP_NAME="kubeapps-pinniped-proxy" \ + BITNAMI_IMAGE_VERSION="2.1.0-debian-10-r0" \ + PATH="/opt/bitnami/kubeapps-pinniped-proxy/bin:$PATH" + +USER 1001 +ENTRYPOINT [ "pinniped-proxy" ] +CMD [ "--help" ] diff --git a/bitnami/kubeapps-pinniped-proxy/2/debian-10/docker-compose.yml b/bitnami/kubeapps-pinniped-proxy/2/debian-10/docker-compose.yml new file mode 100644 index 000000000000..0b15505e1d16 --- /dev/null +++ b/bitnami/kubeapps-pinniped-proxy/2/debian-10/docker-compose.yml @@ -0,0 +1,4 @@ +version: '2' +services: + kubeapps-pinniped-proxy: + image: docker.io/bitnami/kubeapps-pinniped-proxy:2-debian-10 diff --git a/bitnami/kubeapps-pinniped-proxy/2/debian-10/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kubeapps-pinniped-proxy/2/debian-10/prebuildfs/opt/bitnami/.bitnami_components.json new file mode 100644 index 000000000000..afc37200cdac --- /dev/null +++ b/bitnami/kubeapps-pinniped-proxy/2/debian-10/prebuildfs/opt/bitnami/.bitnami_components.json @@ -0,0 +1,9 @@ +{ + "kubeapps-pinniped-proxy": { + "arch": "amd64", + "digest": "15cce91cc9ee5672b48c2514071d4865772ae7deb36f804207e0bc41d4596923", + "distro": "debian-10", + "type": "NAMI", + "version": "2.1.0-1" + } +} \ No newline at end of file diff --git a/bitnami/kubeapps-pinniped-proxy/2/debian-10/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/kubeapps-pinniped-proxy/2/debian-10/prebuildfs/opt/bitnami/licenses/licenses.txt new file mode 100644 index 000000000000..c76ba31f3b8a --- /dev/null +++ b/bitnami/kubeapps-pinniped-proxy/2/debian-10/prebuildfs/opt/bitnami/licenses/licenses.txt @@ -0,0 +1,3 @@ +Bitnami containers ship with software bundles. You can find the licenses under: +/opt/bitnami/nami/COPYING +/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/kubeapps-pinniped-proxy/2/debian-10/prebuildfs/usr/sbin/install_packages b/bitnami/kubeapps-pinniped-proxy/2/debian-10/prebuildfs/usr/sbin/install_packages new file mode 100755 index 000000000000..c9577647443b --- /dev/null +++ b/bitnami/kubeapps-pinniped-proxy/2/debian-10/prebuildfs/usr/sbin/install_packages @@ -0,0 +1,24 @@ +#!/bin/sh +set -e +set -u +export DEBIAN_FRONTEND=noninteractive +n=0 +max=2 +until [ $n -gt $max ]; do + set +e + ( + apt-get update -qq && + apt-get install -y --no-install-recommends "$@" + ) + CODE=$? + set -e + if [ $CODE -eq 0 ]; then + break + fi + if [ $n -eq $max ]; then + exit $CODE + fi + echo "apt failed, retrying" + n=$(($n + 1)) +done +rm -r /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/kubeapps-pinniped-proxy/README.md b/bitnami/kubeapps-pinniped-proxy/README.md index 1333ed77b7e1..810e1effd3fa 100644 --- a/bitnami/kubeapps-pinniped-proxy/README.md +++ b/bitnami/kubeapps-pinniped-proxy/README.md @@ -1 +1,72 @@ -TODO +# What is Kubeapps Pinniped Proxy? + +> Kubeapps Pinniped-Proxy is one of the main components of Kubeapps, a web-based application for deploying and managing applications in Kubernetes clusters. +> +> This component proxies incoming requests with an `Authorization: Bearer token` header, exchanging the token via the pinniped aggregate API for x509 short-lived client certificates, before forwarding the request onwards to the destination k8s API server. +> +> It is used to ensure OIDC requests for the Kubernetes API server are forwarded through only after exchanging the OIDC id token for client certificates used by the Kubernetes API server, for situations where the Kubernetes API server is not configured for OIDC. + +[https://kubeapps.com/](https://kubeapps.com/) + +# TL;DR + +```console +$ docker run --name kubeapps-pinniped-proxy bitnami/kubeapps-pinniped-proxy:latest +``` + +# Why use Bitnami Images? + +* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. +* With Bitnami images the latest bug fixes and features are available as soon as possible. +* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. + +> This [CVE scan report](https://quay.io/repository/bitnami/kubeapps-pinniped-proxy?tab=tags) contains a security report with all open CVEs. To get the list of actionable security issues, find the "latest" tag, click the vulnerability report link under the corresponding "Security scan" field and then select the "Only show fixable" filter on the next page. + +# How to deploy Kubeapps Pinniped Proxy in Kubernetes? + +Deploying Bitnami applications as Helm Charts is the easiest way to get started with our applications on Kubernetes. Read more about the installation in the [Bitnami Kubeapps Chart GitHub repository](https://github.com/bitnami/charts/tree/master/bitnami/kubeapps). + +# Why use a non-root container? + +Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://docs.bitnami.com/tutorials/work-with-non-root-containers/). + +# Supported tags and respective `Dockerfile` links + +Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://docs.bitnami.com/tutorials/understand-rolling-tags-containers/). + + +* [`2`, `2-debian-10`, `2.1.0`, `2.1.0-debian-10-r0`, `latest` (2/debian-10/Dockerfile)](https://github.com/bitnami/bitnami-docker-kubeapps-pinniped-proxy/blob/2.1.0-debian-10-r0/2/debian-10/Dockerfile) + +# Configuration + +For further documentation, please check [here](https://github.com/kubeapps/kubeapps/tree/master/cmd/pinniped-proxy). + +# Contributing + +We'd love for you to contribute to this container. You can request new features by creating an [issue](https://github.com/bitnami/bitnami-docker-kubeapps-pinniped-proxy/issues), or submit a [pull request](https://github.com/bitnami/bitnami-docker-kubeapps-pinniped-proxy/pulls) with your contribution. + +# Issues + +If you encountered a problem running this container, you can file an [issue](https://github.com/bitnami/bitnami-docker-kubeapps-pinniped-proxy/issues/new). For us to provide better support, be sure to include the following information in your issue: + +- Host OS and version +- Docker version (`docker version`) +- Output of `docker info` +- Version of this container (`echo $BITNAMI_IMAGE_VERSION` inside the container) +- The command you used to run the container, and any relevant output you saw (masking any sensitive information) + +# License + +Copyright (c) 2021 Bitnami + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. diff --git a/bitnami/kubeapps-pinniped-proxy/docker-compose.yml b/bitnami/kubeapps-pinniped-proxy/docker-compose.yml new file mode 100644 index 000000000000..0b15505e1d16 --- /dev/null +++ b/bitnami/kubeapps-pinniped-proxy/docker-compose.yml @@ -0,0 +1,4 @@ +version: '2' +services: + kubeapps-pinniped-proxy: + image: docker.io/bitnami/kubeapps-pinniped-proxy:2-debian-10