From 6f87678dc19bf99a26b902fc5d46b519ea6857c2 Mon Sep 17 00:00:00 2001 From: Leonardo Parente <23251360+leoparente@users.noreply.github.com> Date: Mon, 14 Oct 2024 16:48:40 -0300 Subject: [PATCH] Create user and add permissions --- agent/docker/Dockerfile | 18 ++++++++++++++++-- agent/docker/Dockerfile.full | 22 ---------------------- agent/docker/agent_default.yaml | 3 +++ agent/docker/agent_default_full.yaml | 13 ------------- cmd/main.go | 2 +- 5 files changed, 20 insertions(+), 38 deletions(-) delete mode 100644 agent/docker/Dockerfile.full delete mode 100644 agent/docker/agent_default_full.yaml diff --git a/agent/docker/Dockerfile b/agent/docker/Dockerfile index 5fe4c30..89c4a75 100644 --- a/agent/docker/Dockerfile +++ b/agent/docker/Dockerfile @@ -1,21 +1,35 @@ ARG PKTVISOR_TAG=latest-develop +ARG OTEL_TAG=0.111.0 + FROM golang:1.23-alpine AS builder WORKDIR /go/src/github.com/netboxlabs/orb-agent COPY go.mod . RUN go mod tidy COPY . . -RUN apk update && apk add make build-base git +RUN apk update && apk add --no-cache build-base git make RUN mkdir /tmp/build && CGO_ENABLED=1 make agent_bin && mv build/orb-agent /tmp/build/orb-agent +FROM otel/opentelemetry-collector-contrib:${OTEL_TAG} AS otelcol-contrib + FROM orbcommunity/pktvisor:${PKTVISOR_TAG} -RUN mkdir /opt/orb +RUN addgroup --system netdev && useradd -m --shell /bin/bash -G netdev appuser && echo "appuser ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers + +# Create necessary directories and set ownership to appuser +RUN mkdir -p /opt/orb && chown appuser:appuser /opt/orb \ + && chown appuser:appuser /usr/local/bin \ + && chown appuser:appuser /var/run + COPY --from=builder /tmp/build/orb-agent /usr/local/bin/orb-agent COPY --from=builder /go/src/github.com/netboxlabs/orb-agent/agent/docker/agent_default.yaml /opt/orb/agent_default.yaml COPY --from=builder /go/src/github.com/netboxlabs/orb-agent/agent/docker/orb-agent-entry.sh /usr/local/bin/orb-agent-entry.sh COPY --from=builder /go/src/github.com/netboxlabs/orb-agent/agent/docker/run-agent.sh /run-agent.sh +COPY --from=otelcol-contrib /otelcol-contrib /usr/local/bin/otelcol-contrib + RUN chmod a+x /run-agent.sh +USER appuser + ENTRYPOINT [ "/usr/local/bin/orb-agent-entry.sh" ] diff --git a/agent/docker/Dockerfile.full b/agent/docker/Dockerfile.full deleted file mode 100644 index 74bfff5..0000000 --- a/agent/docker/Dockerfile.full +++ /dev/null @@ -1,22 +0,0 @@ -ARG ORB_TAG=develop -ARG PKTVISOR_TAG=develop -ARG OTEL_TAG=0.91.0 - -FROM orbcommunity/orb-agent:${ORB_TAG} AS orb - -FROM otel/opentelemetry-collector-contrib:${OTEL_TAG} AS otelcol-contrib - -FROM orbcommunity/pktvisor:${PKTVISOR_TAG} - -# adding orb-agent -RUN mkdir /opt/orb -COPY --from=orb /usr/local/bin/orb-agent /usr/local/bin/orb-agent -COPY ./agent/docker/agent_default_full.yaml /opt/orb/agent_default.yaml -COPY --from=orb /usr/local/bin/orb-agent-entry.sh /usr/local/bin/orb-agent-entry.sh -COPY --from=orb /run-agent.sh /run-agent.sh - -COPY --from=otelcol-contrib /otelcol-contrib /usr/local/bin/otelcol-contrib - -RUN chmod a+x /run-agent.sh - -ENTRYPOINT [ "/usr/local/bin/orb-agent-entry.sh" ] diff --git a/agent/docker/agent_default.yaml b/agent/docker/agent_default.yaml index 148c9d5..f9df5aa 100644 --- a/agent/docker/agent_default.yaml +++ b/agent/docker/agent_default.yaml @@ -8,3 +8,6 @@ orb: pktvisor: binary: /usr/local/sbin/pktvisord config_file: /opt/orb/agent_default.yaml + otel: + binary: /usr/local/bin/otelcol-contrib + config_file: /opt/orb/agent_default.yaml \ No newline at end of file diff --git a/agent/docker/agent_default_full.yaml b/agent/docker/agent_default_full.yaml deleted file mode 100644 index fbdd8c4..0000000 --- a/agent/docker/agent_default_full.yaml +++ /dev/null @@ -1,13 +0,0 @@ -version: "1.0" - -visor: - taps: - -orb: - backends: - pktvisor: - binary: /usr/local/sbin/pktvisord - config_file: /opt/orb/agent_default.yaml - otel: - binary: /usr/local/bin/otelcol-contrib - config_file: /opt/orb/agent_default.yaml diff --git a/cmd/main.go b/cmd/main.go index fabd366..d2e5c1c 100644 --- a/cmd/main.go +++ b/cmd/main.go @@ -149,7 +149,7 @@ func mergeOrError(path string) { v.SetDefault("orb.cloud.mqtt.id", "") v.SetDefault("orb.cloud.mqtt.key", "") v.SetDefault("orb.cloud.mqtt.channel_id", "") - v.SetDefault("orb.db.file", "./orb-agent.db") + v.SetDefault("orb.db.file", "/opt/orb/orb-agent.db") v.SetDefault("orb.tls.verify", true) v.SetDefault("orb.otel.host", "localhost") v.SetDefault("orb.otel.port", 0)