Dockerfile.slim

FROM python:3.7-alpine3.16
LABEL maintainer="sig-platform@spinnaker.io"
ARG TARGETARCH

# KUBECTL_RELEASE kept one minor version behind latest to maximise compatibility overlap
ENV KUBECTL_RELEASE=1.20.6
ENV AWS_CLI_VERSION=1.18.152
ENV AWS_CLI_S3_CMD=2.0.2
ENV AWS_AIM_AUTHENTICATOR_VERSION=0.5.9
ENV GOOGLE_CLOUD_SDK_VERSION=412.0.0
ENV ECR_TOKEN_VERSION=v1.0.2

ENV PATH "$PATH:/usr/local/bin/:/opt/google-cloud-sdk/bin/:/usr/local/bin/aws-iam-authenticator"

RUN apk update \
  && apk upgrade \
  && apk --no-cache add --update \
    bash \
    ca-certificates \
    wget \
    openjdk11 \
    git \
    openssh-client

# AWS CLI
RUN pip install --upgrade awscli==${AWS_CLI_VERSION} s3cmd==${AWS_CLI_S3_CMD} python-magic \
  && pip uninstall -y pip

# Google cloud SDK
RUN [ $TARGETARCH == 'amd64' ] &&  export GCP_ARCH="x86_64" || export GCP_ARCH="arm"  \
  && wget -nv https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-sdk-${GOOGLE_CLOUD_SDK_VERSION}-linux-${GCP_ARCH}.tar.gz \
  && mkdir -p /opt && cd /opt \
  && tar -xzf /google-cloud-sdk-${GOOGLE_CLOUD_SDK_VERSION}-linux-${GCP_ARCH}.tar.gz \
  && rm /google-cloud-sdk-${GOOGLE_CLOUD_SDK_VERSION}-linux-${GCP_ARCH}.tar.gz \
  && CLOUDSDK_PYTHON="python3" /opt/google-cloud-sdk/install.sh --usage-reporting=false --bash-completion=false \
     --additional-components app-engine-java app-engine-go gke-gcloud-auth-plugin \
  && rm -rf ~/.config/gcloud \
  && rm -rf /opt/google-cloud-sdk/.install/.backup

# kubectl + AWS IAM authenticator
RUN wget https://storage.googleapis.com/kubernetes-release/release/v${KUBECTL_RELEASE}/bin/linux/${TARGETARCH}/kubectl \
  && chmod +x kubectl \
  && mv ./kubectl /usr/local/bin/kubectl \
  && wget -O aws-iam-authenticator https://github.com/kubernetes-sigs/aws-iam-authenticator/releases/download/v${AWS_AIM_AUTHENTICATOR_VERSION}/aws-iam-authenticator_${AWS_AIM_AUTHENTICATOR_VERSION}_linux_${TARGETARCH} \
	&& chmod +x ./aws-iam-authenticator \
	&& mv ./aws-iam-authenticator /usr/local/bin/aws-iam-authenticator\
    && ln -sf /usr/local/bin/aws-iam-authenticator /usr/local/bin/heptio-authenticator-aws

RUN rm /var/cache/apk/*

RUN addgroup -S -g 10111 spinnaker
RUN adduser -S -G spinnaker -u 10111 spinnaker

COPY clouddriver-web/build/install/clouddriver /opt/clouddriver
RUN mkdir -p /opt/clouddriver/plugins && chown -R spinnaker:nogroup /opt/clouddriver/plugins

USER spinnaker

CMD ["/opt/clouddriver/bin/clouddriver"]