forked from shawndwells/crowdstrike-dockerfiles
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile.debian
57 lines (48 loc) · 2.04 KB
/
Dockerfile.debian
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
FROM debian:9
USER root
ARG container_version
# BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')
ARG BUILD_DATE
# VCS_REF=$(git rev-parse --short HEAD)
ARG VCS_REF
ARG FALCON_PKG
#
# Friendly reminder that generated container images are from an open source
# project, and not a formal CrowdStrike product.
#
LABEL maintainer="https://github.com/CrowdStrike/dockerfiles/" \
org.label-schema.build-date=$BUILD_DATE \
org.label-schema.schema-version="1.0" \
org.label-schema.description="CrowdStrike's Containerized Falcon Linux Sensor" \
org.label-schema.vendor="https://github.com/CrowdStrike/dockerfiles/" \
org.label-schema.url="https://github.com/CrowdStrike/dockerfiles/" \
org.label-schema.vcs-url="https://github.com/CrowdStrike/dockerfiles/" \
org.label-schema.vcs-ref=$VCS_REF \
org.label-schema.docker.cmd="docker run -d --privileged -v /var/log:/var/log \
--mount type=bind,source=/var/run/docker.sock,destination=/var/run/docker.sock \
--net=host --pid=host --uts=host --ipc=host \
falcon-sensor" \
org.label-schema.container_version=$container_version \
io.openshift.tags="crowdstrike,falcon" \
io.k8s.description="CrowdStrike's Containerized Falcon Linux Sensor"
# io.openshift.min-memory 8Gi
# io.openshift.min-cpu 4
#
# 1. Apply updates to base image and install dependencies
# 2. Copy Falcon Agent DEB into container & install it, then remove the DEB
#
COPY ./$FALCON_PKG /tmp/falcon-sensor.deb
RUN apt-get -y update && \
apt-get -y install \
libnl-3-200 net-tools zip openssl hostname iproute2 /tmp/falcon-sensor.deb && \
rm -rf /tmp/falcon-sensor.deb /var/lib/apt/lists/* && \
apt clean
#
# Copy the entrypoint script into the container and make sure
# that its executable. Add the symlink for backwards compatability
#
COPY entrypoint.sh /
ENV PATH ".:/bin:/usr/bin:/sbin:/usr/sbin"
WORKDIR /opt/CrowdStrike
VOLUME /var/log
ENTRYPOINT ["/entrypoint.sh"]