From 5fec8146d5f5ef33b872c89daca994422b5292b5 Mon Sep 17 00:00:00 2001 From: Zhenya Tikhonov Date: Sun, 14 Sep 2025 17:34:17 +0400 Subject: [PATCH 1/6] build: upgrade kubectl BREAKING CHANGE: drop `kubectl < 1.30`. --- Dockerfile | 48 +++++++++++------------------------------ cf-deploy-kubernetes.sh | 28 ++++-------------------- service.yaml | 2 +- 3 files changed, 18 insertions(+), 60 deletions(-) diff --git a/Dockerfile b/Dockerfile index a9bf2c0..0278581 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,35 +1,15 @@ -FROM alpine:3.20 AS builder - -RUN apk update && apk add curl - -RUN export ARCH=$([[ "$(uname -m)" == "aarch64" ]] && echo "arm64" || echo "amd64") && \ - mkdir -p /tmp/kubectl-versions && cd /tmp/kubectl-versions && \ - curl -o kubectl1.30 -L https://storage.googleapis.com/kubernetes-release/release/v1.30.0/bin/linux/${ARCH}/kubectl && \ - curl -o kubectl1.29 -L https://storage.googleapis.com/kubernetes-release/release/v1.29.0/bin/linux/${ARCH}/kubectl && \ - curl -o kubectl1.28 -L https://storage.googleapis.com/kubernetes-release/release/v1.28.0/bin/linux/${ARCH}/kubectl && \ - curl -o kubectl1.27 -L https://storage.googleapis.com/kubernetes-release/release/v1.27.0/bin/linux/${ARCH}/kubectl && \ - curl -o kubectl1.26 -L https://storage.googleapis.com/kubernetes-release/release/v1.26.0/bin/linux/${ARCH}/kubectl && \ - curl -o kubectl1.25 -L https://storage.googleapis.com/kubernetes-release/release/v1.25.0/bin/linux/${ARCH}/kubectl && \ - curl -o kubectl1.24 -L https://storage.googleapis.com/kubernetes-release/release/v1.24.0/bin/linux/${ARCH}/kubectl && \ - curl -o kubectl1.23 -L https://storage.googleapis.com/kubernetes-release/release/v1.23.0/bin/linux/${ARCH}/kubectl && \ - curl -o kubectl1.22 -L https://storage.googleapis.com/kubernetes-release/release/v1.22.0/bin/linux/${ARCH}/kubectl && \ - curl -o kubectl1.21 -L https://storage.googleapis.com/kubernetes-release/release/v1.21.0/bin/linux/${ARCH}/kubectl && \ - curl -o kubectl1.20 -L https://storage.googleapis.com/kubernetes-release/release/v1.20.0/bin/linux/${ARCH}/kubectl && \ - curl -o kubectl1.19 -L https://storage.googleapis.com/kubernetes-release/release/v1.19.0/bin/linux/${ARCH}/kubectl && \ - curl -o kubectl1.18 -L https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/${ARCH}/kubectl && \ - curl -o kubectl1.17 -L https://storage.googleapis.com/kubernetes-release/release/v1.17.0/bin/linux/${ARCH}/kubectl && \ - curl -o kubectl1.16 -L https://storage.googleapis.com/kubernetes-release/release/v1.16.0/bin/linux/${ARCH}/kubectl && \ - curl -o kubectl1.15 -L https://storage.googleapis.com/kubernetes-release/release/v1.15.0/bin/linux/${ARCH}/kubectl && \ - curl -o kubectl1.14 -L https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/${ARCH}/kubectl && \ - curl -o kubectl1.13 -L https://storage.googleapis.com/kubernetes-release/release/v1.13.0/bin/linux/${ARCH}/kubectl && \ - curl -o kubectl1.12 -L https://storage.googleapis.com/kubernetes-release/release/v1.12.0/bin/linux/${ARCH}/kubectl && \ - curl -o kubectl1.11 -L https://storage.googleapis.com/kubernetes-release/release/v1.11.0/bin/linux/${ARCH}/kubectl && \ - curl -o kubectl1.10 -L https://storage.googleapis.com/kubernetes-release/release/v1.10.0/bin/linux/${ARCH}/kubectl && \ - curl -o kubectl1.6 -L https://storage.googleapis.com/kubernetes-release/release/v1.6.0/bin/linux/${ARCH}/kubectl - - -FROM debian:bookworm-20240812-slim - +FROM alpine:3.22.1 AS builder +RUN apk update \ + && apk add curl +RUN export ARCH=$([[ "$(uname -m)" == "aarch64" ]] && echo "arm64" || echo "amd64") \ + && mkdir -p /tmp/kubectl-versions && cd /tmp/kubectl-versions \ + && curl -o kubectl1.34 -L https://storage.googleapis.com/kubernetes-release/release/v1.34.1/bin/linux/${ARCH}/kubectl \ + && curl -o kubectl1.33 -L https://storage.googleapis.com/kubernetes-release/release/v1.33.5/bin/linux/${ARCH}/kubectl \ + && curl -o kubectl1.32 -L https://storage.googleapis.com/kubernetes-release/release/v1.32.9/bin/linux/${ARCH}/kubectl \ + && curl -o kubectl1.31 -L https://storage.googleapis.com/kubernetes-release/release/v1.31.13/bin/linux/${ARCH}/kubectl \ + && curl -o kubectl1.30 -L https://storage.googleapis.com/kubernetes-release/release/v1.30.14/bin/linux/${ARCH}/kubectl + +FROM debian:bookworm-20250908-slim AS prod RUN apt-get update -y # install busybox by building source until it's unavailable by apt-get for v1.36.1 ad no need to link [[ RUN apt-get install --no-install-recommends wget build-essential -y && \ @@ -39,12 +19,10 @@ RUN apt-get install --no-install-recommends wget build-essential -y && \ make defconfig && \ make && \ make CONFIG_PREFIX="/" install - RUN adduser --gecos "" --disabled-password --home /home/cfu --shell /bin/bash cfu - #copy all versions of kubectl to switch between them later. COPY --chown=cfu --chmod=775 --from=builder /tmp/kubectl-versions/* /usr/local/bin/ -COPY --chown=cfu --chmod=775 --from=builder /tmp/kubectl-versions/kubectl1.10 /usr/local/bin/kubectl +COPY --chown=cfu --chmod=775 --from=builder /tmp/kubectl-versions/kubectl1.34 /usr/local/bin/kubectl WORKDIR / ADD --chown=cfu --chmod=775 cf-deploy-kubernetes.sh /cf-deploy-kubernetes diff --git a/cf-deploy-kubernetes.sh b/cf-deploy-kubernetes.sh index 0507c6e..1c3faae 100755 --- a/cf-deploy-kubernetes.sh +++ b/cf-deploy-kubernetes.sh @@ -49,31 +49,11 @@ else #check the cluster version and decide which version of kubectl to use: SERVER_VERSION=$(kubectl version --short=true --context "${KUBECONTEXT}" | grep -i server | cut -d ':' -f2 | cut -d '.' -f2 | sed 's/[^0-9]*//g') echo "Server minor version: $SERVER_VERSION" - if (( "$SERVER_VERSION" <= "6" )); then cp -f /usr/local/bin/kubectl1.6 /usr/local/bin/kubectl; fi 2>/dev/null - if (( "$SERVER_VERSION" <= "7" )); then cp -f /usr/local/bin/kubectl1.7 /usr/local/bin/kubectl; fi 2>/dev/null - if (( "$SERVER_VERSION" <= "8" )); then cp -f /usr/local/bin/kubectl1.8 /usr/local/bin/kubectl; fi 2>/dev/null - if (( "$SERVER_VERSION" <= "9" )); then cp -f /usr/local/bin/kubectl1.9 /usr/local/bin/kubectl; fi 2>/dev/null - if (( "$SERVER_VERSION" <= "10" )); then cp -f /usr/local/bin/kubectl1.10 /usr/local/bin/kubectl; fi 2>/dev/null - if (( "$SERVER_VERSION" <= "11" )); then cp -f /usr/local/bin/kubectl1.11 /usr/local/bin/kubectl; fi 2>/dev/null - if (( "$SERVER_VERSION" <= "12" )); then cp -f /usr/local/bin/kubectl1.12 /usr/local/bin/kubectl; fi 2>/dev/null - if (( "$SERVER_VERSION" <= "13" )); then cp -f /usr/local/bin/kubectl1.13 /usr/local/bin/kubectl; fi 2>/dev/null - if (( "$SERVER_VERSION" == "14" )); then cp -f /usr/local/bin/kubectl1.14 /usr/local/bin/kubectl; fi 2>/dev/null - if (( "$SERVER_VERSION" == "15" )); then cp -f /usr/local/bin/kubectl1.15 /usr/local/bin/kubectl; fi 2>/dev/null - if (( "$SERVER_VERSION" == "16" )); then cp -f /usr/local/bin/kubectl1.16 /usr/local/bin/kubectl; fi 2>/dev/null - if (( "$SERVER_VERSION" == "17" )); then cp -f /usr/local/bin/kubectl1.17 /usr/local/bin/kubectl; fi 2>/dev/null - if (( "$SERVER_VERSION" == "18" )); then cp -f /usr/local/bin/kubectl1.18 /usr/local/bin/kubectl; fi 2>/dev/null - if (( "$SERVER_VERSION" == "19" )); then cp -f /usr/local/bin/kubectl1.19 /usr/local/bin/kubectl; fi 2>/dev/null - if (( "$SERVER_VERSION" == "20" )); then cp -f /usr/local/bin/kubectl1.20 /usr/local/bin/kubectl; fi 2>/dev/null - if (( "$SERVER_VERSION" == "21" )); then cp -f /usr/local/bin/kubectl1.21 /usr/local/bin/kubectl; fi 2>/dev/null - if (( "$SERVER_VERSION" == "22" )); then cp -f /usr/local/bin/kubectl1.22 /usr/local/bin/kubectl; fi 2>/dev/null - if (( "$SERVER_VERSION" == "23" )); then cp -f /usr/local/bin/kubectl1.23 /usr/local/bin/kubectl; fi 2>/dev/null - if (( "$SERVER_VERSION" >= "24" )); then cp -f /usr/local/bin/kubectl1.24 /usr/local/bin/kubectl; fi 2>/dev/null - if (( "$SERVER_VERSION" >= "25" )); then cp -f /usr/local/bin/kubectl1.25 /usr/local/bin/kubectl; fi 2>/dev/null - if (( "$SERVER_VERSION" >= "26" )); then cp -f /usr/local/bin/kubectl1.26 /usr/local/bin/kubectl; fi 2>/dev/null - if (( "$SERVER_VERSION" >= "27" )); then cp -f /usr/local/bin/kubectl1.27 /usr/local/bin/kubectl; fi 2>/dev/null - if (( "$SERVER_VERSION" >= "28" )); then cp -f /usr/local/bin/kubectl1.28 /usr/local/bin/kubectl; fi 2>/dev/null - if (( "$SERVER_VERSION" >= "29" )); then cp -f /usr/local/bin/kubectl1.29 /usr/local/bin/kubectl; fi 2>/dev/null if (( "$SERVER_VERSION" >= "30" )); then cp -f /usr/local/bin/kubectl1.30 /usr/local/bin/kubectl; fi 2>/dev/null + if (( "$SERVER_VERSION" >= "31" )); then cp -f /usr/local/bin/kubectl1.31 /usr/local/bin/kubectl; fi 2>/dev/null + if (( "$SERVER_VERSION" >= "32" )); then cp -f /usr/local/bin/kubectl1.32 /usr/local/bin/kubectl; fi 2>/dev/null + if (( "$SERVER_VERSION" >= "33" )); then cp -f /usr/local/bin/kubectl1.33 /usr/local/bin/kubectl; fi 2>/dev/null + if (( "$SERVER_VERSION" >= "34" )); then cp -f /usr/local/bin/kubectl1.34 /usr/local/bin/kubectl; fi 2>/dev/null [ ! -f "${deployment_file}" ] && echo "Couldn't find $deployment_file file at $(pwd)" && exit 1; fi diff --git a/service.yaml b/service.yaml index 36affef..deb8c50 100644 --- a/service.yaml +++ b/service.yaml @@ -1 +1 @@ -version: 16.2.9 +version: 17.0.0 From 10ac4389fff3c9bd97ed34a902639a5a578e368c Mon Sep 17 00:00:00 2001 From: Zhenya Tikhonov Date: Fri, 10 Oct 2025 15:36:56 +0400 Subject: [PATCH 2/6] build: keep 2 latest kubectl --- Dockerfile | 4 +--- cf-deploy-kubernetes.sh | 2 -- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index 0278581..6698724 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,9 +5,7 @@ RUN export ARCH=$([[ "$(uname -m)" == "aarch64" ]] && echo "arm64" || echo "amd6 && mkdir -p /tmp/kubectl-versions && cd /tmp/kubectl-versions \ && curl -o kubectl1.34 -L https://storage.googleapis.com/kubernetes-release/release/v1.34.1/bin/linux/${ARCH}/kubectl \ && curl -o kubectl1.33 -L https://storage.googleapis.com/kubernetes-release/release/v1.33.5/bin/linux/${ARCH}/kubectl \ - && curl -o kubectl1.32 -L https://storage.googleapis.com/kubernetes-release/release/v1.32.9/bin/linux/${ARCH}/kubectl \ - && curl -o kubectl1.31 -L https://storage.googleapis.com/kubernetes-release/release/v1.31.13/bin/linux/${ARCH}/kubectl \ - && curl -o kubectl1.30 -L https://storage.googleapis.com/kubernetes-release/release/v1.30.14/bin/linux/${ARCH}/kubectl + && curl -o kubectl1.32 -L https://storage.googleapis.com/kubernetes-release/release/v1.32.9/bin/linux/${ARCH}/kubectl FROM debian:bookworm-20250908-slim AS prod RUN apt-get update -y diff --git a/cf-deploy-kubernetes.sh b/cf-deploy-kubernetes.sh index 1c3faae..721c0b2 100755 --- a/cf-deploy-kubernetes.sh +++ b/cf-deploy-kubernetes.sh @@ -49,8 +49,6 @@ else #check the cluster version and decide which version of kubectl to use: SERVER_VERSION=$(kubectl version --short=true --context "${KUBECONTEXT}" | grep -i server | cut -d ':' -f2 | cut -d '.' -f2 | sed 's/[^0-9]*//g') echo "Server minor version: $SERVER_VERSION" - if (( "$SERVER_VERSION" >= "30" )); then cp -f /usr/local/bin/kubectl1.30 /usr/local/bin/kubectl; fi 2>/dev/null - if (( "$SERVER_VERSION" >= "31" )); then cp -f /usr/local/bin/kubectl1.31 /usr/local/bin/kubectl; fi 2>/dev/null if (( "$SERVER_VERSION" >= "32" )); then cp -f /usr/local/bin/kubectl1.32 /usr/local/bin/kubectl; fi 2>/dev/null if (( "$SERVER_VERSION" >= "33" )); then cp -f /usr/local/bin/kubectl1.33 /usr/local/bin/kubectl; fi 2>/dev/null if (( "$SERVER_VERSION" >= "34" )); then cp -f /usr/local/bin/kubectl1.34 /usr/local/bin/kubectl; fi 2>/dev/null From c956559bbff75cde2af8611ccb0823f3c4d285f1 Mon Sep 17 00:00:00 2001 From: Zhenya Tikhonov Date: Sun, 9 Nov 2025 19:48:46 +0400 Subject: [PATCH 3/6] build: optimize Dockerfile --- Dockerfile | 65 ++++++++++++++++++++++++++++++++++-------------------- 1 file changed, 41 insertions(+), 24 deletions(-) diff --git a/Dockerfile b/Dockerfile index 6698724..38f5161 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,29 +1,46 @@ -FROM alpine:3.22.1 AS builder -RUN apk update \ - && apk add curl -RUN export ARCH=$([[ "$(uname -m)" == "aarch64" ]] && echo "arm64" || echo "amd64") \ - && mkdir -p /tmp/kubectl-versions && cd /tmp/kubectl-versions \ - && curl -o kubectl1.34 -L https://storage.googleapis.com/kubernetes-release/release/v1.34.1/bin/linux/${ARCH}/kubectl \ - && curl -o kubectl1.33 -L https://storage.googleapis.com/kubernetes-release/release/v1.33.5/bin/linux/${ARCH}/kubectl \ - && curl -o kubectl1.32 -L https://storage.googleapis.com/kubernetes-release/release/v1.32.9/bin/linux/${ARCH}/kubectl - -FROM debian:bookworm-20250908-slim AS prod -RUN apt-get update -y -# install busybox by building source until it's unavailable by apt-get for v1.36.1 ad no need to link [[ -RUN apt-get install --no-install-recommends wget build-essential -y && \ - wget --no-check-certificate https://busybox.net/downloads/busybox-1.36.1.tar.bz2 && \ - tar -xvjf busybox-1.36.1.tar.bz2 && \ - cd busybox-1.36.1 && \ - make defconfig && \ - make && \ - make CONFIG_PREFIX="/" install +ARG DEBIAN_VERSION=bookworm-20251103-slim + + +FROM debian:${DEBIAN_VERSION} AS builder +ARG TARGETPLATFORM +RUN apt-get update && apt-get install -y build-essential + +ARG BUSYBOX_VERSION=1.36.1 +ADD https://busybox.net/downloads/busybox-${BUSYBOX_VERSION}.tar.bz2 /busybox-${BUSYBOX_VERSION}.tar.bz2 +ADD https://busybox.net/downloads/busybox-${BUSYBOX_VERSION}.tar.bz2.sha256 /busybox-${BUSYBOX_VERSION}.tar.bz2.sha256 +RUN echo "$(cat busybox-${BUSYBOX_VERSION}.tar.bz2.sha256) busybox-${BUSYBOX_VERSION}.tar.bz2" | sha256sum --check +RUN tar -xvjf busybox-${BUSYBOX_VERSION}.tar.bz2 \ + && cd busybox-${BUSYBOX_VERSION} \ + && make defconfig \ + && make \ + && make CONFIG_PREFIX="/" install + +ADD https://dl.k8s.io/release/v1.34.1/bin/${TARGETPLATFORM}/kubectl /kubectl/kubectl1.34 +ADD https://dl.k8s.io/release/v1.34.1/bin/${TARGETPLATFORM}/kubectl.sha256 /kubectl1.34.sha256 +RUN echo "$(cat kubectl1.34.sha256) /kubectl/kubectl1.34" | sha256sum --check + +ADD https://dl.k8s.io/release/v1.33.5/bin/${TARGETPLATFORM}/kubectl /kubectl/kubectl1.33 +ADD https://dl.k8s.io/release/v1.33.5/bin/${TARGETPLATFORM}/kubectl.sha256 /kubectl1.33.sha256 +RUN echo "$(cat kubectl1.33.sha256) /kubectl/kubectl1.33" | sha256sum --check + +ADD https://dl.k8s.io/release/v1.32.9/bin/${TARGETPLATFORM}/kubectl /kubectl/kubectl1.32 +ADD https://dl.k8s.io/release/v1.32.9/bin/${TARGETPLATFORM}/kubectl.sha256 /kubectl1.32.sha256 +RUN echo "$(cat kubectl1.32.sha256) /kubectl/kubectl1.32" | sha256sum --check + + + +FROM debian:${DEBIAN_VERSION} AS prod RUN adduser --gecos "" --disabled-password --home /home/cfu --shell /bin/bash cfu -#copy all versions of kubectl to switch between them later. -COPY --chown=cfu --chmod=775 --from=builder /tmp/kubectl-versions/* /usr/local/bin/ -COPY --chown=cfu --chmod=775 --from=builder /tmp/kubectl-versions/kubectl1.34 /usr/local/bin/kubectl + +COPY --chown=cfu --chmod=775 cf-deploy-kubernetes.sh /cf-deploy-kubernetes +COPY --chown=cfu --chmod=775 template.sh /template.sh + +COPY --chown=cfu --chmod=775 --from=builder /usr/bin/busybox /usr/bin/busybox +RUN busybox --install + +COPY --chown=cfu --chmod=775 --from=builder /kubectl/* /usr/local/bin/ +RUN ln -s /usr/local/bin/kubectl1.34 /usr/local/bin/kubectl WORKDIR / -ADD --chown=cfu --chmod=775 cf-deploy-kubernetes.sh /cf-deploy-kubernetes -ADD --chown=cfu --chmod=775 template.sh /template.sh USER cfu CMD ["bash"] From 4a9121ec24da5a84071d13be2d7297d66146c966 Mon Sep 17 00:00:00 2001 From: Zhenya Tikhonov Date: Sun, 9 Nov 2025 20:06:35 +0400 Subject: [PATCH 4/6] docs: add comments to Dockerfile --- Dockerfile | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Dockerfile b/Dockerfile index 38f5161..2c157af 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,3 +1,6 @@ +# ⚠️ If updating supported `kubectl` versions, +# please also update `./cf-deploy-kubernetes.sh` accordingly. + ARG DEBIAN_VERSION=bookworm-20251103-slim @@ -39,6 +42,7 @@ COPY --chown=cfu --chmod=775 --from=builder /usr/bin/busybox /usr/bin/busybox RUN busybox --install COPY --chown=cfu --chmod=775 --from=builder /kubectl/* /usr/local/bin/ +# ⚠️ Defaults to the latest kubectl version. Please update with new versions as needed. RUN ln -s /usr/local/bin/kubectl1.34 /usr/local/bin/kubectl WORKDIR / From 2e0db181856f0d2bc0c45cbe21f4a49584861ab7 Mon Sep 17 00:00:00 2001 From: Zhenya Tikhonov Date: Sun, 9 Nov 2025 20:37:51 +0400 Subject: [PATCH 5/6] refactor: optimize Dockerfile --- Dockerfile | 48 ++++++++---------------------------------------- 1 file changed, 8 insertions(+), 40 deletions(-) diff --git a/Dockerfile b/Dockerfile index 2c157af..58af5b6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,48 +1,16 @@ -# ⚠️ If updating supported `kubectl` versions, -# please also update `./cf-deploy-kubernetes.sh` accordingly. - -ARG DEBIAN_VERSION=bookworm-20251103-slim - - -FROM debian:${DEBIAN_VERSION} AS builder +FROM debian:bookworm-20251103-slim AS prod ARG TARGETPLATFORM -RUN apt-get update && apt-get install -y build-essential - -ARG BUSYBOX_VERSION=1.36.1 -ADD https://busybox.net/downloads/busybox-${BUSYBOX_VERSION}.tar.bz2 /busybox-${BUSYBOX_VERSION}.tar.bz2 -ADD https://busybox.net/downloads/busybox-${BUSYBOX_VERSION}.tar.bz2.sha256 /busybox-${BUSYBOX_VERSION}.tar.bz2.sha256 -RUN echo "$(cat busybox-${BUSYBOX_VERSION}.tar.bz2.sha256) busybox-${BUSYBOX_VERSION}.tar.bz2" | sha256sum --check -RUN tar -xvjf busybox-${BUSYBOX_VERSION}.tar.bz2 \ - && cd busybox-${BUSYBOX_VERSION} \ - && make defconfig \ - && make \ - && make CONFIG_PREFIX="/" install - -ADD https://dl.k8s.io/release/v1.34.1/bin/${TARGETPLATFORM}/kubectl /kubectl/kubectl1.34 -ADD https://dl.k8s.io/release/v1.34.1/bin/${TARGETPLATFORM}/kubectl.sha256 /kubectl1.34.sha256 -RUN echo "$(cat kubectl1.34.sha256) /kubectl/kubectl1.34" | sha256sum --check - -ADD https://dl.k8s.io/release/v1.33.5/bin/${TARGETPLATFORM}/kubectl /kubectl/kubectl1.33 -ADD https://dl.k8s.io/release/v1.33.5/bin/${TARGETPLATFORM}/kubectl.sha256 /kubectl1.33.sha256 -RUN echo "$(cat kubectl1.33.sha256) /kubectl/kubectl1.33" | sha256sum --check - -ADD https://dl.k8s.io/release/v1.32.9/bin/${TARGETPLATFORM}/kubectl /kubectl/kubectl1.32 -ADD https://dl.k8s.io/release/v1.32.9/bin/${TARGETPLATFORM}/kubectl.sha256 /kubectl1.32.sha256 -RUN echo "$(cat kubectl1.32.sha256) /kubectl/kubectl1.32" | sha256sum --check - - - -FROM debian:${DEBIAN_VERSION} AS prod RUN adduser --gecos "" --disabled-password --home /home/cfu --shell /bin/bash cfu - COPY --chown=cfu --chmod=775 cf-deploy-kubernetes.sh /cf-deploy-kubernetes COPY --chown=cfu --chmod=775 template.sh /template.sh - -COPY --chown=cfu --chmod=775 --from=builder /usr/bin/busybox /usr/bin/busybox +COPY --from=busybox:1.36.1-musl /bin/busybox /usr/bin/busybox RUN busybox --install - -COPY --chown=cfu --chmod=775 --from=builder /kubectl/* /usr/local/bin/ -# ⚠️ Defaults to the latest kubectl version. Please update with new versions as needed. +# ⚠️ We support 3 most recent minor versions: https://kubernetes.io/releases/ +# Please update `./cf-deploy-kubernetes.sh` accordingly. +ADD --chown=cfu --chmod=775 https://dl.k8s.io/release/v1.34.1/bin/${TARGETPLATFORM}/kubectl /usr/local/bin/kubectl1.34 +ADD --chown=cfu --chmod=775 https://dl.k8s.io/release/v1.33.5/bin/${TARGETPLATFORM}/kubectl /usr/local/bin/kubectl1.33 +ADD --chown=cfu --chmod=775 https://dl.k8s.io/release/v1.32.9/bin/${TARGETPLATFORM}/kubectl /usr/local/bin/kubectl1.32 +# ⚠️ Defaults to the latest version. Please update with new versions as needed. RUN ln -s /usr/local/bin/kubectl1.34 /usr/local/bin/kubectl WORKDIR / From 960c5a2e9407758111a5cf5f7d3659c8dc977f9b Mon Sep 17 00:00:00 2001 From: Zhenya Tikhonov Date: Sun, 9 Nov 2025 20:59:20 +0400 Subject: [PATCH 6/6] build: upgrade Debian --- Dockerfile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 58af5b6..8974344 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,9 +1,9 @@ -FROM debian:bookworm-20251103-slim AS prod +FROM debian:trixie-20251103-slim AS prod ARG TARGETPLATFORM -RUN adduser --gecos "" --disabled-password --home /home/cfu --shell /bin/bash cfu +RUN /sbin/useradd --home /home/cfu --shell /bin/bash cfu COPY --chown=cfu --chmod=775 cf-deploy-kubernetes.sh /cf-deploy-kubernetes COPY --chown=cfu --chmod=775 template.sh /template.sh -COPY --from=busybox:1.36.1-musl /bin/busybox /usr/bin/busybox +COPY --from=busybox:1.37.0-glibc /bin/busybox /usr/bin/busybox RUN busybox --install # ⚠️ We support 3 most recent minor versions: https://kubernetes.io/releases/ # Please update `./cf-deploy-kubernetes.sh` accordingly.