elastic · pkoutsovasilis · Jan 8, 2025 · Dec 23, 2024 · Dec 30, 2024 · Jan 3, 2025
@@ -0,0 +1,32 @@
+# Kind can be one of:
+# - breaking-change: a change to previously-documented behavior
+# - deprecation: functionality that is being removed in a later release
+# - bug-fix: fixes a problem in a previous version
+# - enhancement: extends functionality but does not break or fix existing behavior
+# - feature: new functionality
+# - known-issue: problems that we are aware of in a given version
+# - security: impacts on the security of a product or a user’s deployment.
+# - upgrade: important information for someone upgrading from a prior version
+# - other: does not fit into any of the other categories
+kind: feature
+
+# Change summary; a 80ish characters long description of the change.
+summary: Replace default Ubuntu-based images with UBI-minimal-based ones
+
+# Long description; in case the summary is not enough to describe the change
+# this field accommodate a description without length limits.
+# NOTE: This field will be rendered only for breaking-change and known-issue kinds at the moment.
+#description:
+
+# Affected component; usually one of "elastic-agent", "fleet-server", "filebeat", "metricbeat", "auditbeat", "all", etc.
+component: elastic-agent
+
+# PR URL; optional; the PR number that added the changeset.
+# If not present is automatically filled by the tooling finding the PR where this changelog fragment has been added.
+# NOTE: the tooling supports backports, so it's able to fill the original PR number instead of the backport PR number.
+# Please provide it if you are adding a fragment for a different PR.
+pr: https://github.com/elastic/elastic-agent/pull/6427
+
+# Issue URL; optional; the GitHub issue related to this changeset (either closes or is part of).
+# If not present is automatically filled by the tooling with the issue linked to the PR number.
+#issue: https://github.com/owner/repo/1234
@@ -222,21 +222,12 @@ shared:
     extra_vars:
       buildFrom: '--platform=linux/arm64 cgr.dev/chainguard/wolfi-base'
 
-  - &docker_ubuntu_spec
-    docker_variant: 'basic'
-    extra_vars:
-      from: '--platform=linux/amd64 ubuntu:24.04'
-  - &docker_ubuntu_arm_spec
-    docker_variant: 'basic'
-    extra_vars:
-      from: '--platform=linux/arm64 ubuntu:24.04'
-
   - &docker_ubi_spec
-    docker_variant: 'ubi'
+    docker_variant: 'basic'
     extra_vars:
       from: '--platform=linux/amd64 docker.elastic.co/ubi9/ubi-minimal'
   - &docker_ubi_arm_spec
-    docker_variant: 'ubi'
+    docker_variant: 'basic'
     extra_vars:
       from: '--platform=linux/arm64 docker.elastic.co/ubi9/ubi-minimal'
 
@@ -545,7 +536,7 @@ specs:
       types: [docker]
       spec:
         <<: *docker_spec
-        <<: *docker_ubuntu_spec
+        <<: *docker_ubi_spec
         <<: *docker_builder_spec
 
     - os: linux
@@ -595,7 +586,7 @@ specs:
       types: [docker]
       spec:
         <<: *docker_spec
-        <<: *docker_ubuntu_spec
+        <<: *docker_ubi_spec
         <<: *docker_builder_spec
         <<: *docker_elastic_spec
         <<: *apache_license_for_binaries
@@ -652,7 +643,7 @@ specs:
       types: [docker]
       spec:
         <<: *docker_spec
-        <<: *docker_ubuntu_spec
+        <<: *docker_ubi_spec
         <<: *docker_builder_spec
         <<: *docker_elastic_spec
         <<: *elastic_license_for_binaries
@@ -661,11 +652,12 @@ specs:
       types: [docker]
       spec:
         <<: *docker_spec
-        <<: *docker_ubuntu_arm_spec
+        <<: *docker_ubi_arm_spec
         <<: *docker_builder_arm_spec
         <<: *docker_elastic_spec
         <<: *elastic_license_for_binaries
 
+    # keep producing ubi suffixed images
     - os: linux
       arch: amd64
       types: [docker]
@@ -675,6 +667,7 @@ specs:
         <<: *docker_builder_spec
         <<: *docker_elastic_spec
         <<: *elastic_license_for_binaries
+        docker_variant: "ubi"
     - os: linux
       arch: arm64
       types: [docker]
@@ -684,6 +677,7 @@ specs:
         <<: *docker_builder_arm_spec
         <<: *docker_elastic_spec
         <<: *elastic_license_for_binaries
+        docker_variant: "ubi"
 
     - os: linux
       arch: amd64
@@ -780,24 +774,12 @@ specs:
           /usr/share/{{.BeatName}}/bin/{{.BeatName}}{{.BinaryExt}}:
             source: ./{{.XPackDir}}/{{.BeatName}}/build/golang-crossbuild/{{.BeatName}}-{{.GOOS}}-{{.Platform.Arch}}{{.BinaryExt}}
 
-    - os: linux
-      arch: amd64
-      types: [docker]
-      spec:
-        <<: *docker_spec
-        <<: *docker_ubuntu_spec
-        <<: *docker_builder_spec
-        <<: *docker_elastic_spec
-        <<: *elastic_license_for_binaries
-        files:
-          '{{.BeatName}}{{.BinaryExt}}':
-            source: ./{{.XPackDir}}/{{.BeatName}}/build/golang-crossbuild/{{.BeatName}}-{{.GOOS}}-{{.Platform.Arch}}{{.BinaryExt}}
     - os: linux
       arch: arm64
       types: [docker]
       spec:
         <<: *docker_spec
-        <<: *docker_ubuntu_arm_spec
+        <<: *docker_ubi_arm_spec
         <<: *docker_builder_arm_spec
         <<: *docker_elastic_spec
         <<: *elastic_license_for_binaries
@@ -817,18 +799,6 @@ specs:
         files:
           '{{.BeatName}}{{.BinaryExt}}':
             source: ./{{.XPackDir}}/{{.BeatName}}/build/golang-crossbuild/{{.BeatName}}-{{.GOOS}}-{{.Platform.Arch}}{{.BinaryExt}}
-    - os: linux
-      arch: arm64
-      types: [docker]
-      spec:
-        <<: *docker_spec
-        <<: *docker_ubi_arm_spec
-        <<: *docker_builder_arm_spec
-        <<: *docker_elastic_spec
-        <<: *elastic_license_for_binaries
-        files:
-          '{{.BeatName}}{{.BinaryExt}}':
-            source: ./{{.XPackDir}}/{{.BeatName}}/build/golang-crossbuild/{{.BeatName}}-{{.GOOS}}-{{.Platform.Arch}}{{.BinaryExt}}
 
     - os: linux
       arch: amd64
@@ -914,14 +884,14 @@ specs:
         <<: *elastic_license_for_deb_rpm
 
     ######## Docker images #########
-    #### Ubuntu-based images ####
+    #### UBI-minimal-based images ####
     # Complete image gets a 'complete' variant for synthetics and other large
     # packages too big to fit in the main image
     - os: linux
       arch: amd64
       types: [docker]
       spec:
-        <<: *docker_ubuntu_spec
+        <<: *docker_ubi_spec
         <<: *docker_builder_spec
         <<: *agent_docker_complete_spec
         <<: *docker_elastic_spec
@@ -945,7 +915,7 @@ specs:
       arch: arm64
       types: [docker]
       spec:
-        <<: *docker_ubuntu_arm_spec
+        <<: *docker_ubi_arm_spec
         <<: *docker_builder_arm_spec
         <<: *agent_docker_complete_spec
         <<: *docker_elastic_spec
@@ -969,27 +939,28 @@ specs:
       arch: amd64
       types: [docker]
       spec:
-        <<: *docker_ubuntu_spec
+        <<: *docker_ubi_spec
         <<: *docker_builder_spec
         <<: *agent_docker_spec
         <<: *docker_elastic_spec
         <<: *elastic_license_for_binaries
+        docker_variant: 'ubi'
         files:
           '{{.BeatName}}{{.BinaryExt}}':
             source: ./build/golang-crossbuild/{{.BeatName}}-{{.GOOS}}-{{.Platform.Arch}}{{.BinaryExt}}
     - os: linux
       arch: arm64
       types: [docker]
       spec:
-        <<: *docker_ubuntu_arm_spec
+        <<: *docker_ubi_arm_spec
         <<: *docker_builder_arm_spec
         <<: *agent_docker_spec
         <<: *docker_elastic_spec
         <<: *elastic_license_for_binaries
+        docker_variant: 'ubi'
         files:
           '{{.BeatName}}{{.BinaryExt}}':
             source: ./build/golang-crossbuild/{{.BeatName}}-{{.GOOS}}-{{.Platform.Arch}}{{.BinaryExt}}
-    #### ubi-based ####
     - os: linux
       arch: amd64
       types: [docker]

@@ -69,20 +69,11 @@ FROM {{ .from }}
 ENV BEAT_SETUID_AS={{ .user }}
 
 {{- if contains .from "ubi-minimal" }}
-RUN for iter in {1..10}; do microdnf update -y && microdnf install -y tar gzip findutils shadow-utils && microdnf clean all && exit_code=0 && break || exit_code=$? && echo "microdnf error: retry $iter in 10s" && sleep 10; done; (exit $exit_code)
-{{- end }}
-
-{{- if contains .from "ubuntu" }}
-# Delete the existing "ubuntu" user to prevent conflict with the user that is added later.
-# See https://bugs.launchpad.net/cloud-images/+bug/2005129/comments/2.
-RUN touch /var/mail/ubuntu && chown ubuntu /var/mail/ubuntu && userdel -r ubuntu
 RUN for iter in {1..10}; do \
-        apt-get update -y && \
-        DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends --yes ca-certificates curl gawk xz-utils && \
-        apt-get clean all && \
-        exit_code=0 && break || exit_code=$? && echo "apt-get error: retry $iter in 10s" && sleep 10; \
-    done; \
-    (exit $exit_code)
+        microdnf update -y && \
+        microdnf install -y tar gzip findutils shadow-utils ca-certificates gawk libcap xz && \
+        microdnf clean all && \
+        exit_code=0 && break || exit_code=$? && echo "microdnf error: retry $iter in 10s" && sleep 10; done; (exit $exit_code)
 {{- end }}
 
 {{- if contains .from "wolfi" }}
@@ -187,7 +178,7 @@ RUN apk add --no-cache git make python-3.11 py3.11-pip && \
     chmod 0755 {{ $beatHome }}/data/elastic-agent-*/components/connectors
 {{- end }}
 
-{{- if (and (eq .Variant "complete") (contains .from "ubuntu"))  }}
+{{- if (and (eq .Variant "complete") (contains .from "ubi-minimal"))  }}
 USER root
 ENV NODE_PATH={{ $beatHome }}/.node
 RUN echo \
@@ -239,12 +230,23 @@ USER root
 # We don't use npx playwright install-deps because that could pull a newer version
 # Install additional fonts as well
 RUN for iter in {1..10}; do \
-    apt-get update -y && \
-    $NODE_PATH/node/lib/node_modules/@elastic/synthetics/node_modules/.bin/playwright install-deps chromium && \
-    DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends --yes \
-    fonts-noto \
-    fonts-noto-cjk && \
-    exit_code=0 && break || exit_code=$? && echo "apt-get error: retry $iter in 10s" && sleep 10; \
+        microdnf -y update && \
+        microdnf -y install fontconfig freetype cairo glib2 gtk3 pango xorg-x11-fonts-misc xorg-x11-fonts-Type1 \
+        at-spi2-atk atk at-spi2-core alsa-lib cups-libs dbus-libs libdrm mesa-libEGL mesa-libgbm nspr nss libX11 \
+        libX11-xcb libxcb libXcomposite libXdamage libXext libXfixes libXrandr libxkbcommon libxshmfence glib2 \
+        dbus-glib libicu mesa-libGL unzip iptables systemd && \
+        mkdir -p /usr/share/fonts/google-noto && \
+        curl -LO https://noto-website-2.storage.googleapis.com/pkgs/NotoSansCJKjp-hinted.zip && \
+        unzip NotoSansCJKjp-hinted.zip -d /usr/share/fonts/google-noto && \
+        rm -f NotoSansCJKjp-hinted.zip && \
+        microdnf -y remove unzip && \
+        curl -LO https://github.com/googlefonts/noto-fonts/raw/main/hinted/ttf/NotoSans/NotoSans-Regular.ttf && \
+        mv NotoSans-Regular.ttf /usr/share/fonts/google-noto && \
+        curl -LO https://github.com/googlefonts/noto-emoji/raw/main/fonts/NotoColorEmoji.ttf && \
+        mv NotoColorEmoji.ttf /usr/share/fonts/google-noto && \
+        fc-cache -fv && \
+        microdnf clean all && \
+        exit_code=0 && break || exit_code=$? && echo "microdnf error: retry $iter in 10s" && sleep 10; \
     done; \
     (exit $exit_code)
 {{- end }}

@@ -52,10 +52,6 @@ var variants = []struct {
 		Name:  "basic",
 		Image: "docker.elastic.co/beats/elastic-agent",
 	},
-	{
-		Name:  "ubi",
-		Image: "docker.elastic.co/beats/elastic-agent-ubi",
-	},
 	{
 		Name:  "wolfi",
 		Image: "docker.elastic.co/beats/elastic-agent-wolfi",

@@ -71,7 +71,6 @@ func TestKubernetesAgentStandaloneKustomize(t *testing.T) {
 			// test all produced images
 			{Type: define.Kubernetes, DockerVariant: "basic"},
 			{Type: define.Kubernetes, DockerVariant: "wolfi"},
-			{Type: define.Kubernetes, DockerVariant: "ubi"},
 			{Type: define.Kubernetes, DockerVariant: "complete"},
 			{Type: define.Kubernetes, DockerVariant: "complete-wolfi"},
 		},