Skip to content

Commit 2100db4

Browse files
sjbermansjberman
authored
Update to agent v3 release packages (#3450)
Agent v3 has officially been released, so update to use the release packages.
1 parent 4489383 commit 2100db4

File tree

4 files changed

+21
-36
lines changed

4 files changed

+21
-36
lines changed

build/Dockerfile.nginx

Lines changed: 12 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -1,29 +1,20 @@
11
# syntax=docker/dockerfile:1.16
2-
# TODO(sberman): the commented out lines are for when we use the published agent release
3-
# FROM scratch AS nginx-files
2+
FROM scratch AS nginx-files
43

5-
# # the following links can be replaced with local files if needed, i.e. ADD --chown=101:1001 <local_file> <container_file>
6-
# ADD --link --chown=101:1001 https://cs.nginx.com/static/keys/nginx_signing.rsa.pub nginx_signing.rsa.pub
7-
8-
FROM golang:alpine AS builder
9-
10-
WORKDIR /tmp
11-
12-
RUN apk add --no-cache git make \
13-
&& git clone https://github.com/nginx/agent.git \
14-
&& cd agent \
15-
&& git checkout 0de3ba3451d8b05cced5eedb744a82db90db7e53 \
16-
&& make build
4+
# the following links can be replaced with local files if needed, i.e. ADD --chown=101:1001 <local_file> <container_file>
5+
ADD --link --chown=101:1001 https://cs.nginx.com/static/keys/nginx_signing.rsa.pub nginx_signing.rsa.pub
176

187
FROM nginx:1.28.0-alpine-otel
198

9+
# renovate: datasource=github-tags depName=nginx/agent extractVersion=^v?(?<version>.*)$
10+
ARG NGINX_AGENT_VERSION=3.0.0
2011
ARG NJS_DIR
2112
ARG NGINX_CONF_DIR
2213
ARG BUILD_AGENT
2314

24-
# RUN --mount=type=bind,from=nginx-files,src=nginx_signing.rsa.pub,target=/etc/apk/keys/nginx_signing.rsa.pub \
25-
# printf "%s\n" "http://packages.nginx.org/nginx-agent/alpine/v$(egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release)/main" >> /etc/apk/repositories \
26-
# && apk add --no-cache nginx-agent
15+
RUN --mount=type=bind,from=nginx-files,src=nginx_signing.rsa.pub,target=/etc/apk/keys/nginx_signing.rsa.pub \
16+
printf "%s\n" "https://packages.nginx.org/nginx-agent/alpine/v$(egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release)/main" >> /etc/apk/repositories \
17+
&& apk add --no-cache nginx-agent=${NGINX_AGENT_VERSION}
2718

2819
RUN apk add --no-cache libcap bash \
2920
&& mkdir -p /usr/lib/nginx/modules \
@@ -33,9 +24,10 @@ RUN apk add --no-cache libcap bash \
3324
&& setcap -v 'cap_net_bind_service=+ep' /usr/sbin/nginx-debug \
3425
# Update packages for CVE-2025-32414 and CVE-2025-32415
3526
&& apk --no-cache upgrade libxml2 \
36-
&& apk del libcap
37-
38-
COPY --from=builder /tmp/agent/build/nginx-agent /usr/bin/nginx-agent
27+
&& apk del libcap \
28+
# forward request and error logs to docker log collector
29+
&& ln -sf /dev/stdout /var/log/nginx/access.log \
30+
&& ln -sf /dev/stderr /var/log/nginx/error.log
3931

4032
COPY build/entrypoint.sh /agent/entrypoint.sh
4133
COPY ${NJS_DIR}/httpmatches.js /usr/lib/nginx/modules/njs/httpmatches.js

build/Dockerfile.nginxplus

Lines changed: 6 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -4,19 +4,11 @@ FROM scratch AS nginx-files
44
# the following links can be replaced with local files if needed, i.e. ADD --chown=101:1001 <local_file> <container_file>
55
ADD --link --chown=101:1001 https://cs.nginx.com/static/keys/nginx_signing.rsa.pub nginx_signing.rsa.pub
66

7-
FROM golang:alpine AS builder
8-
9-
WORKDIR /tmp
10-
11-
RUN apk add --no-cache git make \
12-
&& git clone https://github.com/nginx/agent.git \
13-
&& cd agent \
14-
&& git checkout 0de3ba3451d8b05cced5eedb744a82db90db7e53 \
15-
&& make build
16-
177
FROM alpine:3.21
188

199
ARG NGINX_PLUS_VERSION=R34
10+
# renovate: datasource=github-tags depName=nginx/agent extractVersion=^v?(?<version>.*)$
11+
ARG NGINX_AGENT_VERSION=3.0.0
2012
ARG NJS_DIR
2113
ARG NGINX_CONF_DIR
2214
ARG BUILD_AGENT
@@ -27,7 +19,10 @@ RUN --mount=type=secret,id=nginx-repo.crt,dst=/etc/apk/cert.pem,mode=0644 \
2719
addgroup -g 1001 -S nginx \
2820
&& adduser -S -D -H -u 101 -h /var/cache/nginx -s /sbin/nologin -G nginx -g nginx nginx \
2921
&& printf "%s\n" "https://pkgs.nginx.com/plus/${NGINX_PLUS_VERSION}/alpine/v$(grep -E -o '^[0-9]+\.[0-9]+' /etc/alpine-release)/main" >> /etc/apk/repositories \
30-
&& apk add --no-cache nginx-plus nginx-plus-module-njs nginx-plus-module-otel libcap bash \
22+
&& printf "%s\n" "https://pkgs.nginx.com/nginx-agent/alpine/v$(egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release)/main" >> /etc/apk/repositories \
23+
&& apk add --no-cache nginx-plus nginx-plus-module-njs nginx-plus-module-otel nginx-agent=${NGINX_AGENT_VERSION}
24+
25+
RUN apk add --no-cache libcap bash \
3126
&& mkdir -p /usr/lib/nginx/modules \
3227
&& setcap 'cap_net_bind_service=+ep' /usr/sbin/nginx \
3328
&& setcap -v 'cap_net_bind_service=+ep' /usr/sbin/nginx \
@@ -38,8 +33,6 @@ RUN --mount=type=secret,id=nginx-repo.crt,dst=/etc/apk/cert.pem,mode=0644 \
3833
&& ln -sf /dev/stdout /var/log/nginx/access.log \
3934
&& ln -sf /dev/stderr /var/log/nginx/error.log
4035

41-
COPY --from=builder /tmp/agent/build/nginx-agent /usr/bin/nginx-agent
42-
4336
COPY build/entrypoint.sh /agent/entrypoint.sh
4437
COPY ${NJS_DIR}/httpmatches.js /usr/lib/nginx/modules/njs/httpmatches.js
4538
COPY ${NGINX_CONF_DIR}/nginx-plus.conf /etc/nginx/nginx.conf

go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@ require (
77
github.com/go-logr/logr v1.4.3
88
github.com/google/go-cmp v0.7.0
99
github.com/google/uuid v1.6.0
10-
github.com/nginx/agent/v3 v3.0.0-20250530133342-0de3ba3451d8
10+
github.com/nginx/agent/v3 v3.0.0
1111
github.com/nginx/telemetry-exporter v0.1.4
1212
github.com/onsi/ginkgo/v2 v2.23.4
1313
github.com/onsi/gomega v1.37.0

go.sum

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -137,8 +137,8 @@ github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A=
137137
github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc=
138138
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
139139
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
140-
github.com/nginx/agent/v3 v3.0.0-20250530133342-0de3ba3451d8 h1:CHIWBxdGA10EtNnCCwxaI49HvM3rRgWuBiA9moVF7dw=
141-
github.com/nginx/agent/v3 v3.0.0-20250530133342-0de3ba3451d8/go.mod h1:O/31aKtii/mpiZmFGMcTNDoLtKzwTyTXOBMSRkMaPvs=
140+
github.com/nginx/agent/v3 v3.0.0 h1:iUAho/Q1qx63CP4Eunf94DmLFOrOe7/r3oCPwy72p7E=
141+
github.com/nginx/agent/v3 v3.0.0/go.mod h1:O/31aKtii/mpiZmFGMcTNDoLtKzwTyTXOBMSRkMaPvs=
142142
github.com/nginx/telemetry-exporter v0.1.4 h1:3ikgKlyz/O57oaBLkxCInMjr74AhGTKr9rHdRAkkl/w=
143143
github.com/nginx/telemetry-exporter v0.1.4/go.mod h1:bl6qmsxgk4a9D0X8R5E3sUNXN2iECPEK1JNbRLhN5C4=
144144
github.com/nginxinc/nginx-plus-go-client/v2 v2.0.1 h1:5VVK38bnELMDWnwfF6dSv57ResXh9AUzeDa72ENj94o=

0 commit comments

Comments
 (0)