Custom filebeat docker image error

The custom image configuration section on the docs says that we can do the following to create a customized image:

FROM docker.elastic.co/beats/filebeat:8.10.0
COPY --chown=root:filebeat filebeat.yml /usr/share/filebeat/filebeat.yml

So I created the Dockerfile just like this, but when I start the container, I have the following error logged:

error loading config file: config file ("filebeat.yml") can only be writable by the owner but the permissions are "-rw-rw-r--" (to fix the permissions use: 'chmod go-w /usr/share/filebeat/filebeat.yml')

Maybe RUN chmod go-w /usr/share/filebeat/filebeat.yml should be added to the Dockerfile?
Let's try:

FROM docker.elastic.co/beats/filebeat:8.10.0
COPY --chown=root:filebeat filebeat.yml /usr/share/filebeat/filebeat.yml
RUN chmod go-w /usr/share/filebeat/filebeat.yml
$ docker build --tag xyz $("pwd")/filebeat-custom-img
[+] Building 0.2s (7/7) FINISHED                                                                                                                                                                            docker:default
 => [internal] load .dockerignore                                                                                                                                                                                     0.0s
 => => transferring context: 2B                                                                                                                                                                                       0.0s
 => [internal] load build definition from Dockerfile                                                                                                                                                                  0.0s
 => => transferring dockerfile: 204B                                                                                                                                                                                  0.0s
 => [internal] load metadata for docker.elastic.co/beats/filebeat:8.10.0                                                                                                                                              0.0s
 => [internal] load build context                                                                                                                                                                                     0.0s
 => => transferring context: 34B                                                                                                                                                                                      0.0s
 => [1/3] FROM docker.elastic.co/beats/filebeat:8.10.0                                                                                                                                                                0.0s
 => CACHED [2/3] COPY --chown=root:filebeat filebeat.yml /usr/share/filebeat/filebeat.yml                                                                                                                             0.0s
 => ERROR [3/3] RUN chmod go-w /usr/share/filebeat/filebeat.yml                                                                                                                                                       0.2s
------
 > [3/3] RUN chmod go-w /usr/share/filebeat/filebeat.yml:
0.226 chmod: changing permissions of '/usr/share/filebeat/filebeat.yml': Operation not permitted

chmod: changing permissions of '/usr/share/filebeat/filebeat.yml': Operation not permitted

What to do in this situation?

So I solved by changing my Dockerfile to:

FROM docker.elastic.co/beats/filebeat:8.10.0
COPY --chown=filebeat filebeat.yml /usr/share/filebeat/filebeat.yml
RUN chmod go-w /usr/share/filebeat/filebeat.yml

I don't know if this is the best way to do, but it worked.
If this configuration poses any risk, please, let me know.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.