From 8debfd62fc1e5d2fd21ae96c4ee037ac597039d9 Mon Sep 17 00:00:00 2001
From: Jon <jon@elastic.co>
Date: Tue, 25 Feb 2025 17:20:48 -0600
Subject: [PATCH] [build] Replace Ubuntu base image with UBI (#212155)

https://buildkite.com/elastic/kibana-artifacts-snapshot/builds/5618
---
 .buildkite/pipelines/artifacts.yml            | 13 -----
 .buildkite/scripts/build_kibana.sh            |  1 -
 .../create_periodic_test_docker_image.sh      |  1 -
 .../scripts/steps/artifacts/docker_context.sh |  3 --
 .buildkite/scripts/steps/artifacts/publish.sh |  3 --
 .../scripts/steps/cloud/build_and_deploy.sh   |  1 -
 .buildkite/scripts/steps/fips/build.sh        |  1 -
 src/dev/build/args.test.ts                    | 50 -------------------
 src/dev/build/args.ts                         |  3 --
 src/dev/build/build_distributables.ts         |  6 ---
 src/dev/build/cli.ts                          |  1 -
 .../os_packages/create_os_package_tasks.ts    | 26 ----------
 .../tasks/os_packages/docker_generator/run.ts |  4 +-
 .../docker_generator/template_context.ts      |  2 +-
 .../templates/base/Dockerfile                 | 16 ------
 .../templates/dockerfile.template.ts          |  1 -
 .../profiling/server/lib/setup/README.md      |  2 +-
 17 files changed, 3 insertions(+), 131 deletions(-)

diff --git a/.buildkite/pipelines/artifacts.yml b/.buildkite/pipelines/artifacts.yml
index cc5bfaea6acf2..1a5b2042c3102 100644
--- a/.buildkite/pipelines/artifacts.yml
+++ b/.buildkite/pipelines/artifacts.yml
@@ -70,19 +70,6 @@ steps:
         - exit_status: '*'
           limit: 1
 
-  - command: KIBANA_DOCKER_CONTEXT=ubi .buildkite/scripts/steps/artifacts/docker_context.sh
-    label: 'Docker Context Verification'
-    agents:
-      image: family/kibana-ubuntu-2004
-      imageProject: elastic-images-prod
-      provider: gcp
-      machineType: n2-standard-2
-    timeout_in_minutes: 30
-    retry:
-      automatic:
-        - exit_status: '*'
-          limit: 1
-
   - command: KIBANA_DOCKER_CONTEXT=wolfi .buildkite/scripts/steps/artifacts/docker_context.sh
     label: 'Docker Context Verification'
     agents:
diff --git a/.buildkite/scripts/build_kibana.sh b/.buildkite/scripts/build_kibana.sh
index b9e35097bbbff..9414647a68456 100755
--- a/.buildkite/scripts/build_kibana.sh
+++ b/.buildkite/scripts/build_kibana.sh
@@ -31,7 +31,6 @@ if is_pr_with_label "ci:build-cloud-image"; then
   --docker-push \
   --skip-docker-ubi \
   --skip-docker-fips \
-  --skip-docker-ubuntu \
   --skip-docker-wolfi \
   --skip-docker-serverless \
   --skip-docker-contexts
diff --git a/.buildkite/scripts/pipelines/security_solution_quality_gate/create_periodic_test_docker_image.sh b/.buildkite/scripts/pipelines/security_solution_quality_gate/create_periodic_test_docker_image.sh
index a494c2d89b97d..e64e4f1ab6c50 100644
--- a/.buildkite/scripts/pipelines/security_solution_quality_gate/create_periodic_test_docker_image.sh
+++ b/.buildkite/scripts/pipelines/security_solution_quality_gate/create_periodic_test_docker_image.sh
@@ -34,7 +34,6 @@ node scripts/build \
   --docker-images \
   --docker-namespace="kibana-ci" \
   --docker-tag="$KIBANA_IMAGE_TAG" \
-  --skip-docker-ubuntu \
   --skip-docker-wolfi \
   --skip-docker-ubi \
   --skip-docker-cloud \
diff --git a/.buildkite/scripts/steps/artifacts/docker_context.sh b/.buildkite/scripts/steps/artifacts/docker_context.sh
index 43a3481bb159a..3fa0a7a2d64cb 100755
--- a/.buildkite/scripts/steps/artifacts/docker_context.sh
+++ b/.buildkite/scripts/steps/artifacts/docker_context.sh
@@ -26,9 +26,6 @@ case $KIBANA_DOCKER_CONTEXT in
   cloud)
     DOCKER_CONTEXT_FILE="kibana-cloud-$FULL_VERSION-docker-build-context.tar.gz"
   ;;
-  ubi)
-    DOCKER_CONTEXT_FILE="kibana-ubi-$FULL_VERSION-docker-build-context.tar.gz"
-  ;;
   ironbank)
     DOCKER_CONTEXT_FILE="kibana-ironbank-$FULL_VERSION-docker-build-context.tar.gz"
     DOCKER_BUILD_ARGS='--build-arg BASE_REGISTRY=docker.elastic.co --build-arg BASE_IMAGE=ubi9/ubi --build-arg BASE_TAG=latest'
diff --git a/.buildkite/scripts/steps/artifacts/publish.sh b/.buildkite/scripts/steps/artifacts/publish.sh
index 84a93c519f825..33bd49c7d53bc 100644
--- a/.buildkite/scripts/steps/artifacts/publish.sh
+++ b/.buildkite/scripts/steps/artifacts/publish.sh
@@ -22,8 +22,6 @@ download "kibana-$FULL_VERSION-docker-image.tar.gz"
 download "kibana-$FULL_VERSION-docker-image-aarch64.tar.gz"
 download "kibana-cloud-$FULL_VERSION-docker-image.tar.gz"
 download "kibana-cloud-$FULL_VERSION-docker-image-aarch64.tar.gz"
-download "kibana-ubi-$FULL_VERSION-docker-image.tar.gz"
-download "kibana-ubi-$FULL_VERSION-docker-image-aarch64.tar.gz"
 download "kibana-wolfi-$FULL_VERSION-docker-image.tar.gz"
 download "kibana-wolfi-$FULL_VERSION-docker-image-aarch64.tar.gz"
 
@@ -35,7 +33,6 @@ download "kibana-$FULL_VERSION-aarch64.rpm"
 download "kibana-$FULL_VERSION-docker-build-context.tar.gz"
 download "kibana-cloud-$FULL_VERSION-docker-build-context.tar.gz"
 download "kibana-ironbank-$FULL_VERSION-docker-build-context.tar.gz"
-download "kibana-ubi-$FULL_VERSION-docker-build-context.tar.gz"
 download "kibana-wolfi-$FULL_VERSION-docker-build-context.tar.gz"
 
 download "kibana-$FULL_VERSION-linux-aarch64.tar.gz"
diff --git a/.buildkite/scripts/steps/cloud/build_and_deploy.sh b/.buildkite/scripts/steps/cloud/build_and_deploy.sh
index e2a55b03ebf64..303c0b76a8acd 100755
--- a/.buildkite/scripts/steps/cloud/build_and_deploy.sh
+++ b/.buildkite/scripts/steps/cloud/build_and_deploy.sh
@@ -42,7 +42,6 @@ else
     --docker-push \
     --skip-docker-ubi \
     --skip-docker-fips \
-    --skip-docker-ubuntu \
     --skip-docker-wolfi \
     --skip-docker-serverless \
     --skip-docker-contexts
diff --git a/.buildkite/scripts/steps/fips/build.sh b/.buildkite/scripts/steps/fips/build.sh
index e08d56758a45c..cd8111a03e180 100755
--- a/.buildkite/scripts/steps/fips/build.sh
+++ b/.buildkite/scripts/steps/fips/build.sh
@@ -22,7 +22,6 @@ node scripts/build \
     --docker-tag-qualifier="$BUILDKITE_COMMIT" \
     --docker-push \
     --skip-docker-ubi \
-    --skip-docker-ubuntu \
     --skip-docker-wolfi \
     --skip-docker-cloud \
     --skip-docker-serverless \
diff --git a/src/dev/build/args.test.ts b/src/dev/build/args.test.ts
index 354d484b2f1dc..ff6c4ceeb6c56 100644
--- a/src/dev/build/args.test.ts
+++ b/src/dev/build/args.test.ts
@@ -37,7 +37,6 @@ it('build default and oss dist for current platform, without packages, by defaul
         "createDockerFIPS": false,
         "createDockerServerless": false,
         "createDockerUBI": false,
-        "createDockerUbuntu": false,
         "createDockerWolfi": false,
         "createGenericFolders": true,
         "createPlatformFolders": true,
@@ -79,7 +78,6 @@ it('builds packages if --all-platforms is passed', () => {
         "createDockerFIPS": true,
         "createDockerServerless": true,
         "createDockerUBI": true,
-        "createDockerUbuntu": true,
         "createDockerWolfi": true,
         "createGenericFolders": true,
         "createPlatformFolders": true,
@@ -121,7 +119,6 @@ it('limits packages if --rpm passed with --all-platforms', () => {
         "createDockerFIPS": false,
         "createDockerServerless": false,
         "createDockerUBI": false,
-        "createDockerUbuntu": false,
         "createDockerWolfi": false,
         "createGenericFolders": true,
         "createPlatformFolders": true,
@@ -163,7 +160,6 @@ it('limits packages if --deb passed with --all-platforms', () => {
         "createDockerFIPS": false,
         "createDockerServerless": false,
         "createDockerUBI": false,
-        "createDockerUbuntu": false,
         "createDockerWolfi": false,
         "createGenericFolders": true,
         "createPlatformFolders": true,
@@ -206,7 +202,6 @@ it('limits packages if --docker passed with --all-platforms', () => {
         "createDockerFIPS": true,
         "createDockerServerless": true,
         "createDockerUBI": true,
-        "createDockerUbuntu": true,
         "createDockerWolfi": true,
         "createGenericFolders": true,
         "createPlatformFolders": true,
@@ -256,7 +251,6 @@ it('limits packages if --docker passed with --skip-docker-ubi and --all-platform
         "createDockerFIPS": true,
         "createDockerServerless": true,
         "createDockerUBI": false,
-        "createDockerUbuntu": true,
         "createDockerWolfi": true,
         "createGenericFolders": true,
         "createPlatformFolders": true,
@@ -285,49 +279,6 @@ it('limits packages if --docker passed with --skip-docker-ubi and --all-platform
   `);
 });
 
-it('limits packages if --all-platforms passed with --skip-docker-ubuntu', () => {
-  expect(readCliArgs(['node', 'scripts/build', '--all-platforms', '--skip-docker-ubuntu']))
-    .toMatchInlineSnapshot(`
-    Object {
-      "buildOptions": Object {
-        "buildCanvasShareableRuntime": true,
-        "createArchives": true,
-        "createCdnAssets": true,
-        "createDebPackage": true,
-        "createDockerCloud": true,
-        "createDockerContexts": true,
-        "createDockerFIPS": true,
-        "createDockerServerless": true,
-        "createDockerUBI": true,
-        "createDockerUbuntu": false,
-        "createDockerWolfi": true,
-        "createGenericFolders": true,
-        "createPlatformFolders": true,
-        "createRpmPackage": true,
-        "dockerContextUseLocalArtifact": null,
-        "dockerCrossCompile": false,
-        "dockerNamespace": null,
-        "dockerPush": false,
-        "dockerTag": null,
-        "dockerTagQualifier": null,
-        "downloadCloudDependencies": true,
-        "downloadFreshNode": true,
-        "eprRegistry": "snapshot",
-        "initialize": true,
-        "isRelease": false,
-        "targetAllPlatforms": true,
-        "targetServerlessPlatforms": false,
-        "versionQualifier": "",
-        "withExamplePlugins": false,
-        "withTestPlugins": false,
-      },
-      "log": <ToolingLog>,
-      "showHelp": false,
-      "unknownFlags": Array [],
-    }
-  `);
-});
-
 it('limits packages if --all-platforms passed with --skip-docker-fips', () => {
   expect(readCliArgs(['node', 'scripts/build', '--all-platforms', '--skip-docker-fips']))
     .toMatchInlineSnapshot(`
@@ -342,7 +293,6 @@ it('limits packages if --all-platforms passed with --skip-docker-fips', () => {
         "createDockerFIPS": false,
         "createDockerServerless": true,
         "createDockerUBI": true,
-        "createDockerUbuntu": true,
         "createDockerWolfi": true,
         "createGenericFolders": true,
         "createPlatformFolders": true,
diff --git a/src/dev/build/args.ts b/src/dev/build/args.ts
index 8020f595d70de..44037115710d6 100644
--- a/src/dev/build/args.ts
+++ b/src/dev/build/args.ts
@@ -31,7 +31,6 @@ export function readCliArgs(argv: string[]) {
       'docker-push',
       'skip-docker-contexts',
       'skip-docker-ubi',
-      'skip-docker-ubuntu',
       'skip-docker-wolfi',
       'skip-docker-cloud',
       'skip-docker-serverless',
@@ -140,8 +139,6 @@ export function readCliArgs(argv: string[]) {
     createCdnAssets: !Boolean(flags['skip-cdn-assets']),
     createRpmPackage: isOsPackageDesired('rpm'),
     createDebPackage: isOsPackageDesired('deb'),
-    createDockerUbuntu:
-      isOsPackageDesired('docker-images') && !Boolean(flags['skip-docker-ubuntu']),
     createDockerWolfi: isOsPackageDesired('docker-images') && !Boolean(flags['skip-docker-wolfi']),
     createDockerCloud: isOsPackageDesired('docker-images') && !Boolean(flags['skip-docker-cloud']),
     createDockerServerless:
diff --git a/src/dev/build/build_distributables.ts b/src/dev/build/build_distributables.ts
index e32a917127f7c..b2e7c958874b1 100644
--- a/src/dev/build/build_distributables.ts
+++ b/src/dev/build/build_distributables.ts
@@ -31,7 +31,6 @@ export interface BuildOptions {
   createRpmPackage: boolean;
   createDebPackage: boolean;
   createDockerUBI: boolean;
-  createDockerUbuntu: boolean;
   createDockerWolfi: boolean;
   createDockerCloud: boolean;
   createDockerServerless: boolean;
@@ -146,11 +145,6 @@ export async function buildDistributables(log: ToolingLog, options: BuildOptions
     await run(Tasks.CreateDockerUBI);
   }
 
-  if (options.createDockerUbuntu) {
-    // control w/ --docker-images or --skip-docker-ubuntu or --skip-os-packages
-    await run(Tasks.CreateDockerUbuntu);
-  }
-
   if (options.createDockerWolfi) {
     // control w/ --docker-images or --skip-docker-wolfi or --skip-os-packages
     await run(Tasks.CreateDockerWolfi);
diff --git a/src/dev/build/cli.ts b/src/dev/build/cli.ts
index 71d10eed3f2aa..769e784698e31 100644
--- a/src/dev/build/cli.ts
+++ b/src/dev/build/cli.ts
@@ -47,7 +47,6 @@ if (showHelp) {
         --skip-canvas-shareable-runtime      {dim Don't build the Canvas shareable runtime}
         --skip-cdn-assets                    {dim Don't build CDN assets}
         --skip-docker-ubi                    {dim Don't build the docker ubi image}
-        --skip-docker-ubuntu                 {dim Don't build the docker ubuntu image}
         --skip-docker-wolfi                  {dim Don't build the docker wolfi image}
         --skip-docker-fips                   {dim Don't build the docker fips image}
         --release                            {dim Produce a release-ready distributable}
diff --git a/src/dev/build/tasks/os_packages/create_os_package_tasks.ts b/src/dev/build/tasks/os_packages/create_os_package_tasks.ts
index a16284c2d8810..a9a2fa7b2ff0c 100644
--- a/src/dev/build/tasks/os_packages/create_os_package_tasks.ts
+++ b/src/dev/build/tasks/os_packages/create_os_package_tasks.ts
@@ -64,26 +64,6 @@ export const CreateRpmPackage: Task = {
 };
 
 const dockerBuildDate = new Date().toISOString();
-export const CreateDockerUbuntu: Task = {
-  description: 'Creating Docker Ubuntu image',
-
-  async run(config, log, build) {
-    await runDockerGenerator(config, log, build, {
-      architecture: 'x64',
-      baseImage: 'ubuntu',
-      context: false,
-      image: true,
-      dockerBuildDate,
-    });
-    await runDockerGenerator(config, log, build, {
-      architecture: 'aarch64',
-      baseImage: 'ubuntu',
-      context: false,
-      image: true,
-      dockerBuildDate,
-    });
-  },
-};
 
 export const CreateDockerWolfi: Task = {
   description: 'Creating Docker Wolfi image',
@@ -187,12 +167,6 @@ export const CreateDockerContexts: Task = {
   description: 'Creating Docker build contexts',
 
   async run(config, log, build) {
-    await runDockerGenerator(config, log, build, {
-      baseImage: 'ubuntu',
-      context: true,
-      image: false,
-      dockerBuildDate,
-    });
     await runDockerGenerator(config, log, build, {
       baseImage: 'wolfi',
       context: true,
diff --git a/src/dev/build/tasks/os_packages/docker_generator/run.ts b/src/dev/build/tasks/os_packages/docker_generator/run.ts
index eb35f99b76f9d..1daffb4872b4b 100644
--- a/src/dev/build/tasks/os_packages/docker_generator/run.ts
+++ b/src/dev/build/tasks/os_packages/docker_generator/run.ts
@@ -30,7 +30,7 @@ export async function runDockerGenerator(
   build: Build,
   flags: {
     architecture?: string;
-    baseImage: 'none' | 'wolfi' | 'ubi' | 'ubuntu';
+    baseImage: 'none' | 'wolfi' | 'ubi';
     context: boolean;
     image: boolean;
     ironbank?: boolean;
@@ -41,7 +41,6 @@ export async function runDockerGenerator(
   }
 ) {
   let baseImageName = '';
-  if (flags.baseImage === 'ubuntu') baseImageName = 'ubuntu:20.04';
   if (flags.baseImage === 'ubi') baseImageName = 'docker.elastic.co/ubi9/ubi-minimal:latest';
   /**
    * Renovate config contains a regex manager to automatically updates this Chainguard reference
@@ -54,7 +53,6 @@ export async function runDockerGenerator(
       'docker.elastic.co/wolfi/chainguard-base:latest@sha256:0801a437e721bebdd2d5be62e3f63f60fc9d1d82efacabe4c5b8792d74ae7006';
 
   let imageFlavor = '';
-  if (flags.baseImage === 'ubi') imageFlavor += `-ubi`;
   if (flags.baseImage === 'wolfi' && !flags.serverless && !flags.cloud) imageFlavor += `-wolfi`;
   if (flags.ironbank) imageFlavor += '-ironbank';
   if (flags.cloud) imageFlavor += '-cloud';
diff --git a/src/dev/build/tasks/os_packages/docker_generator/template_context.ts b/src/dev/build/tasks/os_packages/docker_generator/template_context.ts
index be4f98ce3eeaa..e0e4ada067bd2 100644
--- a/src/dev/build/tasks/os_packages/docker_generator/template_context.ts
+++ b/src/dev/build/tasks/os_packages/docker_generator/template_context.ts
@@ -25,7 +25,7 @@ export interface TemplateContext {
   dockerBuildDate: string;
   usePublicArtifact?: boolean;
   publicArtifactSubdomain: string;
-  baseImage: 'none' | 'ubi' | 'ubuntu' | 'wolfi';
+  baseImage: 'none' | 'ubi' | 'wolfi';
   baseImageName: string;
   cloud?: boolean;
   serverless?: boolean;
diff --git a/src/dev/build/tasks/os_packages/docker_generator/templates/base/Dockerfile b/src/dev/build/tasks/os_packages/docker_generator/templates/base/Dockerfile
index 7d9eaac886964..d8199c5911ca3 100644
--- a/src/dev/build/tasks/os_packages/docker_generator/templates/base/Dockerfile
+++ b/src/dev/build/tasks/os_packages/docker_generator/templates/base/Dockerfile
@@ -14,9 +14,6 @@ FROM {{{baseImageName}}} AS builder
 {{#ubi}}
 RUN microdnf install -y findutils tar gzip{{#fips}} perl make gcc{{/fips}}
 {{/ubi}}
-{{#ubuntu}}
-RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y curl
-{{/ubuntu}}
 {{#wolfi}}
 RUN apk --no-cache add curl
 {{/wolfi}}
@@ -120,19 +117,6 @@ RUN for iter in {1..10}; do \
     done; \
     (exit $exit_code)
 {{/ubi}}
-{{#ubuntu}}
-RUN for iter in {1..10}; do \
-      export DEBIAN_FRONTEND=noninteractive && \
-      apt-get update  && \
-      apt-get upgrade -y  && \
-      apt-get install -y --no-install-recommends \
-      fontconfig fonts-liberation libnss3 curl ca-certificates && \
-      apt-get clean && \
-      rm -rf /var/lib/apt/lists/* && exit_code=0 && break || exit_code=$? && echo "apt-get error: retry $iter in 10s" && \
-      sleep 10; \
-    done; \
-    (exit $exit_code)
-{{/ubuntu}}
 {{#wolfi}}
 RUN apk --no-cache add bash curl fontconfig font-liberation libstdc++ libnss findutils shadow ca-certificates
 {{/wolfi}}
diff --git a/src/dev/build/tasks/os_packages/docker_generator/templates/dockerfile.template.ts b/src/dev/build/tasks/os_packages/docker_generator/templates/dockerfile.template.ts
index 061ef7063e84d..72b3b14be0851 100755
--- a/src/dev/build/tasks/os_packages/docker_generator/templates/dockerfile.template.ts
+++ b/src/dev/build/tasks/os_packages/docker_generator/templates/dockerfile.template.ts
@@ -19,7 +19,6 @@ function generator(options: TemplateContext) {
   return Mustache.render(template.toString(), {
     wolfi: options.baseImage === 'wolfi',
     ubi: options.baseImage === 'ubi',
-    ubuntu: options.baseImage === 'ubuntu',
     opensslLegacyProvider: !(options.cloud || options.serverless || options.fips),
     ...options,
   });
diff --git a/x-pack/solutions/observability/plugins/profiling/server/lib/setup/README.md b/x-pack/solutions/observability/plugins/profiling/server/lib/setup/README.md
index dfab97d508c74..85b5f0641c137 100644
--- a/x-pack/solutions/observability/plugins/profiling/server/lib/setup/README.md
+++ b/x-pack/solutions/observability/plugins/profiling/server/lib/setup/README.md
@@ -26,7 +26,7 @@ Build and push a Kibana image with the latest changes.
 Choose a unique identifier for the build, then:
 
 ```
-node scripts/build --docker-images --skip-docker-ubi --skip-docker-ubuntu --skip-docker-fips
+node scripts/build --docker-images --skip-docker-ubi --skip-docker-fips
 docker tag docker.elastic.co/kibana-ci/kibana-cloud:8.7.0-SNAPSHOT docker.elastic.co/observability-ci/kibana:<UNIQUE_IDENTIFIER>
 docker push docker.elastic.co/observability-ci/kibana:<UNIQUE_IDENTIFIER>
 ```