Add alpine-glibc

Signed-off-by: Liam Newman <[email protected]>

README.md

@@ -27,6 +27,20 @@ The following files are added (taken from Debian) to fix some common issues:
 - `/etc/services` : for named ports resolution
 - `/lib/x86_64-linux-gnu/libpthread.so.0` : common required lib for project binaries that cannot be statically built.
 
+### prom/busybox:alpine-glibc : glibc
+
+Based on the official `busybox:glibc` base image.
+
+The `busybox` executable and toolset is replaced by the [statically linked busybox](https://pkgs.alpinelinux.org/package/v3.16/main/x86_64/busybox-static) from `alpine:latest`.
+Alpine provides far more timely security patches to `busybox` that the official `busybox` release. No other parts of Alpine are added to the image.
+
+The following files are added (taken from Debian) to fix some common issues:
+
+- `/etc/ssl/certs/ca-certificates.crt` : for HTTPS support
+- `/usr/share/zoneinfo` : for timezones
+- `/etc/services` : for named ports resolution
+- `/lib/x86_64-linux-gnu/libpthread.so.0` : common required lib for project binaries that cannot be statically built.
+
 ## Build Docker images locally
 
 ```

alpine-glibc/Dockerfile

@@ -0,0 +1,49 @@
+ARG ARCH=""
+FROM ${ARCH}debian:buster-slim
+
+RUN \
+    apt-get update && apt-get install -y --no-install-recommends \
+      ca-certificates \
+      gcc \
+      netbase \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN set -x \
+    && mkdir -p rootfs/lib \
+    && set -- \
+        /etc/nsswitch.conf \
+        /etc/ssl/certs/ca-certificates.crt \
+        /usr/share/zoneinfo \
+        /etc/services \
+        /lib/"$(gcc -print-multiarch)"/libpthread.so.* \
+    && while [ "$#" -gt 0  ]; do \
+        f="$1"; shift; \
+        fn="$(basename "$f")"; \
+        if [ -e "rootfs/lib/$fn" ]; then continue; fi; \
+        if [ "${f#/lib/}" != "$f" ]; then \
+            ln -vL "$f" "rootfs/lib/$fn"; \
+        else \
+            d="$(dirname $f)" \
+            && mkdir -p "rootfs/${d#/}" \
+            && cp -av "$f" "rootfs/${f#/}"; \
+        fi; \
+    done
+
+FROM        ${ARCH}alpine:latest as alpine
+RUN apk add busybox-static && \
+    rm /bin/* && \
+    /tmp/busybox --install /bin && \
+    mv /tmp/busybox /bin/
+
+FROM        ${ARCH}busybox:glibc
+MAINTAINER  The Prometheus Authors <[email protected]>
+
+# Use the busybox executable from alpine which is generally patched more quickly for vulnerabilities
+# Use the busybox.static to avoid dynamic library dependencies.
+COPY --from=alpine /bin/busybox.static /tmp/busybox
+
+RUN rm /bin/* && \
+    /tmp/busybox --install /bin && \
+    mv /tmp/busybox /bin/
+
+COPY --from=0 /rootfs /

glibc/Dockerfile

@@ -29,18 +29,7 @@ RUN set -x \
         fi; \
     done
 
-FROM        ${ARCH}alpine:latest as alpine
-RUN apk add busybox-static
-
 FROM        ${ARCH}busybox:glibc
 MAINTAINER  The Prometheus Authors <[email protected]>
 
-# Use the busybox executable from alpine which is generally patched more quickly for vulnerabilities
-# Use the busybox.static to avoid dynamic library dependencies.
-COPY --from=alpine /bin/busybox.static /tmp/busybox
-
-RUN rm /bin/* && \
-    /tmp/busybox --install /bin && \
-    mv /tmp/busybox /bin/
-
 COPY --from=0 /rootfs /

uclibc/Dockerfile

@@ -28,18 +28,7 @@ RUN set -x \
         fi; \
     done
 
-FROM        ${ARCH}alpine:latest as alpine
-RUN apk add busybox-static
-
 FROM        ${ARCH}busybox:uclibc
 MAINTAINER  The Prometheus Authors <[email protected]>
 
-# Use the busybox executable from alpine which is generally patched more quickly for vulnerabilities
-# Use the busybox.static to avoid dynamic library dependencies.
-COPY --from=alpine /bin/busybox.static /tmp/busybox
-
-RUN rm /bin/* && \
-    /tmp/busybox --install /bin && \
-    mv /tmp/busybox /bin/
-
 COPY --from=0 /rootfs /