Skip to content

Commit

Permalink
This change ensures the ansibleee-operator is built with FIPS compliance
Browse files Browse the repository at this point in the history
Signed-off-by: Roberto Alfieri <[email protected]>
  • Loading branch information
rebtoor committed Jan 30, 2024
1 parent ba3c70f commit 63a42ae
Showing 1 changed file with 10 additions and 9 deletions.
19 changes: 10 additions & 9 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
ARG GOLANG_BUILDER=golang:1.19
ARG GOLANG_BUILDER=quay.io/projectquay/golang:1.20
ARG OPERATOR_BASE_IMAGE=gcr.io/distroless/static:nonroot

# Build the manager binary
Expand All @@ -15,6 +15,7 @@ ARG DEST_ROOT=/dest-root
ARG TARGETOS
ARG TARGETARCH
ARG GO_BUILD_EXTRA_ARGS=
ARG GO_BUILD_EXTRA_ENV_ARGS="CGO_ENABLED=1 GO111MODULE=on"

COPY $REMOTE_SOURCE $REMOTE_SOURCE_DIR
WORKDIR $REMOTE_SOURCE_DIR/$REMOTE_SOURCE_SUBDIR
Expand All @@ -26,7 +27,7 @@ RUN mkdir -p ${DEST_ROOT}/usr/local/bin/
RUN if [ ! -f $CACHITO_ENV_FILE ]; then go mod download ; fi

# Build manager
RUN if [ -f $CACHITO_ENV_FILE ] ; then source $CACHITO_ENV_FILE ; fi ; CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} GO111MODULE=on go build ${GO_BUILD_EXTRA_ARGS} -a -o ${DEST_ROOT}/manager main.go
RUN if [ -f $CACHITO_ENV_FILE ] ; then source $CACHITO_ENV_FILE ; fi ; env GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} ${GO_BUILD_EXTRA_ENV_ARGS} go build ${GO_BUILD_EXTRA_ARGS} -a -o ${DEST_ROOT}/manager main.go

# Use distroless as minimal base image to package the manager binary
# Refer to https://github.com/GoogleContainerTools/distroless for more details
Expand All @@ -49,16 +50,16 @@ ARG IMAGE_TAGS="cn-openstack openstack"

# Labels required by upstream and osbs build system
LABEL com.redhat.component="${IMAGE_COMPONENT}" \
name="${IMAGE_NAME}" \
version="${IMAGE_VERSION}" \
summary="${IMAGE_SUMMARY}" \
io.k8s.name="${IMAGE_NAME}" \
io.k8s.description="${IMAGE_DESC}" \
io.openshift.tags="${IMAGE_TAGS}"
name="${IMAGE_NAME}" \
version="${IMAGE_VERSION}" \
summary="${IMAGE_SUMMARY}" \
io.k8s.name="${IMAGE_NAME}" \
io.k8s.description="${IMAGE_DESC}" \
io.openshift.tags="${IMAGE_TAGS}"
### DO NOT EDIT LINES ABOVE

ENV USER_UID=$USER_ID \
OPERATOR_TEMPLATES=/usr/share/ansibleee-operator/templates/
OPERATOR_TEMPLATES=/usr/share/ansibleee-operator/templates/

WORKDIR /

Expand Down

0 comments on commit 63a42ae

Please sign in to comment.