Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updated Dockerfile to support securing container supply chain #4303

Merged
merged 3 commits into from
May 27, 2022
Merged

Updated Dockerfile to support securing container supply chain #4303

merged 3 commits into from
May 27, 2022

Conversation

compulim
Copy link
Contributor

@compulim compulim commented May 26, 2022
edited
Loading

Fixes #4301

Changelog Entry

Changed

  • Resolves #4301. Updated Dockerfile to support secure container supply chain, by @compulim in PR #4303

Description

Updated our Dockerfile with new ARG which can be configured via --build-arg:

Name of ARG Description Default
REGISTRY Registry to pull images from, will prepend to BASE_IMAGE docker.io
BASE_IMAGE Qualified base image name $REGISTRY/node:18 (for samples)
$REGISTRY/node:18-alpine (for tooling)

Note: all of our images are based on node.

Design

When developing/testing/building Web Chat, this feature will help our customers to specify a different container registry, or a different base image to start with.

They can specify build arguments when building the image using Docker:

docker --build-arg REGISTRY=mycompany.azurecr.io .

Or via Compose:

docker-compose build --build-arg REGISTRY=mycompany.azurecr.io

Specific Changes

  • Update all Dockerfile* with unified build arguments for retargeting base images
  • Fixed screenshot of __tests__/video.js with slightly changed channel icon
  • I have added tests and executed them locally
  • I have updated CHANGELOG.md
  • I have updated documentation

Review Checklist

This section is for contributors to review your work.

  • Accessibility reviewed (tab order, content readability, alt text, color contrast)
  • Browser and platform compatibilities reviewed
  • CSS styles reviewed (minimal rules, no z-index)
  • Documents reviewed (docs, samples, live demo)
  • Internationalization reviewed (strings, unit formatting)
  • package.json and package-lock.json reviewed
  • Security reviewed (no data URIs, check for nonce leak)
  • Tests reviewed (coverage, legitimacy)

@compulim compulim marked this pull request as ready for review May 26, 2022 19:58
@compulim compulim added the p1 Painful if we don't fix, won't block releasing label May 26, 2022
@compulim compulim changed the title Updated Dockerfile to support secure container supply chain Updated Dockerfile to support Secure Container Supply Chain May 26, 2022
@compulim compulim changed the title Updated Dockerfile to support Secure Container Supply Chain Updated Dockerfile to support securing container supply chain May 26, 2022
@compulim
Update entry
b9187f0 
Simplify ARG

Add REGISTRY argument
@compulim compulim merged commit 786d935 into microsoft:main May 27, 2022
@compulim compulim deleted the fix-docker-mcr branch May 27, 2022 18:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cwhitten cwhitten cwhitten approved these changes

@a-b-r-o-w-n a-b-r-o-w-n Awaiting requested review from a-b-r-o-w-n a-b-r-o-w-n is a code owner

@srinaath srinaath Awaiting requested review from srinaath srinaath is a code owner

@tdurnford tdurnford Awaiting requested review from tdurnford tdurnford is a code owner

@tonyanziano tonyanziano Awaiting requested review from tonyanziano

@beyackle beyackle Awaiting requested review from beyackle

Assignees
No one assigned
Labels
p1 Painful if we don't fix, won't block releasing
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Allow customers to opt-in to use non-default container registry
2 participants
@compulim @cwhitten