Skip to content

Commit

Permalink
CARRY: FIPS enabled for operator image (kubeflow#1)
Browse files Browse the repository at this point in the history 
Signed-off-by: James Busche <[email protected]>
  • Loading branch information
@jbusche @astefanutti
jbusche authored and astefanutti committed Apr 5, 2024
1 parent a08246d commit 66329f0
Showing 1 changed file with 5 additions and 3 deletions.
8 changes: 5 additions & 3 deletions build/images/training-operator/Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# Build the manager binary
FROM golang:1.20 as builder
FROM registry.access.redhat.com/ubi9/go-toolset:1.20.10 as builder

WORKDIR /workspace
# Copy the Go Modules manifests
Expand All @@ -13,11 +13,13 @@ RUN go mod download
COPY . .

# Build
RUN CGO_ENABLED=0 GOOS=linux GO111MODULE=on go build -a -o manager cmd/training-operator.v1/main.go
USER root
RUN CGO_ENABLED=1 GOOS=linux GO111MODULE=on go build -tags strictfipsruntime -a -o manager cmd/training-operator.v1/main.go

# Use distroless as minimal base image to package the manager binary
# Refer to https://github.com/GoogleContainerTools/distroless for more details
FROM gcr.io/distroless/static:latest
FROM registry.access.redhat.com/ubi9/ubi-minimal:latest
WORKDIR /
COPY --from=builder /workspace/manager .
USER 65532:65532
ENTRYPOINT ["/manager"]

0 comments on commit 66329f0

Please sign in to comment.