Skip to content

Commit

Permalink
use debian for the builder stage to avoid issues with musl+boringcryp…
Browse files Browse the repository at this point in the history 
…o for fips compliant builds
  • Loading branch information
@mredolatti
mredolatti committed Jan 24, 2024
1 parent ed4b723 commit 130de29
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 16 deletions.
13 changes: 5 additions & 8 deletions docker/Dockerfile.proxy
View file
Original file line number Diff line number Diff line change
@@ -1,22 +1,19 @@
# Build stage
FROM golang:1.21.5-alpine3.19 AS builder
FROM golang:1.21.6-bookworm AS builder

ARG EXTRA_BUILD_ARGS
ARG FIPS_MODE

RUN apk add \
bash \
build-base \
python3 \
git
RUN apt update -y
RUN apt install -y build-essential ca-certificates python3 git

WORKDIR /code

COPY . .

RUN if [[ "${FIPS_MODE}" = "enabled" ]]; \
then echo "building in standard mode"; make clean split-proxy entrypoints EXTRA_BUILD_ARGS="${EXTRA_BUILD_ARGS}"; \
else echo "building in fips mode"; make clean split-proxy-fips entrypoints EXTRA_BUILD_ARGS="${EXTRA_BUILD_ARGS}"; mv split-proxy-fips split-proxy; \
then echo "building in fips mode"; make clean split-proxy-fips entrypoints EXTRA_BUILD_ARGS="${EXTRA_BUILD_ARGS}"; mv split-proxy-fips split-proxy; \
else echo "building in standard mode"; make clean split-proxy entrypoints EXTRA_BUILD_ARGS="${EXTRA_BUILD_ARGS}"; \
fi

# Runner stage
Expand Down
15 changes: 7 additions & 8 deletions docker/Dockerfile.synchronizer
View file
Original file line number Diff line number Diff line change
@@ -1,24 +1,23 @@
# Build stage
FROM golang:1.21.5-alpine3.19 AS builder
FROM golang:1.21.6-bookworm AS builder

ARG EXTRA_BUILD_ARGS
ARG FIPS_MODE

RUN apk add \
bash \
build-base \
python3 \
git
RUN apt update -y
RUN apt install -y build-essential ca-certificates python3 git

WORKDIR /code

COPY . .

RUN if [[ "${FIPS_MODE}" = "enabled" ]]; \
then echo "building in standard mode"; make clean split-sync entrypoints EXTRA_BUILD_ARGS="${EXTRA_BUILD_ARGS}"; \
else echo "building in fips mode"; make clean split-sync-fips entrypoints EXTRA_BUILD_ARGS="${EXTRA_BUILD_ARGS}"; mv split-sync-fips split-sync; \
then echo "building in fips mode"; make clean split-sync-fips entrypoints EXTRA_BUILD_ARGS="${EXTRA_BUILD_ARGS}"; mv split-sync-fips split-sync; \
else echo "building in standard mode"; make clean split-sync entrypoints EXTRA_BUILD_ARGS="${EXTRA_BUILD_ARGS}"; \
fi

RUN ls -l /code

# Runner stage
FROM alpine:3.19.0 AS runner

Expand Down

0 comments on commit 130de29

Please sign in to comment.