Skip to content

Latest commit

 

History

History
57 lines (40 loc) · 2.14 KB

README.md

File metadata and controls

57 lines (40 loc) · 2.14 KB

Table of Contents

Conjur Base Image

This repo builds a Docker image that contains Ruby client libraries compiled against the FIPS 140-2 compliant OpenSSL module.

Three images included:

Feature

  • A minimal base image to reduce attack surface and external dependencies
  • Vulnerability scanning
  • Builder container for Ruby client
  • Last security update
  • Jenkins pipeline for building the Docker image
  • Automated tests validate FIPS mode is successfully enabled and all artifacts are compiled against the FIPS 140-2 compliant
  • OpenSSL version installed in the Ubuntu image:
    • OpenSSL version: 3 (configured to be FIPS-Compliant)
  • OpenSSL version installed in the UBI image:
    • OpenSSL version: 3 (with FIPS 140-2 compliant OpenSSL module from RedHat UBI 9)

Usage

  • Ubuntu image is the parent image of Conjur Server
  • UBI image is the parent image of Conjur Server for OpenShift

What is FIPS 140-2

The Federal Information Processing Standard Publication 140-2, (FIPS PUB 140-2), is a U.S. government computer security standard used to approve cryptographic modules. The title is Security Requirements for Cryptographic Modules.

For more information, visit the FIPS 140-2 Wikipedia Page.

Important

For UBI image FIPS module is disabled by default. Please refer to this readme for more information.

Contributing

We welcome contributions of all kinds to this repository. For instructions on how to get started and descriptions of our development workflows, please see our contributing guide.

License

This repository is licensed under Apache License 2.0 - see LICENSE for more details.