https://github.com/cyberark/conjur-base-image

Base Docker images for CyberArk Conjur
https://github.com/cyberark/conjur-base-image

base-image conjbot-notify conjur conjur-core docker

Last synced: about 1 year ago
JSON representation

Base Docker images for CyberArk Conjur

• Host: GitHub
• URL: https://github.com/cyberark/conjur-base-image
• Owner: cyberark
• License: apache-2.0
• Created: 2020-06-06T04:35:48.000Z (about 6 years ago)
• Default Branch: main
• Last Pushed: 2024-05-24T01:18:50.000Z (about 2 years ago)
• Last Synced: 2024-06-12T04:52:56.914Z (about 2 years ago)
• Topics: base-image, conjbot-notify, conjur, conjur-core, docker
• Language: Shell
• Homepage: https://conjur.org
• Size: 537 KB
• Stars: 2
• Watchers: 18
• Forks: 5
• Open Issues: 6
• Metadata Files:
  • Readme: README.md
  • Changelog: CHANGELOG.md
  • Contributing: CONTRIBUTING.md
  • License: LICENSE
  • Codeowners: .github/CODEOWNERS

Awesome Lists containing this project

README

          
# Table of Contents

- [Table of Contents](#table-of-contents)

- [Conjur Base Image](#conjur-base-image)

  - [Certification level](#certification-level)

  - [Feature](#feature)

  - [Usage](#usage)

  - [What is FIPS 140-2](#what-is-fips-140-2)

  - [Contributing](#contributing)

  - [License](#license)

# Conjur Base Image

This repo builds a Docker image that contains Ruby client libraries compiled against the FIPS 140-2 compliant OpenSSL module.

Three images included:

- [Ubuntu](./ubuntu-ruby-fips/)

- [UBI](./ubi-ruby-fips/)

## Feature

* A minimal base image to reduce attack surface and external dependencies

* Vulnerability scanning

* Builder container for Ruby client

* Last security update

* Jenkins pipeline for building the Docker image

* Automated tests validate FIPS mode is successfully enabled and all artifacts are compiled against the FIPS 140-2 compliant

* OpenSSL version installed in the Ubuntu image:

  * OpenSSL version: `3` (configured to be FIPS-Compliant)

* OpenSSL version installed in the UBI image:

  * OpenSSL version: `3` (with FIPS 140-2 compliant OpenSSL module from RedHat UBI 9)

## Usage

- [Ubuntu](./ubuntu-ruby-fips/) image is the parent image of Conjur Server

- [UBI](./ubi-ruby-fips/) image is the parent image of Conjur Server for OpenShift

## What is FIPS 140-2

The Federal Information Processing Standard Publication 140-2, (FIPS PUB 140-2), is a U.S. government computer security standard used to approve cryptographic modules.

The title is Security Requirements for Cryptographic Modules.

For more information, visit the [FIPS 140-2 Wikipedia Page](https://en.wikipedia.org/wiki/FIPS_140-2).

### Important

For [UBI](./ubi-ruby-fips/) image FIPS module is disabled by default.

Please refer to [this readme](./ubi-ruby-fips/README.md) for more information.

## Contributing

We welcome contributions of all kinds to this repository. For instructions on how to get started and descriptions

of our development workflows, please see our [contributing guide](https://github.com/cyberark/conjur-base-image/blob/main/CONTRIBUTING.md).

## License

This repository is licensed under Apache License 2.0 - see [`LICENSE`](LICENSE) for more details.