Skip to content
This repository has been archived by the owner on Sep 26, 2023. It is now read-only.

Commit

Permalink
Enable CGO and update the container image to UBI8
Browse files Browse the repository at this point in the history
Addresses CVE-2023-3089

Signed-off-by: mprahl <[email protected]>
  • Loading branch information
mprahl committed Jul 6, 2023
1 parent 94c8375 commit fe8c8bd
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 4 deletions.
6 changes: 3 additions & 3 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# Build the manager binary
FROM golang:1.20 as builder
FROM registry.ci.openshift.org/stolostron/builder:go1.20-linux as builder

ARG GOOS
ARG GOARCH
Expand All @@ -20,11 +20,11 @@ COPY controllers/ controllers/
COPY pkg/ pkg/

# Build
RUN CGO_ENABLED=0 GOOS=${GOOS} GOARCH=${GOARCH} go build -a -ldflags "${LDFLAGS}" -o manager main.go
RUN CGO_ENABLED=1 GOOS=${GOOS} GOARCH=${GOARCH} go build -a -ldflags "${LDFLAGS}" -o manager main.go

# Use distroless as minimal base image to package the manager binary
# Refer to https://github.com/GoogleContainerTools/distroless for more details
FROM gcr.io/distroless/static:nonroot
FROM registry.access.redhat.com/ubi8/ubi-minimal:latest
WORKDIR /
COPY --from=builder /workspace/manager .
USER 65532:65532
Expand Down
2 changes: 1 addition & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -148,7 +148,7 @@ download-binaries: kustomize go-bindata envtest controller-gen

.PHONY: build
build: generate fmt vet ## Build manager binary.
GOFLAGS=$(GOFLAGS) go build -ldflags $(LDFLAGS) -o bin/manager main.go
CGO_ENABLED=1 GOFLAGS=$(GOFLAGS) go build -ldflags $(LDFLAGS) -o bin/manager main.go

.PHONY: run
run: manifests generate fmt vet ## Run a controller from your host, using the configured Kubernetes cluster in ~/.kube/config
Expand Down

0 comments on commit fe8c8bd

Please sign in to comment.