This repo builds a Docker image that contains Ruby client libraries compiled against the FIPS 140-2 compliant OpenSSL module.
Three images included:
- A minimal base image to reduce attack surface and external dependencies
- Vulnerability scanning
- Builder container for Ruby client
- Last security update
- Jenkins pipeline for building the Docker image
- Automated tests validate FIPS mode is successfully enabled and all artifacts are compiled against the FIPS 140-2 compliant
- OpenSSL version installed in the Ubuntu image:
- OpenSSL version:
3
(configured to be FIPS-Compliant)
- OpenSSL version:
- OpenSSL version installed in the UBI image:
- OpenSSL version:
3
(with FIPS 140-2 compliant OpenSSL module from RedHat UBI 9)
- OpenSSL version:
- Ubuntu image is the parent image of Conjur Server
- UBI image is the parent image of Conjur Server for OpenShift
The Federal Information Processing Standard Publication 140-2, (FIPS PUB 140-2), is a U.S. government computer security standard used to approve cryptographic modules. The title is Security Requirements for Cryptographic Modules.
For more information, visit the FIPS 140-2 Wikipedia Page.
For UBI image FIPS module is disabled by default. Please refer to this readme for more information.
We welcome contributions of all kinds to this repository. For instructions on how to get started and descriptions of our development workflows, please see our contributing guide.
This repository is licensed under Apache License 2.0 - see LICENSE
for more details.