Skip to content

Commit

Permalink
ROX-24283: enable strictfipsruntime in Konflux build
Browse files Browse the repository at this point in the history
  • Loading branch information
BradLugo committed Nov 15, 2024
1 parent 97c41a7 commit 2c51901
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 1 deletion.
3 changes: 2 additions & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,8 @@ GOPATH_WD_OVERRIDES := -w /src -e GOPATH=/go
IMAGE_BUILD_FLAGS := -e CGO_ENABLED=$(CGO_ENABLED) -e GOOS=linux -e GOARCH=$(GOARCH)
IMAGE_BUILD_ARGS = --build-arg LABEL_VERSION=$(TAG) --build-arg LABEL_RELEASE=$(TAG) --build-arg QUAY_TAG_EXPIRATION=$(QUAY_TAG_EXPIRATION)
BUILD_FLAGS := CGO_ENABLED=$(CGO_ENABLED) GOOS=linux GOARCH=$(GOARCH)
BUILD_CMD := go build -trimpath -ldflags="-X github.com/stackrox/scanner/pkg/version.Version=$(TAG)" -o image/scanner/bin/scanner ./cmd/clair
GOTAGS ?=
BUILD_CMD := go build -trimpath -ldflags="-X github.com/stackrox/scanner/pkg/version.Version=$(TAG)" $(if $(GOTAGS),-tags=$(GOTAGS)) -o image/scanner/bin/scanner ./cmd/clair
NODESCAN_BUILD_CMD := go build -trimpath -o tools/bin/local-nodescanner ./tools/local-nodescanner

#####################################################################
Expand Down
2 changes: 2 additions & 0 deletions image/scanner/rhel/konflux.Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@ ARG SCANNER_TAG
RUN if [[ "$SCANNER_TAG" == "" ]]; then >&2 echo "error: required SCANNER_TAG arg is unset"; exit 6; fi
ENV RELEASE_TAG="${SCANNER_TAG}"

ENV GOEXPERIMENT=strictfipsruntime
ENV GOTAGS=strictfipsruntime
ENV GOFLAGS=""
ENV CI=1

Expand Down

0 comments on commit 2c51901

Please sign in to comment.