-
Notifications
You must be signed in to change notification settings - Fork 94
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
📖 Add byoi fedora/rockylinux-fips example #1591
Conversation
Signed-off-by: mudler <mudler@kairos.io>
As I feared, generic framework images for fips just don't work:
@kairos-io/maintainers I'll go ahead and rename the ubuntu flavor to something more meaningful and generic, I don't see any way around creating generic fips images for now |
Signed-off-by: mudler <mudler@kairos.io>
I've validated that the ubuntu framework image works also with fedora and rockylinux, renaming it to |
ln -sf "initrd-${kernel}" /boot/initrd && depmod -a "${kernel}" | ||
|
||
# Symlink kernel HMAC | ||
RUN kernel=$(ls /boot/vmlinuz-* | head -n1) && ln -sf ."${kernel#/boot/}".hmac /boot/.vmlinuz.hmac |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is the "main" difference with standard examples
# Copy the os-release file to identify the OS | ||
COPY --from=osbuilder /workspace/os-release /etc/os-release | ||
|
||
COPY --from=quay.io/kairos/framework:master_fips-systemd / / |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Note: the framework image is fips
Fixes #362
Adds fips e2e example for:
Draft as needs to validate with the latest imagesRenames also the
ubuntu-20-lts-fips
framework image tofips-systemd
as works as well for rocky and fedora.