Skip to content

Commit

Permalink
[fips] - Enable boringcrypto in the build image.
Browse files Browse the repository at this point in the history
This should allow build to have fips crypto enabled when we build with CGO_ENABLED=1

Modify the github build to do so.

datadog:patch
  • Loading branch information
nyodas committed Sep 23, 2024
1 parent e8bd9f0 commit 42af4a2
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 1 deletion.
2 changes: 1 addition & 1 deletion .github/workflows/dd-build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ jobs:
env:
KUBE_BUILD_PLATFORMS: ${{ matrix.platform }}
KUBE_RELEASE_RUN_TESTS: n
run: make quick-release KUBE_BUILD_PLATFORMS=$KUBE_BUILD_PLATFORMS
run: make quick-release CGO_ENABLED=1 KUBE_CGO_OVERRIDES="kube-apiserver kube-controller-manager kube-scheduler kubelet" KUBE_BUILD_PLATFORMS=$KUBE_BUILD_PLATFORMS
- name: Calculate checksums
id: calculate_checksums
shell: bash
Expand Down
5 changes: 5 additions & 0 deletions build/build-image/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -55,3 +55,8 @@ ADD rsyncd.password /
RUN chmod a+r /rsyncd.password
ADD rsyncd.sh /
RUN chmod a+rx /rsyncd.sh

# Enable fips build
ENV GOEXPERIMENT=boringcrypto
# Enable debug to keep symbols around, allowing us to do go tool nm
ENV DBG=1

0 comments on commit 42af4a2

Please sign in to comment.