Conversation
|
Thank you for your submission! We require that all contributors sign our Contributor License Agreement ("CLA") before we can accept the contribution. Read and sign the agreement Learn more about why HashiCorp requires a CLA and what the CLA includes 1 out of 2 committers have signed the CLA.
Raghav Kabra seems not to be a GitHub user. Have you signed the CLA already but the status is still pending? Recheck it. |
|
Thank you for your submission! We require that all contributors sign our Contributor License Agreement ("CLA") before we can accept the contribution. Read and sign the agreement Learn more about why HashiCorp requires a CLA and what the CLA includes Raghav Kabra seems not to be a GitHub user. Have you signed the CLA already but the status is still pending? Recheck it. |
|
Could you also sign the CLA? https://cla.hashicorp.com/hashicorp/boundary?pullRequest=6700 |
3 participants
Description
This PR adds native Red Hat UBI/OpenShift image support to Boundary by consolidating the previous Dockerfile.openshift setup into the main Dockerfile as a dedicated ubi stage and integrating it with the standard CI/CD release pipeline.
Changes
Added a ubi stage based on ubi9/ubi-minimal
Added Red Hat certification labels, license files, non-root user, and OpenShift-compatible permissions
Introduced a new OpenShift entrypoint handling arbitrary UID support and permission checks
Added CI workflow to build and push multi-arch (amd64/arm64) UBI images to the Red Hat Connect registry
Registered UBI image tarballs as release artifacts
Updated .dockerignore to include LICENSE in build context
Testing
Validated successfully using a temporary build-redhat-test.yml workflow before merge.
PCI review checklist
Examples of changes to security controls include using new access control methods, adding or removing logging pipelines, etc.