Go to Chainguard.dev
Send feedback Contact
Chainguard Images Reference

Image Overview: python-fips

Overview: python-fips Chainguard Image
Reference Chainguard Images Product

Minimal FIPS-enabled images for python.

Get It

This image provides these versions of python:

  • 3.10
  • 3.11
  • 3.12

The image is available on cgr.dev:

docker pull cgr.dev/chainguard-private/python-fips:3.10

Testing

  • Step 1: cd images/python-fips/fips-example/

  • Step 2: Replace the content of Dockerfile with the below:

    FROM cgr.dev/chainguard-private/python-fips:3.10

WORKDIR /app

COPY . .

USER root

CMD ["./fips-check.py"]

  • Step 3: docker build -t fips-python:0.0.1 .

  • Step 4: docker run --rm fips-python:0.0.1 2>&1 >/dev/null | grep "\[digital envelope routines\] unsupported"

Since MD5 isn’t supported when we enable FIPS, the script we run inside container should throw up an error which we redirect using 2>&1 and it should output something like ‘[digital envelope routines] unsupported’

Last updated: 2024-02-29 16:25