DirectorySecurity advisories
Sign in

Directory

aspnet-runtime-fips logoFIPS

aspnet-runtime-fips

Last changed
Sign in for updates

Get notified of upcoming product changes, critical vulnerability notifications and patches and more.

Sign in
Versions
Overview
Provenance
Specifications
SBOM
Vulnerabilities
Advisories

Container image with the latest ASP.NET runtime.

Download this Image

The image is available on cgr.dev:

docker pull cgr.dev/chainguard/aspnet-runtime-fips:latest

FIPS Enablement

Our ASPNET Runtime images have FIPS enabled versions. However, the underlying ASPNET core runtime does not include any mechanisms to enforce FIPS compliance according to Microsoft's official documentation. Accordingly, it is up you and/or your developers to ensure that your application is using FIPS compliant algorithms and that the runtime environment is also properly configured to run in FIPS mode.

Usage

The dotnet-sdk-fips image can be used directly for simple cases, or with a multi-stage build using the dotnet-sdk-fips as the builder and aspnet-runtime-fips as the final target container.

To get started, go to your current dotnet application directory (or where you house your dotnet applications) and execute the following command. This command should be able to detect the dotnet project in your directory and create a base for the docker initialization.

docker init

This command should create the following files.

Dockerfile
compose.yaml
README.Docker.md
.dockerignore

After the files have been created, replace the contents within the created Dockerfile with the following

FROM cgr.dev/chainguard/dotnet-sdk-fips:latest AS build

COPY --chown=nonroot:nonroot . /source

# If your project resides in a sub directory, make sure you are pointing to that directory. ex: If your project resided in a directory called 'app', you would set the destination to /source/app
WORKDIR /source

RUN dotnet publish --use-current-runtime --self-contained false -o Release

# If you are running an .NET project, you can instead pull our .NET image cgr.dev/chainguard/dotnet-runtime-fips:latest
FROM cgr.dev/chainguard/aspnet-runtime-fips:latest AS final
WORKDIR /

# Copy everything needed to run the app from the "build" stage.
COPY --from=build source .

ENTRYPOINT ["dotnet", "Release/dotnet.dll"]

This will build your application using the SDK image and then copy the built application over to the Runtime image which will then start.

You can run and publish a local image with the following command

docker compose up -d --build

You can also remove the container using the following

docker compose down
Licenses

Chainguard Images contain software packages that are direct or transitive dependencies. The following licenses were found in the "latest" version of this image:

  • Apache-2.0

  • GCC-exception-3.1

  • GPL-3.0-or-later

  • LGPL-2.1-or-later

  • MIT

  • MPL-2.0

For a complete list of licenses, please refer to this Image's SBOM.

Software license agreement
Compliance

This is a FIPS validated image for FedRAMP compliance.

This image is STIG hardened and scanned against the DISA General Purpose Operating System SRG with reports available.

Learn more about STIGsGet started with STIGs
Related images
Category
FIPS
STIG
base
languages

Products

Chainguard Images

Developer

Open sourceDocs

Resources

Unchained blogChainguard LabsCustomer storiesScannersSecurityEducation

Company

AboutNewsroomCareersChainguard loveLegalContact

Follow

TwitterGitHubLinkedInTikTok

© 2024 Chainguard, Inc.