Skip to content

Make model-engine FIPS compliant by updating base chainguard image #724

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 31 commits into from
Nov 3, 2025
Merged

Make model-engine FIPS compliant by updating base chainguard image #724

merged 31 commits into from
Nov 3, 2025

Conversation

@ValentineDragan
Copy link
Collaborator

@ValentineDragan ValentineDragan commented Oct 16, 2025
edited
Loading

Pull Request Summary

This PR upgrades the model-engine Docker base image to use Chainguard's FIPS-compliant Python image, and fixes bugs in the CircleCI integration tests.

FIPS compliance changes:

  • Update Dockerfile to use chainguard base image for FIPS compliance
    • Delete the now identical federal/Dockerfile copy
  • Upgrading SQLAlchemy to 2.0.21 which uses FIPS-compliant md5 hashing
    • This removes the need to monkey patching the hashing library with sitecustomize.py which was making integration tests fail because md5 is still needed for non-security hashing (i.e. generating Git/CircleCI hashes)
  • Set celery_enable_sha256: true in all configs for FIPS compliance

Fixing integration tests:

  • Update integration tests to use the current/latest model-engine image instead of a hardcoded image tag from 2024
  • Update helm chart to mount service configs in CircleCI
  • Add chainctl authentication to CircleCI to enable pulling the chainguard base image

Test Plan and Usage Guide

  • All unit tests and integration tests pass
    • (previously integration tests weren't reflecting the latest repo changes due to using hardcoded image)

@ValentineDragan
Update Dockerfile
cf6c084
@ValentineDragan
Update circleci config to login to chainguard
0201f0c
@ValentineDragan
fix typo in circleci config
8ece2a5
@ValentineDragan
Add code to debug circleci errors
c3ef4e5
@ValentineDragan
Debug missing chainguard token
93f579a
@ValentineDragan
Debug failing oidc token swap
3853517
@ValentineDragan
Update config
9dac2cd
@ValentineDragan
Retry OIDC token swap with updated chainguard identity
8104ff1
@ValentineDragan
Update audience for token exchange request
4ddee82
@ValentineDragan
Simplify chainguard authentication with chainctl
e5642e8
@ValentineDragan
Specify audience cgr.dev in auth login
44b59ed
@ValentineDragan
Update system packages in Dockerfile
82fe322
@ValentineDragan
Update Dockerfile packages for chainguard compatbility
209a34a
@ValentineDragan
update Dockerfile
6f79179
@ValentineDragan
Revert circleci python version to 3.10.14
ae1bb4e
@ValentineDragan
Update hardcoded model-engine image tag used in integration tests
a465e51
@ValentineDragan
Fix CircleCI config trying to use hardcoded model-engine image tag fo…
0eca9cb 
…r batch jobs pod
@ValentineDragan
Mount service_config_circleci.yaml in batch job pods
fe8d764
@ValentineDragan
Fix broken helm template
b53b7c9
@ValentineDragan
Add missing infra config and service template config to batch job pods
b054e67
@ValentineDragan
remove redundant config for batch job pods
c142b27
@ValentineDragan
enable SHA256 checksums for Celery S3 backend to avoid MD5 decoding i…
f312dfe 
…ssues when creating endpoints
@ValentineDragan
Fix failing md5 monkey patch
f742965
@ValentineDragan
bump sqlalchemy to 2.0.21 to address md5 FIPS compliance
c8a2c66
@socket-security
Copy link

socket-security bot commented Oct 28, 2025
edited
Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updatedsqlalchemy@​2.0.4 ⏵ 2.0.2197100100100100

View full report

@ValentineDragan ValentineDragan changed the title Update Dockerfile with Chainguard base image Make model-engine FIPS compliant by updating base chainguard image Oct 28, 2025
@ValentineDragan ValentineDragan marked this pull request as ready for review October 28, 2025 23:48
dmchoiboi
dmchoiboi reviewed Oct 29, 2025
View reviewed changes
charts/model-engine/templates/service_template_config_map.yaml
{{- end }}
{{- end }}
{{- if $config_values }}
- name: service-config-volume
Copy link
Collaborator

@dmchoiboi dmchoiboi Oct 29, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

curious if you needed to add this for specific reason? do you actually use batch-job-orchestration-job

Copy link
Collaborator Author

@ValentineDragan ValentineDragan Nov 2, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, if we don't add this change, there are integration tests running batch jobs that will fail because they can't find the service configs. See explanation below:

This is part of fixing the integration tests bug in the file below (rest_api_utils.py). Context (I debugged all this by SSH-ing into the instance running the CircleCI workflows and inspecting the kubernetes logs):

  • Some of the integration tests were using a hardcoded model engine image tag (830c81ecba2a147022e504917c6ce18b00c2af44) to run - see CREATE_DOCKER_IMAGE_BATCH_JOB_BUNDLE_REQUEST, CREATE_FINE_TUNE_DI_BATCH_JOB_BUNDLE_REQUEST..
  • The integration tests would spin up kubernetes pods for some batch jobs, and they were being created from the hardcoded model engine image. But that meant that new changes to model engine server might not actually be reflected in the integration tests, so I updated the rest_api_utils.py file to rebuild the container.

Fixing this bug caused the integration tests to fail because the old hardcoded image had the service configs copied inside the container image, whereas new images need to mount them instead. I reran these tests on another branch where I only changed the model engine image tag used to confirm this is an isolated issue - no other changes (i.e. Dockerfile):

dmchoiboi
dmchoiboi reviewed Nov 3, 2025
View reviewed changes
model-engine/Dockerfile.fips
@@ -1,9 +1,9 @@
# federal/Dockerfile.chainguard
FROM cgr.dev/scale.com/python-fips:3.10.15-dev
FROM cgr.dev/scale.com/python-fips:3.10.19-dev
Copy link
Collaborator

@dmchoiboi dmchoiboi Nov 3, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@andytang-scale can you check if this change is ok w/ your use case?

dmchoiboi
dmchoiboi approved these changes Nov 3, 2025
View reviewed changes
Copy link
Collaborator

@dmchoiboi dmchoiboi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm outside of changing the dockerfile used by fed. tagged @andytang-scale for review

andytang-scale
andytang-scale approved these changes Nov 3, 2025
View reviewed changes
Copy link
Contributor

@andytang-scale andytang-scale left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Just checking though that by removing the sitecustomize.py file these other md5 changes I see implemented allow the dockerfile to run? I just did the general sitecustomize.py to make sure it catches all hashing calls into fips compliance

@ValentineDragan
Copy link
Collaborator Author

ValentineDragan commented Nov 3, 2025

@andytang-scale Thank you 🙌🏻 Yes, previously the sitecustomize.py was fixing the fips vulnerabilities by changing all md5 calls to sha256 (becuase md5 hashing for secrets/cybersecurity is not safe). However this was causing the CircleCI integration tests to fail (because some CircleCI code does actually need md5 to compute git/image hashes). So instead, I bumped the sqlalchemy to a version where they fixed its fips-compliance issues, and marked the md5 calls we make in our code as non-security (we don't use them for secrets, we use them for image/commits).

I tested with a trivy scan and the new Dockerfile.fips is fips compliant.

Also tested (with CircleCI integration tests) that both the standard Dockerfile and Dockerfile.fips are running correctly and passing all integration tests

@ValentineDragan ValentineDragan merged commit 210fa3e into main Nov 3, 2025
7 checks passed
@ValentineDragan ValentineDragan deleted the fix/fix-vulnerabilities-in-model-engine-image branch November 3, 2025 17:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dmchoiboi dmchoiboi dmchoiboi approved these changes

+1 more reviewer

@andytang-scale andytang-scale andytang-scale approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@ValentineDragan @dmchoiboi @andytang-scale