Update ray operator Dockerfile

[anishasthana]

Why are these changes needed?

We are currently using generic golang and distroless images to build the ray-operator (and other images).
Using “ubi(universal base image)” and “scratch” will improve the security of our images. UBI images are actively maintained, scanned, and updated by Red Hat productization and security teams. Using these images will improve user confidence in what is being provided by the KubeRay community.

scratch is similar to the distroless, but this will make the dockerfile more portable for build systems that are unable to access gcr.io/distroless/static

Related issue number

Not directly related, but we should really update the Go version we are using: #518

Go 1.17 seems to have a lot of vulnerabilities. I'll see if I have some time in the next couple weeks to update it.

Checks

• I've made sure the tests are passing.
• Testing Strategy
  • Unit tests
  • Manual tests
  • This PR is not tested :(

I'm happy to create an issue if required. cc @kevin85421

[anishasthana]

@kevin85421 can you retrigger CI here?

[kevin85421]

make the dockerfile more portable for build systems that are unable to access gcr.io/distroless/static

Would you mind providing more details about why some systems are unable to access gcr.io/distroless/static? Thx

[anishasthana]

Would you mind providing more details about why some systems are unable to access gcr.io/distroless/static?

Some build systems are unable to pull images from public "non-trusted" registries, so gcr.io (or even quay/dockerhub) would be out of the question unless you go through approval processes. As SCRATCH is effectively equivalent to distroless and it doesn't require going to external registries, it would be a good substitute for users who need to build the kuberay operator image in their own internal environments.

[anishasthana]

@kevin85421 bump on this

[kevin85421]

LGTM