Merge branch 'development' into 'master'

Development See merge request !23

Merge branch 'development' into 'master'
Development See merge request !23
3b2f73e7 · Al Fontaine · 28d90fe4 · 9419d280 · 3b2f73e7 · 3b2f73e7
Commit 3b2f73e7 authored Jul 27, 2021 by Al Fontaine
Hide whitespace changes
Inline Side-by-side

Showing with 64 additions and 70 deletions

Dockerfile Dockerfile +3 -5

hardening_manifest.yaml hardening_manifest.yaml +61 -65

No files found.
--- a/Dockerfile
+++ b/Dockerfile
@@ -9,8 +9,8 @@ FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG}
 ENV LANG="C.UTF-8"
 # IB custom ENV vars
-ENV RPM_VERSION=6.1.1-1
+ENV RPM_VERSION=6.1.2-1
-ENV IMG_TAR_VERSION=6.1.1.0
+ENV IMG_TAR_VERSION=6.1.2.1
 USER root
@@ -60,7 +60,7 @@ ARG KAFKA_ADVERTISED_LISTENERS
 ENV KAFKA_ADVERTISED_LISTENERS=${KAFKA_ADVERTISED_LISTENERS}
 ENV COMPONENT=kafka
-ENV CONFLUENT_VERSION=6.1.1
+ENV CONFLUENT_VERSION=6.1.2
 ENV CUB_CLASSPATH='"/usr/share/java/cp-base-new/*"'
 # primary
@@ -104,13 +104,11 @@ COPY cp-server-operator-*_EtcConfluent.tar.gz /etc/
 ## For auditing & debugging
 COPY Dockerfile /etc/confluent/ironbank/
 COPY hardening_manifest.yaml /etc/confluent/ironbank/
-COPY maven-artifact-3.8.1.jar /tmp/
 RUN echo "===> Installing operator stuff" \
    && cd /usr/share && tar -xvf *_UsrShareJava.tar.gz && rm *_UsrShareJava.tar.gz \
    && cd /opt && tar -xvf *_OptCaas.tar.gz && rm *_OptCaas.tar.gz \
    && cd /etc && tar -xvf *_EtcConfluent.tar.gz && rm *_EtcConfluent.tar.gz \
-    && find /usr/share/java -type f \( -name "maven-artifact-3.3.3.jar" -o -name "maven-artifact-3.6.3.jar" \) -execdir cp /tmp/maven-artifact-3.8.1.jar . \; -exec rm {} \; \ 
    && chown -R appuser:appuser /etc/confluent \
    && mkdir -p "$KAFKA_DATA_DIR" "${KAFKA_LOG4J_DIR}" "${KAFKA_CONFIG_DIR}" "${COMPONENT_SCRIPT_DIR}/${COMPONENT}" \
   	&& chmod -R ag+w "${KAFKA_LOG4J_DIR}" "${KAFKA_CONFIG_DIR}" "$KAFKA_DATA_DIR" "/opt"

--- a/hardening_manifest.yaml
+++ b/hardening_manifest.yaml
@@ -8,6 +8,8 @@ name: "confluentinc/cp-server-operator"
 # The most specific version should be the first tag and will be shown
 # on ironbank.dso.mil
 tags:
+- "6.1.2.1"
+- "6.1.2"
 - "6.1.1.0"
 - "6.1.1"
 - "6.1.x"
@@ -23,9 +25,9 @@ labels:
  org.opencontainers.image.title: "cp-server-operator"
  org.opencontainers.image.description: "Confluent Operator image for cp-server-operator."
  org.opencontainers.image.licenses: "CONFLUENT ENTERPRISE LICENSE"
-  org.opencontainers.image.url: "https://docs.confluent.io/6.1.1/installation/operator/index.html"
+  org.opencontainers.image.url: "https://docs.confluent.io/6.1.2/installation/operator/index.html"
  org.opencontainers.image.vendor: "Confluent"
-  org.opencontainers.image.version: "6.1.1"
+  org.opencontainers.image.version: "6.1.2"
  mil.dso.ironbank.image.keywords: "confluent,kafka,zookeeper,operator"
  mil.dso.ironbank.image.type: "commercial"
  mil.dso.ironbank.product.name: "Confluent Platform"
@@ -222,108 +224,102 @@ resources:
  validation:
    type: sha256
    value: 6753aba4eab80062784a903af0314877d36fa4f998333adffecb0fcba81113cd  
- filename: confluent-common-6.1.1-1.noarch.rpm
+- filename: confluent-common-6.1.2-1.noarch.rpm
-  url: https://packages.confluent.io/rpm/6.1/confluent-common-6.1.1-1.noarch.rpm
+  url: https://packages.confluent.io/rpm/6.1/confluent-common-6.1.2-1.noarch.rpm
  validation:
    type: sha256
-    value: 3ad1efeceed8b2febedc2534191e92980766ebc88d6a44e665b8febd7978a105
+    value: 26c1f0295805e05ec8ff5883c11d4755231f5fddb0b5b9ff49108d0354779244
- filename: confluent-control-center-6.1.1-1.noarch.rpm
+- filename: confluent-control-center-6.1.2-1.noarch.rpm
-  url: https://packages.confluent.io/rpm/6.1/confluent-control-center-6.1.1-1.noarch.rpm
+  url: https://packages.confluent.io/rpm/6.1/confluent-control-center-6.1.2-1.noarch.rpm
  validation:
    type: sha256
-    value: a5aeb1dab7320b4b7e8bc39722ea30d93a3ef6bfb513bc274b3a374701de680e
+    value: 510ed4f5ec779b05942c0ed3baeff4e7183f840725f1cbff58d38335b14a1fab
- filename: confluent-control-center-fe-6.1.1-1.noarch.rpm
+- filename: confluent-control-center-fe-6.1.2-1.noarch.rpm
-  url: https://packages.confluent.io/rpm/6.1/confluent-control-center-fe-6.1.1-1.noarch.rpm
+  url: https://packages.confluent.io/rpm/6.1/confluent-control-center-fe-6.1.2-1.noarch.rpm
  validation:
    type: sha256
-    value: c1189f5b3525b05240074883b8f483ac55ef378b0230ea3731a3733ff9767e10
+    value: e0d14eaf6e5f4218034aa9e8580fd615c1665eaa13b2f7542e8c78681d5673d0
- filename: confluent-rebalancer-6.1.1-1.noarch.rpm
+- filename: confluent-rebalancer-6.1.2-1.noarch.rpm
-  url: https://packages.confluent.io/rpm/6.1/confluent-rebalancer-6.1.1-1.noarch.rpm
+  url: https://packages.confluent.io/rpm/6.1/confluent-rebalancer-6.1.2-1.noarch.rpm
  validation:
    type: sha256
-    value: dfcc9e938c2f50c7bb3c1a41835a912df8cb49bba6e41d94d5d6ff4317ab3237
+    value: ae1a92fab61357ed7a29e2cdc345e79ad69ffb79b3c8c118378b01319ca670cb
- filename: confluent-rest-utils-6.1.1-1.noarch.rpm
+- filename: confluent-rest-utils-6.1.2-1.noarch.rpm
-  url: https://packages.confluent.io/rpm/6.1/confluent-rest-utils-6.1.1-1.noarch.rpm
+  url: https://packages.confluent.io/rpm/6.1/confluent-rest-utils-6.1.2-1.noarch.rpm
  validation:
    type: sha256
-    value: 5413105783d24493747351c358137eb60ce4645ffe88fd91629cb3d716a02930
+    value: 5f4a62b06e0d61e7350cd0928ea601253dbc1ecf143d81f38468d8e4f456cd49
- filename: confluent-security-6.1.1-1.noarch.rpm
+- filename: confluent-security-6.1.2-1.noarch.rpm
-  url: https://packages.confluent.io/rpm/6.1/confluent-security-6.1.1-1.noarch.rpm
+  url: https://packages.confluent.io/rpm/6.1/confluent-security-6.1.2-1.noarch.rpm
  validation:
    type: sha256
-    value: efb748578c9c14b9ac8eec16da3bc1bdfb47bcd9eb8f741a0be393df8b3a9867
+    value: 21b93b892a1b6814440357c7d3658e5c4a2385ef60acef8d6c0b35e1f29ab825
- filename: confluent-schema-registry-6.1.1-1.noarch.rpm
+- filename: confluent-schema-registry-6.1.2-1.noarch.rpm
-  url: https://packages.confluent.io/rpm/6.1/confluent-schema-registry-6.1.1-1.noarch.rpm
+  url: https://packages.confluent.io/rpm/6.1/confluent-schema-registry-6.1.2-1.noarch.rpm
  validation:
    type: sha256
-    value: 6ea825e3d9eecc82b2adb633483770960decdab2a268f45fc18e0a78801a0416
+    value: c19a098bf8487a7722d0fc408ceff6a350fc3a990713ed43cae7557ade2449cf
- filename: confluent-hub-client-6.1.1-1.noarch.rpm
+- filename: confluent-hub-client-6.1.2-1.noarch.rpm
-  url: https://packages.confluent.io/rpm/6.1/confluent-hub-client-6.1.1-1.noarch.rpm
+  url: https://packages.confluent.io/rpm/6.1/confluent-hub-client-6.1.2-1.noarch.rpm
  validation:
    type: sha256
-    value: 43da2b6c9362043ff12bc436bc325a407ca44e1c90a1794e00e856da4ec17e01
+    value: 539ecc095fc639383d56a5cb823821a489b896f8f7f1921d6dd59caadf09d5e4
- filename: confluent-metadata-service-6.1.1-1.noarch.rpm
+- filename: confluent-metadata-service-6.1.2-1.noarch.rpm
-  url: https://packages.confluent.io/rpm/6.1/confluent-metadata-service-6.1.1-1.noarch.rpm
+  url: https://packages.confluent.io/rpm/6.1/confluent-metadata-service-6.1.2-1.noarch.rpm
  validation:
    type: sha256
-    value: 98a182c7a8a8e559447088a344339511559043091c259b3367e41c02709b639f
+    value: 3e4100be4aa5996b33ad3ab10ef37453d479e08187186c38b36734c97129ac97
- filename: confluent-kafka-connect-replicator-6.1.1-1.noarch.rpm
+- filename: confluent-kafka-connect-replicator-6.1.2-1.noarch.rpm
-  url: https://packages.confluent.io/rpm/6.1/confluent-kafka-connect-replicator-6.1.1-1.noarch.rpm
+  url: https://packages.confluent.io/rpm/6.1/confluent-kafka-connect-replicator-6.1.2-1.noarch.rpm
  validation:
    type: sha256
-    value: fff17926fc2e2e9b631d80c3192f66d7d2767e3a3971c4df7be9fb332ac49a31
+    value: 2254c4984fa35115e7738c647359bccd93abfbc3eab85e1028a82216c8254842
- filename: confluent-server-6.1.1-1.noarch.rpm
+- filename: confluent-server-6.1.2-1.noarch.rpm
-  url: https://packages.confluent.io/rpm/6.1/confluent-server-6.1.1-1.noarch.rpm
+  url: https://packages.confluent.io/rpm/6.1/confluent-server-6.1.2-1.noarch.rpm
  validation:
    type: sha256
-    value: 3a187333e1b222d61775be372ba88549592e375bf2cd8a496f4608148d7006d9
+    value: be25eff13dc44fece6a8ef414d59f8e1fe59ee26b503730eef54d15c0f9b14a2
- filename: confluent-ce-kafka-http-server-6.1.1-1.noarch.rpm
+- filename: confluent-ce-kafka-http-server-6.1.2-1.noarch.rpm
-  url: https://packages.confluent.io/rpm/6.1/confluent-ce-kafka-http-server-6.1.1-1.noarch.rpm
+  url: https://packages.confluent.io/rpm/6.1/confluent-ce-kafka-http-server-6.1.2-1.noarch.rpm
  validation:
    type: sha256
-    value: 6e275400d2dab2e4789336478a9a484f960a0910568896923a55f77cc32bafab
+    value: f16faa923f6c870ccc8509bab96b603ef1f6fd6bdc4a75553ae850f1807d709c
- filename: confluent-server-rest-6.1.1-1.noarch.rpm
+- filename: confluent-server-rest-6.1.2-1.noarch.rpm
-  url: https://packages.confluent.io/rpm/6.1/confluent-server-rest-6.1.1-1.noarch.rpm
+  url: https://packages.confluent.io/rpm/6.1/confluent-server-rest-6.1.2-1.noarch.rpm
  validation:
    type: sha256
-    value: 308277179451038d44405ea860b974f500529b4328982576a4f74b56d02c3548
+    value: d95b65083ccaa3519669b8837feb2017e3e7221ff2affa9b2e30a212cd6f9e3e
- filename: confluent-telemetry-6.1.1-1.noarch.rpm
+- filename: confluent-telemetry-6.1.2-1.noarch.rpm
-  url: https://packages.confluent.io/rpm/6.1/confluent-telemetry-6.1.1-1.noarch.rpm
+  url: https://packages.confluent.io/rpm/6.1/confluent-telemetry-6.1.2-1.noarch.rpm
  validation:
    type: sha256
-    value: 339ae6258cb2e1152d91633defdabb5d76ba13cc12a5eedc06f3cd12a3fffd4c
+    value: b9bdf6ab71228d7cd1b7aff857bc44c7c8638e66d7ee420ec9a7f1a8df78a704
- filename: confluent-kafka-rest-6.1.1-1.noarch.rpm
+- filename: confluent-kafka-rest-6.1.2-1.noarch.rpm
-  url: https://packages.confluent.io/rpm/6.1/confluent-kafka-rest-6.1.1-1.noarch.rpm
+  url: https://packages.confluent.io/rpm/6.1/confluent-kafka-rest-6.1.2-1.noarch.rpm
  validation:
    type: sha256
-    value: e87df3f088b64384cbcc529565d3321557ea297e768a965620744937eda03768
+    value: 177ab2bde9d5608d8589c91d6ff85b7123a5f5c9a9e22afa4bc4657657d63e96
- filename: cp-server-operator-6.1.1.0_OptCaas.tar.gz
+- filename: cp-server-operator-6.1.2.1_OptCaas.tar.gz
-  url: https://ironbank-files.s3.amazonaws.com/cp-server-operator-6.1.1.0_OptCaas.tar.gz
+  url: https://ironbank-files.s3.amazonaws.com/cp-server-operator-6.1.2.1_OptCaas.tar.gz
  validation:
    type: sha256
-    value: 610d0e203a9566e88896b2250abf899184fa9c53ec73fe3ee4b63c3d82f476d9
+    value: 0337cdbc127af03e01116ddb1dd83428b248beba08a12483b10625eb9f63bc22
- filename: cp-server-operator-6.1.1.0_UsrShareJava.tar.gz
+- filename: cp-server-operator-6.1.2.1_UsrShareJava.tar.gz
-  url: https://ironbank-files.s3.amazonaws.com/cp-server-operator-6.1.1.0_UsrShareJava.tar.gz
+  url: https://ironbank-files.s3.amazonaws.com/cp-server-operator-6.1.2.1_UsrShareJava.tar.gz
  validation:
    type: sha256
-    value: 39145adeafa91d8587cee6a816121e98383aa4493dc37de918755129f70975a8
+    value: c6480a6ff93770c1b11ee1e80ddfe09906fcfa0e1ec45fd798ab1a82278d66d3
- filename: cp-server-operator-6.1.1.0_UsrShareDoc.tar.gz
+- filename: cp-server-operator-6.1.2.1_UsrShareDoc.tar.gz
-  url: https://ironbank-files.s3.amazonaws.com/cp-server-operator-6.1.1.0_UsrShareDoc.tar.gz
+  url: https://ironbank-files.s3.amazonaws.com/cp-server-operator-6.1.2.1_UsrShareDoc.tar.gz
  validation:
    type: sha256
-    value: 1158754365d8b8c0ac2c2179eb8ec733b8357148cd72dbb2fff741007d8613a7
+    value: 6c1c924dff1d9a53661711a222a8f866f054272bcd86789961172a3532752be9
- filename: cp-server-operator-6.1.1.0_EtcConfluent.tar.gz
+- filename: cp-server-operator-6.1.2.1_EtcConfluent.tar.gz
-  url: https://ironbank-files.s3.amazonaws.com/cp-server-operator-6.1.1.0_EtcConfluent.tar.gz
+  url: https://ironbank-files.s3.amazonaws.com/cp-server-operator-6.1.2.1_EtcConfluent.tar.gz
  validation:
    type: sha256
-    value: d0010d491ed7d28eab7da8661661a3f75219a4f68ded66618aaa953994791b90     
+    value: 1b0e3974172de0a9707cd4a4e6379b7aa99fde14a3ff5b8e228af2427d8a689e     
- filename: maven-artifact-3.8.1.jar
-  url: https://repo1.maven.org/maven2/org/apache/maven/maven-artifact/3.8.1/maven-artifact-3.8.1.jar
-  validation:
-    type: sha256
-    value: 9dbd3db15ac4816471e72981cb06ef90f3ffa8be6628dddf7135f7bd69bee0c0      
 # List of project maintainers
 maintainers:
 - name: "Scott Stroud"