update to version 25.56.1

3b38df7c · Zachary Sanders · 0de4fb2d · 3b38df7c · 3b38df7c · 3b38df7c
Commit 3b38df7c authored Jul 19, 2021 by Zachary Sanders
5 changed files
--- a/dist/manager/ironbank/artifacts.js
+++ b/dist/manager/ironbank/artifacts.js
@@ -54,7 +54,6 @@ async function updateArtifacts({ packageFileName, updatedDeps, newPackageFileCon
        }
    }
    for (const dep of updatedDeps) {
-        logger_1.logger.debug(`updatedDep(${dep})`);
        if (charts.has(dep)) {
            const result = await postUpgrade(charts.get(dep), upath_1.join(admin_1.getAdminConfig(), dep));
            if (!result) {

--- a/dist/manager/ironbank/artifacts.js.map
+++ b/dist/manager/ironbank/artifacts.js.map
-{"version":3,"file":"artifacts.js","sourceRoot":"","sources":["../../../lib/manager/ironbank/artifacts.ts"],"names":[],"mappings":";;;;;;AAAA,0DAAkC;AAClC,sDAA2B;AAC3B,iCAA6B;AAC7B,8CAAoD;AACpD,yCAAsC;AACtC,0CAAuC;AACvC,sCAA8C;AAC9C,wCAA+C;AAI/C,KAAK,UAAU,WAAW,CAAC,GAAW,EAAE,IAAY;IAClD,eAAM,CAAC,KAAK,CAAC,wBAAwB,GAAG,KAAK,IAAI,GAAG,CAAC,CAAC;IACtD,IAAI;QACF,MAAM,GAAG,GAAG,kBAAkB,CAAC;QAC/B,MAAM,IAAI,GAAG,cAAc,GAAG,IAAI,GAAG,SAAS,GAAG,GAAG,CAAC;QACrD,MAAM,WAAI,CAAC,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,CAAC;KAC9B;IAAC,OAAO,GAAG,EAAE;QACZ,eAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAClB,OAAO,KAAK,CAAC;KACd;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAEM,KAAK,UAAU,eAAe,CAAC,EACpC,eAAe,EACf,WAAW,EACX,qBAAqB,EACrB,MAAM,GACS;;IACf,eAAM,CAAC,KAAK,CAAC,4BAA4B,eAAe,GAAG,CAAC,CAAC;IAC7D,IAAI,CAAC,YAAE,CAAC,aAAa,CAAC,WAAW,CAAC,EAAE;QAClC,OAAO,IAAI,CAAC;KACb;IAED,IAAI,QAA2B,CAAC;IAChC,IAAI;QACF,QAAQ,GAAG,iBAAI,CAAC,IAAI,CAAC,qBAAqB,EAAE;YAC1C,IAAI,EAAE,IAAI;SACX,CAAsB,CAAC;KACzB;IAAC,OAAO,GAAG,EAAE;QACZ,eAAM,CAAC,KAAK,CAAC,yCAAyC,CAAC,CAAC;QACxD,OAAO,IAAI,CAAC;KACb;IAED,IAAI,CAAC,CAAC,QAAQ,IAAI,YAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE;QAC/C,OAAO,IAAI,CAAC;KACb;IAED,IAAI,CAAC,CAAA,MAAA,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,GAAG,0CAAE,UAAU,CAAC,SAAS,CAAC,CAAA,EAAE;QACrD,OAAO,IAAI,CAAC;KACb;IAED,MAAM,MAAM,GAAG,IAAI,GAAG,EAAE,CAAC;IACzB,KAAK,MAAM,IAAI,IAAI,QAAQ,CAAC,SAAS,EAAE;QACrC,IAAI,MAAA,IAAI,CAAC,GAAG,0CAAE,UAAU,CAAC,SAAS,CAAC,EAAE;YACnC,MAAM,CAAC,GAAG,CACR,IAAI,CAAC,IAAI,EACT,GAAG,MAAM,CAAC,UAAU,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,EAAE,CACxD,CAAC;SACH;KACF;IAED,KAAK,MAAM,GAAG,IAAI,WAAW,EAAE;QAC7B,eAAM,CAAC,KAAK,CAAC,cAAc,GAAG,GAAG,CAAC,CAAC;QACnC,IAAI,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE;YACnB,MAAM,MAAM,GAAG,MAAM,WAAW,CAC9B,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,EACf,YAAI,CAAC,sBAAc,EAAE,EAAE,GAAG,CAAC,CAC5B,CAAC;YACF,IAAI,CAAC,MAAM,EAAE;gBACX,OAAO,IAAI,CAAC;aACb;SACF;KACF;IAED,MAAM,GAAG,GAAG,EAAE,CAAC;IACf,MAAM,MAAM,GAAG,MAAM,mBAAa,EAAE,CAAC;IAErC,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE;QACxD,GAAG,CAAC,IAAI,CAAC;YACP,IAAI,EAAE;gBACJ,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,MAAM,kBAAa,CAAC,CAAC,CAAC;aACjC;SACF,CAAC,CAAC;KACJ;IAED,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,IAAI,EAAE,EAAE;QACpC,GAAG,CAAC,IAAI,CAAC;YACP,IAAI,EAAE;gBACJ,IAAI,EAAE,UAAU;gBAChB,QAAQ,EAAE,CAAC;aACZ;SACF,CAAC,CAAC;KACJ;IAED,OAAO,GAAG,CAAC;AACb,CAAC;AA1ED,0CA0EC","sourcesContent":["import is from '@sindresorhus/is';\nimport yaml from 'js-yaml';\nimport { join } from 'upath';\nimport { getAdminConfig } from '../../config/admin';\nimport { logger } from '../../logger';\nimport { exec } from '../../util/exec';\nimport { readLocalFile } from '../../util/fs';\nimport { getRepoStatus } from '../../util/git';\nimport { UpdateArtifact, UpdateArtifactsResult } from '../types';\nimport { HardeningManifest } from './extract';\n\nasync function postUpgrade(url: string, path: string): Promise<boolean> {\n  logger.debug(`ironbank.postUpgrade(${url}, ${path})`);\n  try {\n    const cmd = 'ironbank-helm.sh';\n    const args = '--directory ' + path + ' --url ' + url;\n    await exec(`${cmd} ${args}`);\n  } catch (err) {\n    logger.error(err);\n    return false;\n  }\n  return true;\n}\n\nexport async function updateArtifacts({\n  packageFileName,\n  updatedDeps,\n  newPackageFileContent,\n  config,\n}: UpdateArtifact): Promise<UpdateArtifactsResult[] | null> {\n  logger.debug(`ironbank.updateArtifacts(${packageFileName})`);\n  if (!is.nonEmptyArray(updatedDeps)) {\n    return null;\n  }\n\n  let manifest: HardeningManifest;\n  try {\n    manifest = yaml.load(newPackageFileContent, {\n      json: true,\n    }) as HardeningManifest;\n  } catch (err) {\n    logger.error('Failed to parse hardening_manifest.yaml');\n    return null;\n  }\n\n  if (!(manifest && is.array(manifest.resources))) {\n    return null;\n  }\n\n  if (!manifest.resources[0].url?.startsWith('helm://')) {\n    return null;\n  }\n\n  const charts = new Map();\n  for (const item of manifest.resources) {\n    if (item.url?.startsWith('helm://')) {\n      charts.set(\n        item.name,\n        `${String('https://')}${String(item.url.substring(7))}`\n      );\n    }\n  }\n\n  for (const dep of updatedDeps) {\n    logger.debug(`updatedDep(${dep})`);\n    if (charts.has(dep)) {\n      const result = await postUpgrade(\n        charts.get(dep),\n        join(getAdminConfig(), dep)\n      );\n      if (!result) {\n        return null;\n      }\n    }\n  }\n\n  const res = [];\n  const status = await getRepoStatus();\n\n  for (const f of status.modified.concat(status.not_added)) {\n    res.push({\n      file: {\n        name: f,\n        contents: await readLocalFile(f),\n      },\n    });\n  }\n\n  for (const f of status.deleted || []) {\n    res.push({\n      file: {\n        name: '|delete|',\n        contents: f,\n      },\n    });\n  }\n\n  return res;\n}\n"]}
\ No newline at end of file
+{"version":3,"file":"artifacts.js","sourceRoot":"","sources":["../../../lib/manager/ironbank/artifacts.ts"],"names":[],"mappings":";;;;;;AAAA,0DAAkC;AAClC,sDAA2B;AAC3B,iCAA6B;AAC7B,8CAAoD;AACpD,yCAAsC;AACtC,0CAAuC;AACvC,sCAA8C;AAC9C,wCAA+C;AAI/C,KAAK,UAAU,WAAW,CAAC,GAAW,EAAE,IAAY;IAClD,eAAM,CAAC,KAAK,CAAC,wBAAwB,GAAG,KAAK,IAAI,GAAG,CAAC,CAAC;IACtD,IAAI;QACF,MAAM,GAAG,GAAG,kBAAkB,CAAC;QAC/B,MAAM,IAAI,GAAG,cAAc,GAAG,IAAI,GAAG,SAAS,GAAG,GAAG,CAAC;QACrD,MAAM,WAAI,CAAC,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,CAAC;KAC9B;IAAC,OAAO,GAAG,EAAE;QACZ,eAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAClB,OAAO,KAAK,CAAC;KACd;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAEM,KAAK,UAAU,eAAe,CAAC,EACpC,eAAe,EACf,WAAW,EACX,qBAAqB,EACrB,MAAM,GACS;;IACf,eAAM,CAAC,KAAK,CAAC,4BAA4B,eAAe,GAAG,CAAC,CAAC;IAC7D,IAAI,CAAC,YAAE,CAAC,aAAa,CAAC,WAAW,CAAC,EAAE;QAClC,OAAO,IAAI,CAAC;KACb;IAED,IAAI,QAA2B,CAAC;IAChC,IAAI;QACF,QAAQ,GAAG,iBAAI,CAAC,IAAI,CAAC,qBAAqB,EAAE;YAC1C,IAAI,EAAE,IAAI;SACX,CAAsB,CAAC;KACzB;IAAC,OAAO,GAAG,EAAE;QACZ,eAAM,CAAC,KAAK,CAAC,yCAAyC,CAAC,CAAC;QACxD,OAAO,IAAI,CAAC;KACb;IAED,IAAI,CAAC,CAAC,QAAQ,IAAI,YAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE;QAC/C,OAAO,IAAI,CAAC;KACb;IAED,IAAI,CAAC,CAAA,MAAA,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,GAAG,0CAAE,UAAU,CAAC,SAAS,CAAC,CAAA,EAAE;QACrD,OAAO,IAAI,CAAC;KACb;IAED,MAAM,MAAM,GAAG,IAAI,GAAG,EAAE,CAAC;IACzB,KAAK,MAAM,IAAI,IAAI,QAAQ,CAAC,SAAS,EAAE;QACrC,IAAI,MAAA,IAAI,CAAC,GAAG,0CAAE,UAAU,CAAC,SAAS,CAAC,EAAE;YACnC,MAAM,CAAC,GAAG,CACR,IAAI,CAAC,IAAI,EACT,GAAG,MAAM,CAAC,UAAU,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,EAAE,CACxD,CAAC;SACH;KACF;IAED,KAAK,MAAM,GAAG,IAAI,WAAW,EAAE;QAC7B,IAAI,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE;YACnB,MAAM,MAAM,GAAG,MAAM,WAAW,CAC9B,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,EACf,YAAI,CAAC,sBAAc,EAAE,EAAE,GAAG,CAAC,CAC5B,CAAC;YACF,IAAI,CAAC,MAAM,EAAE;gBACX,OAAO,IAAI,CAAC;aACb;SACF;KACF;IAED,MAAM,GAAG,GAAG,EAAE,CAAC;IACf,MAAM,MAAM,GAAG,MAAM,mBAAa,EAAE,CAAC;IAErC,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE;QACxD,GAAG,CAAC,IAAI,CAAC;YACP,IAAI,EAAE;gBACJ,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,MAAM,kBAAa,CAAC,CAAC,CAAC;aACjC;SACF,CAAC,CAAC;KACJ;IAED,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,IAAI,EAAE,EAAE;QACpC,GAAG,CAAC,IAAI,CAAC;YACP,IAAI,EAAE;gBACJ,IAAI,EAAE,UAAU;gBAChB,QAAQ,EAAE,CAAC;aACZ;SACF,CAAC,CAAC;KACJ;IAED,OAAO,GAAG,CAAC;AACb,CAAC;AAzED,0CAyEC","sourcesContent":["import is from '@sindresorhus/is';\nimport yaml from 'js-yaml';\nimport { join } from 'upath';\nimport { getAdminConfig } from '../../config/admin';\nimport { logger } from '../../logger';\nimport { exec } from '../../util/exec';\nimport { readLocalFile } from '../../util/fs';\nimport { getRepoStatus } from '../../util/git';\nimport { UpdateArtifact, UpdateArtifactsResult } from '../types';\nimport { HardeningManifest } from './extract';\n\nasync function postUpgrade(url: string, path: string): Promise<boolean> {\n  logger.debug(`ironbank.postUpgrade(${url}, ${path})`);\n  try {\n    const cmd = 'ironbank-helm.sh';\n    const args = '--directory ' + path + ' --url ' + url;\n    await exec(`${cmd} ${args}`);\n  } catch (err) {\n    logger.error(err);\n    return false;\n  }\n  return true;\n}\n\nexport async function updateArtifacts({\n  packageFileName,\n  updatedDeps,\n  newPackageFileContent,\n  config,\n}: UpdateArtifact): Promise<UpdateArtifactsResult[] | null> {\n  logger.debug(`ironbank.updateArtifacts(${packageFileName})`);\n  if (!is.nonEmptyArray(updatedDeps)) {\n    return null;\n  }\n\n  let manifest: HardeningManifest;\n  try {\n    manifest = yaml.load(newPackageFileContent, {\n      json: true,\n    }) as HardeningManifest;\n  } catch (err) {\n    logger.error('Failed to parse hardening_manifest.yaml');\n    return null;\n  }\n\n  if (!(manifest && is.array(manifest.resources))) {\n    return null;\n  }\n\n  if (!manifest.resources[0].url?.startsWith('helm://')) {\n    return null;\n  }\n\n  const charts = new Map();\n  for (const item of manifest.resources) {\n    if (item.url?.startsWith('helm://')) {\n      charts.set(\n        item.name,\n        `${String('https://')}${String(item.url.substring(7))}`\n      );\n    }\n  }\n\n  for (const dep of updatedDeps) {\n    if (charts.has(dep)) {\n      const result = await postUpgrade(\n        charts.get(dep),\n        join(getAdminConfig(), dep)\n      );\n      if (!result) {\n        return null;\n      }\n    }\n  }\n\n  const res = [];\n  const status = await getRepoStatus();\n\n  for (const f of status.modified.concat(status.not_added)) {\n    res.push({\n      file: {\n        name: f,\n        contents: await readLocalFile(f),\n      },\n    });\n  }\n\n  for (const f of status.deleted || []) {\n    res.push({\n      file: {\n        name: '|delete|',\n        contents: f,\n      },\n    });\n  }\n\n  return res;\n}\n"]}
\ No newline at end of file
--- a/hardening_manifest.yaml
+++ b/hardening_manifest.yaml
@@ -8,7 +8,7 @@ name: "container-hardening-tools/renovate/renovate"
 # The most specific version should be the first tag and will be shown
 # on ironbank.dsop.io
 tags:
- "25.51.0"
+- "25.56.1"
 - "latest"

 # Build args passed to Dockerfile ARGs
@@ -37,8 +37,8 @@ labels:

 # List of resources to make available to the offline build context
 resources:
- tag: renovate/renovate:25.51.0
-  url: docker://docker.io/renovate/renovate@sha256:116bc9b4717d5bac6a28170784f9bad7f5abe70b594ad92c175aa0ed116b3e74
+- tag: renovate/renovate:25.56.1
+  url: docker://docker.io/renovate/renovate@sha256:082f2dc8a68061c2d2fc0ec3f7ab9a98697d6b57a15acf71db396a7adf1346f1
 - filename: helm-docs.tar.gz
  url: https://github.com/norwoodj/helm-docs/releases/download/v1.5.0/helm-docs_1.5.0_Linux_x86_64.tar.gz
  validation:

--- a/lib/manager/ironbank/__fixtures__/hardening_manifest.yaml
+++ b/lib/manager/ironbank/__fixtures__/hardening_manifest.yaml
-sargs:
+args:
  BASE_IMAGE: "opensource/nodejs/nodejs14"
  BASE_TAG: "14.16.1"

@@ -16,10 +16,10 @@ resources:
      type: sha256
      value: c2b5bbb6c2236f73310b22c748e32a88f25288f3e6e1bd272f3dccc6a2322160
  - filename: urllib3-1.25.10-py2.py3-none-any.whl
-    url: https://files.pythonhosted.org/packages/5f/64/43575537846896abac0b15c3e5ac678d787a4021e906703f1766bfb8ea11/urllib3-1.26.6-py2.py3-none-any.whl
+    url: https://files.pythonhosted.org/packages/9f/f0/a391d1463ebb1b233795cabfc0ef38d3db4442339de68f847026199e69d7/urllib3-1.25.10-py2.py3-none-any.whl
    validation:
      type: sha256
-      value: 39fb8672126159acb139a7718dd10806104dec1e2f0f6c88aab05d17df10c8d4
+      value: e7983572181f5e1522d9c98453462384ee92a0be7fac5f1413a1e35c56cc0461
  - filename: gitlab-triage-1.15.0.gem
    url: https://rubygems.org/downloads/gitlab-triage-1.15.0.gem
    validation:

--- a/lib/manager/ironbank/artifacts.ts
+++ b/lib/manager/ironbank/artifacts.ts
@@ -62,7 +62,6 @@ export async function updateArtifacts({
  }

  for (const dep of updatedDeps) {
-    logger.debug(`updatedDep(${dep})`);
    if (charts.has(dep)) {
      const result = await postUpgrade(
        charts.get(dep),