diff --git a/Dockerfile b/Dockerfile index cb623cc08111201d4239e340ca1db80b7f0d9318..14b80c8edf538075acbc9ee9b14ff9ac5e79cd24 100644 --- a/Dockerfile +++ b/Dockerfile @@ -66,8 +66,6 @@ RUN find / -xdev -perm -4000 -exec chmod u-s {} + RUN groupadd --gid 1000 kibana && useradd --uid 1000 --gid 1000 --home-dir /usr/share/kibana --no-create-home kibana USER kibana -LABEL org.label-schema.schema-version="1.0" org.label-schema.vendor="Elastic" org.label-schema.name="kibana" org.label-schema.version="7.10.1" org.label-schema.url="https://www.elastic.co/products/kibana" org.label-schema.vcs-url="https://github.com/elastic/kibana" org.label-schema.license="Elastic License" license="Elastic License" - ENTRYPOINT ["/usr/local/bin/dumb-init", "--"] CMD ["/usr/local/bin/kibana-docker"] diff --git a/Jenkinsfile b/Jenkinsfile deleted file mode 100644 index 0d0038fd1f9846916a82bbf6ed1e172da9878365..0000000000000000000000000000000000000000 --- a/Jenkinsfile +++ /dev/null @@ -1,2 +0,0 @@ -@Library('DCCSCR@master') _ -dccscrPipeline(version: '7.10.1') diff --git a/download.json b/download.json deleted file mode 100644 index 2358c76aa6bdc5c37747ed08170faabd164943be..0000000000000000000000000000000000000000 --- a/download.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "resources": [ - { - "url": "https://artifacts.elastic.co/downloads/kibana/kibana-7.10.1-linux-x86_64.tar.gz", - "filename": "kibana-7.10.1-linux-x86_64.tar.gz", - "validation": { - "type": "sha512", - "value": "bf332b3c13c4d71d3e6a1e8b68cca85b215151b5130f862ea14c548f72bca0978829cd49af8d8e9ce1bc46098c65add7d8a0cf5ec4767b219a0cd7474ec78f11" - } - }, - { - "url": "https://github.com/Yelp/dumb-init/releases/download/v1.2.2/dumb-init_1.2.2_amd64", - "filename": "dumb-init", - "validation": { - "type": "sha256", - "value": "37f2c1f0372a45554f1b89924fbb134fc24c3756efaedf11e07f599494e0eff9" - } - } - ] -} diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml new file mode 100644 index 0000000000000000000000000000000000000000..7be6f06fd0ed27d319a0a8a1ece4e3fbdf0c8c15 --- /dev/null +++ b/hardening_manifest.yaml @@ -0,0 +1,54 @@ +--- +apiVersion: v1 + +# The repository name in registry1, excluding /ironbank/ +name: "elastic/kibana/kibana" + +# List of tags to push for the repository in registry1 +# The most specific version should be the first tag and will be shown +# on ironbank.dsop.io +tags: +- "7.10.1" +- "latest" + +# Build args passed to Dockerfile ARGs +args: + BASE_IMAGE: "redhat/ubi/ubi8" + BASE_TAG: "8.3" + +# Docker image labels +labels: + org.opencontainers.image.title: "kibana" + org.opencontainers.image.description: "Your window into the Elastic Stack." + org.opencontainers.image.licenses: "Elastic License" + org.opencontainers.image.url: "https://www.elastic.co/products/kibana" + org.opencontainers.image.vendor: "Elastic" + org.opencontainers.image.version: "7.10.1" + # mil.dso.ironbank.image.keywords: "" + # mil.dso.ironbank.image.type: "commercial" + mil.dso.ironbank.product.name: "Kibana" + +# List of resources to make available to the offline build context +resources: +- filename: kibana-7.10.1-linux-x86_64.tar.gz + url: https://artifacts.elastic.co/downloads/kibana/kibana-7.10.1-linux-x86_64.tar.gz + validation: + type: sha512 + value: bf332b3c13c4d71d3e6a1e8b68cca85b215151b5130f862ea14c548f72bca0978829cd49af8d8e9ce1bc46098c65add7d8a0cf5ec4767b219a0cd7474ec78f11 +- filename: dumb-init + url: https://github.com/Yelp/dumb-init/releases/download/v1.2.2/dumb-init_1.2.2_amd64 + validation: + type: sha256 + value: 37f2c1f0372a45554f1b89924fbb134fc24c3756efaedf11e07f599494e0eff9 + +# List of project maintainers +maintainers: +- email: "tyler.smalley@elastic.co" + name: "Tyler Smalley" + username: "tylersmalley" + cht_member: false +- email: "klepal_alexander@bah.com" + name: "Alexander Klepal" + username: "alexander.klepal" + cht_member: true +