diff --git a/Dockerfile b/Dockerfile index 81ee8db8c4d4402e4f73a20c6bee45e9644d51a4..f167a64b91f04881bd4673ed0c022ce7430bbe44 100644 --- a/Dockerfile +++ b/Dockerfile @@ -12,14 +12,6 @@ ARG GITLAB_VERSION ARG GITLAB_USER=git ARG DNF_OPTS -LABEL source="https://gitlab.com/gitlab-org/gitlab" \ - name="GitLab Task Runner" \ - maintainer="GitLab Distribution Team" \ - vendor="GitLab" \ - version=${GITLAB_VERSION} \ - release=${GITLAB_VERSION} \ - summary="Task Runner is an entry point for interaction with other containers in the cluster." \ - description="Task Runner is an entry point for interaction with other containers in the cluster. It contains scripts for running Rake tasks, backup, restore, and tools to intract with object storage." ADD gitlab-task-runner-ee.tar.gz / ADD gitlab-python.tar.gz / diff --git a/Jenkinsfile b/Jenkinsfile deleted file mode 100644 index 11e5b2480007a3b3ad5f698bcf5be9a4c79ee825..0000000000000000000000000000000000000000 --- a/Jenkinsfile +++ /dev/null @@ -1,2 +0,0 @@ -@Library('DCCSCR@master') _ -dccscrPipeline(version: "13.5.4") diff --git a/download.yaml b/download.yaml deleted file mode 100644 index 1c3d3b5d5880710ded7cb9820c667f9ed4f1325b..0000000000000000000000000000000000000000 --- a/download.yaml +++ /dev/null @@ -1,11 +0,0 @@ -resources: - - url: "http://gitlab-ubi.s3.amazonaws.com/ubi8-build-dependencies-v13.5.4-ubi8/gitlab-task-runner-ee.tar.gz" - filename: "gitlab-task-runner-ee.tar.gz" - validation: - type: "sha256" - value: "5b190cb3193ba713e41528bd49708c9b90cb812d0082bacfaa65272ea6543beb" - - url: "http://gitlab-ubi.s3.amazonaws.com/ubi8-build-dependencies-v13.5.4-ubi8/gitlab-python.tar.gz" - filename: "gitlab-python.tar.gz" - validation: - type: "sha256" - value: "8cd4fbc021b59d139b335b77062c7f4fb0ee003fd9b4c8fd5e52754fe8b39e4f" diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml new file mode 100644 index 0000000000000000000000000000000000000000..42e2687435bfb07646555633b41490e263c20741 --- /dev/null +++ b/hardening_manifest.yaml @@ -0,0 +1,63 @@ +--- +apiVersion: v1 + +# The repository name in registry1, excluding /ironbank/ +name: "gitlab/gitlab/gitlab-task-runner" + +# List of tags to push for the repository in registry1 +# The most specific version should be the first tag and will be shown +# on ironbank.dsop.io +tags: +- "13.5.4" +- "latest" + +# Build args passed to Dockerfile ARGs +args: + BASE_IMAGE: "gitlab/gitlab/gitlab-rails" + BASE_TAG: "13.6.0" + +# Docker image labels +labels: + org.opencontainers.image.title: "gitlab-task-runner" + ## Human-readable description of the software packaged in the image + # org.opencontainers.image.description: "FIXME" + ## License(s) under which contained software is distributed + # org.opencontainers.image.licenses: "FIXME" + ## URL to find more information on the image + # org.opencontainers.image.url: "FIXME" + ## Name of the distributing entity, organization or individual + # org.opencontainers.image.vendor: "FIXME" + org.opencontainers.image.version: "13.5.4" + ## Keywords to help with search (ex. "cicd,gitops,golang") + # mil.dso.ironbank.image.keywords: "FIXME" + ## This value can be "opensource" or "commercial" + # mil.dso.ironbank.image.type: "FIXME" + ## Product the image belongs to for grouping multiple images + # mil.dso.ironbank.product.name: "FIXME" + +# List of resources to make available to the offline build context +resources: +- filename: gitlab-task-runner-ee.tar.gz + url: http://gitlab-ubi.s3.amazonaws.com/ubi8-build-dependencies-v13.5.4-ubi8/gitlab-task-runner-ee.tar.gz + validation: + type: sha256 + value: 5b190cb3193ba713e41528bd49708c9b90cb812d0082bacfaa65272ea6543beb +- filename: gitlab-python.tar.gz + url: http://gitlab-ubi.s3.amazonaws.com/ubi8-build-dependencies-v13.5.4-ubi8/gitlab-python.tar.gz + validation: + type: sha256 + value: 8cd4fbc021b59d139b335b77062c7f4fb0ee003fd9b4c8fd5e52754fe8b39e4f + +# List of project maintainers +# FIXME: Fill in the following details for the current container owner in the whitelist +# FIXME: Include any other vendor information if applicable +maintainers: +- email: "dj@gitlab.com" +# # The name of the current container owner +# name: "FIXME" +# # The gitlab username of the current container owner +# username: "FIXME" +# cht_member: true # FIXME: Uncomment if the maintainer is a member of CHT +# - name: "FIXME" +# username: "FIXME" +# email: "FIXME"