From c9b9380e134f49c98d721b843468dc67eb2a6969 Mon Sep 17 00:00:00 2001
From: ironbank-bot <ironbank-bot@dsop.io>
Date: Thu, 10 Dec 2020 01:05:29 +0000
Subject: [PATCH] Migrate to hardening_manifest.yaml

---
 Dockerfile              |  8 ------
 Jenkinsfile             |  2 --
 download.yaml           | 11 -------
 hardening_manifest.yaml | 63 +++++++++++++++++++++++++++++++++++++++++
 4 files changed, 63 insertions(+), 21 deletions(-)
 delete mode 100644 Jenkinsfile
 delete mode 100644 download.yaml
 create mode 100644 hardening_manifest.yaml

diff --git a/Dockerfile b/Dockerfile
index 81ee8db..f167a64 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -12,14 +12,6 @@ ARG GITLAB_VERSION
 ARG GITLAB_USER=git
 ARG DNF_OPTS
 
-LABEL source="https://gitlab.com/gitlab-org/gitlab" \
-      name="GitLab Task Runner" \
-      maintainer="GitLab Distribution Team" \
-      vendor="GitLab" \
-      version=${GITLAB_VERSION} \
-      release=${GITLAB_VERSION} \
-      summary="Task Runner is an entry point for interaction with other containers in the cluster." \
-      description="Task Runner is an entry point for interaction with other containers in the cluster. It contains scripts for running Rake tasks, backup, restore, and tools to intract with object storage."
 
 ADD gitlab-task-runner-ee.tar.gz /
 ADD gitlab-python.tar.gz /
diff --git a/Jenkinsfile b/Jenkinsfile
deleted file mode 100644
index 11e5b24..0000000
--- a/Jenkinsfile
+++ /dev/null
@@ -1,2 +0,0 @@
-@Library('DCCSCR@master') _
-dccscrPipeline(version: "13.5.4")
diff --git a/download.yaml b/download.yaml
deleted file mode 100644
index 1c3d3b5..0000000
--- a/download.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
-resources:
-  - url: "http://gitlab-ubi.s3.amazonaws.com/ubi8-build-dependencies-v13.5.4-ubi8/gitlab-task-runner-ee.tar.gz"
-    filename: "gitlab-task-runner-ee.tar.gz"
-    validation:
-      type: "sha256"
-      value: "5b190cb3193ba713e41528bd49708c9b90cb812d0082bacfaa65272ea6543beb"
-  - url: "http://gitlab-ubi.s3.amazonaws.com/ubi8-build-dependencies-v13.5.4-ubi8/gitlab-python.tar.gz"
-    filename: "gitlab-python.tar.gz"
-    validation:
-      type: "sha256"
-      value: "8cd4fbc021b59d139b335b77062c7f4fb0ee003fd9b4c8fd5e52754fe8b39e4f"
diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml
new file mode 100644
index 0000000..42e2687
--- /dev/null
+++ b/hardening_manifest.yaml
@@ -0,0 +1,63 @@
+---
+apiVersion: v1
+
+# The repository name in registry1, excluding /ironbank/
+name: "gitlab/gitlab/gitlab-task-runner"
+
+# List of tags to push for the repository in registry1
+# The most specific version should be the first tag and will be shown
+# on ironbank.dsop.io
+tags:
+- "13.5.4"
+- "latest"
+
+# Build args passed to Dockerfile ARGs
+args:
+  BASE_IMAGE: "gitlab/gitlab/gitlab-rails"
+  BASE_TAG: "13.6.0"
+
+# Docker image labels
+labels:
+  org.opencontainers.image.title: "gitlab-task-runner"
+  ## Human-readable description of the software packaged in the image
+  # org.opencontainers.image.description: "FIXME"
+  ## License(s) under which contained software is distributed
+  # org.opencontainers.image.licenses: "FIXME"
+  ## URL to find more information on the image
+  # org.opencontainers.image.url: "FIXME"
+  ## Name of the distributing entity, organization or individual
+  # org.opencontainers.image.vendor: "FIXME"
+  org.opencontainers.image.version: "13.5.4"
+  ## Keywords to help with search (ex. "cicd,gitops,golang")
+  # mil.dso.ironbank.image.keywords: "FIXME"
+  ## This value can be "opensource" or "commercial"
+  # mil.dso.ironbank.image.type: "FIXME"
+  ## Product the image belongs to for grouping multiple images
+  # mil.dso.ironbank.product.name: "FIXME"
+
+# List of resources to make available to the offline build context
+resources:
+- filename: gitlab-task-runner-ee.tar.gz
+  url: http://gitlab-ubi.s3.amazonaws.com/ubi8-build-dependencies-v13.5.4-ubi8/gitlab-task-runner-ee.tar.gz
+  validation:
+    type: sha256
+    value: 5b190cb3193ba713e41528bd49708c9b90cb812d0082bacfaa65272ea6543beb
+- filename: gitlab-python.tar.gz
+  url: http://gitlab-ubi.s3.amazonaws.com/ubi8-build-dependencies-v13.5.4-ubi8/gitlab-python.tar.gz
+  validation:
+    type: sha256
+    value: 8cd4fbc021b59d139b335b77062c7f4fb0ee003fd9b4c8fd5e52754fe8b39e4f
+
+# List of project maintainers
+# FIXME: Fill in the following details for the current container owner in the whitelist
+# FIXME: Include any other vendor information if applicable
+maintainers:
+- email: "dj@gitlab.com"
+#   # The name of the current container owner
+#   name: "FIXME"
+#   # The gitlab username of the current container owner
+#   username: "FIXME"
+#   cht_member: true # FIXME: Uncomment if the maintainer is a member of CHT
+# - name: "FIXME"
+#   username: "FIXME"
+#   email: "FIXME"
-- 
GitLab