Merge branch 'resolve-cve' into 'development'

update base container See merge request !17

Merge branch 'resolve-cve' into 'development'
update base container See merge request !17
94571651 · Andy Maksymowicz · 99568543 · 98ba85ae · 94571651 · 94571651
Commit 94571651 authored May 24, 2021 by Andy Maksymowicz
Hide whitespace changes
Inline Side-by-side

Showing with 29 additions and 42 deletions

Dockerfile Dockerfile +2 -2

hardening_manifest.yaml hardening_manifest.yaml +1 -1

renovate.json renovate.json +26 -0

renovate.json5 renovate.json5 +0 -39

No files found.
--- a/Dockerfile
+++ b/Dockerfile
 ARG BASE_REGISTRY=registry1.dso.mil
 ARG BASE_IMAGE=ironbank/redhat/ubi/ubi8-minimal
-ARG BASE_TAG=8.3
+ARG BASE_TAG=8.4
 FROM hadolint/hadolint:v2.4.0 AS base
@@ -13,4 +13,4 @@ RUN microdnf update --nodocs && \
 COPY --from=base /bin/hadolint /usr/bin/hadolint
 USER 1000
 HEALTHCHECK NONE
 ENTRYPOINT ["hadolint"]
\ No newline at end of file
--- a/hardening_manifest.yaml
+++ b/hardening_manifest.yaml
@@ -10,7 +10,7 @@ tags:
 args:
  BASE_IMAGE: "redhat/ubi/ubi8-minimal"
-  BASE_TAG: "8.3"
+  BASE_TAG: "8.4"
 labels:
  org.opencontainers.image.title: "hadolint"

--- a/renovate.json
+++ b/renovate.json
+{
+  "extends": ["config:base"],
+  "baseBranches": ["development"],
+  "regexManagers": [
+    {
+      "fileMatch": ["^hardening_manifest.yaml$"],
+      "matchStrings": [
+        "tags:\\s+-\\s+\"(?<currentValue>.+?)\"",
+        "tag: .*:(?<currentValue>.*?)$",
+        "org\\.opencontainers\\.image\\.version:\\s+\"(?<currentValue>.+?)\"",
+        "url: docker://.*@(?<currentDigest>sha256:[a-f0-9]+)"
+      ],
+      "depNameTemplate": "hadolint/hadolint",
+      "datasourceTemplate": "docker"
+    },
+    {
+      "fileMatch": ["^hardening_manifest.yaml$", "^Dockerfile$"],
+      "matchStrings": [
+        "BASE_TAG: \"(?<currentValue>.*?)\"",
+        "BASE_TAG=(?<currentValue>.*?)$"
+      ],
+      "depNameTemplate": "registry1.dso.mil/ironbank/redhat/ubi/ubi8-minimal",
+      "datasourceTemplate": "docker"
+    }
+  ]
+}
--- a/renovate.json5
+++ b/renovate.json5
-{
-  extends: ["config:base"],
-  baseBranches: ["development"],
-  regexManagers: [
-    // tool image updates
-    {
-      fileMatch: ["^hardening_manifest.yaml$"],
-      matchStrings: [
-        'tags:\\s+-\\s+"(?<currentValue>.+?)"',
-        "tag: .*:(?<currentValue>.*?)$",
-        'org\\.opencontainers\\.image\\.version:\\s+"(?<currentValue>.+?)"',
-        "url: docker://.*@(?<currentDigest>sha256:[a-f0-9]+)",
-      ],
-      depNameTemplate: "hadolint/hadolint",
-      datasourceTemplate: "docker",
-    },
-    // base image updating
-    {
-      fileMatch: ["^hardening_manifest.yaml$$", "^Dockerfile$"],
-      matchStrings: [
-        'BASE_TAG: "(?<currentValue>.*?)"',
-        "BASE_TAG=(?<currentValue>.*?)$",
-      ],
-      depNameTemplate: "registry1.dso.mil/ironbank/redhat/ubi/ubi8-minimal",
-      datasourceTemplate: "docker",
-    },
-  ],
-  // group our dependencies in one MR as the base image and code image are likely to update at different times
-  groupName: "all dependencies",
-  separateMajorMinor: false,
-  groupSlug: "all",
-  packageRules: [
-    {
-      matchPackagePatterns: ["*"],
-      groupName: "all dependencies",
-      groupSlug: "all",
-    },
-  ],
-}