From 685e7e6ab3a0c5f24c4069ce2db5f0feccb1dd8c Mon Sep 17 00:00:00 2001 From: "shen_vickie@bah.com" Date: Mon, 1 Feb 2021 13:04:03 -0500 Subject: [PATCH 1/2] cni plugin upgrade to v0.9.0 --- Dockerfile | 12 ++++++------ hardening_manifest.yaml | 8 ++++---- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/Dockerfile b/Dockerfile index fba7305..3f666ec 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,6 @@ -ARG BASE_REGISTRY=registry1.dsop.io/ironbank +ARG BASE_REGISTRY=registry1.dso.mil ARG BASE_IMAGE=ironbank/redhat/ubi/ubi8 -ARG BASE_TAG=8.2 +ARG BASE_TAG=8.3 FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} AS builder @@ -10,7 +10,7 @@ COPY kubernetes.tar.gz / COPY go1.15.2.linux-amd64.tar.gz / RUN tar -C /usr/local -xzf go1.15.2.linux-amd64.tar.gz ENV PATH="$PATH:/usr/local/go/bin" - + RUN dnf upgrade -y && \ dnf update -y && \ dnf install -y make diffutils rsync && \ @@ -26,14 +26,14 @@ FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} COPY --from=builder /src/k8s.io/kubernetes/_output/bin/kubeadm /opt/bin/ -COPY cni-plugins-linux-amd64-v0.8.7.tgz crictl-v1.19.0-linux-amd64.tar.gz / +COPY cni-plugins-linux-amd64-v0.9.0.tgz crictl-v1.19.0-linux-amd64.tar.gz / RUN dnf upgrade -y && \ dnf clean all && \ rm -rf /var/cache/dnf && \ chmod +x /opt/bin/kubeadm && \ mkdir -p /opt/cni/bin && \ - tar xzf cni-plugins-linux-amd64-v0.8.7.tgz -C /opt/cni/bin && \ - rm -f cni-cni-plugins-linux-amd64-v0.8.7.tgz && \ + tar xzf cni-plugins-linux-amd64-v0.9.0.tgz -C /opt/cni/bin && \ + rm -f cni-cni-plugins-linux-amd64-v0.9.0.tgz && \ mkdir -p /opt/bin && \ tar xzf crictl-v1.19.0-linux-amd64.tar.gz -C /opt/bin && \ rm -rf crictl-v1.19.0-linux-amd64.tar.gz diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml index d5c6f71..776b340 100644 --- a/hardening_manifest.yaml +++ b/hardening_manifest.yaml @@ -46,9 +46,9 @@ resources: url: https://github.com/kubernetes-sigs/cri-tools/releases/download/v1.19.0/crictl-v1.19.0-linux-amd64.tar.gz validation: type: sha256 - value: 87d8ef70b61f2fe3d8b4a48f6f712fd798c6e293ed3723c1e4bbb5052098f0ae -- url: https://github.com/containernetworking/plugins/releases/download/v0.8.7/cni-plugins-linux-amd64-v0.8.7.tgz - filename: cni-plugins-linux-amd64-v0.8.7.tgz + value: 58a58d389895ba9f9bbd3ef330f186c0bb7484136d0bfb9b50152eed55d9ec24 +- url: https://github.com/containernetworking/plugins/releases/download/v0.9.0/cni-plugins-linux-amd64-v0.9.0.tgz + filename: cni-plugins-linux-amd64-v0.9.0.tgz validation: type: sha256 value: 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8 @@ -68,4 +68,4 @@ maintainers: name: "Gavin Scallon" # # The gitlab username of the current container owner username: "gavin.scallon" - cht_member: true + cht_member: true -- GitLab From cb36844e317f20543d117c31c720740bf4da7961 Mon Sep 17 00:00:00 2001 From: "shen_vickie@bah.com" Date: Mon, 1 Feb 2021 13:12:21 -0500 Subject: [PATCH 2/2] update sha hash --- hardening_manifest.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml index 776b340..685fba4 100644 --- a/hardening_manifest.yaml +++ b/hardening_manifest.yaml @@ -46,12 +46,12 @@ resources: url: https://github.com/kubernetes-sigs/cri-tools/releases/download/v1.19.0/crictl-v1.19.0-linux-amd64.tar.gz validation: type: sha256 - value: 58a58d389895ba9f9bbd3ef330f186c0bb7484136d0bfb9b50152eed55d9ec24 + value: 87d8ef70b61f2fe3d8b4a48f6f712fd798c6e293ed3723c1e4bbb5052098f0ae - url: https://github.com/containernetworking/plugins/releases/download/v0.9.0/cni-plugins-linux-amd64-v0.9.0.tgz filename: cni-plugins-linux-amd64-v0.9.0.tgz validation: type: sha256 - value: 977824932d5667c7a37aa6a3cbba40100a6873e7bd97e83e8be837e3e7afd0a8 + value: 58a58d389895ba9f9bbd3ef330f186c0bb7484136d0bfb9b50152eed55d9ec24 - filename: go1.15.2.linux-amd64.tar.gz url: https://golang.org/dl/go1.15.2.linux-amd64.tar.gz validation: -- GitLab