diff --git a/Dockerfile b/Dockerfile index 274abf4ad73cb873f5653267ee0d7d03e1a254da..c56586499ddca3971b684f0959fe38cb0ecc8be8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -26,20 +26,22 @@ COPY jq-linux64 /usr/local/bin/jq COPY gosu-amd64 /usr/local/bin/gosu COPY /scripts/docker-entrypoint.sh /usr/local/bin/ -ENV MONGO_MAJOR 4.4 -ENV MONGO_VERSION 4.4.6 +ENV MONGO_MAJOR 5.0 +ENV MONGO_VERSION 5.0.2 COPY /config/* /tmp/mongo_install/ RUN set -x && \ rpm --import /tmp/mongo_install/server-4.4.asc && \ dnf install -y /tmp/mongo_install/mongodb-database-tools.rpm \ - /tmp/mongo_install/mongodb-org-database-tools-extra.rpm \ + /tmp/mongo_install/mongodb-org-database-tools-extra.rpm \ /tmp/mongo_install/mongodb-org.rpm \ /tmp/mongo_install/mongodb-org-mongos.rpm \ /tmp/mongo_install/mongodb-org-shell.rpm \ /tmp/mongo_install/mongodb-org-tools.rpm \ /tmp/mongo_install/mongodb-org-server.rpm \ + /tmp/mongo_install/mongodb-mongosh.rpm \ + /tmp/mongo_install/mongodb-org-database.rpm \ && rm -rf /var/lib/apt/lists/* \ && rm -rf /var/lib/mongodb \ && rm -rf /usr/lib64/python2.7/ \ diff --git a/config/server-4.4.asc b/config/server-4.4.asc index 9f4d91615130044118259443b261eb3eea885e7d..5f625bdea426982dcef55bc3f4a401950c14d0a1 100644 --- a/config/server-4.4.asc +++ b/config/server-4.4.asc @@ -1,30 +1,29 @@ -----BEGIN PGP PUBLIC KEY BLOCK----- -Version: GnuPG v1 -mQINBFzteqwBEADSirbLWsjgkQmdWr06jXPN8049MCqXQIZ2ovy9uJPyLkHgOCta -8dmX+8Fkk5yNOLScjB1HUGJxAWJG+AhldW1xQGeo6loDfTW1mlfetq/zpW7CKbUp -qve9eYYulneAy/81M/UoUZSzHqj6XY39wzJCH20H+Qx3WwcqXgSU7fSFXyJ4EBYs -kWybbrAra5v29LUTBd7OvvS+Swovdh4T31YijUOUUL/gJkBI9UneVyV7/8DdUoVJ -a8ym2pZ6ALy+GZrWBHcCKD/rQjEkXJnDglu+FSUI50SzaC9YX31TTzEMJijiPi6I -MIZJMXLH7GpCIDcvyrLWIRYVJAQRoYJB4rmp42HTyed4eg4RnSiFrxVV5xQaDnSl -/8zSOdVMBVewp8ipv34VeRXgNTgRkhA2JmL+KlALMkPo7MbRkJF01DiOOsIdz3Iu -43oYg3QYmqxZI6kZNtXpUMnJeuRmMQJJN8yc9ZdOA9Ll2TTcIql8XEsjGcM7IWM9 -CP6zGwCcbrv72Ka+h/bGaLpwLbpkr5I8PjjSECn9fBcgnVX6HfKH7u3y11+Va1nh -a8ZEE1TuOqRxnVDQ+K4iwaZFgFYsBMKo2ghoU2ZbZxu14vs6Eksn6UFsm8DpPwfy -jtLtdje8jrbYAqAy5zIMLoW+I6Rb5sU3Olh9nI7NW4T5qQeemBcuRAwB4QARAQAB -tDdNb25nb0RCIDQuNCBSZWxlYXNlIFNpZ25pbmcgS2V5IDxwYWNrYWdpbmdAbW9u -Z29kYi5jb20+iQI+BBMBAgAoBQJc7XqsAhsDBQkJZgGABgsJCAcDAgYVCAIJCgsE -FgIDAQIeAQIXgAAKCRBlZAjjkM+x9SKmD/9BzdjFAgBPPkUnD5pJQgsBQKUEkDsu -cht6Q0Y4M635K7okpqJvXtZV5Mo+ajWZjUeHn4wPdVgzF2ItwVLRjjak3tIZfe3+ -ME5Y27Aej3LeqQC3Q5g6SnpeZwVEhWzU35CnyhQecP4AhDG3FO0gKUn3GkEgmsd6 -rnXAQLEw3VUYO8boxqBF3zjmFLIIaODYNmO1bLddJgvZlefUC62lWBBUs6Z7PBnl -q7qBQFhz9qV9zXZwCT2/vgGLg5JcwVdcJXwAsQSr1WCVd7Y79+JcA7BZiSg9FAQd -4t2dCkkctoUKgXsAH5fPwErGNj5L6iUnhFODPvdDJ7l35UcIZ2h74lqfEh+jh8eo -UgxkcI2y2FY/lPapcPPKe0FHzCxG2U/NRdM+sqrIfp9+s88Bj+Eub7OhW4dF3AlL -bh/BGHL9R8xAJRDLv8v7nsKkZWUnJaskeDFCKX3rjcTyTRWTG7EuMCmCn0Ou1hKc -R3ECvIq0pVfVh+qk0hu+A5Dvj6k3QDcTfse+KfSAJkYvRKiuRuq5KgYcX3YSzL6K -aZitMyu18XsQxKavpIGzaDhWyrVAig3XXF//zxowYVwuOikr5czgqizu87cqjpyn -S0vVG4Q3+LswH4xVTn3UWadY/9FkM167ecouu4g3op29VDi7hCKsMeFvFP6OOIls -G4vQ/QbzucK77Q== -=eD3N +mQINBGAsKNUBEAClMqPCvvqm6gFmbiorEN9qp00GI8oaECkwbxtGGbqX9sqMSrKe +AB3sGI7kqG2Fl0K+xmmiq1QDjhNgFDA1jjXq+Bd66RNPtvu747IRxVs+9fX7bk67 +8Bruha7U3M5l4193x5oYLlbcZL9aC7RSJE2mggTyS6LarmF6vKQN9LMXDicnageV +KCPpF2i3jkZaGnLPzAisW/pOjPQpWCbatTVqKOKvtOyP3Fz1spYd4obu6ELu1PXa +gmhSfvWJYt1irpchOl29LWZfcmXuJszmb00bqm4gLcK12VrnK191iXv46A8h2hSO +f3eQqrkc+pF/kw4RyG54EV7QtHXyTe9TVCbJUfgtliWIQt/bCoJYfPLHJaWIMs83 +bzA6ZvOjCKIfMS0CY5ZJyVaBfiI3wURSjgZIYFZAXVwbreQIfOKKuik7UVVn3xUO +nWpmQ2zyI0W7cJMquxwLNjkI+RckPhIqxWFo5iNSV4v6pzrlHD1WmIfFGBKEn7m+ +edwVyHG53fNIFZjxyShO6Pf1vgb9Js/XmXB4lxYnNyx1tB+hQhXTjLlY6N5gPpw5 +Z/PWQc7vfYekUZGQMXhTyRxU0QTwmdEeKcb+fb9r23OH59bbAfzE10xTMzhqCd2L +lgSozMBvMmkHb1xs1x6FFuv/U/X7LjHTrHIf4M//DNwdP4l4I1jhPlTAxwARAQAB +tDdNb25nb0RCIDUuMCBSZWxlYXNlIFNpZ25pbmcgS2V5IDxwYWNrYWdpbmdAbW9u +Z29kYi5jb20+iQI+BBMBAgAoBQJgLCjVAhsDBQkJZgGABgsJCAcDAgYVCAIJCgsE +FgIDAQIeAQIXgAAKCRCwCgvR4sY8EawdD/0ewkyx3yE99K9n3y7gdvh5+2U8BsqU +7SWEfup7kPpf+4pF5xWqMaciEV/wRAGt7TiKlfVyAv3Q9iNsaLFN+s3kMaIcKhwD +8+q/iGfziIuOSTeo20dAxn9vF6YqrKGc7TbHdXf9AtYuJCfIU5j02uVZiupx+P9+ +rG39dEnjOXm3uY0Fv3pRGCpuGubDlWB1DYh0R5O481kDVGoMqBxmc3iTALu14L/u +g+AKxFYfT4DmgdzPVMDhppgywfyd/IOWxoOCl4laEhVjUt5CygBa7w07qdKwWx2w +gTd9U0KGHxnnSmvQYxrRrS5RX3ILPJShivTSZG+rMqnUe6RgCwBrKHCRU1L728Yv +1B3ZFJLxB1TlVT2Hjr+oigp0RY9W1FCIdO2uhb9GImpaJ1Y0ZZqUkt/d9D8U2wcw +SW6/6WYeO7wAi/zlJ25hrBwhxS2+88gM6wJ1yL9yrM9v8JUb7Kq0rCGsEO5kqscV +AmX90wsF2cZ6gHR53eGIDbAJK0MO5RHR73aQ4bpTivPnoTx4HTj5fyhW9z8yCSOe +BlQABoFFqFvOS7KBxoyIS3pxlDetWOSc6yQrvA1CwxnkB81OHNmJfWAbNbEtZkLm +xs2c8CIh2R81yi6HUzAaxyDH7mrThbwX3hUe/wsaD1koV91G6bDD4Xx3zpa9DG/O +HyB98+e983gslg== +=IQQF -----END PGP PUBLIC KEY BLOCK----- \ No newline at end of file diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml index cb290a71b3842ec650c3646907fa6952375ca56a..7571b4561681b0570fd2b23e674b98b5eccf3592 100644 --- a/hardening_manifest.yaml +++ b/hardening_manifest.yaml @@ -8,7 +8,7 @@ name: "opensource/mongodb/mongodb" # The most specific version should be the first tag and will be shown # on ironbank.dsop.io tags: -- "4.4.6" +- "5.0.2" - "latest" # Build args passed to Dockerfile ARGs @@ -38,30 +38,30 @@ labels: # List of resources to make available to the offline build context resources: - filename: mongodb-org.rpm - url: https://repo.mongodb.org/yum/redhat/8/mongodb-org/4.4/x86_64/RPMS/mongodb-org-4.4.6-1.el8.x86_64.rpm + url: https://repo.mongodb.org/yum/redhat/8/mongodb-org/5.0/x86_64/RPMS/mongodb-org-5.0.2-1.el8.x86_64.rpm validation: type: sha256 - value: 25b64aff8fbc55d84d43fd1f9e98d06228947aaf5bcde88229d3d515fe7b8c10 + value: 04b68b249732204a3b397d6a685e2633f6e2784ed2ff3649cd5441567e1cbe69 - filename: mongodb-org-mongos.rpm - url: https://repo.mongodb.org/yum/redhat/8/mongodb-org/4.4/x86_64/RPMS/mongodb-org-mongos-4.4.6-1.el8.x86_64.rpm + url: https://repo.mongodb.org/yum/redhat/8/mongodb-org/5.0/x86_64/RPMS/mongodb-org-mongos-5.0.2-1.el8.x86_64.rpm validation: type: sha256 - value: de0e254e09cb22e8c83d1f38b39d5b7e61cd2b108bd4b4ed0977a6fcc0ba8f1b + value: b52801741e985a70bcd2ee7e1a93e2c0ea08f97fca7a7eafb46bdf128a1e9b77 - filename: mongodb-org-server.rpm - url: https://repo.mongodb.org/yum/redhat/8/mongodb-org/4.4/x86_64/RPMS/mongodb-org-server-4.4.6-1.el8.x86_64.rpm + url: https://repo.mongodb.org/yum/redhat/8/mongodb-org/5.0/x86_64/RPMS/mongodb-org-server-5.0.2-1.el8.x86_64.rpm validation: type: sha256 - value: bad8e5d1cd2c221b98879b47abb96b2a090d021d75bdf8c8c7dfcbca17e86cce + value: 092df43249f31107f5538f9c3672edd7919d59babc71adaac5258d768db2b568 - filename: mongodb-org-shell.rpm - url: https://repo.mongodb.org/yum/redhat/8/mongodb-org/4.4/x86_64/RPMS/mongodb-org-shell-4.4.6-1.el8.x86_64.rpm + url: https://repo.mongodb.org/yum/redhat/8/mongodb-org/5.0/x86_64/RPMS/mongodb-org-shell-5.0.2-1.el8.x86_64.rpm validation: type: sha256 - value: d958db7d7eaecdf56208122b08a71fcf896d776ad3420daa06c20fc96ea39bcc + value: 547dc3673578e6705d1f6a83d60695a67447d24e5e58e004e8c10df3a0348a11 - filename: mongodb-org-tools.rpm - url: https://repo.mongodb.org/yum/redhat/8/mongodb-org/4.4/x86_64/RPMS/mongodb-org-tools-4.4.6-1.el8.x86_64.rpm + url: https://repo.mongodb.org/yum/redhat/8/mongodb-org/5.0/x86_64/RPMS/mongodb-org-tools-5.0.2-1.el8.x86_64.rpm validation: type: sha256 - value: 1061ecb357955b302c316b1fffde30e35ee4bd6f09d8466507769ff717bbae57 + value: 94b95a50125909e9d96bef7975e4a2acfbdadc6a5a1f5215ed1c2e049f68dd0e - filename: js-yaml.js url: https://raw.githubusercontent.com/nodeca/js-yaml/3.13.0/dist/js-yaml.js validation: @@ -78,15 +78,26 @@ resources: type: sha256 value: 0b843df6d86e270c5b0f5cbd3c326a04e18f4b7f9b8457fa497b0454c4b138d7 - filename: mongodb-database-tools.rpm - url: https://repo.mongodb.org/yum/redhat/8/mongodb-org/4.4/x86_64/RPMS/mongodb-database-tools-100.3.1.x86_64.rpm + url: https://repo.mongodb.org/yum/redhat/8/mongodb-org/5.0/x86_64/RPMS/mongodb-database-tools-100.5.0.x86_64.rpm validation: type: sha256 - value: 66d18afe97a5e4b9c229125616ef35ba5ee050ab06f642403e99749048fd188d + value: 26760887497f1128db00a71de17ee5e08055ecc704a7a421d9309f96e0f1dca8 - filename: mongodb-org-database-tools-extra.rpm - url: https://repo.mongodb.org/yum/redhat/8/mongodb-org/4.4/x86_64/RPMS/mongodb-org-database-tools-extra-4.4.6-1.el8.x86_64.rpm + url: https://repo.mongodb.org/yum/redhat/8/mongodb-org/5.0/x86_64/RPMS/mongodb-org-database-tools-extra-5.0.2-1.el8.x86_64.rpm validation: type: sha256 - value: de6d787ca292540f48b501c85147ba505a1f8a3b6c9c0938cecec1b3e98dda1c + value: 94b7595acabe9befe42ce263b37237e160447ebe87f0e331f44a4b5729944f96 +- filename: mongodb-mongosh.rpm + url: https://repo.mongodb.org/yum/redhat/8/mongodb-org/5.0/x86_64/RPMS/mongodb-mongosh-1.0.5.el8.x86_64.rpm + validation: + type: sha256 + value: 76f7a273b690d92c28f5b7a2b05930d255ec1f57a19edad6199143e669d6ec48 +- filename: mongodb-org-database.rpm + url: https://repo.mongodb.org/yum/redhat/8/mongodb-org/5.0/x86_64/RPMS/mongodb-org-database-5.0.2-1.el8.x86_64.rpm + validation: + type: sha256 + value: adebb1af0c6da39d37569b1d695c12a2026329237f46690f35933a7dde7080b7 + # List of project maintainers # FIXME: Fill in the following details for the current container owner in the whitelist