From 7c3daeb821ab80689e511b24f039f88947316a21 Mon Sep 17 00:00:00 2001 From: Zachary Sanders Date: Thu, 18 Feb 2021 13:20:54 -0700 Subject: [PATCH 01/27] initial testing --- Dockerfile | 24 +++++ LICENSE | 201 ++++++++++++++++++++++++++++++++++++++++ README.md | 1 + hardening_manifest.yaml | 56 +++++++++++ renovate.json | 1 - 5 files changed, 282 insertions(+), 1 deletion(-) create mode 100644 Dockerfile create mode 100644 LICENSE create mode 100644 README.md create mode 100644 hardening_manifest.yaml delete mode 100644 renovate.json diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..c5a37e9 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,24 @@ +ARG BASE_REGISTRY=registry1.dso.mil +ARG BASE_IMAGE=ironbank/redhat/ubi/ubi8 +ARG BASE_TAG=8.3 + +FROM zsanders16/hello-world-go:0.0.1 as source + +FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} + +COPY --from=source /app/main /app/main + +RUN dnf upgrade -y && \ + dnf clean all && \ + rm -rf /var/cache/dnf + +RUN groupadd -r -g 1001 hello && \ + useradd -r -u 1001 -g hello hello && \ + chown -R hello:hello /app/main && \ + chmod +x /app/main + +USER hello + +HEALTHCHECK NONE + +ENTRYPOINT [ "/app/main" ] diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..5b7c380 --- /dev/null +++ b/LICENSE @@ -0,0 +1,201 @@ +Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright 2017-2018 The Argo Authors + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/README.md b/README.md new file mode 100644 index 0000000..1b856f2 --- /dev/null +++ b/README.md @@ -0,0 +1 @@ +# Test image used to test renovate diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml new file mode 100644 index 0000000..8972e32 --- /dev/null +++ b/hardening_manifest.yaml @@ -0,0 +1,56 @@ +--- +apiVersion: v1 + +# The repository name in registry1, excluding /ironbank/ +name: "renovate/testing" + +# List of tags to push for the repository in registry1 +# The most specific version should be the first tag and will be shown +# on ironbank.dsop.io +tags: +- "0.0.1" +- "latest" + +# Build args passed to Dockerfile ARGs +args: + BASE_IMAGE: "redhat/ubi/ubi8" + BASE_TAG: "8.3" + + + +# Docker image labels +labels: + org.opencontainers.image.title: "Renovate Test" + ## Human-readable description of the software packaged in the image + org.opencontainers.image.description: "Test image used to test Renovate." + ## License(s) under which contained software is distributed + org.opencontainers.image.licenses: "MIT License" + ## URL to find more information on the image + org.opencontainers.image.url: "none" + ## Name of the distributing entity, organization or individual + org.opencontainers.image.vendor: "None" + org.opencontainers.image.version: "0.0.1" + ## Keywords to help with search (ex. "cicd,gitops,golang") + mil.dso.ironbank.image.keywords: "testing" + ## This value can be "opensource" or "commercial" + mil.dso.ironbank.image.type: "opensource" + ## Product the image belongs to for grouping multiple images + mil.dso.ironbank.product.name: "testing" + + +# List of resources to make available to the offline build context +resources: +- url: "docker://docker.io/zsanders16/hello-world-go@sha256:61ff149f5664cec9cb820091246af7f82ce86e1576e4f038f462c1560a58bc36" + tag: "zsanders16/hello-world-go:0.0.1" + + +# List of project maintainers +# FIXME: Fill in the following details for the current container owner in the whitelist +# FIXME: Include any other vendor information if applicable +maintainers: +# cht_member: true # FIXME: Uncomment if the maintainer is a member of CHT +- email: "sanders_zachary@bah.com" + name: "Zachary Sanders" + username: "sanders--bah" + cht_member: true + diff --git a/renovate.json b/renovate.json deleted file mode 100644 index 8b13789..0000000 --- a/renovate.json +++ /dev/null @@ -1 +0,0 @@ - -- GitLab From 629bd0b3b720ffecdb3b294e1dd49fa77d432120 Mon Sep 17 00:00:00 2001 From: Zachary Sanders Date: Thu, 18 Feb 2021 14:04:17 -0700 Subject: [PATCH 02/27] add renovate.json file --- renovate.json | 41 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 renovate.json diff --git a/renovate.json b/renovate.json new file mode 100644 index 0000000..e3529e0 --- /dev/null +++ b/renovate.json @@ -0,0 +1,41 @@ +{ + "assignees": [ + "@sander--bah" + ], + "baseBranches": [ + "development" + ], + "regexManagers": [ + { + "fileMatch": [ + "^Dockerfile$" + ], + "matchStrings": [ + "version=\"(?.*?)\"" + ], + "depNameTemplate": "zsanders16/hello-world-go", + "datasourceTemplate": "docker" + }, + { + "fileMatch": [ + "^hardening_manifest.yaml$" + ], + "matchStrings": [ + "org\\.opencontainers\\.image\\.version:\\s+\"(?.+?)\"" + ], + "depNameTemplate": "zsanders16/hello-world-go", + "datasourceTemplate": "docker" + }, + { + "fileMatch": [ + "^hardening_manifest.yaml$" + ], + "matchStrings": [ + "tags:\\s+-\\s+\"(?.+?)\"" + ], + "depNameTemplate": "zsanders16/hello-world-go", + "datasourceTemplate": "docker" + } + ] + } + \ No newline at end of file -- GitLab From 73617d29ee7f9619aa79f5113937d4997384a365 Mon Sep 17 00:00:00 2001 From: Zachary Sanders Date: Thu, 18 Feb 2021 21:57:53 +0000 Subject: [PATCH 03/27] Update zsanders16/hello-world-go Docker tag to v0.0.2 --- Dockerfile | 2 +- hardening_manifest.yaml | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index c5a37e9..2646bc0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,7 +2,7 @@ ARG BASE_REGISTRY=registry1.dso.mil ARG BASE_IMAGE=ironbank/redhat/ubi/ubi8 ARG BASE_TAG=8.3 -FROM zsanders16/hello-world-go:0.0.1 as source +FROM zsanders16/hello-world-go:0.0.2 as source FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml index 8972e32..d18f35b 100644 --- a/hardening_manifest.yaml +++ b/hardening_manifest.yaml @@ -8,7 +8,7 @@ name: "renovate/testing" # The most specific version should be the first tag and will be shown # on ironbank.dsop.io tags: -- "0.0.1" +- "0.0.2" - "latest" # Build args passed to Dockerfile ARGs @@ -29,7 +29,7 @@ labels: org.opencontainers.image.url: "none" ## Name of the distributing entity, organization or individual org.opencontainers.image.vendor: "None" - org.opencontainers.image.version: "0.0.1" + org.opencontainers.image.version: "0.0.2" ## Keywords to help with search (ex. "cicd,gitops,golang") mil.dso.ironbank.image.keywords: "testing" ## This value can be "opensource" or "commercial" @@ -40,8 +40,8 @@ labels: # List of resources to make available to the offline build context resources: -- url: "docker://docker.io/zsanders16/hello-world-go@sha256:61ff149f5664cec9cb820091246af7f82ce86e1576e4f038f462c1560a58bc36" - tag: "zsanders16/hello-world-go:0.0.1" +- url: "docker://docker.io/zsanders16/hello-world-go@sha256:76a0e53efc816d2da1bdd6717ec2e0d6191d14b753408631504342d9f8230262" + tag: "zsanders16/hello-world-go:0.0.2" # List of project maintainers -- GitLab From 2de2001c001b1d8a0e5ef941f7b070e148b9b4a7 Mon Sep 17 00:00:00 2001 From: Zachary Sanders Date: Fri, 19 Feb 2021 08:25:42 -0700 Subject: [PATCH 04/27] add to readme --- README.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/README.md b/README.md index 1b856f2..ac0e314 100644 --- a/README.md +++ b/README.md @@ -1 +1,7 @@ # Test image used to test renovate + +to test run renovate locally + +```bash +docker run --rm -e RENOVATE_PLATFORM=gitlab -e RENOVATE_ENDPOINT="https://repo1.dso.mil/api/v4" -e RENOVATE_TOKEN="" -e RENOVATE_AUTODISCOVER='false' -e RENOVATE_REPOSITORIES="dsop/opensource/pipeline-test-project/renovate-test" -it registry1.dso.mil/ironbank/container-hardening-tools/renovate/renovate@sha256:28e7a621d4001f839ff366e75ab650e095ec391861fd81637bcbd19f95364fe0 +``` \ No newline at end of file -- GitLab From 3de012f97ff7a0249c0a5c65f60b8f19df7bfcac Mon Sep 17 00:00:00 2001 From: Zachary Sanders Date: Fri, 19 Feb 2021 08:39:36 -0700 Subject: [PATCH 05/27] test automerge --- renovate.json | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/renovate.json b/renovate.json index e3529e0..a40a7a0 100644 --- a/renovate.json +++ b/renovate.json @@ -5,6 +5,12 @@ "baseBranches": [ "development" ], + "packageRules": [ + { + "matchUpdateTypes": ["minor", "patch"], + "automerge": true + } + ], "regexManagers": [ { "fileMatch": [ -- GitLab From 2a8f616f29abcdafe8666ba6b2cfe8f869750fa2 Mon Sep 17 00:00:00 2001 From: Zachary Sanders Date: Fri, 19 Feb 2021 16:30:42 +0000 Subject: [PATCH 06/27] Update .gitlab-ci.yml --- .gitlab-ci.yml | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 .gitlab-ci.yml diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 0000000..7b5ac6a --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,8 @@ + +stages: + - test + +run_test: + stage: test + script: + - echo "test successful" -- GitLab From b9c472dfc51d2362d041377684da5ca2b989de69 Mon Sep 17 00:00:00 2001 From: Zachary Sanders Date: Fri, 19 Feb 2021 16:33:25 +0000 Subject: [PATCH 07/27] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index ac0e314..8822953 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # Test image used to test renovate -to test run renovate locally +To test run renovate locally ```bash docker run --rm -e RENOVATE_PLATFORM=gitlab -e RENOVATE_ENDPOINT="https://repo1.dso.mil/api/v4" -e RENOVATE_TOKEN="" -e RENOVATE_AUTODISCOVER='false' -e RENOVATE_REPOSITORIES="dsop/opensource/pipeline-test-project/renovate-test" -it registry1.dso.mil/ironbank/container-hardening-tools/renovate/renovate@sha256:28e7a621d4001f839ff366e75ab650e095ec391861fd81637bcbd19f95364fe0 -``` \ No newline at end of file +``` -- GitLab From 9e4b2e14dd26ae7a24787189bb18697a04bb6cf2 Mon Sep 17 00:00:00 2001 From: Zachary Sanders Date: Fri, 19 Feb 2021 16:58:05 +0000 Subject: [PATCH 08/27] Update renovate.json --- renovate.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/renovate.json b/renovate.json index a40a7a0..96af52f 100644 --- a/renovate.json +++ b/renovate.json @@ -7,7 +7,7 @@ ], "packageRules": [ { - "matchUpdateTypes": ["minor", "patch"], + "updateTypes": ["minor", "patch"], "automerge": true } ], @@ -44,4 +44,4 @@ } ] } - \ No newline at end of file + -- GitLab From ac22cabfec7ead86859c59d23d635ecb088bb2ed Mon Sep 17 00:00:00 2001 From: Zachary Sanders Date: Fri, 19 Feb 2021 16:58:15 +0000 Subject: [PATCH 09/27] Update zsanders16/hello-world-go Docker tag to v0.0.3 --- Dockerfile | 2 +- hardening_manifest.yaml | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index 2646bc0..c248593 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,7 +2,7 @@ ARG BASE_REGISTRY=registry1.dso.mil ARG BASE_IMAGE=ironbank/redhat/ubi/ubi8 ARG BASE_TAG=8.3 -FROM zsanders16/hello-world-go:0.0.2 as source +FROM zsanders16/hello-world-go:0.0.3 as source FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml index d18f35b..595c064 100644 --- a/hardening_manifest.yaml +++ b/hardening_manifest.yaml @@ -8,7 +8,7 @@ name: "renovate/testing" # The most specific version should be the first tag and will be shown # on ironbank.dsop.io tags: -- "0.0.2" +- "0.0.3" - "latest" # Build args passed to Dockerfile ARGs @@ -29,7 +29,7 @@ labels: org.opencontainers.image.url: "none" ## Name of the distributing entity, organization or individual org.opencontainers.image.vendor: "None" - org.opencontainers.image.version: "0.0.2" + org.opencontainers.image.version: "0.0.3" ## Keywords to help with search (ex. "cicd,gitops,golang") mil.dso.ironbank.image.keywords: "testing" ## This value can be "opensource" or "commercial" @@ -40,8 +40,8 @@ labels: # List of resources to make available to the offline build context resources: -- url: "docker://docker.io/zsanders16/hello-world-go@sha256:76a0e53efc816d2da1bdd6717ec2e0d6191d14b753408631504342d9f8230262" - tag: "zsanders16/hello-world-go:0.0.2" +- url: "docker://docker.io/zsanders16/hello-world-go@sha256:26eb124705bd22b016c16e0ecfe5a3f3e22c60a25495a5c961ce7a673817504e" + tag: "zsanders16/hello-world-go:0.0.3" # List of project maintainers -- GitLab From 9f6647d9d976e014ec45587dd0849dd9008f65b1 Mon Sep 17 00:00:00 2001 From: Zachary Sanders Date: Fri, 19 Feb 2021 17:19:37 +0000 Subject: [PATCH 10/27] Update zsanders16/hello-world-go Docker tag to v0.0.4 --- Dockerfile | 2 +- hardening_manifest.yaml | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index c248593..a1a9f59 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,7 +2,7 @@ ARG BASE_REGISTRY=registry1.dso.mil ARG BASE_IMAGE=ironbank/redhat/ubi/ubi8 ARG BASE_TAG=8.3 -FROM zsanders16/hello-world-go:0.0.3 as source +FROM zsanders16/hello-world-go:0.0.4 as source FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml index 595c064..951b1fd 100644 --- a/hardening_manifest.yaml +++ b/hardening_manifest.yaml @@ -8,7 +8,7 @@ name: "renovate/testing" # The most specific version should be the first tag and will be shown # on ironbank.dsop.io tags: -- "0.0.3" +- "0.0.4" - "latest" # Build args passed to Dockerfile ARGs @@ -29,7 +29,7 @@ labels: org.opencontainers.image.url: "none" ## Name of the distributing entity, organization or individual org.opencontainers.image.vendor: "None" - org.opencontainers.image.version: "0.0.3" + org.opencontainers.image.version: "0.0.4" ## Keywords to help with search (ex. "cicd,gitops,golang") mil.dso.ironbank.image.keywords: "testing" ## This value can be "opensource" or "commercial" @@ -40,8 +40,8 @@ labels: # List of resources to make available to the offline build context resources: -- url: "docker://docker.io/zsanders16/hello-world-go@sha256:26eb124705bd22b016c16e0ecfe5a3f3e22c60a25495a5c961ce7a673817504e" - tag: "zsanders16/hello-world-go:0.0.3" +- url: "docker://docker.io/zsanders16/hello-world-go@sha256:9e612a9a9d87872ad0b659a652c2ce8ab9b3e1912fb3f97f551bf734e80a59cb" + tag: "zsanders16/hello-world-go:0.0.4" # List of project maintainers -- GitLab From 4c159a4b4814dd89b8eece813a4b365ee4c64e59 Mon Sep 17 00:00:00 2001 From: Zachary Sanders Date: Tue, 23 Feb 2021 18:21:44 +0000 Subject: [PATCH 11/27] Update Dockerfile, hardening_manifest.yaml files --- Dockerfile | 2 +- hardening_manifest.yaml | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index a1a9f59..6ba88ed 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,7 +2,7 @@ ARG BASE_REGISTRY=registry1.dso.mil ARG BASE_IMAGE=ironbank/redhat/ubi/ubi8 ARG BASE_TAG=8.3 -FROM zsanders16/hello-world-go:0.0.4 as source +FROM zsanders16/hello-world-go:0.0.5 as source FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml index 951b1fd..06e0f83 100644 --- a/hardening_manifest.yaml +++ b/hardening_manifest.yaml @@ -8,7 +8,7 @@ name: "renovate/testing" # The most specific version should be the first tag and will be shown # on ironbank.dsop.io tags: -- "0.0.4" +- "0.0.5" - "latest" # Build args passed to Dockerfile ARGs @@ -29,7 +29,7 @@ labels: org.opencontainers.image.url: "none" ## Name of the distributing entity, organization or individual org.opencontainers.image.vendor: "None" - org.opencontainers.image.version: "0.0.4" + org.opencontainers.image.version: "0.0.5" ## Keywords to help with search (ex. "cicd,gitops,golang") mil.dso.ironbank.image.keywords: "testing" ## This value can be "opensource" or "commercial" @@ -40,8 +40,8 @@ labels: # List of resources to make available to the offline build context resources: -- url: "docker://docker.io/zsanders16/hello-world-go@sha256:9e612a9a9d87872ad0b659a652c2ce8ab9b3e1912fb3f97f551bf734e80a59cb" - tag: "zsanders16/hello-world-go:0.0.4" +- url: "docker://docker.io/zsanders16/hello-world-go@sha256:7efa04b667b2447511db98e0e223481d61fe4d2dd3c93d050263bc3797be049c" + tag: "zsanders16/hello-world-go:0.0.5" # List of project maintainers -- GitLab From ca347781996454b3f34976650c9ab3fab5ab2345 Mon Sep 17 00:00:00 2001 From: Zachary Sanders Date: Tue, 23 Feb 2021 18:29:26 +0000 Subject: [PATCH 12/27] Update hardening_manifest.yaml --- hardening_manifest.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml index 06e0f83..996c5b1 100644 --- a/hardening_manifest.yaml +++ b/hardening_manifest.yaml @@ -2,7 +2,7 @@ apiVersion: v1 # The repository name in registry1, excluding /ironbank/ -name: "renovate/testing" +name: "renovate/renovate-test" # List of tags to push for the repository in registry1 # The most specific version should be the first tag and will be shown @@ -31,11 +31,11 @@ labels: org.opencontainers.image.vendor: "None" org.opencontainers.image.version: "0.0.5" ## Keywords to help with search (ex. "cicd,gitops,golang") - mil.dso.ironbank.image.keywords: "testing" + mil.dso.ironbank.image.keywords: "renovate-test" ## This value can be "opensource" or "commercial" mil.dso.ironbank.image.type: "opensource" ## Product the image belongs to for grouping multiple images - mil.dso.ironbank.product.name: "testing" + mil.dso.ironbank.product.name: "renovate-test" # List of resources to make available to the offline build context -- GitLab From ea24c551f2c5db478083392050305bd587164afb Mon Sep 17 00:00:00 2001 From: Zachary Sanders Date: Tue, 23 Feb 2021 18:36:57 +0000 Subject: [PATCH 13/27] Update hardening_manifest.yaml --- hardening_manifest.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml index 996c5b1..d041922 100644 --- a/hardening_manifest.yaml +++ b/hardening_manifest.yaml @@ -2,7 +2,7 @@ apiVersion: v1 # The repository name in registry1, excluding /ironbank/ -name: "renovate/renovate-test" +name: "renovate/hello-world-go" # List of tags to push for the repository in registry1 # The most specific version should be the first tag and will be shown -- GitLab From 68cd482c2d81408f5c98eb2dedc9d6dd47c6b93a Mon Sep 17 00:00:00 2001 From: Zachary Sanders Date: Wed, 24 Feb 2021 15:16:48 +0000 Subject: [PATCH 14/27] Update hardening_manifest.yaml --- hardening_manifest.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml index d041922..996c5b1 100644 --- a/hardening_manifest.yaml +++ b/hardening_manifest.yaml @@ -2,7 +2,7 @@ apiVersion: v1 # The repository name in registry1, excluding /ironbank/ -name: "renovate/hello-world-go" +name: "renovate/renovate-test" # List of tags to push for the repository in registry1 # The most specific version should be the first tag and will be shown -- GitLab From cd8b6c4ccd32448db4b410da13d63bd81e32440e Mon Sep 17 00:00:00 2001 From: Zachary Sanders Date: Wed, 24 Feb 2021 15:29:42 +0000 Subject: [PATCH 15/27] Update hardening_manifest.yaml --- hardening_manifest.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml index 996c5b1..dd2b6a7 100644 --- a/hardening_manifest.yaml +++ b/hardening_manifest.yaml @@ -2,7 +2,7 @@ apiVersion: v1 # The repository name in registry1, excluding /ironbank/ -name: "renovate/renovate-test" +name: "opensource/pipeline-test-project/renovate-test" # List of tags to push for the repository in registry1 # The most specific version should be the first tag and will be shown -- GitLab From f0c4c4ce73bfa41adc94d27eb36383de8b97b222 Mon Sep 17 00:00:00 2001 From: ironbank-bot Date: Wed, 24 Feb 2021 16:00:09 +0000 Subject: [PATCH 16/27] Update zsanders16/hello-world-go Docker tag to v0.0.6 --- Dockerfile | 2 +- hardening_manifest.yaml | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index 6ba88ed..c0235bb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,7 +2,7 @@ ARG BASE_REGISTRY=registry1.dso.mil ARG BASE_IMAGE=ironbank/redhat/ubi/ubi8 ARG BASE_TAG=8.3 -FROM zsanders16/hello-world-go:0.0.5 as source +FROM zsanders16/hello-world-go:0.0.6 as source FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml index dd2b6a7..4b58790 100644 --- a/hardening_manifest.yaml +++ b/hardening_manifest.yaml @@ -8,7 +8,7 @@ name: "opensource/pipeline-test-project/renovate-test" # The most specific version should be the first tag and will be shown # on ironbank.dsop.io tags: -- "0.0.5" +- "0.0.6" - "latest" # Build args passed to Dockerfile ARGs @@ -29,7 +29,7 @@ labels: org.opencontainers.image.url: "none" ## Name of the distributing entity, organization or individual org.opencontainers.image.vendor: "None" - org.opencontainers.image.version: "0.0.5" + org.opencontainers.image.version: "0.0.6" ## Keywords to help with search (ex. "cicd,gitops,golang") mil.dso.ironbank.image.keywords: "renovate-test" ## This value can be "opensource" or "commercial" @@ -40,8 +40,8 @@ labels: # List of resources to make available to the offline build context resources: -- url: "docker://docker.io/zsanders16/hello-world-go@sha256:7efa04b667b2447511db98e0e223481d61fe4d2dd3c93d050263bc3797be049c" - tag: "zsanders16/hello-world-go:0.0.5" +- url: "docker://docker.io/zsanders16/hello-world-go@sha256:23b3009c78d8f967df5b9a2278bddda46db88daab009d6ab354cf37efb7c8b4b" + tag: "zsanders16/hello-world-go:0.0.6" # List of project maintainers -- GitLab From f1d51d605ba5f506a0e72a68f67103c40628d7d7 Mon Sep 17 00:00:00 2001 From: Zachary Sanders Date: Thu, 11 Mar 2021 10:46:26 -0700 Subject: [PATCH 17/27] add non renovate --- README.md | 2 +- hardening_manifest.yaml | 2 +- renovate.json | 51 +++++++---------------------------------- repo_file.yaml | 0 4 files changed, 10 insertions(+), 45 deletions(-) create mode 100644 repo_file.yaml diff --git a/README.md b/README.md index 8822953..9d4f85a 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Test image used to test renovate -To test run renovate locally +To test run renovate locally ```bash docker run --rm -e RENOVATE_PLATFORM=gitlab -e RENOVATE_ENDPOINT="https://repo1.dso.mil/api/v4" -e RENOVATE_TOKEN="" -e RENOVATE_AUTODISCOVER='false' -e RENOVATE_REPOSITORIES="dsop/opensource/pipeline-test-project/renovate-test" -it registry1.dso.mil/ironbank/container-hardening-tools/renovate/renovate@sha256:28e7a621d4001f839ff366e75ab650e095ec391861fd81637bcbd19f95364fe0 diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml index d18f35b..722f860 100644 --- a/hardening_manifest.yaml +++ b/hardening_manifest.yaml @@ -2,7 +2,7 @@ apiVersion: v1 # The repository name in registry1, excluding /ironbank/ -name: "renovate/testing" +name: "renovate/renovate-test" # List of tags to push for the repository in registry1 # The most specific version should be the first tag and will be shown diff --git a/renovate.json b/renovate.json index a40a7a0..987a4ee 100644 --- a/renovate.json +++ b/renovate.json @@ -1,47 +1,12 @@ { - "assignees": [ - "@sander--bah" - ], - "baseBranches": [ - "development" - ], - "packageRules": [ + "regexManagers": [ { - "matchUpdateTypes": ["minor", "patch"], - "automerge": true + "fileMatch": ["./repo_file.yaml"], + "matchStrings": [ + "\"image_tag\": \"(?.*?)\"" + ], + "depNameTemplate": "mongo", + "datasourceTemplate": "docker" } - ], - "regexManagers": [ - { - "fileMatch": [ - "^Dockerfile$" - ], - "matchStrings": [ - "version=\"(?.*?)\"" - ], - "depNameTemplate": "zsanders16/hello-world-go", - "datasourceTemplate": "docker" - }, - { - "fileMatch": [ - "^hardening_manifest.yaml$" - ], - "matchStrings": [ - "org\\.opencontainers\\.image\\.version:\\s+\"(?.+?)\"" - ], - "depNameTemplate": "zsanders16/hello-world-go", - "datasourceTemplate": "docker" - }, - { - "fileMatch": [ - "^hardening_manifest.yaml$" - ], - "matchStrings": [ - "tags:\\s+-\\s+\"(?.+?)\"" - ], - "depNameTemplate": "zsanders16/hello-world-go", - "datasourceTemplate": "docker" - } ] - } - \ No newline at end of file +} diff --git a/repo_file.yaml b/repo_file.yaml new file mode 100644 index 0000000..e69de29 -- GitLab From 5ea96eebb7f2a8c8b26f5a7f7d28fe595b716f77 Mon Sep 17 00:00:00 2001 From: Zachary Sanders Date: Thu, 11 Mar 2021 11:02:27 -0700 Subject: [PATCH 18/27] test --- renovate.json | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/renovate.json b/renovate.json index 987a4ee..2611ad1 100644 --- a/renovate.json +++ b/renovate.json @@ -1,4 +1,10 @@ { + "assignees": [ + "@sanders--bah" + ], + "baseBranches": [ + "development" + ], "regexManagers": [ { "fileMatch": ["./repo_file.yaml"], -- GitLab From d186d2bfdad15eab19f90bec8da1d612bd89bd52 Mon Sep 17 00:00:00 2001 From: Zachary Sanders Date: Thu, 11 Mar 2021 11:06:03 -0700 Subject: [PATCH 19/27] merge --- .gitlab-ci.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 7b5ac6a..1d13d35 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,8 +1,8 @@ -stages: - - test +# stages: +# - test -run_test: - stage: test - script: - - echo "test successful" +# run_test: +# stage: test +# script: +# - echo "test successful" -- GitLab From 827f7d0c6648af22e05ff2ee3262e5ca9eea84c0 Mon Sep 17 00:00:00 2001 From: Zachary Sanders Date: Thu, 11 Mar 2021 11:08:52 -0700 Subject: [PATCH 20/27] test --- hardening_manifest.yaml | 4 ---- renovate.json | 10 ---------- repo_file.yaml | 3 +++ 3 files changed, 3 insertions(+), 14 deletions(-) diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml index 7e1515e..1a3d8f4 100644 --- a/hardening_manifest.yaml +++ b/hardening_manifest.yaml @@ -2,11 +2,7 @@ apiVersion: v1 # The repository name in registry1, excluding /ironbank/ -<<<<<<< HEAD name: "renovate/renovate-test" -======= -name: "opensource/pipeline-test-project/renovate-test" ->>>>>>> ed0ff7629cb97a40c5fa9f97d894e59b38f5c668 # List of tags to push for the repository in registry1 # The most specific version should be the first tag and will be shown diff --git a/renovate.json b/renovate.json index 2fec31c..2611ad1 100644 --- a/renovate.json +++ b/renovate.json @@ -7,22 +7,12 @@ ], "regexManagers": [ { -<<<<<<< HEAD "fileMatch": ["./repo_file.yaml"], "matchStrings": [ "\"image_tag\": \"(?.*?)\"" ], "depNameTemplate": "mongo", "datasourceTemplate": "docker" -======= - "updateTypes": ["minor", "patch"], - "automerge": true ->>>>>>> ed0ff7629cb97a40c5fa9f97d894e59b38f5c668 } ] -<<<<<<< HEAD } -======= - } - ->>>>>>> ed0ff7629cb97a40c5fa9f97d894e59b38f5c668 diff --git a/repo_file.yaml b/repo_file.yaml index e69de29..c2f10be 100644 --- a/repo_file.yaml +++ b/repo_file.yaml @@ -0,0 +1,3 @@ +repositories: +- image_name: opensource/mongodb/mongodb + image_tag: 4.4.1 -- GitLab From b2558c34d2cced9dc517c91f64a0b1f4458970d2 Mon Sep 17 00:00:00 2001 From: Zachary Sanders Date: Thu, 11 Mar 2021 11:10:54 -0700 Subject: [PATCH 21/27] test --- repo_file.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/repo_file.yaml b/repo_file.yaml index c2f10be..d6ba7a1 100644 --- a/repo_file.yaml +++ b/repo_file.yaml @@ -1,3 +1,3 @@ repositories: - image_name: opensource/mongodb/mongodb - image_tag: 4.4.1 + image_tag: "4.4.1" -- GitLab From fa6feb67bb31c43c9ef026f56bd227cb3664a873 Mon Sep 17 00:00:00 2001 From: Zachary Sanders Date: Thu, 11 Mar 2021 11:11:52 -0700 Subject: [PATCH 22/27] test --- .gitlab-ci.yml | 8 -------- 1 file changed, 8 deletions(-) delete mode 100644 .gitlab-ci.yml diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml deleted file mode 100644 index 1d13d35..0000000 --- a/.gitlab-ci.yml +++ /dev/null @@ -1,8 +0,0 @@ - -# stages: -# - test - -# run_test: -# stage: test -# script: -# - echo "test successful" -- GitLab From bdefcc124457297d548bc6e32827799b3da8fe43 Mon Sep 17 00:00:00 2001 From: Zachary Sanders Date: Thu, 11 Mar 2021 11:24:54 -0700 Subject: [PATCH 23/27] test --- Dockerfile | 24 ----- LICENSE | 201 ---------------------------------------- hardening_manifest.yaml | 56 ----------- 3 files changed, 281 deletions(-) delete mode 100644 Dockerfile delete mode 100644 LICENSE delete mode 100644 hardening_manifest.yaml diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index c0235bb..0000000 --- a/Dockerfile +++ /dev/null @@ -1,24 +0,0 @@ -ARG BASE_REGISTRY=registry1.dso.mil -ARG BASE_IMAGE=ironbank/redhat/ubi/ubi8 -ARG BASE_TAG=8.3 - -FROM zsanders16/hello-world-go:0.0.6 as source - -FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} - -COPY --from=source /app/main /app/main - -RUN dnf upgrade -y && \ - dnf clean all && \ - rm -rf /var/cache/dnf - -RUN groupadd -r -g 1001 hello && \ - useradd -r -u 1001 -g hello hello && \ - chown -R hello:hello /app/main && \ - chmod +x /app/main - -USER hello - -HEALTHCHECK NONE - -ENTRYPOINT [ "/app/main" ] diff --git a/LICENSE b/LICENSE deleted file mode 100644 index 5b7c380..0000000 --- a/LICENSE +++ /dev/null @@ -1,201 +0,0 @@ -Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright 2017-2018 The Argo Authors - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml deleted file mode 100644 index 1a3d8f4..0000000 --- a/hardening_manifest.yaml +++ /dev/null @@ -1,56 +0,0 @@ ---- -apiVersion: v1 - -# The repository name in registry1, excluding /ironbank/ -name: "renovate/renovate-test" - -# List of tags to push for the repository in registry1 -# The most specific version should be the first tag and will be shown -# on ironbank.dsop.io -tags: -- "0.0.6" -- "latest" - -# Build args passed to Dockerfile ARGs -args: - BASE_IMAGE: "redhat/ubi/ubi8" - BASE_TAG: "8.3" - - - -# Docker image labels -labels: - org.opencontainers.image.title: "Renovate Test" - ## Human-readable description of the software packaged in the image - org.opencontainers.image.description: "Test image used to test Renovate." - ## License(s) under which contained software is distributed - org.opencontainers.image.licenses: "MIT License" - ## URL to find more information on the image - org.opencontainers.image.url: "none" - ## Name of the distributing entity, organization or individual - org.opencontainers.image.vendor: "None" - org.opencontainers.image.version: "0.0.6" - ## Keywords to help with search (ex. "cicd,gitops,golang") - mil.dso.ironbank.image.keywords: "renovate-test" - ## This value can be "opensource" or "commercial" - mil.dso.ironbank.image.type: "opensource" - ## Product the image belongs to for grouping multiple images - mil.dso.ironbank.product.name: "renovate-test" - - -# List of resources to make available to the offline build context -resources: -- url: "docker://docker.io/zsanders16/hello-world-go@sha256:23b3009c78d8f967df5b9a2278bddda46db88daab009d6ab354cf37efb7c8b4b" - tag: "zsanders16/hello-world-go:0.0.6" - - -# List of project maintainers -# FIXME: Fill in the following details for the current container owner in the whitelist -# FIXME: Include any other vendor information if applicable -maintainers: -# cht_member: true # FIXME: Uncomment if the maintainer is a member of CHT -- email: "sanders_zachary@bah.com" - name: "Zachary Sanders" - username: "sanders--bah" - cht_member: true - -- GitLab From f0ba3fbae77adb91da9d22401b8df9f931799948 Mon Sep 17 00:00:00 2001 From: Zachary Sanders Date: Thu, 11 Mar 2021 11:30:22 -0700 Subject: [PATCH 24/27] test --- renovate.json | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/renovate.json b/renovate.json index 2611ad1..f524153 100644 --- a/renovate.json +++ b/renovate.json @@ -7,7 +7,9 @@ ], "regexManagers": [ { - "fileMatch": ["./repo_file.yaml"], + "fileMatch": [ + "^repo_file.yaml$" + ], "matchStrings": [ "\"image_tag\": \"(?.*?)\"" ], -- GitLab From 7194f54517ebba53d35a67a79864186c259ef83b Mon Sep 17 00:00:00 2001 From: Zachary Sanders Date: Thu, 11 Mar 2021 12:05:07 -0700 Subject: [PATCH 25/27] test --- renovate.json | 2 +- repo_file.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/renovate.json b/renovate.json index f524153..f6ae250 100644 --- a/renovate.json +++ b/renovate.json @@ -13,7 +13,7 @@ "matchStrings": [ "\"image_tag\": \"(?.*?)\"" ], - "depNameTemplate": "mongo", + "depNameTemplate": "vault", "datasourceTemplate": "docker" } ] diff --git a/repo_file.yaml b/repo_file.yaml index d6ba7a1..8da8540 100644 --- a/repo_file.yaml +++ b/repo_file.yaml @@ -1,3 +1,3 @@ -repositories: +resources: - image_name: opensource/mongodb/mongodb - image_tag: "4.4.1" + image_tag: "1.6.2" -- GitLab From d4f150cc993505ccb2955c9fc6e492ceff53bead Mon Sep 17 00:00:00 2001 From: Zachary Sanders Date: Thu, 11 Mar 2021 12:09:01 -0700 Subject: [PATCH 26/27] test --- renovate.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/renovate.json b/renovate.json index f6ae250..14cf8be 100644 --- a/renovate.json +++ b/renovate.json @@ -8,7 +8,7 @@ "regexManagers": [ { "fileMatch": [ - "^repo_file.yaml$" + "repo_file.yaml$" ], "matchStrings": [ "\"image_tag\": \"(?.*?)\"" -- GitLab From 9575bd146bf5dd2b0c2d6dcb8d1ff90366974b8c Mon Sep 17 00:00:00 2001 From: Zachary Sanders Date: Thu, 11 Mar 2021 12:13:33 -0700 Subject: [PATCH 27/27] test --- renovate.json | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/renovate.json b/renovate.json index 14cf8be..4096725 100644 --- a/renovate.json +++ b/renovate.json @@ -7,11 +7,9 @@ ], "regexManagers": [ { - "fileMatch": [ - "repo_file.yaml$" - ], + "fileMatch": ["^repo_file$"], "matchStrings": [ - "\"image_tag\": \"(?.*?)\"" + "\"image_tag\": \"(?.*?)\"" ], "depNameTemplate": "vault", "datasourceTemplate": "docker" -- GitLab