diff --git a/Dockerfile b/Dockerfile index a64534bbee62e1acc3f57083b8fbdf5e657cf729..0032e376e4001fe5e7aa36a02a03150a74d7b632 100644 --- a/Dockerfile +++ b/Dockerfile @@ -12,12 +12,13 @@ COPY signatures/RPM-GPG-KEY-PGDG-11 \ postgresql11-server.rpm \ postgresql11.rpm \ postgresql11-libs.rpm \ + postgresql11-contrib.rpm \ /tmp/ COPY scripts/docker-entrypoint.sh /usr/local/bin/ RUN rpm --import /tmp/RPM-GPG-KEY-PGDG-11 && \ - dnf install -y glibc-langpack-en /tmp/postgresql11-server.rpm /tmp/postgresql11.rpm /tmp/postgresql11-libs.rpm && \ + dnf install -y --nodocs glibc-langpack-en /tmp/postgresql11-server.rpm /tmp/postgresql11.rpm /tmp/postgresql11-libs.rpm /tmp/postgresql11-contrib.rpm && \ dnf clean all && \ rm -rf /var/cache/dnf && \ chmod +x /usr/local/bin/docker-entrypoint.sh diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml index 8d75b22ba4dac18ef621ff295eddafd3a56ab198..b32698778de9519e5e60df230e05840d60c1597c 100644 --- a/hardening_manifest.yaml +++ b/hardening_manifest.yaml @@ -8,7 +8,7 @@ name: "opensource/postgres/postgresql11" # The most specific version should be the first tag and will be shown # on ironbank.dsop.io tags: -- "11.11" +- "11.12-2" - "latest" # Build args passed to Dockerfile ARGs @@ -27,7 +27,7 @@ labels: org.opencontainers.image.url: "https://www.postgresql.org/" ## Name of the distributing entity, organization or individual org.opencontainers.image.vendor: "The PostgreSQL Global Development Group" - org.opencontainers.image.version: "11.11" + org.opencontainers.image.version: "11.12-2" ## Keywords to help with search (ex. "cicd,gitops,golang") mil.dso.ironbank.image.keywords: "postgresql,postgresql11" ## This value can be "opensource" or "commercial" @@ -43,20 +43,25 @@ resources: type: sha256 value: 991821e20c4af66314b023db867c7ee8d593f249b9732cbacba7bcd7b25e9604 - filename: postgresql11-server.rpm - url: https://download.postgresql.org/pub/repos/yum/11/redhat/rhel-8-x86_64/postgresql11-server-11.11-1PGDG.rhel8.x86_64.rpm + url: https://download.postgresql.org/pub/repos/yum/11/redhat/rhel-8-x86_64/postgresql11-server-11.12-2PGDG.rhel8.x86_64.rpm validation: type: sha256 - value: bd0a889b91daf5702176f4f11850a3300e6472feeb85d7e0b0e5fd049d6e5ba9 + value: f19250220bb7181b8b1dc30aca681a0a52084795e5043feb98785d5c4ed29289 - filename: postgresql11.rpm - url: https://download.postgresql.org/pub/repos/yum/11/redhat/rhel-8-x86_64/postgresql11-11.11-1PGDG.rhel8.x86_64.rpm + url: https://download.postgresql.org/pub/repos/yum/11/redhat/rhel-8-x86_64/postgresql11-11.12-2PGDG.rhel8.x86_64.rpm validation: type: sha256 - value: 3c8397887d487d7e944cd3511d59766828b18fa7dbca0ff6a1eb272fbdc9711c + value: 620bb93b094f6833e940bd66e4219c23b5b56b8cbf7edbc8560bea1c017caf33 - filename: postgresql11-libs.rpm - url: https://download.postgresql.org/pub/repos/yum/11/redhat/rhel-8-x86_64/postgresql11-libs-11.11-1PGDG.rhel8.x86_64.rpm + url: https://download.postgresql.org/pub/repos/yum/11/redhat/rhel-8-x86_64/postgresql11-libs-11.12-2PGDG.rhel8.x86_64.rpm validation: type: sha256 - value: 550ebb1437bfaefb1b97b812ac973f5ec41519737d44254c54146d2ac69d18a5 + value: 0797a08a8ebf9c4e62b7a89821b378ec108574ebc5a9ace8f677f497fad6c0d9 +- filename: postgresql11-contrib.rpm + url: https://download.postgresql.org/pub/repos/yum/11/redhat/rhel-8-x86_64/postgresql11-contrib-11.12-2PGDG.rhel8.x86_64.rpm + validation: + type: sha256 + value: e54b600b5d7f746be90e3f21ddccb29cf170fc7f52385a6ed3d3efc5aaf963ec maintainers: