add Dockerfile, LICENSE, hardening_manifest.yaml

9f45c17f · Tapasvi Kaza · c087189d · 9f45c17f · 9f45c17f · 9f45c17f
Commit 9f45c17f authored Feb 05, 2021 by Tapasvi Kaza
Hide whitespace changes
Inline Side-by-side

Showing with 131 additions and 0 deletions

Dockerfile Dockerfile +39 -0

LICENSE LICENSE +41 -0

hardening_manifest.yaml hardening_manifest.yaml +51 -0

No files found.
--- a/Dockerfile
+++ b/Dockerfile
+ARG BASE_REGISTRY=registry1.dsop.io
+ARG BASE_IMAGE=ironbank/redhat/ubi/ubi8
+ARG BASE_TAG=8.3
+FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG}
+ENV PATH=/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/Python-3.9.1
+COPY Python-3.9.1.tgz pip-21.0.1-py3-none-any.whl /opt
+RUN dnf upgrade -y && \
+    dnf install -y make gcc openssl-devel bzip2-devel libffi-devel && \
+    cd /opt && \
+    tar -xzvf Python-3.9.1.tgz && \
+    rm -f Python-3.9.1.tgz && \
+    cd Python-3.9.1 && \
+    ./configure --enable-optimizations && \
+    make altinstall && \
+    python -m pip install --no-index --upgrade /opt/pip-21.0.1-py3-none-any.whl && \
+    ln -s /opt/Python-3.9.1/python /usr/bin/python3 && \
+    rm -f pip-21.0.1-py3-none-any.whl && \
+    dnf -y remove gcc make openssl-devel bzip2-devel libffi-devel && \
+    find /opt/Python-3.9.1 -name "*.pem" -o -name "*.key" | xargs rm -f && \
+    find /usr/local/lib/python3.9/test -name "*.pem" -o -name "*.key" | xargs rm -f && \
+    dnf clean all && \
+    rm -rf /var/cache/dnf
+RUN groupadd -g 1001 python3 && \
+    useradd -r -u 1001 -m -s /sbin/nologin -g python3 python3
+USER python3
+HEALTHCHECK none
+EXPOSE 8080
+CMD ["python3"]
--- a/LICENSE
+++ b/LICENSE
+1. This LICENSE AGREEMENT is between the Python Software Foundation ("PSF"), and
+   the Individual or Organization ("Licensee") accessing and otherwise using Python
+   3.9.1 software in source or binary form and its associated documentation.
+2. Subject to the terms and conditions of this License Agreement, PSF hereby
+   grants Licensee a nonexclusive, royalty-free, world-wide license to reproduce,
+   analyze, test, perform and/or display publicly, prepare derivative works,
+   distribute, and otherwise use Python 3.9.1 alone or in any derivative
+   version, provided, however, that PSF's License Agreement and PSF's notice of
+   copyright, i.e., "Copyright © 2001-2021 Python Software Foundation; All Rights
+   Reserved" are retained in Python 3.9.1 alone or in any derivative version
+   prepared by Licensee.
+3. In the event Licensee prepares a derivative work that is based on or
+   incorporates Python 3.9.1 or any part thereof, and wants to make the
+   derivative work available to others as provided herein, then Licensee hereby
+   agrees to include in any such work a brief summary of the changes made to Python
+   3.9.1.
+4. PSF is making Python 3.9.1 available to Licensee on an "AS IS" basis.
+   PSF MAKES NO REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED.  BY WAY OF
+   EXAMPLE, BUT NOT LIMITATION, PSF MAKES NO AND DISCLAIMS ANY REPRESENTATION OR
+   WARRANTY OF MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE OR THAT THE
+   USE OF PYTHON 3.9.1 WILL NOT INFRINGE ANY THIRD PARTY RIGHTS.
+5. PSF SHALL NOT BE LIABLE TO LICENSEE OR ANY OTHER USERS OF PYTHON 3.9.1
+   FOR ANY INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES OR LOSS AS A RESULT OF
+   MODIFYING, DISTRIBUTING, OR OTHERWISE USING PYTHON 3.9.1, OR ANY DERIVATIVE
+   THEREOF, EVEN IF ADVISED OF THE POSSIBILITY THEREOF.
+6. This License Agreement will automatically terminate upon a material breach of
+   its terms and conditions.
+7. Nothing in this License Agreement shall be deemed to create any relationship
+   of agency, partnership, or joint venture between PSF and Licensee.  This License
+   Agreement does not grant permission to use PSF trademarks or trade name in a
+   trademark sense to endorse or promote products or services of Licensee, or any
+   third party.
+8. By copying, installing or otherwise using Python 3.9.1, Licensee agrees
+   to be bound by the terms and conditions of this License Agreement.
--- a/hardening_manifest.yaml
+++ b/hardening_manifest.yaml
+---
+apiVersion: v1
+# The repository name in registry1, excluding /ironbank/
+name: "opensource/python/python39"
+# List of tags to push for the repository in registry1
+# The most specific version should be the first tag and will be shown
+# on ironbank.dsop.io
+tags:
+- "3.9"
+- "latest"
+# Build args passed to Dockerfile ARGs
+args:
+  BASE_IMAGE: "redhat/ubi/ubi8"
+  BASE_TAG: "8.3"
+# Docker image labels
+labels:
+  org.opencontainers.image.title: "python39"
+  org.opencontainers.image.description: "Python programming language"
+  org.opencontainers.image.licenses: "Python Software Foundation"
+  org.opencontainers.image.url: "https://www.python.org/"
+  org.opencontainers.image.vendor: "Python Software Foundation"
+  org.opencontainers.image.version: "3.9"
+  mil.dso.ironbank.image.keywords: "python, programming language"
+  mil.dso.ironbank.image.type: "opensource"
+  mil.dso.ironbank.product.name: "python"
+# List of resources to make available to the offline build context
+resources:
+- filename: Python-3.9.1.tgz
+  url: https://www.python.org/ftp/python/3.9.1/Python-3.9.1.tgz
+  validation:
+    type: sha256
+    value: 29cb91ba038346da0bd9ab84a0a55a845d872c341a4da6879f462e94c741f117
+- filename: pip-21.0.1-py3-none-any.whl
+  url: https://files.pythonhosted.org/packages/fe/ef/60d7ba03b5c442309ef42e7d69959f73aacccd0d86008362a681c4698e83/pip-21.0.1-py3-none-any.whl
+  validation:
+    type: sha256
+    value: 37fd50e056e2aed635dec96594606f0286640489b0db0ce7607f7e51890372d5
+# List of project maintainers
+maintainers:
+- email: "balexander@vivsoft.io"
+  name: "Brad Alexander"
+  username: "balexand"
+  cht_member: true