Merge branch 'development' into 'master'

Development See merge request !24

Merge branch 'development' into 'master'
Development See merge request !24
a78c9ed7 · Andy Maksymowicz · 73b75cc5 · 13152221 · a78c9ed7 · a78c9ed7
Commit a78c9ed7 authored Jun 02, 2021 by Andy Maksymowicz
Show whitespace changes
Inline Side-by-side

Showing with 27 additions and 25 deletions

Dockerfile Dockerfile +3 -4

hardening_manifest.yaml hardening_manifest.yaml +9 -19

renovate.json renovate.json +15 -2

No files found.
--- a/Dockerfile
+++ b/Dockerfile
@@ -6,9 +6,8 @@ FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} as build
 USER 0
-COPY *.whl *.tar.gz /wheel/
+COPY *.whl /wheel/
-RUN pip install --no-index --find-links=/wheel/ truffleHog3 && \
+RUN pip install --no-index --find-links=/wheel/ truffleHog3
-    pip install --upgrade --no-index --find-links=/wheel/ PyYAML Jinja2
 FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG}

--- a/hardening_manifest.yaml
+++ b/hardening_manifest.yaml
@@ -8,7 +8,7 @@ name: "opensource/trufflehog/trufflehog3"
 # The most specific version should be the first tag and will be shown
 # on ironbank.dsop.io
 tags:
- "2.0.4"
+- "2.0.5"
 - "latest"
 # Build args passed to Dockerfile ARGs
@@ -27,7 +27,7 @@ labels:
  org.opencontainers.image.url: "https://github.com/feeltheajf/trufflehog3"
  ## Name of the distributing entity, organization or individual
  org.opencontainers.image.vendor: "opensource"
-  org.opencontainers.image.version: "2.0.4"
+  org.opencontainers.image.version: "2.0.5"
  ## Keywords to help with search (ex. "cicd,gitops,golang")
  mil.dso.ironbank.image.keywords: "trufflehog3,secrets"
  ## This value can be "opensource" or "commercial"
@@ -37,16 +37,11 @@ labels:
 # List of resources to make available to the offline build context
 resources:
- filename: truffleHog3-2.0.4-py2.py3-none-any.whl
+- filename: truffleHog3-2.0.5-py2.py3-none-any.whl
-  url: https://files.pythonhosted.org/packages/b2/c4/3e3f16002e2ea0b8421b6ff43eb88a1e6036f0723240b93ad1bff9363936/truffleHog3-2.0.4-py2.py3-none-any.whl
+  url: https://files.pythonhosted.org/packages/f4/83/7b145927deaf5a546d074c46f3bf9c77306c0e936eddb1427ed42fb000eb/truffleHog3-2.0.5-py2.py3-none-any.whl
  validation:
    type: sha256
-    value: 79ac7171f395ce047b09aecaa9ee68b650d48cd6d9d3d70d7a9b637a2decf6df
+    value: f08e6a764879895bd7992eaca8aeaee7c8d22b42bd11526bbbe9c474afc8518f
- filename: Jinja2-2.11.1-py2.py3-none-any.whl
-  url: https://files.pythonhosted.org/packages/27/24/4f35961e5c669e96f6559760042a55b9bcfcdb82b9bdb3c8753dbe042e35/Jinja2-2.11.1-py2.py3-none-any.whl
-  validation:
-    type: sha256
-    value: b0eaf100007721b5c16c1fc1eecb87409464edc10469ddc9a22a27a99123be49
 - filename: Jinja2-2.11.3-py2.py3-none-any.whl
  url: https://files.pythonhosted.org/packages/7e/c2/1eece8c95ddbc9b1aeb64f5783a9e07a286de42191b7204d67b7496ddf35/Jinja2-2.11.3-py2.py3-none-any.whl
  validation:
@@ -57,16 +52,11 @@ resources:
  validation:
    type: sha256
    value: 43da89427bdf18bf07f1164c6d415750693b4d50e28fc9b68de706245147b9dd
- filename: PyYAML-5.3.1.tar.gz
+- filename: PyYAML-5.4-cp39-cp39-manylinux1_x86_64.whl
-  url: https://files.pythonhosted.org/packages/64/c2/b80047c7ac2478f9501676c988a5411ed5572f35d1beff9cae07d321512c/PyYAML-5.3.1.tar.gz
+  url: https://files.pythonhosted.org/packages/43/e8/31007862b01580c507e24b88aeedb71bb81d6125a71c651a26370e6e0648/PyYAML-5.4-cp39-cp39-manylinux1_x86_64.whl
-  validation:
-    type: sha256
-    value: b8eac752c5e14d3eca0e6dd9199cd627518cb5ec06add0de9d32baeee6fe645d
- filename: PyYAML-5.4.1-cp39-cp39-manylinux1_x86_64.whl
-  url: https://files.pythonhosted.org/packages/3d/1f/2a3705efca3b47161ceaaf52970a9d4b81cc84600818686ecd75093a00a5/PyYAML-5.4.1-cp39-cp39-manylinux1_x86_64.whl
  validation:
    type: sha256
-    value: 74c1485f7707cf707a7aef42ef6322b8f97921bd89be2ab6317fd782c2d53183
+    value: 02c78d77281d8f8d07a255e57abdbf43b02257f59f50cc6b636937d68efa5dd0
 - filename: gitdb-4.0.7-py3-none-any.whl
  url: https://files.pythonhosted.org/packages/ea/e8/f414d1a4f0bbc668ed441f74f44c116d9816833a48bf81d22b697090dba8/gitdb-4.0.7-py3-none-any.whl
  validation:

--- a/renovate.json
+++ b/renovate.json
@@ -5,6 +5,8 @@
    "baseBranches": [
      "development"
    ],
+    "automerge": true,
+    "gitLabAutomerge": true,
    "regexManagers": [
      {
        "fileMatch": [
@@ -15,6 +17,17 @@
        ],
        "depNameTemplate": "registry1.dso.mil/ironbank/python/python39",
        "datasourceTemplate": "docker"
+      },
+      {
+      "fileMatch": [
+        "^hardening_manifest.yaml$"
+      ],
+      "matchStrings": [
+        "org\\.opencontainers\\.image\\.version:\\s+\"(?<currentValue>.+?)\"",
+        "tags:\\s+-\\s+\"(?<currentValue>.+?)\""
+      ],
+      "depNameTemplate": "truffleHog3",
+      "datasourceTemplate": "pypi"
    }
    ]
  }