From 2b40253c843e3579eb96cb014c0d5833f1cc91f6 Mon Sep 17 00:00:00 2001 From: jeason Date: Wed, 14 Oct 2020 15:55:08 -0600 Subject: [PATCH 1/7] Project template: file templates --- .gitlab/CODEOWNERS | 6 +++ .gitlab/issue_templates/Access Request.md | 16 ++++++++ .../issue_templates/Application - Archive.md | 21 +++++++++++ .../issue_templates/Application - Initial.md | 32 ++++++++++++++++ .../issue_templates/Application - Update.md | 35 ++++++++++++++++++ .gitlab/issue_templates/Bug.md | 37 +++++++++++++++++++ .gitlab/issue_templates/Feature Request.md | 32 ++++++++++++++++ .../issue_templates/Leadership Question.md | 7 ++++ .gitlab/issue_templates/New Findings.md | 20 ++++++++++ .../issue_templates/Onboarding Question.md | 7 ++++ .gitlab/issue_templates/Pipeline Failure.md | 31 ++++++++++++++++ 11 files changed, 244 insertions(+) create mode 100644 .gitlab/CODEOWNERS create mode 100644 .gitlab/issue_templates/Access Request.md create mode 100644 .gitlab/issue_templates/Application - Archive.md create mode 100644 .gitlab/issue_templates/Application - Initial.md create mode 100644 .gitlab/issue_templates/Application - Update.md create mode 100644 .gitlab/issue_templates/Bug.md create mode 100644 .gitlab/issue_templates/Feature Request.md create mode 100644 .gitlab/issue_templates/Leadership Question.md create mode 100644 .gitlab/issue_templates/New Findings.md create mode 100644 .gitlab/issue_templates/Onboarding Question.md create mode 100644 .gitlab/issue_templates/Pipeline Failure.md diff --git a/.gitlab/CODEOWNERS b/.gitlab/CODEOWNERS new file mode 100644 index 0000000..64a2c68 --- /dev/null +++ b/.gitlab/CODEOWNERS @@ -0,0 +1,6 @@ +[Pipelines] +.gitlab-ci.yml @ironbank-notifications/cht +.gitlab-ci.yaml @ironbank-notifications/cht + +[Gitlab Configuration Files] +.gitlab/* @ironbank-notifications/cht diff --git a/.gitlab/issue_templates/Access Request.md b/.gitlab/issue_templates/Access Request.md new file mode 100644 index 0000000..1a7b224 --- /dev/null +++ b/.gitlab/issue_templates/Access Request.md @@ -0,0 +1,16 @@ +## Summary + +The following individuals are requesting access to this project (one per line): +(List or tag all individuals here) + + +The access level should be: +- [ ] Developer access +- [ ] Remove access + + +## Definition of Done +- [ ] All accounts have been provided the necessary accesses + + +/label ~"Access" ~"To Do" \ No newline at end of file diff --git a/.gitlab/issue_templates/Application - Archive.md b/.gitlab/issue_templates/Application - Archive.md new file mode 100644 index 0000000..9f3b5fe --- /dev/null +++ b/.gitlab/issue_templates/Application - Archive.md @@ -0,0 +1,21 @@ +## Summary + +Requesting this application be archived due to one of the following reasons: +- [ ] Version is no longer supported by vendor +- [ ] Application is End-Of-Life +- [ ] License violation. +- [ ] Other. See below. + +## Detailed Description + +(Please provide a detailed description of why this application should be archived) + + +## Definition of Done +- [ ] Application has been reviewed for archival +- [ ] Project is officially marked as stale +- [ ] Iron Bank frontend no longer lists application as available or approved + + +/label ~"Container::Archive" +/cc @ironbank-notifications/archive \ No newline at end of file diff --git a/.gitlab/issue_templates/Application - Initial.md b/.gitlab/issue_templates/Application - Initial.md new file mode 100644 index 0000000..6594a05 --- /dev/null +++ b/.gitlab/issue_templates/Application - Initial.md @@ -0,0 +1,32 @@ +## Summary + +Requesting application to be hardened. This is only for initial hardening of a container. + + +## Version Information + +Current version: (State the current version of the application as you see it) + +Under support: (Is the updated version within the same major version of the application or is this a new major version?) + + +## Definition of Done +Hardening: +- [ ] Container builds successfully +- [ ] Greylist file has been created (requires a member from container hardening) +- [ ] Branch has been merged into `development` + +Justifications: +- [ ] All findings have been justified per the above documentation +- [ ] Justifications have been provided to the container hardening team + +Approval Process (container hardening team processes): +- [ ] Peer review from Container Hardening Team +- [ ] Findings Approver has reviewed and approved all justifications +- [ ] Approval request has been sent to Authorizing Official +- [ ] Approval request has been processed by Authorizing Official + + + +/label ~"Container::Initial" +/cc @ironbank-notifications/cht \ No newline at end of file diff --git a/.gitlab/issue_templates/Application - Update.md b/.gitlab/issue_templates/Application - Update.md new file mode 100644 index 0000000..caebb3e --- /dev/null +++ b/.gitlab/issue_templates/Application - Update.md @@ -0,0 +1,35 @@ +## Summary + +Requesting application be updated to a newer version. + + + +## Version Information + +Current version: (State the current version of the application as you see it) + +Updated version: (State the version you would like the application updated to) + +Under support: (Is the updated version within the same major version of the application or is this a new major version?) + + +## Definition of Done +Hardening: +- [ ] Container builds successfully +- [ ] Container version has been updated in greylist file +- [ ] Branch has been merged into `development` + +Justifications: +- [ ] All findings have been justified per the above documentation +- [ ] Justifications have been provided to the container hardening team + +Approval Process: +- [ ] Peer review from Container Hardening Team +- [ ] Findings Approver has reviewed and approved all justifications +- [ ] Approval request has been sent to Authorizing Official +- [ ] Approval request has been processed by Authorizing Official + + + +/label ~"Container::Update" +/cc @ironbank-notifications/updates \ No newline at end of file diff --git a/.gitlab/issue_templates/Bug.md b/.gitlab/issue_templates/Bug.md new file mode 100644 index 0000000..1427a0c --- /dev/null +++ b/.gitlab/issue_templates/Bug.md @@ -0,0 +1,37 @@ +## Summary + +(Summarize the bug encountered concisely) + + +## Steps to reproduce + +(How one can reproduce the issue - this is very important) + + +## What is the current bug behavior? + +(What actually happens) + + +## What is the expected correct behavior? + +(What you should see instead) + + +## Relevant logs and/or screenshots + +(Paste any relevant logs - please use code blocks (```) to format console output, +logs, and code as it's very hard to read otherwise.) + + +## Possible fixes + +(If you can, link to the line of code that might be responsible for the problem) + + +## Defintion of Done +- [ ] Bug has been identified and corrected within the container + + +/label ~Bug +/cc @ironbank-notifications/bug \ No newline at end of file diff --git a/.gitlab/issue_templates/Feature Request.md b/.gitlab/issue_templates/Feature Request.md new file mode 100644 index 0000000..a0e2f19 --- /dev/null +++ b/.gitlab/issue_templates/Feature Request.md @@ -0,0 +1,32 @@ +## Feature description + +(Detailed description of the feature being requested) + + +## Use cases + + +(Detailed description of the use case for this feature) + + +## Benefits + +(How does this benefit others) + + +## Requirements + +(Any requirements for this feature to be enabled?) + + +## Links / references + +(List of links or references that support this feature) + + +## Definition of Done +- [ ] Feature has been implemented + + +/label ~Feature +/cc @ironbank-notifications/feature \ No newline at end of file diff --git a/.gitlab/issue_templates/Leadership Question.md b/.gitlab/issue_templates/Leadership Question.md new file mode 100644 index 0000000..4674f82 --- /dev/null +++ b/.gitlab/issue_templates/Leadership Question.md @@ -0,0 +1,7 @@ +## Leadership question + +(Detailed description of the question you'd like to ask the leadership team) + + +/label ~"Question::Leadership" ~"To Do" +/cc @ironbank-notifications/leadership \ No newline at end of file diff --git a/.gitlab/issue_templates/New Findings.md b/.gitlab/issue_templates/New Findings.md new file mode 100644 index 0000000..068d029 --- /dev/null +++ b/.gitlab/issue_templates/New Findings.md @@ -0,0 +1,20 @@ +## Summary + +Container has new findings discovered during continuous monitoring. + + + +## Definition of Done +Justifications: +- [ ] All findings have been justified +- [ ] Justifications have been provided to the container hardening team + +Approval Process: +- [ ] Findings Approver has reviewed and approved all justifications +- [ ] Approval request has been sent to Authorizing Official +- [ ] Approval request has been processed by Authorizing Official + + + +/label ~"Container::New Findings" +/cc @ironbank-notifications/security \ No newline at end of file diff --git a/.gitlab/issue_templates/Onboarding Question.md b/.gitlab/issue_templates/Onboarding Question.md new file mode 100644 index 0000000..77dea11 --- /dev/null +++ b/.gitlab/issue_templates/Onboarding Question.md @@ -0,0 +1,7 @@ +## Onboarding question + +(Detailed description of the question you'd like to ask the onboarding team) + + +/label ~"Question::Onboarding" ~"To Do" +/cc @ironbank-notifications/onboarding \ No newline at end of file diff --git a/.gitlab/issue_templates/Pipeline Failure.md b/.gitlab/issue_templates/Pipeline Failure.md new file mode 100644 index 0000000..28b82a9 --- /dev/null +++ b/.gitlab/issue_templates/Pipeline Failure.md @@ -0,0 +1,31 @@ +## Summary + +(Summarize the pipeline issue encountered concisely) + + +## Link to failed pipeline + +(Link to the failed pipeline) + + +## What is the current bug behavior? + +(What actually happens) + + +## What is the expected correct behavior? + +(What you should see instead) + + +## Possible fixes + +(If you can, link to the line of code that might be responsible for the problem) + + +## Definition of Done +- [ ] Pipeline failure has been resolved + + +/label ~Pipeline +/cc @ironbank-notifications/pipelines \ No newline at end of file -- GitLab From 548aa6d3096b70f181c1a712bdcce8b79fc05a06 Mon Sep 17 00:00:00 2001 From: Hrdayesh Patel Date: Tue, 5 Jan 2021 11:06:40 -0500 Subject: [PATCH 2/7] Upgrade to latest SDE --- Dockerfile | 4 ++-- Jenkinsfile | 2 +- README.md | 22 ++++++---------------- download.yaml | 6 +++--- scripts/run_nginx.sh | 6 ++---- 5 files changed, 14 insertions(+), 26 deletions(-) diff --git a/Dockerfile b/Dockerfile index e4d53bf..bbf8b65 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,7 +6,7 @@ ARG BASE_TAG=1.19.2 # Down with the bloat FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} as extractor -ARG jitt_version=5.6.33 +ARG jitt_version=5.10.27 COPY /jitt-${jitt_version}.tar.gz / USER root @@ -16,7 +16,7 @@ RUN mkdir -p /jitt \ FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} -ARG jitt_version=5.6.33 +ARG jitt_version=5.10.27 ENV VENDOR=security-compass LABEL name="SD Elements Just In Time Training (JITT) Container" \ maintainer="devops-support@securitycompass.com" \ diff --git a/Jenkinsfile b/Jenkinsfile index 1f9f45a..8c971fd 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -1,2 +1,2 @@ @Library('DCCSCR@master') _ -dccscrPipeline(version: "5.6.33") +dccscrPipeline(version: "5.10.27") diff --git a/README.md b/README.md index 3b0a85c..03679e5 100644 --- a/README.md +++ b/README.md @@ -7,29 +7,19 @@ This container hosts SDElements Just In Time Training (JITT) content using Nginx ## Local build -1. Download NGINX version 1.19.0 as a tarball from `https://dcar.dsop.io/repomap/opensource/nginx/nginx`. For this example, we will use `nginx-1.19.0.tar` as the file downloaded. - - Load the tarball into docker - - ```bash - docker load -i nginx-1.19.0.tar - ``` - -2. Download the memcached tarball defined in `download.yaml`. The URL below is used as an example. Note -the version of memcached, in this case `5.6.33` +1. Download the memcached tarball defined in `download.yaml`. The URL below is used as an example. Note +the version of memcached, in this case `5.10.27` ```bash - wget --http-user=user --ask-password https://tar.sdelements.com/pulp/isos/Default_Organization/Library/custom/sde/SDElements_Dependency_RPMs/jitt-5.6.33.tar.gz + wget --http-user=user --ask-password https://tar.sdelements.com/pulp/isos/Default_Organization/Library/custom/sde/SDElements_Dependency_RPMs/jitt-5.10.27.tar.gz ``` -3. Use this command to build locally: +2. Use this command to build locally: ```bash - export jitt_version='5.6.33' && \ + clear && \ + export jitt_version='5.10.27' && \ docker build . -t localhost/security-compass/jitt/nginx-jitt:"local" \ - --build-arg BASE_REGISTRY="registry1.dsop.io" \ - --build-arg BASE_IMAGE="ironbank/opensource/nginx/nginx" \ - --build-arg BASE_TAG="1.19.2" --build-arg jitt_version="${jitt_version}" ``` diff --git a/download.yaml b/download.yaml index 93bc8da..7c6fff6 100644 --- a/download.yaml +++ b/download.yaml @@ -1,9 +1,9 @@ resources: - - url: "https://tar.sdelements.com/pulp/isos/Default_Organization/Library/custom/sde/SDElements_Dependency_RPMs/jitt-5.6.33.tar.gz" - filename: "jitt-5.6.33.tar.gz" + - url: "https://tar.sdelements.com/pulp/isos/Default_Organization/Library/custom/sde/SDElements_Dependency_RPMs/jitt-5.10.27.tar.gz" + filename: "jitt-5.10.27.tar.gz" validation: type: sha256 - value: "472ad942998b0a444e51637ccf8bda039c475ee4f0bccc714bd620485bb2d631" + value: "0d8b0a681b56375e7943c050564cf55b15148320064b59d91307f4c0a234a2d0" auth: type: "basic" id: "scompass-credential" diff --git a/scripts/run_nginx.sh b/scripts/run_nginx.sh index 9ac6af8..4d30faf 100755 --- a/scripts/run_nginx.sh +++ b/scripts/run_nginx.sh @@ -24,8 +24,7 @@ version='0.0.2' # Import the shell standard library source /bin/shtdlib_dccscr.sh - -# Dynamically figure add resolvers for nginx +# Dynamically add resolvers for nginx export NAMESERVERS="resolver $(grep nameserver /etc/resolv.conf | awk '{print $2}') valid=10s;" # Create config files @@ -40,5 +39,4 @@ done # Run nginx echo 'Starting nginx' -/usr/sbin/nginx -g 'daemon off;' || exit_on_fail -echo "Nginx exited with return code: ${?}" +exec /usr/sbin/nginx -g 'daemon off;' \ No newline at end of file -- GitLab From 5bb1281303adade147f741bcb8e4fdb39c441517 Mon Sep 17 00:00:00 2001 From: Hrdayesh Patel Date: Wed, 6 Jan 2021 17:11:38 -0500 Subject: [PATCH 3/7] Minor updates --- Dockerfile | 26 +++++++++++++------------- scripts/rtenvsub.sh | 4 ++-- 2 files changed, 15 insertions(+), 15 deletions(-) diff --git a/Dockerfile b/Dockerfile index bbf8b65..f4cd211 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,8 +10,8 @@ ARG jitt_version=5.10.27 COPY /jitt-${jitt_version}.tar.gz / USER root -RUN mkdir -p /jitt \ - && tar -zxf /jitt-${jitt_version}.tar.gz -C /jitt +RUN mkdir --parents /jitt \ + && tar --extract --gzip --file=/jitt-${jitt_version}.tar.gz --directory=/jitt FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} @@ -30,23 +30,23 @@ LABEL name="SD Elements Just In Time Training (JITT) Container" \ USER root RUN set -x \ - && dnf -y upgrade \ - && dnf -y install gettext \ + && dnf --assumeyes upgrade \ + && dnf --assumeyes install gettext \ && dnf clean all \ - && mkdir -p /var/nginx/proxy_temp \ - && mkdir -p /var/nginx/client_body_temp \ + && mkdir --parents /var/nginx/proxy_temp \ + && mkdir --parents /var/nginx/client_body_temp \ && chown nginx:root /var/nginx/proxy_temp \ && chown nginx:root /var/nginx/client_body_temp \ - && rm -f /etc/nginx/conf.d/* \ - && rm -f /etc/nginx/nginx.conf \ - && rm -f /var/log/nginx/access.log \ - && rm -f /var/log/nginx/error.log \ + && rm --force /etc/nginx/conf.d/* \ + && rm --force /etc/nginx/nginx.conf \ + && rm --force /var/log/nginx/access.log \ + && rm --force /var/log/nginx/error.log \ && groupadd --gid 49 www-data \ && usermod nginx --groups www-data \ && mkdir --mode 2775 --parents /etc/nginx /var/log/nginx /var/cache/nginx \ - ; chown --recursive www-data:www-data /etc/nginx \ - ; find /etc/nginx/ -type d -exec chmod g+rwx {} \; \ - ; chown --recursive nginx:www-data /var/log/nginx /var/cache/nginx + && chown --recursive nginx:www-data /etc/nginx \ + && find /etc/nginx/ -type d -exec chmod g+rwx {} \; \ + && chown --recursive nginx:www-data /var/log/nginx /var/cache/nginx COPY --from=extractor /jitt /jitt/ COPY /scripts/rtenvsub.sh /bin/rtenvsub.sh diff --git a/scripts/rtenvsub.sh b/scripts/rtenvsub.sh index 3377536..5ef3f8c 100755 --- a/scripts/rtenvsub.sh +++ b/scripts/rtenvsub.sh @@ -256,7 +256,7 @@ function inotify_looper { echo "Filesystem object removed from source, removing from mirror" echo "Source: ${fs_object} Pipe: ${mirror_object}" if [ -f "${fs_object}" ] ; then - rm -f "${mirror_object}" + rm --force "${mirror_object}" elif [ -d "${fs_object}" ] ; then rmdir "${mirror_object}" fi @@ -324,7 +324,7 @@ function mirror_envsubst_paths { else for file in "${files[@]:-}"; do if ${dev_mode} ; then - add_on_sig "rm -f ${destination}${file#${full_path}}" + add_on_sig "rm --force ${destination}${file#${full_path}}" fi if ${nofifo} ; then render_file "${destination}" "${file}" "${full_path}" -- GitLab From 79b4646eee036d11e0d5b0056ba08d49534efd40 Mon Sep 17 00:00:00 2001 From: Hrdayesh Patel Date: Thu, 7 Jan 2021 15:02:09 -0500 Subject: [PATCH 4/7] Manifest update --- Dockerfile | 12 +++------ Jenkinsfile | 2 -- download.yaml | 9 ------- hardening_manifest.yaml | 55 +++++++++++++++++++++++++++++++++++++++++ 4 files changed, 58 insertions(+), 20 deletions(-) delete mode 100644 Jenkinsfile delete mode 100644 download.yaml create mode 100644 hardening_manifest.yaml diff --git a/Dockerfile b/Dockerfile index f4cd211..0640e77 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -ARG BASE_REGISTRY=registry1.dsop.io +ARG BASE_REGISTRY=registry1.dsop.mil ARG BASE_IMAGE=ironbank/opensource/nginx/nginx ARG BASE_TAG=1.19.2 @@ -17,14 +17,8 @@ RUN mkdir --parents /jitt \ FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} ARG jitt_version=5.10.27 -ENV VENDOR=security-compass -LABEL name="SD Elements Just In Time Training (JITT) Container" \ - maintainer="devops-support@securitycompass.com" \ - vendor="Security Compass Ltd." \ - version="${jitt_version}" \ - release='1' \ - summary="SD Elements Automatically Builds In And Enables Compliance Throughout The Software Lifecycle." \ - description="SD Elements automatically identifies and classifies risks and translates complex requirements into actionable tasks that are assigned to your personnel to improve your security posture. It automates Risk Assessments, Threat Modeling, Secure Development, and Regulatory Compliance - at scale." + +LABEL type="ironbank" USER root diff --git a/Jenkinsfile b/Jenkinsfile deleted file mode 100644 index 8c971fd..0000000 --- a/Jenkinsfile +++ /dev/null @@ -1,2 +0,0 @@ -@Library('DCCSCR@master') _ -dccscrPipeline(version: "5.10.27") diff --git a/download.yaml b/download.yaml deleted file mode 100644 index 7c6fff6..0000000 --- a/download.yaml +++ /dev/null @@ -1,9 +0,0 @@ -resources: - - url: "https://tar.sdelements.com/pulp/isos/Default_Organization/Library/custom/sde/SDElements_Dependency_RPMs/jitt-5.10.27.tar.gz" - filename: "jitt-5.10.27.tar.gz" - validation: - type: sha256 - value: "0d8b0a681b56375e7943c050564cf55b15148320064b59d91307f4c0a234a2d0" - auth: - type: "basic" - id: "scompass-credential" diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml new file mode 100644 index 0000000..11ab552 --- /dev/null +++ b/hardening_manifest.yaml @@ -0,0 +1,55 @@ +--- +apiVersion: v1 + +# The repository name in registry1, excluding /ironbank/ +name: "security-compass/jitt/nginx" + +# List of tags to push for the repository in registry1 +# The most specific version should be the first tag and will be shown +# on ironbank.dsop.io +tags: +- "5.10.27" +- "latest" + +# Build args passed to Dockerfile ARGs +args: + BASE_IMAGE: "opensource/nginx/nginx" + BASE_TAG: "1.19.2" + +# Docker image labels +labels: + # Name of the image + org.opencontainers.image.title: "nginx" + # Human-readable description of the software packaged in the image + org.opencontainers.image.description: "SD Elements automatically identifies and classifies risks and translates complex requirements into actionable tasks that are assigned to your personnel to improve your security posture. It automates Risk Assessments, Threat Modeling, Secure Development, and Regulatory Compliance - at scale." + # License(s) under which contained software is distributed + org.opencontainers.image.licenses: "Commercial" + # URL to find more information on the image + org.opencontainers.image.url: "https://docs.sdelements.com" + # Name of the distributing entity, organization or individual + org.opencontainers.image.vendor: "Security Compass Ltd." + # Authoritative version of the software + org.opencontainers.image.version: "12.5" + # Keywords to help with search (ex. "cicd,gitops,golang") + mil.dso.ironbank.image.keywords: "nginx,webserver,jitt,training,security,appsec,code,secure" + # This value can be "opensource" or "commercial" + mil.dso.ironbank.image.type: "commercial" + # Product the image belongs to for grouping multiple images + mil.dso.ironbank.product.name: "security-compass/jitt" + +# List of resources to make available to the offline build context +resources: + - url: "https://tar.sdelements.com/pulp/isos/Default_Organization/Library/custom/sde/SDElements_Dependency_RPMs/jitt-5.10.27.tar.gz" + filename: "jitt-5.10.27.tar.gz" + validation: + type: sha256 + value: "0d8b0a681b56375e7943c050564cf55b15148320064b59d91307f4c0a234a2d0" + +# List of project maintainers +maintainers: +- name: "Hrdayesh Patel" + username: "hpatel" + email: "hpatel@securitycompass.com" +- name: "Matthew Chum" + username: "mchum" + email: "mchum@securitycompass.com" -- GitLab From 46a3107c95ab78cbe9842a6d6e1e806419b68e63 Mon Sep 17 00:00:00 2001 From: Hrdayesh Patel Date: Thu, 7 Jan 2021 15:14:46 -0500 Subject: [PATCH 5/7] Manifest auth fix --- hardening_manifest.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml index 11ab552..123eb97 100644 --- a/hardening_manifest.yaml +++ b/hardening_manifest.yaml @@ -44,6 +44,9 @@ resources: validation: type: sha256 value: "0d8b0a681b56375e7943c050564cf55b15148320064b59d91307f4c0a234a2d0" + auth: + type: basic + id: scompass # List of project maintainers maintainers: -- GitLab From d0e588248d30c8ad6c94459de0b6df23d4b7bf04 Mon Sep 17 00:00:00 2001 From: Hrdayesh Patel Date: Thu, 7 Jan 2021 15:57:24 -0500 Subject: [PATCH 6/7] Fix auth --- hardening_manifest.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml index 123eb97..8fe81e6 100644 --- a/hardening_manifest.yaml +++ b/hardening_manifest.yaml @@ -45,8 +45,8 @@ resources: type: sha256 value: "0d8b0a681b56375e7943c050564cf55b15148320064b59d91307f4c0a234a2d0" auth: - type: basic - id: scompass + type: "basic" + id: "scompass-credential" # List of project maintainers maintainers: -- GitLab From a53234ee8949824426b77f17134113460014bbaf Mon Sep 17 00:00:00 2001 From: Hrdayesh Patel Date: Thu, 7 Jan 2021 16:50:45 -0500 Subject: [PATCH 7/7] Fix tyop --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 0640e77..9e0ebbb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -ARG BASE_REGISTRY=registry1.dsop.mil +ARG BASE_REGISTRY=registry1.dso.mil ARG BASE_IMAGE=ironbank/opensource/nginx/nginx ARG BASE_TAG=1.19.2 -- GitLab