diff --git a/Dockerfile b/Dockerfile index c4c61abc71879416932fd9dfbf6c3acabc86f97b..db9399e0114fdd3a79a0d16bc959166a47093b1a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,22 +1,25 @@ ARG BASE_REGISTRY=registry1.dsop.io -ARG BASE_IMAGE=redhat/ubi/ubi8 -ARG BASE_TAG=8.3 +ARG BASE_IMAGE=redhat/openjdk/openjdk8 +ARG BASE_TAG=1.8.0 FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} + ### Required Atomic/OpenShift Labels - https://github.com/projectatomic/ContainerApplicationGenericLabels LABEL name="Solutions Delivery Platform: OWASP Dependency Check" \ maintainer="terrana_steven@bah.com" \ vendor="Booz Allen Hamilton" \ - version="5.3.2" \ - release="5.3.2" \ + version="6.0.3" \ + release="6.0.3" \ summary="OWASP Dependency Check container" \ description="The OWASP Dependency Check container image for the Solutions Delivery Platform" +USER root + ### add licenses to this directory COPY LICENSE /licenses ### Install packages from ubi base repo -RUN INSTALL_PKGS="java-1.8.0-openjdk ruby unzip" && \ +RUN INSTALL_PKGS="ruby unzip" && \ yum clean metadata && \ yum -y update --setopt=tsflags=nodocs && \ yum -y install --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ @@ -27,8 +30,8 @@ RUN INSTALL_PKGS="java-1.8.0-openjdk ruby unzip" && \ ### Arguments and Environment variables ENV user dependencycheck -ARG SDP_BUILD_DEPENDENCY_VERSION="dcar-1.1" -ENV OWASP_DEP_CHK_VERSION 5.3.2 +ARG SDP_BUILD_DEPENDENCY_VERSION="dcar-1.7" +ENV OWASP_DEP_CHK_VERSION 6.0.3 ### Fetch dependency bundle RUN mkdir /root/tmp diff --git a/Jenkinsfile b/Jenkinsfile index 949099586546d6db0e414ca3f27d6c9b91d97321..bc0fefdc3a987bdac04f87e3043a5151d6a7de11 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -1,2 +1,2 @@ @Library('DCCSCR@master') _ -dccscrPipeline(version: "5.3.2") +dccscrPipeline(version: "6.0.3") diff --git a/README.md b/README.md index 0378ce539aebdaf109089a6a36bd0414959dbb1f..f32785c7eb5a32e59642fe9aedffafef4a7e8fcc 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# OWASP Dependency Check Container Version 5.3.2 +# OWASP Dependency Check Container Version 6.0.3 ## Introduction @@ -11,7 +11,7 @@ The following is a list of variables: ARG BASE_REGISTRY = defines the registry portion of the OS image to be used in the FROM command. ARG BASE_IMAGE = defines the image portion of the OS image to be used in the FROM command. ARG BASE_TAG = defines the tag portion of the OS image to be used in the FROM command. -ARG SDP_BUILD_DEPENDENCY_VERSION = defines the release in https://github.com/boozallen/sdp-images/releases that the dependency bundle should be pulled from - default dcar-0.9 +ARG SDP_BUILD_DEPENDENCY_VERSION = defines the release in https://github.com/boozallen/sdp-images/releases that the dependency bundle should be pulled from - default dcar-1.7 ``` Recommended resources for the image: diff --git a/download.yaml b/download.yaml index f8e13bd5e9b5e2c744337a8ec949f78f399f3ad5..68b39413c3571b5258fc9477f40b56dfa6c753e5 100644 --- a/download.yaml +++ b/download.yaml @@ -1,6 +1,6 @@ resources: - - url: "https://github.com/boozallen/sdp-images/releases/download/dcar-1.1/owasp-dep-check-dependencies-dcar-1.1.tar.gz" - filename: "owasp-dep-check-dependencies-dcar-1.1.tar.gz" + - url: "https://github.com/boozallen/sdp-images/releases/download/dcar-1.7/owasp-dep-check-dependencies-dcar-1.7.tar.gz" + filename: "owasp-dep-check-dependencies-dcar-1.7.tar.gz" validation: type: "sha256" - value: "650c054fba0881434aa50d099fbdf1f0d7bbca7add3eb2aaf6e672158997e448" + value: "5149b91bbb24ea18da7e692e15aa1cd0c61262072125830d263ccc1be43f54ad"