From 71bb559d3c862ebef67d7d9cf67a5cededf68a68 Mon Sep 17 00:00:00 2001 From: ironbank-bot Date: Thu, 10 Dec 2020 01:24:45 +0000 Subject: [PATCH] Migrate to hardening_manifest.yaml --- Dockerfile | 7 ----- Jenkinsfile | 2 -- download.yaml | 6 ----- hardening_manifest.yaml | 58 +++++++++++++++++++++++++++++++++++++++++ 4 files changed, 58 insertions(+), 15 deletions(-) delete mode 100644 Jenkinsfile delete mode 100644 download.yaml create mode 100644 hardening_manifest.yaml diff --git a/Dockerfile b/Dockerfile index db9399e..47750b7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,13 +5,6 @@ FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} ### Required Atomic/OpenShift Labels - https://github.com/projectatomic/ContainerApplicationGenericLabels -LABEL name="Solutions Delivery Platform: OWASP Dependency Check" \ - maintainer="terrana_steven@bah.com" \ - vendor="Booz Allen Hamilton" \ - version="6.0.3" \ - release="6.0.3" \ - summary="OWASP Dependency Check container" \ - description="The OWASP Dependency Check container image for the Solutions Delivery Platform" USER root diff --git a/Jenkinsfile b/Jenkinsfile deleted file mode 100644 index bc0fefd..0000000 --- a/Jenkinsfile +++ /dev/null @@ -1,2 +0,0 @@ -@Library('DCCSCR@master') _ -dccscrPipeline(version: "6.0.3") diff --git a/download.yaml b/download.yaml deleted file mode 100644 index 68b3941..0000000 --- a/download.yaml +++ /dev/null @@ -1,6 +0,0 @@ -resources: - - url: "https://github.com/boozallen/sdp-images/releases/download/dcar-1.7/owasp-dep-check-dependencies-dcar-1.7.tar.gz" - filename: "owasp-dep-check-dependencies-dcar-1.7.tar.gz" - validation: - type: "sha256" - value: "5149b91bbb24ea18da7e692e15aa1cd0c61262072125830d263ccc1be43f54ad" diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml new file mode 100644 index 0000000..69cd941 --- /dev/null +++ b/hardening_manifest.yaml @@ -0,0 +1,58 @@ +--- +apiVersion: v1 + +# The repository name in registry1, excluding /ironbank/ +name: "solutions-delivery-platform/dependency-check/dependency-check" + +# List of tags to push for the repository in registry1 +# The most specific version should be the first tag and will be shown +# on ironbank.dsop.io +tags: +- "6.0.3" +- "latest" + +# Build args passed to Dockerfile ARGs +args: + BASE_IMAGE: "redhat/ubi/ubi8" + BASE_TAG: "8.3" + +# Docker image labels +labels: + org.opencontainers.image.title: "dependency-check" + ## Human-readable description of the software packaged in the image + # org.opencontainers.image.description: "FIXME" + ## License(s) under which contained software is distributed + # org.opencontainers.image.licenses: "FIXME" + ## URL to find more information on the image + # org.opencontainers.image.url: "FIXME" + ## Name of the distributing entity, organization or individual + # org.opencontainers.image.vendor: "FIXME" + org.opencontainers.image.version: "6.0.3" + ## Keywords to help with search (ex. "cicd,gitops,golang") + # mil.dso.ironbank.image.keywords: "FIXME" + ## This value can be "opensource" or "commercial" + # mil.dso.ironbank.image.type: "FIXME" + ## Product the image belongs to for grouping multiple images + # mil.dso.ironbank.product.name: "FIXME" + +# List of resources to make available to the offline build context +resources: +- filename: owasp-dep-check-dependencies-dcar-1.7.tar.gz + url: https://github.com/boozallen/sdp-images/releases/download/dcar-1.7/owasp-dep-check-dependencies-dcar-1.7.tar.gz + validation: + type: sha256 + value: 5149b91bbb24ea18da7e692e15aa1cd0c61262072125830d263ccc1be43f54ad + +# List of project maintainers +# FIXME: Fill in the following details for the current container owner in the whitelist +# FIXME: Include any other vendor information if applicable +maintainers: +- email: "hojeda@redhat.com" +# # The name of the current container owner +# name: "FIXME" +# # The gitlab username of the current container owner +# username: "FIXME" +# cht_member: true # FIXME: Uncomment if the maintainer is a member of CHT +# - name: "FIXME" +# username: "FIXME" +# email: "FIXME" -- GitLab