diff --git a/Dockerfile b/Dockerfile index 1bf3a498e2f3422923c439a897d254d6cdb8ac6f..e4c682bafc1f55ec6971ff31c7b803a9778034bc 100644 --- a/Dockerfile +++ b/Dockerfile @@ -7,8 +7,8 @@ FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} LABEL name="Solutions Delivery Platform: OWASP Dependency Check" \ maintainer="terrana_steven@bah.com" \ vendor="Booz Allen Hamilton" \ - version="5.2.4" \ - release="5.2.4" \ + version="5.3.1" \ + release="5.3.1" \ summary="OWASP Dependency Check container" \ description="The OWASP Dependency Check container image for the Solutions Delivery Platform" @@ -16,7 +16,7 @@ LABEL name="Solutions Delivery Platform: OWASP Dependency Check" \ COPY LICENSE /licenses ### Install packages from ubi base repo -RUN INSTALL_PKGS="java-1.8.0-openjdk-devel ruby ruby-devel unzip" && \ +RUN INSTALL_PKGS="java-1.8.0-openjdk ruby mono-devel unzip" && \ yum update -y \ --disablerepo="*" \ --enablerepo="*ubi-7*" \ @@ -34,33 +34,37 @@ RUN INSTALL_PKGS="java-1.8.0-openjdk-devel ruby ruby-devel unzip" && \ [ ! -d /var/cache/yum ] || rm -rf /var/cache/yum ### Arguments and Environment variables -ENV user dependencycheck -ARG SDP_BUILD_DEPENDENCY_VERSION="dcar-0.3" -ENV OWASP_DEP_CHK_VERSION 5.2.4 +ARG SDP_BUILD_DEPENDENCY_VERSION="dcar-0.7" +ENV OWASP_DEP_CHK_VERSION 5.3.1 +ENV HOME /root +ENV JAVA_HOME /usr/lib/jvm/java + +ARG user=dependencycheck ### Fetch dependency bundle RUN mkdir /root/tmp COPY owasp-dep-check-dependencies-$SDP_BUILD_DEPENDENCY_VERSION.tar.gz /root/tmp/owasp-dep-check-dependencies-$OWASP_DEP_CHK_VERSION.tar.gz -### Install mono-devel +### Install ruby dependencies RUN cd /root/tmp && \ tar -xzf owasp-dep-check-dependencies-$OWASP_DEP_CHK_VERSION.tar.gz && \ - rpm -ivh --replacepkgs --replacefiles /root/tmp/dependencies/mono-devel/*.rpm && \ - rm /root/tmp/owasp-dep-check-dependencies-$OWASP_DEP_CHK_VERSION.tar.gz + gem install --force --local /root/tmp/dependencies/rubygems-update/*.gem --no-document --no-rdoc --no-ri && \ + update_rubygems --no-document --no-rdoc --no-ri && \ + gem install --force --local /root/tmp/dependencies/bundle-audit/*.gem --no-document --no-rdoc --no-ri && \ + gem cleanup -### Install ruby dependencies +### Install mono-devel RUN cd /root/tmp && \ - gem install --force --local /root/tmp/dependencies/rubygems-update/*.gem && \ - update_rubygems && \ - gem install --force --local /root/tmp/dependencies/bundle-audit/*.gem && \ - gem cleanup + rpm -ivh --replacepkgs --replacefiles /root/tmp/dependencies/mono-devel/*.rpm + ### Install OWASP Dependency Check binaries RUN cd /root/tmp/dependencies/owasp && \ unzip dependency-check-${OWASP_DEP_CHK_VERSION}-release.zip && \ rm dependency-check-${OWASP_DEP_CHK_VERSION}-release.zip && \ mv dependency-check /usr/share/ && \ - rm -rf /root/tmp/dependencies + rm -rf /root/tmp/* && \ + rm -rf /usr/local/share/gems/gems/rubygems-update-2.7.10/test # Add user, create required directories and cleanup RUN useradd -ms /bin/bash ${user} && \ diff --git a/Jenkinsfile b/Jenkinsfile index b99324cb7817885350e11746734f987bfb6ba78d..50958ffb1f5705ddd54336f6822848d2d2841214 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -1,2 +1,2 @@ @Library('DCCSCR@master') _ -dccscrPipeline(version: "5.2.4") +dccscrPipeline(version: "5.3.1") diff --git a/README.md b/README.md index c2e17d484f311e37c2c1036e6af44e66de07dcd1..8665a2e1c96d770085eb635d7adfa91a35f33712 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# OWASP Dependency Check Container Version 5.2.4 +# OWASP Dependency Check Container Version 5.3.1 (Based on UBI7 base image) ## Introduction diff --git a/download.yaml b/download.yaml index 1a956e3ce0bc17c1e0d167001527b89675d21dcb..338507a176e809ce438343b0f2198fdd3b02ba49 100644 --- a/download.yaml +++ b/download.yaml @@ -1,6 +1,6 @@ resources: - - url: "https://github.com/boozallen/sdp-images/releases/download/dcar-0.3/owasp-dep-check-dependencies-dcar-0.3.tar.gz" - filename: "owasp-dep-check-dependencies-dcar-0.3.tar.gz" + - url: "https://github.com/boozallen/sdp-images/releases/download/dcar-0.7/owasp-dep-check-dependencies-dcar-0.7.tar.gz" + filename: "owasp-dep-check-dependencies-dcar-0.7.tar.gz" validation: type: "sha256" - value: "4e885b2cf44aa7a27dd16727e8e3e01011498ab9b5fca2e27dc1fc6935b0d3f3" + value: "b64e93be6d8864913f201da3c091cbf3a0efc8e0361074d58b371abefd66093a"