diff --git a/Dockerfile b/Dockerfile
index 7ec24c58ba8d930831ddc9ee7a58b2dae09ab7c7..5620f090d06e21b8f15d0a71b3bed989f081ca51 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,17 +2,11 @@ ARG BASE_REGISTRY=registry1.dsop.io
 ARG BASE_IMAGE=ironbank/redhat/openjdk/openjdk11
 ARG BASE_TAG=1.11
 
-FROM sonarqube:8.5-community AS build
+FROM sonarqube:8.6-community AS build
 
 FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG}
 
-LABEL org.opencontainers.image.title="SonarQube" \
-      org.opencontainers.image.description="SonarQube is an automatic code review tool to detect bugs, vulnerabilities and code smells in your code." \
-      org.opencontainers.image.licenses="LGPL-3.0-only" \
-      org.opencontainers.image.version="8.5-community" \
-      maintainer="SonarSource"
-
-ARG SONARQUBE_VERSION="8.5-community"
+ARG SONARQUBE_VERSION="8.6-community"
 ENV SONAR_VERSION="${SONARQUBE_VERSION}" \
     SONARQUBE_HOME="/opt/sonarqube" \
     SQ_DATA_DIR="/opt/sonarqube/data" \
diff --git a/Jenkinsfile b/Jenkinsfile
deleted file mode 100644
index c3e3b9eb6ef9ed47da4acc997e01dbb0714ac0b6..0000000000000000000000000000000000000000
--- a/Jenkinsfile
+++ /dev/null
@@ -1,2 +0,0 @@
-@Library('DCCSCR@master') _
-dccscrPipeline(version: "8.5-community")
diff --git a/Kptfile b/Kptfile
index 4987f30305c0b089cd054936f14f4556afc53f0d..b10b47ae78c96b48527ef776f8e40ca6bd20a4cc 100644
--- a/Kptfile
+++ b/Kptfile
@@ -9,5 +9,5 @@ dependencies:
     git:
         repo: https://github.com/SonarSource/docker-sonarqube
         directory: /8/community
-        ref: 8.5.1
+        ref: 8.6
     updateStrategy: resource-merge
diff --git a/download.yaml b/download.yaml
deleted file mode 100644
index d705595c14cae09a2aece358af0a0343cb17ba3f..0000000000000000000000000000000000000000
--- a/download.yaml
+++ /dev/null
@@ -1,4 +0,0 @@
----
-resources:
-  - url: docker://docker.io/library/sonarqube@sha256:3444998c3219ea0490ed583b536ff9ba5031920603442680f5123b0628506d28
-    tag: sonarqube:8.5-community
diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..0e3eb4a7ffcd48cc416e8f8b2ffb18cde610f52a
--- /dev/null
+++ b/hardening_manifest.yaml
@@ -0,0 +1,50 @@
+---
+apiVersion: v1
+
+# The repository name in registry1, excluding /ironbank/
+name: "sonarsource/sonarqube/sonarqube8-community"
+
+# List of tags to push for the repository in registry1
+# The most specific version should be the first tag and will be shown
+# on ironbank.dsop.io
+tags:
+- "8.6-community"
+- "latest"
+
+# Build args passed to Dockerfile ARGs
+args:
+  BASE_IMAGE: "redhat/openjdk/openjdk11"
+  BASE_TAG: "1.11"
+
+# Docker image labels
+labels:
+  org.opencontainers.image.title: "sonarqube8-community"
+  ## Human-readable description of the software packaged in the image
+  org.opencontainers.image.description: "SonarQube is an automatic code review tool to detect bugs, vulnerabilities and code smells in your code."
+  ## License(s) under which contained software is distributed
+  org.opencontainers.image.licenses: "LGPL-3.0-only"
+  ## URL to find more information on the image
+  org.opencontainers.image.url: "https://docs.sonarqube.org/latest/"
+  ## Name of the distributing entity, organization or individual
+  org.opencontainers.image.vendor: "SonarSource SA"
+  org.opencontainers.image.version: "8.6-community"
+  ## Keywords to help with search (ex. "cicd,gitops,golang")
+  mil.dso.ironbank.image.keywords: "cicd,devops,sast,review"
+  ## This value can be "opensource" or "commercial"
+  mil.dso.ironbank.image.type: "opensource"
+  ## Product the image belongs to for grouping multiple images
+  mil.dso.ironbank.product.name: "SonarQube"
+
+# List of resources to make available to the offline build context
+resources:
+- url: docker://docker.io/library/sonarqube@sha256:993b79a45e985a36046327759ecc76d711dfde123ed11944d32a3282d66758cb
+  tag: sonarqube:8.6-community
+
+# List of project maintainers
+maintainers:
+- name: "Tobias Trabelsi"
+  username: "ttrabelsi"
+- name: "Sean Melissari"
+  username: "sean.melissari"
+  email: "melissari_sean@bah.com"
+  cht_member: true
diff --git a/renovate.json b/renovate.json
index 69654f76ae367afa1ff6cda71dd11845211b4d5f..1ff40b9a1f54bc44cfb1969f11ed837aae5a16b4 100644
--- a/renovate.json
+++ b/renovate.json
@@ -1,13 +1,23 @@
 {
-  "assignees": ["@sean.melissari"],
-  "baseBranches": ["development"],
+  "assignees": [
+    "@sean.melissari"
+  ],
+  "baseBranches": [
+    "development"
+  ],
   "postUpgradeTasks": {
-    "commands": ["kpt pkg sync ."],
-    "fileFilters": ["scripts/*"]
+    "commands": [
+      "kpt pkg sync ."
+    ],
+    "fileFilters": [
+      "scripts/*"
+    ]
   },
   "regexManagers": [
     {
-      "fileMatch": ["^Dockerfile$"],
+      "fileMatch": [
+        "^Dockerfile$"
+      ],
       "matchStrings": [
         "version=\"(?<currentValue>.*?)\""
       ],
@@ -16,7 +26,9 @@
       "versioningTemplate": "docker"
     },
     {
-      "fileMatch": ["^Dockerfile$"],
+      "fileMatch": [
+        "^Dockerfile$"
+      ],
       "matchStrings": [
         "SONARQUBE_VERSION=\"(?<currentValue>.*?)\""
       ],
@@ -25,22 +37,37 @@
       "versioningTemplate": "docker"
     },
     {
-      "fileMatch": ["^Jenkinsfile$"],
+      "fileMatch": [
+        "^Kptfile$"
+      ],
+      "matchStrings": [
+        "\\s+ref:\\s+(?<currentValue>.*?)\n"
+      ],
+      "depNameTemplate": "SonarSource/docker-sonarqube",
+      "datasourceTemplate": "github-tags",
+      "versioningTemplate": "loose"
+    },
+    {
+      "fileMatch": [
+        "^hardening_manifest.yaml$"
+      ],
       "matchStrings": [
-        "version:\\s+\"(?<currentValue>.*?)\""
+        "org\\.opencontainers\\.image\\.version:\\s+\"(?<currentValue>.+?)\""
       ],
       "depNameTemplate": "sonarqube",
       "datasourceTemplate": "docker",
       "versioningTemplate": "docker"
     },
     {
-      "fileMatch": ["^Kptfile$"],
+      "fileMatch": [
+        "^hardening_manifest.yaml$"
+      ],
       "matchStrings": [
-        "\\s+ref:\\s+(?<currentValue>.*?)\n"
+        "tags:\\s+-\\s+\"(?<currentValue>.+?)\""
       ],
-      "depNameTemplate": "SonarSource/docker-sonarqube",
-      "datasourceTemplate": "github-tags",
-      "versioningTemplate": "loose"
+      "depNameTemplate": "sonarqube",
+      "datasourceTemplate": "docker",
+      "versioningTemplate": "docker"
     }
   ]
-}
+}
\ No newline at end of file
diff --git a/scripts/Kptfile b/scripts/Kptfile
index b8e3ac9a3c017e9cd3c656d0e668678eed678b67..db75fc51c7bede1ed3a81c19a8c101c036aec24b 100644
--- a/scripts/Kptfile
+++ b/scripts/Kptfile
@@ -5,10 +5,10 @@ metadata:
 upstream:
     type: git
     git:
-        commit: 080756681fa616580101c685dd08f6cb0d328bb6
+        commit: cccf2b692431e2eca2bb77ab9ae749b2b54ddf6a
         repo: https://github.com/SonarSource/docker-sonarqube
         directory: /8/community
-        ref: 8.5.1
+        ref: "8.6"
 packageMetadata:
     shortDescription: vendor scripts sync
 dependencies:
@@ -16,5 +16,5 @@ dependencies:
     git:
         repo: https://github.com/SonarSource/docker-sonarqube
         directory: /8/community
-        ref: 8.5.1
+        ref: "8.6"
     updateStrategy: resource-merge