diff --git a/Dockerfile b/Dockerfile index 97f722351c5d213eb4714ec3b070db5a30e53477..6dad5a5b455003be5095186c9922039ac7f4e587 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,16 +1,9 @@ -ARG BASE_REGISTRY=registry.access.redhat.com -ARG BASE_IMAGE=ubi8/ubi -ARG BASE_TAG=8.2 +ARG BASE_REGISTRY=registry1.dso.mil +ARG BASE_IMAGE=ironbank/redhat/ubi/ubi8 +ARG BASE_TAG=8.3 FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} -LABEL name="Coverity SAST Server" \ - maintainer="kumykov@synopsys.com" \ - vendor="Synopsys" \ - version="2020.03" \ - release="1" \ - summary="Coverity SAST Server Image" \ - description="Coverity SAST Server Image" # Give children and other processes 5 minutes to timeout ENV VENDOR=Synopsys \ diff --git a/Jenkinsfile b/Jenkinsfile deleted file mode 100644 index 829c02ae34b717be83362d78d044dae08d4e4a1a..0000000000000000000000000000000000000000 --- a/Jenkinsfile +++ /dev/null @@ -1,10 +0,0 @@ -@Library('DCCSCR@master') _ -dccscrPipeline(version: "1.4.2") - -/* Optional parameters: -dccscrPipeline(contributor: "synopsys", - product: "coverity", - image: "coverity", - version: "2019.09") -*/ - diff --git a/download.yaml b/download.yaml deleted file mode 100644 index 0e4089facfb5d97f024198284a49591cae4e22ea..0000000000000000000000000000000000000000 --- a/download.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -resources: - - url: https://dccscr-projects.s3.amazonaws.com/coverity/2020.03/coverity-platform-linux64-2020.03.tar.gz - filename: coverity-platform-linux64-2020.03.tar.gz - validation: - type: sha256 - value: 7787d2c8114cdedb2307839f29fac00afaa6c94f0b4d5c6508eec688e222e714 diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml new file mode 100644 index 0000000000000000000000000000000000000000..a71f196cbacde805a4ad1d47fb378b720c08c848 --- /dev/null +++ b/hardening_manifest.yaml @@ -0,0 +1,53 @@ +--- +apiVersion: v1 + +# The repository name in registry1, excluding /ironbank/ +name: "synopsys/coverity/coverity" + +# List of tags to push for the repository in registry1 +# The most specific version should be the first tag and will be shown +# on ironbank.dsop.io +tags: +- "1.4.2" +- "latest" + +# Build args passed to Dockerfile ARGs +args: + BASE_IMAGE: "redhat/ubi/ubi8" + BASE_TAG: "8.3" + +# Docker image labels +labels: + org.opencontainers.image.title: "coverity" + ## Human-readable description of the software packaged in the image + org.opencontainers.image.description: "Backend/UI container for Coverity Platform" + ## License(s) under which contained software is distributed + org.opencontainers.image.licenses: "Synopsys proprietary License" + ## URL to find more information on the image + org.opencontainers.image.url: "coverity" + ## Name of the distributing entity, organization or individual + org.opencontainers.image.vendor: "Synopsys, Inc." + org.opencontainers.image.version: "1.4.2" + ## Keywords to help with search (ex. "cicd,gitops,golang") + mil.dso.ironbank.image.keywords: "SAST" + ## This value can be "opensource" or "commercial" + mil.dso.ironbank.image.type: "commercial" + ## Product the image belongs to for grouping multiple images + mil.dso.ironbank.product.name: "Coverity" + +# List of resources to make available to the offline build context +resources: +- filename: coverity-platform-linux64-2020.03.tar.gz + url: https://dccscr-projects.s3.amazonaws.com/coverity/2020.03/coverity-platform-linux64-2020.03.tar.gz + validation: + type: sha256 + value: 7787d2c8114cdedb2307839f29fac00afaa6c94f0b4d5c6508eec688e222e714 + +# List of project maintainers +# FIXME: Fill in the following details for the current container owner in the whitelist +# FIXME: Include any other vendor information if applicable +maintainers: +- email: "kumykov@synopsys.com" + name: "Murat Kumykov" + username: "kumykov" + cht_member: false