From 913be8c76599913f07d6698d3d6beede796333a8 Mon Sep 17 00:00:00 2001 From: ryryryan Date: Mon, 21 Jun 2021 14:12:44 +0000 Subject: [PATCH] Initial hardening manifest file --- hardening_manifest.yaml | 57 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 57 insertions(+) create mode 100644 hardening_manifest.yaml diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml new file mode 100644 index 0000000..b9821fc --- /dev/null +++ b/hardening_manifest.yaml @@ -0,0 +1,57 @@ +apiVersion: v1 +# The repository name in registry1, excluding /ironbank/ +name: "sysdig/cloudsecurity/admission-controller-3.2.0" +# List of tags to push for the repository in registry1 +# The most specific version should be the first tag and will be shown +# on ironbank.dsop.io +tags: + - "3.2.0" + - "latest" +# Build args passed to Dockerfile ARGs +args: + BASE_IMAGE: "redhat/ubi/ubi8-minimal" + BASE_TAG: "8.4" +# Docker image labels +labels: + org.opencontainers.image.title: "admission-controller-5.3" + ## Human-readable description of the software packaged in the image + org.opencontainers.image.description: "Sysdig - Admission Controller" + ## License(s) under which contained software is distributed + org.opencontainers.image.licenses: "proprietary" + ## URL to find more information on the image + # org.opencontainers.image.url: "FIXME" + ## Name of the distributing entity, organization or individual + org.opencontainers.image.vendor: "Sysdig" + org.opencontainers.image.version: "3.2.0" + ## Keywords to help with search (ex. "cicd,gitops,golang") + # mil.dso.ironbank.image.keywords: "FIXME" + ## This value can be "opensource" or "commercial" + mil.dso.ironbank.image.type: "commercial" + ## Product the image belongs to for grouping multiple images + # mil.dso.ironbank.product.name: "FIXME" + + com.sysdig.builddate: "2021-06-16T06:38:36" + com.sysdig.commit: "7ba1422" + com.sysdig.component: "admission-controller" + com.sysdig.release: "3.2.0" + com.sysdig.version: "3.2.0" + com.sysdig.dod.commit: "2dd05a9" + com.sysdig.dod.builddate: "2021-06-16T07:38:00" + com.sysdig.baseimage: "registry1.dsop.io/ironbank/redhat/ubi/ubi8-minimal:8.4" +# List of resources to make available to the offline build context +resources: +- filename: webhook-v3.2.0 + url: https://s3.amazonaws.com/download.draios.com/repo1/admission-controller/webhook-v3.2.0 + validation: + type: sha256 + value: 767d3ceeac6a255b30442e4f2834e765e98f02c9a645b0483a0db76fb6a973c5 + +# List of project maintainers +# FIXME: Fill in the following details for the current container owner in the whitelist +# FIXME: Include any other vendor information if applicable +maintainers: + - email: "aitor.acedo@sysdig.com" + # # The name of the current container owner + name: "Aitor Acedo" + # # The gitlab username of the current container owner + username: "aitor.acedo" -- GitLab