Update keys in repo_map to support IBFE S3 artifact validation
Vickie noticed some issues with downloading files in IBFE for the following containers:
- https://ironbank.dso.mil/repomap/details;image=pilot;vendor=istio;product=istio?page=1&sort=1
- https://ironbank.dso.mil/repomap/details;image=proxyv2;vendor=istio;product=istio?page=1&sort=1
After speaking with Eric and Reid, we discovered that they're verifying the path to the artifacts in S3 using the Repo_Name
and Image_Tag
to shorten the S3 path and confirming the artifacts exist in that path. Since Repo_Name
matches the name field in the hardening manifest, and we push to S3 using Image_Path
which is a portion of the Repo1 url, this validation won't work if the hardening_manifest name doesn't match the path in repo1.
Currently, IBFE has a workaround to shorten the url up until the Image_Tag
field, but they would like us to update the repo map keys to the following
-
Repo_Name
: updated toImage_Path
used for S3 upload -
Registry_Name
: updated to hardening manifest name
We'll need to collaborate with IBFE before updating this so they can update their endpoint before we merge these changes. We should also consider refactoring some of the env var names to make more sense for their purpose or to eliminate duplicates with different case (e.g. Image_Path
vs. image_path
).