Resolve "Implement justifier compatibility with the hardening_manifest.yaml" (!243) · Merge requests · Iron Bank / ironbank-pipeline

Kenneth Maguire requested to merge 151-implement-justifier-hardening_manifest-changes into development Dec 08, 2020

This MR updates the justifier.py script to use the BASE_IMAGE and BASE_TAG vars in hardening_manifest.yaml for retrieving the whitelists. This MR includes considerations for backwards compatibility, such that if no hardening_manifest.yaml exists (for the source or base images), it will retrieve the vars from the relevant .greylist file. Since these vars will be removed from the .greylist file eventually, the backwards compatibility included in this MR will need to be removed from justifier.py after a reasonable deprecation period.

Relevant pipeline runs are included in ticket #151 (closed).

Admin message

Resolve "Implement justifier compatibility with the hardening_manifest.yaml"

Merge request reports