Resolve "No longer output tar from Build job" (!547) · Merge requests · Iron Bank / ironbank-pipeline · GitLab

UNCLASSIFIED - NO CUI

David Freeman requested to merge 273-output-tar into development Apr 19, 2021

Closes #273 (closed)
Tested on UBI and Distroless projects

UBI - Proxyv2-1.7
Distroless - Base

The main bit of work was

Removing the docker archive creation in build
Using a podman pull in the oscap jobs using the digest created by the push to staging
Creating the docker archive in the sign image job by using a skopeo copy by digest
Combining the documentation stage jobs into a single job to resolve inter-dependencies without creating a new stage

This code included other fixes as well

No longer add Content-Encoding in S3 upload as this messes up the signature on the all-in-one tar.gz file
Updates all references of IM_NAME to IMAGE_NAME. Outputs IMAGE_NAME in the build again for jobs that need this value but were not depending on hardening_manifest
Updates print statements in the twistlock.py to use the logging module

Edited Apr 21, 2021 by David Freeman

UNCLASSIFIED - NO CUI