search

enterprise-contract / golden-container

Trivial definition of an image build in compliance with HACBS policy
Apache License 2.0
0 stars 9 forks source link

Dependency Dashboard #7

Open renovate[bot] opened 1 year ago

renovate[bot] commented 1 year ago

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

This repository currently has no open or pending branches.

Detected dependencies

dockerfile
Containerfile - `registry.access.redhat.com/ubi9/ubi-micro latest@sha256:2044e2ca8e258d00332f40532db9f55fb3d0bfd77ecc84c4aa4c1b7af3626ffb`
github-actions
.github/workflows/auto-merge.yaml
.github/workflows/release.yaml - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `sigstore/cosign-installer v3.5.0@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20` - `anchore/sbom-action v0.16.0@e8d2a6937ecead383dfe75190d104edd1f9c5751` - `redhat-actions/podman-login v1@4934294ad0449894bcd1e9f191899d7292469603` - `redhat-actions/buildah-build v2@7a95fa7ee0f02d552a32753e7414641a04307056` - `redhat-actions/push-to-registry v2@5ed88d269cf581ea9ef6dd6806d01562096bee9c` - `slsa-framework/slsa-github-generator v2.0.0` - `enterprise-contract/action-validate-image v1.0.219`
.github/workflows/scorecards.yml - `step-security/harden-runner v2.8.1@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `ossf/scorecard-action v2.3.3@dc50aa9510b46c811795eb24b2f1ba02a914e534` - `actions/upload-artifact v4.3.4@0b2256b8c012f0828dc542b3febcab082c67f72b` - `github/codeql-action v3.25.11@b611370bb5703a7efb587f9d136a52ea24c5c38c`
tekton
.tekton/golden-container-pull-request.yaml - `quay.io/konflux-ci/tekton-catalog/task-init 0.2@sha256:83b7df553a736def52dd47bca2a3614c8fa2c88d112d691a4834289cf8c2abf5` - `quay.io/konflux-ci/tekton-catalog/task-git-clone 0.1@sha256:07b21ee2a46298d28edf561451f8550c3ae8024c546316765988d02c602827a4` - `quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies 0.1@sha256:80e4ec86cda6bbb2b4b6787ca3b306a5a80a51d8fd4a498a8464f0005151d7be` - `quay.io/konflux-ci/tekton-catalog/task-buildah 0.1@sha256:942c8b62ad30c614035fc3a6321f3389d0ee4075c2db36923e4a7412c482c8fa` - `quay.io/konflux-ci/tekton-catalog/task-buildah-remote 0.1@sha256:dac5ab56a2af6a1c3297c18f5d6e10f6b6465bb6752e5b294981939a630a4dc4` - `quay.io/konflux-ci/tekton-catalog/task-build-image-manifest 0.1@sha256:fd0a0cf019621d6b577f1b9ab774bb1832f7cba61b4ceee2fd1bffc96895abf9` - `quay.io/konflux-ci/tekton-catalog/task-source-build 0.1@sha256:bc4b2f86e4b0f01dc58ebf77f12357b1d73b78f8ddb989383e8d0cfab81b1731` - `quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check 0.4@sha256:0d61c9a7d3f7df8ae4989fa09cd387b2e88234876b2eca527a9b5b7e8ce78ad0` - `quay.io/konflux-ci/tekton-catalog/task-clair-scan 0.1@sha256:48a051b5d9cb93f722a9fa2eca0e1d28eb3a28118cfff74a6448b2ee956d95f9` - `quay.io/konflux-ci/tekton-catalog/task-sast-snyk-check 0.1@sha256:962fbf053705d38ed5c81ea6379eebee32b22fad4a7971183614610e33e8e0f9` - `quay.io/konflux-ci/tekton-catalog/task-clamav-scan 0.1@sha256:b7f9f87a275d47e8076ee759145865575364c2eb44a834cd111cb373a10da0c2` - `quay.io/konflux-ci/tekton-catalog/task-sbom-json-check 0.1@sha256:acc9cb8a714f33c0e48d6ca219b6bd0191f09cdd767af4ef3a35d0a5cac53b5d` - `quay.io/konflux-ci/tekton-catalog/task-show-sbom 0.1@sha256:bb6de6584cc47524ac69d2fb0bc310e546696b707e4052a465966e2446e33a15` - `quay.io/konflux-ci/tekton-catalog/task-summary 0.2@sha256:fc1b0a4efc83c91cd4a24020daabb874b3f33a87c34cd157cda0b7e6d4b7779a`
.tekton/golden-container-push.yaml - `quay.io/konflux-ci/tekton-catalog/task-init 0.2@sha256:83b7df553a736def52dd47bca2a3614c8fa2c88d112d691a4834289cf8c2abf5` - `quay.io/konflux-ci/tekton-catalog/task-git-clone 0.1@sha256:07b21ee2a46298d28edf561451f8550c3ae8024c546316765988d02c602827a4` - `quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies 0.1@sha256:80e4ec86cda6bbb2b4b6787ca3b306a5a80a51d8fd4a498a8464f0005151d7be` - `quay.io/konflux-ci/tekton-catalog/task-buildah 0.1@sha256:942c8b62ad30c614035fc3a6321f3389d0ee4075c2db36923e4a7412c482c8fa` - `quay.io/konflux-ci/tekton-catalog/task-buildah-remote 0.1@sha256:dac5ab56a2af6a1c3297c18f5d6e10f6b6465bb6752e5b294981939a630a4dc4` - `quay.io/konflux-ci/tekton-catalog/task-build-image-manifest 0.1@sha256:fd0a0cf019621d6b577f1b9ab774bb1832f7cba61b4ceee2fd1bffc96895abf9` - `quay.io/konflux-ci/tekton-catalog/task-source-build 0.1@sha256:bc4b2f86e4b0f01dc58ebf77f12357b1d73b78f8ddb989383e8d0cfab81b1731` - `quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check 0.4@sha256:0d61c9a7d3f7df8ae4989fa09cd387b2e88234876b2eca527a9b5b7e8ce78ad0` - `quay.io/konflux-ci/tekton-catalog/task-clair-scan 0.1@sha256:48a051b5d9cb93f722a9fa2eca0e1d28eb3a28118cfff74a6448b2ee956d95f9` - `quay.io/konflux-ci/tekton-catalog/task-sast-snyk-check 0.1@sha256:962fbf053705d38ed5c81ea6379eebee32b22fad4a7971183614610e33e8e0f9` - `quay.io/konflux-ci/tekton-catalog/task-clamav-scan 0.1@sha256:b7f9f87a275d47e8076ee759145865575364c2eb44a834cd111cb373a10da0c2` - `quay.io/konflux-ci/tekton-catalog/task-sbom-json-check 0.1@sha256:acc9cb8a714f33c0e48d6ca219b6bd0191f09cdd767af4ef3a35d0a5cac53b5d` - `quay.io/konflux-ci/tekton-catalog/task-show-sbom 0.1@sha256:bb6de6584cc47524ac69d2fb0bc310e546696b707e4052a465966e2446e33a15` - `quay.io/konflux-ci/tekton-catalog/task-summary 0.2@sha256:fc1b0a4efc83c91cd4a24020daabb874b3f33a87c34cd157cda0b7e6d4b7779a`
.tekton/golden-container-tag-latest.yaml - `registry.access.redhat.com/ubi9/skopeo latest@sha256:6679a7e238c2cab8836572e4e12a133108a1270742ec375f94f71b1c004bc228`
lcarva commented 1 year ago

Jobs can be seen here: https://developer.mend.io/github/enterprise-contract/golden-container