Skip to content

Commit 9b614a5

Browse files
devspacesbuilddevspacesbuild
committed
chore: [prodsec] Update product security manifests for 3.17.0
Signed-off-by: devspacesbuild <[email protected]>
1 parent 5741a64 commit 9b614a5

24 files changed

+61603
-0
lines changed

product/manifest/3.17.0/manifest-all.txt

+19,733
Large diffs are not rendered by default.

product/manifest/3.17.0/manifest-containers-base-images-only.txt

+8
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
containers/devspaces-idea-rhel8-container:3.17.0/registry.redhat.io/rhel9-2-els/rhel:9.2-1362 as ubi-builder
2+
containers/devspaces-idea-rhel8-container:3.17.0/registry.redhat.io/rhel9-2-els/rhel:9.2-1362
3+
containers/devspaces-machineexec-rhel8-container:3.17.0/registry.redhat.io/rhel9-2-els/rhel:9.2-1362 as builder
4+
containers/devspaces-machineexec-rhel8-container:3.17.0/registry.redhat.io/rhel9-2-els/rhel:9.2-1362 as runtime
5+
containers/devspaces-operator-bundle-rhel8-container:3.17.0/scratch
6+
containers/devspaces-pluginregistry-rhel8-container:3.17.0/registry.redhat.io/rhel9-2-els/rhel:9.2-1362 as builder
7+
containers/devspaces-pluginregistry-rhel8-container:3.17.0/registry.redhat.io/rhel9-2-els/rhel:9.2-1362
8+
containers/devspaces-server-rhel8-container:3.17.0/registry.redhat.io/rhel9-2-els/rhel:9.2-1222

product/manifest/3.17.0/manifest-containers-binaries-extras.txt

+61
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,61 @@
1+
containers/devspaces-idea-rhel8-container:3.17.0/registry.redhat.io/rhel9-2-els/rhel:9.2-1362 as ubi-builder
2+
containers/devspaces-idea-rhel8-container:3.17.0/registry.redhat.io/rhel9-2-els/rhel:9.2-1362
3+
FROM registry.redhat.io/rhel9-2-els/rhel:9.2-1362 as ubi-builder
4+
COPY --chown=0:0 asset-required-rpms.txt /tmp/asset-required-rpms.txt
5+
RUN yum install unzip -y --nodocs && \
6+
yum install --installroot /mnt/rootfs \
7+
--releasever 8 --setopt install_weak_deps=false --nodocs -y && \
8+
yum --installroot /mnt/rootfs clean all
9+
RUN rm -rf /mnt/rootfs/var/cache/* /mnt/rootfs/var/log/dnf* /mnt/rootfs/var/log/yum.*
10+
COPY --chown=0:0 asset-ide-packaging.tar.gz .
11+
COPY --chown=0:0 asset-projector-server-assembly.zip .
12+
COPY --chown=0:0 asset-static-assembly.tar.gz .
13+
COPY --chown=0:0 asset-che-plugin-assembly.zip .
14+
COPY --chown=0:0 asset-machine-exec ide/bin/machine-exec
15+
FROM registry.redhat.io/rhel9-2-els/rhel:9.2-1362
16+
COPY --from=ubi-builder /mnt/rootfs/ /
17+
18+
containers/devspaces-machineexec-rhel8-container:3.17.0/registry.redhat.io/rhel9-2-els/rhel:9.2-1362 as builder
19+
containers/devspaces-machineexec-rhel8-container:3.17.0/registry.redhat.io/rhel9-2-els/rhel:9.2-1362 as runtime
20+
FROM registry.redhat.io/rhel9-2-els/rhel:9.2-1362 as builder
21+
COPY . .
22+
RUN dnf -y install golang && \
23+
adduser unprivilegeduser && \
24+
GOOS=linux go build -mod=vendor -a -ldflags '-w -s' -a -installsuffix cgo -o che-machine-exec . && \
25+
FROM registry.redhat.io/rhel9-2-els/rhel:9.2-1362 as runtime
26+
COPY --from=builder /rootfs /
27+
RUN dnf install -y openssl && \
28+
29+
containers/devspaces-operator-bundle-rhel8-container:3.17.0/scratch
30+
FROM scratch
31+
COPY manifests /manifests/
32+
COPY metadata /metadata/
33+
34+
containers/devspaces-pluginregistry-rhel8-container:3.17.0/registry.redhat.io/rhel9-2-els/rhel:9.2-1362 as builder
35+
containers/devspaces-pluginregistry-rhel8-container:3.17.0/registry.redhat.io/rhel9-2-els/rhel:9.2-1362
36+
FROM registry.redhat.io/rhel9-2-els/rhel:9.2-1362 as builder
37+
RUN dnf install -y make
38+
RUN dnf module install -y nodejs:18/development
39+
COPY $REMOTE_SOURCES $REMOTE_SOURCES_DIR
40+
&& npm install \
41+
FROM registry.redhat.io/rhel9-2-els/rhel:9.2-1362
42+
COPY root-local.tgz /tmp/root-local.tgz
43+
COPY ./build/dockerfiles/content_sets_rhel9.repo /etc/yum.repos.d/
44+
COPY ./build/dockerfiles/rhel.install.sh /tmp
45+
RUN /tmp/rhel.install.sh && rm -f /tmp/rhel.install.sh
46+
dnf module install postgresql:15/server nodejs:18/development -y
47+
COPY --chown=0:0 /openvsx-server.tar.gz .
48+
COPY /build/dockerfiles/application.yaml /openvsx-server/config/
49+
COPY --from=builder --chown=0:0 /tmp/opt/ovsx /tmp/opt/ovsx
50+
COPY /build/scripts/import_vsix.sh /usr/local/bin
51+
COPY /build/scripts/start_services.sh /usr/local/bin/
52+
COPY /build/dockerfiles/openvsx.conf /etc/httpd/conf.d/
53+
COPY /build/scripts/*.sh /build/
54+
55+
containers/devspaces-server-rhel8-container:3.17.0/registry.redhat.io/rhel9-2-els/rhel:9.2-1222
56+
FROM registry.redhat.io/rhel9-2-els/rhel:9.2-1222
57+
RUN dnf -y install java-17-openjdk-headless tar gzip shadow-utils findutils && \
58+
dnf -y clean all && rm -rf /var/cache/yum && echo "Installed Packages" && rpm -qa | sort -V && echo "End Of Installed Packages" && \
59+
adduser -G root user && mkdir -p /home/user/devspaces
60+
COPY artifacts/assembly-main.tar.gz /tmp/assembly-main.tar.gz
61+

product/manifest/3.17.0/manifest.txt

+9,867
Large diffs are not rendered by default.

product/manifest/3.17.0/manifest_log.txt

+37
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,37 @@
1+
1a. Check out 3rd party language server dependencies builder repo (will collect variables later)
2+
3+
1b. Define list of upstream containers & RPMs pulled into them from https://pkgs.devel.redhat.com/cgit/?q=devspaces
4+
5+
== devspaces-idea (devspaces-3.17-rhel-8) ==
6+
7+
== devspaces-machineexec (devspaces-3.17-rhel-8) ==
8+
9+
== devspaces-operator-bundle (devspaces-3.17-rhel-8) ==
10+
11+
== devspaces-pluginregistry (devspaces-3.17-rhel-8) ==
12+
13+
== devspaces-server (devspaces-3.17-rhel-8) ==
14+
15+
Short container list (base images only): /mnt/hudson_workspace/workspace/DS_CI/Releng/get-3rd-party-deps-manifests/3.17.0/manifest-containers-base-images-only.txt
16+
Long container list (with dockerfile snippets): /mnt/hudson_workspace/workspace/DS_CI/Releng/get-3rd-party-deps-manifests/3.17.0/manifest-containers-binaries-extras.txt
17+
18+
1c. Other than the above, all artifacts used in Red Hat OpenShift Dev Spaces (formerly
19+
Red Hat CodeReady Workspaces) Workspaces are now built in RH Central CI Jenkins:
20+
https://main-jenkins-csb-crwqe.apps.ocp-c1.prod.psi.redhat.com/
21+
22+
See also latest build architecture diagram & development documentation:
23+
https://docs.google.com/presentation/d/1R9tr67pDMk3UVUbvN7vBJbJCYGlUsO2ZPcXbdaoOvTs/edit#slide=id.g4ac34a3cdd_0_0
24+
https://github.com/redhat-developer/devtools-productization/tree/main/codeready-workspaces
25+
26+
6. Collect RPM deps
27+
28+
7. Collect MVN deps
29+
30+
31+
8. Collect NPM deps
32+
33+
Short manifest is in file: /mnt/hudson_workspace/workspace/DS_CI/Releng/get-3rd-party-deps-manifests/3.17.0/manifest.txt
34+
Long log is in file: /mnt/hudson_workspace/workspace/DS_CI/Releng/get-3rd-party-deps-manifests/3.17.0/manifest_log.txt
35+
36+
Overall manifest is in file: /mnt/hudson_workspace/workspace/DS_CI/Releng/get-3rd-party-deps-manifests/3.17.0/manifest-all.txt
37+

product/manifest/3.17.0/mvn/che-dev_log.txt

+40
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,40 @@
1+
[INFO] Scanning for projects...
2+
[INFO] ------------------------------------------------------------------------
3+
[INFO] Reactor Build Order:
4+
[INFO]
5+
[INFO] Development Resources for Eclipse Che projects [pom]
6+
[INFO] Eclipse license codestyle [jar]
7+
[INFO] Che codestyle resources [jar]
8+
[INFO]
9+
[INFO] ------------< org.eclipse.che.dev:che-dev-resources-parent >------------
10+
[INFO] Building Development Resources for Eclipse Che projects 20 [1/3]
11+
[INFO] --------------------------------[ pom ]---------------------------------
12+
[INFO]
13+
[INFO] --- maven-dependency-plugin:2.8:tree (default-cli) @ che-dev-resources-parent ---
14+
[INFO] org.eclipse.che.dev:che-dev-resources-parent:pom:20
15+
[INFO]
16+
[INFO] ------< org.eclipse.che.dev:che-eclipse-license-resource-bundle >-------
17+
[INFO] Building Eclipse license codestyle 20 [2/3]
18+
[INFO] --------------------------------[ jar ]---------------------------------
19+
[INFO]
20+
[INFO] --- maven-dependency-plugin:2.8:tree (default-cli) @ che-eclipse-license-resource-bundle ---
21+
[INFO] org.eclipse.che.dev:che-eclipse-license-resource-bundle:jar:20
22+
[INFO]
23+
[INFO] -----------------< org.eclipse.che.dev:che-codestyle >------------------
24+
[INFO] Building Che codestyle resources 20 [3/3]
25+
[INFO] --------------------------------[ jar ]---------------------------------
26+
[INFO]
27+
[INFO] --- maven-dependency-plugin:2.8:tree (default-cli) @ che-codestyle ---
28+
[INFO] org.eclipse.che.dev:che-codestyle:jar:20
29+
[INFO] ------------------------------------------------------------------------
30+
[INFO] Reactor Summary for Development Resources for Eclipse Che projects 20:
31+
[INFO]
32+
[INFO] Development Resources for Eclipse Che projects ..... SUCCESS [ 1.110 s]
33+
[INFO] Eclipse license codestyle .......................... SUCCESS [ 0.099 s]
34+
[INFO] Che codestyle resources ............................ SUCCESS [ 0.002 s]
35+
[INFO] ------------------------------------------------------------------------
36+
[INFO] BUILD SUCCESS
37+
[INFO] ------------------------------------------------------------------------
38+
[INFO] Total time: 1.487 s
39+
[INFO] Finished at: 2024-11-25T15:00:47-05:00
40+
[INFO] ------------------------------------------------------------------------

0 commit comments

Comments
 (0)