From 2adea2fb23cb3725a3fedb4def7652a9dad34ca7 Mon Sep 17 00:00:00 2001
From: Lindsay Eliasen <87664908+leliasen-hpe@users.noreply.github.com>
Date: Mon, 15 Jul 2024 15:46:11 -0500
Subject: [PATCH] CASMPET-7130 pull container images for k8s 1.24 (#622)

* CASMPET-7130 add container images for k8s 1.24
* CASMPET-7130 pull in pause container v3.7 for k8s 1.24
---
 ...egistry.k8s.io.coredns.coredns.v1.8.6.yaml | 59 +++++++++++++++++++
 ...gistry.k8s.io.kube-apiserver.v1.24.17.yaml | 59 +++++++++++++++++++
 ...s.io.kube-controller-manager.v1.24.17.yaml | 59 +++++++++++++++++++
 .../registry.k8s.io.kube-proxy.v1.24.17.yaml  | 59 +++++++++++++++++++
 ...gistry.k8s.io.kube-scheduler.v1.24.17.yaml | 59 +++++++++++++++++++
 ....metrics-server.metrics-server.v0.7.1.yaml | 59 +++++++++++++++++++
 .../workflows/registry.k8s.io.pause.3.7.yaml  | 59 +++++++++++++++++++
 .../coredns/coredns/v1.8.6/Dockerfile         | 27 +++++++++
 .../kube-apiserver/v1.24.17/Dockerfile        | 27 +++++++++
 .../v1.24.17/Dockerfile                       | 27 +++++++++
 .../kube-proxy/v1.24.17/Dockerfile            | 28 +++++++++
 .../kube-scheduler/v1.24.17/Dockerfile        | 27 +++++++++
 .../metrics-server/v0.7.1/Dockerfile          | 27 +++++++++
 registry.k8s.io/pause/3.7/Dockerfile          | 27 +++++++++
 14 files changed, 603 insertions(+)
 create mode 100644 .github/workflows/registry.k8s.io.coredns.coredns.v1.8.6.yaml
 create mode 100644 .github/workflows/registry.k8s.io.kube-apiserver.v1.24.17.yaml
 create mode 100644 .github/workflows/registry.k8s.io.kube-controller-manager.v1.24.17.yaml
 create mode 100644 .github/workflows/registry.k8s.io.kube-proxy.v1.24.17.yaml
 create mode 100644 .github/workflows/registry.k8s.io.kube-scheduler.v1.24.17.yaml
 create mode 100644 .github/workflows/registry.k8s.io.metrics-server.metrics-server.v0.7.1.yaml
 create mode 100644 .github/workflows/registry.k8s.io.pause.3.7.yaml
 create mode 100644 registry.k8s.io/coredns/coredns/v1.8.6/Dockerfile
 create mode 100644 registry.k8s.io/kube-apiserver/v1.24.17/Dockerfile
 create mode 100644 registry.k8s.io/kube-controller-manager/v1.24.17/Dockerfile
 create mode 100644 registry.k8s.io/kube-proxy/v1.24.17/Dockerfile
 create mode 100644 registry.k8s.io/kube-scheduler/v1.24.17/Dockerfile
 create mode 100644 registry.k8s.io/metrics-server/metrics-server/v0.7.1/Dockerfile
 create mode 100644 registry.k8s.io/pause/3.7/Dockerfile

diff --git a/.github/workflows/registry.k8s.io.coredns.coredns.v1.8.6.yaml b/.github/workflows/registry.k8s.io.coredns.coredns.v1.8.6.yaml
new file mode 100644
index 00000000..e9a41a49
--- /dev/null
+++ b/.github/workflows/registry.k8s.io.coredns.coredns.v1.8.6.yaml
@@ -0,0 +1,59 @@
+#
+# MIT License
+#
+# (C) Copyright [2024] Hewlett Packard Enterprise Development LP
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+# OTHER DEALINGS IN THE SOFTWARE.
+#
+
+# Generated with: make add IMAGE=coredns/coredns:v1.8.6 REGISTRY=registry.k8s.io PACKAGE_MANAGER=
+# DO NOT EDIT THIS FILE DIRECTLY
+---
+name: registry.k8s.io/coredns/coredns:v1.8.6
+on:
+  push:
+    paths:
+      - .github/workflows/registry.k8s.io.coredns.coredns.v1.8.6.yaml
+      - registry.k8s.io/coredns/coredns/v1.8.6/**
+  workflow_dispatch:
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+    env:
+      CONTEXT_PATH: registry.k8s.io/coredns/coredns/v1.8.6
+      DOCKER_REPO: artifactory.algol60.net/csm-docker/${{ github.ref == 'refs/heads/main' && 'stable' || 'unstable' }}/registry.k8s.io/coredns/coredns
+      DOCKER_TAG: v1.8.6
+    steps:
+      - name: build-sign-scan
+        uses: Cray-HPE/github-actions/build-sign-scan@build-sign-scan/v2
+        with:
+          context_path: ${{ env.CONTEXT_PATH }}
+          docker_repo: ${{ env.DOCKER_REPO }}
+          docker_tag: ${{ env.DOCKER_TAG }}
+          docker_username: ${{ secrets.ARTIFACTORY_ALGOL60_USERNAME }}
+          docker_password: ${{ secrets.ARTIFACTORY_ALGOL60_TOKEN }}
+          sign: ${{ github.ref == 'refs/heads/main' }}
+          cosign_gcp_workload_identity_provider: ${{ secrets.COSIGN_GCP_WORKLOAD_IDENTITY_PROVIDER_RSA }}
+          cosign_gcp_service_account: ${{ secrets.COSIGN_GCP_SERVICE_ACCOUNT_RSA }}
+          cosign_key: ${{ secrets.COSIGN_KEY_RSA }}
+          snyk_token: ${{ secrets.SNYK_TOKEN }}
+          fail_on_snyk_errors: true
diff --git a/.github/workflows/registry.k8s.io.kube-apiserver.v1.24.17.yaml b/.github/workflows/registry.k8s.io.kube-apiserver.v1.24.17.yaml
new file mode 100644
index 00000000..8ef244b7
--- /dev/null
+++ b/.github/workflows/registry.k8s.io.kube-apiserver.v1.24.17.yaml
@@ -0,0 +1,59 @@
+#
+# MIT License
+#
+# (C) Copyright [2024] Hewlett Packard Enterprise Development LP
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+# OTHER DEALINGS IN THE SOFTWARE.
+#
+
+# Generated with: make add IMAGE=kube-apiserver:v1.24.17 REGISTRY=registry.k8s.io PACKAGE_MANAGER=
+# DO NOT EDIT THIS FILE DIRECTLY
+---
+name: registry.k8s.io/kube-apiserver:v1.24.17
+on:
+  push:
+    paths:
+      - .github/workflows/registry.k8s.io.kube-apiserver.v1.24.17.yaml
+      - registry.k8s.io/kube-apiserver/v1.24.17/**
+  workflow_dispatch:
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+    env:
+      CONTEXT_PATH: registry.k8s.io/kube-apiserver/v1.24.17
+      DOCKER_REPO: artifactory.algol60.net/csm-docker/${{ github.ref == 'refs/heads/main' && 'stable' || 'unstable' }}/registry.k8s.io/kube-apiserver
+      DOCKER_TAG: v1.24.17
+    steps:
+      - name: build-sign-scan
+        uses: Cray-HPE/github-actions/build-sign-scan@build-sign-scan/v2
+        with:
+          context_path: ${{ env.CONTEXT_PATH }}
+          docker_repo: ${{ env.DOCKER_REPO }}
+          docker_tag: ${{ env.DOCKER_TAG }}
+          docker_username: ${{ secrets.ARTIFACTORY_ALGOL60_USERNAME }}
+          docker_password: ${{ secrets.ARTIFACTORY_ALGOL60_TOKEN }}
+          sign: ${{ github.ref == 'refs/heads/main' }}
+          cosign_gcp_workload_identity_provider: ${{ secrets.COSIGN_GCP_WORKLOAD_IDENTITY_PROVIDER_RSA }}
+          cosign_gcp_service_account: ${{ secrets.COSIGN_GCP_SERVICE_ACCOUNT_RSA }}
+          cosign_key: ${{ secrets.COSIGN_KEY_RSA }}
+          snyk_token: ${{ secrets.SNYK_TOKEN }}
+          fail_on_snyk_errors: true
diff --git a/.github/workflows/registry.k8s.io.kube-controller-manager.v1.24.17.yaml b/.github/workflows/registry.k8s.io.kube-controller-manager.v1.24.17.yaml
new file mode 100644
index 00000000..42ef01fd
--- /dev/null
+++ b/.github/workflows/registry.k8s.io.kube-controller-manager.v1.24.17.yaml
@@ -0,0 +1,59 @@
+#
+# MIT License
+#
+# (C) Copyright [2024] Hewlett Packard Enterprise Development LP
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+# OTHER DEALINGS IN THE SOFTWARE.
+#
+
+# Generated with: make add IMAGE=kube-controller-manager:v1.24.17 REGISTRY=registry.k8s.io PACKAGE_MANAGER=
+# DO NOT EDIT THIS FILE DIRECTLY
+---
+name: registry.k8s.io/kube-controller-manager:v1.24.17
+on:
+  push:
+    paths:
+      - .github/workflows/registry.k8s.io.kube-controller-manager.v1.24.17.yaml
+      - registry.k8s.io/kube-controller-manager/v1.24.17/**
+  workflow_dispatch:
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+    env:
+      CONTEXT_PATH: registry.k8s.io/kube-controller-manager/v1.24.17
+      DOCKER_REPO: artifactory.algol60.net/csm-docker/${{ github.ref == 'refs/heads/main' && 'stable' || 'unstable' }}/registry.k8s.io/kube-controller-manager
+      DOCKER_TAG: v1.24.17
+    steps:
+      - name: build-sign-scan
+        uses: Cray-HPE/github-actions/build-sign-scan@build-sign-scan/v2
+        with:
+          context_path: ${{ env.CONTEXT_PATH }}
+          docker_repo: ${{ env.DOCKER_REPO }}
+          docker_tag: ${{ env.DOCKER_TAG }}
+          docker_username: ${{ secrets.ARTIFACTORY_ALGOL60_USERNAME }}
+          docker_password: ${{ secrets.ARTIFACTORY_ALGOL60_TOKEN }}
+          sign: ${{ github.ref == 'refs/heads/main' }}
+          cosign_gcp_workload_identity_provider: ${{ secrets.COSIGN_GCP_WORKLOAD_IDENTITY_PROVIDER_RSA }}
+          cosign_gcp_service_account: ${{ secrets.COSIGN_GCP_SERVICE_ACCOUNT_RSA }}
+          cosign_key: ${{ secrets.COSIGN_KEY_RSA }}
+          snyk_token: ${{ secrets.SNYK_TOKEN }}
+          fail_on_snyk_errors: true
diff --git a/.github/workflows/registry.k8s.io.kube-proxy.v1.24.17.yaml b/.github/workflows/registry.k8s.io.kube-proxy.v1.24.17.yaml
new file mode 100644
index 00000000..3522ac02
--- /dev/null
+++ b/.github/workflows/registry.k8s.io.kube-proxy.v1.24.17.yaml
@@ -0,0 +1,59 @@
+#
+# MIT License
+#
+# (C) Copyright [2024] Hewlett Packard Enterprise Development LP
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+# OTHER DEALINGS IN THE SOFTWARE.
+#
+
+# Generated with: make add IMAGE=kube-proxy:v1.24.17 REGISTRY=registry.k8s.io PACKAGE_MANAGER=apt
+# DO NOT EDIT THIS FILE DIRECTLY
+---
+name: registry.k8s.io/kube-proxy:v1.24.17
+on:
+  push:
+    paths:
+      - .github/workflows/registry.k8s.io.kube-proxy.v1.24.17.yaml
+      - registry.k8s.io/kube-proxy/v1.24.17/**
+  workflow_dispatch:
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+    env:
+      CONTEXT_PATH: registry.k8s.io/kube-proxy/v1.24.17
+      DOCKER_REPO: artifactory.algol60.net/csm-docker/${{ github.ref == 'refs/heads/main' && 'stable' || 'unstable' }}/registry.k8s.io/kube-proxy
+      DOCKER_TAG: v1.24.17
+    steps:
+      - name: build-sign-scan
+        uses: Cray-HPE/github-actions/build-sign-scan@build-sign-scan/v2
+        with:
+          context_path: ${{ env.CONTEXT_PATH }}
+          docker_repo: ${{ env.DOCKER_REPO }}
+          docker_tag: ${{ env.DOCKER_TAG }}
+          docker_username: ${{ secrets.ARTIFACTORY_ALGOL60_USERNAME }}
+          docker_password: ${{ secrets.ARTIFACTORY_ALGOL60_TOKEN }}
+          sign: ${{ github.ref == 'refs/heads/main' }}
+          cosign_gcp_workload_identity_provider: ${{ secrets.COSIGN_GCP_WORKLOAD_IDENTITY_PROVIDER_RSA }}
+          cosign_gcp_service_account: ${{ secrets.COSIGN_GCP_SERVICE_ACCOUNT_RSA }}
+          cosign_key: ${{ secrets.COSIGN_KEY_RSA }}
+          snyk_token: ${{ secrets.SNYK_TOKEN }}
+          fail_on_snyk_errors: true
diff --git a/.github/workflows/registry.k8s.io.kube-scheduler.v1.24.17.yaml b/.github/workflows/registry.k8s.io.kube-scheduler.v1.24.17.yaml
new file mode 100644
index 00000000..510db076
--- /dev/null
+++ b/.github/workflows/registry.k8s.io.kube-scheduler.v1.24.17.yaml
@@ -0,0 +1,59 @@
+#
+# MIT License
+#
+# (C) Copyright [2024] Hewlett Packard Enterprise Development LP
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+# OTHER DEALINGS IN THE SOFTWARE.
+#
+
+# Generated with: make add IMAGE=kube-scheduler:v1.24.17 REGISTRY=registry.k8s.io PACKAGE_MANAGER=
+# DO NOT EDIT THIS FILE DIRECTLY
+---
+name: registry.k8s.io/kube-scheduler:v1.24.17
+on:
+  push:
+    paths:
+      - .github/workflows/registry.k8s.io.kube-scheduler.v1.24.17.yaml
+      - registry.k8s.io/kube-scheduler/v1.24.17/**
+  workflow_dispatch:
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+    env:
+      CONTEXT_PATH: registry.k8s.io/kube-scheduler/v1.24.17
+      DOCKER_REPO: artifactory.algol60.net/csm-docker/${{ github.ref == 'refs/heads/main' && 'stable' || 'unstable' }}/registry.k8s.io/kube-scheduler
+      DOCKER_TAG: v1.24.17
+    steps:
+      - name: build-sign-scan
+        uses: Cray-HPE/github-actions/build-sign-scan@build-sign-scan/v2
+        with:
+          context_path: ${{ env.CONTEXT_PATH }}
+          docker_repo: ${{ env.DOCKER_REPO }}
+          docker_tag: ${{ env.DOCKER_TAG }}
+          docker_username: ${{ secrets.ARTIFACTORY_ALGOL60_USERNAME }}
+          docker_password: ${{ secrets.ARTIFACTORY_ALGOL60_TOKEN }}
+          sign: ${{ github.ref == 'refs/heads/main' }}
+          cosign_gcp_workload_identity_provider: ${{ secrets.COSIGN_GCP_WORKLOAD_IDENTITY_PROVIDER_RSA }}
+          cosign_gcp_service_account: ${{ secrets.COSIGN_GCP_SERVICE_ACCOUNT_RSA }}
+          cosign_key: ${{ secrets.COSIGN_KEY_RSA }}
+          snyk_token: ${{ secrets.SNYK_TOKEN }}
+          fail_on_snyk_errors: true
diff --git a/.github/workflows/registry.k8s.io.metrics-server.metrics-server.v0.7.1.yaml b/.github/workflows/registry.k8s.io.metrics-server.metrics-server.v0.7.1.yaml
new file mode 100644
index 00000000..55a71fc0
--- /dev/null
+++ b/.github/workflows/registry.k8s.io.metrics-server.metrics-server.v0.7.1.yaml
@@ -0,0 +1,59 @@
+#
+# MIT License
+#
+# (C) Copyright [2024] Hewlett Packard Enterprise Development LP
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+# OTHER DEALINGS IN THE SOFTWARE.
+#
+
+# Generated with: make add IMAGE=metrics-server/metrics-server:v0.7.1 REGISTRY=registry.k8s.io PACKAGE_MANAGER=
+# DO NOT EDIT THIS FILE DIRECTLY
+---
+name: registry.k8s.io/metrics-server/metrics-server:v0.7.1
+on:
+  push:
+    paths:
+      - .github/workflows/registry.k8s.io.metrics-server.metrics-server.v0.7.1.yaml
+      - registry.k8s.io/metrics-server/metrics-server/v0.7.1/**
+  workflow_dispatch:
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+    env:
+      CONTEXT_PATH: registry.k8s.io/metrics-server/metrics-server/v0.7.1
+      DOCKER_REPO: artifactory.algol60.net/csm-docker/${{ github.ref == 'refs/heads/main' && 'stable' || 'unstable' }}/registry.k8s.io/metrics-server/metrics-server
+      DOCKER_TAG: v0.7.1
+    steps:
+      - name: build-sign-scan
+        uses: Cray-HPE/github-actions/build-sign-scan@build-sign-scan/v2
+        with:
+          context_path: ${{ env.CONTEXT_PATH }}
+          docker_repo: ${{ env.DOCKER_REPO }}
+          docker_tag: ${{ env.DOCKER_TAG }}
+          docker_username: ${{ secrets.ARTIFACTORY_ALGOL60_USERNAME }}
+          docker_password: ${{ secrets.ARTIFACTORY_ALGOL60_TOKEN }}
+          sign: ${{ github.ref == 'refs/heads/main' }}
+          cosign_gcp_workload_identity_provider: ${{ secrets.COSIGN_GCP_WORKLOAD_IDENTITY_PROVIDER_RSA }}
+          cosign_gcp_service_account: ${{ secrets.COSIGN_GCP_SERVICE_ACCOUNT_RSA }}
+          cosign_key: ${{ secrets.COSIGN_KEY_RSA }}
+          snyk_token: ${{ secrets.SNYK_TOKEN }}
+          fail_on_snyk_errors: true
diff --git a/.github/workflows/registry.k8s.io.pause.3.7.yaml b/.github/workflows/registry.k8s.io.pause.3.7.yaml
new file mode 100644
index 00000000..3d5fca58
--- /dev/null
+++ b/.github/workflows/registry.k8s.io.pause.3.7.yaml
@@ -0,0 +1,59 @@
+#
+# MIT License
+#
+# (C) Copyright [2024] Hewlett Packard Enterprise Development LP
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+# OTHER DEALINGS IN THE SOFTWARE.
+#
+
+# Generated with: make add IMAGE=pause:3.7 REGISTRY=registry.k8s.io PACKAGE_MANAGER=
+# DO NOT EDIT THIS FILE DIRECTLY
+---
+name: registry.k8s.io/pause:3.7
+on:
+  push:
+    paths:
+      - .github/workflows/registry.k8s.io.pause.3.7.yaml
+      - registry.k8s.io/pause/3.7/**
+  workflow_dispatch:
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+    env:
+      CONTEXT_PATH: registry.k8s.io/pause/3.7
+      DOCKER_REPO: artifactory.algol60.net/csm-docker/${{ github.ref == 'refs/heads/main' && 'stable' || 'unstable' }}/registry.k8s.io/pause
+      DOCKER_TAG: 3.7
+    steps:
+      - name: build-sign-scan
+        uses: Cray-HPE/github-actions/build-sign-scan@build-sign-scan/v2
+        with:
+          context_path: ${{ env.CONTEXT_PATH }}
+          docker_repo: ${{ env.DOCKER_REPO }}
+          docker_tag: ${{ env.DOCKER_TAG }}
+          docker_username: ${{ secrets.ARTIFACTORY_ALGOL60_USERNAME }}
+          docker_password: ${{ secrets.ARTIFACTORY_ALGOL60_TOKEN }}
+          sign: ${{ github.ref == 'refs/heads/main' }}
+          cosign_gcp_workload_identity_provider: ${{ secrets.COSIGN_GCP_WORKLOAD_IDENTITY_PROVIDER_RSA }}
+          cosign_gcp_service_account: ${{ secrets.COSIGN_GCP_SERVICE_ACCOUNT_RSA }}
+          cosign_key: ${{ secrets.COSIGN_KEY_RSA }}
+          snyk_token: ${{ secrets.SNYK_TOKEN }}
+          fail_on_snyk_errors: true
diff --git a/registry.k8s.io/coredns/coredns/v1.8.6/Dockerfile b/registry.k8s.io/coredns/coredns/v1.8.6/Dockerfile
new file mode 100644
index 00000000..05ec5d2c
--- /dev/null
+++ b/registry.k8s.io/coredns/coredns/v1.8.6/Dockerfile
@@ -0,0 +1,27 @@
+#
+# MIT License
+#
+# (C) Copyright [2024] Hewlett Packard Enterprise Development LP
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+# OTHER DEALINGS IN THE SOFTWARE.
+#
+
+# Generated with: make add IMAGE=coredns/coredns:v1.8.6 REGISTRY=registry.k8s.io PACKAGE_MANAGER=
+# DO NOT EDIT THIS FILE DIRECTLY
+FROM registry.k8s.io/coredns/coredns:v1.8.6
diff --git a/registry.k8s.io/kube-apiserver/v1.24.17/Dockerfile b/registry.k8s.io/kube-apiserver/v1.24.17/Dockerfile
new file mode 100644
index 00000000..a9e7cc39
--- /dev/null
+++ b/registry.k8s.io/kube-apiserver/v1.24.17/Dockerfile
@@ -0,0 +1,27 @@
+#
+# MIT License
+#
+# (C) Copyright [2024] Hewlett Packard Enterprise Development LP
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+# OTHER DEALINGS IN THE SOFTWARE.
+#
+
+# Generated with: make add IMAGE=kube-apiserver:v1.24.17 REGISTRY=registry.k8s.io PACKAGE_MANAGER=
+# DO NOT EDIT THIS FILE DIRECTLY
+FROM registry.k8s.io/kube-apiserver:v1.24.17
diff --git a/registry.k8s.io/kube-controller-manager/v1.24.17/Dockerfile b/registry.k8s.io/kube-controller-manager/v1.24.17/Dockerfile
new file mode 100644
index 00000000..89a520ca
--- /dev/null
+++ b/registry.k8s.io/kube-controller-manager/v1.24.17/Dockerfile
@@ -0,0 +1,27 @@
+#
+# MIT License
+#
+# (C) Copyright [2024] Hewlett Packard Enterprise Development LP
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+# OTHER DEALINGS IN THE SOFTWARE.
+#
+
+# Generated with: make add IMAGE=kube-controller-manager:v1.24.17 REGISTRY=registry.k8s.io PACKAGE_MANAGER=
+# DO NOT EDIT THIS FILE DIRECTLY
+FROM registry.k8s.io/kube-controller-manager:v1.24.17
diff --git a/registry.k8s.io/kube-proxy/v1.24.17/Dockerfile b/registry.k8s.io/kube-proxy/v1.24.17/Dockerfile
new file mode 100644
index 00000000..808a2c12
--- /dev/null
+++ b/registry.k8s.io/kube-proxy/v1.24.17/Dockerfile
@@ -0,0 +1,28 @@
+#
+# MIT License
+#
+# (C) Copyright [2024] Hewlett Packard Enterprise Development LP
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+# OTHER DEALINGS IN THE SOFTWARE.
+#
+
+# Generated with: make add IMAGE=kube-proxy:v1.24.17 REGISTRY=registry.k8s.io PACKAGE_MANAGER=apt
+# DO NOT EDIT THIS FILE DIRECTLY
+FROM registry.k8s.io/kube-proxy:v1.24.17
+RUN apt-get -y update && apt-get upgrade -y && apt full-upgrade -y && rm -rf /var/lib/apt/lists/
diff --git a/registry.k8s.io/kube-scheduler/v1.24.17/Dockerfile b/registry.k8s.io/kube-scheduler/v1.24.17/Dockerfile
new file mode 100644
index 00000000..00c87f5c
--- /dev/null
+++ b/registry.k8s.io/kube-scheduler/v1.24.17/Dockerfile
@@ -0,0 +1,27 @@
+#
+# MIT License
+#
+# (C) Copyright [2024] Hewlett Packard Enterprise Development LP
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+# OTHER DEALINGS IN THE SOFTWARE.
+#
+
+# Generated with: make add IMAGE=kube-scheduler:v1.24.17 REGISTRY=registry.k8s.io PACKAGE_MANAGER=
+# DO NOT EDIT THIS FILE DIRECTLY
+FROM registry.k8s.io/kube-scheduler:v1.24.17
diff --git a/registry.k8s.io/metrics-server/metrics-server/v0.7.1/Dockerfile b/registry.k8s.io/metrics-server/metrics-server/v0.7.1/Dockerfile
new file mode 100644
index 00000000..f2c4ed3c
--- /dev/null
+++ b/registry.k8s.io/metrics-server/metrics-server/v0.7.1/Dockerfile
@@ -0,0 +1,27 @@
+#
+# MIT License
+#
+# (C) Copyright [2024] Hewlett Packard Enterprise Development LP
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+# OTHER DEALINGS IN THE SOFTWARE.
+#
+
+# Generated with: make add IMAGE=metrics-server/metrics-server:v0.7.1 REGISTRY=registry.k8s.io PACKAGE_MANAGER=
+# DO NOT EDIT THIS FILE DIRECTLY
+FROM registry.k8s.io/metrics-server/metrics-server:v0.7.1
diff --git a/registry.k8s.io/pause/3.7/Dockerfile b/registry.k8s.io/pause/3.7/Dockerfile
new file mode 100644
index 00000000..1232ac78
--- /dev/null
+++ b/registry.k8s.io/pause/3.7/Dockerfile
@@ -0,0 +1,27 @@
+#
+# MIT License
+#
+# (C) Copyright [2024] Hewlett Packard Enterprise Development LP
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+# OTHER DEALINGS IN THE SOFTWARE.
+#
+
+# Generated with: make add IMAGE=pause:3.7 REGISTRY=registry.k8s.io PACKAGE_MANAGER=
+# DO NOT EDIT THIS FILE DIRECTLY
+FROM registry.k8s.io/pause:3.7