From 923c368112dd2c5925345f95d5aa6228d0fc72e9 Mon Sep 17 00:00:00 2001
From: Jeanne Ohren <jeanne.ohren@hpe.com>
Date: Thu, 10 Aug 2023 19:27:55 -0500
Subject: [PATCH] CASMPET-6746: Cilium Tetragon v0.10.0 container images

---
 .../ghcr.io.nicolaka.netshoot.v0.8.yaml       | 68 +++++++++++++++++++
 ...y.io.cilium.tetragon-operator.v0.10.0.yaml | 68 +++++++++++++++++++
 .../quay.io.cilium.tetragon.v0.10.0.yaml      | 68 +++++++++++++++++++
 ghcr.io/nicolaka/netshoot/v0.8/Dockerfile     | 28 ++++++++
 .../tetragon-operator/v0.10.0/Dockerfile      | 27 ++++++++
 quay.io/cilium/tetragon/v0.10.0/Dockerfile    | 28 ++++++++
 6 files changed, 287 insertions(+)
 create mode 100644 .github/workflows/ghcr.io.nicolaka.netshoot.v0.8.yaml
 create mode 100644 .github/workflows/quay.io.cilium.tetragon-operator.v0.10.0.yaml
 create mode 100644 .github/workflows/quay.io.cilium.tetragon.v0.10.0.yaml
 create mode 100644 ghcr.io/nicolaka/netshoot/v0.8/Dockerfile
 create mode 100644 quay.io/cilium/tetragon-operator/v0.10.0/Dockerfile
 create mode 100644 quay.io/cilium/tetragon/v0.10.0/Dockerfile

diff --git a/.github/workflows/ghcr.io.nicolaka.netshoot.v0.8.yaml b/.github/workflows/ghcr.io.nicolaka.netshoot.v0.8.yaml
new file mode 100644
index 00000000..7f7a8ede
--- /dev/null
+++ b/.github/workflows/ghcr.io.nicolaka.netshoot.v0.8.yaml
@@ -0,0 +1,68 @@
+#
+# MIT License
+#
+# (C) Copyright [2023] Hewlett Packard Enterprise Development LP
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+# OTHER DEALINGS IN THE SOFTWARE.
+#
+
+# Generated with: make add IMAGE=nicolaka/netshoot:v0.8 REGISTRY=ghcr.io PACKAGE_MANAGER=apk
+# DO NOT EDIT THIS FILE DIRECTLY
+---
+name: ghcr.io/nicolaka/netshoot:v0.8
+on:
+  push:
+    paths:
+      - .github/workflows/ghcr.io.nicolaka.netshoot.v0.8.yaml
+      - ghcr.io/nicolaka/netshoot/v0.8/**
+  workflow_dispatch:
+  schedule:
+    - cron: '0 0 * * *'
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+    env:
+      CONTEXT_PATH: ghcr.io/nicolaka/netshoot/v0.8
+      DOCKER_REPO: artifactory.algol60.net/csm-docker/${{ github.ref == 'refs/heads/main' && 'stable' || 'unstable' }}/ghcr.io/nicolaka/netshoot
+      DOCKER_TAG: v0.8
+    steps:
+      - name: Random job slew
+        uses: 1itachi/sleep-random@v1.0.0
+        if: ${{ github.event_name == 'schedule' }} # Only stagger for scheduled runs
+        with:
+          minutes: '120'
+          random: 'true'
+      - name: Checkout repo
+        uses: actions/checkout@v3
+      - name: build-sign-scan
+        uses: Cray-HPE/github-actions/build-sign-scan@main
+        with:
+          context_path: ${{ env.CONTEXT_PATH }}
+          docker_repo: ${{ env.DOCKER_REPO }}
+          docker_tag: ${{ env.DOCKER_TAG }}
+          artifactory_algol60_token: ${{ secrets.ARTIFACTORY_ALGOL60_TOKEN }}
+          cosign_gcp_workload_identity_provider: ${{ secrets.COSIGN_GCP_WORKLOAD_IDENTITY_PROVIDER }}
+          cosign_gcp_service_account: ${{ secrets.COSIGN_GCP_SERVICE_ACCOUNT }}
+          cosign_key: ${{ secrets.COSIGN_KEY }}
+          snyk_token: ${{ secrets.SNYK_TOKEN }}
+          github_sha: $GITHUB_SHA
+          fail_on_snyk_errors: false 
diff --git a/.github/workflows/quay.io.cilium.tetragon-operator.v0.10.0.yaml b/.github/workflows/quay.io.cilium.tetragon-operator.v0.10.0.yaml
new file mode 100644
index 00000000..4a536e93
--- /dev/null
+++ b/.github/workflows/quay.io.cilium.tetragon-operator.v0.10.0.yaml
@@ -0,0 +1,68 @@
+#
+# MIT License
+#
+# (C) Copyright [2023] Hewlett Packard Enterprise Development LP
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+# OTHER DEALINGS IN THE SOFTWARE.
+#
+
+# Generated with: make add IMAGE=cilium/tetragon-operator:v0.10.0 REGISTRY=quay.io PACKAGE_MANAGER=
+# DO NOT EDIT THIS FILE DIRECTLY
+---
+name: quay.io/cilium/tetragon-operator:v0.10.0
+on:
+  push:
+    paths:
+      - .github/workflows/quay.io.cilium.tetragon-operator.v0.10.0.yaml
+      - quay.io/cilium/tetragon-operator/v0.10.0/**
+  workflow_dispatch:
+  schedule:
+    - cron: '0 0 * * *'
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+    env:
+      CONTEXT_PATH: quay.io/cilium/tetragon-operator/v0.10.0
+      DOCKER_REPO: artifactory.algol60.net/csm-docker/${{ github.ref == 'refs/heads/main' && 'stable' || 'unstable' }}/quay.io/cilium/tetragon-operator
+      DOCKER_TAG: v0.10.0
+    steps:
+      - name: Random job slew
+        uses: 1itachi/sleep-random@v1.0.0
+        if: ${{ github.event_name == 'schedule' }} # Only stagger for scheduled runs
+        with:
+          minutes: '120'
+          random: 'true'
+      - name: Checkout repo
+        uses: actions/checkout@v3
+      - name: build-sign-scan
+        uses: Cray-HPE/github-actions/build-sign-scan@main
+        with:
+          context_path: ${{ env.CONTEXT_PATH }}
+          docker_repo: ${{ env.DOCKER_REPO }}
+          docker_tag: ${{ env.DOCKER_TAG }}
+          artifactory_algol60_token: ${{ secrets.ARTIFACTORY_ALGOL60_TOKEN }}
+          cosign_gcp_workload_identity_provider: ${{ secrets.COSIGN_GCP_WORKLOAD_IDENTITY_PROVIDER }}
+          cosign_gcp_service_account: ${{ secrets.COSIGN_GCP_SERVICE_ACCOUNT }}
+          cosign_key: ${{ secrets.COSIGN_KEY }}
+          snyk_token: ${{ secrets.SNYK_TOKEN }}
+          github_sha: $GITHUB_SHA
+          fail_on_snyk_errors: false 
diff --git a/.github/workflows/quay.io.cilium.tetragon.v0.10.0.yaml b/.github/workflows/quay.io.cilium.tetragon.v0.10.0.yaml
new file mode 100644
index 00000000..0b468640
--- /dev/null
+++ b/.github/workflows/quay.io.cilium.tetragon.v0.10.0.yaml
@@ -0,0 +1,68 @@
+#
+# MIT License
+#
+# (C) Copyright [2023] Hewlett Packard Enterprise Development LP
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+# OTHER DEALINGS IN THE SOFTWARE.
+#
+
+# Generated with: make add IMAGE=cilium/tetragon:v0.10.0 REGISTRY=quay.io PACKAGE_MANAGER=apk
+# DO NOT EDIT THIS FILE DIRECTLY
+---
+name: quay.io/cilium/tetragon:v0.10.0
+on:
+  push:
+    paths:
+      - .github/workflows/quay.io.cilium.tetragon.v0.10.0.yaml
+      - quay.io/cilium/tetragon/v0.10.0/**
+  workflow_dispatch:
+  schedule:
+    - cron: '0 0 * * *'
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+    env:
+      CONTEXT_PATH: quay.io/cilium/tetragon/v0.10.0
+      DOCKER_REPO: artifactory.algol60.net/csm-docker/${{ github.ref == 'refs/heads/main' && 'stable' || 'unstable' }}/quay.io/cilium/tetragon
+      DOCKER_TAG: v0.10.0
+    steps:
+      - name: Random job slew
+        uses: 1itachi/sleep-random@v1.0.0
+        if: ${{ github.event_name == 'schedule' }} # Only stagger for scheduled runs
+        with:
+          minutes: '120'
+          random: 'true'
+      - name: Checkout repo
+        uses: actions/checkout@v3
+      - name: build-sign-scan
+        uses: Cray-HPE/github-actions/build-sign-scan@main
+        with:
+          context_path: ${{ env.CONTEXT_PATH }}
+          docker_repo: ${{ env.DOCKER_REPO }}
+          docker_tag: ${{ env.DOCKER_TAG }}
+          artifactory_algol60_token: ${{ secrets.ARTIFACTORY_ALGOL60_TOKEN }}
+          cosign_gcp_workload_identity_provider: ${{ secrets.COSIGN_GCP_WORKLOAD_IDENTITY_PROVIDER }}
+          cosign_gcp_service_account: ${{ secrets.COSIGN_GCP_SERVICE_ACCOUNT }}
+          cosign_key: ${{ secrets.COSIGN_KEY }}
+          snyk_token: ${{ secrets.SNYK_TOKEN }}
+          github_sha: $GITHUB_SHA
+          fail_on_snyk_errors: false 
diff --git a/ghcr.io/nicolaka/netshoot/v0.8/Dockerfile b/ghcr.io/nicolaka/netshoot/v0.8/Dockerfile
new file mode 100644
index 00000000..66d94d16
--- /dev/null
+++ b/ghcr.io/nicolaka/netshoot/v0.8/Dockerfile
@@ -0,0 +1,28 @@
+#
+# MIT License
+#
+# (C) Copyright [2023] Hewlett Packard Enterprise Development LP
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+# OTHER DEALINGS IN THE SOFTWARE.
+#
+
+# Generated with: make add IMAGE=nicolaka/netshoot:v0.8 REGISTRY=ghcr.io PACKAGE_MANAGER=apk
+# DO NOT EDIT THIS FILE DIRECTLY
+FROM ghcr.io/nicolaka/netshoot:v0.8
+RUN apk update && apk add --upgrade apk-tools && apk -U upgrade && rm -rf /var/cache/apk/*
diff --git a/quay.io/cilium/tetragon-operator/v0.10.0/Dockerfile b/quay.io/cilium/tetragon-operator/v0.10.0/Dockerfile
new file mode 100644
index 00000000..1d1f19af
--- /dev/null
+++ b/quay.io/cilium/tetragon-operator/v0.10.0/Dockerfile
@@ -0,0 +1,27 @@
+#
+# MIT License
+#
+# (C) Copyright [2023] Hewlett Packard Enterprise Development LP
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+# OTHER DEALINGS IN THE SOFTWARE.
+#
+
+# Generated with: make add IMAGE=cilium/tetragon-operator:v0.10.0 REGISTRY=quay.io PACKAGE_MANAGER=
+# DO NOT EDIT THIS FILE DIRECTLY
+FROM quay.io/cilium/tetragon-operator:v0.10.0
diff --git a/quay.io/cilium/tetragon/v0.10.0/Dockerfile b/quay.io/cilium/tetragon/v0.10.0/Dockerfile
new file mode 100644
index 00000000..cc3a5987
--- /dev/null
+++ b/quay.io/cilium/tetragon/v0.10.0/Dockerfile
@@ -0,0 +1,28 @@
+#
+# MIT License
+#
+# (C) Copyright [2023] Hewlett Packard Enterprise Development LP
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+# OTHER DEALINGS IN THE SOFTWARE.
+#
+
+# Generated with: make add IMAGE=cilium/tetragon:v0.10.0 REGISTRY=quay.io PACKAGE_MANAGER=apk
+# DO NOT EDIT THIS FILE DIRECTLY
+FROM quay.io/cilium/tetragon:v0.10.0
+RUN apk update && apk add --upgrade apk-tools && apk -U upgrade && rm -rf /var/cache/apk/*