Add new rule data fields for image metadata#149
Merged
ralphbean merged 2 commits intorelease-engineering:mainfrom Jul 1, 2025
Merged
Add new rule data fields for image metadata#149ralphbean merged 2 commits intorelease-engineering:mainfrom
ralphbean merged 2 commits intorelease-engineering:mainfrom
Conversation
simonbaird
reviewed
Jun 16, 2025
| - name: cpe | ||
| description: >- | ||
| The CPE (Common Platform Enumeration) identifier for the product, e.g., cpe:/a:redhat:openshift_gitops:1.16::el8. This label is required for on-prem product releases. | ||
| effective_on: "2026-06-07T00:00:00Z" |
Contributor
There was a problem hiding this comment.
The date is in the past already, so it's going to have no effect and might as well be omitted. Did you mean to set it to some time in the future?
Contributor
There was a problem hiding this comment.
Oh sorry I didn't read it properly. 2026. Disregard!
Member
There was a problem hiding this comment.
Yeah, when other changes are ready, we'll need to pull this date in sooner - but it's a decent working date for now: 1 year from now.
simonbaird
approved these changes
Jun 16, 2025
Member
|
@joejstuart this needs a rebase on |
ralphbean
approved these changes
Jun 22, 2025
This adds two new fields to rule_data: - `cpe` for identifying the CPE name of the image - `org.opencontainers.image.created` for the image creation timestamp https://issues.redhat.com/browse/EC-1297
Contributor
Author
|
/retest |
Contributor
Author
|
@ralphbean this is ready if it looks good to you. |
ralphbean
added a commit
to ralphbean/stackrox--stackrox
that referenced
this pull request
Sep 9, 2025
For https://issues.redhat.com/browse/KONFLUX-6210, clair needs access to a name and cpe label that it can use to look up the image in VEX statements. See also release-engineering/rhtap-ec-policy#149
9 tasks
ralphbean
added a commit
to ralphbean/stackrox--stackrox
that referenced
this pull request
Sep 9, 2025
For https://issues.redhat.com/browse/KONFLUX-6210, clair needs access to a name and cpe label that it can use to look up the image in VEX statements. See also release-engineering/rhtap-ec-policy#149
ralphbean
added a commit
to ralphbean/stackrox--stackrox
that referenced
this pull request
Sep 9, 2025
For https://issues.redhat.com/browse/KONFLUX-6210, clair needs access to a name and cpe label that it can use to look up the image in VEX statements. See also release-engineering/rhtap-ec-policy#149
ralphbean
added a commit
to ralphbean/stackrox--collector
that referenced
this pull request
Sep 9, 2025
For https://issues.redhat.com/browse/KONFLUX-6210, clair needs access to a name and cpe label that it can use to look up the image in VEX statements. See also: * stackrox/stackrox#16735 * release-engineering/rhtap-ec-policy#149
ralphbean
added a commit
to ralphbean/stackrox--scanner
that referenced
this pull request
Sep 9, 2025
For https://issues.redhat.com/browse/KONFLUX-6210, clair needs access to a name and cpe label that it can use to look up the image in VEX statements. See also: * stackrox/stackrox#16735 * release-engineering/rhtap-ec-policy#149
ralphbean
added a commit
to redhat-appstudio/tssc-dev-multi-ci
that referenced
this pull request
Sep 11, 2025
For https://issues.redhat.com/browse/KONFLUX-6210, clair needs access to a name and cpe label that it can use to look up the image in VEX statements. See also release-engineering/rhtap-ec-policy#149
ralphbean
added a commit
to redhat-appstudio/tssc-dev-multi-ci
that referenced
this pull request
Sep 11, 2025
For https://issues.redhat.com/browse/KONFLUX-6210, clair needs access to a name and cpe label that it can use to look up the image in VEX statements. See also release-engineering/rhtap-ec-policy#149 Signed-off-by: Ralph Bean <rbean@redhat.com>
ralphbean
added a commit
to redhat-appstudio/tssc-cli
that referenced
this pull request
Sep 11, 2025
…ap-cli-rhel9 For https://issues.redhat.com/browse/KONFLUX-6210, clair needs access to a name and cpe label that it can use to look up the image in VEX statements. See also release-engineering/rhtap-ec-policy#149 Signed-off-by: Ralph Bean <rbean@redhat.com>
ralphbean
added a commit
to redhat-appstudio/tssc-dev-multi-ci
that referenced
this pull request
Sep 11, 2025
…nner/rhtap-task-runner-rhel9 For https://issues.redhat.com/browse/KONFLUX-6210, clair needs access to a name and cpe label that it can use to look up the image in VEX statements. See also release-engineering/rhtap-ec-policy#149 Signed-off-by: Ralph Bean <rbean@redhat.com>
ralphbean
added a commit
to ralphbean/stolostron--acm-cli
that referenced
this pull request
Sep 11, 2025
For https://issues.redhat.com/browse/KONFLUX-6210, clair needs access to a name and cpe label that it can use to look up the image in VEX statements. See also release-engineering/rhtap-ec-policy#149 Signed-off-by: Ralph Bean <rbean@redhat.com> Assisted-by: Gemini
ralphbean
added a commit
to ralphbean/stolostron--acm-cli
that referenced
this pull request
Sep 11, 2025
For https://issues.redhat.com/browse/KONFLUX-6210, clair needs access to a name and cpe label that it can use to look up the image in VEX statements. See also release-engineering/rhtap-ec-policy#149 Signed-off-by: Ralph Bean <rbean@redhat.com> Assisted-by: Gemini
This was referenced Oct 24, 2025
Merged
This was referenced Dec 1, 2025
This was referenced Jan 21, 2026
This was referenced Jan 22, 2026
Merged
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This adds two new fields to rule_data:
cpefor identifying the CPE name of the imageorg.opencontainers.image.createdfor the image creation timestamphttps://issues.redhat.com/browse/EC-1297