Skip to content

Commit 97c6339

Browse files
authored
Merge pull request #23 from RedHatProductSecurity/container-parent-images
Add parent images for containers
2 parents e5746ee + 0896f03 commit 97c6339

15 files changed

+619
-9
lines changed

sbom/examples/container_image/build/kernel-module-management-operator-container-1.1.2-25_amd64.spdx.json

Lines changed: 52 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3991,6 +3991,48 @@
39913991
"checksumValue": "abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234"
39923992
}
39933993
]
3994+
},
3995+
{
3996+
"SPDXID": "SPDXRef-parent-image-0-amd64",
3997+
"name": "rhel9-go-toolset_amd64",
3998+
"versionInfo": "1.19.4-18",
3999+
"supplier": "Organization: Red Hat",
4000+
"downloadLocation": "NOASSERTION",
4001+
"licenseDeclared": "NOASSERTION",
4002+
"externalRefs": [
4003+
{
4004+
"referenceCategory": "PACKAGE-MANAGER",
4005+
"referenceType": "purl",
4006+
"referenceLocator": "pkg:oci/rhel9-go-toolset@sha256%3A354b40a0fdcd1a9dd9af1b88f9a45fc2b0c8065980dfd9b5097e137a7db6e0bd"
4007+
}
4008+
],
4009+
"checksums": [
4010+
{
4011+
"algorithm": "SHA256",
4012+
"checksumValue": "354b40a0fdcd1a9dd9af1b88f9a45fc2b0c8065980dfd9b5097e137a7db6e0bd"
4013+
}
4014+
]
4015+
},
4016+
{
4017+
"SPDXID": "SPDXRef-parent-image-1-amd64",
4018+
"name": "rhel_amd64",
4019+
"versionInfo": "9.2-1191",
4020+
"supplier": "Organization: Red Hat",
4021+
"downloadLocation": "NOASSERTION",
4022+
"licenseDeclared": "NOASSERTION",
4023+
"externalRefs": [
4024+
{
4025+
"referenceCategory": "PACKAGE-MANAGER",
4026+
"referenceType": "purl",
4027+
"referenceLocator": "pkg:oci/rhel@sha256%3A8759d95740eb14a6b6253a574edeea7de6840be30d38c630675ae2a0c76b9f93"
4028+
}
4029+
],
4030+
"checksums": [
4031+
{
4032+
"algorithm": "SHA256",
4033+
"checksumValue": "8759d95740eb14a6b6253a574edeea7de6840be30d38c630675ae2a0c76b9f93"
4034+
}
4035+
]
39944036
}
39954037
],
39964038
"relationships": [
@@ -3999,6 +4041,16 @@
39994041
"relationshipType": "DESCRIBES",
40004042
"relatedSpdxElement": "SPDXRef-kernel-module-management-operator-container-amd64"
40014043
},
4044+
{
4045+
"spdxElementId": "SPDXRef-parent-image-0-amd64",
4046+
"relationshipType": "BUILD_TOOL_OF",
4047+
"relatedSpdxElement": "SPDXRef-kernel-module-management-operator-container-amd64"
4048+
},
4049+
{
4050+
"spdxElementId": "SPDXRef-kernel-module-management-operator-container-amd64",
4051+
"relationshipType": "DESCENDANT_OF",
4052+
"relatedSpdxElement": "SPDXRef-parent-image-1-amd64"
4053+
},
40024054
{
40034055
"spdxElementId": "SPDXRef-kernel-module-management-operator-container-amd64",
40044056
"relationshipType": "CONTAINS",

sbom/examples/container_image/build/kernel-module-management-operator-container-1.1.2-25_arm64.spdx.json

Lines changed: 52 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3991,6 +3991,48 @@
39913991
"checksumValue": "abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234"
39923992
}
39933993
]
3994+
},
3995+
{
3996+
"SPDXID": "SPDXRef-parent-image-0-arm64",
3997+
"name": "rhel9-go-toolset_arm64",
3998+
"versionInfo": "1.19.4-18",
3999+
"supplier": "Organization: Red Hat",
4000+
"downloadLocation": "NOASSERTION",
4001+
"licenseDeclared": "NOASSERTION",
4002+
"externalRefs": [
4003+
{
4004+
"referenceCategory": "PACKAGE-MANAGER",
4005+
"referenceType": "purl",
4006+
"referenceLocator": "pkg:oci/rhel9-go-toolset@sha256%3A355b1d0a6e12250247d157949dcdc68d8a9508fc027223515a6d4662f4ec03f6"
4007+
}
4008+
],
4009+
"checksums": [
4010+
{
4011+
"algorithm": "SHA256",
4012+
"checksumValue": "355b1d0a6e12250247d157949dcdc68d8a9508fc027223515a6d4662f4ec03f6"
4013+
}
4014+
]
4015+
},
4016+
{
4017+
"SPDXID": "SPDXRef-parent-image-1-arm64",
4018+
"name": "rhel_arm64",
4019+
"versionInfo": "9.2-1191",
4020+
"supplier": "Organization: Red Hat",
4021+
"downloadLocation": "NOASSERTION",
4022+
"licenseDeclared": "NOASSERTION",
4023+
"externalRefs": [
4024+
{
4025+
"referenceCategory": "PACKAGE-MANAGER",
4026+
"referenceType": "purl",
4027+
"referenceLocator": "pkg:oci/rhel@sha256%3A8d79ed0aaf36d7bf914411aab26e3a78308fe6217ca865ad7cc107c9078bfb12"
4028+
}
4029+
],
4030+
"checksums": [
4031+
{
4032+
"algorithm": "SHA256",
4033+
"checksumValue": "8d79ed0aaf36d7bf914411aab26e3a78308fe6217ca865ad7cc107c9078bfb12"
4034+
}
4035+
]
39944036
}
39954037
],
39964038
"relationships": [
@@ -3999,6 +4041,16 @@
39994041
"relationshipType": "DESCRIBES",
40004042
"relatedSpdxElement": "SPDXRef-kernel-module-management-operator-container-arm64"
40014043
},
4044+
{
4045+
"spdxElementId": "SPDXRef-parent-image-0-arm64",
4046+
"relationshipType": "BUILD_TOOL_OF",
4047+
"relatedSpdxElement": "SPDXRef-kernel-module-management-operator-container-arm64"
4048+
},
4049+
{
4050+
"spdxElementId": "SPDXRef-kernel-module-management-operator-container-arm64",
4051+
"relationshipType": "DESCENDANT_OF",
4052+
"relatedSpdxElement": "SPDXRef-parent-image-1-arm64"
4053+
},
40024054
{
40034055
"spdxElementId": "SPDXRef-kernel-module-management-operator-container-arm64",
40044056
"relationshipType": "CONTAINS",

sbom/examples/container_image/build/kernel-module-management-operator-container-1.1.2-25_ppc64le.spdx.json

Lines changed: 52 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3991,6 +3991,48 @@
39913991
"checksumValue": "abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234"
39923992
}
39933993
]
3994+
},
3995+
{
3996+
"SPDXID": "SPDXRef-parent-image-0-ppc64le",
3997+
"name": "rhel9-go-toolset_ppc64le",
3998+
"versionInfo": "1.19.4-18",
3999+
"supplier": "Organization: Red Hat",
4000+
"downloadLocation": "NOASSERTION",
4001+
"licenseDeclared": "NOASSERTION",
4002+
"externalRefs": [
4003+
{
4004+
"referenceCategory": "PACKAGE-MANAGER",
4005+
"referenceType": "purl",
4006+
"referenceLocator": "pkg:oci/rhel9-go-toolset@sha256%3Aa6b2fd68651aa7d544e53676f99f9017cf241b855bcdc2400d81081bba6f329a"
4007+
}
4008+
],
4009+
"checksums": [
4010+
{
4011+
"algorithm": "SHA256",
4012+
"checksumValue": "b2fd68651aa7d544e53676f99f9017cf241b855bcdc2400d81081bba6f329a"
4013+
}
4014+
]
4015+
},
4016+
{
4017+
"SPDXID": "SPDXRef-parent-image-1-ppc64le",
4018+
"name": "rhel_ppc64le",
4019+
"versionInfo": "9.2-1191",
4020+
"supplier": "Organization: Red Hat",
4021+
"downloadLocation": "NOASSERTION",
4022+
"licenseDeclared": "NOASSERTION",
4023+
"externalRefs": [
4024+
{
4025+
"referenceCategory": "PACKAGE-MANAGER",
4026+
"referenceType": "purl",
4027+
"referenceLocator": "pkg:oci/rhel@sha256%3Acb23b09712fa36dfa2cd39ea60afb439c17fd0fec60a26a59e122618c8a33379"
4028+
}
4029+
],
4030+
"checksums": [
4031+
{
4032+
"algorithm": "SHA256",
4033+
"checksumValue": "cb23b09712fa36dfa2cd39ea60afb439c17fd0fec60a26a59e122618c8a33379"
4034+
}
4035+
]
39944036
}
39954037
],
39964038
"relationships": [
@@ -3999,6 +4041,16 @@
39994041
"relationshipType": "DESCRIBES",
40004042
"relatedSpdxElement": "SPDXRef-kernel-module-management-operator-container-ppc64le"
40014043
},
4044+
{
4045+
"spdxElementId": "SPDXRef-parent-image-0-ppc64le",
4046+
"relationshipType": "BUILD_TOOL_OF",
4047+
"relatedSpdxElement": "SPDXRef-kernel-module-management-operator-container-ppc64le"
4048+
},
4049+
{
4050+
"spdxElementId": "SPDXRef-kernel-module-management-operator-container-ppc64le",
4051+
"relationshipType": "DESCENDANT_OF",
4052+
"relatedSpdxElement": "SPDXRef-parent-image-1-ppc64le"
4053+
},
40024054
{
40034055
"spdxElementId": "SPDXRef-kernel-module-management-operator-container-ppc64le",
40044056
"relationshipType": "CONTAINS",

sbom/examples/container_image/build/ubi9-micro-container-9.4-6.1716471860_amd64.spdx.json

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -476,6 +476,27 @@
476476
"checksumValue": "abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234"
477477
}
478478
]
479+
},
480+
{
481+
"SPDXID": "SPDXRef-parent-image-0-amd64",
482+
"name": "ubi9_amd64",
483+
"versionInfo": "9.4-947",
484+
"supplier": "Organization: Red Hat",
485+
"downloadLocation": "NOASSERTION",
486+
"licenseDeclared": "NOASSERTION",
487+
"externalRefs": [
488+
{
489+
"referenceCategory": "PACKAGE-MANAGER",
490+
"referenceType": "purl",
491+
"referenceLocator": "pkg:oci/ubi9@sha256%3A11d5b4a77bfc15341d4b6dffa3d6ed510189fec9583db77cfc107067b5f906c5"
492+
}
493+
],
494+
"checksums": [
495+
{
496+
"algorithm": "SHA256",
497+
"checksumValue": "11d5b4a77bfc15341d4b6dffa3d6ed510189fec9583db77cfc107067b5f906c5"
498+
}
499+
]
479500
}
480501
],
481502
"relationships": [
@@ -484,6 +505,11 @@
484505
"relationshipType": "DESCRIBES",
485506
"relatedSpdxElement": "SPDXRef-ubi9-micro-container-amd64"
486507
},
508+
{
509+
"spdxElementId": "SPDXRef-parent-image-0-amd64",
510+
"relationshipType": "BUILD_TOOL_OF",
511+
"relatedSpdxElement": "SPDXRef-ubi9-micro-container-amd64"
512+
},
487513
{
488514
"spdxElementId": "SPDXRef-ubi9-micro-container-amd64",
489515
"relationshipType": "CONTAINS",

sbom/examples/container_image/build/ubi9-micro-container-9.4-6.1716471860_arm64.spdx.json

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -476,6 +476,27 @@
476476
"checksumValue": "abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234"
477477
}
478478
]
479+
},
480+
{
481+
"SPDXID": "SPDXRef-parent-image-0-arm64",
482+
"name": "ubi9_arm64",
483+
"versionInfo": "9.4-947",
484+
"supplier": "Organization: Red Hat",
485+
"downloadLocation": "NOASSERTION",
486+
"licenseDeclared": "NOASSERTION",
487+
"externalRefs": [
488+
{
489+
"referenceCategory": "PACKAGE-MANAGER",
490+
"referenceType": "purl",
491+
"referenceLocator": "pkg:oci/ubi9@sha256%3Acad979d0a2eb78699b62efaf4797f51c4781dfc2a17d9bef5a3a2f5d67cc8e8c"
492+
}
493+
],
494+
"checksums": [
495+
{
496+
"algorithm": "SHA256",
497+
"checksumValue": "cad979d0a2eb78699b62efaf4797f51c4781dfc2a17d9bef5a3a2f5d67cc8e8c"
498+
}
499+
]
479500
}
480501
],
481502
"relationships": [
@@ -484,6 +505,11 @@
484505
"relationshipType": "DESCRIBES",
485506
"relatedSpdxElement": "SPDXRef-ubi9-micro-container-arm64"
486507
},
508+
{
509+
"spdxElementId": "SPDXRef-parent-image-0-arm64",
510+
"relationshipType": "BUILD_TOOL_OF",
511+
"relatedSpdxElement": "SPDXRef-ubi9-micro-container-arm64"
512+
},
487513
{
488514
"spdxElementId": "SPDXRef-ubi9-micro-container-arm64",
489515
"relationshipType": "CONTAINS",

sbom/examples/container_image/build/ubi9-micro-container-9.4-6.1716471860_ppc64le.spdx.json

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -476,6 +476,27 @@
476476
"checksumValue": "abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234"
477477
}
478478
]
479+
},
480+
{
481+
"SPDXID": "SPDXRef-parent-image-0-ppc64le",
482+
"name": "ubi9_ppc64le",
483+
"versionInfo": "9.4-947",
484+
"supplier": "Organization: Red Hat",
485+
"downloadLocation": "NOASSERTION",
486+
"licenseDeclared": "NOASSERTION",
487+
"externalRefs": [
488+
{
489+
"referenceCategory": "PACKAGE-MANAGER",
490+
"referenceType": "purl",
491+
"referenceLocator": "pkg:oci/ubi9@sha256%3A8a3b5f66fcf8335ba23cd4d7210faf794bcf1f05c19ef6365459852f51d06b49"
492+
}
493+
],
494+
"checksums": [
495+
{
496+
"algorithm": "SHA256",
497+
"checksumValue": "8a3b5f66fcf8335ba23cd4d7210faf794bcf1f05c19ef6365459852f51d06b49"
498+
}
499+
]
479500
}
480501
],
481502
"relationships": [
@@ -484,6 +505,11 @@
484505
"relationshipType": "DESCRIBES",
485506
"relatedSpdxElement": "SPDXRef-ubi9-micro-container-ppc64le"
486507
},
508+
{
509+
"spdxElementId": "SPDXRef-parent-image-0-ppc64le",
510+
"relationshipType": "BUILD_TOOL_OF",
511+
"relatedSpdxElement": "SPDXRef-ubi9-micro-container-ppc64le"
512+
},
487513
{
488514
"spdxElementId": "SPDXRef-ubi9-micro-container-ppc64le",
489515
"relationshipType": "CONTAINS",

sbom/examples/container_image/build/ubi9-micro-container-9.4-6.1716471860_s390x.spdx.json

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -476,6 +476,27 @@
476476
"checksumValue": "abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234"
477477
}
478478
]
479+
},
480+
{
481+
"SPDXID": "SPDXRef-parent-image-0-s390x",
482+
"name": "ubi9_s390x",
483+
"versionInfo": "9.4-947",
484+
"supplier": "Organization: Red Hat",
485+
"downloadLocation": "NOASSERTION",
486+
"licenseDeclared": "NOASSERTION",
487+
"externalRefs": [
488+
{
489+
"referenceCategory": "PACKAGE-MANAGER",
490+
"referenceType": "purl",
491+
"referenceLocator": "pkg:oci/ubi9@sha256%3Adee3c77221eab321e79ad2b0277b91856879a8f5b675a48ad83af26c7a774fb3"
492+
}
493+
],
494+
"checksums": [
495+
{
496+
"algorithm": "SHA256",
497+
"checksumValue": "dee3c77221eab321e79ad2b0277b91856879a8f5b675a48ad83af26c7a774fb3"
498+
}
499+
]
479500
}
480501
],
481502
"relationships": [
@@ -484,6 +505,11 @@
484505
"relationshipType": "DESCRIBES",
485506
"relatedSpdxElement": "SPDXRef-ubi9-micro-container-s390x"
486507
},
508+
{
509+
"spdxElementId": "SPDXRef-parent-image-0-s390x",
510+
"relationshipType": "BUILD_TOOL_OF",
511+
"relatedSpdxElement": "SPDXRef-ubi9-micro-container-s390x"
512+
},
487513
{
488514
"spdxElementId": "SPDXRef-ubi9-micro-container-s390x",
489515
"relationshipType": "CONTAINS",

0 commit comments

Comments
 (0)