Merge pull request #23 from RedHatProductSecurity/container-parent-images

Add parent images for containers

Author: twaugh

sbom/examples/container_image/build/kernel-module-management-operator-container-1.1.2-25_amd64.spdx.json

@@ -3991,6 +3991,48 @@
           "checksumValue": "abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234"
         }
       ]
+    },
+    {
+      "SPDXID": "SPDXRef-parent-image-0-amd64",
+      "name": "rhel9-go-toolset_amd64",
+      "versionInfo": "1.19.4-18",
+      "supplier": "Organization: Red Hat",
+      "downloadLocation": "NOASSERTION",
+      "licenseDeclared": "NOASSERTION",
+      "externalRefs": [
+        {
+          "referenceCategory": "PACKAGE-MANAGER",
+          "referenceType": "purl",
+          "referenceLocator": "pkg:oci/rhel9-go-toolset@sha256%3A354b40a0fdcd1a9dd9af1b88f9a45fc2b0c8065980dfd9b5097e137a7db6e0bd"
+        }
+      ],
+      "checksums": [
+        {
+          "algorithm": "SHA256",
+          "checksumValue": "354b40a0fdcd1a9dd9af1b88f9a45fc2b0c8065980dfd9b5097e137a7db6e0bd"
+        }
+      ]
+    },
+    {
+      "SPDXID": "SPDXRef-parent-image-1-amd64",
+      "name": "rhel_amd64",
+      "versionInfo": "9.2-1191",
+      "supplier": "Organization: Red Hat",
+      "downloadLocation": "NOASSERTION",
+      "licenseDeclared": "NOASSERTION",
+      "externalRefs": [
+        {
+          "referenceCategory": "PACKAGE-MANAGER",
+          "referenceType": "purl",
+          "referenceLocator": "pkg:oci/rhel@sha256%3A8759d95740eb14a6b6253a574edeea7de6840be30d38c630675ae2a0c76b9f93"
+        }
+      ],
+      "checksums": [
+        {
+          "algorithm": "SHA256",
+          "checksumValue": "8759d95740eb14a6b6253a574edeea7de6840be30d38c630675ae2a0c76b9f93"
+        }
+      ]
     }
   ],
   "relationships": [
@@ -3999,6 +4041,16 @@
       "relationshipType": "DESCRIBES",
       "relatedSpdxElement": "SPDXRef-kernel-module-management-operator-container-amd64"
     },
+    {
+      "spdxElementId": "SPDXRef-parent-image-0-amd64",
+      "relationshipType": "BUILD_TOOL_OF",
+      "relatedSpdxElement": "SPDXRef-kernel-module-management-operator-container-amd64"
+    },
+    {
+      "spdxElementId": "SPDXRef-kernel-module-management-operator-container-amd64",
+      "relationshipType": "DESCENDANT_OF",
+      "relatedSpdxElement": "SPDXRef-parent-image-1-amd64"
+    },
     {
       "spdxElementId": "SPDXRef-kernel-module-management-operator-container-amd64",
       "relationshipType": "CONTAINS",

sbom/examples/container_image/build/kernel-module-management-operator-container-1.1.2-25_arm64.spdx.json

@@ -3991,6 +3991,48 @@
           "checksumValue": "abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234"
         }
       ]
+    },
+    {
+      "SPDXID": "SPDXRef-parent-image-0-arm64",
+      "name": "rhel9-go-toolset_arm64",
+      "versionInfo": "1.19.4-18",
+      "supplier": "Organization: Red Hat",
+      "downloadLocation": "NOASSERTION",
+      "licenseDeclared": "NOASSERTION",
+      "externalRefs": [
+        {
+          "referenceCategory": "PACKAGE-MANAGER",
+          "referenceType": "purl",
+          "referenceLocator": "pkg:oci/rhel9-go-toolset@sha256%3A355b1d0a6e12250247d157949dcdc68d8a9508fc027223515a6d4662f4ec03f6"
+        }
+      ],
+      "checksums": [
+        {
+          "algorithm": "SHA256",
+          "checksumValue": "355b1d0a6e12250247d157949dcdc68d8a9508fc027223515a6d4662f4ec03f6"
+        }
+      ]
+    },
+    {
+      "SPDXID": "SPDXRef-parent-image-1-arm64",
+      "name": "rhel_arm64",
+      "versionInfo": "9.2-1191",
+      "supplier": "Organization: Red Hat",
+      "downloadLocation": "NOASSERTION",
+      "licenseDeclared": "NOASSERTION",
+      "externalRefs": [
+        {
+          "referenceCategory": "PACKAGE-MANAGER",
+          "referenceType": "purl",
+          "referenceLocator": "pkg:oci/rhel@sha256%3A8d79ed0aaf36d7bf914411aab26e3a78308fe6217ca865ad7cc107c9078bfb12"
+        }
+      ],
+      "checksums": [
+        {
+          "algorithm": "SHA256",
+          "checksumValue": "8d79ed0aaf36d7bf914411aab26e3a78308fe6217ca865ad7cc107c9078bfb12"
+        }
+      ]
     }
   ],
   "relationships": [
@@ -3999,6 +4041,16 @@
       "relationshipType": "DESCRIBES",
       "relatedSpdxElement": "SPDXRef-kernel-module-management-operator-container-arm64"
     },
+    {
+      "spdxElementId": "SPDXRef-parent-image-0-arm64",
+      "relationshipType": "BUILD_TOOL_OF",
+      "relatedSpdxElement": "SPDXRef-kernel-module-management-operator-container-arm64"
+    },
+    {
+      "spdxElementId": "SPDXRef-kernel-module-management-operator-container-arm64",
+      "relationshipType": "DESCENDANT_OF",
+      "relatedSpdxElement": "SPDXRef-parent-image-1-arm64"
+    },
     {
       "spdxElementId": "SPDXRef-kernel-module-management-operator-container-arm64",
       "relationshipType": "CONTAINS",

sbom/examples/container_image/build/kernel-module-management-operator-container-1.1.2-25_ppc64le.spdx.json

@@ -3991,6 +3991,48 @@
           "checksumValue": "abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234"
         }
       ]
+    },
+    {
+      "SPDXID": "SPDXRef-parent-image-0-ppc64le",
+      "name": "rhel9-go-toolset_ppc64le",
+      "versionInfo": "1.19.4-18",
+      "supplier": "Organization: Red Hat",
+      "downloadLocation": "NOASSERTION",
+      "licenseDeclared": "NOASSERTION",
+      "externalRefs": [
+        {
+          "referenceCategory": "PACKAGE-MANAGER",
+          "referenceType": "purl",
+          "referenceLocator": "pkg:oci/rhel9-go-toolset@sha256%3Aa6b2fd68651aa7d544e53676f99f9017cf241b855bcdc2400d81081bba6f329a"
+        }
+      ],
+      "checksums": [
+        {
+          "algorithm": "SHA256",
+          "checksumValue": "b2fd68651aa7d544e53676f99f9017cf241b855bcdc2400d81081bba6f329a"
+        }
+      ]
+    },
+    {
+      "SPDXID": "SPDXRef-parent-image-1-ppc64le",
+      "name": "rhel_ppc64le",
+      "versionInfo": "9.2-1191",
+      "supplier": "Organization: Red Hat",
+      "downloadLocation": "NOASSERTION",
+      "licenseDeclared": "NOASSERTION",
+      "externalRefs": [
+        {
+          "referenceCategory": "PACKAGE-MANAGER",
+          "referenceType": "purl",
+          "referenceLocator": "pkg:oci/rhel@sha256%3Acb23b09712fa36dfa2cd39ea60afb439c17fd0fec60a26a59e122618c8a33379"
+        }
+      ],
+      "checksums": [
+        {
+          "algorithm": "SHA256",
+          "checksumValue": "cb23b09712fa36dfa2cd39ea60afb439c17fd0fec60a26a59e122618c8a33379"
+        }
+      ]
     }
   ],
   "relationships": [
@@ -3999,6 +4041,16 @@
       "relationshipType": "DESCRIBES",
       "relatedSpdxElement": "SPDXRef-kernel-module-management-operator-container-ppc64le"
     },
+    {
+      "spdxElementId": "SPDXRef-parent-image-0-ppc64le",
+      "relationshipType": "BUILD_TOOL_OF",
+      "relatedSpdxElement": "SPDXRef-kernel-module-management-operator-container-ppc64le"
+    },
+    {
+      "spdxElementId": "SPDXRef-kernel-module-management-operator-container-ppc64le",
+      "relationshipType": "DESCENDANT_OF",
+      "relatedSpdxElement": "SPDXRef-parent-image-1-ppc64le"
+    },
     {
       "spdxElementId": "SPDXRef-kernel-module-management-operator-container-ppc64le",
       "relationshipType": "CONTAINS",

sbom/examples/container_image/build/ubi9-micro-container-9.4-6.1716471860_amd64.spdx.json

@@ -476,6 +476,27 @@
           "checksumValue": "abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234"
         }
       ]
+    },
+    {
+      "SPDXID": "SPDXRef-parent-image-0-amd64",
+      "name": "ubi9_amd64",
+      "versionInfo": "9.4-947",
+      "supplier": "Organization: Red Hat",
+      "downloadLocation": "NOASSERTION",
+      "licenseDeclared": "NOASSERTION",
+      "externalRefs": [
+        {
+          "referenceCategory": "PACKAGE-MANAGER",
+          "referenceType": "purl",
+          "referenceLocator": "pkg:oci/ubi9@sha256%3A11d5b4a77bfc15341d4b6dffa3d6ed510189fec9583db77cfc107067b5f906c5"
+        }
+      ],
+      "checksums": [
+        {
+          "algorithm": "SHA256",
+          "checksumValue": "11d5b4a77bfc15341d4b6dffa3d6ed510189fec9583db77cfc107067b5f906c5"
+        }
+      ]
     }
   ],
   "relationships": [
@@ -484,6 +505,11 @@
       "relationshipType": "DESCRIBES",
       "relatedSpdxElement": "SPDXRef-ubi9-micro-container-amd64"
     },
+    {
+      "spdxElementId": "SPDXRef-parent-image-0-amd64",
+      "relationshipType": "BUILD_TOOL_OF",
+      "relatedSpdxElement": "SPDXRef-ubi9-micro-container-amd64"
+    },
     {
       "spdxElementId": "SPDXRef-ubi9-micro-container-amd64",
       "relationshipType": "CONTAINS",

sbom/examples/container_image/build/ubi9-micro-container-9.4-6.1716471860_arm64.spdx.json

@@ -476,6 +476,27 @@
           "checksumValue": "abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234"
         }
       ]
+    },
+    {
+      "SPDXID": "SPDXRef-parent-image-0-arm64",
+      "name": "ubi9_arm64",
+      "versionInfo": "9.4-947",
+      "supplier": "Organization: Red Hat",
+      "downloadLocation": "NOASSERTION",
+      "licenseDeclared": "NOASSERTION",
+      "externalRefs": [
+        {
+          "referenceCategory": "PACKAGE-MANAGER",
+          "referenceType": "purl",
+          "referenceLocator": "pkg:oci/ubi9@sha256%3Acad979d0a2eb78699b62efaf4797f51c4781dfc2a17d9bef5a3a2f5d67cc8e8c"
+        }
+      ],
+      "checksums": [
+        {
+          "algorithm": "SHA256",
+          "checksumValue": "cad979d0a2eb78699b62efaf4797f51c4781dfc2a17d9bef5a3a2f5d67cc8e8c"
+        }
+      ]
     }
   ],
   "relationships": [
@@ -484,6 +505,11 @@
       "relationshipType": "DESCRIBES",
       "relatedSpdxElement": "SPDXRef-ubi9-micro-container-arm64"
     },
+    {
+      "spdxElementId": "SPDXRef-parent-image-0-arm64",
+      "relationshipType": "BUILD_TOOL_OF",
+      "relatedSpdxElement": "SPDXRef-ubi9-micro-container-arm64"
+    },
     {
       "spdxElementId": "SPDXRef-ubi9-micro-container-arm64",
       "relationshipType": "CONTAINS",

sbom/examples/container_image/build/ubi9-micro-container-9.4-6.1716471860_ppc64le.spdx.json

@@ -476,6 +476,27 @@
           "checksumValue": "abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234"
         }
       ]
+    },
+    {
+      "SPDXID": "SPDXRef-parent-image-0-ppc64le",
+      "name": "ubi9_ppc64le",
+      "versionInfo": "9.4-947",
+      "supplier": "Organization: Red Hat",
+      "downloadLocation": "NOASSERTION",
+      "licenseDeclared": "NOASSERTION",
+      "externalRefs": [
+        {
+          "referenceCategory": "PACKAGE-MANAGER",
+          "referenceType": "purl",
+          "referenceLocator": "pkg:oci/ubi9@sha256%3A8a3b5f66fcf8335ba23cd4d7210faf794bcf1f05c19ef6365459852f51d06b49"
+        }
+      ],
+      "checksums": [
+        {
+          "algorithm": "SHA256",
+          "checksumValue": "8a3b5f66fcf8335ba23cd4d7210faf794bcf1f05c19ef6365459852f51d06b49"
+        }
+      ]
     }
   ],
   "relationships": [
@@ -484,6 +505,11 @@
       "relationshipType": "DESCRIBES",
       "relatedSpdxElement": "SPDXRef-ubi9-micro-container-ppc64le"
     },
+    {
+      "spdxElementId": "SPDXRef-parent-image-0-ppc64le",
+      "relationshipType": "BUILD_TOOL_OF",
+      "relatedSpdxElement": "SPDXRef-ubi9-micro-container-ppc64le"
+    },
     {
       "spdxElementId": "SPDXRef-ubi9-micro-container-ppc64le",
       "relationshipType": "CONTAINS",

sbom/examples/container_image/build/ubi9-micro-container-9.4-6.1716471860_s390x.spdx.json

@@ -476,6 +476,27 @@
           "checksumValue": "abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234abcd1234"
         }
       ]
+    },
+    {
+      "SPDXID": "SPDXRef-parent-image-0-s390x",
+      "name": "ubi9_s390x",
+      "versionInfo": "9.4-947",
+      "supplier": "Organization: Red Hat",
+      "downloadLocation": "NOASSERTION",
+      "licenseDeclared": "NOASSERTION",
+      "externalRefs": [
+        {
+          "referenceCategory": "PACKAGE-MANAGER",
+          "referenceType": "purl",
+          "referenceLocator": "pkg:oci/ubi9@sha256%3Adee3c77221eab321e79ad2b0277b91856879a8f5b675a48ad83af26c7a774fb3"
+        }
+      ],
+      "checksums": [
+        {
+          "algorithm": "SHA256",
+          "checksumValue": "dee3c77221eab321e79ad2b0277b91856879a8f5b675a48ad83af26c7a774fb3"
+        }
+      ]
     }
   ],
   "relationships": [
@@ -484,6 +505,11 @@
       "relationshipType": "DESCRIBES",
       "relatedSpdxElement": "SPDXRef-ubi9-micro-container-s390x"
     },
+    {
+      "spdxElementId": "SPDXRef-parent-image-0-s390x",
+      "relationshipType": "BUILD_TOOL_OF",
+      "relatedSpdxElement": "SPDXRef-ubi9-micro-container-s390x"
+    },
     {
       "spdxElementId": "SPDXRef-ubi9-micro-container-s390x",
       "relationshipType": "CONTAINS",