From 3919e826ec1befe8de633b9af3cd8161084c0510 Mon Sep 17 00:00:00 2001 From: Simon Baird Date: Wed, 2 Oct 2024 14:08:05 -0400 Subject: [PATCH] Manually add some ubi repo ids to the allowed list There might be a better source for these, but in the short term let's add them manually. See also the discussion in Jira. Ref: https://issues.redhat.com/browse/EC-904 --- data/known_rpm_repositories.yml | 8 ++++++++ hack/update-known-rpm-repositories.sh | 8 ++++++++ 2 files changed, 16 insertions(+) diff --git a/data/known_rpm_repositories.yml b/data/known_rpm_repositories.yml index 66abbd9..8497825 100644 --- a/data/known_rpm_repositories.yml +++ b/data/known_rpm_repositories.yml @@ -9694,4 +9694,12 @@ rule_data: - "suse-15.1-server-satellite-tools-6.7-debug-rpms" - "suse-15.1-server-satellite-tools-6.7-rpms" - "suse-15.1-server-satellite-tools-6.7-source-rpms" + - "ubi-8-appstream-rpms" + - "ubi-8-appstream-source" + - "ubi-8-baseos-rpms" + - "ubi-8-baseos-source" + - "ubi-9-appstream-rpms" + - "ubi-9-appstream-source" + - "ubi-9-baseos-rpms" + - "ubi-9-baseos-source" - "web-terminal-textonly-1-for-middleware-rpms" diff --git a/hack/update-known-rpm-repositories.sh b/hack/update-known-rpm-repositories.sh index 7a5d0c0..302ab9f 100755 --- a/hack/update-known-rpm-repositories.sh +++ b/hack/update-known-rpm-repositories.sh @@ -16,6 +16,14 @@ BASE_URL='https://access.redhat.com/security/data/meta/v1/repository-to-cpe.json # ]' # Having a comma on the last item is not necessarily valid JSON, but yq handles it well. export EXTRAS='[ + "ubi-8-appstream-rpms", + "ubi-8-appstream-source", + "ubi-8-baseos-rpms", + "ubi-8-baseos-source", + "ubi-9-appstream-rpms", + "ubi-9-appstream-source", + "ubi-9-baseos-rpms", + "ubi-9-baseos-source", ]' export COMMENT='